The highest tagged major version is
Documentation
¶
Index ¶
Constants ¶
const ( // ActionIgnore ignores diffing for the field. ActionIgnore = "ignore" // ActionTrack includes the value in the diff if the value changed. ActionTrack = "track" // ActionSecret includes a zero value of the same type if the value changed. // It lets you indicate that a value changed, but without leaking its // contents. ActionSecret = "secret" )
Variables ¶
var AuditActionMap = map[string][]codersdk.AuditAction{ "GitSSHKey": {codersdk.AuditActionCreate}, "Template": {codersdk.AuditActionWrite, codersdk.AuditActionDelete}, "TemplateVersion": {codersdk.AuditActionCreate, codersdk.AuditActionWrite}, "User": {codersdk.AuditActionCreate, codersdk.AuditActionWrite, codersdk.AuditActionDelete}, "Workspace": {codersdk.AuditActionCreate, codersdk.AuditActionWrite, codersdk.AuditActionDelete}, "WorkspaceBuild": {codersdk.AuditActionStart, codersdk.AuditActionStop}, "Group": {codersdk.AuditActionCreate, codersdk.AuditActionWrite, codersdk.AuditActionDelete}, "APIKey": {codersdk.AuditActionLogin, codersdk.AuditActionLogout, codersdk.AuditActionRegister, codersdk.AuditActionCreate, codersdk.AuditActionDelete}, "License": {codersdk.AuditActionCreate, codersdk.AuditActionDelete}, }
This mapping creates a relationship between an Auditable Resource and the Audit Actions we track for that resource. It is important to maintain this mapping when adding a new Auditable Resource to the AuditableResources map (below) as our documentation - generated in scripts/auditdocgen/main.go - depends upon it.
var AuditableResources = auditMap(auditableResourcesTypes)
AuditableResources contains a definitive list of all auditable resources and which fields are auditable. All resource types must be valid audit.Auditable types.
Functions ¶
Types ¶
type Backend ¶
type Backend interface {
// Decision determines the FilterDecisions that the backend tolerates.
Decision() FilterDecision
// Export sends an audit log to the backend.
Export(ctx context.Context, alog database.AuditLog) error
}
Backends can store or send audit logs to arbitrary locations.
type Filter ¶
type Filter interface {
Check(ctx context.Context, alog database.AuditLog) (FilterDecision, error)
}
Filters produce a FilterDecision for a given audit log.
var DefaultFilter Filter = FilterFunc(func(ctx context.Context, alog database.AuditLog) (FilterDecision, error) { return FilterDecisionStore | FilterDecisionExport, nil })
DefaultFilter is the default filter used when exporting audit logs. It allows storage and exporting for all audit logs.
type FilterDecision ¶
type FilterDecision uint8
FilterDecision is a bitwise flag describing the actions a given filter allows for a given audit log.
const ( // FilterDecisionDrop indicates that the audit log should be dropped. It // should not be stored or exported anywhere. FilterDecisionDrop FilterDecision = 0 // FilterDecisionStore indicates that the audit log should be allowed to be // stored in the Coder database. FilterDecisionStore FilterDecision = 1 << iota // FilterDecisionExport indicates that the audit log should be exported // externally of Coder. FilterDecisionExport )
type FilterFunc ¶
FilterFunc constructs a Filter from a simple function.
func (FilterFunc) Check ¶
func (f FilterFunc) Check(ctx context.Context, alog database.AuditLog) (FilterDecision, error)
Source Files
Directories