Skip to content

feat(tools): add incident activity-log listing tools#162

Merged
timothedelion merged 1 commit into
mainfrom
tdelion/SI-3520/activity-logs
Jun 25, 2026
Merged

feat(tools): add incident activity-log listing tools#162
timothedelion merged 1 commit into
mainfrom
tdelion/SI-3520/activity-logs

Conversation

@timothedelion

Copy link
Copy Markdown
Contributor

What

Adds two read-only MCP tools that list an incident's full activity log — both user notes (comments) and system actions (status changes, assignments, severity edits, new locations detected, etc.) in one chronological timeline:

  • list_incident_activity_logs — internal incidents
  • list_public_incident_activity_logs — Public Monitoring incidents

Both gated by incidents:read. They wrap the public API endpoints GET /v1/incidents/secrets/{id}/activity-logs and GET /v1/public-incidents/secrets/{id}/activity-logs. Each entry exposes a content discriminated union: {type: "note", comment} or {type: "action", content_key, data}. Supports content_key and member_id filters plus cursor pagination.

Why

This is broader than the existing notes-only list_*_incident_comments tools: it lets the agent reconstruct an incident's complete history, not just the discussion. Internal and public incidents get separate tools since their activity logs and ids are not interchangeable (mirroring the assign_incident / assign_public_incident split).

Testing

  • tests/tools/test_activity_logs.py — mocked tool-layer tests (filter forwarding, note/action mixing, error wrapping). Run today.
  • tests/client/vcr/test_activity_logs.py — VCR tests for the client methods.

⚠️ The /activity-logs endpoints are not deployed in production yet. The VCR cassettes are hand-authored to match the documented public API response shape and cannot be re-recorded against prod until the endpoints ship. Once they're live, re-record with make update-cassettes.

Full suite: 654 passed, 3 skipped.

Refs: SI-3520

Expose an incident's full activity log — both user notes (comments) and
system actions (status changes, assignments, severity edits, new locations
detected, etc.) — as read-only MCP tools. This is broader than the existing
notes-only listings and lets the agent reconstruct an incident's timeline.

Adds list_incident_activity_logs and list_public_incident_activity_logs
(gated by incidents:read), wrapping the public API endpoints
GET /v1/incidents/secrets/{id}/activity-logs and the public-incidents
equivalent. Internal and public incidents get separate tools since their
activity logs and ids are not interchangeable. Supports content_key and
member_id filters plus cursor pagination.

The endpoints are not deployed in production yet, so the VCR cassettes are
hand-authored to match the public API response shape and cannot be
re-recorded against prod until the endpoints ship.

Refs: SI-3520
@linear

linear Bot commented Jun 24, 2026

Copy link
Copy Markdown

SI-3520

@timothedelion timothedelion self-assigned this Jun 24, 2026
@timothedelion timothedelion merged commit 7b9d938 into main Jun 25, 2026
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant