Why Use This
This skill provides specialized capabilities for TencentBlueKing's codebase.
Use Cases
- Developing new features in the TencentBlueKing repository
- Refactoring existing code to follow TencentBlueKing standards
- Understanding and working with TencentBlueKing's codebase structure
Skill Snapshot
Auto scan of skill assets. Informational only.
Valid SKILL.md
Checks against SKILL.md specification
Source & Community
Updated At Jan 9, 2026, 09:52 AM
Skill Stats
SKILL.md 118 Lines
Total Files 1
Total Size 0 B
License NOASSERTION
---
name: 20-audit-logging
description: 审计日志指南,涵盖操作审计记录、用户行为追踪、敏感操作日志、审计日志存储、合规性要求。当用户实现审计功能、记录用户操作、追踪敏感行为或满足合规要求时使用。
---
# 审计日志
审计日志指南.
## 触发条件
当用户需要实现操作审计、合规记录、行为追踪时,使用此 Skill。
## ActionAuditContent
```kotlin
object ActionAuditContent {
// 项目相关
const val PROJECT_CREATE_TEMPLATE = "[%s]创建项目[%s]"
const val PROJECT_UPDATE_TEMPLATE = "[%s]更新项目[%s]"
const val PROJECT_DELETE_TEMPLATE = "[%s]删除项目[%s]"
// 流水线相关
const val PIPELINE_CREATE_TEMPLATE = "[%s]在项目[%s]创建流水线[%s]"
const val PIPELINE_EDIT_TEMPLATE = "[%s]编辑流水线[%s]"
const val PIPELINE_DELETE_TEMPLATE = "[%s]删除流水线[%s]"
const val PIPELINE_EXECUTE_TEMPLATE = "[%s]执行流水线[%s]"
// 权限相关
const val PERMISSION_GRANT_TEMPLATE = "[%s]授予[%s]权限[%s]"
const val PERMISSION_REVOKE_TEMPLATE = "[%s]撤销[%s]权限[%s]"
}
```
## 审计记录
```kotlin
@Service
class AuditService(
private val auditDao: AuditDao
) {
fun record(
userId: String,
action: String,
resourceType: String,
resourceId: String,
content: String,
projectId: String? = null
) {
val audit = AuditRecord(
id = UUIDUtil.generate(),
userId = userId,
action = action,
resourceType = resourceType,
resourceId = resourceId,
content = content,
projectId = projectId,
createTime = LocalDateTime.now(),
clientIp = getClientIp()
)
auditDao.save(audit)
}
}
```
## 使用示例
```kotlin
@Service
class PipelineService(
private val auditService: AuditService
) {
fun createPipeline(userId: String, projectId: String, pipeline: Pipeline): String {
// 创建流水线
val pipelineId = doCreate(pipeline)
// 记录审计
auditService.record(
userId = userId,
action = "CREATE",
resourceType = "PIPELINE",
resourceId = pipelineId,
content = String.format(
ActionAuditContent.PIPELINE_CREATE_TEMPLATE,
userId, projectId, pipeline.name
),
projectId = projectId
)
return pipelineId
}
}
```
## 审计字段
| 字段 | 说明 |
|------|------|
| userId | 操作用户 |
| action | 操作类型(CREATE/UPDATE/DELETE/EXECUTE) |
| resourceType | 资源类型 |
| resourceId | 资源ID |
| content | 操作描述 |
| projectId | 项目ID |
| clientIp | 客户端IP |
| createTime | 操作时间 |
## 最佳实践
1. **关键操作**:记录所有敏感操作
2. **完整信息**:包含足够的上下文信息
3. **不可篡改**:审计日志只增不改
4. **定期归档**:定期归档历史审计数据
## 相关文件
- `common-audit/src/main/kotlin/com/tencent/devops/common/audit/`
