Skip to content

Commit

Permalink
Add SAML SSO audit log fields (#2941)
Browse files Browse the repository at this point in the history
  • Loading branch information
patriknordlen authored Sep 29, 2023
1 parent e6f58e6 commit d99d3df
Show file tree
Hide file tree
Showing 4 changed files with 164 additions and 122 deletions.
16 changes: 16 additions & 0 deletions github/github-accessors.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

20 changes: 20 additions & 0 deletions github/github-accessors_test.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

158 changes: 80 additions & 78 deletions github/orgs_audit_log.go
Original file line number Diff line number Diff line change
Expand Up @@ -43,84 +43,86 @@ type PolicyOverrideReason struct {
// AuditEntry describes the fields that may be represented by various audit-log "action" entries.
// For a list of actions see - https://docs.github.com/en/github/setting-up-and-managing-organizations-and-teams/reviewing-the-audit-log-for-your-organization#audit-log-actions
type AuditEntry struct {
ActorIP *string `json:"actor_ip,omitempty"`
Action *string `json:"action,omitempty"` // The name of the action that was performed, for example `user.login` or `repo.create`.
Active *bool `json:"active,omitempty"`
ActiveWas *bool `json:"active_was,omitempty"`
Actor *string `json:"actor,omitempty"` // The actor who performed the action.
ActorLocation *ActorLocation `json:"actor_location,omitempty"`
BlockedUser *string `json:"blocked_user,omitempty"`
Business *string `json:"business,omitempty"`
CancelledAt *Timestamp `json:"cancelled_at,omitempty"`
CompletedAt *Timestamp `json:"completed_at,omitempty"`
Conclusion *string `json:"conclusion,omitempty"`
Config *HookConfig `json:"config,omitempty"`
ConfigWas *HookConfig `json:"config_was,omitempty"`
ContentType *string `json:"content_type,omitempty"`
CreatedAt *Timestamp `json:"created_at,omitempty"`
DeployKeyFingerprint *string `json:"deploy_key_fingerprint,omitempty"`
DocumentID *string `json:"_document_id,omitempty"`
Emoji *string `json:"emoji,omitempty"`
EnvironmentName *string `json:"environment_name,omitempty"`
Event *string `json:"event,omitempty"`
Events []string `json:"events,omitempty"`
EventsWere []string `json:"events_were,omitempty"`
Explanation *string `json:"explanation,omitempty"`
Fingerprint *string `json:"fingerprint,omitempty"`
HashedToken *string `json:"hashed_token,omitempty"`
HeadBranch *string `json:"head_branch,omitempty"`
HeadSHA *string `json:"head_sha,omitempty"`
HookID *int64 `json:"hook_id,omitempty"`
IsHostedRunner *bool `json:"is_hosted_runner,omitempty"`
JobName *string `json:"job_name,omitempty"`
JobWorkflowRef *string `json:"job_workflow_ref,omitempty"`
LimitedAvailability *bool `json:"limited_availability,omitempty"`
Message *string `json:"message,omitempty"`
Name *string `json:"name,omitempty"`
OAuthApplicationID *int64 `json:"oauth_application_id,omitempty"`
OldUser *string `json:"old_user,omitempty"`
OldPermission *string `json:"old_permission,omitempty"` // The permission level for membership changes, for example `admin` or `read`.
OpenSSHPublicKey *string `json:"openssh_public_key,omitempty"`
OperationType *string `json:"operation_type,omitempty"`
Org *string `json:"org,omitempty"`
OrgID *int64 `json:"org_id,omitempty"`
OverriddenCodes []string `json:"overridden_codes,omitempty"`
Permission *string `json:"permission,omitempty"` // The permission level for membership changes, for example `admin` or `read`.
PreviousVisibility *string `json:"previous_visibility,omitempty"`
