14 Commits

Author	SHA1	Message	Date
Shaun Arman	5fae3c79a7	fix: persist integration settings and implement persistent browser windows ... ## Integration Settings Persistence - Add database commands to save/load integration configs (base_url, username, project_name, space_key) - Frontend now loads configs from DB on mount and saves changes automatically - Fixes issue where settings were lost on app restart ## Persistent Browser Window Architecture - Integration browser windows now stay open for user browsing and authentication - Extract fresh cookies before each API call to handle token rotation - Track open windows in app state (integration_webviews HashMap) - Windows titled as "{Service} Browser (TFTSR)" for clarity - Support easy navigation between app and browser windows (Cmd+Tab/Alt+Tab) - Gracefully handle closed windows with automatic cleanup ## Bug Fixes - Fix Rust formatting issues across 8 files - Fix clippy warnings: - Use is_some_and() instead of map_or() in openai.rs - Use .to_string() instead of format!() in integrations.rs - Add missing OptionalExtension import for .optional() method ## Tests - Add test_integration_config_serialization - Add test_webview_tracking - Add test_token_auth_request_serialization - All 6 integration tests passing ## Files Modified - src-tauri/src/state.rs: Add integration_webviews tracking - src-tauri/src/lib.rs: Register 3 new commands, initialize webviews HashMap - src-tauri/src/commands/integrations.rs: Config persistence, fresh cookie extraction (+151 lines) - src-tauri/src/integrations/webview_auth.rs: Persistent window behavior - src/lib/tauriCommands.ts: TypeScript wrappers for new commands - src/pages/Settings/Integrations.tsx: Load/save configs from DB Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>	2026-04-04 09:57:22 -05:00
Shaun Arman	c885f2cc8f	feat: add multi-mode authentication for integrations (v0.2.10) ... Implement three authentication methods for Confluence, ServiceNow, and Azure DevOps: 1. **OAuth2** - Traditional OAuth flow for enterprise SSO environments 2. **Embedded Browser** - Webview-based login that captures session cookies/tokens - Solves VPN constraints: users authenticate off-VPN via web UI - Extracted credentials work on-VPN for API calls - Based on confluence-publisher agent pattern 3. **Manual Token** - Direct API token/PAT input as fallback **Changes:** - Add webview_auth.rs module for embedded browser authentication - Implement authenticate_with_webview and extract_cookies_from_webview commands - Implement save_manual_token command with validation - Add AuthMethod enum to support all three modes - Add RadioGroup UI component for mode selection - Complete rewrite of Integrations settings page with mode-specific UI - Add secondary button variant for UI consistency **VPN-friendly design:** Users can authenticate via webview when off-VPN (web UI accessible), then use extracted cookies for API calls when on-VPN (API requires VPN). Addresses enterprise SSO limitations where OAuth app registration is blocked. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>	2026-04-03 17:26:09 -05:00
Shaun Arman	b4bf1d37cd	fix: add user_id support and OAuth shell permission (v0.2.6) ... Fixes: - Added shell:allow-open permission to fix OAuth integration flows - Added user_id field to ProviderConfig for MSI GenAI CORE ID - Added UI field for user_id when api_format is msi_genai - Made userId optional in MSI GenAI requests (only sent if provided) - Added X-msi-genai-client header to MSI GenAI requests - Updated CSP to include MSI GenAI domains - Bumped version to 0.2.6 This fixes: - OAuth error: 'Command plugin:shell|open not allowed by ACL' - Missing User ID field in MSI GenAI configuration UI	2026-04-03 16:34:00 -05:00
Shaun Arman	9d8bdd383c	feat: add MSI GenAI custom provider support ... - Extended ProviderConfig with optional custom fields for non-OpenAI APIs - Added custom_endpoint_path, custom_auth_header, custom_auth_prefix fields - Added api_format field to distinguish between OpenAI and MSI GenAI formats - Added session_id field for stateful conversation APIs - Implemented chat_msi_genai() method in OpenAI provider - MSI GenAI uses different request format (prompt+sessionId) and response (msg field) - Updated TypeScript types to match Rust schema - Added UI controls in Settings/AIProviders for custom provider configuration - API format selector auto-populates appropriate defaults (OpenAI vs MSI GenAI) - Backward compatible: existing providers default to OpenAI format	2026-04-03 15:45:42 -05:00
