feat: add audit log filter for autostarted and autostopped workspace builds (coder#5830)

Kira-Pilot · web-flow · commit 322a4d93e104 · 2023-01-24T15:34:29.000-05:00
* added query

* fixed query

* added example to dropdown

* added documentation

* added test

* fixed formatting

* fixed format
diff --git a/coderd/apidoc/docs.go b/coderd/apidoc/docs.go
diff --git a/coderd/apidoc/swagger.json b/coderd/apidoc/swagger.json
diff --git a/coderd/audit.go b/coderd/audit.go
@@ -67,6 +67,7 @@ func (api *API) auditLogs(rw http.ResponseWriter, r *http.Request) {
 		Email:        filter.Email,
 		DateFrom:     filter.DateFrom,
 		DateTo:       filter.DateTo,
+		BuildReason:  filter.BuildReason,
 	})
 	if err != nil {
 		httpapi.InternalServerError(rw, err)
@@ -443,6 +444,7 @@ func auditSearchQuery(query string) (database.GetAuditLogsOffsetParams, []coders
 		Email:        parser.String(searchParams, "", "email"),
 		DateFrom:     parsedDateFrom,
 		DateTo:       parsedDateTo,
+		BuildReason:  buildReasonFromString(parser.String(searchParams, "", "build_reason")),
 	}
 
 	return filter, parser.Errors
@@ -488,3 +490,16 @@ func actionFromString(actionString string) string {
 	}
 	return ""
 }
+
+func buildReasonFromString(buildReasonString string) string {
+	switch codersdk.BuildReason(buildReasonString) {
+	case codersdk.BuildReasonInitiator:
+		return buildReasonString
+	case codersdk.BuildReasonAutostart:
+		return buildReasonString
+	case codersdk.BuildReasonAutostop:
+		return buildReasonString
+	default:
+	}
+	return ""
+}
diff --git a/coderd/audit_test.go b/coderd/audit_test.go
@@ -179,6 +179,11 @@ func TestAuditLogsFilter(t *testing.T) {
 				SearchQuery:    "resource_type:workspace_build action:stop",
 				ExpectedResult: 1,
 			},
+			{
+				Name:           "FilterOnWorkspaceBuildStartByInitiator",
+				SearchQuery:    "resource_type:workspace_build action:start build_reason:start",
+				ExpectedResult: 1,
+			},
 		}
 
 		for _, testCase := range testCases {
diff --git a/coderd/database/databasefake/databasefake.go b/coderd/database/databasefake/databasefake.go
@@ -3680,6 +3680,12 @@ func (q *fakeQuerier) GetAuditLogsOffset(ctx context.Context, arg database.GetAu
 				continue
 			}
 		}
+		if arg.BuildReason != "" {
+			workspaceBuild, err := q.GetWorkspaceBuildByID(context.Background(), alog.ResourceID)
+			if err == nil && !strings.EqualFold(arg.BuildReason, string(workspaceBuild.Reason)) {
+				continue
+			}
+		}
 
