Skip to content

feat: add audit log filter for autostarted and autostopped workspace builds #5830

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 9 commits into from
Jan 24, 2023
Merged

feat: add audit log filter for autostarted and autostopped workspace builds #5830

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
7bb3121
added query
Kira-Pilot Jan 23, 2023
85c1fd6
fixed query
Kira-Pilot Jan 23, 2023
484418e
added example to dropdown
Kira-Pilot Jan 23, 2023
2202c54
Merge remote-tracking branch 'origin/main' into add-build-reason-filt…
Kira-Pilot Jan 23, 2023
79fafe7
added documentation
Kira-Pilot Jan 23, 2023
dca2263
added test
Kira-Pilot Jan 23, 2023
bb7444a
fixed formatting
Kira-Pilot Jan 24, 2023
07f199f
Merge remote-tracking branch 'origin/main' into add-build-reason-filt…
Kira-Pilot Jan 24, 2023
7788420
fixed format
Kira-Pilot Jan 24, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 12 additions & 0 deletions coderd/apidoc/docs.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 8 additions & 0 deletions coderd/apidoc/swagger.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

15 changes: 15 additions & 0 deletions coderd/audit.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,7 @@ func (api *API) auditLogs(rw http.ResponseWriter, r *http.Request) {
Email: filter.Email,
DateFrom: filter.DateFrom,
DateTo: filter.DateTo,
BuildReason: filter.BuildReason,
})
if err != nil {
httpapi.InternalServerError(rw, err)
Expand Down Expand Up @@ -443,6 +444,7 @@ func auditSearchQuery(query string) (database.GetAuditLogsOffsetParams, []coders
Email: parser.String(searchParams, "", "email"),
DateFrom: parsedDateFrom,
DateTo: parsedDateTo,
BuildReason: buildReasonFromString(parser.String(searchParams, "", "build_reason")),
}

return filter, parser.Errors
Expand Down Expand Up @@ -488,3 +490,16 @@ func actionFromString(actionString string) string {
}
return ""
}

func buildReasonFromString(buildReasonString string) string {
switch codersdk.BuildReason(buildReasonString) {
case codersdk.BuildReasonInitiator:
return buildReasonString
case codersdk.BuildReasonAutostart:
return buildReasonString
case codersdk.BuildReasonAutostop:
return buildReasonString
default:
}
return ""
}
5 changes: 5 additions & 0 deletions coderd/audit_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -179,6 +179,11 @@ func TestAuditLogsFilter(t *testing.T) {
SearchQuery: "resource_type:workspace_build action:stop",
ExpectedResult: 1,
},
{
Name: "FilterOnWorkspaceBuildStartByInitiator",
SearchQuery: "resource_type:workspace_build action:start build_reason:start",
ExpectedResult: 1,
},
}

for _, testCase := range testCases {
Expand Down
6 changes: 6 additions & 0 deletions coderd/database/databasefake/databasefake.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3680,6 +3680,12 @@ func (q *fakeQuerier) GetAuditLogsOffset(ctx context.Context, arg database.GetAu
continue
}
}
if arg.BuildReason != "" {
workspaceBuild, err := q.GetWorkspaceBuildByID(context.Background(), alog.ResourceID)
if err == nil && !strings.EqualFold(arg.BuildReason, string(workspaceBuild.Reason)) {
continue
}
}

user, err := q.GetUserByID(ctx, alog.UserID)
userValid := err == nil
Expand Down
41 changes: 36 additions & 5 deletions coderd/database/queries.sql.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

