Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Auditor #3577

Merged
merged 6 commits into from May 2, 2019

Conversation

@loghen41
Copy link
Contributor

loghen41 commented Mar 22, 2019

This is a single commit comprising all of the auditor changes from my very very broken PR made earlier.

Logan Hendricks
Signed-off-by: Logan Hendricks <llhendricks@verisk.com>
@loghen41 loghen41 force-pushed the loghen41:auditor branch from 2300d91 to 5f3bbbd Mar 22, 2019
@marco-m

This comment has been minimized.

Copy link
Contributor

marco-m commented Mar 23, 2019

hello, what is the context ? Is there an issue that explains this ?

@loghen41

This comment has been minimized.

Copy link
Contributor Author

loghen41 commented Mar 23, 2019

@marco-m I apologize, I was working on a pull request for an auditing process that was being reviewed by @pivotal-jwinters . However, I had corrupted my git history on the original pull Request, and needed to open a new Pull request. This one has a fixed git history now

atc/api/accessor/handler.go Outdated Show resolved Hide resolved
atc/api/accessor/handler_test.go Outdated Show resolved Hide resolved
atc/auditor/auditor.go Outdated Show resolved Hide resolved
Logan Hendricks and others added 2 commits Mar 28, 2019
Logan Hendricks
update Audit method name
set ValidateAction to private method to auditor struct

Signed-off-by: Logan Hendricks <llhendricks@verisk.com>
Logan Hendricks
Signed-off-by: Logan Hendricks <llhendricks88@gmail.com>
atc/api/cli_test.go Outdated Show resolved Hide resolved
Copy link
Contributor

pivotal-jwinters left a comment

This looks great!

Thanks for taking the time to make all the changes!

/cc @vito

@loghen41

This comment has been minimized.

Copy link
Contributor Author

loghen41 commented Apr 12, 2019

My pleasure,

thanks for taking the time to go through a bazillion iterations with me :)

Signed-off-by: Logan Hendricks <llhendricks88@gmail.com>
@loghen41

This comment has been minimized.

Copy link
Contributor Author

loghen41 commented Apr 12, 2019

@pivotal-jwinters It looks like it failed on the watsj process, but from what I can review of the test, it doesn't appear to relate to what I was working on.

Let me know what you need me to do on my end.

@pivotal-jwinters

This comment has been minimized.

Copy link
Contributor

pivotal-jwinters commented Apr 12, 2019

Yeah probably just flakiness, I re-triggered the job.

Copy link
Contributor

pivotal-jwinters left a comment

👍

@vito

This comment has been minimized.

Copy link
Member

vito commented Apr 12, 2019

Just a heads-up that we're on the verge of shipping 5.1 (probably Monday) so I'm going to hold off merging to avoid piling-on. I'll take a look shortly after!

@loghen41

This comment has been minimized.

Copy link
Contributor Author

loghen41 commented Apr 12, 2019

@vito That's totally fine. Let me know after your review if there's anything you need me to update as well.

@loghen41

This comment has been minimized.

Copy link
Contributor Author

loghen41 commented Apr 29, 2019

@vito I assume you folks have been swamped on your end. Let me know if there is anything on my end I can do to assist.

@vito

This comment has been minimized.

Copy link
Member

vito commented May 2, 2019

@loghen41 Went on vacation for a bit, back now! I'll review this today and try to get it in for 5.2. 🙂

@vito vito added this to the v5.2.0 milestone May 2, 2019
@loghen41

This comment has been minimized.

Copy link
Contributor Author

loghen41 commented May 2, 2019

@vito all good! I hope it was a good vacation. Let me know if there is anything that needs tweaking, or anything I can do to assist on my end.

Copy link
Member

vito left a comment

Tried it out locally, looks good! 👍 I only have a couple minor tweaks to suggest.

atc/auditor/auditor.go Outdated Show resolved Hide resolved
docker-compose.yml Outdated Show resolved Hide resolved
Logan Hendricks
updated docker-compose defaults
changed audit message from command to action

Signed-off-by: Logan Hendricks <llhendricks88@gmail.com>
@vito
vito approved these changes May 2, 2019
Copy link
Member

vito left a comment

Thanks! 👍

@vito vito merged commit 7b846ee into concourse:master May 2, 2019
5 checks passed
5 checks passed
DCO DCO
Details
WIP Ready for review
Details
concourse-ci/testflight Concourse CI build success
Details
concourse-ci/unit Concourse CI build success
Details
concourse-ci/watsjs Concourse CI build success
Details
cirocosta added a commit to concourse/charts that referenced this pull request May 4, 2019
With the introduction of auditing capabilities (see Auditor#3577 [1]),
it's now possible to configure in a per-subsystem basis which API
requests an installation should audit.

This commit adds the necessary support for such flags.

[1]: concourse/concourse#3577

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
cirocosta added a commit to concourse/charts that referenced this pull request May 4, 2019
With the introduction of auditing capabilities (see Auditor#3577 [1]),
it's now possible to configure in a per-subsystem basis which API
requests an installation should audit.

