Skip to content

chore: enforce orgid in audit logs where required #12283

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Feb 26, 2024
Merged

chore: enforce orgid in audit logs where required #12283

merged 4 commits into from
Feb 26, 2024

Conversation

Emyrk
Copy link
Member

@Emyrk Emyrk commented Feb 23, 2024
edited
Loading

What this does

Populates and requires the organizationID field to audit logs where it can be set.

Some resources are not scoped to an org. This is ok imo, but from a UI perspective, we might have org vs site audit log views in the future.

Closes #11930

@Emyrk Emyrk marked this pull request as ready for review February 23, 2024 17:15
@Emyrk Emyrk requested a review from johnstcn February 23, 2024 17:15
johnstcn
johnstcn approved these changes Feb 23, 2024
View reviewed changes
coderd/audit/request.go
Comment on lines +210 to +214
// In unit tests we panic to fail the tests
panic(fmt.Sprintf("missing required organization ID for resource %q", resourceName))
}
log.Error(ctx, "missing required organization ID for resource in audit log",
slog.F("resource", resourceName),
Copy link
Member

@johnstcn johnstcn Feb 23, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe no harm to also include resource type?

Edit: %T does that, the varname resourceName threw me off

maybe we can do %+v in unit tests? or would that be too much?

Copy link
Member Author

@Emyrk Emyrk Feb 26, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think %+v is too much and we'd have to be careful with any secrets.

@Emyrk Emyrk merged commit f44c89d into main Feb 26, 2024
@Emyrk Emyrk deleted the stevenmasley/org_audit branch February 26, 2024 14:27
@github-actions github-actions bot locked and limited conversation to collaborators Feb 26, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@johnstcn johnstcn johnstcn approved these changes

Assignees

@Emyrk Emyrk

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Org scoped audit logs
2 participants
@Emyrk @johnstcn