umputun / stash / 20632463775
84%

DEFAULT BRANCH: master
Ran
Jobs 1
Files 26
Run time 1min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 83.735% (-0.2%) from 83.964%
20632463775

push

github

web-flow 
feat(audit): add audit trail logging (#52)

* docs: add audit trail implementation plan

Related to audit logging feature with admin-only access,
middleware-based capture, and POST /audit/query API.

* feat(audit): add audit trail foundation (tasks 1-3)

- Add AuditAction, AuditResult, ActorType enums
- Add admin flag to auth config with IsAdmin() method
- Add audit_log table (SQLite + PostgreSQL)
- Implement LogAudit, QueryAudit, DeleteAuditOlderThan methods
- Update plan with completed tasks

Related to audit trail feature

* feat(audit): add audit trail foundation (tasks 1-3)

- AuditAction, AuditResult, ActorType enums with go-pkgz/enum
- Admin flag in auth config with IsAdmin() method
- AuditEntry and AuditQuery types in store layer
- LogAudit, QueryAudit, DeleteAuditOlderThan store methods
- auditor middleware capturing status/bytes for /kv/* routes
- POST /audit/query handler with admin access check
- CLI flags: --audit.enabled, --audit.retention, --audit.query-limit
- Background cleanup goroutine for expired audit entries

* fix(audit): reorder middleware to capture denied requests

- Audit middleware now runs before auth to capture 401/403 rejections
- Add test for 401 mapping to denied result
- Add test verifying audit captures when auth short-circuits

* feat(api): return 201 Created for new keys, 200 OK for updates

- store.Set now returns (created bool, err) to distinguish create vs update
- api handler returns 201 Created when key is new, 200 OK when existing
- audit trail distinguishes create vs update actions based on response
- token masking in audit logs now uses 4 chars (matching auth.go)
- added composite index idx_audit_ts_key for better query performance
- updated Go, Python SDKs to accept 201 status code

related #51

* test: add audit trail integration test, fix e2e for 201 status

- add TestIntegration_AuditTrail verifying audit log for KV operations
- update e2e tests to accept 201 Created for new key creation

447 of 545 new or added lines in 10 files covered. (82.02%)

1 existing line in 1 file now uncovered.

3748 of 4476 relevant lines covered (83.74%)

82.77 hits per line

New Missed Lines in Diff

Lines Coverage File
1
66.67
 0.39% app/store/cached.go
2
89.2
 -0.43% app/server/api/handler.go
5
87.58
 -2.22% app/server/server.go
10
86.65
 0.28% app/store/db.go
24
60.0
 -4.44% app/main.go
28
87.44
 app/server/audit.go
28
81.7
 app/store/audit.go

Uncovered Existing Lines

Lines Coverage File
1
66.67
 0.39% app/store/cached.go
Jobs
ID Job ID Ran Files Coverage
1 20632463775.1 26
83.74
 GitHub Action Run
Source Files on build 20632463775