Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[controller] Add server-side audit logger for controller gRPC server #1446

Merged
merged 4 commits into from
Jan 17, 2025
Merged

[controller] Add server-side audit logger for controller gRPC server #1446

merged 4 commits into from
Jan 17, 2025

Conversation

sushantmane
Copy link
Collaborator

Add server-side audit logger for controller gRPC server

This commit introduces a server-side audit logging interceptor for the controller gRPC
server. The ControllerGrpcAuditLoggingInterceptor logs details about incoming and
outgoing gRPC calls, including the API method name, server address, client address,
cluster name, store name, request latency, and response status. Incoming requests are
logged with [AUDIT][gRPC][IN], while outgoing responses are logged with
[AUDIT][gRPC][OUT].

How was this PR tested?

UT and E2E

Does this PR introduce any user-facing changes?

  • No. You can skip the rest of this section.
  • Yes. Make sure to explain your proposed changes and call out the behavior change.

@sushantmane sushantmane marked this pull request as ready for review January 16, 2025 10:32
@sushantmane sushantmane enabled auto-merge (squash) January 16, 2025 10:33
@sushantmane
[controller] Add server-side audit logger for controller gRPC server
cfc04b5 
This commit introduces a server-side audit logging interceptor for the controller gRPC
server. The `ControllerGrpcAuditLoggingInterceptor` logs details about incoming and
outgoing gRPC calls, including the API method name, server address, client address,
cluster name, store name, request latency, and response status. Incoming requests are
logged with `[AUDIT][gRPC][IN]`, while outgoing responses are logged with
`[AUDIT][gRPC][OUT]`.

The interceptor gracefully handles cases where metadata or address information is missing.
This enhancement improves the observability and auditability of gRPC-based interactions in
the Venice Controller.
@sushantmane
Bump timeout for empty push in PU test
bd03b29
@sushantmane
Change package structure
5628c83
@sushantmane sushantmane force-pushed the grpc-in-venice-control-plane-audit-logger branch from 4390c3f to 5628c83 Compare January 17, 2025 01:47
@sushantmane sushantmane merged commit a792e65 into linkedin:main Jan 17, 2025
57 checks passed
@sushantmane
Copy link
Collaborator Author

Thanks, @KaiSernLim!

@sushantmane sushantmane deleted the grpc-in-venice-control-plane-audit-logger branch January 17, 2025 08:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@KaiSernLim KaiSernLim KaiSernLim approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sushantmane @KaiSernLim