Github actions setup (#41)

* agents

* Audit plugin CI workflow

* Update plugin-ci-workflow.yml

* Update plugin-ci-workflow.yml

* Update plugin-ci-workflow.yml

* Create copilot-instructions.md

Author: bmfmancini

.github/copilot-instructions.md

@@ -0,0 +1,100 @@
+# Cacti Audit Plugin AI Instructions
+
+## Architecture Overview
+This is a Cacti plugin that logs GUI and CLI activities to an audit trail. The plugin hooks into Cacti's event system to capture user actions.
+
+**Core Components:**
+- [`setup.php`](../setup.php): Plugin lifecycle (install/uninstall/upgrade) and hook registration via `api_plugin_register_hook()`
+- [`audit.php`](../audit.php): Web UI for viewing/exporting/purging audit logs; handles actions via `switch(get_request_var('action'))`
+- [`audit_functions.php`](../audit_functions.php): Core logging logic in `audit_config_insert()` and page-specific data extraction in `audit_process_page_data()`
+- Database: Single `audit_log` table with columns: `page`, `user_id`, `action`, `ip_address`, `user_agent`, `event_time`, `post` (JSON), `object_data` (JSON)
+
+**Data Flow:**
+1. Cacti triggers `config_insert` hook on POST requests → `audit_config_insert()` executes
+2. Function validates event via `audit_log_valid_event()`, sanitizes `$_POST`, removes passwords
+3. If `selected_items` present, `audit_process_page_data()` extracts object details from DB
+4. Event logged to `audit_log` table + optional external JSON file
+
+## Critical Conventions
+
+### Function Naming
+ALL functions MUST use `audit_` or `plugin_audit_` prefix to avoid namespace collisions with Cacti core.
+
+### Input Handling (Security Critical)
+**NEVER** access `$_GET`/`$_POST` directly. Always use:
+- `get_request_var('name')` - for basic input
+- `get_filter_request_var('name')` - for validated/filtered input  
+- `get_nfilter_request_var('name')` - for non-filtered input
+- `isset_request_var('name')` - to check existence
+
+Example from [`audit.php`](../audit.php#L30):
+```php
+switch(get_request_var('action')) {
+case 'export':
+    audit_export_rows();
+    break;
+```
+
+### Database Operations (Security Critical)
+**ALWAYS** use prepared statements, NEVER string concatenation:
+- `db_execute_prepared($sql, $params)` - for INSERT/UPDATE/DELETE
+- `db_fetch_assoc_prepared($sql, $params)` - for SELECT returning rows
+- `db_fetch_row_prepared($sql, $params)` - for single row
+- `db_fetch_cell($sql)` - only for queries without user input
+
+Example from [`audit_functions.php`](../audit_functions.php#L210-L212):
+```php
+db_execute_prepared('INSERT INTO audit_log (page, user_id, action, ip_address, user_agent, event_time, post, object_data)
+    VALUES (?, ?, ?, ?, ?, ?, ?, ?)',
+    array($page, $user_id, $action, $ip_address, $user_agent, $event_time, $post, $object_data));
+```
+
+### Localization
+Wrap ALL user-facing strings in `__('String', 'audit')`. The second parameter `'audit'` is the text domain.
+
+Example: `__('View Audit Log', 'audit')`
+
+For plurals: `__('%d Months', 2, 'audit')`
+
+### UI Structure
+- Use `top_header()` before and `bottom_footer()` after page content
+- Use `html_start_box()` / `html_end_box()` for content sections
+- Access Cacti config: `global $config;`
+
+## Developer Workflows
+
+### Testing Integration
+GitHub Actions runs tests against live Cacti install. See [`.github/workflows/plugin-ci-workflow.yml`](../.github/workflows/plugin-ci-workflow.yml):
+- Tests against PHP 8.1, 8.2, 8.3
+- Plugin must be in `cacti/plugins/audit` directory (NOT `plugin_audit`)
+- MySQL 8.0 service with user `cactiuser:cactiuser`, database `cacti`
+
+### Localization Workflow
+```bash
+cd locales
+./build_gettext.sh
+```
+Requires `xgettext` (GNU gettext). Regenerates `po/cacti.pot` from all `__()` calls, then compiles `.po` → `.mo` files.
+
+### Upgrades & Schema Changes
+When adding DB columns, update `audit_check_upgrade()` in [`setup.php`](../setup.php#L69-L100):
+```php
+db_execute('ALTER TABLE audit_log ADD COLUMN IF NOT EXISTS object_data LONGBLOB');
+```
+This runs on plugin version change detection.
+
+## Hook System
+Hooks registered in `plugin_audit_install()`:
+- `config_insert` - Main logging trigger (fires on POST requests)
+- `poller_bottom` - Daily cleanup of old records based on retention setting
+- `config_arrays` - Inject menu items and configuration arrays
+- `config_settings` - Add admin settings page
+- `draw_navigation_text` - Define breadcrumb navigation
+- `replicate_out` - Table replication for remote pollers
+
+## Key Files Reference
+- [`setup.php`](../setup.php) - Hook registration, table schema, upgrade logic
+- [`audit.php`](../audit.php) - UI controller with export/purge/getdata actions
+- [`audit_functions.php`](../audit_functions.php) - `audit_config_insert()` (main logger), `audit_process_page_data()` (extract object details)
+- [`locales/build_gettext.sh`](../locales/build_gettext.sh) - Translation builder
+- [`.github/workflows/plugin-ci-workflow.yml`](../.github/workflows/plugin-ci-workflow.yml) - Integration tests

