feat(telemetry): add anonymous opt-out usage telemetry

Signed-off-by: Kirit93 <kthadaka@nvidia.com>

Author: kirit93

crates/openshell-core/src/lib.rs

@@ -24,6 +24,7 @@ pub mod progress;
 pub mod proto;
 pub mod sandbox_env;
 pub mod settings;
+pub mod telemetry;
 pub mod time;
 
 pub use config::{ComputeDriverKind, Config, OidcConfig, TlsConfig};

crates/openshell-core/src/telemetry.rs

@@ -0,0 +1,153 @@
+// SPDX-FileCopyrightText: Copyright (c) 2025-2026 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+//! Best-effort anonymous telemetry emission helpers.
+
+use serde_json::{Value, json};
+use std::io::Write;
+use std::path::PathBuf;
+use std::process::{Command, Stdio};
+
+const SOURCE: &str = "openshell";
+
+fn telemetry_enabled() -> bool {
+    telemetry_enabled_from(std::env::var("OPENSHELL_TELEMETRY_ENABLED").ok().as_deref())
+}
+
+fn telemetry_enabled_from(value: Option<&str>) -> bool {
+    let value = value.unwrap_or("true");
+    !matches!(
+        value.trim().to_ascii_lowercase().as_str(),
+        "0" | "false" | "no" | "off"
+    )
+}
+
+fn publisher_path() -> PathBuf {
+    std::env::var_os("OPENSHELL_TELEMETRY_PUBLISHER").map_or_else(
+        || PathBuf::from(env!("CARGO_MANIFEST_DIR")).join("../../scripts/publish_telemetry.py"),
+        PathBuf::from,
+    )
+}
+
+fn emit_event(event: Value) {
+    if !telemetry_enabled() {
+        return;
+    }
+
+    let Ok(payload) = serde_json::to_vec(&event) else {
+        return;
+    };
+    let script = publisher_path();
+
+    let Ok(mut child) = Command::new("python3")
+        .arg(script)
+        .stdin(Stdio::piped())
+        .stdout(Stdio::null())
+        .stderr(Stdio::null())
+        .spawn()
+    else {
+        return;
+    };
+
+    if let Some(mut stdin) = child.stdin.take() {
+        let _ = stdin.write_all(&payload);
+    }
+
+    std::thread::spawn(move || {
+        let _ = child.wait();
+    });
+}
+
+pub fn emit_lifecycle(resource: &str, operation: &str, outcome: &str) {
+    emit_event(json!({
+        "nvidiaSource": SOURCE,
+        "resource": resource,
+        "operation": operation,
+        "outcome": outcome,
+    }));
+}
+
+pub fn emit_provider_lifecycle(operation: &str, outcome: &str, provider_profile: &str) {
+    emit_event(json!({
+        "nvidiaSource": SOURCE,
+        "operation": operation,
+        "outcome": outcome,
+        "providerProfile": provider_profile,
+    }));
+}
+
+pub fn emit_sandbox_create(
+    outcome: &str,
+    requested_gpu: bool,
+    provider_count: u64,
+    has_custom_policy: bool,
+    template_source: &str,
+) {
+    emit_event(json!({
+        "nvidiaSource": SOURCE,
+        "outcome": outcome,
+        "requestedGpu": requested_gpu,
+        "providerCount": provider_count,
+        "hasCustomPolicy": has_custom_policy,
+        "templateSource": template_source,
+    }));
+}
+
+pub fn emit_policy_decision(operation: &str, outcome: &str, rule_count: u64) {
+    emit_event(json!({
+        "nvidiaSource": SOURCE,
+        "operation": operation,
+        "outcome": outcome,
+        "ruleCount": rule_count,
+    }));
+}
+
+pub fn emit_sandbox_activity_summary<I, S>(
+    network_activity_count: u64,
+    denied_action_count: u64,
+    denial_rate_pct: f64,
+    denials_by_group: I,
+) where
+    I: IntoIterator<Item = (S, u64)>,
+    S: Into<String>,
+{
+    let mut rows: Vec<Value> = denials_by_group
+        .into_iter()
+        .map(|(group, count)| {
+            json!({
+                "denyGroup": group.into(),
+                "deniedCount": count,
+            })
+        })
+        .collect();
+    rows.sort_by(|left, right| {
+        left["denyGroup"]
+            .as_str()
+            .unwrap_or_default()
+            .cmp(right["denyGroup"].as_str().unwrap_or_default())
+    });
+    emit_event(json!({
+        "nvidiaSource": SOURCE,
+        "networkActivityCount": network_activity_count,
+        "deniedActionCount": denied_action_count,
+        "denialRatePct": denial_rate_pct,
+        "denialsByGroup": rows,
+    }));
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[test]
+    fn telemetry_enabled_defaults_true() {
+        assert!(telemetry_enabled_from(None));
+    }
+
+    #[test]
+    fn telemetry_enabled_honors_false_values() {
+        assert!(!telemetry_enabled_from(Some("off")));
+        assert!(!telemetry_enabled_from(Some("false")));
+        assert!(telemetry_enabled_from(Some("yes")));
+    }
+}

