Skip to content

Commit b5329ae

Browse files
mafredrimafredri
authored
feat: add workspace agent connect and app open audit types (#16493)
This commit adds new audit resource types for workspace agents and workspace apps, as well as connect/disconnect and open/close actions. The idea is that we will log new audit events for connecting to the agent via SSH/editor. Likewise, we will log openings of `coder_app`s. This change also introduces support for filtering by `request_id`. Updates #15139
1 parent 42f6b71 commit b5329ae

File tree

21 files changed

+411
-43
lines changed

21 files changed

+411
-43
lines changed

coderd/apidoc/docs.go

Lines changed: 20 additions & 4 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/apidoc/swagger.json

Lines changed: 20 additions & 4 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/audit.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -159,7 +159,7 @@ func (api *API) generateFakeAuditLog(rw http.ResponseWriter, r *http.Request) {
159159
Diff: diff,
160160
StatusCode: http.StatusOK,
161161
AdditionalFields: params.AdditionalFields,
162-
RequestID: uuid.Nil, // no request ID to attach this to
162+
RequestID: params.RequestID,
163163
ResourceIcon: "",
164164
OrganizationID: params.OrganizationID,
165165
})

coderd/audit/diff.go

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,9 @@ type Auditable interface {
3030
database.NotificationTemplate |
3131
idpsync.OrganizationSyncSettings |
3232
idpsync.GroupSyncSettings |
33-
idpsync.RoleSyncSettings
33+
idpsync.RoleSyncSettings |
34+
database.WorkspaceAgent |
35+
database.WorkspaceApp
3436
}
3537

3638
// Map is a map of changed fields in an audited resource. It maps field names to

coderd/audit/request.go

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -128,6 +128,10 @@ func ResourceTarget[T Auditable](tgt T) string {
128128
return "Organization Group Sync"
129129
case idpsync.RoleSyncSettings:
130130
return "Organization Role Sync"
131+
case database.WorkspaceAgent:
132+
return typed.Name
133+
case database.WorkspaceApp:
134+
return typed.Slug
131135
default:
132136
panic(fmt.Sprintf("unknown resource %T for ResourceTarget", tgt))
133137
}
@@ -187,6 +191,10 @@ func ResourceID[T Auditable](tgt T) uuid.UUID {
187191
return noID // Org field on audit log has org id
188192
case idpsync.RoleSyncSettings:
189193
return noID // Org field on audit log has org id
194+
case database.WorkspaceAgent:
195+
return typed.ID
196+
case database.WorkspaceApp:
197+
return typed.ID
190198
default:
191199
panic(fmt.Sprintf("unknown resource %T for ResourceID", tgt))
192200
}
@@ -238,6 +246,10 @@ func ResourceType[T Auditable](tgt T) database.ResourceType {
238246
return database.ResourceTypeIdpSyncSettingsRole
239247
case idpsync.GroupSyncSettings:
240248
return database.ResourceTypeIdpSyncSettingsGroup
249+
case database.WorkspaceAgent:
250+
return database.ResourceTypeWorkspaceAgent
251+
case database.WorkspaceApp:
252+
return database.ResourceTypeWorkspaceApp
241253
default:
242254
panic(fmt.Sprintf("unknown resource %T for ResourceType", typed))
243255
}
@@ -291,6 +303,10 @@ func ResourceRequiresOrgID[T Auditable]() bool {
291303
return true
292304
case idpsync.RoleSyncSettings:
293305
return true
306+
case database.WorkspaceAgent:
307+
return true
308+
case database.WorkspaceApp:
309+
return true
294310
default:
295311
panic(fmt.Sprintf("unknown resource %T for ResourceRequiresOrgID", tgt))
296312
}

0 commit comments

Comments
 (0)