summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorVarun Ravichandran <varun.ravichandran@mongodb.com>2021-02-22 23:22:35 +0000
committerEvergreen Agent <no-reply@evergreen.mongodb.com>2021-03-11 00:54:35 +0000
commit125d31c2e444742a803e37071034f73c34c99fda (patch)
tree9fb10b50bc7818db8e99cfff137e8c00028e4f9e /src
parent634d4ba3e14c14d34b234af3a40ea1a14f95f2fb (diff)
downloadmongo-125d31c2e444742a803e37071034f73c34c99fda.tar.gz
SERVER-54209: Audit index build lifecycle events
Diffstat (limited to 'src')
-rw-r--r--src/mongo/db/audit.cpp4
-rw-r--r--src/mongo/db/audit.h4
-rw-r--r--src/mongo/db/catalog/SConscript2
-rw-r--r--src/mongo/db/catalog/index_build_block.cpp26
-rw-r--r--src/mongo/db/catalog/index_catalog_impl.cpp1
-rw-r--r--src/mongo/db/catalog/multi_index_block.cpp7
6 files changed, 33 insertions, 11 deletions
diff --git a/src/mongo/db/audit.cpp b/src/mongo/db/audit.cpp
index 60e826e91fb..7d376722003 100644
--- a/src/mongo/db/audit.cpp
+++ b/src/mongo/db/audit.cpp
@@ -149,7 +149,9 @@ void logLogout(Client* client,
void logCreateIndex(Client* client,
const BSONObj* indexSpec,
StringData indexname,
- const NamespaceString& nsname) {}
+ const NamespaceString& nsname,
+ StringData indexBuildState,
+ ErrorCodes::Error result) {}
void logCreateCollection(Client* client, const NamespaceString& nsname) {}
diff --git a/src/mongo/db/audit.h b/src/mongo/db/audit.h
index 5f0c3e329db..bb24e80e087 100644
--- a/src/mongo/db/audit.h
+++ b/src/mongo/db/audit.h
@@ -340,7 +340,9 @@ void logLogout(Client* client,
void logCreateIndex(Client* client,
const BSONObj* indexSpec,
StringData indexname,
- const NamespaceString& nsname);
+ const NamespaceString& nsname,
+ StringData indexBuildState,
+ ErrorCodes::Error result);
/**
* Logs the result of a createCollection command.
diff --git a/src/mongo/db/catalog/SConscript b/src/mongo/db/catalog/SConscript
index f598893d9c3..05310e34826 100644
--- a/src/mongo/db/catalog/SConscript
+++ b/src/mongo/db/catalog/SConscript
@@ -220,6 +220,7 @@ env.Library(
],
LIBDEPS=[
'$BUILD_DIR/mongo/base',
+ '$BUILD_DIR/mongo/db/audit',
'$BUILD_DIR/mongo/db/catalog/collection_query_info',
'$BUILD_DIR/mongo/db/index/index_descriptor',
'$BUILD_DIR/mongo/db/index_names',
@@ -265,7 +266,6 @@ env.Library(
],
LIBDEPS=[
'$BUILD_DIR/mongo/base',
- '$BUILD_DIR/mongo/db/audit',
'$BUILD_DIR/mongo/db/catalog_raii',
'$BUILD_DIR/mongo/db/concurrency/write_conflict_exception',
'$BUILD_DIR/mongo/db/curop',
diff --git a/src/mongo/db/catalog/index_build_block.cpp b/src/mongo/db/catalog/index_build_block.cpp
index 9bdc3fb8585..5d6012e0ac2 100644
--- a/src/mongo/db/catalog/index_build_block.cpp
+++ b/src/mongo/db/catalog/index_build_block.cpp
@@ -35,6 +35,7 @@
#include <vector>
+#include "mongo/db/audit.h"
#include "mongo/db/catalog/collection.h"
#include "mongo/db/catalog/uncommitted_collections.h"
#include "mongo/db/catalog_raii.h"
@@ -126,6 +127,15 @@ Status IndexBuildBlock::init(OperationContext* opCtx, Collection* collection) {
_indexName = descriptor->indexName();
+ // Since the index build block is being initialized, the index build for _indexName is
+ // beginning. Accordingly, emit an audit event indicating this.
