chore: update proto to v0.1.121.2

[ravibits]

Proto Update

Updates generated gRPC stubs and SDK wrappers to proto version v0.1.121.2.

Changes since last version (v0.1.116.0 → v0.1.121.2)

Service	RPC	Category
OrganizationService	UpdateOrganizationSessionPolicy	NEW_RPC
OrganizationService	GetOrganizationSessionPolicy	NEW_RPC
OrganizationService	GetApplicationSessionPolicy	NEW_RPC

Pre-existing gaps also filled

Service	RPC
OrganizationService	SearchOrganization
OrganizationService	GetOrganizationUserManagementSetting
UserService	SearchUsers
UserService	SearchOrganizationUsers
UserService	AssignUserRoles
UserService	RemoveUserRole

Breaking changes

None — the removed SessionSettings RPCs (CreateOrganizationSessionSettings, GetOrganizationSessionSettings, UpdateOrganizationSessionSettings, DeleteOrganizationSessionSettings) were never wrapped in this SDK.

Checklist

• Generated code verified by checker agent (APPROVED)
• Tests pass in CI
• Breaking changes reviewed by SDK team

Summary by CodeRabbit

• New Features
  • Organization and user search with pagination support
  • Session policy management for organizations (update and retrieve settings)
  • User role assignment and removal
  • Retrieve user management settings for organizations
  • Tool call logs and analytics retrieval
  • Enhanced connected account management with get and disconnect operations
  • Google DWD authentication support
  • New authentication portal types
  • Provider metadata configuration support
  • Domain verification method tracking

[coderabbitai]

Walkthrough

Updated proto reference to v0.1.121.2, extending the Python SDK with organization session policy management, organization/user search, and role management APIs. Regenerated protobuf modules include new agentkit logging/analytics support and schema updates across authentication, organizations, connected accounts, domains, environments, tools, and providers.

Changes

SDK and Proto Regeneration

Layer / File(s)	Summary
Proto reference version bump Makefile	Updated PROTO_REF to v0.1.121.2 to enable downstream protobuf schema regeneration.
Organization client APIs: session policy, search, and user management scalekit/organization.py	Added update_organization_session_policy, get_organization_session_policy, get_application_session_policy, search_organizations, and get_organization_user_management_setting methods with gRPC wiring and optional timeout/pagination parameters.
User client APIs: search and role management scalekit/users.py	Added search_users, search_organization_users, assign_user_roles, and remove_user_role methods with conditional page-token handling and role request conversion.
New agentkit logging and analytics protobuf modules scalekit/v1/agentkit_logs/agentkit_analytics_pb2.py, agentkit_analytics_pb2.pyi, agentkit_analytics_pb2_grpc.py, agentkit_logs_pb2.py, agentkit_logs_pb2.pyi, agentkit_logs_pb2_grpc.py	Generated complete gRPC client/server modules for tool call logging (ListToolCallLogs, GetToolCallLog RPCs) and analytics (GetOverviewStats RPC with error/connector/time-series breakdowns).
Auth and consent schema scalekit/v1/auth/auth_pb2.py, auth_pb2.pyi, scalekit/v1/clients/clients_pb2.pyi	Added organization_external_name field to User; extended GetConsentDetailsResponse with new organization field typed as ConsentOrganization.
Organization session policy and user management schema scalekit/v1/organizations/organizations_pb2.pyi, organizations_pb2_grpc.py	Redesigned session management: replaced environment-based CRUD with policy-based get/update RPCs; added SessionPolicyType enum and settings messages with timeout/unit wrapper fields; updated gRPC wiring.
Common types and enums scalekit/v1/commons/commons_pb2.py, commons_pb2.pyi	Added TimeUnit enum (MINUTES, HOURS, DAYS) for session timeout unit specification.
Connected accounts: Google DWD and get/disconnect scalekit/v1/connected_accounts/connected_accounts_pb2.pyi, connected_accounts_pb2_grpc.py	Added GOOGLE_DWD connector type and status; introduced GoogleDWDAuth message; added GetConnectedAccount and DisconnectConnectedAccount RPCs.
Connections: Google DWD config and OAuth optional scopes scalekit/v1/connections/connections_pb2.pyi	Added GOOGLE_DWD connection type; extended Connection/UpdateConnection with google_dwd_config; extended OAuthConnectionConfig with optional_scopes message.
Domain verification: method enum and response type scalekit/v1/domains/domains_pb2.pyi, domains_pb2_grpc.py	Added VerificationMethod enum (ADMIN, DNS, NOT_APPLICABLE) and VerifyDomainResponse message; extended Domain with verification_method field; replaced BoolValue with custom response type.
Environment sessions and agent logging config scalekit/v1/environments/environments_pb2.pyi, environments_pb2.py	Added connected_account_id to GetCurrentSessionResponse; added detailed_error_logging: bool to AgentActionsConfig.
Authentication type expansion scalekit/v1/options/options_pb2.pyi, options_pb2.py	Extended AuthenticationType enum with ACTIONS_PORTAL and six WORKSPACE*...ACTIONS_PORTAL* variants.
Tool execution tracking scalekit/v1/tools/tools_pb2.pyi, tools_pb2.py	Added agent_run_id field to ExecuteToolRequest for agent run tracing.
Providers: metadata and MCP validation scalekit/v1/providers/providers_pb2.pyi, providers_pb2.py	Added metadata: ScalarMap[str, str] to Provider, CreateCustomProvider, UpdateCustomProvider; tightened proxy_url validation to require MCP-style HTTPS base.
Organization and user API tests tests/test_organization.py, tests/test_users.py	Added five organization tests covering session policy get/update, application policy retrieval, organization search, and user management settings; added four user tests covering global/org-scoped search and role assignment/removal.

