fix(pgaudit): support pgaudit.log_rowsoption

[phisco]

Fixes #4386.

Turns out that with pgaudit.log_rows enabled an additional field is appended at the end of the CSV row.

In order to properly handle audit logs with log_rows enabled and switching it on and off I've extended the CSVRecordReadWriter to be able to handle more than one possible length and switching between them seamlessly. And added to PgAuditRecord the Rows field.

So now the following Cluster:

apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
  name: cluster-example
spec:
  instances: 3
  postgresql:
    parameters:
      pgaudit.log: "READ, WRITE, FUNCTION, DDL, ROLE"
      pgaudit.log_catalog: "off"
      pgaudit.log_parameter: "on"
      pgaudit.log_relation: "on"
      pgaudit.log_statement: "on"

      pgaudit.log_rows: "on"

  storage:
    size: 1Gi

Properly results in the following log:

{
	"level": "info",
	"ts": "2024-04-28T11:07:05Z",
	"logger": "pgaudit",
	"msg": "record",
	"logging_pod": "cluster-example-2",
	"record": {
		"log_time": "2024-04-28 11:07:05.168 UTC",
		"user_name": "postgres",
		"database_name": "postgres",
		"process_id": "78",
		"connection_from": "[local]",
		"session_id": "662e2dd9.4e",
		"session_line_num": "1",
		"command_tag": "SELECT",
		"session_start_time": "2024-04-28 11:07:05 UTC",
		"virtual_transaction_id": "2/6",
		"transaction_id": "0",
		"error_severity": "LOG",
		"sql_state_code": "00000",
		"application_name": "cnpg-instance-manager",
		"backend_type": "client backend",
		"query_id": "0",
		"audit": {
			"audit_type": "SESSION",
			"statement_id": "1",
			"substatement_id": "1",
			"class": "READ",
			"command": "SELECT",
			"statement": "SELECT (SELECT timeline_id FROM pg_control_checkpoint()), COALESCE(pg_last_wal_receive_lsn()::varchar, ''), COALESCE(pg_last_wal_replay_lsn()::varchar, ''), pg_is_wal_replay_paused()",
			"parameter": "<none>",
			"rows": "1"
		}
	}
}

And switching to pgaudit.log_rows: "off" results in still logs being parsed correctly:

{
	"level": "info",
	"ts": "2024-04-28T12:02:06Z",
	"logger": "pgaudit",
	"msg": "record",
	"logging_pod": "cluster-example-3",
	"record": {
		"log_time": "2024-04-28 12:02:06.189 UTC",
		"user_name": "postgres",
		"database_name": "postgres",
		"process_id": "436",
		"connection_from": "[local]",
		"session_id": "662e3abe.1b4",
		"session_line_num": "1",
		"command_tag": "BIND",
		"session_start_time": "2024-04-28 12:02:06 UTC",
		"virtual_transaction_id": "2/530",
		"transaction_id": "0",
		"error_severity": "LOG",
		"sql_state_code": "00000",
		"application_name": "cnpg-instance-manager",
		"backend_type": "client backend",
		"query_id": "0",
		"audit": {
			"audit_type": "SESSION",
			"statement_id": "1",
			"substatement_id": "1",
			"class": "READ",
			"command": "SELECT",
			"statement": "SELECT (SELECT timeline_id FROM pg_control_checkpoint()), COALESCE(pg_last_wal_receive_lsn()::varchar, ''), COALESCE(pg_last_wal_replay_lsn()::varchar, ''), pg_is_wal_replay_paused()",
			"parameter": "<none>"
		}
	}
}

[github-actions]

❗ By default, the pull request is configured to backport to all release branches.

• To stop backporting this pr, remove the label: backport-requested ◀️ or add the label 'do not backport'
• To stop backporting this pr to a certain release branch, remove the specific branch label: release-x.y

[gbartolini]

/test

[github-actions]

@gbartolini, here's the link to the E2E on CNPG workflow run: https://github.com/cloudnative-pg/cloudnative-pg/actions/runs/9473112733

[mnencia]

I propose the following commit message:

This path ensures that the additional `rows` field recorded when
the `pgaudit.log_rows` option is enabled is correctly parsed. 

Previously, the presence of that field resulted in audit logs ending up
in the normal log stream. 

Closes #4386

[phisco]

@mnencia sounds good to me!

[gbartolini]

I agree this is a bug