Enhance rejection audit events with Harvest API enrichment#20094
Enhance rejection audit events with Harvest API enrichment#20094christophercutajar wants to merge 3 commits into
Conversation
Audit log events only record that an Application's status changed to "rejected" — the rejection reason and notes/comments are not part of the audit log payload. Add an opt-in "Enrich rejected application events" setting that, when a rejection is detected, calls the Harvest V3 API (reusing the existing OAuth bearer token) to fetch the rejection reason and pull the rejection notes from the activity feed, merging them into the event under greenhouse.audit.event.rejection.
…g real audit event A real "Candidate or Prospect rejected" audit event showed the original implementation's assumptions were wrong: the event type is "action" (not "data_change_update"), target_type is the literal string "Candidate or Prospect rejected" (not "Application"), and the event carries no application/candidate ID at all. Since there's no ID to look up directly, correlate by time instead: query the Harvest API for rejected Applications whose rejected_at falls within a configurable window (default 5m) of the audit event's timestamp. An unambiguous single match is enriched with the rejection reason and notes; zero or multiple matches are recorded as an error (with candidate IDs listed in the ambiguous case) rather than guessed.
…equired Harvest permissions A second real audit sample showed Greenhouse also audits a separate "RejectionDetails" data_change_create event for the same rejection, sharing the same request.id and carrying event.meta.application_id. Replace the earlier timestamp-window guess with a deterministic correlation: match the "Candidate or Prospect rejected" event to its RejectionDetails sibling by request.id within the same page of audit results, then look up the resulting application_id directly via the Harvest API. Ambiguous request.id matches (e.g. bulk rejections) and no-match cases are still recorded as an error rather than guessed. Also document the specific Harvest OAuth scopes required (Rejection details / Rejection reasons, in addition to Applications / Activity Feed) based on the actual permission UI.
|
❌ Author of the following commits did not sign a Contributor Agreement: Please, read and sign the above mentioned agreement if you want to contribute to this project |
Elastic Docs Style Checker (Vale)Summary: 4 warnings, 3 suggestions found
|
| File | Line | Rule | Message |
|---|---|---|---|
| packages/greenhouse/_dev/build/docs/README.md | 65 | Elastic.MenuArrowsBold | Use '→' to separate menu items, not '' or '='. Example: Select Manage index → Add lifecycle policy. |
| packages/greenhouse/_dev/build/docs/README.md | 65 | Elastic.MenuArrows | Use '→' to separate menu items, not '' or '='. Example: Select Manage index → Add lifecycle policy. |
| packages/greenhouse/_dev/build/docs/README.md | 65 | Elastic.MenuArrows | Use '→' to separate menu items, not '' or '='. Example: Select Manage index → Add lifecycle policy. |
| packages/greenhouse/data_stream/audit/fields/fields.yml | 107 | Elastic.QuotesPunctuation | Place punctuation inside closing quotation marks. |
💡 Suggestions (3): Optional style improvements. Apply when helpful.
| File | Line | Rule | Message |
|---|---|---|---|
| packages/greenhouse/_dev/build/docs/README.md | 124 | Elastic.Semicolons | Use semicolons judiciously. |
| packages/greenhouse/data_stream/audit/fields/fields.yml | 90 | Elastic.Wordiness | Consider using 'all' instead of 'all of '. |
| packages/greenhouse/data_stream/audit/fields/fields.yml | 90 | Elastic.Wordiness | Consider using 'impossible' instead of 'not possible'. |
The Vale linter checks documentation changes against the Elastic Docs style guide. To use Vale locally or report issues, refer to Elastic style guide for Vale.
|
Changelog link mismatch — expected
Tip If expected, add the |
💔 Build Failed
Failed CI StepsHistory |
This comment has been minimized.
This comment has been minimized.
TL;DRBuild 45907 failed for two actionable repository issues: the Greenhouse changelog points to PR Remediation
Investigation detailsRoot CauseThe changelog validation compares every modified changelog link with the PR under test. The Greenhouse entry retains the previous link at The package validation also checks that generated documentation matches the repository template. The Greenhouse job reports Evidence
VerificationNot run in this detective workflow; the failures are directly identified in the CI logs. What is this? | From workflow: PR Buildkite Detective Give us feedback! React with 🚀 if perfect, 👍 if helpful, 👎 if not. |
Audit log events only record that an Application's status changed to
"rejected" — the rejection reason and notes/comments are not part of
the audit log payload. Add an opt-in "Enrich rejected application
events" setting that, when a rejection is detected, calls the Harvest
V3 API (reusing the existing OAuth bearer token) to fetch the
rejection reason and pull the rejection notes from the activity feed,
merging them into the event under greenhouse.audit.event.rejection.<!-- Type of change
Please label this PR with one of the following labels, depending on the scope of your change:
-->
Proposed commit message
Checklist
changelog.ymlfile.Author's Checklist
How to test this PR locally
Related issues
Screenshots