feat: PostgreSQL support for DomainAudit (#7665)

<!-- 1-2 line summary of WHAT changed technically:
- Always link the relevant projects GitHub issue, unless it is a minor
bugfix
- Good: "Modified FailoverDomain mapper to allow null ActiveClusterName
#320"
- Bad: "added nil check" -->
**What changed?**
Implement SQL plugin interface and add PostgreSQL support for
DomainAudit.

- Created `domain_audit_log` table in Postgresql schema
- Created data structures for `DomainAuditLogRow` and
`DomainAuditLogFilter` in sqlplugin
- Implemented sqlplugin interfaces for `InsertIntoDomainAuditLog` and
`SelectFromDomainAuditLogs` functions
- Implemented `InsertIntoDomainAuditLog` and `SelectFromDomainAuditLogs`
functions in Postgresql
- Updated SQL factory to create `newSQLDomainAuditStore`

Fixes: #7602 

<!-- Your goal is to provide all the required context for a future
maintainer
to understand the reasons for making this change (see
https://cbea.ms/git-commit/#why-not-how).
How did this work previously (and what was wrong with it)? What has
changed, and why did you solve it
this way?
- Good: "Active-active domains have independent cluster attributes per
region. Previously,
modifying cluster attributes required spedifying the default
ActiveClusterName which
updates the global domain default. This prevents operators from updating
regional
configurations without affecting the primary cluster designation. This
change allows
  attribute updates to be independent of active cluster selection."
- Bad: "Improves domain handling" -->
**Why?**
DomainAudit allows all modifications made to a domain (e.g failovers) to
be stored and retrieved. This has previously only been supported by
NoSQL databases (Cassandra, MongoDB, DynamoDB). The SQL plugin is now
configured to handle DomainAudit requests, so other SQL databases can
also be easily configured to support DomainAudit. PostgreSQL support for
DomainAudit is now added.

<!-- Include specific test commands and setup. Please include the exact
commands such that
another maintainer or contributor can reproduce the test steps taken. 
- e.g Unit test commands with exact invocation
`go test -v ./common/types/mapper/proto -run TestFailoverDomainRequest`
- For integration tests include setup steps and test commands
Example: "Started local server with `./cadence start`, then ran `make
test_e2e`"
- For local simulation testing include setup steps for the server and
how you ran the tests
- Good: Full commands that reviewers can copy-paste to verify
- Bad: "Tested locally" or "Added tests" -->
**How did you test it?**
- Unit tests: `go test -v ./common/persistence/sql -run
TestCreateDomainAuditLog TestGetDomainAuditLogs
TestFactoryNewDomainAuditStore TestInsertIntoDomainAuditLog
TestSelectFromDomainAuditLogs TestGetDataBlobEncoding
TestGetDataBlobBytes`
- Integration tests: Ran `TestPostgresSQLDomainAuditPersistence` on
github actions

<!-- If there are risks that the release engineer should know about
document them here.
For example:
- Has an API/IDL been modified? Is it backwards/forwards compatible? If
not, what are the repecussions?
- Has a schema change been introduced? Is it possible to roll back?
- Has a feature flag been re-used for a new purpose? 
- Is there a potential performance concern? Is the change modifying core
task processing logic?
- If truly N/A, you can mark it as such -->
**Potential risks**
- Postgresql schema is updated with a new table; it can be rolled back
with Postgres database release version

<!-- If this PR completes a user facing feature or changes functionality
add release notes here.
Your release notes should allow a user and the release engineer to
understand the changes with little context.
Always ensure that the description contains a link to the relevant
GitHub issue. -->
**Release notes**
Added PostgreSQL support for DomainAudit

<!-- Consider whether this change requires documentation updates in the
Cadence-Docs repo
- If yes: mention what needs updating (or link to docs PR in
cadence-docs repo)
- If in doubt, add a note about potential doc needs
- Only mark N/A if you're certain no docs are affected -->
**Documentation Changes**
N/A

---
## Potential Breaking change

**Detailed Description**
[In-depth description of the changes made to the schema or interfaces,
specifying new fields, removed fields, or modified data structures]

- Created `domain_audit_log` table in Postgresql schema
- Created data structures for `DomainAuditLogRow` and
`DomainAuditLogFilter` in sqlplugin
- Implemented sqlplugin interfaces for `InsertIntoDomainAuditLog` and
`SelectFromDomainAuditLogs` functions
- Implemented `InsertIntoDomainAuditLog` and `SelectFromDomainAuditLogs`
functions in Postgresql
- Updated SQL factory to create `newSQLDomainAuditStore`

**Impact Analysis**
- **Backward Compatibility**: Schema changes can be rolled back with
Postgres database release version
- **Forward Compatibility**: Doesn't affect existing schema

**Testing Plan**
- **Unit Tests**: `go test -v ./common/persistence/sql -run
TestCreateDomainAuditLog TestGetDomainAuditLogs
TestFactoryNewDomainAuditStore TestInsertIntoDomainAuditLog
TestSelectFromDomainAuditLogs TestGetDataBlobEncoding
TestGetDataBlobBytes`
- **Persistence Tests**: Ran `TestPostgresSQLDomainAuditPersistence` on
github actions
- **Integration Tests**: [Do we have integration test covering the
change?]
- **Compatibility Tests**: [Have we done tests to test the backward and
forward compatibility?]

