feat: store audits on mongodb

Makefile

@@ -12,7 +12,7 @@ all: test
 
 .PHONY: mongo-start
 mongo-start:
-	docker run --rm --name mongo -p 27017:27017 -d mongo
+	docker run --rm --name mongo -p 27017:27017 -d mongo:8
 
 .PHONY: test
 test: clean mongo-start
@@ -39,3 +39,7 @@ version:
 	git add "Dockerfile"
 	git commit -m "v${VERSION}"
 	git tag v${VERSION}
+
+.PHONY: runlocal
+runlocal:
+	@set -a && source ./default.env && go run .

custom_builtins/mongoclient_test.go

@@ -26,6 +26,7 @@ import (
 
 	"github.com/stretchr/testify/require"
 	"go.mongodb.org/mongo-driver/bson"
+	"go.mongodb.org/mongo-driver/mongo"
 )
 
 func TestNewMongoClient(t *testing.T) {
@@ -66,7 +67,7 @@ func TestGetMongoCollectionFromContext(t *testing.T) {
 
 func TestMongoFindOne(t *testing.T) {
 	log := logging.NewNoOpLogger()
-	mongoDBURL, dbName := getMongoDBURL(t)
+	mongoDBURL := testutils.GetMongoDBURL(t)
 	client, err := mongoclient.NewMongoClient(log, mongoDBURL, mongoclient.ConnectionOpts{})
 	require.NoError(t, err)
 	defer client.Disconnect()
@@ -75,7 +76,7 @@ func TestMongoFindOne(t *testing.T) {
 	require.NoError(t, err)
 
 	collectionName := "my-collection"
-	populateCollection(t, dbName, collectionName)
+	populateCollection(t, client.Collection(collectionName))
 
 	t.Run("finds a document", func(t *testing.T) {
 		result, err := mongoClient.FindOne(context.Background(), collectionName, map[string]interface{}{
@@ -108,16 +109,14 @@ func TestMongoFindOne(t *testing.T) {
 
 func TestMongoFindMany(t *testing.T) {
 	log := logging.NewNoOpLogger()
-	mongoDBURL, dbName := getMongoDBURL(t)
-	client, err := mongoclient.NewMongoClient(log, mongoDBURL, mongoclient.ConnectionOpts{})
-	require.NoError(t, err)
-	defer client.Disconnect()
+	client, dbName := testutils.GetAndDisposeMongoClient(t)
 
-	mongoClient, err := NewMongoClient(log, client)
+	clientWrapper := &testutils.MockMongoClient{ActualClient: client, DBName: dbName}
+	mongoClient, err := NewMongoClient(log, clientWrapper)
 	require.NoError(t, err)
 
 	collectionName := "my-collection"
-	populateCollection(t, dbName, collectionName)
+	populateCollection(t, client.Database(dbName).Collection(collectionName))
 
 	t.Run("finds multiple documents", func(t *testing.T) {
 		result, err := mongoClient.FindMany(context.Background(), collectionName, map[string]interface{}{
@@ -166,14 +165,10 @@ func TestMongoFindMany(t *testing.T) {
 	})
 }
 
-func populateCollection(t *testing.T, dbName string, collectionName string) {
+func populateCollection(t *testing.T, collection *mongo.Collection) {
 	t.Helper()
-
-	client := testutils.GetMongoClient(t)
 	ctx := context.Background()
 
-	db := client.Database(dbName)
-	collection := db.Collection(collectionName)
 	_, err := collection.DeleteMany(ctx, bson.D{})
 	require.NoError(t, err)
 	_, err = collection.InsertMany(ctx, []interface{}{
@@ -198,7 +193,6 @@ func populateCollection(t *testing.T, dbName string, collectionName string) {
 
 	t.Cleanup(func() {
 		collection.Drop(ctx)
-		db.Drop(ctx)
 	})
 }
 

default.env

@@ -0,0 +1,3 @@
+OPA_MODULES_DIRECTORY=./mocks/rego-policies
+TARGET_SERVICE_HOST=localhost:9090
+API_PERMISSIONS_FILE_PATH=./mocks/simplifiedMock.json

internal/audit/agent.go

@@ -19,7 +19,7 @@ import "context"
 type Labels = map[string]any
 
 type Agent interface {
-	Trace(context.Context, Audit)
+	Trace(context.Context, Audit) error
 	Cache() AuditCache
 }
 
@@ -28,13 +28,14 @@ type AgentPool interface {
 }
 
 // noopAgent is a lazy agent that does nothing :(
+type noopAgent struct{}
+
+func (a *noopAgent) Trace(context.Context, Audit) error { return nil }
+func (a *noopAgent) Cache() AuditCache                  { return &SingleRecordCache{} }
+
+// noopAgentPool is a lazy agent pool that returns noopAgent :D
 type noopAgentPool struct{}
 
 func (p *noopAgentPool) New() Agent { return &noopAgent{} }
 
 func NewNoopAgentPool() AgentPool { return &noopAgentPool{} }
-
-type noopAgent struct{}
-
-func (a *noopAgent) Trace(context.Context, Audit) {}
-func (a *noopAgent) Cache() AuditCache            { return &SingleRecordCache{} }

internal/audit/agent_compound.go

@@ -0,0 +1,83 @@
+// Copyright 2025 Mia srl
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package audit
+
+import (
+	"context"
+	"fmt"
+)
+
+var ErrNoAgents = fmt.Errorf("no audit agents provided")
+
+type compoundAgent struct {
+	agents []Agent
+}
+
+func newCompoundAgent(agents ...Agent) Agent {
+	return &compoundAgent{agents: agents}
+}
+
+func (c *compoundAgent) Trace(ctx context.Context, a Audit) error {
+	if len(c.agents) == 0 {
+		return ErrNoAgents
+	}
+
+	var errors []error
+	for _, agent := range c.agents {
+		if err := agent.Trace(ctx, a); err != nil {
+			errors = append(errors, err)
+		}
+	}
+
+	if len(errors) > 0 {
+		errString := ""
+		for i, err := range errors {
+			errString += err.Error()
+			if i < len(errors)-1 {
+				errString += "; "
+			}
+		}
+		return fmt.Errorf("%d/%d agents failed to trace: %s", len(errors), len(c.agents), errString)
+	}
+	return nil
+}
+
+func (c *compoundAgent) Cache() AuditCache {
+	return &compoundAuditCache{
+		agents: c.agents,
+	}
+}
+
+type compoundAuditCache struct {
+	agents []Agent
+}
+
+func (c *compoundAuditCache) Store(d Data) {
+	for _, agent := range c.agents {
+		agent.Cache().Store(d)
+	}
+}
+
+func (c *compoundAuditCache) Load() Data {
+	dataToReturn := make(Data)
+	for _, agent := range c.agents {
+		if data := agent.Cache().Load(); data != nil {
+			for k, v := range data {
+				dataToReturn[k] = v
+			}
+		}
+	}
+	return dataToReturn
+}