This is an automated email from the ASF dual-hosted git repository.
sbp pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tooling-trusted-release.git
The following commit(s) were added to refs/heads/main by this push:
new 323f3df Add an entry to the audit logs when a workflow key is
registered
323f3df is described below
commit 323f3df9158b56971d3e41f08ed7226bf8a9759f
Author: Sean B. Palmer <[email protected]>
AuthorDate: Thu Sep 4 15:22:04 2025 +0100
Add an entry to the audit logs when a workflow key is registered
---
atr/storage/writers/ssh.py | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/atr/storage/writers/ssh.py b/atr/storage/writers/ssh.py
index 646f41d..a2d51ea 100644
--- a/atr/storage/writers/ssh.py
+++ b/atr/storage/writers/ssh.py
@@ -70,7 +70,6 @@ class CommitteeParticipant(FoundationCommitter):
self.__committee_name = committee_name
async def add_workflow_key(self, github_uid: str, github_nid: int,
project_name: str, key: str) -> tuple[str, int]:
- # TODO: This needs to create an audit event for logging
now = int(time.time())
# Twenty minutes to upload all files
ttl = 20 * 60
@@ -87,6 +86,14 @@ class CommitteeParticipant(FoundationCommitter):
)
self.__data.add(wsk)
await self.__data.commit()
+ self.__write_as.log_auditable_event(
+ asf_uid=self.__asf_uid,
+ fingerprint=fingerprint,
+ project_name=project_name,
+ github_uid=github_uid,
+ github_nid=github_nid,
+ expires=expires,
+ )
return fingerprint, expires
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
