add flushing of pghistory entries

Author: valentijnscholten

docker-compose.yml

@@ -53,7 +53,6 @@ services:
       DD_SECRET_KEY: "${DD_SECRET_KEY:-hhZCp@D28z!n@NED*yB!ROMt+WzsY*iq}"
       DD_CREDENTIAL_AES_256_KEY: "${DD_CREDENTIAL_AES_256_KEY:-&91a*agLqesc*0DJ+2*bAbsUZfR*4nLw}"
       DD_DATABASE_READINESS_TIMEOUT: "${DD_DATABASE_READINESS_TIMEOUT:-30}"
-      DD_AUDITLOG_TYPE: "${DD_AUDITLOG_TYPE:-django-auditlog}"
     volumes:
         - type: bind
           source: ./docker/extra_settings
@@ -75,7 +74,6 @@ services:
       DD_SECRET_KEY: "${DD_SECRET_KEY:-hhZCp@D28z!n@NED*yB!ROMt+WzsY*iq}"
       DD_CREDENTIAL_AES_256_KEY: "${DD_CREDENTIAL_AES_256_KEY:-&91a*agLqesc*0DJ+2*bAbsUZfR*4nLw}"
       DD_DATABASE_READINESS_TIMEOUT: "${DD_DATABASE_READINESS_TIMEOUT:-30}"
-      DD_AUDITLOG_TYPE: "${DD_AUDITLOG_TYPE:-django-auditlog}"
     volumes:
         - type: bind
           source: ./docker/extra_settings
@@ -96,7 +94,6 @@ services:
       DD_SECRET_KEY: "${DD_SECRET_KEY:-hhZCp@D28z!n@NED*yB!ROMt+WzsY*iq}"
       DD_CREDENTIAL_AES_256_KEY: "${DD_CREDENTIAL_AES_256_KEY:-&91a*agLqesc*0DJ+2*bAbsUZfR*4nLw}"
       DD_DATABASE_READINESS_TIMEOUT: "${DD_DATABASE_READINESS_TIMEOUT:-30}"
-      DD_AUDITLOG_TYPE: "${DD_AUDITLOG_TYPE:-django-auditlog}"
     volumes:
         - type: bind
           source: ./docker/extra_settings
@@ -118,7 +115,6 @@ services:
       DD_SECRET_KEY: "${DD_SECRET_KEY:-hhZCp@D28z!n@NED*yB!ROMt+WzsY*iq}"
       DD_CREDENTIAL_AES_256_KEY: "${DD_CREDENTIAL_AES_256_KEY:-&91a*agLqesc*0DJ+2*bAbsUZfR*4nLw}"
       DD_DATABASE_READINESS_TIMEOUT: "${DD_DATABASE_READINESS_TIMEOUT:-30}"
-      DD_AUDITLOG_TYPE: "${DD_AUDITLOG_TYPE:-django-auditlog}"
     volumes:
         - type: bind
           source: ./docker/extra_settings

dojo/auditlog.py

@@ -7,10 +7,10 @@
 import contextlib
 import logging
 import sys
-from datetime import date, datetime, time
 
 import pghistory
 from dateutil.relativedelta import relativedelta
+from django.apps import apps
 from django.conf import settings
 from django.core.management import call_command
 from django.db import models
@@ -19,51 +19,122 @@
 logger = logging.getLogger(__name__)
 
 
-def run_flush_auditlog(retention_period: int | None = None,
-                       batch_size: int | None = None,
-                       max_batches: int | None = None) -> tuple[int, int, bool]:
+def _flush_models_in_batches(models_to_flush, timestamp_field: str, retention_period: int, batch_size: int, max_batches: int, *, dry_run: bool = False) -> tuple[int, int, bool]:
     """
-    Deletes audit log entries older than the configured retention period.
+    Generic batched deletion by timestamp for a set of models.
 
