This document defines the requirements and implementation details for adding selective data tracing and enhancing the "no-save" privacy policy through ephemeral PDF lifecycle management.
To allow developers to enable high-fidelity logging and raw API response capture for specific sessions using a secure TRACE_SECRET, without affecting the privacy or performance of standard users.
When tracing is active, the system MUST:
- Log all incoming and outgoing Tesla Fleet API payloads.
- Include full DEBUG level structured logs in the output.
- Store raw JSON traces in GCS under gs://{REPORTS_BUCKET}/traces/{session_id}/.
X-Trace-Secret (matched against settings.TRACE_SECRET).?trace_secret=... (propagated by the frontend).app.core.logging_config._trace_on (ContextVar).app.core.gcs.upload_trace_to_gcs(data: dict, session_id: str).To strictly enforce the promise that user data is deleted immediately after the service is rendered.
DELETE /tesla/reports/cleanup (or DELETE /tesla/reports/{report_id}).session_id ownership of the report before deletion.TASK_STATUS_TTL_SECONDS to 3600 (1 hour).trace_on: bool = False to OrderSession dataclass.TRACE_SECRET to Settings in config.py.delete_report_from_gcs and upload_trace_to_gcs.fleet_api_get_with_token to call upload_trace_to_gcs if trace_on is enabled.DELETE /tesla/reports/cleanup to tesla.py.request_context_middleware to detect the trace secret and set context.trace_secret from URL and store in sessionStorage.X-Trace-Secret to all headers.api.cleanupReport(sessionId) in ReportDashboard.vue after download.TRACE_SECRET MUST NOT be logged or exposed in client-side logs.