🎯 4 (Complex) | ⏱️ ~60 minutes

🐰 Proto versions bloom, new APIs take flight,
Sessions, search, and roles now working just right,
Agentkit's logs shine bright in the night,
Connected accounts dance, everything's tight! 🚀

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 29.55% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly summarizes the main change—updating proto version from v0.1.116.0 to v0.1.121.2, which is the primary objective of the PR.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch proto/v0.1.121.2

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (2)

scalekit/organization.py (1)

235-244: ⚡ Quick win

Add explicit enum types for new public API parameters.

policy_source, absolute_session_timeout_unit, and idle_session_timeout_unit should be explicitly typed to improve SDK correctness and developer ergonomics.

✍️ Suggested signature update

     def update_organization_session_policy(
         self,
         organization_id: str,
-        policy_source,
+        policy_source: SessionPolicyType,
         absolute_session_timeout: Optional[int] = None,
-        absolute_session_timeout_unit=None,
+        absolute_session_timeout_unit: Optional[TimeUnit] = None,
         idle_session_timeout_enabled: Optional[bool] = None,
         idle_session_timeout: Optional[int] = None,
-        idle_session_timeout_unit=None,
+        idle_session_timeout_unit: Optional[TimeUnit] = None,
     ) -> UpdateOrganizationSessionPolicyResponse:

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@scalekit/organization.py` around lines 235 - 244, The
update_organization_session_policy method's public parameters lack explicit enum
types; change the signature of update_organization_session_policy so that
policy_source, absolute_session_timeout_unit, and idle_session_timeout_unit are
typed with the appropriate enum classes (e.g., PolicySourceEnum, TimeUnitEnum or
whatever project-specific enums you have), import those enum types at top of the
module, and update any callers/tests/type hints accordingly; keep Optional[...]
where nullable, preserve default values, and ensure the return type
UpdateOrganizationSessionPolicyResponse remains unchanged.

tests/test_organization.py (1)

220-228: ⚡ Quick win

Strengthen the search test assertion to validate behavior, not just transport success.

On Line 226, the query is hardcoded to "test" while the created org name is random, and Lines 227-228 only assert status/object presence. This can pass even if search results are wrong. Assert that returned organizations contain the created org (or query with a deterministic substring from organization.display_name).

