coder
diff --git a/‎coderd/apidoc/docs.go
+12-4 b/‎coderd/apidoc/docs.go
+12-4
diff --git a/‎coderd/apidoc/swagger.json
+12-4 b/‎coderd/apidoc/swagger.json
+12-4
diff --git a/‎coderd/audit/diff.go
+3-1 b/‎coderd/audit/diff.go
+3-1
diff --git a/‎coderd/audit/request.go
+16 b/‎coderd/audit/request.go
+16
diff --git a/‎coderd/audit_test.go
+98-3 b/‎coderd/audit_test.go
+98-3
diff --git a/‎coderd/database/dump.sql
+6-2 b/‎coderd/database/dump.sql
+6-2
diff --git a/‎coderd/database/migrations/000291_add_audit_types_for_connect_and_open.down.sql
+1 b/‎coderd/database/migrations/000291_add_audit_types_for_connect_and_open.down.sql
+1
diff --git a/‎coderd/database/migrations/000291_add_audit_types_for_connect_and_open.up.sql
+13 b/‎coderd/database/migrations/000291_add_audit_types_for_connect_and_open.up.sql
+13
diff --git a/‎coderd/database/models.go
+14-2 b/‎coderd/database/models.go
+14-2
@@ -30,7 +30,9 @@ type Auditable interface {
 		database.NotificationTemplate |
 		idpsync.OrganizationSyncSettings |
 		idpsync.GroupSyncSettings |
-		idpsync.RoleSyncSettings
+		idpsync.RoleSyncSettings |
+		database.WorkspaceAgent |
+		database.WorkspaceApp
 }
 
 // Map is a map of changed fields in an audited resource. It maps field names to
 
@@ -128,6 +128,10 @@ func ResourceTarget[T Auditable](tgt T) string {
 		return "Organization Group Sync"
 	case idpsync.RoleSyncSettings:
 		return "Organization Role Sync"
+	case database.WorkspaceAgent:
+		return typed.Name
+	case database.WorkspaceApp:
+		return typed.Slug
 	default:
 		panic(fmt.Sprintf("unknown resource %T for ResourceTarget", tgt))
 	}
@@ -187,6 +191,10 @@ func ResourceID[T Auditable](tgt T) uuid.UUID {
 		return noID // Org field on audit log has org id
 	case idpsync.RoleSyncSettings:
 		return noID // Org field on audit log has org id
+	case database.WorkspaceAgent:
+		return typed.ID
+	case database.WorkspaceApp:
+		return typed.ID
 	default:
 		panic(fmt.Sprintf("unknown resource %T for ResourceID", tgt))
 	}
@@ -238,6 +246,10 @@ func ResourceType[T Auditable](tgt T) database.ResourceType {
 		return database.ResourceTypeIdpSyncSettingsRole
 	case idpsync.GroupSyncSettings:
 		return database.ResourceTypeIdpSyncSettingsGroup
+	case database.WorkspaceAgent:
+		return database.ResourceTypeWorkspaceAgent
+	case database.WorkspaceApp:
+		return database.ResourceTypeWorkspaceApp
 	default:
 		panic(fmt.Sprintf("unknown resource %T for ResourceType", typed))
 	}
@@ -291,6 +303,10 @@ func ResourceRequiresOrgID[T Auditable]() bool {
 		return true
 	case idpsync.RoleSyncSettings:
 		return true
+	case database.WorkspaceAgent:
+		return true
+	case database.WorkspaceApp:
+		return true
 	default:
 		panic(fmt.Sprintf("unknown resource %T for ResourceRequiresOrgID", tgt))
 	}
 
@@ -17,6 +17,8 @@ import (
 	"github.com/coder/coder/v2/coderd/database"
 	"github.com/coder/coder/v2/coderd/rbac"
 	"github.com/coder/coder/v2/codersdk"
+	"github.com/coder/coder/v2/provisioner/echo"
+	"github.com/coder/coder/v2/provisionersdk/proto"
 )
 
 func TestAuditLogs(t *testing.T) {
@@ -229,12 +231,13 @@ func TestAuditLogsFilter(t *testing.T) {
 			ctx      = context.Background()
 			client   = coderdtest.New(t, &coderdtest.Options{IncludeProvisionerDaemon: true})
 			user     = coderdtest.CreateFirstUser(t, client)
-			version  = coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, nil)
+			version  = coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, completeWithAgentAndApp())
 			template = coderdtest.CreateTemplate(t, client, user.OrganizationID, version.ID)
 		)
 
 		coderdtest.AwaitTemplateVersionJobCompleted(t, client, version.ID)
 		workspace := coderdtest.CreateWorkspace(t, client, template.ID)
+		workspace.LatestBuild = coderdtest.AwaitWorkspaceBuildJobCompleted(t, client, workspace.LatestBuild.ID)
 