**Rollout Plan**
- What is the rollout plan?
- Does the order of deployment matter?
- Is it safe to rollback? Does the order of rollback matter? Schema
changes can be rolled back with Postgres database release version
- Is there a kill switch to mitigate the impact immediately? Changing
[NewDomainAuditStore()](https://github.com/cadence-workflow/cadence/blob/57b7157840e96ab7746fece26c8da291a582bf7b/common/persistence/sql/factory.go#L114)
to return `nil, nil` should revert effects of all changes
---

## Reviewer Validation

**PR Description Quality** (check these before reviewing code):

- [ ] **"What changed"** provides a clear 1-2 line summary
  - [ ] Project Issue is linked
- [ ] **"Why"** explains the full motivation with sufficient context
- [ ] **Testing is documented:**
- [ ] Unit test commands are included (with exact `go test` invocation)
- [ ] Integration test setup/commands included (if integration tests
were run)
  - [ ] Canary testing details included (if canary was mentioned)
- [ ] **Potential risks** section is thoughtfully filled out (or
legitimately N/A)
- [ ] **Release notes** included if this completes a user-facing feature
- [ ] **Documentation** needs are addressed (or noted if uncertain)

---------

Signed-off-by: Joanna Lau <118241363+joannalauu@users.noreply.github.com>

Author: joannalauu

common/persistence/sql/factory.go

@@ -112,7 +112,11 @@ func (f *Factory) NewDomainStore() (p.DomainStore, error) {
 
 // NewDomainAuditStore returns a domain audit store
 func (f *Factory) NewDomainAuditStore() (p.DomainAuditStore, error) {
-	return nil, nil
+	conn, err := f.dbConn.get()
+	if err != nil {
+		return nil, err
+	}
+	return newSQLDomainAuditStore(conn, f.logger, f.parser)
 }
 
 // NewExecutionStore returns an ExecutionStore for a given shardID

common/persistence/sql/factory_test.go

@@ -221,3 +221,25 @@ func TestFactoryNewConfigStore(t *testing.T) {
 	assert.NoError(t, err)
 	factory.Close()
 }
+
+func TestFactoryNewDomainAuditStore(t *testing.T) {
+	ctrl := gomock.NewController(t)
+	defer ctrl.Finish()
+	cfg := config.SQL{}
+	clusterName := "test"
+	logger := testlogger.New(t)
+	mockParser := serialization.NewMockParser(ctrl)
+	dc := &persistence.DynamicConfiguration{}
+	factory := NewFactory(cfg, clusterName, logger, mockParser, dc)
+	domainAuditStore, err := factory.NewDomainAuditStore()
+	assert.Nil(t, domainAuditStore)
+	assert.Error(t, err)
+	factory.Close()
+
+	cfg.PluginName = "shared"
+	factory = NewFactory(cfg, clusterName, logger, mockParser, dc)
+	domainAuditStore, err = factory.NewDomainAuditStore()
+	assert.NotNil(t, domainAuditStore)
+	assert.NoError(t, err)
+	factory.Close()
+}

