Observability: Langfuse (#329)

This PR
* adds Langfuse instrumentation for usage and cost tracking
* adds script and manifests to deploy Langfuse on K8s & OpenShift

---------

Signed-off-by: sallyom <somalley@redhat.com>
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Ambient Code Bot <bot@ambient-code.local>

Author: 3 people

.github/workflows/runner-tests.yml

@@ -0,0 +1,53 @@
+name: Claude Code Runner Tests
+
+on:
+  pull_request:
+    paths:
+      - 'components/runners/claude-code-runner/**'
+      - '.github/workflows/runner-tests.yml'
+  push:
+    branches: [main]
+    paths:
+      - 'components/runners/claude-code-runner/**'
+      - '.github/workflows/runner-tests.yml'
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: components/runners/claude-code-runner
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v5
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.11'
+          cache: 'pip'
+
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install -e .
+          pip install pytest pytest-asyncio pytest-cov
+
+      - name: Run unit tests for observability and security_utils
+        run: |
+          # Only run standalone unit tests that don't require runner_shell runtime
+          # (test_model_mapping.py and test_wrapper_vertex.py require full runtime environment)
+          pytest tests/test_observability.py tests/test_security_utils.py -v --tb=short --color=yes
+
+      - name: Run tests with coverage
+        run: |
+          pytest tests/test_observability.py tests/test_security_utils.py --cov=observability --cov=security_utils --cov-report=term-missing --cov-report=xml
+
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@v4
+        with:
+          files: ./components/runners/claude-code-runner/coverage.xml
+          flags: runner
+          name: claude-code-runner
+          fail_ci_if_error: false

.gitignore

@@ -124,3 +124,7 @@ e2e/.env.test
 e2e/node_modules/
 e2e/cypress/screenshots/
 e2e/cypress/videos/
+
+# Langfuse secrets and deployment credentials
+e2e/.env.langfuse
+e2e/langfuse/.env.langfuse-keys

Makefile

@@ -1,4 +1,4 @@
-.PHONY: help setup-env build-all build-frontend build-backend build-operator build-runner deploy clean dev-frontend dev-backend lint test registry-login push-all dev-start dev-stop dev-test dev-logs-operator dev-restart-operator dev-operator-status dev-test-operator e2e-test e2e-setup e2e-clean setup-hooks remove-hooks
+.PHONY: help setup-env build-all build-frontend build-backend build-operator build-runner deploy clean dev-frontend dev-backend lint test registry-login push-all dev-start dev-stop dev-test dev-logs-operator dev-restart-operator dev-operator-status dev-test-operator e2e-test e2e-setup e2e-clean setup-hooks remove-hooks deploy-langfuse-openshift
 
 # Default target
 help: ## Show this help message
@@ -175,3 +175,7 @@ e2e-setup: ## Install e2e test dependencies
 e2e-clean: ## Clean up e2e test environment
 	@echo "Cleaning up e2e environment..."
 	cd e2e && CONTAINER_ENGINE=$(CONTAINER_ENGINE) ./scripts/cleanup.sh
+
+deploy-langfuse-openshift: ## Deploy Langfuse to OpenShift/ROSA cluster
+	@echo "Deploying Langfuse to OpenShift cluster..."
+	@cd e2e && ./scripts/deploy-langfuse.sh --openshift

components/backend/handlers/middleware.go

@@ -5,6 +5,7 @@ import (
 	"encoding/json"
 	"log"
 	"net/http"
+	"regexp"
 	"strings"
 	"time"
 
@@ -30,6 +31,23 @@ var (
 	StringPtr = func(s string) *string { return &s }
 )
 
+// Kubernetes DNS-1123 label validation (namespace, service account names)
+var kubernetesNameRegex = regexp.MustCompile(`^[a-z0-9]([-a-z0-9]*[a-z0-9])?$`)
+
+// isValidKubernetesName validates that a string is a valid Kubernetes DNS-1123 label
+// Returns false if:
+//   - name is empty (prevents empty string injection)
+//   - name exceeds 63 characters
+//   - name contains invalid characters (not lowercase alphanumeric or '-')
+//   - name starts or ends with '-' (enforced by regex)
+func isValidKubernetesName(name string) bool {
+	// Explicit length check: reject empty strings and names > 63 chars
+	if len(name) == 0 || len(name) > 63 {
+		return false
+	}
+	return kubernetesNameRegex.MatchString(name)
+}
+
 // ContentListItem represents a content list item for file browsing
 type ContentListItem struct {
 	Name       string `json:"name"`
@@ -102,6 +120,14 @@ func GetK8sClientsForRequest(c *gin.Context) (*kubernetes.Clientset, dynamic.Int
 // updateAccessKeyLastUsedAnnotation attempts to update the ServiceAccount's last-used annotation
 // when the incoming token is a ServiceAccount JWT. Uses the backend service account client strictly
 // for this telemetry update and only for SAs labeled app=ambient-access-key. Best-effort; errors ignored.
+//
+// RBAC:
+// This function intentionally uses the backend service account (K8sClientMw) instead of user credentials
+// because it updates platform-managed telemetry metadata (last-used timestamp) that users should not control.
+//
+// - Only updates ServiceAccounts with label app=ambient-access-key (line check below)
+// - Only updates the last-used-at annotation (no other metadata changes)
+// - Best-effort operation with all errors ignored (cannot disrupt user requests)
 func updateAccessKeyLastUsedAnnotation(c *gin.Context) {
 	// Parse Authorization header
 	rawAuth := c.GetHeader("Authorization")
@@ -252,6 +278,13 @@ func ValidateProjectContext() gin.HandlerFunc {
 			return
 		}
 
