e9713cb1a7
- Add AuditLogWriter with SHA-256 hash chain for tamper evidence - Add fsync after every write for durability guarantee - Add file rotation by size with configurable max files - Add hash chain recovery on service restart - Switch to serde_json for proper JSON serialization - 16 tests pass, clippy clean Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
1.8 KiB
1.8 KiB
Implementation Plan — Issue #19: Implement append-only file log backend
Metadata
| Field | Value |
|---|---|
| Issue | #19 |
| Title | Implement append-only file log backend |
| Milestone | Phase 2: Audit Service |
| Labels | type:feature, priority:critical, lang:rust, service:audit |
| Status | COMPLETED |
| Language | Rust |
| Related Plans | issue-018.md |
| Blocked by | #18 (completed) |
Acceptance Criteria
- Append-only file writer with JSON lines format
- Each entry includes timestamp, actor, action, resource, session context
- fsync after each write for durability
- File rotation support (by size)
- Tamper-evident: SHA-256 hash chain (_prev_hash, _hash fields)
Architecture Analysis
Extracted AuditLogWriter from service.rs into dedicated module. Key features:
- Hash chain: Each entry includes SHA-256(_prev_hash + entry_json) for tamper evidence
- fsync:
sync_data()called after every write for durability guarantee - Rotation: When file exceeds
max_file_size, rotates .log → .log.1 → .log.2 etc. - Recovery: On restart, recovers prev_hash from last line of existing log
- Serialization: Uses serde_json for proper JSON output with special character handling
Files to Create/Modify
| File | Action | Purpose |
|---|---|---|
services/audit/src/log_writer.rs |
Create | AuditLogWriter with rotation and hash chain |
services/audit/src/service.rs |
Modify | Use AuditLogWriter, serde_json serialization |
services/audit/src/main.rs |
Modify | Wire up log writer with config |
services/audit/src/config.rs |
Modify | Add rotation config fields |
services/audit/Cargo.toml |
Modify | Add sha2, serde_json dependencies |
Deviation Log
(No deviations)