Joseph Doherty
635461c0fd
Perf re-baseline (HotPathLatencyTests): empirical p95 on Apple M-series Release build: 4KB DetailsJson slow path ≈14 µs, small-DetailsJson no-redactors ≈2 µs, true no-op fast path ≈0 µs. Thresholds updated: 200 µs / 30 µs / 5 µs (≈15× headroom for contested CI runners). Old thresholds (50 µs / 10 µs) were set for the pre-C3 typed-field path; canonical JSON parse+rewrite is empirically faster. Adds a third test (Filter_Apply_NoDetailsJson_FastPath) that asserts same-instance return on the DetailsJson-null + within-cap fast path. Env-var overrides retained. CollapseAuditLogToCanonicalMigrationTests (new): three MSSQL-gated [SkippableFact] tests verifying Action/Category/Outcome projection, NULL Actor, DetailsJson codec round-trip, and all six persisted computed columns (Kind/Status/SourceSiteId/ ExecutionId/ParentExecutionId) for ApiOutbound, InboundAuthFailure, and Failed- status rows. AddAuditLogTableMigrationTests: rename CreatesFiveNamedIndexes → CreatesNineNamedIndexes; expand coverage from 5 original indexes to all 9 named non-clustered indexes present after CollapseAuditLogToCanonical (adds IX_AuditLog_Execution, IX_AuditLog_ParentExecution, IX_AuditLog_Node_Occurred, UX_AuditLog_EventId). Dead-cref cleanup: zero references to the deleted IAuditPayloadFilter / DefaultAuditPayloadFilter / SafeDefaultAuditPayloadFilter types remain in any .cs file (source or test). 26 occurrences across 13 files replaced with correct references to IAuditRedactor / ScadaBridgeAuditRedactor / SafeDefaultAuditRedactor or reworded as plain prose. Residual sweep: no unused transitional code found beyond the acknowledged "C3 transitional shim" comments on IngestedAtUtc stamping (active code, not dead).
21 lines
934 B
C#
21 lines
934 B
C#
namespace ZB.MOM.WW.ScadaBridge.AuditLog.Payload;
|
|
|
|
/// <summary>
|
|
/// Counter sink invoked by <see cref="ZB.MOM.WW.ScadaBridge.AuditLog.Redaction.ScadaBridgeAuditRedactor"/>
|
|
/// every time a redactor (header / body regex / SQL parameter) throws and the
|
|
/// redactor has to over-redact the offending field with the
|
|
/// <c><redacted: redactor error></c> marker. Bundle C bridges this into
|
|
/// the Site Health Monitoring report payload as <c>AuditRedactionFailure</c>.
|
|
/// </summary>
|
|
/// <remarks>
|
|
/// Redaction failures must NEVER abort the user-facing action (alog.md §7) —
|
|
/// the filter over-redacts the field and surfaces the failure via this counter
|
|
/// instead. A NoOp default is the correct safe fallback while the health
|
|
/// metric is being wired in.
|
|
/// </remarks>
|
|
public interface IAuditRedactionFailureCounter
|
|
{
|
|
/// <summary>Increment the audit-redaction failure counter by one.</summary>
|
|
void Increment();
|
|
}
|