Event Stream Working Group

1. You are here:
2. Meet the GitLab team
3. Organizational Structure
4. Working Groups
5. Event Stream Working Group

On this page

• Attributes
• Context
• Exit Criteria
  • Exit Criteria Progress
• Definitions
  • What is an Event Stream?
  • Potential Tools/Services
  • Related GitLab Documentation or Issues
• Exit Criteria
• Roles and Responsibilities

Attributes

Property	Value
Date Created	2021-09-20
Target End Date	2023-04-01
Slack	#wg_event-stream (only accessible from within the company)
Google Doc	Event Stream Working Group Agenda (only accessible from within the company)
Issue Label	~WorkingGroup::EventStream

Context

There are currnetly 3+ methods for publishing and listening to events withint the Gitlab product. There is no single standard for events and there is no standard way of publishing and subscribing to events from other Gitlab systems and services.

There is a growing need to standardize events and how to publish and consume them for both Gitlab.com and self-managed installs.

Exit Criteria

This Working Group has the following goals:

1. Document the current event systems
2. Document the currently identified use cases for an event stream
3. Define and socialize an architecture for a standardized event stream and events
   1. Architecture Blueprint for Event Stream usage within Gitlab and self-managed
   2. Define sene and secure defaults. Provide security recommendations and guidelines.
4. Define a rollout strategy and plan
   1. SaaS rollout strategy for current use cases
   2. Prepare the groundwork for adding the event stream to our reference architectures
5. Develop a communication plan to socialize the outcome of the working group

Exit Criteria Progress

Criteria	Start Date	Completed Date	Progress	DRI
Document current event systems
Document use cases
Develop and social architecture stragety
Develop rollout stragegy
Develop and implement communication plan

Definitions

What is an Event Stream?

An event stream is simply a stream of events that occur within the product. More specifically, for us at GitLab, it will involve the software changes we need to make in the product, event schemas and protocols, and infrastructure.

Potential Tools/Services

There are some tools/services that other companies are using for this

1. Kafka
2. NSQD
3. RabbitMQ
4. GCP PubSub

Related GitLab Documentation or Issues

• https://gitlab.com/gitlab-org/gitlab/-/merge_requests/34042
• https://gitlab.com/gitlab-org/gitlab/-/issues/338454
• Streaming Audit Events

Exit Criteria

If it is decided that an Event Stream should be implemented, our exit criteria should be:

1. Define the tool(s)/service(s) we should use for SaaS and on-prem (they might be different)
2. Define system architecture
3. Define an implementation plan and philosophy
4. Define event structure

Roles and Responsibilities

Working Group Role	Person	Title
Executive Sponsor	Laurence Bierner	Director, Security Engineering
Facilitator	Alex Groleau	Security Automation Manager
Functional Lead	Juliet Wanjohi	Security Engineer, Security Automation
Functional Lead	Ethan Urie	Senior Backend Engineer, Security Automation
Functional Lead	Jayson Salazar	Senior Security Engineer, Security Automation
Functional Lead	Alexander Chueshev	Senior Backend Engineer, AI Assisted
Member	David DeSanto	Senior Director, Product Management - Dev & Sec
Member	Taylor McCaslin	Principal Product Manager, Secure
Member	Alexander Dietrich	Senior Security Engineer, Security Automation
Member	Wayne Haber	Engineering director
Member	Bartek Marnane	VP, Incubation Engineering
Member	Roger Ostrander	Senior Security Engineer, Trust & Safety
Member	Shawn Sichak	Senior Security Engineer, Trust & Safety
Member	Chad Woolley	Senior Backend Engineer, Create::Editor