jordan/rdev
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9833725f31
rdev/internal/domain/audit.go
jordan 72d16929ca feat: Implement hexagonal architecture with services, webhooks, queue, and telemetry 
Major refactoring to hexagonal (ports & adapters) architecture:

- Add service layer (apikey_service, project_service) for business logic
- Add webhook system with dispatcher and delivery tracking
- Add command queue with priority-based processing
- Add rate limiting with sliding window algorithm
- Add audit logging for command execution
- Add OpenTelemetry integration (traces, metrics, spans)
- Add circuit breaker for fault tolerance
- Add cached repository wrapper for performance
- Add comprehensive validation package
- Add Kubernetes client integration for pod management
- Add database migrations (allowed_ips, audit_log, rate_limiting, queue, webhooks)
- Add network policy and PodDisruptionBudget for k8s
- Remove legacy executor and projects/registry packages
- Untrack secrets.yaml (now managed via envault)
- Add coverage.out to .gitignore
- Add e2e test infrastructure with docker-compose
- Add comprehensive documentation (API, architecture, operations, plans)
- Add golangci-lint config and pre-commit hook

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-25 19:57:46 -07:00

89 lines
2.5 KiB
Go
Raw Blame History

package domain
import (
"time"
)
// AuditStatus represents the status of a command execution.
type AuditStatus string
const (
AuditStatusRunning AuditStatus = "running"
AuditStatusSuccess AuditStatus = "success"
AuditStatusError AuditStatus = "error"
AuditStatusCancelled AuditStatus = "cancelled"
)
// IsValid checks if the audit status is a valid value.
func (s AuditStatus) IsValid() bool {
switch s {
case AuditStatusRunning, AuditStatusSuccess, AuditStatusError, AuditStatusCancelled:
return true
}
return false
}
// AuditLogEntry represents a single audit log entry for command execution.
type AuditLogEntry struct {
ID string `json:"id"`
APIKeyID string `json:"api_key_id"`
CommandID string `json:"command_id"`
ProjectID string `json:"project_id"`
CommandType CommandType `json:"command_type"`
Args string `json:"args,omitempty"` // JSON-encoded args
ClientIP string `json:"client_ip,omitempty"`
UserAgent string `json:"user_agent,omitempty"`
StartedAt time.Time `json:"started_at"`
CompletedAt *time.Time `json:"completed_at,omitempty"`
ExitCode *int `json:"exit_code,omitempty"`
DurationMs *int64 `json:"duration_ms,omitempty"`
Status AuditStatus `json:"status"`
ErrorMessage string `json:"error_message,omitempty"`
OutputSizeBytes int64 `json:"output_size_bytes"`
CreatedAt time.Time `json:"created_at"`
}
// AuditResult contains the result of a completed command for audit logging.
type AuditResult struct {
ExitCode int
DurationMs int64
Status AuditStatus
ErrorMessage string
OutputSizeBytes int64
}
// AuditFilters defines the filters for querying audit logs.
type AuditFilters struct {
// ProjectID filters by project ID.
ProjectID string
// APIKeyID filters by API key ID.
APIKeyID string
// CommandType filters by command type (claude, shell, git).
CommandType CommandType
// Status filters by audit status.
Status AuditStatus
// StartTime filters entries created at or after this time.
StartTime *time.Time
// EndTime filters entries created before this time.
EndTime *time.Time
// Limit is the maximum number of entries to return.
Limit int
// Offset is the number of entries to skip (for pagination).
Offset int
}
// DefaultAuditFilters returns default filter values.
func DefaultAuditFilters() AuditFilters {
return AuditFilters{
Limit: 100,
Offset: 0,
}
}
Reference in New Issue View Git Blame Copy Permalink