tftsr-devops_investigation

sarman/tftsr-devops_investigation

Fork 0

Commit Graph

Author	SHA1	Message	Date
Shaun Arman	32d83df3cf	feat: add multi-mode authentication for integrations (v0.2.10) Some checks failed Release / build-windows-amd64 (push) Has been cancelled Details Release / build-linux-amd64 (push) Has been cancelled Details Release / build-macos-arm64 (push) Has been cancelled Details Release / build-linux-arm64 (push) Has been cancelled Details Implement three authentication methods for Confluence, ServiceNow, and Azure DevOps: 1. OAuth2 - Traditional OAuth flow for enterprise SSO environments 2. Embedded Browser - Webview-based login that captures session cookies/tokens - Solves VPN constraints: users authenticate off-VPN via web UI - Extracted credentials work on-VPN for API calls - Based on confluence-publisher agent pattern 3. Manual Token - Direct API token/PAT input as fallback Changes: - Add webview_auth.rs module for embedded browser authentication - Implement authenticate_with_webview and extract_cookies_from_webview commands - Implement save_manual_token command with validation - Add AuthMethod enum to support all three modes - Add RadioGroup UI component for mode selection - Complete rewrite of Integrations settings page with mode-specific UI - Add secondary button variant for UI consistency VPN-friendly design: Users can authenticate via webview when off-VPN (web UI accessible), then use extracted cookies for API calls when on-VPN (API requires VPN). Addresses enterprise SSO limitations where OAuth app registration is blocked. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>	2026-04-03 17:26:09 -05:00
Shaun Arman	1e8ef41e64	feat: add OAuth2 frontend UI and complete integration flow Some checks failed Auto Tag / auto-tag (push) Successful in 4s Details Test / rust-fmt-check (push) Successful in 2m5s Details Release / build-macos-arm64 (push) Successful in 10m29s Details Test / rust-clippy (push) Failing after 18m4s Details Release / build-linux-arm64 (push) Failing after 22m1s Details Test / rust-tests (push) Successful in 12m44s Details Test / frontend-typecheck (push) Successful in 1m29s Details Test / frontend-tests (push) Has been cancelled Details Release / build-windows-amd64 (push) Has been cancelled Details Release / build-linux-amd64 (push) Has been cancelled Details Phase 2.2: OAuth2 flow - FRONTEND COMPLETE ✅ Implemented: - TypeScript command wrappers in tauriCommands.ts * initiateOauthCmd(service) -> OAuthInitResponse * handleOauthCallbackCmd(service, code, stateKey) * testConnectionCmd() for all services OAuthInitResponse and ConnectionResult types - Complete Settings/Integrations UI * Three integration cards: Confluence, ServiceNow, ADO * Connect with OAuth2 buttons (Confluence, ADO) * Basic auth note for ServiceNow * Configuration inputs: baseUrl, username, projectName, spaceKey * Test connection buttons with loading states * Success/error feedback with color-coded messages * OAuth2 flow instructions for users - OAuth2 flow in browser * Opens auth URL in default browser via shell plugin * User authenticates with service * Redirected to localhost:8765/callback * Callback server handles token exchange automatically * Success message shown to user - CSP updates in tauri.conf.json * Added http://localhost:8765 (callback server) * Added https://auth.atlassian.com (Confluence OAuth) * Added https://.atlassian.net (Confluence API) Added https://login.microsoftonline.com (ADO OAuth) * Added https://dev.azure.com (ADO API) - UI improvements * Fixed Cancel button variant (ghost instead of secondary) * Loading spinners with Loader2 icon * Check/X icons for success/error states * Disabled states when not configured * Optimistic UI updates on connect Frontend + Backend = COMPLETE END-TO-END OAUTH2 FLOW: 1. User goes to Settings → Integrations 2. Enters base URL and config 3. Clicks 'Connect with OAuth2' 4. Browser opens with service auth page 5. User logs in and authorizes 6. Redirected to localhost:8765/callback 7. Token exchanged and encrypted automatically 8. Stored in SQLite credentials table 9. Ready for API calls to external services ✅ TypeScript: All types checked, no errors Frontend build: ✅ Built in 2.26s Total lines: ~400 lines of new UI code Next: Phase 2.3 - Integration API clients (Confluence REST, ServiceNow REST, ADO REST)	2026-04-03 15:04:12 -05:00
Shaun Arman	8839075805	feat: initial implementation of TFTSR IT Triage & RCA application Implements Phases 1-8 of the TFTSR implementation plan. Rust backend (Tauri 2.x, src-tauri/): - Multi-provider AI: OpenAI-compatible, Anthropic, Gemini, Mistral, Ollama - PII detection engine: 11 regex patterns with overlap resolution - SQLCipher AES-256 encrypted database with 10 versioned migrations - 28 Tauri IPC commands for triage, analysis, document, and system ops - Ollama: hardware probe, model recommendations, pull/delete with events - RCA and blameless post-mortem Markdown document generators - PDF export via printpdf - Audit log: SHA-256 hash of every external data send - Integration stubs for Confluence, ServiceNow, Azure DevOps (v0.2) Frontend (React 18 + TypeScript + Vite, src/): - 9 pages: full triage workflow NewIssue→LogUpload→Triage→Resolution→RCA→Postmortem→History+Settings - 7 components: ChatWindow, TriageProgress, PiiDiffViewer, DocEditor, HardwareReport, ModelSelector, UI primitives - 3 Zustand stores: session, settings (persisted), history - Type-safe tauriCommands.ts matching Rust backend types exactly - 8 IT domain system prompts (Linux, Windows, Network, K8s, DB, Virt, HW, Obs) DevOps: - .woodpecker/test.yml: rustfmt, clippy, cargo test, tsc, vitest on every push - .woodpecker/release.yml: linux/amd64 + linux/arm64 builds, Gogs release upload Verified: - cargo check: zero errors - tsc --noEmit: zero errors - vitest run: 13/13 unit tests passing Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>	2026-03-14 22:36:25 -05:00

