-
Notifications
You must be signed in to change notification settings - Fork 81
/
audit.go
109 lines (98 loc) · 3.12 KB
/
audit.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
// Copyright 2022 The kubegems.io Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package dump
import (
"encoding/csv"
"os"
"path"
"strconv"
"time"
"kubegems.io/kubegems/pkg/log"
"kubegems.io/kubegems/pkg/service/models"
"kubegems.io/kubegems/pkg/utils"
)
func (d *Dump) ExportAuditlogs(destDir string, dur time.Duration) {
now := time.Now()
endTime := now.Add(-1 * dur)
log.Infof("exporting auditlogs before %s", endTime.String())
dirPath := path.Join(destDir, "audit")
if _, err := os.Stat(dirPath); os.IsNotExist(err) {
if err := os.MkdirAll(dirPath, 0777); err != nil {
log.Error(err, "create dir error")
return
}
}
// 使用截止当月作为文件名,保证同一月的数据写入同一个文件
year, mon, _ := endTime.Date()
file, err := getDumpFile(dirPath, "auditlogs", year, mon)
if err != nil {
log.Error(err, "get dump file error")
return
}
defer file.Close()
w := csv.NewWriter(file)
w.Write([]string{"id", "user_name", "tenant", "module", "action", "success", "raw_data", "labels", "client_ip", "name", "created_at", "updated_at", "deleted_at"})
count := 0
for {
// 避免AuditLog过多内存炸裂,每次导出100条
auditlogs := []models.AuditLog{}
if err = d.DB.DB().
Unscoped(). // 有delete_at 字段
Where("created_at < ?", endTime).
Order("created_at").
Limit(100).
Find(&auditlogs).Error; err != nil {
log.Error(err, "find auditlogs error")
return
}
if len(auditlogs) == 0 {
log.Info("export auditlogs to csv finished", "total", count)
return
}
// 写csv
data := make([][]string, len(auditlogs))
ids := make([]uint, len(auditlogs))
for i := range auditlogs {
data[i] = []string{
strconv.Itoa(int(auditlogs[i].ID)),
auditlogs[i].Username,
auditlogs[i].Tenant,
auditlogs[i].Module,
auditlogs[i].Action,
utils.BoolToString(auditlogs[i].Success),
auditlogs[i].RawData.String(),
auditlogs[i].Labels.String(),
auditlogs[i].ClientIP,
auditlogs[i].Name,
auditlogs[i].CreatedAt.Format("2006-01-02 15:04:05.000"), // mysql datetime 格式
auditlogs[i].UpdatedAt.Format("2006-01-02 15:04:05.000"), // mysql datetime 格式
auditlogs[i].DeletedAt.Time.Format("2006-01-02 15:04:05.000"), // mysql datetime 格式
}
ids[i] = auditlogs[i].ID
}
if err := w.WriteAll(data); err != nil {
log.Error(err, "write auditlogs to csv")
return
}
// 删除数据
if err := d.DB.DB().
Unscoped(). // 有delete_at 字段,永久删除
Where("id in ?", ids).
Delete(&models.AuditLog{}).Error; err != nil {
log.Error(err, "delete auditlogs")
return
}
count += len(auditlogs)
}
}