This commit adds the necessary support for such flags.

[1]: concourse/concourse#3577

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
@cirocosta cirocosta mentioned this pull request May 14, 2019
3 of 3 tasks complete
cirocosta added a commit to concourse/charts that referenced this pull request May 15, 2019
With the introduction of auditing capabilities (see Auditor#3577 [1]),
it's now possible to configure in a per-subsystem basis which API
requests an installation should audit.

This commit adds the necessary support for such flags.

[1]: concourse/concourse#3577

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
cirocosta added a commit to concourse/charts that referenced this pull request May 20, 2019
* [stable/concourse] Update flags for next Concourse release

- Adds `CONCOURSE_CLUSTER_NAME` (concourse.web.clusterName)
  - https://github.com/concourse/concourse/pull/3736<Paste>

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>

* [stable/concourse] add generic secret configurations

With the introduction generic caching, we no longer need the
vault-specific cacheing flags, while at the same time, having the need
of providing new ones (generic).

concourse/concourse#3628

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>

* [stable/concourse] add auditing flags

With the introduction of auditing capabilities (see Auditor#3577 [1]),
it's now possible to configure in a per-subsystem basis which API
requests an installation should audit.

This commit adds the necessary support for such flags.

[1]: concourse/concourse#3577

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>

* [stable/concourse] update image version to 5.2.0

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
Co-authored-by: Krishna Mannem <kmannem@pivotal.io>

* [stable/concourse] Add time based build log retention flags

concourse/concourse#3560

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
Co-authored-by: Krishna Mannem <kmannem@pivotal.io>

* [stable/concourse] add support for externalGardenUrl

With the addition of `external-garden-url` to the `concourse worker`
command, one is now able to reference a non-embedded garden server to be
used as the target for container creation.

concourse/concourse#3806

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
amine7536 added a commit to amine7536/charts that referenced this pull request May 21, 2019
* [stable/concourse] Update flags for next Concourse release

- Adds `CONCOURSE_CLUSTER_NAME` (concourse.web.clusterName)
  - https://github.com/concourse/concourse/pull/3736<Paste>

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>

* [stable/concourse] add generic secret configurations

With the introduction generic caching, we no longer need the
vault-specific cacheing flags, while at the same time, having the need
of providing new ones (generic).

concourse/concourse#3628

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>

* [stable/concourse] add auditing flags

With the introduction of auditing capabilities (see Auditor#3577 [1]),
it's now possible to configure in a per-subsystem basis which API
requests an installation should audit.

This commit adds the necessary support for such flags.

[1]: concourse/concourse#3577

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>

* [stable/concourse] update image version to 5.2.0

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
Co-authored-by: Krishna Mannem <kmannem@pivotal.io>

* [stable/concourse] Add time based build log retention flags

concourse/concourse#3560

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
Co-authored-by: Krishna Mannem <kmannem@pivotal.io>

* [stable/concourse] add support for externalGardenUrl

With the addition of `external-garden-url` to the `concourse worker`
command, one is now able to reference a non-embedded garden server to be
used as the target for container creation.

concourse/concourse#3806

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
eyenx added a commit to eyenx/charts that referenced this pull request May 28, 2019
* [stable/concourse] Update flags for next Concourse release

- Adds `CONCOURSE_CLUSTER_NAME` (concourse.web.clusterName)
  - https://github.com/concourse/concourse/pull/3736<Paste>

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>

* [stable/concourse] add generic secret configurations

With the introduction generic caching, we no longer need the
vault-specific cacheing flags, while at the same time, having the need
of providing new ones (generic).

concourse/concourse#3628

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>

* [stable/concourse] add auditing flags

With the introduction of auditing capabilities (see Auditor#3577 [1]),
it's now possible to configure in a per-subsystem basis which API
requests an installation should audit.

This commit adds the necessary support for such flags.

[1]: concourse/concourse#3577

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>

* [stable/concourse] update image version to 5.2.0

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
Co-authored-by: Krishna Mannem <kmannem@pivotal.io>

* [stable/concourse] Add time based build log retention flags

concourse/concourse#3560

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
Co-authored-by: Krishna Mannem <kmannem@pivotal.io>

* [stable/concourse] add support for externalGardenUrl

With the addition of `external-garden-url` to the `concourse worker`
command, one is now able to reference a non-embedded garden server to be
used as the target for container creation.

concourse/concourse#3806

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
runningman84 added a commit to runningman84/charts that referenced this pull request Jun 4, 2019
* [stable/concourse] Update flags for next Concourse release

- Adds `CONCOURSE_CLUSTER_NAME` (concourse.web.clusterName)
  - https://github.com/concourse/concourse/pull/3736<Paste>

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>

* [stable/concourse] add generic secret configurations

With the introduction generic caching, we no longer need the
vault-specific cacheing flags, while at the same time, having the need
of providing new ones (generic).

concourse/concourse#3628

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>

* [stable/concourse] add auditing flags

With the introduction of auditing capabilities (see Auditor#3577 [1]),
it's now possible to configure in a per-subsystem basis which API
requests an installation should audit.

