policy audit logging initialization query
185 views
Skip to first unread message
Rameshreddy Mudhireddy
Jul 6, 2025, 8:24:32 PMJul 6
to grpc.io
Hi grpc-team,
we support hitless restart of the grpc service for any configuration changes and policy audit logging interface has the following comment.
// Registers an audit logger factory. This should only be called during
// initialization.
void RegisterAuditLoggerFactory(std::unique_ptr<AuditLoggerFactory> factory);
// initialization.
void RegisterAuditLoggerFactory(std::unique_ptr<AuditLoggerFactory> factory);
Hitless restart of the service for any changes in the policy audit logging name is running into an assert and requires a process restart.
Init sequence:
RegisterAuditLoggerFactory(...)
server_data = new ::pi::server::ServerData();
server_data->builder.experimental().SetAuthorizationPolicyProvider(provider);
server_data->builder.experimental().SetAuthorizationPolicyProvider(provider);
server_data->builder.BuildAndStart();
shutdown sequence:
server_data->server->Shutdown(<5 sec deadline>);
delete server_data;
Issue:
E0706 17:12:26.951911933 385451 audit_logging.cc:57] ASSERTION FAILED: registry->logger_factories_map_.emplace(name, std::move(factory)).second
Is there any way to avoid process restart for any of the policy audit logging config changes? Appreciate your input.
Thank you,
Ramesh
Luwei Ge
Jul 11, 2025, 2:22:40 PMJul 11
to grpc.io
Hi Ramesh,
I am not sure if I fully understand your problem. Are you restarting the gRPC server within your process? If so, I think you need to call RegisterAuditLoggerFactory again, if you didn't.
Best,
Luwei
Rameshreddy Mudhireddy
Jul 11, 2025, 9:16:44 PMJul 11
to grpc.io
Hi Luwei,
"Are you restarting the gRPC server within your process?"
Yes
"need to call RegisterAuditLoggerFactory again"
Yes, did call RegisterAuditLoggerFactory again and it is running into the above mentioned grpc assert.
Thank you for your attention on this.
Rameshreddy Mudhireddy
Jul 11, 2025, 10:16:33 PMJul 11
to grpc.io
Test case is:
If the server is setup with the following config:
"audit_logging_options": {
"audit_condition": "ON_DENY_AND_ALLOW",
"audit_loggers": [
{
"name": "foo"
}
]
}
"audit_condition": "ON_DENY_AND_ALLOW",
"audit_loggers": [
{
"name": "foo"
}
]
}
Any subsequent grpc service restarts will run into assert. That can be worked-around by applications by maintaining last registered "name" handle and only call into it if there is any update but that is not ideal. If the config is changing to
"audit_logging_options": {
"audit_condition": "ON_DENY",
"audit_loggers": [
{
"name": "bar"
}
]
}
"audit_condition": "ON_DENY",
"audit_loggers": [
{
"name": "bar"
}
]
}
then there is no way to avoid the assert. May be I am missing something?
Thanks,
Ramesh
Luwei Ge
Jul 14, 2025, 11:35:29 AMJul 14
to grpc.io
The intent of the Register... API is that all audit loggers that may be used should have been registered from the very beginning, because custom loggers can possibly be custom implementations which need to be compiled and built into the application binary. So I think the correct way to run your test is to register both "foo" and "bar" at the beginning of all test cases. Let me know if there is any problem with that.
Best,
Luwei
Rameshreddy Mudhireddy
Aug 12, 2025, 8:23:16 PMAug 12
to grpc.io
Hi Luwei,
"all audit loggers that may be used should have been registered from the very beginning" is very rigid, also it is not possible to know beforehand because it comes from customer defined "policy.json" input and it doesn't play well with the "hitless restart of the grpc service for any configuration changes" design we have. Any possible work-around to deal with this is appreciated.
P.S: sorry for delayed response (was on Vacation)
Regards
Ramesh
Rameshreddy Mudhireddy
Aug 28, 2025, 5:25:52 PMAug 28
to grpc.io
fyi, filed https://github.com/grpc/grpc/issues/40576
Reply all
Reply to author
Forward
0 new messages