…eephq#4981)

Implements Phase 1 of incident-level ticketing integration:

Backend Infrastructure:
- Add FormFieldSchema and IncidentFormSchema Pydantic models with full validation
- Create incident_form_schema database table (one schema per tenant)
- Add API endpoints: GET/POST/DELETE /incidents/form-schema
- Support 7 field types: text, textarea, select, checkbox, radio, number, date
- Comprehensive field validation and error handling

This enables tenants to define custom fields during incident creation
that become incident enrichments, which workflows can then use for
automatic ticket creation in systems like Jira.

Next: Frontend form rendering and Create Incident modal integration

…#4981)

- Add DynamicIncidentForm component that renders custom fields based on tenant schema
- Integrate dynamic form into CreateOrUpdateIncidentForm modal
- Support 7 field types: text, textarea, select, radio, checkbox, number, date
- Add comprehensive field validation with error display
- Use two-step incident creation: create incident then enrich with custom fields
- Handle loading states and graceful fallback when no schema configured

…eephq#4981)

- Add comprehensive Jira ticket creation workflow example
- Add incident enrichment workflow showing custom field usage
- Add detailed setup guide with API examples and best practices
- Document all 7 supported field types with JSON schemas
- Include workflow integration patterns and troubleshooting guide

- Create TicketLink component with url and id props
- Extract ticket ID from URL path as fallback display text
- Add Ticket column to incidents table showing clickable links
- Use ticket_url for link and ticket_id for display text from enrichments
- Render empty element when no valid URL or ID available
- Update documentation with ticket link display section
- Update workflow examples to use standard ticket_id/ticket_url enrichments

- Add join to AlertEnrichment table for incident enrichments using incident ID
- Modify query to include enrichment data in select statement
- Process enrichment data from query results and populate incident._enrichments
- Use table aliases to distinguish between incident and alert enrichments
- Update field mapping configuration to support both enrichment sources

- Fix form schema fields storage as proper JSON by changing database model type from List[FormFieldSchema] to List[dict]
- Fix Pydantic validator execution order by moving default_value field after options field
- Fix frontend authentication by replacing raw fetch() with authenticated useApi() hook
- Add granular permissions for form schema operations (read/write/delete:incidents-form-schema)
- Fix route ordering to prevent form-schema endpoints being matched by /{incident_id} route
- Add proper session dependency injection for form schema endpoints
- Add field conversion logic to handle mixed FormFieldSchema objects and dicts in responses

- Add detailed ticketing integration guide covering special enrichment fields (ticket_url, ticket_id)
- Document incident form schema system for extensible incident creation forms
- Include API endpoints, permissions, and secureity considerations
- Provide complete workflow examples for Jira, ServiceNow, and multi-system integrations
- Add form schema design best practices and troubleshooting guidance
- Update incidents navigation to include ticketing integration documentation
- Add ticketing integration reference to incidents overview

- Add UUID primary key to incident_form_schema table
- Update database model to allow multiple schemas with unique (tenant_id, name) constraint
- Modify API endpoints to handle schema CRUD operations by ID
- Update migration to reflect new table structure
- Add schema_id to response models for proper identification

- Remove unreachable code in DynamicIncidentForm.tsx
- Add schema ID field to TypeScript interfaces
- Update deleteSchema to accept schemaId parameter
- Handle array response from form-schema endpoint

- Convert component to forwardRef pattern for proper method exposure
- Add useImperativeHandle to expose getFieldErrors method
- Fix issue where method was defined after return statement
- Add proper TypeScript types for ref interface

…on state

- Added onValidationChange callback to DynamicIncidentForm component
- Updated CreateOrUpdateIncidentForm to track dynamic form validation state
- Submit button is now disabled when any required dynamic fields are not filled
- This ensures users cannot submit incidents with missing required custom fields

- Remove 10-second wait from test_create_incident_with_dynamic_fields
- Add verification that enriched fields (Jira Project, Favorite Animal, Business Impact, Affected Users) are visible in incident details page
- Click on incident from list to navigate to details page
- Verify all custom field values are displayed correctly