ProgrammaticAccessType *string `json:"programmatic_access_type,omitempty"`
PullRequestID *int64 `json:"pull_request_id,omitempty"`
PullRequestTitle *string `json:"pull_request_title,omitempty"`
PullRequestURL *string `json:"pull_request_url,omitempty"`
ReadOnly *string `json:"read_only,omitempty"`
Reasons []*PolicyOverrideReason `json:"reasons,omitempty"`
Repo *string `json:"repo,omitempty"`
Repository *string `json:"repository,omitempty"`
RepositoryPublic *bool `json:"repository_public,omitempty"`
RunAttempt *int64 `json:"run_attempt,omitempty"`
RunnerGroupID *int64 `json:"runner_group_id,omitempty"`
RunnerGroupName *string `json:"runner_group_name,omitempty"`
RunnerID *int64 `json:"runner_id,omitempty"`
RunnerLabels []string `json:"runner_labels,omitempty"`
RunnerName *string `json:"runner_name,omitempty"`
RunNumber *int64 `json:"run_number,omitempty"`
SecretsPassed []string `json:"secrets_passed,omitempty"`
SourceVersion *string `json:"source_version,omitempty"`
StartedAt *Timestamp `json:"started_at,omitempty"`
TargetLogin *string `json:"target_login,omitempty"`
TargetVersion *string `json:"target_version,omitempty"`
Team *string `json:"team,omitempty"`
Timestamp *Timestamp `json:"@timestamp,omitempty"` // The time the audit log event occurred, given as a [Unix timestamp](http://en.wikipedia.org/wiki/Unix_time).
TokenID *int64 `json:"token_id,omitempty"`
TokenScopes *string `json:"token_scopes,omitempty"`
Topic *string `json:"topic,omitempty"`
TransportProtocolName *string `json:"transport_protocol_name,omitempty"` // A human readable name for the protocol (for example, HTTP or SSH) used to transfer Git data.
TransportProtocol *int `json:"transport_protocol,omitempty"` // The type of protocol (for example, HTTP=1 or SSH=2) used to transfer Git data.
TriggerID *int64 `json:"trigger_id,omitempty"`
User *string `json:"user,omitempty"` // The user that was affected by the action performed (if available).
UserAgent *string `json:"user_agent,omitempty"`
Visibility *string `json:"visibility,omitempty"` // The repository visibility, for example `public` or `private`.
WorkflowID *int64 `json:"workflow_id,omitempty"`
WorkflowRunID *int64 `json:"workflow_run_id,omitempty"`
ActorIP *string `json:"actor_ip,omitempty"`
Action *string `json:"action,omitempty"` // The name of the action that was performed, for example `user.login` or `repo.create`.
Active *bool `json:"active,omitempty"`
ActiveWas *bool `json:"active_was,omitempty"`
Actor *string `json:"actor,omitempty"` // The actor who performed the action.
ActorLocation *ActorLocation `json:"actor_location,omitempty"`
BlockedUser *string `json:"blocked_user,omitempty"`
Business *string `json:"business,omitempty"`
CancelledAt *Timestamp `json:"cancelled_at,omitempty"`
CompletedAt *Timestamp `json:"completed_at,omitempty"`
Conclusion *string `json:"conclusion,omitempty"`
Config *HookConfig `json:"config,omitempty"`
ConfigWas *HookConfig `json:"config_was,omitempty"`
ContentType *string `json:"content_type,omitempty"`
CreatedAt *Timestamp `json:"created_at,omitempty"`
DeployKeyFingerprint *string `json:"deploy_key_fingerprint,omitempty"`
DocumentID *string `json:"_document_id,omitempty"`
Emoji *string `json:"emoji,omitempty"`
EnvironmentName *string `json:"environment_name,omitempty"`
Event *string `json:"event,omitempty"`
Events []string `json:"events,omitempty"`
EventsWere []string `json:"events_were,omitempty"`
Explanation *string `json:"explanation,omitempty"`
ExternalIdentityNameID *string `json:"external_identity_nameid,omitempty"`
ExternalIdentityUsername *string `json:"external_identity_username,omitempty"`