 		user, err := q.GetUserByID(ctx, alog.UserID)
 		userValid := err == nil
diff --git a/coderd/database/queries.sql.go b/coderd/database/queries.sql.go
diff --git a/coderd/database/queries/auditlogs.sql b/coderd/database/queries/auditlogs.sql
@@ -2,18 +2,41 @@
 -- ID.
 -- name: GetAuditLogsOffset :many
 SELECT
-	audit_logs.*,
+    audit_logs.*,
     users.username AS user_username,
     users.email AS user_email,
     users.created_at AS user_created_at,
     users.status AS user_status,
     users.rbac_roles AS user_roles,
     users.avatar_url AS user_avatar_url,
-		COUNT(audit_logs.*) OVER() AS count
+    COUNT(audit_logs.*) OVER () AS count
 FROM
-	audit_logs
-LEFT JOIN
-    users ON audit_logs.user_id = users.id
+    audit_logs
+    LEFT JOIN users ON audit_logs.user_id = users.id
+    LEFT JOIN
+        -- First join on workspaces to get the initial workspace create
+        -- to workspace build 1 id. This is because the first create is
+        -- is a different audit log than subsequent starts.
+        workspaces ON
+		    audit_logs.resource_type = 'workspace' AND
+			audit_logs.resource_id = workspaces.id
+    LEFT JOIN
+	    workspace_builds ON
+            -- Get the reason from the build if the resource type
+            -- is a workspace_build
+            (
+			    audit_logs.resource_type = 'workspace_build'
+                AND audit_logs.resource_id = workspace_builds.id
+			)
+            OR
+            -- Get the reason from the build #1 if this is the first
+            -- workspace create.
+            (
+				audit_logs.resource_type = 'workspace' AND
+				audit_logs.action = 'create' AND
+				workspaces.id = workspace_builds.workspace_id AND
+				workspace_builds.build_number = 1
+			)
 WHERE
     -- Filter resource_type
 	CASE
@@ -63,6 +86,12 @@ WHERE
 			"time" <= @date_to
 		ELSE true
 	END
+    -- Filter by build_reason
+    AND CASE
+	    WHEN @build_reason::text != '' THEN
+            workspace_builds.reason::text = @build_reason
+        ELSE true
+    END
 ORDER BY
     "time" DESC
 LIMIT
diff --git a/codersdk/audit.go b/codersdk/audit.go
@@ -125,6 +125,7 @@ type CreateTestAuditLogRequest struct {
 	ResourceType ResourceType `json:"resource_type,omitempty" enums:"organization,template,template_version,user,workspace,workspace_build,git_ssh_key,api_key,group"`
 	ResourceID   uuid.UUID    `json:"resource_id,omitempty" format:"uuid"`
 	Time         time.Time    `json:"time,omitempty" format:"date-time"`
+	BuildReason  BuildReason  `json:"build_reason,omitempty" enums:"autostart,autostop,initiator"`
 }
 
 // AuditLogs retrieves audit logs from the given page.
diff --git a/docs/admin/audit-logs.md b/docs/admin/audit-logs.md
@@ -31,7 +31,8 @@ The supported filters are:
 - `username` - The username of the user who triggered the action.
 - `email` - The email of the user who triggered the action.
 - `date_from` - The inclusive start date with format `YYYY-MM-DD`.
-- `date_to ` - the inclusive end date with format `YYYY-MM-DD`.
+- `date_to` - The inclusive end date with format `YYYY-MM-DD`.
+- `build_reason` - To be used with `resource_type:workspace_build`, the [initiator](https://pkg.go.dev/github.com/coder/coder/codersdk#BuildReason) behind the build start or stop.
 
