llm-multiverse/llm-multiverse
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

feat: wire GetSecret gRPC endpoint with audit logging (#25) #109

Merged
shahondin1624 merged 1 commits from feature/issue-25-get-secret-endpoint into main 2026-03-09 08:09:32 +01:00
Conversation 0 Commits 1 Files Changed 7 +200 -10
shahondin1624 commented 2026-03-09 08:09:28 +01:00
Owner
Copy Link

Summary\n\n- Wire GetSecret handler to audit service for access logging (AUDIT_ACTION_SECRET_ACCESS)\n- SHA-256 hash secret names in audit logs (never log raw names)\n- Add audit_addr config field for audit service connection\n- Graceful fallback if audit service unavailable\n- 19 unit tests pass, clippy clean\n\n## Test plan\n\n- [x] cargo test -p secrets-service — 19 tests pass\n- [x] cargo clippy -p secrets-service --tests -- -D warnings — clean\n- [x] Tests cover: all validation paths, found/not-found, multiple secrets, works without audit client, hash determinism\n\n🤖 Generated with Claude Code

## Summary\n\n- Wire GetSecret handler to audit service for access logging (AUDIT_ACTION_SECRET_ACCESS)\n- SHA-256 hash secret names in audit logs (never log raw names)\n- Add `audit_addr` config field for audit service connection\n- Graceful fallback if audit service unavailable\n- 19 unit tests pass, clippy clean\n\n## Test plan\n\n- [x] `cargo test -p secrets-service` — 19 tests pass\n- [x] `cargo clippy -p secrets-service --tests -- -D warnings` — clean\n- [x] Tests cover: all validation paths, found/not-found, multiple secrets, works without audit client, hash determinism\n\n🤖 Generated with [Claude Code](https://claude.com/claude-code)
shahondin1624 added 1 commit 2026-03-09 08:09:29 +01:00
feat: wire GetSecret gRPC endpoint with audit logging (#25) 86abe39491 
Add audit service integration to secrets service — every secret access
is logged via Audit Service Append RPC with AUDIT_ACTION_SECRET_ACCESS.
Secret names are SHA-256 hashed in audit logs. Audit connection is
optional and gracefully degrades if unavailable.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
shahondin1624 merged commit 0ccc0e30a3 into main 2026-03-09 08:09:32 +01:00
shahondin1624 deleted branch feature/issue-25-get-secret-endpoint 2026-03-09 08:09:32 +01:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
cat:agent
Agent related
 cat:cross-cutting
Cross-cutting concern
 cat:deployment
Deployment related
 cat:devops
DevOps related
 cat:performance
Performance related
 cat:security
Security related
 cat:tech-debt
Technical debt from code reviews
 lang:protobuf
Protocol Buffers
 lang:python
Python language
 lang:rust
Rust language
 priority:critical
Critical priority
 priority:high
High priority
 priority:low
Low priority
 priority:medium
Medium priority
 service:audit
Audit service
 service:memory
Memory service
 service:model-gateway
Model Gateway service
 service:orchestrator
Orchestrator service
 service:search
Search service
 service:secrets
Secrets service
 service:tool-broker
Tool Broker service
 type:bug
Bug fix
 type:documentation
Docs
 type:feature
New functionality
 type:infrastructure
Build tooling, project setup
 type:refactor
Restructuring
 type:research
Investigation, benchmarking
 type:testing
Tests
 workflow:blocked
Blocked after max retries
 workflow:manual
Requires manual intervention — blocked from auto-dev
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
shahondin1624
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: llm-multiverse/llm-multiverse#109
Delete Branch "feature/issue-25-get-secret-endpoint"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?