Audits api

thomasmckay · June 7, 2018, 9:46pm

In playing with audits and adding them to some katello models, I’m curious if anyone can help me with the API. You can see an audit below with the json. I’ve added audited associated_with :repository to a couple models and then has_associated_audits to the Repository model. This all seems to work great.

So first thing is, should I create a new audits api endpoint in katello to handle the auto-complete values, etc?

Regardless of new endpoint or enhance the existing, should I change some params allowable in the search or the index call?

In my case, I’d like to pass in a Lifecycle Environment ID and find the audits for all the associated Repository models. Similarly for Content View or Product ID. Note that those two objects are not currently audited themselves but referenced repositories.

Alternatively, I could add an audits endpoint to the repositories controller.

Thoughts?

action: "update"
associated_id: null
associated_name: null
associated_type: null
auditable_id: 42
auditable_name: "alpine"
auditable_type: "Katello::Repository"
audited_changes:
  last_pulled_at: ["2018-06-07T18:17:55.806Z", "2018-06-07T18:18:01.575Z"]
comment: "pull 'alpine' by digest 'sha256:2441496fb9f0d938e5f8b27aba5cc367b24078225ceed82a9a5e67f0d6738c80'"
created_at: "2018-06-07 14:18:01 -0400"
id: 239
remote_address: "127.0.0.1"
user_id: 4
user_name: null
user_type: null
version: 3

Marek_Hulan · June 8, 2018, 11:45am

You mean auto-complete in search box on audits page? Sadly we don’t have a good way to extend this from plugins yet. It would be great to add some plugin DSL so that one can say, resource Repository is a new audited model. Then we could extend the list dynamically at https://github.com/theforeman/foreman/blob/develop/app/models/concerns/audit_search.rb

Btw looking at line https://github.com/theforeman/foreman/blob/develop/app/models/concerns/audit_search.rb#L22 it should be possible to search with type = Katello::$Model already.

You should be able to achieve that with scoped_search definition using :on => and :rename =>, perhaps you’ll need to add some has_many :through to your model.

I’ll repeat again that auditing things like “last pulled at”, does not fit other audit records and IMHO does not belong to our database. If my understanding is correct, this means some external process pulled something from Satellite repo. That belongs to log, not audit. If the repo is heavily accessed, this would create a lot records in our DB.