+ audit::logCreateIndex(opCtx->getClient(),
+ &_spec,
+ _indexName,
+ collection->ns(),
+ "IndexBuildStarted",
+ ErrorCodes::OK);
+
bool isBackgroundIndex = _method == IndexBuildMethod::kHybrid;
bool isBackgroundSecondaryBuild = false;
if (auto replCoord = repl::ReplicationCoordinator::get(opCtx)) {
@@ -176,6 +186,14 @@ void IndexBuildBlock::fail(OperationContext* opCtx, Collection* collection) {
invariant(opCtx->lockState()->isCollectionLockedForMode(_nss, MODE_X));
+ // Audit that the index build is being aborted.
+ audit::logCreateIndex(opCtx->getClient(),
+ &_spec,
+ _indexName,
+ collection->ns(),
+ "IndexBuildAborted",
+ ErrorCodes::IndexBuildAborted);
+
auto indexCatalogEntry = getEntry(opCtx, collection);
if (indexCatalogEntry) {
invariant(collection->getIndexCatalog()->dropIndexEntry(opCtx, indexCatalogEntry).isOK());
@@ -210,6 +228,14 @@ void IndexBuildBlock::success(OperationContext* opCtx, Collection* collection) {
collection->indexBuildSuccess(opCtx, indexCatalogEntry);
auto svcCtx = opCtx->getClient()->getServiceContext();
+ // Before committing the index build, optimistically audit that the index build has succeeded.
+ audit::logCreateIndex(opCtx->getClient(),
+ &_spec,
+ _indexName,
+ collection->ns(),
+ "IndexBuildSucceeded",
+ ErrorCodes::OK);
+
opCtx->recoveryUnit()->onCommit(
[svcCtx,
indexName = _indexName,
diff --git a/src/mongo/db/catalog/index_catalog_impl.cpp b/src/mongo/db/catalog/index_catalog_impl.cpp
index 10928e53bed..b9b563627fe 100644
--- a/src/mongo/db/catalog/index_catalog_impl.cpp
+++ b/src/mongo/db/catalog/index_catalog_impl.cpp
@@ -521,7 +521,6 @@ StatusWith<BSONObj> IndexCatalogImpl::createIndexOnEmptyCollection(OperationCont
invariant(DurableCatalog::get(opCtx)->isIndexReady(
opCtx, _collection->getCatalogId(), descriptor->indexName()));
- audit::logCreateIndex(opCtx->getClient(), &spec, descriptor->indexName(), _collection->ns());
return spec;
}
diff --git a/src/mongo/db/catalog/multi_index_block.cpp b/src/mongo/db/catalog/multi_index_block.cpp
index 1bea1a2bb7e..54d8dd74aa8 100644
--- a/src/mongo/db/catalog/multi_index_block.cpp
+++ b/src/mongo/db/catalog/multi_index_block.cpp
@@ -37,7 +37,6 @@
#include "mongo/base/error_codes.h"
#include "mongo/bson/simple_bsonelement_comparator.h"
-#include "mongo/db/audit.h"
#include "mongo/db/catalog/collection.h"
#include "mongo/db/catalog/collection_catalog.h"
#include "mongo/db/catalog/multi_index_block_gen.h"
@@ -302,12 +301,6 @@ StatusWith<std::vector<BSONObj>> MultiIndexBlock::init(
eachIndexBuildMaxMemoryUsageBytes / 1024 / 1024);
index.filterExpression = indexCatalogEntry->getFilterExpression();
-
- if (!resumeInfo) {
- // TODO SERVER-14888 Suppress this in cases we don't want to audit.
- audit::logCreateIndex(
- opCtx->getClient(), &info, descriptor->indexName(), collection->ns());
- }
}
opCtx->recoveryUnit()->onCommit([ns = collection->ns(), this](auto commitTs) {
View Lorry Controller Status