Permission guards

[aaronlmathis]

No description provided.

[Copilot]

Pull Request Overview

This PR introduces a comprehensive "Permission Guards" system that provides enhanced safety and security for bulk actions in the Kaptn Kubernetes dashboard. The implementation adds multiple layers of protection including safety validation, audit logging, action coordination, and frontend confirmation dialogs to prevent accidental destructive operations.

• Adds a new enhanced actions system with safety guards, audit logging, and action coordination
• Implements frontend bulk action API integration with confirmation dialogs and safety validation
• Introduces comprehensive safety rules for protecting critical namespaces and resources
• Creates a documentation proposal for future API package reorganization

Reviewed Changes

Copilot reviewed 20 out of 21 changed files in this pull request and generated 5 comments.

Show a summary per file

File	Description
proposed_reorganization.md	Comprehensive analysis and proposal for reorganizing the API package from current monolithic structure to domain-driven architecture
internal/k8s/actions/safety.go	Safety guard implementation with namespace protection, label-based security, and destructive action validation
internal/k8s/actions/manager.go	Enhanced actions manager that orchestrates safety guards, audit logging, and action coordination
internal/k8s/actions/integration_example.go	Example code showing how to integrate the enhanced actions system into existing server structure
internal/k8s/actions/handlers.go	HTTP handlers for enhanced bulk actions with safety validation and user confirmation workflows
internal/k8s/actions/coordinator.go	Action coordinator that manages RBAC checks, safety validation, and action execution with comprehensive audit logging
internal/k8s/actions/audit.go	Structured audit logging system for tracking all action requests, safety violations, and security events
internal/api/server.go	Integration of enhanced actions system into main server with safety guards and audit logging
internal/api/handlers_actions_stubs.go	Stub implementations for deployment, service, configmap, and secret bulk actions
internal/api/handlers_actions_pods.go	Enhanced pod bulk actions handler with safety validation and confirmation workflows
internal/api/handlers_actions_common.go	Common action validation and routing logic with safety checks
go.mod	Added dependencies for JWT handling and YAML processing
frontend/src/lib/api/bulk-actions.ts	TypeScript API client for bulk actions with safety violation handling
frontend/src/hooks/useActionConfirmation.ts	React hook for managing action confirmation dialogs
frontend/src/hooks/use-bulk-actions.ts	React hook for executing bulk actions with error handling and confirmation
frontend/src/components/ui/action-confirmation-dialog.tsx	Reusable confirmation dialog component with safety violation display
frontend/src/components/data_tables/PodsDataTable.tsx	Integration of bulk actions with confirmation dialogs in pods data table
frontend/src/components/ActionConfirmationDialog.tsx	Example confirmation dialog implementation with destructive action protection
PROJECT_FILES.md	Updated project structure documentation
Backend_Refactor.md	Detailed step-by-step refactoring plan for transforming monolithic API package

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[Copilot]

The hardcoded list of denied namespaces should be configurable rather than hardcoded. Consider making this configurable through environment variables or configuration files to allow different deployment scenarios.

[Copilot]

The Duration field is stored as a string, which makes it difficult to query or analyze. Consider using a numeric field (e.g., duration in milliseconds) alongside the human-readable string, or use a proper duration type that can be unmarshaled correctly.

Suggested change

	DryRun bool `json:"dry_run"`
	Duration string `json:"duration,omitempty"`
	DryRun bool `json:"dry_run"`
	// Duration in human-readable format (e.g., "1m23s")
	Duration string `json:"duration,omitempty"`
	// DurationMs stores the duration in milliseconds for easier querying/analysis
	DurationMs int64 `json:"duration_ms,omitempty"`

[Copilot]

This parseAction function in the pods file contains logic for multiple resource types (deployments, services, configmaps, secrets), violating the single responsibility principle. As noted in the reorganization proposal, this should be moved to a centralized action parser to eliminate cross-domain logic.

[Copilot]

The hook treats a response with success: false as an error case, but this should still be considered a successful HTTP response. The error handling should distinguish between HTTP errors (network issues, 4xx/5xx status codes) and business logic failures (success: false).

Suggested change

	if (response.success) {
	options.onSuccess?.(response)
	} else {
	const error = new Error(response.message || 'Action failed')
	setError(error)
	options.onError?.(error)
	}
	options.onSuccess?.(response)

[Copilot]

The requestBody.Read method always returns 0 bytes and nil error, which means no data is actually read. This will cause request body parsing to fail. The implementation needs to properly marshal the data and provide it through the Read interface.