Skip to content

Commit b5329ae

Browse files
mafredrimafredri
authored
feat: add workspace agent connect and app open audit types (#16493)
This commit adds new audit resource types for workspace agents and workspace apps, as well as connect/disconnect and open/close actions. The idea is that we will log new audit events for connecting to the agent via SSH/editor. Likewise, we will log openings of `coder_app`s. This change also introduces support for filtering by `request_id`. Updates #15139
1 parent 42f6b71 commit b5329ae

File tree

21 files changed

+411
-43
lines changed

21 files changed

+411
-43
lines changed

coderd/apidoc/docs.go

Lines changed: 20 additions & 4 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/apidoc/swagger.json

Lines changed: 20 additions & 4 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/audit.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -159,7 +159,7 @@ func (api *API) generateFakeAuditLog(rw http.ResponseWriter, r *http.Request) {
159159
Diff: diff,
160160
StatusCode: http.StatusOK,
161161
AdditionalFields: params.AdditionalFields,
162-
RequestID: uuid.Nil, // no request ID to attach this to
162+
RequestID: params.RequestID,
163163
ResourceIcon: "",
164164
OrganizationID: params.OrganizationID,
165165
})

coderd/audit/diff.go

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,9 @@ type Auditable interface {
3030
database.NotificationTemplate |
3131
idpsync.OrganizationSyncSettings |
3232
idpsync.GroupSyncSettings |
33-
idpsync.RoleSyncSettings
33+
idpsync.RoleSyncSettings |
34+
database.WorkspaceAgent |
35+
database.WorkspaceApp
3436
}
3537

3638
// Map is a map of changed fields in an audited resource. It maps field names to

coderd/audit/request.go

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -128,6 +128,10 @@ func ResourceTarget[T Auditable](tgt T) string {
128128
return "Organization Group Sync"
129129
case idpsync.RoleSyncSettings:
130130
return "Organization Role Sync"
131+
case database.WorkspaceAgent:
132+
return typed.Name
133+
case database.WorkspaceApp:
134+
return typed.Slug
131135
default:
132136
panic(fmt.Sprintf("unknown resource %T for ResourceTarget", tgt))
133137
}
@@ -187,6 +191,10 @@ func ResourceID[T Auditable](tgt T) uuid.UUID {
187191
return noID // Org field on audit log has org id
188192
case idpsync.RoleSyncSettings:
189193
return noID // Org field on audit log has org id
194+
case database.WorkspaceAgent:
195+
return typed.ID
196+
case database.WorkspaceApp:
197+
return typed.ID
190198
default:
191199
panic(fmt.Sprintf("unknown resource %T for ResourceID", tgt))
192200
}
@@ -238,6 +246,10 @@ func ResourceType[T Auditable](tgt T) database.ResourceType {
238246
return database.ResourceTypeIdpSyncSettingsRole
239247
case idpsync.GroupSyncSettings:
240248
return database.ResourceTypeIdpSyncSettingsGroup
249+
case database.WorkspaceAgent:
250+
return database.ResourceTypeWorkspaceAgent
251+
case database.WorkspaceApp:
252+
return database.ResourceTypeWorkspaceApp
241253
default:
242254
panic(fmt.Sprintf("unknown resource %T for ResourceType", typed))
243255
}
@@ -291,6 +303,10 @@ func ResourceRequiresOrgID[T Auditable]() bool {
291303
return true
292304
case idpsync.RoleSyncSettings:
293305
return true
306+
case database.WorkspaceAgent:
307+
return true
308+
case database.WorkspaceApp:
309+
return true
294310
default:
295311
panic(fmt.Sprintf("unknown resource %T for ResourceRequiresOrgID", tgt))
296312
}

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy