Skip to content

feat: audit git ssh key regeneration#4544

Merged
coadler merged 5 commits into
mainfrom
colin/auditgitsshkey
Oct 14, 2022
Merged

feat: audit git ssh key regeneration#4544
coadler merged 5 commits into
mainfrom
colin/auditgitsshkey

Conversation

@coadler
Copy link
Copy Markdown
Contributor

@coadler coadler commented Oct 13, 2022

Updates #4541

@coadler coadler requested a review from Kira-Pilot October 13, 2022 21:26
@coadler coadler self-assigned this Oct 13, 2022
@Kira-Pilot
Copy link
Copy Markdown
Member

Kira-Pilot commented Oct 14, 2022

The resource name for this type of diff is quite long - a whole key.
You can see the string displayed on the FE below:
Screen Shot 2022-10-14 at 1 56 51 PM

Do you think we could get away with not displaying the resource name for audit logs of this type, i.e. amending the description field such that it returns "description": "{user} updated git ssh key" instead of "description": "{user} updated git ssh key {target}"?

@Kira-Pilot
Copy link
Copy Markdown
Member

Kira-Pilot commented Oct 14, 2022

Screen Shot 2022-10-14 at 2 03 34 PM

Since the private key diff value will be empty, can we omit this?

@Kira-Pilot
Copy link
Copy Markdown
Member

Kira-Pilot commented Oct 14, 2022

This is working great for the regenerateGitSSHKey handler as it is hit from the UI.

Is there any CLI command counterpart we need to worry about here?

If not, do you mind adjusting audit-logs.md so that we show support for GitSSHKey again?

@coadler
Copy link
Copy Markdown
Contributor Author

coadler commented Oct 14, 2022

The resource name for this type of diff is quite long - a whole key. You can see the string displayed on the FE below: Screen Shot 2022-10-14 at 1 56 51 PM

Do you think we could get away with not displaying the resource name for audit logs of this type, i.e. amending the description field such that it returns "description": "{user} updated git ssh key" instead of "description": "{user} updated git ssh key {target}"?

I think that's a good idea! I'll change that.

This is working great for the regenerateGitSSHKey handler as it is hit from the UI.

Is there any CLI command counterpart we need to worry about here?

If not, do you mind adjusting audit-logs.md so that we show support for GitSSHKey again?

CLI commands don't need to be updated, I'll add it back as well!

@coadler
Copy link
Copy Markdown
Contributor Author

coadler commented Oct 14, 2022

Screen Shot 2022-10-14 at 2 03 34 PM

Since the private key diff value will be empty, can we omit this?

The idea of secret values in diffs is so we can tell a value changed without leaking that value. Maybe we can get a better way to display secret values?

@coadler coadler merged commit 7ec88bf into main Oct 14, 2022
@coadler coadler deleted the colin/auditgitsshkey branch October 14, 2022 21:25
@github-actions github-actions Bot locked and limited conversation to collaborators Oct 14, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@Kira-Pilot Kira-Pilot Kira-Pilot approved these changes

Assignees

@coadler coadler

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@coadler @Kira-Pilot