feat: add audit logging database schema (#1225)

coderd/database/migrations/000010_audit_logs.down.sql

@@ -0,0 +1,3 @@
+DROP TABLE audit_logs;
+DROP TYPE audit_action;
+DROP TYPE resource_type;

coderd/database/migrations/000010_audit_logs.up.sql

@@ -0,0 +1,37 @@
+CREATE TYPE resource_type AS ENUM (
+    'organization',
+    'template',
+    'template_version',
+    'user',
+    'workspace'
+);
+
+CREATE TYPE audit_action AS ENUM (
+    'create',
+    -- We intentionally do not track reads. They're way too spammy.
+    'write',
+    'delete'
+);
+
+CREATE TABLE audit_logs (
+    id uuid NOT NULL,
+    "time" timestamp with time zone NOT NULL,
+    user_id uuid NOT NULL,
+    organization_id uuid NOT NULL,
+    ip cidr NOT NULL,
+    user_agent varchar(256) NOT NULL,
+    resource_type resource_type NOT NULL,
+    resource_id uuid NOT NULL,
+    -- resource_target is the name of the resource that `resource_id` points to.
+    -- it's stored here because resources we point to can be deleted.
+    resource_target text NOT NULL,
+    action audit_action NOT NULL,
+    diff jsonb NOT NULL,
+    status_code integer NOT NULL,
+    PRIMARY KEY (id)
+);
+
+CREATE INDEX idx_audit_logs_time_desc ON audit_logs USING btree ("time" DESC);
+CREATE INDEX idx_audit_log_user_id ON audit_logs USING btree (user_id);
+CREATE INDEX idx_audit_log_organization_id ON audit_logs USING btree (organization_id);
+CREATE INDEX idx_audit_log_resource_id ON audit_logs USING btree (resource_id);