Add health checks, auto-reauth, and record-session flags to managed auth#164
Add health checks, auto-reauth, and record-session flags to managed auth#164masnwilliams wants to merge 3 commits into
Conversation
Exposes the health monitoring controls in auth connection create and update. Bumps kernel-go-sdk to v0.55.0 so the new fields land on the SDK request/response types. Create: - --no-health-checks (opt out; defaults on server-side) - --no-auto-reauth (opt out; defaults on server-side) - --record-session (opt in) Update: - --health-checks / --no-health-checks - --auto-reauth / --no-auto-reauth - --record-session / --no-record-session Also surfaces the three booleans in the managed auth summary table. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Monitoring Plan: Auth Connection CLI — New Health/Session FlagsThis PR adds three new flags to Key risks to watch: (1) The new fields flowing through to the API could hit validation errors if the SDK v0.55 contract differs from what the server expects, surfacing as 4xx/5xx spikes on Status updates will be posted automatically on this PR as monitoring progresses. |
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 8abaeaa. Configure here.
There was a problem hiding this comment.
looks good to me, 2 nit (first one blocking, second one non-blocking):
Nit 1: the get command does not display HealthChecks, AutoReauth, or RecordSession. It builds its own table separately from printManagedAuthSummary. Users who set these flags on create/update will not be able to verify through get. Could you add the 3 lines there as well? (caught by Bugbot as well)
Nit 2: unlike the dashboard (which auto-disables auto-reauth when health checks are turned off), the CLI lets you pass --no-health-checks without --no-auto-reauth. The result is health_checks = false, and auto_reauth = true, which is harmless because of the way the temporal workflow works but could be potentially confusing. Worth either updating the API (also noted in the other PR), or making that change here in the CLI, or just adding a comment and explaining it's a no-op.
…auth-health-controls # Conflicts: # go.mod # go.sum
2 participants
Summary
Flags
Create (server-side defaults: `health_checks=true`, `auto_reauth=true`, `record_session=false`):
Update (toggle both directions):
Conflicting flag pairs are marked mutually exclusive.
Test plan
🤖 Generated with Claude Code
Note
Medium Risk
Changes how managed auth sessions are monitored, re-authenticated, and recorded; mistakes in flag mapping could leave connections in unintended states, but scope is CLI-only over existing API fields.
Overview
Exposes managed-auth health monitoring settings through
kernel auth connections createandupdate, wiring new flags into the SDK create/update payloads and showing Health Checks, Auto Reauth, and Record Session on the post-create/update summary table.Create uses opt-out/opt-in flags aligned with server defaults:
--no-health-checks,--no-auto-reauth, and--record-sessiononly send explicit values when set. Update adds paired toggles (--health-checks/--no-health-checks,--auto-reauth/--no-auto-reauth,--record-session/--no-record-session) with the sameBoolFlag+Changed()pattern assave-credentials, and marks conflicting pairs mutually exclusive.Tests add
TestAuthConnectionsCreate_HealthMonitoringFlagsand extend the update mapping test to assert the three new fields.Reviewed by Cursor Bugbot for commit 79d7f48. Bugbot is set up for automated code reviews on this repo. Configure here.