 ## Enabling this feature
 
diff --git a/docs/api/audit.md b/docs/api/audit.md
@@ -106,6 +106,7 @@ curl -X POST http://coder-server:8080/api/v2/audit/testgenerate \
 ```json
 {
   "action": "create",
+  "build_reason": "autostart",
   "resource_id": "4d5215ed-38bb-48ed-879a-fdb9ca58522f",
   "resource_type": "organization",
   "time": "2019-08-24T14:15:22Z"
diff --git a/docs/api/schemas.md b/docs/api/schemas.md
@@ -783,6 +783,7 @@ CreateParameterRequest is a structure used to create a new parameter value for a
 ```json
 {
   "action": "create",
+  "build_reason": "autostart",
   "resource_id": "4d5215ed-38bb-48ed-879a-fdb9ca58522f",
   "resource_type": "organization",
   "time": "2019-08-24T14:15:22Z"
@@ -794,6 +795,7 @@ CreateParameterRequest is a structure used to create a new parameter value for a
 | Name            | Type                                           | Required | Restrictions | Description |
 | --------------- | ---------------------------------------------- | -------- | ------------ | ----------- |
 | `action`        | [codersdk.AuditAction](#codersdkauditaction)   | false    |              |             |
+| `build_reason`  | [codersdk.BuildReason](#codersdkbuildreason)   | false    |              |             |
 | `resource_id`   | string                                         | false    |              |             |
 | `resource_type` | [codersdk.ResourceType](#codersdkresourcetype) | false    |              |             |
 | `time`          | string                                         | false    |              |             |
@@ -807,6 +809,9 @@ CreateParameterRequest is a structure used to create a new parameter value for a
 | `action`        | `delete`           |
 | `action`        | `start`            |
 | `action`        | `stop`             |
+| `build_reason`  | `autostart`        |
+| `build_reason`  | `autostop`         |
+| `build_reason`  | `initiator`        |
 | `resource_type` | `organization`     |
 | `resource_type` | `template`         |
 | `resource_type` | `template_version` |
diff --git a/site/src/api/typesGenerated.ts b/site/src/api/typesGenerated.ts
@@ -209,6 +209,7 @@ export interface CreateTestAuditLogRequest {
   readonly resource_type?: ResourceType
   readonly resource_id?: string
   readonly time?: string
+  readonly build_reason?: BuildReason
 }
 
 // From codersdk/apikey.go
diff --git a/site/src/pages/AuditPage/AuditPageView.tsx b/site/src/pages/AuditPage/AuditPageView.tsx
@@ -40,6 +40,10 @@ const presetFilters = [
     query: "resource_type:workspace_build action:start",
     name: "Started builds",
   },
+  {
+    query: "resource_type:workspace_build action:start build_reason:initiator",
+    name: "Builds started by a user",
+  },
 ]
 
 export interface AuditPageViewProps {

Original file line number	Diff line number	Diff line change
`@@ -3680,6 +3680,12 @@ func (q *fakeQuerier) GetAuditLogsOffset(ctx context.Context, arg database.GetAu`
`3680`	`3680`	`continue`
`3681`	`3681`	`}`
`3682`	`3682`	`}`
	`3683`	`+ if arg.BuildReason != "" {`
	`3684`	`+ workspaceBuild, err := q.GetWorkspaceBuildByID(context.Background(), alog.ResourceID)`
	`3685`	`+ if err == nil && !strings.EqualFold(arg.BuildReason, string(workspaceBuild.Reason)) {`
	`3686`	`+ continue`
	`3687`	`+ }`
	`3688`	`+ }`
`3683`	`3689`
`3684`	`3690`	`user, err := q.GetUserByID(ctx, alog.UserID)`
`3685`	`3691`	`userValid := err == nil`
Original file line number	Diff line number	Diff line change
`@@ -125,6 +125,7 @@ type CreateTestAuditLogRequest struct {`
`125`	`125`	ResourceType ResourceType `json:"resource_type,omitempty" enums:"organization,template,template_version,user,workspace,workspace_build,git_ssh_key,api_key,group"`
`126`	`126`	ResourceID uuid.UUID `json:"resource_id,omitempty" format:"uuid"`
`127`	`127`	Time time.Time `json:"time,omitempty" format:"date-time"`
	`128`	+ BuildReason BuildReason `json:"build_reason,omitempty" enums:"autostart,autostop,initiator"`
`128`	`129`	`}`
`129`	`130`
`130`	`131`	`// AuditLogs retrieves audit logs from the given page.`
Original file line number	Diff line number	Diff line change
`@@ -106,6 +106,7 @@ curl -X POST http://coder-server:8080/api/v2/audit/testgenerate \`
`106`	`106`	```json
`107`	`107`	`{`
`108`	`108`	`"action": "create",`
	`109`	`+ "build_reason": "autostart",`
`109`	`110`	`"resource_id": "4d5215ed-38bb-48ed-879a-fdb9ca58522f",`
`110`	`111`	`"resource_type": "organization",`
`111`	`112`	`"time": "2019-08-24T14:15:22Z"`