/
audit.go
165 lines (140 loc) · 5.4 KB
/
audit.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
package cmd
import (
"encoding/json"
"fmt"
"strings"
"time"
"github.com/fi-ts/cloud-go/api/client/audit"
"github.com/fi-ts/cloud-go/api/models"
"github.com/fi-ts/cloudctl/cmd/output"
"github.com/go-openapi/strfmt"
"github.com/spf13/cobra"
"github.com/spf13/viper"
)
func newAuditCmd(c *config) *cobra.Command {
auditCmd := &cobra.Command{
Use: "audit",
Short: "show audit traces of the api. feature must be enabled on server-side.",
Long: "show audit traces of the api. feature must be enabled on server-side.",
}
auditListCmd := &cobra.Command{
Use: "list",
Short: "list audit traces",
Aliases: []string{"ls"},
RunE: func(cmd *cobra.Command, args []string) error {
return c.auditList()
},
PreRun: bindPFlags,
}
auditDescribeCmd := &cobra.Command{
Use: "describe <rqid>",
Short: "describe an audit trace",
RunE: func(cmd *cobra.Command, args []string) error {
return c.auditDescribe(args)
},
PreRun: bindPFlags,
}
auditDescribeCmd.Flags().String("phase", "response", "phase of the audit trace. One of [request, response, single, error, opened, closed]")
auditDescribeCmd.Flags().Bool("prettify-body", false, "attempts to interpret the body as json and prettifies it")
must(auditDescribeCmd.RegisterFlagCompletionFunc("phase", c.comp.AuditPhaseCompletion))
auditListCmd.Flags().StringP("query", "q", "", "filters audit trace body payloads for the given text.")
auditListCmd.Flags().String("from", "1h", "start of range of the audit traces. e.g. 1h, 10m, 2006-01-02 15:04:05")
auditListCmd.Flags().String("to", "", "end of range of the audit traces. e.g. 1h, 10m, 2006-01-02 15:04:05")
auditListCmd.Flags().String("component", "", "component of the audit trace.")
auditListCmd.Flags().String("request-id", "", "request id of the audit trace.")
auditListCmd.Flags().String("type", "", "type of the audit trace. One of [http, grpc, event].")
auditListCmd.Flags().String("user", "", "user of the audit trace.")
auditListCmd.Flags().String("tenant", "", "tenant of the audit trace.")
auditListCmd.Flags().String("detail", "", "detail of the audit trace. An HTTP method, unary or stream")
auditListCmd.Flags().String("phase", "", "phase of the audit trace. One of [request, response, single, error, opened, closed]")
auditListCmd.Flags().String("path", "", "api path of the audit trace.")
auditListCmd.Flags().String("forwarded-for", "", "forwarded for of the audit trace.")
auditListCmd.Flags().String("remote-addr", "", "remote address of the audit trace.")
auditListCmd.Flags().String("error", "", "error of the audit trace.")
auditListCmd.Flags().Int32("status-code", 0, "HTTP status code of the audit trace.")
auditListCmd.Flags().Int64("limit", 100, "limit the number of audit traces.")
must(auditListCmd.RegisterFlagCompletionFunc("type", c.comp.AuditTypeCompletion))
must(auditListCmd.RegisterFlagCompletionFunc("phase", c.comp.AuditPhaseCompletion))
auditCmd.AddCommand(auditDescribeCmd)
auditCmd.AddCommand(auditListCmd)
return auditCmd
}
func (c *config) auditList() error {
fromDateTime, err := eventuallyRelativeDateTime(viper.GetString("from"))
if err != nil {
return err
}
toDateTime, err := eventuallyRelativeDateTime(viper.GetString("to"))
if err != nil {
return err
}
resp, err := c.cloud.Audit.FindAuditTraces(audit.NewFindAuditTracesParams().WithBody(&models.V1AuditFindRequest{
Body: viper.GetString("query"),
From: fromDateTime,
To: toDateTime,
Component: viper.GetString("component"),
Rqid: viper.GetString("request-id"),
Type: viper.GetString("type"),
User: viper.GetString("user"),
Tenant: viper.GetString("tenant"),
Detail: viper.GetString("detail"),
Phase: viper.GetString("phase"),
Path: viper.GetString("path"),
ForwardedFor: viper.GetString("forwarded-for"),
RemoteAddr: viper.GetString("remote-addr"),
Error: viper.GetString("error"),
StatusCode: viper.GetInt32("status-code"),
Limit: viper.GetInt64("limit"),
}), nil)
if err != nil {
return err
}
return output.New().Print(resp.Payload)
}
func (c *config) auditDescribe(args []string) error {
id, err := c.auditID("describe", args)
if err != nil {
return err
}
traces, err := c.cloud.Audit.FindAuditTraces(audit.NewFindAuditTracesParams().WithBody(&models.V1AuditFindRequest{
Rqid: id,
Phase: viper.GetString("phase"),
}), nil)
if err != nil {
return err
}
if len(traces.Payload) == 0 {
return fmt.Errorf("no audit trace found with request id %s", id)
}
trace := traces.Payload[0]
if viper.GetBool("prettify-body") {
trimmed := strings.Trim(trace.Body, `"`)
body := map[string]any{}
err = json.Unmarshal([]byte(trimmed), &body)
if err == nil {
if pretty, err := json.MarshalIndent(body, "", " "); err == nil {
trace.Body = string(pretty)
}
}
}
return output.New().Print(trace)
}
func eventuallyRelativeDateTime(s string) (strfmt.DateTime, error) {
if s == "" {
return strfmt.DateTime{}, nil
}
duration, err := strfmt.ParseDuration(s)
if err == nil {
return strfmt.DateTime(time.Now().Add(-duration)), nil
}
return strfmt.ParseDateTime(s)
}
func (c *config) auditID(verb string, args []string) (string, error) {
if len(args) == 0 {
return "", fmt.Errorf("audit %s requires projectID as argument", verb)
}
if len(args) == 1 {
return args[0], nil
}
return "", fmt.Errorf("audit %s requires exactly one projectID as argument", verb)
}