-    Returns a tuple of (deleted_total, batches_done, reached_limit).
+    Returns (deleted_or_would_delete_total, batches_done_or_needed, reached_limit)
     """
+    # Use a timestamp and not a date. this allows for efficient databse index use.
+    cutoff_dt = timezone.now() - relativedelta(months=retention_period)
+    logger.info("Audit flush cutoff datetime: %s (retention_period=%s months)", cutoff_dt, retention_period)
+
+    total_deleted = 0
+    total_batches = 0
+    reached_any_limit = False
+
+    for Model in models_to_flush:
+        deleted_total = 0
+        batches_done = 0
+        filter_kwargs = {f"{timestamp_field}__lt": cutoff_dt}
+        last_pk = None
+        verb = "Would delete" if dry_run else "Deleted"
+
+        while batches_done < max_batches:
+            batch_qs = Model.objects.filter(**filter_kwargs)
+            if last_pk is not None:
+                batch_qs = batch_qs.filter(pk__gt=last_pk)
+            batch_qs = batch_qs.order_by("pk")
+
+            pks = list(batch_qs.values_list("pk", flat=True)[:batch_size])
+            if not pks:
+                if batches_done == 0:
+                    logger.info("No outdated %s entries found", Model._meta.object_name)
+                break
+
+            if dry_run:
+                deleted_count = len(pks)
+            else:
+                qs = Model.objects.filter(pk__in=pks)
+                deleted_count = int(qs._raw_delete(qs.db))
+
+            deleted_total += deleted_count
+            batches_done += 1
+            last_pk = pks[-1]
+
+            logger.info(
+                "%s %s batch %s (size ~%s), total %s: %s",
+                verb,
+                Model._meta.object_name,
+                batches_done,
+                batch_size,
+                verb.lower(),
+                deleted_total,
+            )
+
+        total_deleted += deleted_total
+        total_batches += batches_done
+        if batches_done >= max_batches:
+            reached_any_limit = True
+
+    return total_deleted, total_batches, reached_any_limit
+
+
+def _flush_django_auditlog(retention_period: int, batch_size: int, max_batches: int, *, dry_run: bool = False) -> tuple[int, int, bool]:
     # Import inside to avoid model import issues at startup
     from auditlog.models import LogEntry  # noqa: PLC0415
 
+    return _flush_models_in_batches([LogEntry], "timestamp", retention_period, batch_size, max_batches, dry_run=dry_run)
+
+
+def _iter_pghistory_event_models():
+    """Yield pghistory Event models registered under the dojo app."""
+    for model in apps.get_app_config("dojo").get_models():
+        if model._meta.object_name.endswith("Event"):
+            # Ensure the model has pgh_created_at field
+            if any(f.name == "pgh_created_at" for f in model._meta.fields):
+                yield model
+
+
+def _flush_pghistory_events(retention_period: int, batch_size: int, max_batches: int, *, dry_run: bool = False) -> tuple[int, int, bool]:
+    models_to_flush = list(_iter_pghistory_event_models())
+    return _flush_models_in_batches(models_to_flush, "pgh_created_at", retention_period, batch_size, max_batches, dry_run=dry_run)
+
+
+def run_flush_auditlog(retention_period: int | None = None,
+                       batch_size: int | None = None,
+                       max_batches: int | None = None,
+                       *,
+                       dry_run: bool = False) -> tuple[int, int, bool]:
+    """
+    Deletes audit entries older than the configured retention from both
+    django-auditlog and django-pghistory log entries.
+
+    Returns a tuple of (deleted_total, batches_done, reached_limit).
+    """
     retention_period = retention_period if retention_period is not None else getattr(settings, "AUDITLOG_FLUSH_RETENTION_PERIOD", -1)
     if retention_period < 0:
-        logger.info("Flushing auditlog is disabled")
+        logger.info("Flushing audit logs is disabled")
         return 0, 0, False
 
-    logger.info("Running Cleanup Task for Logentries with %d Months retention", retention_period)
-    retention_day = date.today() - relativedelta(months=retention_period)
-    cutoff_dt = datetime.combine(retention_day, time.min, tzinfo=timezone.get_current_timezone())
-
     batch_size = batch_size if batch_size is not None else getattr(settings, "AUDITLOG_FLUSH_BATCH_SIZE", 1000)
     max_batches = max_batches if max_batches is not None else getattr(settings, "AUDITLOG_FLUSH_MAX_BATCHES", 100)
 
