wu-sheng opened a new pull request, #96: URL: https://github.com/apache/skywalking-horizon-ui/pull/96
## Why Two operator-facing cleanups that fell out of the same review: **config should live in OAP, not in local BFF state files**, and the **AI-powered APM should be discoverable to everyone**, not hidden until fully configured. ## What ### Config lives in OAP, not local files - **Removed the dead per-layer setup override store** — `SetupStore` + `/api/setup` + `setup.file` / `HORIZON_SETUP_FILE`. Nothing wrote it and the layer loader never read it; per-layer config (name / slots / caps / landing) is authored in the layer-dashboards template and the browser resolves the rendered `LayerConfig` from those template defaults. The UI `useSetupStore` keeps only its live client-side resolver. - **Alarm-page setup is OAP-only** — the whole `horizon.alert.page-setup` singleton (pinned layers, default window, overview fetch cap). `bff.alarms.config()` now reads its effective (OAP-remote ↔ bundled) copy from the config-bundle **sync status**, exactly like the theme / time-defaults singletons; the editor saves **only** via `templateSync.save` (the same OAP-template path layer templates use). The redundant local read-cache (`AlarmsStore` / `horizon-alarms.json`), the `/api/alarms/config` route, and `alarms.file` / `HORIZON_ALARMS_FILE` are gone. The Alert-page lede drops its stale "defaults are `GENERAL` + `MESH`" note. - **`audit.enabled`** (env `HORIZON_AUDIT_ENABLED`, default `true`) — the audit trail stays on by default (it's a security record) but can now be disabled entirely, matching `debugLog`'s `enabled` + `file` shape. Stale `setup`/`alarms` `.gitignore` entries pruned. ### AI assistant — discoverable to everyone - **Launcher + panel show for every signed-in user.** Until a model is configured the panel opens **read-only** with an *"ask your administrator to set it up"* notice (both the docked drawer and the full `/ai` page); it flips to a live chat once `ai.enabled` + a provider are set. - **Permission via RBAC on the request, not launcher visibility.** The config probe is now `auth`-readable so the panel reflects true readiness for all users; the **chat request stays `ai:read`-gated** — a user without it still sees the launcher and their send is rejected with a clear message. `ai:read` is granted to every role by default. ## Validation - `type-check`, `lint`, `build-ui`, `build-bff`, `test:unit` (213 BFF / 141 UI), `license:check` (0 invalid), i18n all-8-locale symmetric — **all green**. - **Alarms read path validated on a live OAP** — the Alert-page admin renders "Synced from OAP" with pinned layers / window / fetch cap read from the template. - ⚠️ **Alarms write round-trip NOT yet validated on a live OAP** — editing the pinned layers → Save → confirming the header tiles + topbar badge reflect it (exercises `templateSync.save` → OAP → `config()` re-read) still wants a smoke on a real OAP. Flagged in the commit body. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
