Add mock file audit backend

2026-06-01 23:44:03 +02:00
parent a3129afa42
commit afa15cd1b9
9 changed files with 353 additions and 1 deletions
--- a/README.md
+++ b/README.md
@@ -1 +1,47 @@
-Reliable multi-tenant auto setup audit capability
+Reliable multi-tenant auto setup audit capability
+
+## Development Mock Backend
+
+The first implementation is intentionally tiny: a replaceable audit interface
+with a mock file backend.
+
+By default it writes JSONL audit events to:
+
+```text
+/tmp/audit-core/audit-YYYYMMDDTHH.jsonl
+```
+
+Files older than 7 days are removed when the backend writes or when cleanup is
+run explicitly. This backend is for local integration and bootstrap wiring. It
+is not durable audit custody.
+
+Example:
+
+```bash
+python3 -m audit_core emit \
+  --source openbao \
+  --action openbao.authenticated_readiness_proof \
+  --resource openbao/openbao-0 \
+  --outcome success \
+  --detail file_audit_visible=true \
+  --detail backend=mock-file
+```
+
+Cleanup:
+
+```bash
+python3 -m audit_core cleanup
+```
+
+Make targets:
+
+```bash
+make test
+make mock-audit-smoke
+make mock-audit-cleanup
+```
+
+Environment:
+
+- `AUDIT_CORE_MOCK_DIR`: override the output directory.
+- `AUDIT_CORE_MOCK_RETENTION_DAYS`: override the default 7-day cleanup window.