Author

SHA1

Message

Date

Shaun Arman

32d83df3cf

feat: add multi-mode authentication for integrations (v0.2.10)

Release / build-windows-amd64 (push) Has been cancelled

Details

Release / build-linux-amd64 (push) Has been cancelled

Details

Release / build-macos-arm64 (push) Has been cancelled

Details

Release / build-linux-arm64 (push) Has been cancelled

Details

Implement three authentication methods for Confluence, ServiceNow, and Azure DevOps:

1. **OAuth2** - Traditional OAuth flow for enterprise SSO environments
2. **Embedded Browser** - Webview-based login that captures session cookies/tokens
   - Solves VPN constraints: users authenticate off-VPN via web UI
   - Extracted credentials work on-VPN for API calls
   - Based on confluence-publisher agent pattern
3. **Manual Token** - Direct API token/PAT input as fallback

**Changes:**
- Add webview_auth.rs module for embedded browser authentication
- Implement authenticate_with_webview and extract_cookies_from_webview commands
- Implement save_manual_token command with validation
- Add AuthMethod enum to support all three modes
- Add RadioGroup UI component for mode selection
- Complete rewrite of Integrations settings page with mode-specific UI
- Add secondary button variant for UI consistency

**VPN-friendly design:**
Users can authenticate via webview when off-VPN (web UI accessible), then use extracted cookies for API calls when on-VPN (API requires VPN). Addresses enterprise SSO limitations where OAuth app registration is blocked.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

2026-04-03 17:26:09 -05:00

Shaun Arman

1e8ef41e64

feat: add OAuth2 frontend UI and complete integration flow

Auto Tag / auto-tag (push) Successful in 4s

Details

Test / rust-fmt-check (push) Successful in 2m5s

Details

Release / build-macos-arm64 (push) Successful in 10m29s

Details

Test / rust-clippy (push) Failing after 18m4s

Details

Release / build-linux-arm64 (push) Failing after 22m1s

Details

Test / rust-tests (push) Successful in 12m44s

Details

Test / frontend-typecheck (push) Successful in 1m29s

Details

Test / frontend-tests (push) Has been cancelled

Details

Release / build-windows-amd64 (push) Has been cancelled

Details

Release / build-linux-amd64 (push) Has been cancelled

Details

Phase 2.2: OAuth2 flow - FRONTEND COMPLETE ✅

Implemented:
- TypeScript command wrappers in tauriCommands.ts
  * initiateOauthCmd(service) -> OAuthInitResponse
  * handleOauthCallbackCmd(service, code, stateKey)
  * test*ConnectionCmd() for all services
  * OAuthInitResponse and ConnectionResult types