Fingerprint *string `json:"fingerprint,omitempty"`
HashedToken *string `json:"hashed_token,omitempty"`
HeadBranch *string `json:"head_branch,omitempty"`
HeadSHA *string `json:"head_sha,omitempty"`
HookID *int64 `json:"hook_id,omitempty"`
IsHostedRunner *bool `json:"is_hosted_runner,omitempty"`
JobName *string `json:"job_name,omitempty"`
JobWorkflowRef *string `json:"job_workflow_ref,omitempty"`
LimitedAvailability *bool `json:"limited_availability,omitempty"`
Message *string `json:"message,omitempty"`
Name *string `json:"name,omitempty"`
OAuthApplicationID *int64 `json:"oauth_application_id,omitempty"`
OldUser *string `json:"old_user,omitempty"`
OldPermission *string `json:"old_permission,omitempty"` // The permission level for membership changes, for example `admin` or `read`.
OpenSSHPublicKey *string `json:"openssh_public_key,omitempty"`
OperationType *string `json:"operation_type,omitempty"`
Org *string `json:"org,omitempty"`
OrgID *int64 `json:"org_id,omitempty"`
OverriddenCodes []string `json:"overridden_codes,omitempty"`
Permission *string `json:"permission,omitempty"` // The permission level for membership changes, for example `admin` or `read`.
PreviousVisibility *string `json:"previous_visibility,omitempty"`
ProgrammaticAccessType *string `json:"programmatic_access_type,omitempty"`
PullRequestID *int64 `json:"pull_request_id,omitempty"`
PullRequestTitle *string `json:"pull_request_title,omitempty"`
PullRequestURL *string `json:"pull_request_url,omitempty"`
ReadOnly *string `json:"read_only,omitempty"`
Reasons []*PolicyOverrideReason `json:"reasons,omitempty"`
Repo *string `json:"repo,omitempty"`
Repository *string `json:"repository,omitempty"`
RepositoryPublic *bool `json:"repository_public,omitempty"`
RunAttempt *int64 `json:"run_attempt,omitempty"`
RunnerGroupID *int64 `json:"runner_group_id,omitempty"`
RunnerGroupName *string `json:"runner_group_name,omitempty"`
RunnerID *int64 `json:"runner_id,omitempty"`
RunnerLabels []string `json:"runner_labels,omitempty"`
RunnerName *string `json:"runner_name,omitempty"`
RunNumber *int64 `json:"run_number,omitempty"`
SecretsPassed []string `json:"secrets_passed,omitempty"`
SourceVersion *string `json:"source_version,omitempty"`
StartedAt *Timestamp `json:"started_at,omitempty"`
TargetLogin *string `json:"target_login,omitempty"`
TargetVersion *string `json:"target_version,omitempty"`
Team *string `json:"team,omitempty"`
Timestamp *Timestamp `json:"@timestamp,omitempty"` // The time the audit log event occurred, given as a [Unix timestamp](http://en.wikipedia.org/wiki/Unix_time).
TokenID *int64 `json:"token_id,omitempty"`
TokenScopes *string `json:"token_scopes,omitempty"`
Topic *string `json:"topic,omitempty"`
TransportProtocolName *string `json:"transport_protocol_name,omitempty"` // A human readable name for the protocol (for example, HTTP or SSH) used to transfer Git data.
TransportProtocol *int `json:"transport_protocol,omitempty"` // The type of protocol (for example, HTTP=1 or SSH=2) used to transfer Git data.
TriggerID *int64 `json:"trigger_id,omitempty"`
User *string `json:"user,omitempty"` // The user that was affected by the action performed (if available).
UserAgent *string `json:"user_agent,omitempty"`
Visibility *string `json:"visibility,omitempty"` // The repository visibility, for example `public` or `private`.
WorkflowID *int64 `json:"workflow_id,omitempty"`
WorkflowRunID *int64 `json:"workflow_run_id,omitempty"`

Data *AuditEntryData `json:"data,omitempty"`
}
Expand Down
Loading

0 comments on commit d99d3df

Please sign in to comment.