Enrich fleet site and building telemetry tables

[flesher]

Summary

This PR enriches the Fleet Sites and Buildings tabs with telemetry-aware table rows: miners, issues, hashrate, efficiency, power, temperature, and health composition now come back with each list row instead of being fetched by one stats RPC per row. The API gains a lightweight common.v1.FleetListStats shape attached to SiteWithCounts and BuildingWithCounts, with inclusion gated by fleet:read so telemetry only appears for callers authorized to read fleet data.

The heavier detail stats RPCs remain in place for pages/cards that need detail-only payloads such as device identifiers, per-rack health, floor-plan data, or slot statuses. This change also creates the API shape needed for future server-side sorting/filtering on telemetry columns.

How it works

The Fleet Sites and Buildings React tables still request their normal list data, but now read listStats from each row and render telemetry columns directly from that payload. Count cells link into the child Fleet tabs, issue counts sum component-level actionable errors, temperature respects the user's unit preference, and health bars show hashing, broken, and offline/sleeping device composition.

On the server, ListSites and ListBuildings first enforce their normal list permissions, then opportunistically check fleet:read. Callers with that permission get row-scoped FleetListStats; callers without it receive the same structural list rows without stats. The domain services populate row stats from structural counts, paired/auth-needed miner identifiers, miner state counts, latest telemetry rollups, and component issue counts.

Telemetry math and component issue aggregation are centralized in server/internal/domain/devicerollup so Sites, Buildings, and existing collection stats use the same conversions, invalid-value handling, temperature range behavior, and component type mapping.

Diagrams

flowchart LR
  Client["Fleet Sites / Buildings tabs"] -->|"ListSites / ListBuildings"| Handler["Connect handlers"]
  Handler --> BaseAuth["Require site/building list access"]
  Handler --> StatsAuth["Check fleet:read"]
  StatsAuth -->|"authorized"| Domain["Site / Building domain service"]
  StatsAuth -->|"not authorized"| StructuralOnly["Rows without list_stats"]
  Domain --> Stores["SQL stores"]
  Domain --> Devices["Device queryer"]
  Domain --> Telemetry["Latest telemetry store"]
  Domain --> Rollup["devicerollup helpers"]
  Stores --> Counts["Building / rack / device counts"]
  Devices --> State["Miner state + component issue counts"]
  Telemetry --> Metrics["Hashrate / power / efficiency / temperature"]
  Counts --> ListStats["common.v1.FleetListStats"]
  State --> ListStats
  Metrics --> Rollup --> ListStats
  ListStats --> Client
  Detail["Detail pages / cards"] -->|"GetSiteStats / GetBuildingStats"| DetailRPC["Detail stats RPCs"]
  DetailRPC -->|"detail-only payloads stay here"| Detail

Loading

sequenceDiagram
  participant UI as Fleet table
  participant API as ListSites/ListBuildings
  participant Auth as RBAC
  participant Domain as Domain service
  participant Stores as SQL/device/telemetry stores

  UI->>API: Request list rows
  API->>Auth: Require base list access
  API->>Auth: Check fleet:read for telemetry
  API->>Domain: List with IncludeStats flag
  Domain->>Stores: Load structural rows and counts
  alt caller has fleet:read
    Domain->>Stores: Resolve paired/auth-needed devices by row scope
    Domain->>Stores: Load miner state counts
    Domain->>Stores: Load component issue counts
    Domain->>Stores: Load latest telemetry for unique devices
    Domain-->>API: Rows with FleetListStats
  else caller lacks fleet:read
    Domain-->>API: Rows without list_stats
  end
  API-->>UI: Render telemetry columns from listStats when present

