Tags: DRIUSS/hoop
Tags
feat(analytics): add session type and origin to session events (hooph… …q#1508) * feat(analytics): add session type and origin to session events Add verb (connect/exec) and a product-level origin (cli, webapp, api, mcp, runbooks, proxymanager, agent) to the hoop-session-created, -finished and -reviewed analytics events (ENG-419). Origin is persisted on a new sessions.origin column at creation time so it is available when the finished/reviewed events reload the session from the DB. It is set at every session-creation site that emits these events: - audit plugin (gRPC): mapped from the transport client origin - REST POST /sessions: webapp when User-Client is webapp.core, else api - MCP exec tool: mcp - runbooks (v1/v2): runbooks Both attributes are emitted from sessionUsageProperties so all event call sites are covered consistently; empty origin reports as unknown. * refactor(analytics): emit session origin verbatim from the session Pass the persisted session.origin straight through to the event properties instead of synthesizing "unknown" when it is empty. An empty origin (e.g. rows created before the column existed) is now emitted as an empty string, so the property always reflects exactly what is stored on the session. * feat(analytics): attribute native-client connect sessions to mint surface Native clients connect through a protocol proxy, which stamps the generic ConnectionOriginClient regardless of how the credential was minted, so webapp "Open in native client" sessions were indistinguishable from CLI ones (both reported origin=cli). Record the originating surface on the credential-issuance session from the User-Client/User-Agent header (webapp.core -> webapp, hoopcli -> cli, else -> api) and, when a proxy connection is credential-backed, inherit that origin onto the per-connection session via the existing credential-session link. Direct CLI connects (no credential session) still resolve from the transport origin. - common/proto: add SessionOriginFromUserAgent + tests for both mappers - connection_credentials: set issuance-session origin from the header - audit: inherit origin from the credential session when present - session: use the shared user-agent mapper (now also maps hoopcli -> cli) * fix migration number * chore(migration): match established session migration pattern Wrap 000096_session_origin in BEGIN/COMMIT, set search_path to private (unqualified table name), declare the column NULL, and use DROP COLUMN IF EXISTS on the down — matching 000078_session_correlation_id and the other recent migrations.
feat: add GCP IAM Federation UI for BigQuery connections (hoophq#1495) * feat: add GCP IAM Federation UI for BigQuery connections * fix: update identity template placeholders from {user.email_local} to {user.email} * feat: implement base64 encoding helper and enhance BigQuery federation UI * add: lower email size error * update: static impersonate for gcp * make migration idempotent for iam gcp * fix: remove experimental.iam_federation flag * fix: handle fallback_policy properly in federation configuration * refactor: simplify state updates in federation events using merge * fix: allow switch from iam federation to manual input in bigquery role --------- Co-authored-by: matheusfrancisco <matheusmachadoufsc@gmail.com>
[Fix] Hoop versions commands on Windows (hoophq#1509) * add: fix cli on windows powershell * fix cli for win
feat(tunnel): add tunnel up/down IPC endpoints [RD-209] (hoophq#1507) * feat(tunnel): add tunnel up/down IPC endpoints [RD-209] Separate tunnel lifecycle from authentication. Until now the tunnel came up only on login and tore down only on logout, conflating 'who am I' with 'is the netstack running'. This adds two endpoints that drive Manager.BringUp/TearDown without touching the token: POST /v1/tunnel/up bring the netstack online using the persisted token. Synchronous, idempotent (already_up), 409 when logged out (no token to dial with). POST /v1/tunnel/down tear the netstack down, keep the token. Idempotent (already_down). User stays logged in. This lets a user pause/resume the tunnel without re-authenticating. Changes: - ipc.Service: add Up/Down methods with TunnelUp/DownResponse types. - ipc.Server: handlers + routes; new ErrNotLoggedIn sentinel mapping to 409 (distinct from 401 control-token rejection). - ipc.Client: Up/Down round-trip methods. - daemonService: Up reuses BringUp (folds ErrAlreadyUp into already_up); Down reuses TearDown; both leave the token and config untouched. - openapi.yaml: document both endpoints + the not_logged_in code. - tests: handler-level (200/409/idempotent) and service-level (logged-out -> ErrNotLoggedIn, idle Down no-op, Down keeps token). 🤖 Generated with Mister Maluco Co-Authored-By: MisterMal <teskeslab@lucasteske.dev> * feat(tunnel): periodic + on-demand connection-list refresh [RD-209] The daemon fetched the connection list once at bring-up and never again, so connections created or deleted on the gateway never showed up until a full logout/login. This adds automatic + manual refresh. Concurrency-safe registry (tunnel/tunnelmgr/registry.go): Replaces the bare subTypeByName map (shared by reference into the netstack accept/handler closures AND Snapshot — an unsynchronized data race waiting to happen) with connRegistry, an RWMutex-guarded name -> {subtype, active} store. The accept path reads it via subTypeOf(); a refresh writes it via reconcile(). Snapshot now carries a value-copied []ConnInfo of active connections instead of the live map, removing the shared-map hazard end to end. Refresh mechanics (manager.go): - loadConnections() factors out fetch + allocate + reconcile, shared by buildTunnel (initial) and the new Manager.Refresh (re-load). - Refresh re-fetches and reconciles into the LIVE tunnel without touching the netstack, routes, or in-flight flows. New names become routable immediately (allocator + resolver hold live refs); deleted ones are marked inactive (hidden from listings, new SYNs rejected) but keep their reserved IP — the allocator is append-only and deterministic, so a reappearing connection regains its address. Triggers: - Periodic: daemonService.StartAutoRefresh runs a ticker (--refresh-interval, default 60s, HSH_TUNNELD_REFRESH_INTERVAL override; 0 disables) for the daemon lifetime. It no-ops while the tunnel is down and never tears the tunnel down on a fetch blip. - Manual: POST /v1/connections/refresh + ipc.Client.RefreshConnections. Tests: - registry: reconcile add/retire/reactivate, idempotence, and a -race concurrent reader/writer regression guard. - ipc handler: 200 + running/count, down no-op. - service: refresh no-op when down, Manager.Refresh no-op when idle. All of ./tunnel/... green under -race. 🤖 Generated with Mister Maluco Co-Authored-By: MisterMal <teskeslab@lucasteske.dev> --------- Co-authored-by: MisterMal <teskeslab@lucasteske.dev>
[helm] Add section to turn on gateway api for the gRPC (hoophq#1504)
fix: send Slack message through AI Session Analyzer (hoophq#1505) * fix: send Slack message through AI Session Analyzer * refactor: handle missing or empty Slack plugin configuration * fix: prevent empty Slack channel configurations from being submitted
feat: enable experimental feature flags by default (hoophq#1503)
feat: enable experimental feature flags by default (hoophq#1503)
PreviousNext