feat: add audit logging database schema (#1225)

2025-07-15 22:20:27 +00:00 · 2022-05-02 14:30:46 -05:00
parent e4e60256ac
commit 81bef1c83e
11 changed files with 458 additions and 84 deletions
--- a/coderd/database/dump.sql
+++ b/coderd/database/dump.sql
@ -1,5 +1,11 @@
 -- Code generated by 'make coderd/database/generate'. DO NOT EDIT.

+CREATE TYPE audit_action AS ENUM (
+    'create',
+    'write',
+    'delete'
+);
+
 CREATE TYPE log_level AS ENUM (
    'trace',
    'debug',
@ -56,6 +62,14 @@ CREATE TYPE provisioner_type AS ENUM (
    'terraform'
 );

+CREATE TYPE resource_type AS ENUM (
+    'organization',
+    'template',
+    'template_version',
+    'user',
+    'workspace'
+);
+
 CREATE TYPE user_status AS ENUM (
    'active',
    'suspended'
@ -82,6 +96,21 @@ CREATE TABLE api_keys (
    oauth_expiry timestamp with time zone DEFAULT '0001-01-01 00:00:00+00'::timestamp with time zone NOT NULL
 );

+CREATE TABLE audit_logs (
+    id uuid NOT NULL,
+    "time" timestamp with time zone NOT NULL,
+    user_id uuid NOT NULL,
+    organization_id uuid NOT NULL,
+    ip cidr NOT NULL,
+    user_agent character varying(256) NOT NULL,
+    resource_type resource_type NOT NULL,
+    resource_id uuid NOT NULL,
+    resource_target text NOT NULL,
+    action audit_action NOT NULL,
+    diff jsonb NOT NULL,
+    status_code integer NOT NULL
+);
+
 CREATE TABLE files (
    hash character varying(64) NOT NULL,
    created_at timestamp with time zone NOT NULL,
@ -293,6 +322,9 @@ ALTER TABLE ONLY licenses ALTER COLUMN id SET DEFAULT nextval('public.licenses_i
 ALTER TABLE ONLY api_keys
    ADD CONSTRAINT api_keys_pkey PRIMARY KEY (id);

+ALTER TABLE ONLY audit_logs
+    ADD CONSTRAINT audit_logs_pkey PRIMARY KEY (id);
+
 ALTER TABLE ONLY files
    ADD CONSTRAINT files_pkey PRIMARY KEY (hash);

@ -367,6 +399,14 @@ ALTER TABLE ONLY workspaces

 CREATE INDEX idx_api_keys_user ON api_keys USING btree (user_id);

+CREATE INDEX idx_audit_log_organization_id ON audit_logs USING btree (organization_id);
+
+CREATE INDEX idx_audit_log_resource_id ON audit_logs USING btree (resource_id);
+
+CREATE INDEX idx_audit_log_user_id ON audit_logs USING btree (user_id);
+
+CREATE INDEX idx_audit_logs_time_desc ON audit_logs USING btree ("time" DESC);
+
 CREATE INDEX idx_organization_member_organization_id_uuid ON organization_members USING btree (organization_id);

 CREATE INDEX idx_organization_member_user_id_uuid ON organization_members USING btree (user_id);