Audit Event Streaming

What does this MR do and why?

• Adds a new background worker to stream audit events to defined group-level destinations.
• Adds new documentation explaining the new functionality.
• Everything is behind a default-off feature flag

Screenshots or screen recordings

📺 Screencast showing the functionality.

How to set up and validate locally

Example below:

1. Ensure you are using GitLab Ultimate
2. Enable the flag

   Feature.enable(:ff_external_audit_events_namespace)

3. Create a new group.
4. Create a new event destination for the group using the externalAuditEventDestinationCreate GraphQL mutation. (See the screencast for an example of this if you're unfamiliar with GraphQL). Consider a tool like RequestBin as the destination.
   • Verify that only group owners can perform this task.
5. Perform some actions that would ordinarily generate an audit event at the group level.
6. Assert that for each of those actions:
   • The audit log is populated as normal.
   • The destination endpoint receives the same data via POST request.
7. Create a new project with in that group.
   • Assert that audit events are created for the project creation as the point above.
8. Perform other project-level events and assert that they are:
   • Added to the project-level audit event list in the UI.
   • Sent to the group-level destination. (Project-level events should be sent to the group-level destination.)
9. Attempt the same with a project that belongs to a sub-group. Events should always be sent to the root-group destinations.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

• I have evaluated the MR acceptance checklist for this MR.

Related to #332747 (closed)