Loading

Areas of the code involved

Area / package / file	What changed	Why it matters for review
proto/common/v1/fleet_list_stats.proto	Adds FleetListStats for lightweight table-row rollups.	New public contract; verify fields are list-safe and exclude detail-only payloads.
proto/sites/v1/sites.proto, proto/buildings/v1/buildings.proto	Adds list_stats to SiteWithCounts / BuildingWithCounts; extends detail stats with temperature, component issues, and rack count where needed.	Review compatibility, permission expectations, and whether the table/detail split is clear.
client/src/protoFleet/api/generated/**, server/generated/grpc/**	Regenerated protobuf code.	Generated from proto changes; skip unless checking generation drift.
server/sqlc/queries/site.sql, server/sqlc/queries/building.sql, server/generated/sqlc/**	Adds rack/building count helpers and building device counts for list rows.	Confirms structural counts are available without detail stats fan-out.
server/internal/handlers/sites, server/internal/handlers/buildings	List* handlers gate list stats behind fleet:read; translators map domain stats into protobuf responses.	Main auth boundary for telemetry in list responses.
server/internal/domain/sites, server/internal/domain/buildings	Populates list stats and enriches existing detail stats with the same rollup fields.	Core behavior; review row scoping, caps, error handling, and parity between site/building rollups.
server/internal/domain/devicerollup	Centralizes latest-metric aggregation and component issue aggregation.	Prevents Sites, Buildings, racks/groups collection stats from drifting on units or component mapping.
server/internal/domain/collection	Reuses devicerollup and generalized component-error scoping for existing collection stats.	Keeps prior rack/group stats behavior aligned with the new helpers.
server/internal/domain/stores/interfaces, server/internal/domain/stores/sqlstores/device.go	Generalizes component error counts from collection-only to scoped collections/sites/buildings.	Review SQL scope joins and actionable pairing/severity filters.
client/src/protoFleet/features/fleetManagement/components/SiteList	Reads site.listStats, adds telemetry/count columns, and removes placeholder cells.	User-facing Sites table behavior.
client/src/protoFleet/features/fleetManagement/components/BuildingList	Reads building.listStats, adds rack/miner/count/telemetry columns, and removes placeholder cells.	User-facing Buildings table behavior.
client/src/protoFleet/features/fleetManagement/utils/fleetTabLinks.ts	Centralizes Fleet child-tab URLs for row actions and count links.	Prevents stale links after the Fleet tab routing changes.
Deleted client hooks	Removes obsolete per-row GetSiteStats / GetBuildingStats list-state fetching and concurrency helper.	Confirms the list pages no longer fan out from the browser.

API and data shape

Response	New row fields	Included when	Explicitly excluded from list stats
ListSites	SiteWithCounts.list_stats	Caller has base site list access and fleet:read.	device_identifiers, rack floor-plan health, slot statuses.
ListBuildings	BuildingWithCounts.device_count, BuildingWithCounts.list_stats	Caller has base building list access and fleet:read.	device_identifiers, per-rack health, rack floor-plan data, slot statuses.
GetSiteStats	Temperature range/reporting, component issue counts, rack count.	Existing detail stats permission path.	Not list-specific; still the detail stats surface.
GetBuildingStats	Temperature range/reporting and component issue counts.	Existing detail stats permission path.	Not list-specific; still returns building detail payloads.

Key technical decisions and trade-offs

Decision	Alternative considered	Trade-off
Put table telemetry in ListSites / ListBuildings rows.	Keep browser-side per-row Get*Stats requests.	Removes client fan-out and enables future server-side sorting/filtering, but moves rollup work into the list request path.
Add a separate FleetListStats proto.	Reuse GetSiteStatsResponse / GetBuildingStatsResponse directly.	Keeps list payloads small and permissionable, while preserving richer detail RPCs for pages that need identifiers or rack health.
Gate list_stats with fleet:read.	Return stats to any caller with list access.	Avoids leaking telemetry through structural list endpoints.
Generalize component error counting by scope.	Add separate site/building-specific queries and keep collection logic separate.	One SQL path reduces mapping drift, but scope joins are more important to review carefully.
Centralize telemetry aggregation in devicerollup.	Duplicate hashrate/power/efficiency/temperature math per service.	Fewer unit-conversion bugs and consistent invalid-value handling across list and existing collection stats.
Compute Sites/Buildings list stats on request for this PR.	Precompute/materialize rollups in the collection loop now.	Keeps this PR focused and establishes the response contract; deeper server-side rollup storage for Sites, Buildings, Racks, and Groups remains follow-up work.

Security and performance notes

Concern	Current handling
Telemetry authorization	ListSites and ListBuildings only set IncludeStats after a successful fleet:read check. Without that permission, rows omit list_stats.
Payload size	List stats contain aggregate counts and metrics only. Detail-only arrays and rack/slot health payloads stay on detail RPCs.
Browser request fan-out	Sites/Buildings list pages no longer issue one stats RPC per row.
Server-side cost	Component issue counts and telemetry metrics are batched across row scopes/devices where the current stores support it; some row-scoped device/state work remains request-time and should be revisited with materialized rollups if list sizes grow.
Future sorting/filtering	Telemetry now lives in the list response contract, which makes server-owned sorting/filtering feasible without changing the client data model again.

