Add audit events for Apps#show_env and Revisions#show_environment_variables

[tlwr]

A short explanation of the proposed change:

Add two audit events:

• audit.app.show-env
• audit.app.revision.show-environment-variables

Environment variables frequently contain sensitive information, and so we should audit access, even when viewing.

An explanation of the use cases your change solves

As a security analyst,
I want to audit when developers access environment variables,
so that I can hold them to account

As an operator,
I want to record access to environment variables,
so my users can hold me to account

• I have reviewed the contributing guide

• I have viewed, signed, and submitted the Contributor License Agreement

• I have made this pull request to the master branch

• I have run all the unit tests using bundle exec rake

• I have run CF Acceptance Tests

[cf-gitbot]

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/174330630

The labels on this github issue will be updated when the story is started.

[Gerg]

Hey @tlwr,

From a high level, I think this makes sense and will be a valuable addition. What would you think about changing the types of the audit events to something like audit.app.environment_variables.show and audit.revisions.environment_variables.show. I think this will be more in line with existing naming conventions.

Also, I suspect you may have overlooked the GET /v3/apps/:guid/environment_variables endpoint, which can also be used to view environment variables.

Thanks,
Greg

[tlwr]

All sensible points, thanks especially for pointing out GET /v3/apps/:guid/environment_variables I shall make the changes

[tlwr]

I've fixed up the PR so that the following audit events are generated:

1. audit.app.environment.show
2. audit.app.environment_variables.show
3. audit.app.revision.environment_variables.show

where the difference between 1. and 2. is that 1. includes VCAP_SERVICES and 2. does not - the audit event reflects this