jordan/rdev
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
e81055d27b
rdev/internal/db/migrations/004_audit_log.sql
jordan 72d16929ca feat: Implement hexagonal architecture with services, webhooks, queue, and telemetry 
Major refactoring to hexagonal (ports & adapters) architecture:

- Add service layer (apikey_service, project_service) for business logic
- Add webhook system with dispatcher and delivery tracking
- Add command queue with priority-based processing
- Add rate limiting with sliding window algorithm
- Add audit logging for command execution
- Add OpenTelemetry integration (traces, metrics, spans)
- Add circuit breaker for fault tolerance
- Add cached repository wrapper for performance
- Add comprehensive validation package
- Add Kubernetes client integration for pod management
- Add database migrations (allowed_ips, audit_log, rate_limiting, queue, webhooks)
- Add network policy and PodDisruptionBudget for k8s
- Remove legacy executor and projects/registry packages
- Untrack secrets.yaml (now managed via envault)
- Add coverage.out to .gitignore
- Add e2e test infrastructure with docker-compose
- Add comprehensive documentation (API, architecture, operations, plans)
- Add golangci-lint config and pre-commit hook

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-25 19:57:46 -07:00

41 lines
1.9 KiB
SQL
Raw Blame History

-- Audit log table for tracking command execution history
CREATE TABLE IF NOT EXISTS audit_log (
id TEXT PRIMARY KEY,
api_key_id TEXT NOT NULL,
command_id TEXT NOT NULL,
project_id TEXT NOT NULL,
command_type TEXT NOT NULL,
args TEXT,
client_ip TEXT,
user_agent TEXT,
started_at TIMESTAMPTZ NOT NULL,
completed_at TIMESTAMPTZ,
exit_code INTEGER,
duration_ms INTEGER,
status TEXT DEFAULT 'running',
error_message TEXT,
output_size_bytes INTEGER DEFAULT 0,
created_at TIMESTAMPTZ DEFAULT NOW()
);
-- Index for querying by API key (e.g., "show me all commands from this key")
CREATE INDEX IF NOT EXISTS idx_audit_api_key ON audit_log(api_key_id, created_at DESC);
-- Index for querying by project (e.g., "show me all commands for this project")
CREATE INDEX IF NOT EXISTS idx_audit_project ON audit_log(project_id, created_at DESC);
-- Index for looking up by command ID (for updating completion status)
CREATE INDEX IF NOT EXISTS idx_audit_command ON audit_log(command_id);
-- Index for filtering by status
CREATE INDEX IF NOT EXISTS idx_audit_status ON audit_log(status, created_at DESC);
COMMENT ON TABLE audit_log IS 'Persistent audit log for all command executions';
COMMENT ON COLUMN audit_log.api_key_id IS 'ID of the API key that initiated the command';
COMMENT ON COLUMN audit_log.command_id IS 'Unique identifier for the command execution';
COMMENT ON COLUMN audit_log.project_id IS 'Project/pod where command was executed';
COMMENT ON COLUMN audit_log.command_type IS 'Type: claude, shell, or git';
COMMENT ON COLUMN audit_log.args IS 'JSON-encoded command arguments';
COMMENT ON COLUMN audit_log.status IS 'running, success, error, or cancelled';
COMMENT ON COLUMN audit_log.output_size_bytes IS 'Total size of command output in bytes';
Reference in New Issue View Git Blame Copy Permalink