Testing and validation

Check	Result
go test ./server/internal/domain/devicerollup ./server/internal/domain/sites ./server/internal/domain/buildings ./server/internal/domain/collection ./server/internal/handlers/sites ./server/internal/handlers/buildings ./server/internal/domain/stores/sqlstores -run '^$'	Passed
npm run lint	Passed
npm test -- --run src/protoFleet/features/fleetManagement/components/SiteList/SiteList.test.tsx src/protoFleet/features/fleetManagement/components/BuildingList/BuildingList.test.tsx	Passed
npm run build:protoFleet	Passed

Follow-ups intentionally out of scope

Follow-up	Why it is not in this PR
Server-side sorting/filtering by telemetry columns.	This PR adds the list-row stats contract; sort/filter plumbing can build on it.
Materialized or collection-loop rollups for Sites, Buildings, Racks, and Groups.	Useful for larger fleets and full server-side ordering, but broader than the Sites/Buildings table enrichment change.
Adding the same list_stats contract to Rack and Group list endpoints.	Existing collection stats behavior is kept aligned through shared helpers, but list endpoint contract changes for those tabs should land separately.

[github-actions]

🔐 Codex Security Review

Note: This is an automated security-focused code review generated by Codex.
It should be used as a supplementary check alongside human review.
False positives are possible - use your judgment.

Scope summary

• Reviewed pull request diff only (d34b3cd7fc43747cf82d7170d3bd4e0b5756b8c9...9a23408a9bf7e8bc93b007d0158a8716d7e4c009, exact PR three-dot diff)
• Model: gpt-5.5

💡 Click "edited" above to see previous reviews for this PR.

---

Review Summary

Overall Risk: MEDIUM

Findings

[MEDIUM] Building device counts bypass the new stats authorization boundary

• Category: Auth
• Location: server/internal/handlers/buildings/translate.go:99
• Description: ListBuildings omits list_stats when the caller lacks fleet:read for a building’s site, but the newly added DeviceCount is serialized unconditionally outside list_stats.
• Impact: A caller with site:read but without authorized fleet/miner visibility can still learn miner inventory counts per building.
• Recommendation: Gate DeviceCount with the same authorization as list_stats, or move it into the gated stats payload.

[MEDIUM] Building device count query lacks membership org scoping

• Category: SQLi/Database
• Location: server/sqlc/queries/building.sql:66
• Description: The new device_count subquery joins device_set_membership without dcm.org_id = sqlc.arg('org_id') and joins device without an org predicate.
• Impact: If an inconsistent or bypass-created membership row crosses orgs, ListBuildings can count another tenant’s device in this tenant’s building summary.
• Recommendation: Add explicit dcm.org_id = sqlc.arg('org_id') and d.org_id = sqlc.arg('org_id') guards to the subquery.

[MEDIUM] List stats can materialize unbounded fleet-wide telemetry work

• Category: Reliability
• Location: server/internal/domain/sites/service.go:972, server/internal/domain/buildings/service.go:932
• Description: The new list-stat paths fetch device IDs once per visible site/building, then fetch telemetry for all unique IDs. The per-row cap does not bound total work across all rows.
• Impact: A single list call in a large org can fan out into many DB queries and a very large telemetry request, creating latency spikes or request-time memory pressure.
• Recommendation: Aggregate list stats in grouped SQL, add a global device cap for the list RPC, or paginate/defer stats instead of enriching every row eagerly.

Notes

No cryptostealing, pool hijack, command injection, raw frontend HTML rendering, or protobuf wire-format break was evident in the reviewed diff. This was a static review of .git/codex-review.diff; I did not run tests.

---

_{Generated by Codex Security Review |
Triggered by: @flesher |
Review workflow run}

[Copilot]

Pull request overview

This PR upgrades the Fleet “Sites” and “Buildings” tabs from placeholder rows into telemetry-aware rollups by extending proto contracts, refactoring shared backend rollup helpers, and wiring the client tables to render telemetry/issue/health columns consistently with the existing racks pattern.

Changes:

• Extended Sites/Buildings stats protos and handlers to include temperature min/max + reporting counts and per-component issue counts; added building list device_count.
• Generalized component-error aggregation to support multiple scopes (collections/sites/buildings) and centralized telemetry aggregation in devicerollup.
• Added ProtoFleet list-state hooks and column configs to render linked container counts, issue counts, telemetry metrics, and health bars on Sites/Buildings tables.

Reviewed changes

Copilot reviewed 32 out of 38 changed files in this pull request and generated 5 comments.

