Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix audit log reporting for source events and commands #1022

Merged
merged 5 commits into from
Mar 27, 2023
Merged

Fix audit log reporting for source events and commands #1022

merged 5 commits into from
Mar 27, 2023

Conversation

pkosiec
Copy link
Collaborator

@pkosiec pkosiec commented Mar 23, 2023
edited
Loading

Description

This PR contains various bug fixes and improvements for audit reporting.

Changes proposed in this pull request:

Source event reporting:

  • Do not report audit events multiple times
  • Send source display name for event reporting

Command reporting:

  • Do not send bot platform when it is unknown (for Actions)
  • Include username for command execution
  • Fix channel reporting (instead of communication group, report actual channel)
  • Fix plugin names reporting (e.g. edit for edit sourcebindings, kubectl for executors, botkube/kubernetes for sources)

Others

  • Do not query Mattermost user + team each time a user executes a command
  • Fix panics in edge cases (e.g. config endpoint not provided)
  • Fix bot response when editing sourcebindings
  • Fix invalid logging of deployment ID for heartbeat and status reporters

Testing

See other related PRs for testing instructions.

@pkosiec pkosiec added the bug Something isn't working label Mar 23, 2023
@pkosiec pkosiec added this to the v0.19.0 milestone Mar 23, 2023
@github-advanced-security
Copy link

You have successfully added a new Trivy configuration .github/workflows/vulnerability-scan.yml:scan-repo. As part of the setup process, we have scanned this repository and found 2 existing alerts. Please check the repository Security tab to see all alerts.

@pkosiec pkosiec force-pushed the update-audit-reporting branch 2 times, most recently from c2e4fbd to 65b24ec Compare March 24, 2023 15:29
@pkosiec pkosiec force-pushed the update-audit-reporting branch from 65b24ec to f9980f3 Compare March 24, 2023 16:45
@pkosiec pkosiec marked this pull request as ready for review March 24, 2023 16:48
@pkosiec pkosiec requested a review from a team March 24, 2023 16:48
@pkosiec pkosiec requested a review from PrasadG193 as a code owner March 24, 2023 16:48
@pkosiec pkosiec requested a review from huseyinbabal March 24, 2023 16:49
@pkosiec pkosiec force-pushed the update-audit-reporting branch from f9980f3 to 6afd6a0 Compare March 24, 2023 16:57
@pkosiec pkosiec force-pushed the update-audit-reporting branch from c958fd2 to 46c64f0 Compare March 27, 2023 10:31
huseyinbabal
huseyinbabal reviewed Mar 27, 2023
View reviewed changes
internal/source/dispatcher.go
if reportErr != nil {
d.log.Error(err)
}
}(n)
}

if err := d.reportAuditEvent(ctx, pluginName, event.RawObject, dispatch.sourceName, dispatch.sourceDisplayName); err != nil {
d.log.Errorf("while reporting audit event for source %q: %s", dispatch.sourceName, err.Error())
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what about d.log.Errorf("while reporting audit event for source %q: %w", dispatch.sourceName, err)? To not lose error details.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is logging, so actually we'll still print just error message. When using %w, we still have just an error message, but wrapped in a bit odd format: https://go.dev/play/p/nDVTk9L-VPl

So %s for logging is more readable, and it is used in all over the places 🤔 To get all the stacktrace etc. we'd need to use %v, but that would make our logs hard to read 😞

@pkosiec pkosiec mentioned this pull request Mar 27, 2023
Merged
huseyinbabal
huseyinbabal approved these changes Mar 27, 2023
View reviewed changes
Copy link
Contributor

@huseyinbabal huseyinbabal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It works great 🚀 Added minor comments, feel free to ignore them if I miss something :)

@pkosiec pkosiec force-pushed the update-audit-reporting branch from 8bfe26e to d6d19f7 Compare March 27, 2023 13:23
@pkosiec pkosiec merged commit a4072b1 into kubeshop:main Mar 27, 2023
@pkosiec pkosiec deleted the update-audit-reporting branch March 27, 2023 14:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@huseyinbabal huseyinbabal huseyinbabal approved these changes

@PrasadG193 PrasadG193 Awaiting requested review from PrasadG193 PrasadG193 is a code owner

Assignees
No one assigned
Labels
bug Something isn't working
Projects
Botkube
Status: Done
Milestone
v0.19.0
Development

Successfully merging this pull request may close these issues.
2 participants
@pkosiec @huseyinbabal