1// Copyright 2021 The go-github AUTHORS. All rights reserved. 2// 3// Use of this source code is governed by a BSD-style 4// license that can be found in the LICENSE file. 5 6package github 7 8import ( 9 "context" 10 "fmt" 11) 12 13// GetAuditLogOptions sets up optional parameters to query audit-log endpoint. 14type GetAuditLogOptions struct { 15 Phrase *string `url:"phrase,omitempty"` // A search phrase. (Optional.) 16 Include *string `url:"include,omitempty"` // Event type includes. Can be one of "web", "git", "all". Default: "web". (Optional.) 17 Order *string `url:"order,omitempty"` // The order of audit log events. Can be one of "asc" or "desc". Default: "desc". (Optional.) 18 19 ListCursorOptions 20} 21 22// HookConfig describes metadata about a webhook configuration. 23type HookConfig struct { 24 ContentType *string `json:"content_type,omitempty"` 25 InsecureSSL *string `json:"insecure_ssl,omitempty"` 26 URL *string `json:"url,omitempty"` 27 28 // Secret is returned obfuscated by GitHub, but it can be set for outgoing requests. 29 Secret *string `json:"secret,omitempty"` 30} 31 32// AuditEntry describes the fields that may be represented by various audit-log "action" entries. 33// For a list of actions see - https://docs.github.com/en/github/setting-up-and-managing-organizations-and-teams/reviewing-the-audit-log-for-your-organization#audit-log-actions 34type AuditEntry struct { 35 Action *string `json:"action,omitempty"` // The name of the action that was performed, for example `user.login` or `repo.create`. 36 Active *bool `json:"active,omitempty"` 37 ActiveWas *bool `json:"active_was,omitempty"` 38 Actor *string `json:"actor,omitempty"` // The actor who performed the action. 39 BlockedUser *string `json:"blocked_user,omitempty"` 40 Business *string `json:"business,omitempty"` 41 CancelledAt *Timestamp `json:"cancelled_at,omitempty"` 42 CompletedAt *Timestamp `json:"completed_at,omitempty"` 43 Conclusion *string `json:"conclusion,omitempty"` 44 Config *HookConfig `json:"config,omitempty"` 45 ConfigWas *HookConfig `json:"config_was,omitempty"` 46 ContentType *string `json:"content_type,omitempty"` 47 CreatedAt *Timestamp `json:"created_at,omitempty"` 48 DeployKeyFingerprint *string `json:"deploy_key_fingerprint,omitempty"` 49 DocumentID *string `json:"_document_id,omitempty"` 50 Emoji *string `json:"emoji,omitempty"` 51 EnvironmentName *string `json:"environment_name,omitempty"` 52 Event *string `json:"event,omitempty"` 53 Events []string `json:"events,omitempty"` 54 EventsWere []string `json:"events_were,omitempty"` 55 Explanation *string `json:"explanation,omitempty"` 56 Fingerprint *string `json:"fingerprint,omitempty"` 57 HeadBranch *string `json:"head_branch,omitempty"` 58 HeadSHA *string `json:"head_sha,omitempty"` 59 HookID *int64 `json:"hook_id,omitempty"` 60 IsHostedRunner *bool `json:"is_hosted_runner,omitempty"` 61 JobName *string `json:"job_name,omitempty"` 62 LimitedAvailability *bool `json:"limited_availability,omitempty"` 63 Message *string `json:"message,omitempty"` 64 Name *string `json:"name,omitempty"` 65 OldUser *string `json:"old_user,omitempty"` 66 OpenSSHPublicKey *string `json:"openssh_public_key,omitempty"` 67 Org *string `json:"org,omitempty"` 68 PreviousVisibility *string `json:"previous_visibility,omitempty"` 69 ReadOnly *string `json:"read_only,omitempty"` 70 Repo *string `json:"repo,omitempty"` 71 Repository *string `json:"repository,omitempty"` 72 RepositoryPublic *bool `json:"repository_public,omitempty"` 73 RunnerGroupID *int64 `json:"runner_group_id,omitempty"` 74 RunnerGroupName *string `json:"runner_group_name,omitempty"` 75 RunnerID *int64 `json:"runner_id,omitempty"` 76 RunnerLabels []string `json:"runner_labels,omitempty"` 77 RunnerName *string `json:"runner_name,omitempty"` 78 SecretsPassed []string `json:"secrets_passed,omitempty"` 79 SourceVersion *string `json:"source_version,omitempty"` 80 StartedAt *Timestamp `json:"started_at,omitempty"` 81 TargetLogin *string `json:"target_login,omitempty"` 82 TargetVersion *string `json:"target_version,omitempty"` 83 Team *string `json:"team,omitempty"` 84 Timestamp *Timestamp `json:"@timestamp,omitempty"` // The time the audit log event occurred, given as a [Unix timestamp](http://en.wikipedia.org/wiki/Unix_time). 85 TransportProtocolName *string `json:"transport_protocol_name,omitempty"` // A human readable name for the protocol (for example, HTTP or SSH) used to transfer Git data. 86 TransportProtocol *int `json:"transport_protocol,omitempty"` // The type of protocol (for example, HTTP=1 or SSH=2) used to transfer Git data. 87 TriggerID *int64 `json:"trigger_id,omitempty"` 88 User *string `json:"user,omitempty"` // The user that was affected by the action performed (if available). 89 Visibility *string `json:"visibility,omitempty"` // The repository visibility, for example `public` or `private`. 90 WorkflowID *int64 `json:"workflow_id,omitempty"` 91 WorkflowRunID *int64 `json:"workflow_run_id,omitempty"` 92} 93 94// GetAuditLog gets the audit-log entries for an organization. 95// 96// GitHub API docs: https://docs.github.com/en/rest/reference/orgs#get-the-audit-log-for-an-organization 97func (s *OrganizationsService) GetAuditLog(ctx context.Context, org string, opts *GetAuditLogOptions) ([]*AuditEntry, *Response, error) { 98 u := fmt.Sprintf("orgs/%v/audit-log", org) 99 u, err := addOptions(u, opts) 100 if err != nil { 101 return nil, nil, err 102 } 103 104 req, err := s.client.NewRequest("GET", u, nil) 105 if err != nil { 106 return nil, nil, err 107 } 108 109 var auditEntries []*AuditEntry 110 resp, err := s.client.Do(ctx, req, &auditEntries) 111 if err != nil { 112 return nil, resp, err 113 } 114 115 return auditEntries, resp, nil 116} 117