39 changes: 34 additions & 5 deletions coderd/database/queries/auditlogs.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,18 +2,41 @@
-- ID.
-- name: GetAuditLogsOffset :many
SELECT
audit_logs.*,
audit_logs.*,
users.username AS user_username,
users.email AS user_email,
users.created_at AS user_created_at,
users.status AS user_status,
users.rbac_roles AS user_roles,
users.avatar_url AS user_avatar_url,
COUNT(audit_logs.*) OVER() AS count
COUNT(audit_logs.*) OVER () AS count
FROM
audit_logs
LEFT JOIN
users ON audit_logs.user_id = users.id
audit_logs
LEFT JOIN users ON audit_logs.user_id = users.id
LEFT JOIN
-- First join on workspaces to get the initial workspace create
-- to workspace build 1 id. This is because the first create is
-- is a different audit log than subsequent starts.
workspaces ON
audit_logs.resource_type = 'workspace' AND
audit_logs.resource_id = workspaces.id
LEFT JOIN
workspace_builds ON
-- Get the reason from the build if the resource type
-- is a workspace_build
(
audit_logs.resource_type = 'workspace_build'
AND audit_logs.resource_id = workspace_builds.id
)
OR
-- Get the reason from the build #1 if this is the first
-- workspace create.
(
audit_logs.resource_type = 'workspace' AND
audit_logs.action = 'create' AND
workspaces.id = workspace_builds.workspace_id AND
workspace_builds.build_number = 1
)
WHERE
-- Filter resource_type
CASE
Expand Down Expand Up @@ -63,6 +86,12 @@ WHERE
"time" <= @date_to
ELSE true
END
-- Filter by build_reason
AND CASE
WHEN @build_reason::text != '' THEN
workspace_builds.reason::text = @build_reason
ELSE true
END
ORDER BY
"time" DESC
LIMIT
Expand Down
1 change: 1 addition & 0 deletions codersdk/audit.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -125,6 +125,7 @@ type CreateTestAuditLogRequest struct {
ResourceType ResourceType `json:"resource_type,omitempty" enums:"organization,template,template_version,user,workspace,workspace_build,git_ssh_key,api_key,group"`
ResourceID uuid.UUID `json:"resource_id,omitempty" format:"uuid"`
Time time.Time `json:"time,omitempty" format:"date-time"`
BuildReason BuildReason `json:"build_reason,omitempty" enums:"autostart,autostop,initiator"`
}

// AuditLogs retrieves audit logs from the given page.
Expand Down
3 changes: 2 additions & 1 deletion docs/admin/audit-logs.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,8 @@ The supported filters are:
- `username` - The username of the user who triggered the action.
- `email` - The email of the user who triggered the action.
- `date_from` - The inclusive start date with format `YYYY-MM-DD`.
- `date_to ` - the inclusive end date with format `YYYY-MM-DD`.
- `date_to` - The inclusive end date with format `YYYY-MM-DD`.
- `build_reason` - To be used with `resource_type:workspace_build`, the [initiator](https://pkg.go.dev/github.com/coder/coder/codersdk#BuildReason) behind the build start or stop.

## Enabling this feature

Expand Down
1 change: 1 addition & 0 deletions docs/api/audit.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -106,6 +106,7 @@ curl -X POST http://coder-server:8080/api/v2/audit/testgenerate \
```json
{
"action": "create",
"build_reason": "autostart",
"resource_id": "4d5215ed-38bb-48ed-879a-fdb9ca58522f",
"resource_type": "organization",
"time": "2019-08-24T14:15:22Z"
Expand Down
5 changes: 5 additions & 0 deletions docs/api/schemas.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -783,6 +783,7 @@ CreateParameterRequest is a structure used to create a new parameter value for a
```json
{
"action": "create",
"build_reason": "autostart",
"resource_id": "4d5215ed-38bb-48ed-879a-fdb9ca58522f",
"resource_type": "organization",
"time": "2019-08-24T14:15:22Z"
Expand All @@ -794,6 +795,7 @@ CreateParameterRequest is a structure used to create a new parameter value for a
| Name | Type | Required | Restrictions | Description |
| --------------- | ---------------------------------------------- | -------- | ------------ | ----------- |
| `action` | [codersdk.AuditAction](#codersdkauditaction) | false | | |
| `build_reason` | [codersdk.BuildReason](#codersdkbuildreason) | false | | |
| `resource_id` | string | false | | |
| `resource_type` | [codersdk.ResourceType](#codersdkresourcetype) | false | | |
| `time` | string | false | | |
Expand All @@ -807,6 +809,9 @@ CreateParameterRequest is a structure used to create a new parameter value for a
| `action` | `delete` |
| `action` | `start` |
| `action` | `stop` |
| `build_reason` | `autostart` |
| `build_reason` | `autostop` |
| `build_reason` | `initiator` |
| `resource_type` | `organization` |
| `resource_type` | `template` |
| `resource_type` | `template_version` |
Expand Down
1 change: 1 addition & 0 deletions site/src/api/typesGenerated.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -209,6 +209,7 @@ export interface CreateTestAuditLogRequest {
readonly resource_type?: ResourceType
readonly resource_id?: string
readonly time?: string
readonly build_reason?: BuildReason
}

// From codersdk/apikey.go
Expand Down
4 changes: 4 additions & 0 deletions site/src/pages/AuditPage/AuditPageView.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,10 @@ const presetFilters = [
query: "resource_type:workspace_build action:start",
name: "Started builds",
},
{
query: "resource_type:workspace_build action:start build_reason:initiator",
name: "Builds started by a user",
},
]

export interface AuditPageViewProps {
Expand Down