Fixes #28770: write server audit entries to audit.log

[harshach]

Describe your changes:

Fixes #28770

Server audit logging to audit.log silently broke in #23733: gutting AuditEventHandler removed the only emitter of the AUDIT SLF4J marker, so the audit.log appender (guarded by audit-only-filter-factory) still creates the file at startup but never writes a line to it. I re-emit each audit entry through the AUDIT-marked logger from AuditLogRepository.write() — the single chokepoint all audit records flow through — gated on a successful, non-duplicate DB insert so the publisher + consumer dual-write path (and multi-server replays) can't double-log. The emitted line is a compact one-line summary at INFO, not the full ChangeEvent JSON (which can be 1–2 MB/event).

Type of change:

• Bug fix

High-level design:

AuditLogDAO.insert now returns rows-affected (int); since the insert is idempotent (ON CONFLICT DO NOTHING / INSERT IGNORE), the file line is emitted only when > 0, giving exactly-once file logging that matches the DB's exactly-once semantics. Config hardening in conf/openmetadata.yaml: pin the audit logger to INFO so capture is independent of the global LOG_LEVEL, and add audit-exclude-filter-factory to the console appender so audit lines land only in audit.log. The DB-backed audit subsystem (REST API + UI) is unchanged.

Tests:

Use cases covered

• A supported audit event (entity CRUD / login) is written as one line to audit.log.
• A duplicate write (publisher + consumer replay of the same change event) does not produce a second audit line.

Unit tests

• I added unit tests for the new/changed logic.
• Files added/updated: openmetadata-service/src/test/java/org/openmetadata/service/audit/AuditLogRepositoryTest.java — asserts the AUDIT marker is emitted on insert, and suppressed when the insert is de-duplicated (gate). Pure unit tests (mocked DAO + in-memory logback ListAppender), no DB/container.

Backend integration tests

• Not applicable (no backend API changes; the existing AuditLogResourceIT covers the DB-backed path).

Ingestion integration tests

• Not applicable (no ingestion changes).

Playwright (UI) tests

• Not applicable (no UI changes).

Manual testing performed

1. mvn -pl openmetadata-service test -Dtest=AuditLogRepositoryTest — 2/2 pass; observed the INFO + AUDIT summary line emitted on insert and suppressed on dedup.
2. mvn -pl openmetadata-service test -Dtest=LoggingConfigurationYamlTest — 2/2 pass; confirms the edited conf/openmetadata.yaml parses in both text and JSON logging modes.
3. mvn spotless:apply -pl openmetadata-service — clean.

UI screen recording / screenshots:

Not applicable.

Checklist:

• I have read the CONTRIBUTING document.
• My PR title is Fixes <issue-number>: <short explanation>
• My PR is linked to a GitHub issue via Fixes #<issue-number> above.
• I have commented on my code, particularly in hard-to-understand areas.
• I have added tests (unit / integration / Playwright as applicable) and listed them above.

• I have added a test that covers the exact scenario we are fixing. For complex issues, comment the issue number in the test for future reference.

[github-actions]

✅ PR checks passed

The linked issue has a description and all required Shipping project fields set. Thanks!

[github-actions]

🔴 Playwright Results — 1 failure(s), 14 flaky

✅ 4274 passed · ❌ 1 failed · 🟡 14 flaky · ⏭️ 88 skipped

Shard	Passed	Failed	Flaky	Skipped
🟡 Shard 1	300	0	1	4
🟡 Shard 2	806	0	3	9
🔴 Shard 3	804	1	2	8
🟡 Shard 4	843	0	4	12
🟡 Shard 5	720	0	1	47
🟡 Shard 6	801	0	3	8

Genuine Failures (failed on all attempts)

❌ Flow/ExploreAggregationCountsMatching.spec.ts › should verify left panel counts and tab search results for normal search (shard 3)

Error: Tab "topic" search total hits should match the aggregation count

�[2mexpect(�[22m�[31mreceived�[39m�[2m).�[22mtoBe�[2m(�[22m�[32mexpected�[39m�[2m) // Object.is equality�[22m

Expected: �[32m4�[39m
Received: �[31m24�[39m

🟡 14 flaky test(s) (passed on retry)

• Pages/AuditLogs.spec.ts › should apply both User and EntityType filters simultaneously (shard 1, 1 retry)
• Features/ColumnBulkOperations.spec.ts › should navigate through pages (shard 2, 1 retry)
• Features/Container.spec.ts › grandparent Deleted toggle returns empty — deleted grandchild does not bubble up (shard 2, 1 retry)
• Features/DataQuality/ColumnLevelTests.spec.ts › Column Values To Not Match Regex (shard 2, 1 retry)
• Features/KnowledgeCenterTextEditor.spec.ts › Rich Text Editor - Advanced Blocks (shard 3, 1 retry)
• Features/Workflows/WorkflowOssRestrictions.spec.ts › editing a form field and saving node config then workflow fires PUT API with updated data (shard 3, 1 retry)
• Flow/PersonaDeletionUserProfile.spec.ts › User profile loads correctly before and after persona deletion (shard 4, 1 retry)
• Pages/CustomProperties.spec.ts › String (shard 4, 1 retry)
• Pages/CustomProperties.spec.ts › Hyperlink (shard 4, 1 retry)
• Pages/Domains.spec.ts › Rename domain with owners and experts preserves assignments (shard 4, 1 retry)
• Pages/ExplorePageRightPanel_KnowledgeCenter.spec.ts › Should remove user owner for knowledgeCenter (shard 5, 1 retry)
• Pages/Lineage/LineageFilters.spec.ts › Verify lineage service type filter selection (shard 6, 1 retry)
• Pages/Lineage/LineageFilters.spec.ts › Verify lineage schema filter selection (shard 6, 1 retry)
• Pages/UserDetails.spec.ts › Admin user can get all the roles hierarchy and edit roles (shard 6, 1 retry)

📦 Download artifacts

How to debug locally

# Download playwright-test-results-<shard> artifact and unzip
npx playwright show-trace path/to/trace.zip    # view trace

[sonarqubecloud]

Quality Gate passed for 'open-metadata-ingestion'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[gitar-bot]

Code Review ✅ Approved

Restores audit logging by re-emitting audit entries through an AUDIT-marked logger within AuditLogRepository.write(), using row-affected gating to ensure exactly-once file writes without duplicate logging.

Options

Display: compact → Showing less information.

Comment with these commands to change:

Compact

gitar display:verbose

_{Was this helpful? React with 👍 / 👎 | Gitar}

[github-actions]

Failed to cherry-pick changes to the 1.13 branch.
Please cherry-pick the changes manually.
You can find more details here.

[github-actions]

Failed to cherry-pick changes to the 1.12.11 branch.
Please cherry-pick the changes manually.
You can find more details here.