.github/workflows/plugin-ci-workflow.yml

@@ -0,0 +1,225 @@
+# +-------------------------------------------------------------------------+
+# | Copyright (C) 2004-2025 The Cacti Group                                 |
+# |                                                                         |
+# | This program is free software; you can redistribute it and/or           |
+# | modify it under the terms of the GNU General Public License             |
+# | as published by the Free Software Foundation; either version 2          |
+# | of the License, or (at your option) any later version.                  |
+# |                                                                         |
+# | This program is distributed in the hope that it will be useful,         |
+# | but WITHOUT ANY WARRANTY; without even the implied warranty of          |
+# | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the           |
+# | GNU General Public License for more details.                            |
+# +-------------------------------------------------------------------------+
+# | Cacti: The Complete RRDtool-based Graphing Solution                     |
+# +-------------------------------------------------------------------------+
+# | This code is designed, written, and maintained by the Cacti Group. See  |
+# | about.php and/or the AUTHORS file for specific developer information.   |
+# +-------------------------------------------------------------------------+
+# | http://www.cacti.net/                                                   |
+# +-------------------------------------------------------------------------+
+
+name: Plugin Integration Tests
+
+on:
+  push:
+    branches:
+      - main
+      - develop
+  pull_request:
+    branches:
+      - main
+      - develop
+
+jobs:
+  integration-test:
+    runs-on: ${{ matrix.os }}
+    
+    strategy:
+      fail-fast: false
+      matrix:
+        php: ['8.1', '8.2', '8.3']
+        os: [ubuntu-latest]
+    
+    services:
+      mysql:
+        image: mysql:8.0
+        env:
+          MYSQL_ROOT_PASSWORD: cactiroot
+          MYSQL_DATABASE: cacti
+          MYSQL_USER: cactiuser
+          MYSQL_PASSWORD: cactiuser
+        ports:
+          - 3306:3306
+        options: >-
+          --health-cmd="mysqladmin ping"
+          --health-interval=10s
+          --health-timeout=5s
+          --health-retries=3
+    
+    name: PHP ${{ matrix.php }} Integration Test on ${{ matrix.os }}
+    
+    steps:
+    - name: Checkout Cacti
+      uses: actions/checkout@v4
+      with:
+        repository: Cacti/cacti
+        path: cacti
+    
+    - name: Checkout audit Plugin
+      uses: actions/checkout@v4
+      with:
+        path: cacti/plugins/audit
+    
+    - name: Install PHP ${{ matrix.php }}
+      uses: shivammathur/setup-php@v2
+      with:
+        php-version: ${{ matrix.php }}
+        extensions: intl, mysql, gd, ldap, gmp, xml, curl, json, mbstring
+        ini-values: "post_max_size=256M, max_execution_time=60, date.timezone=America/New_York"
+    
+    - name: Check PHP version
+      run: php -v
+    
+    
+    - name: Run apt-get update
+      run: sudo apt-get update
+    
+    - name: Install System Dependencies
+      run: sudo apt-get install -y apache2 snmp snmpd rrdtool fping libapache2-mod-php${{ matrix.php }}
+    
+    - name: Start SNMPD Agent and Test
+      run: |
+        sudo systemctl start snmpd
+        sudo snmpwalk -c public -v2c -On localhost .1.3.6.1.2.1.1
+    
+    - name: Setup Permissions
+      run: |
+        sudo chown -R www-data:runner ${{ github.workspace }}/cacti
+        sudo find ${{ github.workspace }}/cacti -type d -exec chmod 775 {} \;
+        sudo find ${{ github.workspace }}/cacti -type f -exec chmod 664 {} \;
+        sudo chmod +x ${{ github.workspace }}/cacti/cmd.php
+        sudo chmod +x ${{ github.workspace }}/cacti/poller.php
+    
+    - name: Create MySQL Config
+      run: |
+        echo -e "[client]\nuser = root\npassword = cactiroot\nhost = 127.0.0.1\n" > ~/.my.cnf
+        cat ~/.my.cnf
+    
+    - name: Initialize Cacti Database
+      env:
+        MYSQL_AUTH_USR: '--defaults-file=~/.my.cnf'
+      run: |
+        mysql $MYSQL_AUTH_USR -e 'CREATE DATABASE IF NOT EXISTS cacti;'
