Skip to content

feat: Add table googleworkspace_activity_report Closes (#88)#89

Merged
misraved merged 6 commits intomainfrom
add-table-admin-audit-report
Jul 21, 2025
Merged

feat: Add table googleworkspace_activity_report Closes (#88)#89
misraved merged 6 commits intomainfrom
add-table-admin-audit-report

Conversation

@ParthaI
Copy link
Contributor

@ParthaI ParthaI commented Jul 15, 2025

Example query results

Results 
Add example SQL query results here (please include the input queries as well)

@ParthaI ParthaI requested a review from Copilot July 15, 2025 06:22
@ParthaI ParthaI self-assigned this Jul 15, 2025
Copilot AI reviewed Jul 15, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds a new Steampipe table to query Google Workspace Admin Reports activity logs via the Reports API.

  • Introduce googleworkspace_admin_reports_activity table definition and list logic
  • Add ReportsService in service.go with the required Admin Reports scope
  • Register the new table in plugin.go and update documentation

Reviewed Changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
googleworkspace/table_googleworkspace_admin_reports_activity.go New table definition, list function, and transform for events
googleworkspace/service.go Added ReportsService and Admin Reports API scope
googleworkspace/plugin.go Registered the new googleworkspace_admin_reports_activity table
docs/tables/googleworkspace_admin_reports_activity.md Documentation for querying the new table
docs/index.md Added Admin SDK API and scope to setup instructions
Comments suppressed due to low confidence (2)

docs/tables/googleworkspace_admin_reports_activity.md:20

  • The docs list optional quals but omit customer_id, which is supported in the code. Please add customer_id to the optional qualifiers section.
  - `actor_email`

googleworkspace/service.go:121

  • [nitpick] Indentation uses spaces here instead of tabs, leading to inconsistent formatting. Align with the rest of the file using tabs.
    serviceCacheKey := "googleworkspace.reports"

@misraved
Copy link
Contributor

misraved commented Jul 16, 2025

@ParthaI notes on table naming:

  • Do we explicitly need the word admin in the table name? Do i need to have admin permissions to be able to query this table?
  • I would go with googleworkspace_activity_report? Then we can explicitly add in the additional permissions in the table docs so that a user can query this table.

@misraved misraved changed the title feat: Add table googleworkspace_admin_reports_activity Closes (#88) feat: Add table googleworkspace_activity_report Closes (#88) Jul 17, 2025
misraved
misraved reviewed Jul 18, 2025
View reviewed changes
Copy link
Contributor

@misraved misraved left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ParthaI please take a look at the review comments. Thanks!!

docs/index.md
| APIs | 1. Go to the [Google API Console](https://console.cloud.google.com/apis/dashboard). <br/> 2. Select the project that contains your credentials. <br/> 3. Click `Enable APIs and Services`. <br/> 4. Enable: `Google Calendar API`, `Google Drive API`, `Gmail API`, `Google People API`.
| Credentials | 1. To use **domain-wide delegation**, generate your [service account and credentials](https://developers.google.com/admin-sdk/directory/v1/guides/delegation#create_the_service_account_and_credentials) and [delegate domain-wide authority to your service account](https://developers.google.com/admin-sdk/directory/v1/guides/delegation#delegate_domain-wide_authority_to_your_service_account). Enter the following OAuth 2.0 scopes for the services that the service account can access:<br />`https://www.googleapis.com/auth/calendar.readonly`,<br />`https://www.googleapis.com/auth/contacts.readonly`,<br />`https://www.googleapis.com/auth/contacts.other.readonly`,<br />`https://www.googleapis.com/auth/directory.readonly`,<br />`https://www.googleapis.com/auth/drive.readonly`,<br />`https://www.googleapis.com/auth/gmail.readonly`<br />2. To use **OAuth client**, configure your [credentials](#authenticate-using-oauth-client). |
| APIs | 1. Go to the [Google API Console](https://console.cloud.google.com/apis/dashboard). <br/> 2. Select the project that contains your credentials. <br/> 3. Click `Enable APIs and Services`. <br/> 4. Enable: `Google Calendar API`, `Google Drive API`, `Gmail API`, `Google People API`, `Google Admin SDK API`.
| Credentials | 1. To use **domain-wide delegation**, generate your [service account and credentials](https://developers.google.com/admin-sdk/directory/v1/guides/delegation#create_the_service_account_and_credentials) and [delegate domain-wide authority to your service account](https://developers.google.com/admin-sdk/directory/v1/guides/delegation#delegate_domain-wide_authority_to_your_service_account). Enter the following OAuth 2.0 scopes for the services that the service account can access:<br />`https://www.googleapis.com/auth/admin.reports.audit.readonly`<br />`https://www.googleapis.com/auth/calendar.readonly`,<br />`https://www.googleapis.com/auth/contacts.readonly`,<br />`https://www.googleapis.com/auth/contacts.other.readonly`,<br />`https://www.googleapis.com/auth/directory.readonly`,<br />`https://www.googleapis.com/auth/drive.readonly`,<br />`https://www.googleapis.com/auth/gmail.readonly`<br />2. To use **OAuth client**, configure your [credentials](#authenticate-using-oauth-client). |
Copy link
Contributor

@misraved misraved Jul 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are the admin permissions required for other tables? Should we add it specifically to the doc page of the googleworkspace_activity_report table?

Copy link
Contributor Author

@ParthaI ParthaI Jul 18, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The index.md file serves as general documentation for the entire plugin, rather than for a specific table. Therefore, it makes sense to list all the required scopes there to provide a complete overview. That said, we’ve also included a note about the required scope in the specific table documentation for googleworkspace_activity_report to ensure clarity for users reviewing that page.

@misraved misraved merged commit c08e1e5 into main Jul 21, 2025
1 check passed
@misraved misraved deleted the add-table-admin-audit-report branch July 21, 2025 12:42
@pdecat pdecat mentioned this pull request Aug 22, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@misraved misraved misraved approved these changes

Assignees

@ParthaI ParthaI

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@ParthaI @misraved @assakafpix