Show a summary per file

File	Description
server/sqlc/queries/building.sql	Add device_count to building list query.
server/internal/handlers/sites/handler.go	Plumb new site stats fields into RPC response.
server/internal/handlers/sites/handler_stats_test.go	Update handler test wiring (incl. rack count dependency).
server/internal/handlers/buildings/translate.go	Include device_count in list response translation.
server/internal/handlers/buildings/handler.go	Plumb new building stats fields into RPC response.
server/internal/handlers/buildings/handler_stats_test.go	Update stats handler test fake to satisfy new interface.
server/internal/domain/stores/sqlstores/device.go	Replace per-collection component error counts with scoped implementation.
server/internal/domain/stores/sqlstores/building.go	Map SQL building rows to domain model including DeviceCount.
server/internal/domain/stores/interfaces/mocks/mock_device_store.go	Add mock method for GetComponentErrorCounts.
server/internal/domain/stores/interfaces/device.go	Add ComponentErrorScope + rename CollectionID→ScopeID and new store method.
server/internal/domain/sites/service.go	Add rack count + component issue counts + temperature rollup to site stats.
server/internal/domain/sites/service_stats_test.go	Expand service stats tests for rack count + new fields.
server/internal/domain/sites/models/models.go	Extend SiteStats model with rack count, temperature, issue counts.
server/internal/domain/devicerollup/devicerollup.go	Centralize temperature rollup + component issue aggregation helper.
server/internal/domain/collection/service.go	Migrate collection telemetry aggregation to devicerollup.AggregateLatestMetrics.
server/internal/domain/collection/service_test.go	Update test deviceQueryer interface method name/signature.
server/internal/domain/buildings/service.go	Add component issue counts + temperature rollup to building stats.
server/internal/domain/buildings/service_stats_test.go	Update building stats test fake to satisfy new interface.
server/internal/domain/buildings/models/models.go	Extend building models (with counts + stats fields).
server/generated/sqlc/building.sql.go	Generated sqlc output for building list changes.
server/generated/grpc/sites/v1/sites.pb.go	Generated proto output for site stats changes.
proto/sites/v1/sites.proto	Add temperature + issue counts + rack count to GetSiteStatsResponse.
proto/buildings/v1/buildings.proto	Add device_count to BuildingWithCounts and telemetry/issue fields to stats.
docs/plans/2026-06-15-372-fleet-tab-telemetry-columns-tdd.md	Add TDD describing intended design/rollout.
client/src/protoFleet/hooks/useSiteListState.ts	New hook to fetch and cache site stats per visible row.
client/src/protoFleet/hooks/useBuildingListState.ts	New hook to fetch and cache building stats per visible row.
client/src/protoFleet/features/fleetManagement/utils/fleetTabLinks.ts	Centralize Fleet tab deep-link construction.
client/src/protoFleet/features/fleetManagement/pages/FleetSitesPage.tsx	Wire sites page to stats hook + error callout + pass statsMap.
client/src/protoFleet/features/fleetManagement/pages/FleetBuildingsPage.tsx	Wire buildings page to stats hook + error callout + pass statsMap.
client/src/protoFleet/features/fleetManagement/components/SiteList/SiteList.tsx	Add telemetry-aware columns via shared col config.
client/src/protoFleet/features/fleetManagement/components/SiteList/SiteList.test.tsx	Update route expectations for new deep-links.
client/src/protoFleet/features/fleetManagement/components/SiteList/siteColConfig.tsx	New column config to render metrics/links/composition bar for sites.
client/src/protoFleet/features/fleetManagement/components/BuildingList/BuildingList.tsx	Add telemetry-aware columns via shared col config.
client/src/protoFleet/features/fleetManagement/components/BuildingList/BuildingList.test.tsx	Update route expectations for new deep-links.
client/src/protoFleet/features/fleetManagement/components/BuildingList/buildingColConfig.tsx	New column config to render metrics/links/composition bar for buildings.
client/src/protoFleet/api/generated/sites/v1/sites_pb.ts	Generated TS proto output for sites changes.
client/src/protoFleet/api/generated/buildings/v1/buildings_pb.ts	Generated TS proto output for buildings changes.

Files not reviewed (1)

• server/internal/domain/stores/interfaces/mocks/mock_device_store.go: Generated file

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 1c233b61cd

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[flesher]

🤖 Addressed the security review findings in 65ae93c: row-level site/building stats requests are now concurrency-capped, GetSiteStats uses a targeted rack-count query instead of listing all sites, and building-scoped component issue counts now exclude soft-deleted device sets while scoping rack rows by org.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 65ae93c862

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 8aaedef43e

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 7f8c377c91

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 1cb2c603ae

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: a4e113603a

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: bac36eec53

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 9a23408a9b

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".