chore(audit): ScadaBridge C7 — perf re-baseline + CollapseAuditLogToCanonical projection test + index-test fix + dead-cref cleanup (Task 2.5)
Perf re-baseline (HotPathLatencyTests): empirical p95 on Apple M-series Release build: 4KB DetailsJson slow path ≈14 µs, small-DetailsJson no-redactors ≈2 µs, true no-op fast path ≈0 µs. Thresholds updated: 200 µs / 30 µs / 5 µs (≈15× headroom for contested CI runners). Old thresholds (50 µs / 10 µs) were set for the pre-C3 typed-field path; canonical JSON parse+rewrite is empirically faster. Adds a third test (Filter_Apply_NoDetailsJson_FastPath) that asserts same-instance return on the DetailsJson-null + within-cap fast path. Env-var overrides retained. CollapseAuditLogToCanonicalMigrationTests (new): three MSSQL-gated [SkippableFact] tests verifying Action/Category/Outcome projection, NULL Actor, DetailsJson codec round-trip, and all six persisted computed columns (Kind/Status/SourceSiteId/ ExecutionId/ParentExecutionId) for ApiOutbound, InboundAuthFailure, and Failed- status rows. AddAuditLogTableMigrationTests: rename CreatesFiveNamedIndexes → CreatesNineNamedIndexes; expand coverage from 5 original indexes to all 9 named non-clustered indexes present after CollapseAuditLogToCanonical (adds IX_AuditLog_Execution, IX_AuditLog_ParentExecution, IX_AuditLog_Node_Occurred, UX_AuditLog_EventId). Dead-cref cleanup: zero references to the deleted IAuditPayloadFilter / DefaultAuditPayloadFilter / SafeDefaultAuditPayloadFilter types remain in any .cs file (source or test). 26 occurrences across 13 files replaced with correct references to IAuditRedactor / ScadaBridgeAuditRedactor / SafeDefaultAuditRedactor or reworded as plain prose. Residual sweep: no unused transitional code found beyond the acknowledged "C3 transitional shim" comments on IngestedAtUtc stamping (active code, not dead).
This commit is contained in:
Joseph Doherty
+1
-1
@@ -15,7 +15,7 @@ namespace ZB.MOM.WW.ScadaBridge.AuditLog.Tests.Configuration;
|
||||
/// binding. The first test pins the JSON-realistic binding shape end-to-end
|
||||
/// (scalars, lists, per-target overrides) so accidental drift in the section
|
||||
/// layout breaks the build. The second test exercises the live hot-reload
|
||||
/// path: a <see cref="DefaultAuditPayloadFilter"/> backed by a mutable
|
||||
/// path: a <see cref="ScadaBridgeAuditRedactor"/> backed by a mutable
|
||||
/// <see cref="IOptionsMonitor{TOptions}"/> must respond to config changes on
|
||||
/// the very next event, with both cap-bytes and the regex-cache invalidation
|
||||
/// flowing through without a restart.
|
||||
|
||||
+2
-2
@@ -6,8 +6,8 @@ namespace ZB.MOM.WW.ScadaBridge.AuditLog.Tests.Redaction;
|
||||
|
||||
/// <summary>
|
||||
/// ScadaBridge audit re-architecture stage C2 (Task 2.5) tests for
|
||||
/// <see cref="SafeDefaultAuditRedactor"/> — the canonical-record analogue of
|
||||
/// <see cref="ZB.MOM.WW.ScadaBridge.AuditLog.Payload.SafeDefaultAuditPayloadFilter"/>.
|
||||
/// <see cref="SafeDefaultAuditRedactor"/> — the minimal always-safe
|
||||
/// <see cref="ZB.MOM.WW.Audit.IAuditRedactor"/> fallback.
|
||||
/// Header-only scrub of the always-sensitive default headers inside
|
||||
/// <c>DetailsJson</c>'s RequestSummary / ResponseSummary; never throws, never
|
||||
/// performs body / SQL / truncation work.
|
||||
|
||||
+3
-6
@@ -13,12 +13,9 @@ namespace ZB.MOM.WW.ScadaBridge.AuditLog.Tests.Redaction;
|
||||
/// <summary>
|
||||
/// ScadaBridge audit re-architecture stage C2 (Task 2.5) tests for
|
||||
/// <see cref="ScadaBridgeAuditRedactor"/> — the canonical
|
||||
/// <see cref="IAuditRedactor"/> implementation that ports the
|
||||
/// <see cref="DefaultAuditPayloadFilter"/> redaction + truncation behaviour onto
|
||||
/// the canonical <c>ZB.MOM.WW.Audit.AuditEvent</c> record and its
|
||||
/// <see cref="AuditEvent.DetailsJson"/> payload bag. These mirror the legacy
|
||||
/// Payload fixtures (HeaderRedaction / BodyRegex / SqlParam / RedactionSafetyNet
|
||||
/// / Truncation) but operate on canonical events built via
|
||||
/// <see cref="IAuditRedactor"/> implementation. Covers the header-redaction /
|
||||
/// body-regex / SQL-param / safety-net / truncation pipeline operating on
|
||||
/// canonical <c>ZB.MOM.WW.Audit.AuditEvent</c> records built via
|
||||
/// <see cref="AuditDetailsCodec"/>.
|
||||
/// </summary>
|
||||
public class ScadaBridgeAuditRedactorTests
|
||||
|
||||
+1
-1
@@ -8,7 +8,7 @@ namespace ZB.MOM.WW.ScadaBridge.AuditLog.Tests.Site;
|
||||
/// Bundle C (M5-T7) — the <see cref="HealthMetricsAuditRedactionFailureCounter"/>
|
||||
/// adapter is the production binding for
|
||||
/// <see cref="ZB.MOM.WW.ScadaBridge.AuditLog.Payload.IAuditRedactionFailureCounter"/> on
|
||||
/// site nodes; it forwards every <see cref="DefaultAuditPayloadFilter"/>
|
||||
/// site nodes; it forwards every <see cref="ZB.MOM.WW.ScadaBridge.AuditLog.Redaction.ScadaBridgeAuditRedactor"/>
|
||||
/// redactor over-redaction event into the shared
|
||||
/// <see cref="ISiteHealthCollector"/> so the site health report surfaces the
|
||||
/// count as <c>AuditRedactionFailure</c>. Mirrors the M2 Bundle G
|
||||
|
||||
Reference in New Issue
Block a user