Shaun Arman	1e8ef41e64	feat: add OAuth2 frontend UI and complete integration flow ... Phase 2.2: OAuth2 flow - FRONTEND COMPLETE ✅ Implemented: - TypeScript command wrappers in tauriCommands.ts * initiateOauthCmd(service) -> OAuthInitResponse * handleOauthCallbackCmd(service, code, stateKey) * test*ConnectionCmd() for all services * OAuthInitResponse and ConnectionResult types - Complete Settings/Integrations UI * Three integration cards: Confluence, ServiceNow, ADO * Connect with OAuth2 buttons (Confluence, ADO) * Basic auth note for ServiceNow * Configuration inputs: baseUrl, username, projectName, spaceKey * Test connection buttons with loading states * Success/error feedback with color-coded messages * OAuth2 flow instructions for users - OAuth2 flow in browser * Opens auth URL in default browser via shell plugin * User authenticates with service * Redirected to localhost:8765/callback * Callback server handles token exchange automatically * Success message shown to user - CSP updates in tauri.conf.json * Added http://localhost:8765 (callback server) * Added https://auth.atlassian.com (Confluence OAuth) * Added https://*.atlassian.net (Confluence API) * Added https://login.microsoftonline.com (ADO OAuth) * Added https://dev.azure.com (ADO API) - UI improvements * Fixed Cancel button variant (ghost instead of secondary) * Loading spinners with Loader2 icon * Check/X icons for success/error states * Disabled states when not configured * Optimistic UI updates on connect Frontend + Backend = COMPLETE END-TO-END OAUTH2 FLOW: 1. User goes to Settings → Integrations 2. Enters base URL and config 3. Clicks 'Connect with OAuth2' 4. Browser opens with service auth page 5. User logs in and authorizes 6. Redirected to localhost:8765/callback 7. Token exchanged and encrypted automatically 8. Stored in SQLite credentials table 9. Ready for API calls to external services ✅ TypeScript: All types checked, no errors Frontend build: ✅ Built in 2.26s Total lines: ~400 lines of new UI code Next: Phase 2.3 - Integration API clients (Confluence REST, ServiceNow REST, ADO REST)	2026-04-03 15:04:12 -05:00
Shaun Arman	4c4ca40146	fix: UI contrast issues and ARM64 build failure ... **UI Fixes (TDD approach - tests first, then implementation):** - Resolution steps: improved text contrast (text-foreground vs muted) - DocEditor preview: added text-foreground class for readability - History page: fixed domain display (category field) with better contrast - Audit Log: added expandable rows with View/Hide buttons to show transmitted data - Dashboard & buttons: already had proper contrast with outline variant - Export document: fixed missing title/content parameters in command signature **Tests Added (13 new tests, all passing):** - tests/unit/resolution.test.tsx - resolution steps contrast - tests/unit/docEditor.test.tsx - preview mode and export buttons - tests/unit/exportDocument.test.ts - export parameters validation - tests/unit/history.test.tsx - domain display and filtering - tests/unit/dashboard.test.tsx - refresh button visibility - tests/unit/auditLog.test.tsx - data visibility and expandable rows - tests/unit/setup.ts - added @testing-library/jest-dom matchers **CI Fix:** - Removed platform label from ARM64 build step (native agent, old Docker) **Test Results:** - Frontend: 38/38 passing ✅ - Backend: 64/64 passing ✅ - TypeScript: no errors ✅ Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>	2026-04-03 08:05:58 -05:00
Shaun Arman	03cc9914ad	fix: domainPrompts closing brace too early; arm64 use native platform image ... - domainPrompts.ts: closing }; was inside the Record object after 'automation', leaving hpe_infra/dell_hardware/identity orphaned outside the object — caused 3 TS1005/TS1109 errors and broke the macOS and all frontend builds - release.yml: replace multiarch cross-compilation (broken due to WebKit arm64 package conflicts) with --platform linux/arm64 container option so QEMU runs a native ARM64 image directly — no cross-compilation, no package conflicts	2026-03-31 19:36:07 -05:00
Shaun Arman	3d3f877eb3	feat: add HPE, Dell, Identity domains + expand k8s/security/observability/VESTA NXT ... New domains: - HPE Infrastructure: OneView v8.5, iLO, Synergy 12000/480 Gen10/11, DL360/320/20, Image Streamer, SSP, Smart Update Manager, RACADM equivalents - Dell Hardware: iDRAC 8/9/10, RACADM, Lifecycle Controller, PERC/StorCLI, OpenManage, R-series PowerEdge servers - Identity & Access: Keycloak realm/SSO/LDAP federation, HashiCorp Boundary, SSSD/AD integration, Kerberos Expanded domains: - Kubernetes: add RKE2, OpenShift/KubeVirt (OCP operators, must-gather, CDI) - Security: add Cortex XDR, Trellix, Rapid7, CIS hardening, fapolicyd, AIDE - Observability: add Beats agents (Filebeat/Metricbeat/Packetbeat), Zabbix Proxy, OpenTelemetry collector pipeline troubleshooting - Public Safety: add full VESTA NXT microservices (Skipper, CTC, i3 services, Analytics/PEIDB, Management Console, Porter/Helm deployment context)	2026-03-31 18:32:40 -05:00
