improvement(api): disable wait_for_async_insert for clickhouse audit logs insert now

[fangpenlin]

Context

https://linear.app/infisical/issue/ENG-4567/update-infisical-platform-backend-code-to-allow-sending-audit-logs-to

Screenshots

Steps to verify the change

Type

• Fix
• Feature
• Improvement
• Breaking
• Docs
• Chore

Checklist

• Title follows the conventional commit format: type(scope): short description (scope is optional, e.g., fix: prevent crash on sync or fix(api): handle null response).
• Tested locally
• Updated docs (if needed)
• Read the contributing guide

[linear]

ENG-4569 Update backend to make audit query send to ClickHouse based on configuration

[maidul98]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[greptile-apps]

Greptile Overview

Greptile Summary

This PR disables wait_for_async_insert for ClickHouse audit log inserts to prevent queue buildup issues where insert operations were blocking until data was written to disk. The change trades synchronous write guarantees for better system throughput.

Key Changes:

• Changed wait_for_async_insert from 1 to 0 in default ClickHouse insert settings
• Added comprehensive comment documenting the tradeoff: potential data loss if ClickHouse crashes before disk write, but resolves audit log queue piling up issues
• Comment notes this doesn't worsen existing data loss risk since Redis queue already lacks AOF + Fsync

Trade-offs:
The change acknowledges a data loss scenario (ClickHouse server crash before disk write) but argues this is acceptable given:

1. The Redis queue already has potential data loss without AOF + Fsync
2. This solves a production issue with audit log queue buildup
3. The team plans to monitor in production and work on a better long-term solution

Confidence Score: 4/5

• This PR is safe to merge with low risk
• The change is a targeted configuration adjustment with clear documentation of tradeoffs. Only a typo needs fixing. The change addresses a real production issue (queue buildup) with an acceptable tradeoff given the existing system constraints (Redis already lacks strict durability guarantees). The extensive comment shows good engineering judgment and transparency about the decision.
• No files require special attention beyond the typo fix in backend/src/lib/config/env.ts

Important Files Changed

Filename	Overview
backend/src/lib/config/env.ts	Changed ClickHouse wait_for_async_insert from 1 to 0 to prevent queue buildup, with clear documentation of data loss tradeoff

_{Last reviewed commit: 19e8a44}

[greptile-apps]

_{1 file reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}