- Complete Settings/Integrations UI
  * Three integration cards: Confluence, ServiceNow, ADO
  * Connect with OAuth2 buttons (Confluence, ADO)
  * Basic auth note for ServiceNow
  * Configuration inputs: baseUrl, username, projectName, spaceKey
  * Test connection buttons with loading states
  * Success/error feedback with color-coded messages
  * OAuth2 flow instructions for users

- OAuth2 flow in browser
  * Opens auth URL in default browser via shell plugin
  * User authenticates with service
  * Redirected to localhost:8765/callback
  * Callback server handles token exchange automatically
  * Success message shown to user

- CSP updates in tauri.conf.json
  * Added http://localhost:8765 (callback server)
  * Added https://auth.atlassian.com (Confluence OAuth)
  * Added https://*.atlassian.net (Confluence API)
  * Added https://login.microsoftonline.com (ADO OAuth)
  * Added https://dev.azure.com (ADO API)

- UI improvements
  * Fixed Cancel button variant (ghost instead of secondary)
  * Loading spinners with Loader2 icon
  * Check/X icons for success/error states
  * Disabled states when not configured
  * Optimistic UI updates on connect

Frontend + Backend = COMPLETE END-TO-END OAUTH2 FLOW:
1. User goes to Settings → Integrations
2. Enters base URL and config
3. Clicks 'Connect with OAuth2'
4. Browser opens with service auth page
5. User logs in and authorizes
6. Redirected to localhost:8765/callback
7. Token exchanged and encrypted automatically
8. Stored in SQLite credentials table
9. Ready for API calls to external services ✅

TypeScript: All types checked, no errors
Frontend build: ✅ Built in 2.26s
Total lines: ~400 lines of new UI code

Next: Phase 2.3 - Integration API clients (Confluence REST, ServiceNow REST, ADO REST)

2026-04-03 15:04:12 -05:00

Shaun Arman

8839075805

feat: initial implementation of TFTSR IT Triage & RCA application

Implements Phases 1-8 of the TFTSR implementation plan.

Rust backend (Tauri 2.x, src-tauri/):
- Multi-provider AI: OpenAI-compatible, Anthropic, Gemini, Mistral, Ollama
- PII detection engine: 11 regex patterns with overlap resolution
- SQLCipher AES-256 encrypted database with 10 versioned migrations
- 28 Tauri IPC commands for triage, analysis, document, and system ops
- Ollama: hardware probe, model recommendations, pull/delete with events
- RCA and blameless post-mortem Markdown document generators
- PDF export via printpdf
- Audit log: SHA-256 hash of every external data send
- Integration stubs for Confluence, ServiceNow, Azure DevOps (v0.2)

Frontend (React 18 + TypeScript + Vite, src/):
- 9 pages: full triage workflow NewIssue→LogUpload→Triage→Resolution→RCA→Postmortem→History+Settings
- 7 components: ChatWindow, TriageProgress, PiiDiffViewer, DocEditor, HardwareReport, ModelSelector, UI primitives
- 3 Zustand stores: session, settings (persisted), history
- Type-safe tauriCommands.ts matching Rust backend types exactly
- 8 IT domain system prompts (Linux, Windows, Network, K8s, DB, Virt, HW, Obs)

DevOps:
- .woodpecker/test.yml: rustfmt, clippy, cargo test, tsc, vitest on every push
- .woodpecker/release.yml: linux/amd64 + linux/arm64 builds, Gogs release upload

Verified:
- cargo check: zero errors
- tsc --noEmit: zero errors
- vitest run: 13/13 unit tests passing

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>

2026-03-14 22:36:25 -05:00

3 Commits