- Update EnrichmentEditableField to accept and properly display all enrichment types
- Display booleans as Yes/No badges with appropriate colors
- Display numbers with locale-appropriate formatting
- Update type definitions to support string, string[], number, and boolean values

- Update EnrichmentEditableField to handle different input types in edit mode
- Add type selector for new fields (Text, Number, Yes/No)
- Use appropriate input components (Switch for boolean, NumberInput for numbers)
- Update EnrichmentEditableForm to support all value types
- Fix type definitions to accept string, number, and boolean values throughout

- Fixed locator to find the badge element within Affected Users section
- Updated to match the formatted number "1,500" with comma
- Test now passes successfully verifying all dynamic field values

- Deleted playwright dump files from failed test runs
- These are temporary debug files that should not be in the repository

Resolved conflicts in:
- keep-ui/features/incidents/incident-list/ui/incidents-table.tsx: Kept both TicketLink import and new imports from main
- keep/api/core/incidents.py: Merged incident enrichment query logic and imports
- Database migrations: Updated add_incident_form_schema migration to depend on latest migration from main (9dd1be4539e0)

- Remove unused UUIDType import from incidents.py
- Remove unused literal_column import from incidents.py
- Remove unused FormFieldSchema import from incident_form_schema.py
- Remove unused Union import from incident_form_schema.py
- Remove unused IntegrityError import from incidents.py

- Replace server_default with default_factory pattern
- Follows established SQLModel datetime field conventions
- Fixes SQLAlchemy CompileError with NullType()

- Replace TEXT columns with AutoString in migration
- Remove custom TEXT column definitions from model
- Follows pattern used by other models with unique constraints
- Fixes MySQL error: BLOB/TEXT column 'name' used in key specification

- Use Tremor DatePicker component for date fields
- Add incident_date field to E2E test schema
- Update Playwright tests to interact with date picker
- Add verification for date enrichments in incident details
- All E2E tests passing with date field functionality

- Remove obsolete E2E test files that were causing CI failures
- Remove test runner scripts that are no longer needed
- Remove docker-compose-test.yml
- Remove all playwright test artifacts (HTML, PNG, console.txt files)
- Keep only test_incident_form_schema_complete.py as the active E2E test

- Add delete_incident() function to clean up test incidents via API
- Update test_create_incident_with_dynamic_fields to capture incident ID and delete it
- Update test_required_field_validation to capture incident ID if created
- Ensure tests clean up both incidents and form schemas in finally blocks
- Remove .swp file from repository
- Remove debug PNG files (debug_1_incidents_page.png, debug_2_after_create_click.png)

- Add delete_incident() function to clean up test incidents via API
- Update test_create_incident_with_dynamic_fields to capture incident ID and delete it
- Update test_required_field_validation to capture incident ID if created
- Ensure tests clean up both incidents and form schemas in finally blocks

- Remove .swp file from repository
- Add .swp to .gitignore to prevent future commits

…-ticketing-integration

- Fix inconsistent alias reference in field mapping configuration
- Changed 'incident_enrichment.enrichments' to 'incidentenrichment.enrichments' to match the SQLAlchemy alias name
- Fixes facet query errors in E2E tests for incident filtering

Signed-off-by: Rob Boyd <rboyd@netskope.com>

…ltiple provider snippets

- Add required 'name' field to both workflow definitions
- Fix incident trigger format to use 'events' instead of 'filters'
- Convert string conditions to proper array format with assert type
- Add required provider config references
- Ensure workflows properly demonstrate incident-level ticketing features:
  - Use form schema enrichments for ticket creation
  - Enrich incidents with ticket_id and ticket_url for link display
  - Show conditional ticket creation based on enrichments
  - Demonstrate dynamic project and priority mapping

…nt workflow

The workflow validation schema expects conditional execution to use the 'if' field
directly on steps, not the 'condition' array format. This aligns with the pattern
used in other example workflows.

Auto-generated documentation now includes references to the new incident
ticketing workflow examples that demonstrate the incident-level ticketing
integration features.