Skip to content

Type the audit-log decision field with a Decision enum#208

Merged
luca-iachini merged 2 commits into
mainfrom
audit-decision-enum
Jun 27, 2026
Merged

Type the audit-log decision field with a Decision enum#208
luca-iachini merged 2 commits into
mainfrom
audit-decision-enum

Conversation

@luca-iachini

@luca-iachini luca-iachini commented Jun 26, 2026

Copy link
Copy Markdown
Contributor

What

Replace the bare i32 decision wire value in the audit log with a typed Decision enum, so producers and readers share one source of truth for the 1=ALLOW / 2=DENY / 3=ABORT mapping.

Producer (firma-sidecar)

  • New firma_sidecar::audit::Decision (#[repr(u8)], Serialize_repr + Deserialize_repr). JSON wire stays numeric — no format change.
  • Retyped AuditPayload.decision, ExecutionEvent.decision, DecisionOverride.decision, and AuditDecisionFields.decision_code from i32 to Decision.
  • Dropped the DECISION_ALLOW/DENY/ABORT magic-int constants (pipeline + test copies).
  • Proto boundary converts with as i32; signing hashes (decision as i32).to_string() so existing signatures stay byte-identical.

Reader (firma monitor)

  • AuditLite.decision now decodes into AuditLiteDecision { Known(Decision), Unknown(i64) } via a custom Deserialize impl. Three states preserved: absent (None), present-but-unrecognized (Unknown → renders UNKNOWN), known. An off-range code never drops the whole record.
  • Removed the duplicate PROTO_DECISION_* constants and the decision_label fn (now a Display impl).

Tests

  • e2e tests/e2e/audit.rs consumes the production enum instead of a local copy.
  • Added monitor coverage for unknown-code and absent-field cases.

Also regenerates Cargo.lock, which was stale on main (manifest 0.1.2, lock 0.1.1).

Invariants

Wire format unchanged, signatures unchanged, deterministic enforcement unaffected.

just check passes.

@codecov

codecov Bot commented Jun 26, 2026

Copy link
Copy Markdown

Codecov Report

❌ Patch coverage is 93.63636% with 7 lines in your changes missing coverage. Please review.

Files with missing lines Patch % Lines
crates/firma/src/monitor/filters.rs 94.82% 2 Missing and 1 partial ⚠️
crates/firma-sidecar/src/audit.rs 0.00% 1 Missing ⚠️
crates/firma-sidecar/src/audit/sink/grpc.rs 0.00% 1 Missing ⚠️
crates/firma-sidecar/src/handler.rs 95.45% 1 Missing ⚠️
crates/firma/src/monitor/render.rs 75.00% 0 Missing and 1 partial ⚠️

📢 Thoughts on this report? Let us know!

@luca-iachini luca-iachini requested review from falcucci and veeso June 26, 2026 17:20
LukeMathWalker
LukeMathWalker approved these changes Jun 26, 2026
View reviewed changes

@LukeMathWalker LukeMathWalker left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice clean-up!

@luca-iachini luca-iachini merged commit 946372a into main Jun 27, 2026
15 checks passed
@luca-iachini luca-iachini deleted the audit-decision-enum branch June 27, 2026 07:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@LukeMathWalker LukeMathWalker LukeMathWalker approved these changes
@veeso veeso Awaiting requested review from veeso
@falcucci falcucci Awaiting requested review from falcucci

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@luca-iachini @LukeMathWalker