feat(operator): Add beta dashboard#1343
Merged
Merged
Conversation
Add host/operator-only dashboard and support-bundle routes for beta app recovery, including subscription recovery wrappers and support redaction. Wire the Web Shell panel, docs, release-certification evidence, and tests for operator beta UX and recovery.
Refresh project documentation and agent skills for the operator beta dashboard, public-beta security evidence, and live-network beta certification flow added since 56b9cb7. Document live smoke self-tests, optional live artifacts, stale-summary handling, and the ownership boundaries for operator-only routes.
Point the operator beta evidence collector at the current AAA-style route tests and the dedicated support redactor test. Match the redactor's normalized lowercase sensitive field names so release-candidate evidence reflects the implemented checks.
Count app update candidates from the candidate status and auto-stage signal exposed by update summaries. Gate update recovery actions on app-update route availability so reduced router embeddings do not advertise actions that can only 404.
Redact authorization, cookie, and env-style credentials in exported support bundles. Align operator recovery actions with review acknowledgement, running-app update gates, and preserve-data uninstall routing. Add regression coverage for redaction and dashboard recovery action JSON.
Broaden support-bundle redaction to scrub PEM private-key blocks and absolute local paths across Unix, Windows, UNC, and file URI forms. Redact uppercase file catalog sources in the operator beta dashboard and cover the behavior in focused tests. Prune generated build, .gradle, and .git trees before adapter FCP boundary scans so validation does not descend into generated caches.
Treat key and signature names as sensitive credentials for support-bundle field, assignment, and query redaction. Update redactor tests to cover key/signature values while keeping assertion and SonarLint checks clean.
Redact support-bundle path tokens that include quoted or path-like whitespace segments so local paths with spaces are not partially exported. Count dashboard quota warnings from quota-specific app state instead of any app warning so non-quota app review issues do not escalate quota status.
Treat common raw signature field names such as signatureBase64, signatureValue, rawSignatureValue, signaturePayload, and signatureDocument as sensitive support-bundle credentials. Add regression coverage for structural fields, inline assignments, and query parameters so raw signature material is removed before export.
Treat seed phrase, recovery phrase, and mnemonic field variants as sensitive in support-bundle redaction. Add focused coverage for map fields, inline assignments, and query parameters.
Redact remote catalog displays and reuse the operator-safe subscription projection for recovery responses so support and Web Shell actions do not expose raw source URIs. Reuse the Trust Graph handler already owned by the router so reduced embeddings report the same local preview state through operator dashboard and trust graph routes.
Update operator beta support-bundle evidence checks to recognize the split form-password marker used by the Java route test. Mirror that split marker in the app-platform smoke self-test fixture so certification catches source-marker mismatches offline.
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 4ab87f2e33
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Add a dashboard warning when diagnostics are wired but legacy-admin usage counters are absent so the operator beta dashboard cannot report a healthy overall status while that section is unavailable. Cover the reduced diagnostics case with a focused OperatorBetaDashboardService regression test.
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 09dd4688dd
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
operator-beta.*rows.Test plan
./gradlew :platform-api:test --tests '*OperatorBetaDashboardServiceTest' --tests '*PlatformApiOperatorRoutesTest'python3 tools/release-certification/app_platform_smoke.py --self-testpython3 tools/release-certification/app_platform_smoke.py --workspace-root . --out-dir build/release-certification/app-platform-smoke --mode pr --skip-gradlepython3 -m py_compile tools/release-certification/app_platform_smoke.py./gradlew spotlessApplyNotes
develop.