-    deleted_total = 0
-    batches_done = 0
-    while batches_done < max_batches:
-        batch_qs = LogEntry.objects.filter(timestamp__lt=cutoff_dt).order_by("pk")
-        pks = list(batch_qs.values_list("pk", flat=True)[:batch_size])
-        if not pks:
-            if batches_done == 0:
-                logger.info("No outdated Logentries found")
-            break
-        qs = LogEntry.objects.filter(pk__in=pks)
-        deleted_count = qs._raw_delete(qs.db)
-        deleted_total += int(deleted_count)
-        batches_done += 1
-        logger.info("Deleted batch %s (size ~%s), total deleted: %s", batches_done, batch_size, deleted_total)
-
-    reached_limit = batches_done >= max_batches
-    if reached_limit:
-        logger.info("Reached max batches limit (%s). Remaining audit log entries will be deleted in the next run.", max_batches)
-    else:
-        logger.info("Total number of audit log entries deleted: %s", deleted_total)
+    phase = "DRY RUN" if dry_run else "Cleanup"
+    logger.info("Running %s for django-auditlog entries with %d Months retention across all backends", phase, retention_period)
+    d_deleted, d_batches, d_limit = _flush_django_auditlog(retention_period, batch_size, max_batches, dry_run=dry_run)
+    logger.info("Running %s for django-pghistory entries with %d Months retention across all backends", phase, retention_period)
+    p_deleted, p_batches, p_limit = _flush_pghistory_events(retention_period, batch_size, max_batches, dry_run=dry_run)
+
+    total_deleted = d_deleted + p_deleted
+    total_batches = d_batches + p_batches
+    reached_limit = bool(d_limit or p_limit)
+
+    verb = "would delete" if dry_run else "deleted"
+    logger.info("Audit flush summary: django-auditlog %s=%s batches=%s; pghistory %s=%s batches=%s; total_%s=%s total_batches=%s",
+                verb, d_deleted, d_batches, verb, p_deleted, p_batches, verb.replace(" ", "_"), total_deleted, total_batches)
 
-    return deleted_total, batches_done, reached_limit
+    return total_deleted, total_batches, reached_limit
 
 
 def enable_django_auditlog():

dojo/management/commands/flush_auditlog.py

@@ -10,18 +10,16 @@ def add_arguments(self, parser):
         parser.add_argument("--retention-months", type=int, default=None, help="Override retention period in months")
         parser.add_argument("--batch-size", type=int, default=None, help="Override batch size")
         parser.add_argument("--max-batches", type=int, default=None, help="Override max batches per run")
+        parser.add_argument("--dry-run", action="store_true", help="Only show how many entries would be deleted")
 
     def handle(self, *args, **options):
         deleted_total, batches_done, reached_limit = run_flush_auditlog(
             retention_period=options.get("retention_months"),
             batch_size=options.get("batch_size"),
             max_batches=options.get("max_batches"),
+            dry_run=options.get("dry_run", False),
         )
-        if reached_limit:
-            self.stdout.write(self.style.WARNING(
-                f"Reached max batches limit; deleted {deleted_total} entries in {batches_done} batches.",
-            ))
-        else:
-            self.stdout.write(self.style.SUCCESS(
-                f"Deleted {deleted_total} audit log entries in {batches_done} batches.",
-            ))
+        verb = "Would delete" if options.get("dry_run") else "Deleted"
+        style = self.style.WARNING if options.get("dry_run") else self.style.SUCCESS
+        suffix = " (reached max batches)" if reached_limit else ""
+        self.stdout.write(style(f"{verb} {deleted_total} audit log entries in {batches_done} batches{suffix}."))

dojo/settings/settings.dist.py

@@ -318,7 +318,7 @@
     # a big performance hit. Especially during (re-)imports.
     DD_ENABLE_AUDITLOG=(bool, True),
     # Audit logging system: "django-auditlog" (default) or "django-pghistory"
-    DD_AUDITLOG_TYPE=(str, "django-auditlog"),
+    DD_AUDITLOG_TYPE=(str, "django-pghistory"),
     # Specifies whether the "first seen" date of a given report should be used over the "last seen" date
     DD_USE_FIRST_SEEN=(bool, False),
     # When set to True, use the older version of the qualys parser that is a more heavy handed in setting severity
@@ -1187,7 +1187,7 @@ def saml2_attrib_map_format(din):
     },
     "flush_auditlog": {
         "task": "dojo.tasks.flush_auditlog",
-        "schedule": timedelta(minutes=1),
+        "schedule": timedelta(hours=8),
     },
     "update-findings-from-source-issues": {
         "task": "dojo.tools.tool_issue_updater.update_findings_from_source_issues",