dohertj2/scadaproj
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs(audit): register component in indexes + GAPS cross-check

Browse Source
This commit is contained in:
Joseph Doherty
2026-06-01 07:38:20 -04:00
parent 7f05107c1d
commit c284e4d68d
3 changed files with 28 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
upcoming.md
+8 -2
View File
@@ -49,7 +49,7 @@ Three different, incompatible approaches mean you can't scrape or dashboard the
(+ `Commons` `OtOpcUaTelemetry`); MxGateway `src/ZB.MOM.WW.MxGateway.Server/Metrics/GatewayMetrics.cs`
(~470 LOC, no exporter); ScadaBridge `OpenTelemetry.Api` dep only (no instrumentation).
### 3. Audit — shared event *model* + writer seam
### 3. Audit — shared event *model* + writer seam ✅ DONE
All three audit; the who-did-what record (actor / action / target / time / correlationId /
detailsJson) is genuinely common, and it **closes the loop on the Auth component** (audit's
"who" = identity). Transport differs (Akka cluster vs SQLite vs none), so extract only the
@@ -58,6 +58,9 @@ ScadaBridge's pipeline is ~3k LOC.
- Evidence: OtOpcUa `Commons/Messages/Audit/AuditEvent.cs` + `ControlPlane/Audit/AuditWriterActor.cs`
+ `Configuration/Entities/ConfigAuditLog.cs`; ScadaBridge `src/ZB.MOM.WW.ScadaBridge.AuditLog/`
(site + central) + `Commons/Entities/Audit/`; MxGateway `Security/Authentication/SqliteApiKeyAuditStore.cs`.
- **Delivered:** shared library built at [`ZB.MOM.WW.Audit/`](ZB.MOM.WW.Audit/) (1 nupkg @ 0.1.0);
design at [`components/audit/`](components/audit/); adoption backlog in
[`components/audit/GAPS.md`](components/audit/GAPS.md).
### Strategic — the gRPC `.proto` break surface
[`CLAUDE.md`](CLAUDE.md) names these as *the* cross-repo break surface ("a green build in one
@@ -70,7 +73,10 @@ cross-repo interop checks, distinct from the others.
### Tier 2 (good, with caveats)
- **Logging — `ZB.MOM.WW.Logging`:** strong overlap (Serilog bootstrap + enrichers SiteId/NodeRole/Host
+ correlation scope), but MxGateway uses MS.Extensions.Logging — step 1 is converging on Serilog.
Natural to bundle with Telemetry as "observability".
Natural to bundle with Telemetry as "observability". **Note:** the logging-family work for this
family is being delivered as `ZB.MOM.WW.Telemetry.Serilog` by the health/observability normalization
pass ([`components/health/`](components/health/)), not as a standalone `ZB.MOM.WW.Logging` lib —
a separate Logging candidate is not expected.
- **Config validation conventions:** all three use IOptions + `IValidateOptions` + `ValidateOnStart`;
a shared validation base + startup-validation helper is reusable and pairs with the Auth options pattern.