updates to tidy up audit code (#24976)

* updates to tidy up audit code * updated error message in test
2025-10-29 17:52:32 +00:00 · 2024-01-22 13:55:15 +00:00
parent cfa37138b9
commit 2c3d0d8887
8 changed files with 24 additions and 41 deletions
--- a/audit/event.go
+++ b/audit/event.go
@@ -13,7 +13,7 @@ import (
 // for audit events. It will generate an ID if no ID is supplied. Supported
 // options: WithID, WithNow.
 func NewEvent(s subtype, opt ...Option) (*AuditEvent, error) {
-	const op = "audit.newEvent"
+	const op = "audit.NewEvent"

 	// Get the default options
 	opts, err := getOpts(opt...)
--- a/audit/event_test.go
+++ b/audit/event_test.go
@@ -29,21 +29,21 @@ func TestAuditEvent_new(t *testing.T) {
 			Subtype:              subtype(""),
 			Format:               format(""),
 			IsErrorExpected:      true,
-			ExpectedErrorMessage: "audit.newEvent: audit.(AuditEvent).validate: audit.(subtype).validate: '' is not a valid event subtype: invalid parameter",
+			ExpectedErrorMessage: "audit.NewEvent: audit.(AuditEvent).validate: audit.(subtype).validate: '' is not a valid event subtype: invalid parameter",
 		},
 		"empty-Option": {
 			Options:              []Option{},
 			Subtype:              subtype(""),
 			Format:               format(""),
 			IsErrorExpected:      true,
-			ExpectedErrorMessage: "audit.newEvent: audit.(AuditEvent).validate: audit.(subtype).validate: '' is not a valid event subtype: invalid parameter",
+			ExpectedErrorMessage: "audit.NewEvent: audit.(AuditEvent).validate: audit.(subtype).validate: '' is not a valid event subtype: invalid parameter",
 		},
 		"bad-id": {
 			Options:              []Option{WithID("")},
 			Subtype:              ResponseType,
 			Format:               JSONFormat,
 			IsErrorExpected:      true,
-			ExpectedErrorMessage: "audit.newEvent: error applying options: id cannot be empty",
+			ExpectedErrorMessage: "audit.NewEvent: error applying options: id cannot be empty",
 		},
 		"good": {
 			Options: []Option{
--- a/builtin/audit/file/backend.go
+++ b/builtin/audit/file/backend.go
@@ -36,7 +36,6 @@ type Backend struct {
 	name       string
 	nodeIDList []eventlogger.NodeID
 	nodeMap    map[eventlogger.NodeID]eventlogger.Node
-	filePath   string
 	salt       *atomic.Value
 	saltConfig *salt.Config
 	saltMutex  sync.RWMutex
@@ -89,7 +88,6 @@ func Factory(_ context.Context, conf *audit.BackendConfig, headersConfig audit.H

 	b := &Backend{
 		fallback:   fallback,
-		filePath:   filePath,
 		name:       conf.MountPath,
 		saltConfig: conf.SaltConfig,
 		saltView:   conf.SaltView,
--- a/builtin/audit/socket/backend.go
+++ b/builtin/audit/socket/backend.go
@@ -6,11 +6,9 @@ package socket
 import (
 	"context"
 	"fmt"
-	"net"
 	"strconv"
 	"strings"
 	"sync"
-	"time"

 	"github.com/hashicorp/eventlogger"
 	"github.com/hashicorp/go-secure-stdlib/parseutil"
@@ -24,19 +22,14 @@ var _ audit.Backend = (*Backend)(nil)

 // Backend is the audit backend for the socket audit transport.
 type Backend struct {
-	sync.Mutex
-	address       string
-	connection    net.Conn
-	fallback      bool
-	name          string
-	nodeIDList    []eventlogger.NodeID
-	nodeMap       map[eventlogger.NodeID]eventlogger.Node
-	salt          *salt.Salt
-	saltConfig    *salt.Config
-	saltMutex     sync.RWMutex
-	saltView      logical.Storage
-	socketType    string
-	writeDuration time.Duration
+	fallback   bool
+	name       string
+	nodeIDList []eventlogger.NodeID
+	nodeMap    map[eventlogger.NodeID]eventlogger.Node
+	salt       *salt.Salt
+	saltConfig *salt.Config
+	saltMutex  sync.RWMutex
+	saltView   logical.Storage
 }

 func Factory(_ context.Context, conf *audit.BackendConfig, headersConfig audit.HeaderFormatter) (audit.Backend, error) {
@@ -65,14 +58,10 @@ func Factory(_ context.Context, conf *audit.BackendConfig, headersConfig audit.H
 		writeDeadline = "2s"
 	}