Shaun Arman	99ec66c77b	feat: expand domains to 13 — add Telephony, Security/Vault, Public Safety, Application, Automation/CI-CD ... New domains: Telephony (Asterisk, AudioCodes SBC, SIP/RTP), Security/Vault (HashiCorp Vault, PKI, mTLS), Public Safety (NENA i3, NG911, CAD, PSAP), Application (Java/JVM, Spring Boot, Tomcat), Automation/CI-CD (Ansible, Jenkins, Porter, Helm). Existing domains expanded: Linux adds RHEL 8/9 + OEL 6/7/8/9 + Debian specifics; Windows adds 10/11 + Server 2019/2022; Network adds Fortigate/Cisco/Aruba/Nokia; Kubernetes adds k3s/Rancher/ECK; Databases adds MS SQL/RabbitMQ/Patroni; Virtualization adds Proxmox; Observability adds Grafana/Kibana specifics.	2026-03-31 18:13:30 -05:00
Shaun Arman	47af97b68e	feat: close issues, restore history, auto-save resolution steps ... - db.rs: add get_issue_messages command (joins ai_conversations + ai_messages) - tauriCommands.ts: fix updateIssueCmd to pass updates as nested object (was spreading inline — Rust expects {issueId, updates}); fix addFiveWhyCmd parameter names to match Rust (stepOrder, whyQuestion, answer, evidence); add getIssueMessagesCmd and IssueMessage interface - Dashboard: X button on each open issue row to close (mark resolved) inline - Triage: restore conversation history from DB when revisiting existing issues; detect close intent patterns and mark issue resolved + navigate home; auto-save resolution step via addFiveWhyCmd when AI advances why level - tests: add issueActions.test.ts covering IPC arg structure and close intent	2026-03-31 12:50:39 -05:00
Shaun Arman	5b37bd3435	fix: listIssuesCmd was sending {query} but Rust expects {filter} — caused dashboard to always show 0 open issues	2026-03-31 09:09:57 -05:00
Shaun Arman	652418017c	fix: provider test FK error, model pull white screen, RECOMMENDED badge	2026-03-31 07:46:36 -05:00
Shaun Arman	16d537c4af	fix: button text visibility, toggle contrast, create_issue IPC, ad-hoc codesign ... - globals.css: remove button from WebKit -webkit-text-fill-color override that was causing button text to be invisible (text color matched background in dark mode) - Security.tsx: toggle enabled state uses bg-blue-500 instead of bg-primary; in dark mode --primary is near-white making the white knob invisible - tauriCommands.ts: fix createIssueCmd to pass flat args (not wrapped in newIssue), map domain->category, and return Issue instead of IssueDetail - NewIssue/index.tsx: update call site to use Issue return type directly - release.yml: add ad-hoc codesign step for macOS .app so Gatekeeper shows "unidentified developer" instead of "damaged" error	2026-03-30 15:52:43 -05:00
Shaun Arman	8839075805	feat: initial implementation of TFTSR IT Triage & RCA application ... Implements Phases 1-8 of the TFTSR implementation plan. Rust backend (Tauri 2.x, src-tauri/): - Multi-provider AI: OpenAI-compatible, Anthropic, Gemini, Mistral, Ollama - PII detection engine: 11 regex patterns with overlap resolution - SQLCipher AES-256 encrypted database with 10 versioned migrations - 28 Tauri IPC commands for triage, analysis, document, and system ops - Ollama: hardware probe, model recommendations, pull/delete with events - RCA and blameless post-mortem Markdown document generators - PDF export via printpdf - Audit log: SHA-256 hash of every external data send - Integration stubs for Confluence, ServiceNow, Azure DevOps (v0.2) Frontend (React 18 + TypeScript + Vite, src/): - 9 pages: full triage workflow NewIssue→LogUpload→Triage→Resolution→RCA→Postmortem→History+Settings - 7 components: ChatWindow, TriageProgress, PiiDiffViewer, DocEditor, HardwareReport, ModelSelector, UI primitives - 3 Zustand stores: session, settings (persisted), history - Type-safe tauriCommands.ts matching Rust backend types exactly - 8 IT domain system prompts (Linux, Windows, Network, K8s, DB, Virt, HW, Obs) DevOps: - .woodpecker/test.yml: rustfmt, clippy, cargo test, tsc, vitest on every push - .woodpecker/release.yml: linux/amd64 + linux/arm64 builds, Gogs release upload Verified: - cargo check: zero errors - tsc --noEmit: zero errors - vitest run: 13/13 unit tests passing Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>	2026-03-14 22:36:25 -05:00