common/persistence/sql/sql_domain_audit_store.go

@@ -0,0 +1,199 @@
+// Copyright (c) 2025 Uber Technologies, Inc.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files (the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions:
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.
+
+package sql
+
+import (
+	"context"
+	"fmt"
+	"time"
+
+	"github.com/uber/cadence/common/constants"
+	"github.com/uber/cadence/common/log"
+	"github.com/uber/cadence/common/persistence"
+	"github.com/uber/cadence/common/persistence/serialization"
+	"github.com/uber/cadence/common/persistence/sql/sqlplugin"
+	"github.com/uber/cadence/common/types"
+)
+
+type sqlDomainAuditStore struct {
+	sqlStore
+}
+
+// domainAuditLogPageToken is used for pagination
+type domainAuditLogPageToken struct {
+	CreatedTime time.Time `json:"created_time"`
+	EventID     string    `json:"event_id"`
+}
+
+// newSQLDomainAuditStore creates an instance of sqlDomainAuditStore
+func newSQLDomainAuditStore(
+	db sqlplugin.DB,
+	logger log.Logger,
+	parser serialization.Parser,
+) (persistence.DomainAuditStore, error) {
+	return &sqlDomainAuditStore{
+		sqlStore: sqlStore{
+			db:     db,
+			logger: logger,
+			parser: parser,
+		},
+	}, nil
+}
+
+// CreateDomainAuditLog creates a new domain audit log entry
+func (m *sqlDomainAuditStore) CreateDomainAuditLog(
+	ctx context.Context,
+	request *persistence.InternalCreateDomainAuditLogRequest,
+) (*persistence.CreateDomainAuditLogResponse, error) {
+	row := &sqlplugin.DomainAuditLogRow{
+		DomainID:            request.DomainID,
+		EventID:             request.EventID,
+		StateBefore:         getDataBlobBytes(request.StateBefore),
+		StateBeforeEncoding: getDataBlobEncoding(request.StateBefore),
+		StateAfter:          getDataBlobBytes(request.StateAfter),
+		StateAfterEncoding:  getDataBlobEncoding(request.StateAfter),
+		OperationType:       request.OperationType,
+		CreatedTime:         request.CreatedTime,
+		LastUpdatedTime:     request.LastUpdatedTime,
+		Identity:            request.Identity,
+		IdentityType:        request.IdentityType,
+		Comment:             request.Comment,
+	}
+
+	_, err := m.db.InsertIntoDomainAuditLog(ctx, row)
+	if err != nil {
+		return nil, convertCommonErrors(m.db, "CreateDomainAuditLog", "", err)
+	}
+
+	return &persistence.CreateDomainAuditLogResponse{
+		EventID: request.EventID,
+	}, nil
+}
+
+// GetDomainAuditLogs retrieves domain audit logs
+func (m *sqlDomainAuditStore) GetDomainAuditLogs(
+	ctx context.Context,
+	request *persistence.GetDomainAuditLogsRequest,
+) (*persistence.InternalGetDomainAuditLogsResponse, error) {
+	minCreatedTime := time.Unix(0, 0)
+	maxCreatedTime := time.Now().UTC()
+	if request.MinCreatedTime != nil {
+		minCreatedTime = *request.MinCreatedTime
+	}
+	if request.MaxCreatedTime != nil {
+		maxCreatedTime = *request.MaxCreatedTime
+	}
+
+	pageMaxCreatedTime := maxCreatedTime
+	// if next page token is not present, set pageMinEventID to largest possible uuid
+	// to prevent the query from returning rows where created_time is equal to pageMaxCreatedTime
+	pageMinEventID := "ffffffff-ffff-ffff-ffff-ffffffffffff"
+	if request.NextPageToken != nil {
+		page := domainAuditLogPageToken{}
+		if err := gobDeserialize(request.NextPageToken, &page); err != nil {
+			return nil, fmt.Errorf("unable to decode next page token")
+		}
+		pageMaxCreatedTime = page.CreatedTime
+		pageMinEventID = page.EventID
+	}
+
+	filter := &sqlplugin.DomainAuditLogFilter{
+		DomainID:           request.DomainID,
+		OperationType:      request.OperationType,
+		MinCreatedTime:     &minCreatedTime,
+		MaxCreatedTime:     &maxCreatedTime,
+		PageSize:           request.PageSize,
+		PageMaxCreatedTime: &pageMaxCreatedTime,
+		PageMinEventID:     &pageMinEventID,
+	}
+
+	rows, err := m.db.SelectFromDomainAuditLogs(ctx, filter)
+	if err != nil {
+		return nil, convertCommonErrors(m.db, "GetDomainAuditLogs", "", err)
+	}
+
+	var nextPageToken []byte
+	if request.PageSize > 0 && len(rows) >= request.PageSize {
+		// there could be more results
+		lastRow := rows[request.PageSize-1]
+		token := domainAuditLogPageToken{
+			CreatedTime: lastRow.CreatedTime,
+			EventID:     lastRow.EventID,
+		}
+		nextPageToken, err = gobSerialize(token)
+		if err != nil {
+			return nil, &types.InternalServiceError{Message: fmt.Sprintf("error serializing nextPageToken:%v", err)}
+		}
+	}
+
+	var auditLogs []*persistence.InternalDomainAuditLog
+	for _, row := range rows {
+		auditLogs = append(auditLogs, deseralizeDomainAuditLogRow(row))
+	}
+
+	return &persistence.InternalGetDomainAuditLogsResponse{
+		AuditLogs:     auditLogs,
+		NextPageToken: nextPageToken,
+	}, nil
+}
+
+func getDataBlobBytes(blob *persistence.DataBlob) []byte {
+	if blob == nil {
+		return []byte{}
+	}
+	return blob.Data
+}
+
+func getDataBlobEncoding(blob *persistence.DataBlob) constants.EncodingType {
+	if blob == nil {
+		return constants.EncodingTypeEmpty
+	}
+	return blob.Encoding
+}
+
+func deseralizeDomainAuditLogRow(row *sqlplugin.DomainAuditLogRow) *persistence.InternalDomainAuditLog {
+	auditLog := &persistence.InternalDomainAuditLog{
+		EventID:         row.EventID,
+		DomainID:        row.DomainID,
+		OperationType:   row.OperationType,
+		CreatedTime:     row.CreatedTime,
+		LastUpdatedTime: row.LastUpdatedTime,
+		Identity:        row.Identity,
+		IdentityType:    row.IdentityType,
+		Comment:         row.Comment,
+	}
+
+	if len(row.StateBefore) > 0 {
+		auditLog.StateBefore = &persistence.DataBlob{
+			Encoding: row.StateBeforeEncoding,
+			Data:     row.StateBefore,
+		}
+	}
+
+	if len(row.StateAfter) > 0 {
+		auditLog.StateAfter = &persistence.DataBlob{
+			Encoding: row.StateAfterEncoding,
+			Data:     row.StateAfter,
+		}
+	}
+
+	return auditLog
+}