Feature request: Add a change audit log for app and server changes

[michiels]

For security and collaboration with other team members, it would be great if all changes to servers/apps made would trigger entries in some kind of activity/change audit log. This so that you can always trace back what happened to a server or an app over time. This is beneficial for security (spotting weird behavior) but also makes collaboration in a team easier, as you'll now who changed what on a server. Basically automating and providing automated infrastructure CMDB functionality.

An audit log could be as simple as a GitHub-issue style activity log for things like:

• Domain added or removed
• ENV var added or removed
• Service linked/installed
• SSL certificate added

etc.

It's important that we create event logs for most important security and app environment changes first. Things like adding/removing apps and servers could be a bonus.

We could expand this feature with allowing an email notification (digest) to be sent out to all users of the Intercity instance so changes in configurations are automatically logged and notified.

Most important events to log:

• Deploy key added and removed
• Domain added and removed
• ENV var added and removed
• SSL certificate added and removed

[michiels]

We could use a gem like https://github.com/chaps-io/public_activity, but usually rolling a simple own Event/Activity log is easier to build and maintain due to the trivial nature.

[michiels]

Quickly brainstorming, could have something like:

class Event < ApplicationRecord
  belongs_to :actor, class_name: "User"
end

class ServerEvent < Event
  belongs_to :server

  enum { deploy_key_added: 0, deploy_key_added: 1 }
end

class AppEvent < Event
  belongs_to :app
  
  enum { domain_added: 0, domain_removed: 1, env_var_added: 2, ... }
end

Bonus points if we add a "command execution" log to each event so you can see what the command execution was on the server and even log errors or success state for each command.

[jvanbaarsen]

@michiels Do we actually want to have the events specified up front? What do you think about a "normal" logbook type thing? Maybe with a couple of categories, i.e:
"[Server] - Michiel added SSH key"
"[App] - Joshua enabled backups for AppY"

[michiels]

@jvanbaarsen that's a good point, it would make the system more freeform. However, then we cannot add icons or for example filtering from one event dashboard.

[jvanbaarsen]

This is how GH does it:

So you could still filter on the category type. I think with the following categories you have plenty of freedom:

• Security
• Add-ons
• Server
• App

[michiels]

@jvanbaarsen I'd say you also want to filter on ENV vars added and Deploy Keys added/removed. As these are security auditing features we'd like to have. But yeah having a category "Security" or "Authorizations" is also fine. That would basically be the same as I suggested with the enums, but with a few more generic labels that communicate the same.