This commit adds the necessary support for such flags.

[1]: concourse/concourse#3577

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>

* [stable/concourse] update image version to 5.2.0

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
Co-authored-by: Krishna Mannem <kmannem@pivotal.io>

* [stable/concourse] Add time based build log retention flags

concourse/concourse#3560

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
Co-authored-by: Krishna Mannem <kmannem@pivotal.io>

* [stable/concourse] add support for externalGardenUrl

With the addition of `external-garden-url` to the `concourse worker`
command, one is now able to reference a non-embedded garden server to be
used as the target for container creation.

concourse/concourse#3806

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
Signed-off-by: Philipp Hellmich <phil@hellmi.de>
rainest added a commit to rainest/charts that referenced this pull request Jun 4, 2019
* [stable/concourse] Update flags for next Concourse release

- Adds `CONCOURSE_CLUSTER_NAME` (concourse.web.clusterName)
  - https://github.com/concourse/concourse/pull/3736<Paste>

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>

* [stable/concourse] add generic secret configurations

With the introduction generic caching, we no longer need the
vault-specific cacheing flags, while at the same time, having the need
of providing new ones (generic).

concourse/concourse#3628

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>

* [stable/concourse] add auditing flags

With the introduction of auditing capabilities (see Auditor#3577 [1]),
it's now possible to configure in a per-subsystem basis which API
requests an installation should audit.

This commit adds the necessary support for such flags.

[1]: concourse/concourse#3577

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>

* [stable/concourse] update image version to 5.2.0

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
Co-authored-by: Krishna Mannem <kmannem@pivotal.io>

* [stable/concourse] Add time based build log retention flags

concourse/concourse#3560

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
Co-authored-by: Krishna Mannem <kmannem@pivotal.io>

* [stable/concourse] add support for externalGardenUrl

With the addition of `external-garden-url` to the `concourse worker`
command, one is now able to reference a non-embedded garden server to be
used as the target for container creation.

concourse/concourse#3806

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
xlucas added a commit to xlucas/charts that referenced this pull request Jun 12, 2019
* [stable/concourse] Update flags for next Concourse release

- Adds `CONCOURSE_CLUSTER_NAME` (concourse.web.clusterName)
  - https://github.com/concourse/concourse/pull/3736<Paste>

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>

* [stable/concourse] add generic secret configurations

With the introduction generic caching, we no longer need the
vault-specific cacheing flags, while at the same time, having the need
of providing new ones (generic).

concourse/concourse#3628

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>

* [stable/concourse] add auditing flags

With the introduction of auditing capabilities (see Auditor#3577 [1]),
it's now possible to configure in a per-subsystem basis which API
requests an installation should audit.

This commit adds the necessary support for such flags.

[1]: concourse/concourse#3577

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>

* [stable/concourse] update image version to 5.2.0

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
Co-authored-by: Krishna Mannem <kmannem@pivotal.io>

* [stable/concourse] Add time based build log retention flags

concourse/concourse#3560

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
Co-authored-by: Krishna Mannem <kmannem@pivotal.io>

* [stable/concourse] add support for externalGardenUrl

With the addition of `external-garden-url` to the `concourse worker`
command, one is now able to reference a non-embedded garden server to be
used as the target for container creation.

concourse/concourse#3806

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
taylorsilva pushed a commit to taylorsilva/concourse-helm that referenced this pull request Oct 2, 2019
* [stable/concourse] Update flags for next Concourse release

- Adds `CONCOURSE_CLUSTER_NAME` (concourse.web.clusterName)
  - https://github.com/concourse/concourse/pull/3736<Paste>

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>

* [stable/concourse] add generic secret configurations

With the introduction generic caching, we no longer need the
vault-specific cacheing flags, while at the same time, having the need
of providing new ones (generic).

concourse/concourse#3628

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>

* [stable/concourse] add auditing flags

With the introduction of auditing capabilities (see Auditor#3577 [1]),
it's now possible to configure in a per-subsystem basis which API
requests an installation should audit.

This commit adds the necessary support for such flags.

[1]: concourse/concourse#3577

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>

* [stable/concourse] update image version to 5.2.0

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
Co-authored-by: Krishna Mannem <kmannem@pivotal.io>

* [stable/concourse] Add time based build log retention flags

concourse/concourse#3560

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
Co-authored-by: Krishna Mannem <kmannem@pivotal.io>

* [stable/concourse] add support for externalGardenUrl

With the addition of `external-garden-url` to the `concourse worker`
command, one is now able to reference a non-embedded garden server to be
used as the target for container creation.

concourse/concourse#3806

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
5 participants
You can’t perform that action at this time.