Suggested test tightening

-        response = self.scalekit_client.organization.search_organizations(query="test")
+        query = organization.display_name[:5]
+        response = self.scalekit_client.organization.search_organizations(query=query)
         self.assertEqual(response[1].code().name, "OK")
         self.assertTrue(response[0] is not None)
+        self.assertTrue(
+            any(org.id == self.org_id for org in response[0].organizations),
+            "Created organization was not returned by search"
+        )

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/test_organization.py` around lines 220 - 228, The
test_search_organizations test uses a hardcoded query and only checks transport
success; update it to query using a deterministic substring from the created
organization's display_name (from the CreateOrganization instance) and assert
that the search results include the created organization (e.g., match
org_response[0].organization.id or organization.display_name) by inspecting the
payload returned by self.scalekit_client.organization.search_organizations,
rather than just checking response[1].code() and non-null response[0]; ensure
you still keep self.org_id assignment from org_response to compare against
search results.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@tests/test_users.py`:
- Around line 547-557: The try/except blocks around the client calls (notably
the call to self.scalekit_client.users.assign_user_roles and the other block at
569-583) currently catch Exception which masks assertion failures; change the
except to only catch the client/network errors you expect (e.g., grpc.RpcError,
TimeoutError, requests.exceptions.RequestException or your SDK's specific error
type) or, if you must catch broad exceptions, immediately re-raise
AssertionError (if isinstance(exp, AssertionError): raise) so test assertions
still fail; in short, narrow the except clauses to expected client errors or
re-raise assertion/fatal exceptions so real test failures are not converted into
skipped tests.

---

Nitpick comments:
In `@scalekit/organization.py`:
- Around line 235-244: The update_organization_session_policy method's public
parameters lack explicit enum types; change the signature of
update_organization_session_policy so that policy_source,
absolute_session_timeout_unit, and idle_session_timeout_unit are typed with the
appropriate enum classes (e.g., PolicySourceEnum, TimeUnitEnum or whatever
project-specific enums you have), import those enum types at top of the module,
and update any callers/tests/type hints accordingly; keep Optional[...] where
nullable, preserve default values, and ensure the return type
UpdateOrganizationSessionPolicyResponse remains unchanged.

In `@tests/test_organization.py`:
- Around line 220-228: The test_search_organizations test uses a hardcoded query
and only checks transport success; update it to query using a deterministic
substring from the created organization's display_name (from the
CreateOrganization instance) and assert that the search results include the
created organization (e.g., match org_response[0].organization.id or
organization.display_name) by inspecting the payload returned by
self.scalekit_client.organization.search_organizations, rather than just
checking response[1].code() and non-null response[0]; ensure you still keep
self.org_id assignment from org_response to compare against search results.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: c4383fa0-8862-456b-a183-9388576f8b67

📥 Commits

Reviewing files that changed from the base of the PR and between 67e7171 and 136a28a.

📒 Files selected for processing (37)

• Makefile
• scalekit/organization.py
• scalekit/users.py
• scalekit/v1/agentkit_logs/__init__.py
• scalekit/v1/agentkit_logs/agentkit_analytics_pb2.py
• scalekit/v1/agentkit_logs/agentkit_analytics_pb2.pyi
• scalekit/v1/agentkit_logs/agentkit_analytics_pb2_grpc.py
• scalekit/v1/agentkit_logs/agentkit_logs_pb2.py
• scalekit/v1/agentkit_logs/agentkit_logs_pb2.pyi
• scalekit/v1/agentkit_logs/agentkit_logs_pb2_grpc.py
• scalekit/v1/auth/auth_pb2.py
• scalekit/v1/auth/auth_pb2.pyi
• scalekit/v1/clients/clients_pb2.py
• scalekit/v1/clients/clients_pb2.pyi
• scalekit/v1/commons/commons_pb2.py
• scalekit/v1/commons/commons_pb2.pyi
• scalekit/v1/connected_accounts/connected_accounts_pb2.py
• scalekit/v1/connected_accounts/connected_accounts_pb2.pyi
• scalekit/v1/connected_accounts/connected_accounts_pb2_grpc.py
• scalekit/v1/connections/connections_pb2.py
• scalekit/v1/connections/connections_pb2.pyi
• scalekit/v1/domains/domains_pb2.py
• scalekit/v1/domains/domains_pb2.pyi
• scalekit/v1/domains/domains_pb2_grpc.py
• scalekit/v1/environments/environments_pb2.py
• scalekit/v1/environments/environments_pb2.pyi
• scalekit/v1/options/options_pb2.py
• scalekit/v1/options/options_pb2.pyi
• scalekit/v1/organizations/organizations_pb2.py
• scalekit/v1/organizations/organizations_pb2.pyi
• scalekit/v1/organizations/organizations_pb2_grpc.py
• scalekit/v1/providers/providers_pb2.py
• scalekit/v1/providers/providers_pb2.pyi
• scalekit/v1/tools/tools_pb2.py
• scalekit/v1/tools/tools_pb2.pyi
• tests/test_organization.py
• tests/test_users.py