+		// Validate namespace name to prevent injection attacks
+		if !isValidKubernetesName(projectHeader) {
+			c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid project name format"})
+			c.Abort()
+			return
+		}
+
 		// Ensure the caller has at least list permission on agenticsessions in the namespace
 		ssar := &authv1.SelfSubjectAccessReview{
 			Spec: authv1.SelfSubjectAccessReviewSpec{

components/manifests/base/ambient-admin-langfuse-secret.yaml.example

@@ -0,0 +1,45 @@
+# Example: Platform Admin Langfuse Secret
+#
+# This secret stores ALL Langfuse observability configuration for the platform.
+# All LANGFUSE_* environment variables are configured here in one place.
+#
+# IMPORTANT:
+# - This is a PLATFORM-ADMIN managed secret, not configured per-workspace
+# - Should be created in the same namespace as the operator (typically 'ambient-code')
+# - Contains both credentials (PUBLIC_KEY, SECRET_KEY) and configuration (HOST, ENABLED)
+#
+# How to create this secret:
+#
+# Option 1: Using kubectl (recommended for production):
+#   kubectl create secret generic ambient-admin-langfuse-secret \
+#     --from-literal=LANGFUSE_PUBLIC_KEY=pk-lf-YOUR-PUBLIC-KEY-HERE \
+#     --from-literal=LANGFUSE_SECRET_KEY=sk-lf-YOUR-SECRET-KEY-HERE \
+#     --from-literal=LANGFUSE_HOST=http://langfuse-web.langfuse.svc.cluster.local:3000 \
+#     --from-literal=LANGFUSE_ENABLED=true \
+#     -n ambient-code
+#
+# Option 2: Using this YAML file (less secure - keys visible in manifest):
+#   1. Copy this file: cp ambient-admin-langfuse-secret.yaml.example ambient-admin-langfuse-secret.yaml
+#   2. Replace placeholder values with your actual configuration
+#   3. Apply: kubectl apply -f ambient-admin-langfuse-secret.yaml
+#   4. Delete the file: rm ambient-admin-langfuse-secret.yaml  # Don't commit secrets!
+
+apiVersion: v1
+kind: Secret
+metadata:
+  name: ambient-admin-langfuse-secret
+  labels:
+    app: agentic-operator
+    ambient-code.io/component: observability
+type: Opaque
+stringData:
+  # Get these keys from your Langfuse instance:
+  # https://your-langfuse-host.com/settings (Project Settings -> API Keys)
+  LANGFUSE_PUBLIC_KEY: "pk-lf-YOUR-PUBLIC-KEY-HERE"
+  LANGFUSE_SECRET_KEY: "sk-lf-YOUR-SECRET-KEY-HERE"
+
+  # Langfuse instance URL (cluster-internal or external)
+  LANGFUSE_HOST: "http://langfuse-web.langfuse.svc.cluster.local:3000"
+
+  # Enable Langfuse observability for all sessions
+  LANGFUSE_ENABLED: "true"

components/manifests/base/operator-deployment.yaml

@@ -57,6 +57,32 @@ spec:
             configMapKeyRef:
               name: operator-config
               key: GOOGLE_APPLICATION_CREDENTIALS
+        # Platform-wide Langfuse observability configuration
+        # All LANGFUSE_* config stored in ambient-admin-langfuse-secret (platform-admin managed)
+        - name: LANGFUSE_ENABLED
+          valueFrom:
+            secretKeyRef:
+              name: ambient-admin-langfuse-secret
+              key: LANGFUSE_ENABLED
+              optional: true  # Optional: defaults to false if secret doesn't exist
+        - name: LANGFUSE_HOST
+          valueFrom:
+            secretKeyRef:
+              name: ambient-admin-langfuse-secret
+              key: LANGFUSE_HOST
+              optional: true  # Optional: only needed if Langfuse enabled
+        - name: LANGFUSE_PUBLIC_KEY
+          valueFrom:
+            secretKeyRef:
+              name: ambient-admin-langfuse-secret
+              key: LANGFUSE_PUBLIC_KEY
+              optional: true  # Optional: only needed if Langfuse enabled
+        - name: LANGFUSE_SECRET_KEY
+          valueFrom:
+            secretKeyRef:
+              name: ambient-admin-langfuse-secret
+              key: LANGFUSE_SECRET_KEY
+              optional: true  # Optional: only needed if Langfuse enabled
         resources:
           requests:
             cpu: 50m