-	writeDuration, err := parseutil.ParseDurationSecond(writeDeadline)
-	if err != nil {
-		return nil, fmt.Errorf("%s: failed to parse 'write_timeout': %w", op, err)
-	}
-
 	// The config options 'fallback' and 'filter' are mutually exclusive, a fallback
 	// device catches everything, so it cannot be allowed to filter.
 	var fallback bool
+	var err error
 	if fallbackRaw, ok := conf.Config["fallback"]; ok {
 		fallback, err = parseutil.ParseBool(fallbackRaw)
 		if err != nil {
@@ -85,15 +74,12 @@ func Factory(_ context.Context, conf *audit.BackendConfig, headersConfig audit.H
 	}

 	b := &Backend{
-		fallback:      fallback,
-		address:       address,
-		name:          conf.MountPath,
-		saltConfig:    conf.SaltConfig,
-		saltView:      conf.SaltView,
-		socketType:    socketType,
-		writeDuration: writeDuration,
-		nodeIDList:    []eventlogger.NodeID{},
-		nodeMap:       make(map[eventlogger.NodeID]eventlogger.Node),
+		fallback:   fallback,
+		name:       conf.MountPath,
+		saltConfig: conf.SaltConfig,
+		saltView:   conf.SaltView,
+		nodeIDList: []eventlogger.NodeID{},
+		nodeMap:    make(map[eventlogger.NodeID]eventlogger.Node),
 	}

 	err = b.configureFilterNode(conf.Config["filter"])
--- a/builtin/audit/socket/backend_test.go
+++ b/builtin/audit/socket/backend_test.go
@@ -417,7 +417,7 @@ func TestBackend_Factory_Conf(t *testing.T) {
 				},
 			},
 			isErrorExpected:      true,
-			expectedErrorMessage: "socket.Factory: failed to parse 'write_timeout': time: invalid duration \"qwerty\"",
+			expectedErrorMessage: "socket.Factory: error configuring sink node: socket.(Backend).configureSinkNode: error creating socket sink node: event.NewSocketSink: error applying options: unable to parse max duration: time: invalid duration \"qwerty\"",
 		},
 		"non-fallback-device-with-filter": {
 			backendConfig: &audit.BackendConfig{
--- a/internal/observability/event/options.go
+++ b/internal/observability/event/options.go
@@ -12,7 +12,6 @@ import (
 	"time"

 	"github.com/hashicorp/go-secure-stdlib/parseutil"
-
 	"github.com/hashicorp/go-uuid"
 )

@@ -160,7 +159,7 @@ func WithMaxDuration(duration string) Option {

 		parsed, err := parseutil.ParseDurationSecond(duration)
 		if err != nil {
-			return err
+			return fmt.Errorf("unable to parse max duration: %w", err)
 		}

 		o.withMaxDuration = parsed
--- a/internal/observability/event/options_test.go
+++ b/internal/observability/event/options_test.go
@@ -324,12 +324,12 @@ func TestOptions_WithMaxDuration(t *testing.T) {
 		"bad-value": {
 			Value:                "juan",
 			IsErrorExpected:      true,
-			ExpectedErrorMessage: "time: invalid duration \"juan\"",
+			ExpectedErrorMessage: "unable to parse max duration: time: invalid duration \"juan\"",
 		},
 		"bad-spacey-value": {
 			Value:                "   juan   ",
 			IsErrorExpected:      true,
-			ExpectedErrorMessage: "time: invalid duration \"juan\"",
+			ExpectedErrorMessage: "unable to parse max duration: time: invalid duration \"juan\"",
 		},
 		"duration-2s": {
 			Value:         "2s",
--- a/internal/observability/event/sink_socket_test.go
+++ b/internal/observability/event/sink_socket_test.go
@@ -50,7 +50,7 @@ func TestNewSocketSink(t *testing.T) {
 			format:         "json",
 			opts:           []Option{WithMaxDuration("bar")},
 			wantErr:        true,
-			expectedErrMsg: "event.NewSocketSink: error applying options: time: invalid duration \"bar\"",
+			expectedErrMsg: "event.NewSocketSink: error applying options: unable to parse max duration: time: invalid duration \"bar\"",
 		},
 		"happy": {
 			address: "wss://foo",