Auditlog: Add django-pghistory as audit log (optional for now)

docker-compose.yml

@@ -53,6 +53,7 @@ services:
       DD_SECRET_KEY: "${DD_SECRET_KEY:-hhZCp@D28z!n@NED*yB!ROMt+WzsY*iq}"
       DD_CREDENTIAL_AES_256_KEY: "${DD_CREDENTIAL_AES_256_KEY:-&91a*agLqesc*0DJ+2*bAbsUZfR*4nLw}"
       DD_DATABASE_READINESS_TIMEOUT: "${DD_DATABASE_READINESS_TIMEOUT:-30}"
+      DD_AUDITLOG_TYPE: "${DD_AUDITLOG_TYPE:-django-pghistory}"
     volumes:
         - type: bind
           source: ./docker/extra_settings
@@ -74,6 +75,7 @@ services:
       DD_SECRET_KEY: "${DD_SECRET_KEY:-hhZCp@D28z!n@NED*yB!ROMt+WzsY*iq}"
       DD_CREDENTIAL_AES_256_KEY: "${DD_CREDENTIAL_AES_256_KEY:-&91a*agLqesc*0DJ+2*bAbsUZfR*4nLw}"
       DD_DATABASE_READINESS_TIMEOUT: "${DD_DATABASE_READINESS_TIMEOUT:-30}"
+      DD_AUDITLOG_TYPE: "${DD_AUDITLOG_TYPE:-django-pghistory}"
     volumes:
         - type: bind
           source: ./docker/extra_settings
@@ -94,6 +96,7 @@ services:
       DD_SECRET_KEY: "${DD_SECRET_KEY:-hhZCp@D28z!n@NED*yB!ROMt+WzsY*iq}"
       DD_CREDENTIAL_AES_256_KEY: "${DD_CREDENTIAL_AES_256_KEY:-&91a*agLqesc*0DJ+2*bAbsUZfR*4nLw}"
       DD_DATABASE_READINESS_TIMEOUT: "${DD_DATABASE_READINESS_TIMEOUT:-30}"
+      DD_AUDITLOG_TYPE: "${DD_AUDITLOG_TYPE:-django-pghistory}"
     volumes:
         - type: bind
           source: ./docker/extra_settings
@@ -115,6 +118,7 @@ services:
       DD_SECRET_KEY: "${DD_SECRET_KEY:-hhZCp@D28z!n@NED*yB!ROMt+WzsY*iq}"
       DD_CREDENTIAL_AES_256_KEY: "${DD_CREDENTIAL_AES_256_KEY:-&91a*agLqesc*0DJ+2*bAbsUZfR*4nLw}"
       DD_DATABASE_READINESS_TIMEOUT: "${DD_DATABASE_READINESS_TIMEOUT:-30}"
+      DD_AUDITLOG_TYPE: "${DD_AUDITLOG_TYPE:-django-pghistory}"
     volumes:
         - type: bind
           source: ./docker/extra_settings

docker/entrypoint-initializer.sh

@@ -110,6 +110,8 @@ python3 manage.py makemigrations --no-input --check --dry-run --verbosity 3 || {
     cat <<-EOF
 
 ********************************************************************************
+WARNING: Missing Database Migrations Detected
+********************************************************************************
 
 You made changes to the models without creating a DB migration for them.
 
@@ -119,15 +121,25 @@ If you're not familiar with migrations in Django, please read the
 great documentation thoroughly:
 https://docs.djangoproject.com/en/5.0/topics/migrations/
 
+This is now a WARNING and the container will continue to start.
+However, you should create the necessary migrations as soon as possible using:
+docker compose exec uwsgi bash -c 'python manage.py makemigrations -v2'
+
 ********************************************************************************
 
 EOF
-    exit 1
+    echo "WARNING: Continuing startup despite missing migrations..."
 }
 
 echo "Migrating"
 python3 manage.py migrate
 
+echo "Configuring pghistory triggers based on audit settings"
+cat <<EOD | python3 manage.py shell
+from dojo.auditlog import configure_pghistory_triggers
+configure_pghistory_triggers()
+EOD
+
 echo "Admin user: ${DD_ADMIN_USER}"
 ADMIN_EXISTS=$(echo "SELECT * from auth_user;" | python manage.py dbshell | grep "${DD_ADMIN_USER}" || true)
 # Abort if the admin user already exists, instead of giving a new fake password that won't work

dojo/admin.py

@@ -1,5 +1,5 @@
-from auditlog.models import LogEntry
 from django.contrib import admin
+from django.contrib.admin.sites import NotRegistered
 from polymorphic.admin import PolymorphicChildModelAdmin, PolymorphicParentModelAdmin
 
 from dojo.models import (
@@ -14,7 +14,13 @@
     TextQuestion,
 )
 
-admin.site.unregister(LogEntry)
+# Conditionally unregister LogEntry from auditlog if it's registered
+try:
+    from auditlog.models import LogEntry
+    admin.site.unregister(LogEntry)
+except (ImportError, NotRegistered):
+    # auditlog not available or LogEntry not registered
+    pass
 
 # ==============================
 # Defect Dojo Engaegment Surveys

dojo/apps.py

@@ -5,6 +5,7 @@
 from django.db import models
 from watson import search as watson
 
+from dojo.auditlog import configure_audit_system, register_django_pghistory_models
 from dojo.checks import check_configuration_deduplication
 
 logger = logging.getLogger(__name__)
@@ -87,6 +88,13 @@ def ready(self):
         import dojo.test.signals  # noqa: PLC0415 raised: AppRegistryNotReady
         import dojo.tool_product.signals  # noqa: F401,PLC0415 raised: AppRegistryNotReady
 
+        # Configure audit system after all models are loaded
+        # This must be done in ready() to avoid "Models aren't loaded yet" errors
+        # Note: pghistory models are registered here (no database access), but trigger
+        # enabling is handled via management command to avoid database access warnings
+        register_django_pghistory_models()
+        configure_audit_system()
+
 
 def get_model_fields_with_extra(model, extra_fields=()):
     return get_model_fields(get_model_default_fields(model), extra_fields)