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Narrow exception handling so failed assertions don’t get skipped.

In Line 547 and Line 569 blocks, except Exception can mask real test failures (including assertion failures) by turning them into skipTest.

✅ Suggested fix

-        try:
-            response = self.scalekit_client.users.assign_user_roles(
-                organization_id=self.org_id,
-                user_id=self.user_id,
-                role_ids=["member"]
-            )
-            self.assertEqual(response[1].code().name, "OK")
-            self.assertTrue(response[0] is not None)
-        except Exception as exp:
-            self.skipTest(f"Skipping assign user roles test due to error: {exp}")
+        try:
+            response = self.scalekit_client.users.assign_user_roles(
+                organization_id=self.org_id,
+                user_id=self.user_id,
+                role_ids=["member"]
+            )
+        except (ScalekitNotFoundException, ScalekitBadRequestException) as exp:
+            self.skipTest(f"Skipping assign user roles test due to expected error: {exp}")
+        self.assertEqual(response[1].code().name, "OK")
+        self.assertTrue(response[0] is not None)

-        try:
-            # First assign a role so we can remove it
-            self.scalekit_client.users.assign_user_roles(
-                organization_id=self.org_id,
-                user_id=self.user_id,
-                role_ids=["member"]
-            )
-            response = self.scalekit_client.users.remove_user_role(
-                organization_id=self.org_id,
-                user_id=self.user_id,
-                role_id="member"
-            )
-            self.assertEqual(response[1].code().name, "OK")
-        except Exception as exp:
-            self.skipTest(f"Skipping remove user role test due to error: {exp}")
+        try:
+            self.scalekit_client.users.assign_user_roles(
+                organization_id=self.org_id,
+                user_id=self.user_id,
+                role_ids=["member"]
+            )
+            response = self.scalekit_client.users.remove_user_role(
+                organization_id=self.org_id,
+                user_id=self.user_id,
+                role_id="member"
+            )
+        except (ScalekitNotFoundException, ScalekitBadRequestException) as exp:
+            self.skipTest(f"Skipping remove user role test due to expected error: {exp}")
+        self.assertEqual(response[1].code().name, "OK")

Also applies to: 569-583

🧰 Tools

🪛 Ruff (0.15.12)

[warning] 555-555: Do not catch blind exception: Exception

(BLE001)

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/test_users.py` around lines 547 - 557, The try/except blocks around the
client calls (notably the call to self.scalekit_client.users.assign_user_roles
and the other block at 569-583) currently catch Exception which masks assertion
failures; change the except to only catch the client/network errors you expect
(e.g., grpc.RpcError, TimeoutError, requests.exceptions.RequestException or your
SDK's specific error type) or, if you must catch broad exceptions, immediately
re-raise AssertionError (if isinstance(exp, AssertionError): raise) so test
assertions still fail; in short, narrow the except clauses to expected client
errors or re-raise assertion/fatal exceptions so real test failures are not
converted into skipped tests.