From 896d414e73ead956598609e85b95bdc9243b187f Mon Sep 17 00:00:00 2001 From: Pavel Shutsin Date: Wed, 9 Jul 2025 14:21:49 +0200 Subject: [PATCH] Add new AI tracking event for explain_vulnerability --- doc/api/graphql/reference/_index.md | 1 + .../ai_usage/ai_usage_event_type_enum.rb | 1 + ee/config/events/explain_vulnerability.yml | 19 ++++++++++ .../tools/explain_vulnerability/executor.rb | 2 ++ ee/lib/gitlab/tracking/ai_tracking.rb | 6 ++++ .../ai_usage/ai_usage_event_type_enum_spec.rb | 3 +- .../ai_tracking_unified_approach_spec.rb | 35 +++++++++++++++++++ 7 files changed, 66 insertions(+), 1 deletion(-) create mode 100644 ee/config/events/explain_vulnerability.yml diff --git a/doc/api/graphql/reference/_index.md b/doc/api/graphql/reference/_index.md index c70b780b00af38..7b967a64be0645 100644 --- a/doc/api/graphql/reference/_index.md +++ b/doc/api/graphql/reference/_index.md @@ -45821,6 +45821,7 @@ Type of AI usage event. | `CODE_SUGGESTION_DIRECT_ACCESS_TOKEN_REFRESH` | Code Suggestion token was refreshed. Old data only. | | `CODE_SUGGESTION_REJECTED_IN_IDE` | Code Suggestion was rejected in IDE. | | `CODE_SUGGESTION_SHOWN_IN_IDE` | Code Suggestion was shown in IDE. | +| `EXPLAIN_VULNERABILITY` | Explain vulnerability feature was used. | | `REQUEST_DUO_CHAT_RESPONSE` | Duo Chat response was requested. | | `TROUBLESHOOT_JOB` | Troubleshoot job feature was used. | diff --git a/ee/app/graphql/types/analytics/ai_usage/ai_usage_event_type_enum.rb b/ee/app/graphql/types/analytics/ai_usage/ai_usage_event_type_enum.rb index d0ccafe571fa7d..393d88a87c08d7 100644 --- a/ee/app/graphql/types/analytics/ai_usage/ai_usage_event_type_enum.rb +++ b/ee/app/graphql/types/analytics/ai_usage/ai_usage_event_type_enum.rb @@ -22,6 +22,7 @@ def self.declare_event(event_name, description) declare_event('code_suggestion_direct_access_token_refresh', "Code Suggestion token was refreshed.") declare_event('request_duo_chat_response', "Duo Chat response was requested.") declare_event('troubleshoot_job', "Troubleshoot job feature was used.") + declare_event('explain_vulnerability', "Explain vulnerability feature was used.") end end end diff --git a/ee/config/events/explain_vulnerability.yml b/ee/config/events/explain_vulnerability.yml new file mode 100644 index 00000000000000..0d152130672c84 --- /dev/null +++ b/ee/config/events/explain_vulnerability.yml @@ -0,0 +1,19 @@ +--- +description: Track usage of Duo Explain Vulnerability feature. +internal_events: true +action: explain_vulnerability +additional_properties: + label: + description: not actually used - to be fixed in https://gitlab.com/gitlab-org/gitlab/-/issues/501387 + property: + description: not actually used - to be fixed in https://gitlab.com/gitlab-org/gitlab/-/issues/501387 +identifiers: + - user +product_group: security_insights +milestone: '18.2' +introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/197139 +tiers: + - premium + - ultimate +extra_trackers: + - tracking_class: Gitlab::Tracking::AiTracking diff --git a/ee/lib/gitlab/llm/chain/tools/explain_vulnerability/executor.rb b/ee/lib/gitlab/llm/chain/tools/explain_vulnerability/executor.rb index 540afb7fbc58da..0dca0b026892ba 100644 --- a/ee/lib/gitlab/llm/chain/tools/explain_vulnerability/executor.rb +++ b/ee/lib/gitlab/llm/chain/tools/explain_vulnerability/executor.rb @@ -67,6 +67,8 @@ def perform return error_with_message(error_message, error_code: 'M4003', source: 'vuln_explain') if error_message + InternalEvents.track_event('explain_vulnerability', user: context.current_user, vulnerability: resource) + super end diff --git a/ee/lib/gitlab/tracking/ai_tracking.rb b/ee/lib/gitlab/tracking/ai_tracking.rb index 8b6d196b4810a3..245f99a9765b6d 100644 --- a/ee/lib/gitlab/tracking/ai_tracking.rb +++ b/ee/lib/gitlab/tracking/ai_tracking.rb @@ -28,6 +28,12 @@ module AiTracking merge_request_id: context['job'].pipeline&.merge_request_id } end + + events(explain_vulnerability: 8) do |context| + { vulnerability_id: context['vulnerability'].id, + project_id: context['vulnerability'].project_id, + severity: context['vulnerability'].severity } + end end class << self diff --git a/ee/spec/graphql/types/analytics/ai_usage/ai_usage_event_type_enum_spec.rb b/ee/spec/graphql/types/analytics/ai_usage/ai_usage_event_type_enum_spec.rb index dffe19eb9bbec7..d8e072a8be52eb 100644 --- a/ee/spec/graphql/types/analytics/ai_usage/ai_usage_event_type_enum_spec.rb +++ b/ee/spec/graphql/types/analytics/ai_usage/ai_usage_event_type_enum_spec.rb @@ -13,7 +13,8 @@ ), 'CODE_SUGGESTION_SHOWN_IN_IDE' => have_attributes(value: 'code_suggestion_shown_in_ide'), 'REQUEST_DUO_CHAT_RESPONSE' => have_attributes(value: 'request_duo_chat_response'), - 'TROUBLESHOOT_JOB' => have_attributes(value: 'troubleshoot_job') + 'TROUBLESHOOT_JOB' => have_attributes(value: 'troubleshoot_job'), + 'EXPLAIN_VULNERABILITY' => have_attributes(value: 'explain_vulnerability') ) end end diff --git a/ee/spec/lib/gitlab/tracking/ai_tracking_unified_approach_spec.rb b/ee/spec/lib/gitlab/tracking/ai_tracking_unified_approach_spec.rb index 80b1bb7cf2e36e..346d7712b41510 100644 --- a/ee/spec/lib/gitlab/tracking/ai_tracking_unified_approach_spec.rb +++ b/ee/spec/lib/gitlab/tracking/ai_tracking_unified_approach_spec.rb @@ -201,5 +201,40 @@ it_behaves_like 'standard ai usage event tracking' end + + context 'for `explain_vulnerability` event' do + let(:event_name) { 'explain_vulnerability' } + let_it_be(:vulnerability) { create(:vulnerability, project: project) } + + let(:event_context) { { vulnerability: vulnerability, user: current_user } } + + let(:expected_pg_attributes) do + { + user_id: current_user.id, + event: event_name, + namespace_id: project.project_namespace_id, + extras: { + vulnerability_id: vulnerability.id, + project_id: project.id, + severity: vulnerability.severity + } + } + end + + let(:expected_ch_attributes) do + { + user_id: current_user.id, + event: Ai::UsageEvent.events[event_name], + namespace_path: project.project_namespace.reload.traversal_path, + extras: { + vulnerability_id: vulnerability.id, + project_id: project.id, + severity: vulnerability.severity + }.to_json + } + end + + it_behaves_like 'standard ai usage event tracking' + end end end -- GitLab