From f275bb34ba1d117edb0b9117bd4ff444a78495a3 Mon Sep 17 00:00:00 2001
From: Noah Stride <noah.stride@goteleport.com>
Date: Mon, 2 Dec 2024 16:40:46 +0000
Subject: [PATCH] Wire up audit events

---
 api/types/constants.go     |  3 +++
 api/types/events/events.go | 12 ++++++++++++
 api/types/events/oneof.go  | 12 ++++++++++++
 lib/events/api.go          |  7 +++++++
 lib/events/codes.go        |  7 +++++++
 lib/events/dynamic.go      |  7 +++++++
 lib/events/events_test.go  |  3 +++
 7 files changed, 51 insertions(+)

diff --git a/api/types/constants.go b/api/types/constants.go
index e8beb81d0bec0..8d969976f590f 100644
--- a/api/types/constants.go
+++ b/api/types/constants.go
@@ -597,6 +597,9 @@ const (
 	// for Teleport Enterprise customers.
 	KindContact = "contact"
 
+	// KindWorkloadIdentity is the WorkloadIdentity resource.
+	KindWorkloadIdentity = "workload_identity"
+
 	// KindGitServer represents a Git server that can proxy git commands.
 	KindGitServer = "git_server"
 	// SubKindGitHub specifies the GitHub subkind of a Git server.
diff --git a/api/types/events/events.go b/api/types/events/events.go
index 19cc44b5e8981..87271adbaefd8 100644
--- a/api/types/events/events.go
+++ b/api/types/events/events.go
@@ -2352,3 +2352,15 @@ func (m *AutoUpdateVersionUpdate) TrimToMaxSize(_ int) AuditEvent {
 func (m *AutoUpdateVersionDelete) TrimToMaxSize(_ int) AuditEvent {
 	return m
 }
+
+func (m *WorkloadIdentityCreate) TrimToMaxSize(_ int) AuditEvent {
+	return m
+}
+
+func (m *WorkloadIdentityUpdate) TrimToMaxSize(_ int) AuditEvent {
+	return m
+}
+
+func (m *WorkloadIdentityDelete) TrimToMaxSize(_ int) AuditEvent {
+	return m
+}
diff --git a/api/types/events/oneof.go b/api/types/events/oneof.go
index 6e856b3c5f2b2..8f3c73e7ceb24 100644
--- a/api/types/events/oneof.go
+++ b/api/types/events/oneof.go
@@ -790,6 +790,18 @@ func ToOneOf(in AuditEvent) (*OneOf, error) {
 		out.Event = &OneOf_AutoUpdateVersionDelete{
 			AutoUpdateVersionDelete: e,
 		}
+	case *WorkloadIdentityCreate:
+		out.Event = &OneOf_WorkloadIdentityCreate{
+			WorkloadIdentityCreate: e,
+		}
+	case *WorkloadIdentityUpdate:
+		out.Event = &OneOf_WorkloadIdentityUpdate{
+			WorkloadIdentityUpdate: e,
+		}
+	case *WorkloadIdentityDelete:
+		out.Event = &OneOf_WorkloadIdentityDelete{
+			WorkloadIdentityDelete: e,
+		}
 	default:
 		slog.ErrorContext(context.Background(), "Attempted to convert dynamic event of unknown type into protobuf event.", "event_type", in.GetType())
 		unknown := &Unknown{}
diff --git a/lib/events/api.go b/lib/events/api.go
index 20b72ddd2e5f9..92eafcff2b8d9 100644
--- a/lib/events/api.go
+++ b/lib/events/api.go
@@ -838,6 +838,13 @@ const (
 	AutoUpdateVersionUpdateEvent = "auto_update_version.update"
 	// AutoUpdateVersionDeleteEvent is emitted when a AutoUpdateVersion resource is deleted.
 	AutoUpdateVersionDeleteEvent = "auto_update_version.delete"
+
+	// WorkloadIdentityCreateEvent is emitted when a WorkloadIdentity resource is created.
+	WorkloadIdentityCreateEvent = "workload_identity.create"
+	// WorkloadIdentityUpdateEvent is emitted when a WorkloadIdentity resource is updated.
+	WorkloadIdentityUpdateEvent = "workload_identity.update"
+	// WorkloadIdentityDeleteEvent is emitted when a WorkloadIdentity resource is deleted.
+	WorkloadIdentityDeleteEvent = "workload_identity.delete"
 )
 
 // Add an entry to eventsMap in lib/events/events_test.go when you add
diff --git a/lib/events/codes.go b/lib/events/codes.go
index fa8c284fe925b..bb916ea2df543 100644
--- a/lib/events/codes.go
+++ b/lib/events/codes.go
@@ -669,6 +669,13 @@ const (
 	// AutoUpdateVersionDeleteCode is the auto update version delete event code.
 	AutoUpdateVersionDeleteCode = "AUV003I"
 
+	// WorkloadIdentityCreateCode is the workload identity create event code.
+	WorkloadIdentityCreateCode = "WID001I"
+	// WorkloadIdentityUpdateCode is the workload identity update event code.
+	WorkloadIdentityUpdateCode = "WID002I"
+	// WorkloadIdentityDeleteCode is the workload identity delete event code.
+	WorkloadIdentityDeleteCode = "WID003I"
+
 	// UnknownCode is used when an event of unknown type is encountered.
 	UnknownCode = apievents.UnknownCode
 )
diff --git a/lib/events/dynamic.go b/lib/events/dynamic.go
index 476528255e5ba..bf9b9a295d8ea 100644
--- a/lib/events/dynamic.go
+++ b/lib/events/dynamic.go
@@ -462,6 +462,13 @@ func FromEventFields(fields EventFields) (events.AuditEvent, error) {
 		e = &events.AutoUpdateVersionUpdate{}
 	case AutoUpdateVersionDeleteEvent:
 		e = &events.AutoUpdateVersionDelete{}
+
+	case WorkloadIdentityCreateEvent:
+		e = &events.WorkloadIdentityCreate{}
+	case WorkloadIdentityUpdateEvent:
+		e = &events.WorkloadIdentityUpdate{}
+	case WorkloadIdentityDeleteEvent:
+		e = &events.WorkloadIdentityDelete{}
 	default:
 		slog.ErrorContext(context.Background(), "Attempted to convert dynamic event of unknown type into protobuf event.", "event_type", eventType)
 		unknown := &events.Unknown{}
diff --git a/lib/events/events_test.go b/lib/events/events_test.go
index d304a65ddd4bc..a806eccda3295 100644
--- a/lib/events/events_test.go
+++ b/lib/events/events_test.go
@@ -242,6 +242,9 @@ var eventsMap = map[string]apievents.AuditEvent{
 	AutoUpdateVersionCreateEvent:                &apievents.AutoUpdateVersionCreate{},
 	AutoUpdateVersionUpdateEvent:                &apievents.AutoUpdateVersionUpdate{},
 	AutoUpdateVersionDeleteEvent:                &apievents.AutoUpdateVersionDelete{},
+	WorkloadIdentityCreateEvent:                 &apievents.WorkloadIdentityCreate{},
+	WorkloadIdentityUpdateEvent:                 &apievents.WorkloadIdentityUpdate{},
+	WorkloadIdentityDeleteEvent:                 &apievents.WorkloadIdentityDelete{},
 }
 
 // TestJSON tests JSON marshal events