 		// Create two logs with "Create"
 		err := client.CreateTestAuditLog(ctx, codersdk.CreateTestAuditLogRequest{
@@ -279,6 +282,28 @@ func TestAuditLogsFilter(t *testing.T) {
 		})
 		require.NoError(t, err)
 
+		for _, resource := range workspace.LatestBuild.Resources {
+			t.Logf("Resource: %#v", resource)
+		}
+
+		// Create one log with "Connect"
+		err = client.CreateTestAuditLog(ctx, codersdk.CreateTestAuditLogRequest{
+			Action:       codersdk.AuditActionConnect,
+			ResourceType: codersdk.ResourceTypeWorkspaceAgent,
+			ResourceID:   workspace.LatestBuild.Resources[0].Agents[0].ID,
+			Time:         time.Date(2022, 8, 15, 14, 30, 45, 100, time.UTC), // 2022-8-15 14:30:45
+		})
+		require.NoError(t, err)
+
+		// Create one log with "Open"
+		err = client.CreateTestAuditLog(ctx, codersdk.CreateTestAuditLogRequest{
+			Action:       codersdk.AuditActionOpen,
+			ResourceType: codersdk.ResourceTypeWorkspaceApp,
+			ResourceID:   workspace.LatestBuild.Resources[0].Agents[0].Apps[0].ID,
+			Time:         time.Date(2022, 8, 15, 14, 30, 45, 100, time.UTC), // 2022-8-15 14:30:45
+		})
+		require.NoError(t, err)
+
 		// Test cases
 		testCases := []struct {
 			Name           string
@@ -309,12 +334,12 @@ func TestAuditLogsFilter(t *testing.T) {
 			{
 				Name:           "FilterByEmail",
 				SearchQuery:    "email:" + coderdtest.FirstUserParams.Email,
-				ExpectedResult: 5,
+				ExpectedResult: 7,
 			},
 			{
 				Name:           "FilterByUsername",
 				SearchQuery:    "username:" + coderdtest.FirstUserParams.Username,
-				ExpectedResult: 5,
+				ExpectedResult: 7,
 			},
 			{
 				Name:           "FilterByResourceID",
@@ -366,6 +391,16 @@ func TestAuditLogsFilter(t *testing.T) {
 				SearchQuery:    "resource_type:workspace_build action:start build_reason:initiator",
 				ExpectedResult: 1,
 			},
+			{
+				Name:           "FilterOnWorkspaceAgentConnect",
+				SearchQuery:    "resource_type:workspace_agent action:connect",
+				ExpectedResult: 1,
+			},
+			{
+				Name:           "FilterOnWorkspaceAppOpen",
+				SearchQuery:    "resource_type:workspace_app action:open",
+				ExpectedResult: 1,
+			},
 		}
 
 		for _, testCase := range testCases {
@@ -387,3 +422,63 @@ func TestAuditLogsFilter(t *testing.T) {
 		}
 	})
 }
+
+func completeWithAgentAndApp() *echo.Responses {
+	return &echo.Responses{
+		Parse: echo.ParseComplete,
+		ProvisionPlan: []*proto.Response{
+			{
+				Type: &proto.Response_Plan{
+					Plan: &proto.PlanComplete{
+						Resources: []*proto.Resource{
+							{
+								Type: "compute",
+								Name: "main",
+								Agents: []*proto.Agent{
+									{
+										Name:            "smith",
+										OperatingSystem: "linux",
+										Architecture:    "i386",
+										Apps: []*proto.App{
+											{
+												Slug:        "app",
+												DisplayName: "App",
+											},
+										},
+									},
+								},
+							},
+						},
+					},
+				},
+			},
+		},
+		ProvisionApply: []*proto.Response{
+			{
+				Type: &proto.Response_Apply{
+					Apply: &proto.ApplyComplete{
+						Resources: []*proto.Resource{
+							{
+								Type: "compute",
+								Name: "main",
+								Agents: []*proto.Agent{
+									{
+										Name:            "smith",
+										OperatingSystem: "linux",
+										Architecture:    "i386",
+										Apps: []*proto.App{
+											{
+												Slug:        "app",
+												DisplayName: "App",
+											},
+										},
+									},
+								},
+							},
+						},
+					},
+				},
+			},
+		},
+	}
+}
@@ -0,0 +1 @@
+-- No-op, enum values can't be dropped.
@@ -0,0 +1,13 @@
+-- Add new audit types for connect and open actions.
+ALTER TYPE audit_action
+	ADD VALUE IF NOT EXISTS 'connect';
+ALTER TYPE audit_action
+	ADD VALUE IF NOT EXISTS 'disconnect';
+ALTER TYPE resource_type
+	ADD VALUE IF NOT EXISTS 'workspace_agent';
+ALTER TYPE audit_action
+	ADD VALUE IF NOT EXISTS 'open';
+ALTER TYPE audit_action
+	ADD VALUE IF NOT EXISTS 'close';
+ALTER TYPE resource_type
+	ADD VALUE IF NOT EXISTS 'workspace_app';
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+-- No-op, enum values can't be dropped.`