From 7081769016041ad87490eefbf879a32246fbaf53 Mon Sep 17 00:00:00 2001
From: Yaroslav Dynnikov <yaroslav.dynnikov@gmail.com>
Date: Wed, 3 Apr 2024 15:45:52 +0300
Subject: [PATCH] feat: add connect_local_db audit events

(cherry picked from commit 8593bc2f44c53464399c072804a7e1d7dfb3d15f)
---
 src/lib.rs             | 17 +++++++++++++++++
 src/traft/node.rs      |  1 +
 test/int/test_audit.py | 18 ++++++++++++++++++
 3 files changed, 36 insertions(+)

diff --git a/src/lib.rs b/src/lib.rs
index 1218f03bce..ab03f652fa 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -634,6 +634,14 @@ fn start_discover(
             raft_id: %raft_id,
             initiator: "admin",
         );
+        crate::audit!(
+            message: "local database connected on `{instance_id}`",
+            title: "connect_local_db",
+            severity: Low,
+            instance_id: %instance_id,
+            raft_id: %raft_id,
+            initiator: "admin",
+        );
         return Ok(());
     }
 
@@ -724,6 +732,15 @@ fn start_boot(config: &PicodataConfig) -> Result<(), Error> {
     .unwrap();
 
     postjoin(config, storage, raft_storage)?;
+    // In this case `create_local_db` is logged in postjoin
+    crate::audit!(
+        message: "local database connected on `{instance_id}`",
+        title: "connect_local_db",
+        severity: Low,
+        instance_id: %instance_id,
+        raft_id: %raft_id,
+        initiator: "admin",
+    );
 
     Ok(())
 }
diff --git a/src/traft/node.rs b/src/traft/node.rs
index c4e7e9ee26..02a4a30407 100644
--- a/src/traft/node.rs
+++ b/src/traft/node.rs
@@ -865,6 +865,7 @@ impl NodeImpl {
                 // * Or its raft id has changed, meaning it's no longer the same node.
                 // WARN: this condition will not pass on the joining instance
                 // as it preemptively puts itself into `_pico_instance` table.
+                // Locally it's logged in src/lib.rs.
                 if old.as_ref().map(|x| x.raft_id) != Some(new.raft_id) {
                     let instance_id = &new.instance_id;
                     crate::audit!(
diff --git a/test/int/test_audit.py b/test/int/test_audit.py
index 3c4fb3a324..c22b21797c 100644
--- a/test/int/test_audit.py
+++ b/test/int/test_audit.py
@@ -89,6 +89,18 @@ def test_startup(instance: Instance):
     assert event is not None
     assert event["initiator"] == "admin"
 
+    create_db = take_until_title(events, "create_local_db")
+    assert create_db is not None
+    assert create_db["initiator"] == "admin"
+    assert create_db["instance_id"] == "i1"
+    assert create_db["raft_id"] == "1"
+
+    event = take_until_title(events, "connect_local_db")
+    assert event is not None
+    assert event["initiator"] == "admin"
+    assert event["instance_id"] == "i1"
+    assert event["raft_id"] == "1"
+
 
 def test_integrity_violation(instance: Instance):
     # Instance was up for some time
@@ -139,6 +151,12 @@ def test_recover_database(instance: Instance):
     assert event["instance_id"] == "i1"
     assert event["raft_id"] == "1"
 
+    event = take_until_title(events, "connect_local_db")
+    assert event is not None
+    assert event["initiator"] == "admin"
+    assert event["instance_id"] == "i1"
+    assert event["raft_id"] == "1"
+
 
 def test_create_drop_table(instance: Instance):
     instance.start()
-- 
GitLab