+        mysql $MYSQL_AUTH_USR -e "CREATE USER IF NOT EXISTS 'cactiuser'@'localhost' IDENTIFIED BY 'cactiuser';"
+        mysql $MYSQL_AUTH_USR -e "GRANT ALL PRIVILEGES ON cacti.* TO 'cactiuser'@'localhost';"
+        mysql $MYSQL_AUTH_USR -e "GRANT SELECT ON mysql.time_zone_name TO 'cactiuser'@'localhost';"
+        mysql $MYSQL_AUTH_USR -e "FLUSH PRIVILEGES;"
+        mysql $MYSQL_AUTH_USR cacti < ${{ github.workspace }}/cacti/cacti.sql
+        mysql $MYSQL_AUTH_USR -e "INSERT INTO settings (name, value) VALUES ('path_php_binary', '/usr/bin/php')" cacti
+    
+    - name: Validate composer files
+      run: |
+        cd ${{ github.workspace }}/cacti
+        if [ -f composer.json ]; then
+          composer validate --strict || true
+        fi
+    
+    - name: Install Composer Dependencies
+      run: |
+        cd ${{ github.workspace }}/cacti
+        if [ -f composer.json ]; then
+          sudo composer install --prefer-dist --no-progress
+        fi
+    
+    - name: Create Cacti config.php
+      run: |
+        cat ${{ github.workspace }}/cacti/include/config.php.dist | \
+        sed -r "s/localhost/127.0.0.1/g" | \
+        sed -r "s/'cacti'/'cacti'/g" | \
+        sed -r "s/'cactiuser'/'cactiuser'/g" | \
+        sed -r "s/'cactiuser'/'cactiuser'/g" > ${{ github.workspace }}/cacti/include/config.php
+        sudo chmod 664 ${{ github.workspace }}/cacti/include/config.php
+    
+
+    
+    - name: Configure Apache
+      run: |
+        cat << 'EOF' | sed 's#GITHUB_WORKSPACE#${{ github.workspace }}#g' > /tmp/cacti.conf
+        <VirtualHost *:80>
+          ServerAdmin webmaster@localhost
+          DocumentRoot GITHUB_WORKSPACE/cacti
+          
+          <Directory GITHUB_WORKSPACE/cacti>
+            Options Indexes FollowSymLinks
+            AllowOverride All
+            Require all granted
+          </Directory>
+          
+          ErrorLog ${APACHE_LOG_DIR}/error.log
+          CustomLog ${APACHE_LOG_DIR}/access.log combined
+        </VirtualHost>
+        EOF
+        sudo cp /tmp/cacti.conf /etc/apache2/sites-available/000-default.conf
+        sudo systemctl restart apache2
+    
+    - name: Install Cacti via CLI
+      run: |
+        cd ${{ github.workspace }}/cacti
+        sudo php cli/install_cacti.php --accept-eula --install --force
+    
+    - name: Install Audit Plugin
+      run: |
+        cd ${{ github.workspace }}/cacti
+        sudo php cli/plugin_manage.php --plugin=audit --install --enable
+    
+    - name: Check PHP Syntax for Plugin
+      run: |
+        cd ${{ github.workspace }}/cacti/plugins/audit
+        if find . -name '*.php' -exec php -l {} 2>&1 \; | grep -iv 'no syntax errors detected'; then
+          echo "Syntax errors found!"
+          exit 1
+        fi
+    
+    
+    - name: Run Cacti Poller
+      run: |
+        cd ${{ github.workspace }}/cacti
+        sudo php poller.php --poller=1 --force --debug
+        if ! grep -q "SYSTEM STATS" log/cacti.log; then
+          echo "Cacti poller did not finish successfully"
+          cat log/cacti.log
+          exit 1
+        fi
+    
+    
+    - name: View Cacti Logs
+      if: always()
+      run: |
+        if [ -f ${{ github.workspace }}/cacti/log/cacti.log ]; then
+          echo "=== Cacti Log ==="
+          sudo cat ${{ github.workspace }}/cacti/log/cacti.log
+        fi
+
+    - name: enable audit plugin logging
+      run: |
+        cd ${{ github.workspace }}
+        ENABLE_AUDIT_LOGGING="update settings set value = 'on' where name = 'audit_enabled' or name = 'audit_log_external';"
+        mysql -u cactiuser -p'cactiuser' -h 127.0.0.1 cacti -e "$ENABLE_AUDIT_LOGGING"
+
+    - name: Run cli script to trigger audit log entry
+      run: |
+        cd ${{ github.workspace }}/cacti
+        sudo php cli/add_device.php --description=test --ip=1
+
+    - name: check audit log entries
+      run: |
+        cd ${{ github.workspace }}
+        AUDIT_LOG_COUNT=$(mysql -u cactiuser -p'cactiuser' -h 127.0.0.1 cacti -se "select count(*) from audit_log;")
+        echo "Audit log entry count: $AUDIT_LOG_COUNT"
+        if [ "$AUDIT_LOG_COUNT" -lt 1 ]; then
+          echo "No audit log entries found!"
+          exit 1
+        fi
+
+