Merge branch 'rack-attack-logging' into 'master'

Rename rack attack log fields to be easier to find

See merge request gitlab-org/gitlab!46351

config/initializers/rack_attack_logging.rb

@@ -11,7 +11,8 @@ ActiveSupport::Notifications.subscribe(/rack_attack/) do |name, start, finish, r
       env: req.env['rack.attack.match_type'],
       remote_ip: req.ip,
       request_method: req.request_method,
-      path: req.fullpath
+      path: req.fullpath,
+      matched: req.env['rack.attack.matched']
     }
 
     throttles_with_user_information = [
@@ -25,9 +26,8 @@ ActiveSupport::Notifications.subscribe(/rack_attack/) do |name, start, finish, r
       user_id = req.env['rack.attack.match_discriminator']
       user = User.find_by(id: user_id)
 
-      rack_attack_info[:throttle_type] = req.env['rack.attack.matched']
       rack_attack_info[:user_id] = user_id
-      rack_attack_info[:username] = user.username unless user.nil?
+      rack_attack_info['meta.user'] = user.username unless user.nil?
     end
 
     Gitlab::AuthLogger.error(rack_attack_info)

spec/requests/rack_attack_global_spec.rb

@@ -125,7 +125,8 @@ RSpec.describe 'Rack Attack global throttles' do
           env: :throttle,
           remote_ip: '127.0.0.1',
           request_method: 'GET',
-          path: '/users/sign_in'
+          path: '/users/sign_in',
+          matched: 'throttle_unauthenticated'
         }
 
         expect(Gitlab::AuthLogger).to receive(:error).with(arguments)

spec/support/shared_examples/requests/rack_attack_shared_examples.rb

@@ -81,8 +81,15 @@ RSpec.shared_examples 'rate-limited token-authenticated requests' do
     end
 
     it 'logs RackAttack info into structured logs' do
-      requests_per_period.times do
+      control_count = 0
+
+      requests_per_period.times do |i|
+        if i == 0
+          control_count = ActiveRecord::QueryRecorder.new { make_request(request_args) }.count
+        else
           make_request(request_args)
+        end
+
         expect(response).not_to have_gitlab_http_status(:too_many_requests)
       end
 
@@ -93,13 +100,15 @@ RSpec.shared_examples 'rate-limited token-authenticated requests' do
         request_method: request_method,
         path: request_args.first,
         user_id: user.id,
-        username: user.username,
-        throttle_type: throttle_types[throttle_setting_prefix]
+        'meta.user' => user.username,
+        matched: throttle_types[throttle_setting_prefix]
       }
 
       expect(Gitlab::AuthLogger).to receive(:error).with(arguments).once
 
-      expect_rejection { make_request(request_args) }
+      expect_rejection do
+        expect { make_request(request_args) }.not_to exceed_query_limit(control_count)
+      end
     end
   end
 
@@ -210,8 +219,15 @@ RSpec.shared_examples 'rate-limited web authenticated requests' do
     end
 
     it 'logs RackAttack info into structured logs' do
-      requests_per_period.times do
+      control_count = 0
+
+      requests_per_period.times do |i|
+        if i == 0
+          control_count = ActiveRecord::QueryRecorder.new { request_authenticated_web_url }.count
+        else
           request_authenticated_web_url
+        end
+
         expect(response).not_to have_gitlab_http_status(:too_many_requests)
       end
 
@@ -222,13 +238,12 @@ RSpec.shared_examples 'rate-limited web authenticated requests' do
         request_method: request_method,
         path: url_that_requires_authentication,
         user_id: user.id,
-        username: user.username,
-        throttle_type: throttle_types[throttle_setting_prefix]
+        'meta.user' => user.username,
+        matched: throttle_types[throttle_setting_prefix]
       }
 
       expect(Gitlab::AuthLogger).to receive(:error).with(arguments).once
-
-      request_authenticated_web_url
+      expect { request_authenticated_web_url }.not_to exceed_query_limit(control_count)
     end
   end