crates/openshell-sandbox/src/activity_aggregator.rs

@@ -0,0 +1,153 @@
+// SPDX-FileCopyrightText: Copyright (c) 2025-2026 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+//! Anonymous sandbox network activity counter aggregation.
+
+use std::collections::HashMap;
+use std::future::Future;
+use tokio::sync::mpsc;
+use tracing::debug;
+
+#[derive(Debug, Clone)]
+pub struct ActivityEvent {
+    pub denied: bool,
+    pub deny_group: &'static str,
+}
+
+#[derive(Debug, Clone, PartialEq, Eq)]
+pub struct FlushableActivitySummary {
+    pub network_activity_count: u32,
+    pub denied_action_count: u32,
+    pub denials_by_group: Vec<(String, u32)>,
+}
+
+pub struct ActivityAggregator {
+    rx: mpsc::UnboundedReceiver<ActivityEvent>,
+    network_activity_count: u32,
+    denied_action_count: u32,
+    denials_by_group: HashMap<String, u32>,
+    flush_interval_secs: u64,
+}
+
+impl ActivityAggregator {
+    pub fn new(rx: mpsc::UnboundedReceiver<ActivityEvent>, flush_interval_secs: u64) -> Self {
+        Self {
+            rx,
+            network_activity_count: 0,
+            denied_action_count: 0,
+            denials_by_group: HashMap::new(),
+            flush_interval_secs,
+        }
+    }
+
+    pub async fn run<F, Fut>(mut self, flush_callback: F)
+    where
+        F: Fn(FlushableActivitySummary) -> Fut,
+        Fut: Future<Output = ()>,
+    {
+        let mut flush_interval =
+            tokio::time::interval(std::time::Duration::from_secs(self.flush_interval_secs));
+        flush_interval.tick().await;
+
+        loop {
+            tokio::select! {
+                event = self.rx.recv() => {
+                    if let Some(event) = event {
+                        self.ingest(event);
+                    } else {
+                        if let Some(summary) = self.drain() {
+                            flush_callback(summary).await;
+                        }
+                        debug!("ActivityAggregator: channel closed, exiting");
+                        return;
+                    }
+                }
+                _ = flush_interval.tick() => {
+                    if let Some(summary) = self.drain() {
+                        debug!(
+                            count = summary.network_activity_count,
+                            denied = summary.denied_action_count,
+                            "ActivityAggregator: flushing anonymous activity summary"
+                        );
+                        flush_callback(summary).await;
+                    }
+                }
+            }
+        }
+    }
+
+    fn ingest(&mut self, event: ActivityEvent) {
+        self.network_activity_count = self.network_activity_count.saturating_add(1);
+        if event.denied {
+            self.denied_action_count = self.denied_action_count.saturating_add(1);
+            let group = sanitize_deny_group(event.deny_group).to_string();
+            let count = self.denials_by_group.entry(group).or_default();
+            *count = count.saturating_add(1);
+        }
+    }
+
+    fn drain(&mut self) -> Option<FlushableActivitySummary> {
+        if self.network_activity_count == 0 {
+            return None;
+        }
+        let mut denials_by_group: Vec<(String, u32)> = self.denials_by_group.drain().collect();
+        denials_by_group.sort_by(|left, right| left.0.cmp(&right.0));
+        let summary = FlushableActivitySummary {
+            network_activity_count: self.network_activity_count,
+            denied_action_count: self.denied_action_count,
+            denials_by_group,
+        };
+        self.network_activity_count = 0;
+        self.denied_action_count = 0;
+        Some(summary)
+    }
+}
+
+pub fn sanitize_deny_group(raw: &str) -> &'static str {
+    match raw {
+        "connect_policy" | "connect" | "l4_deny" => "connect_policy",
+        "forward_policy" | "forward" => "forward_policy",
+        "l7_policy" | "l7" | "l7_deny" | "forward-l7-deny" => "l7_policy",
+        "l7_parse_rejection" | "parse_rejection" => "l7_parse_rejection",
+        "ssrf" => "ssrf",
+        "bypass" => "bypass",
+        "policy_stale" => "policy_stale",
+        _ => "unknown",
+    }
+}
+
+#[cfg(test)]
+fn denial_rate_pct(network_activity_count: u32, denied_action_count: u32) -> f64 {
+    if network_activity_count == 0 {
+        return 0.0;
+    }
+    ((f64::from(denied_action_count) / f64::from(network_activity_count)) * 100.0).clamp(0.0, 100.0)
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    fn assert_float_eq(actual: f64, expected: f64) {
+        assert!((actual - expected).abs() <= f64::EPSILON);
+    }
+
+    #[test]
+    fn deny_group_sanitization_uses_allowlist() {
+        assert_eq!(sanitize_deny_group("connect"), "connect_policy");
+        assert_eq!(sanitize_deny_group("forward-l7-deny"), "l7_policy");
+        assert_eq!(sanitize_deny_group("host=example.test/path"), "unknown");
+        assert_eq!(sanitize_deny_group("acme.internal:443"), "unknown");
+        assert_eq!(
+            sanitize_deny_group("binary=/usr/local/bin/private"),
+            "unknown"
+        );
+    }
+
+    #[test]
+    fn denial_rate_handles_zero_and_clamps() {
+        assert_float_eq(denial_rate_pct(0, 10), 0.0);
+        assert_float_eq(denial_rate_pct(4, 1), 25.0);
+        assert_float_eq(denial_rate_pct(4, 10), 100.0);
+    }
+}

crates/openshell-sandbox/src/bypass_monitor.rs

@@ -16,6 +16,7 @@
 //! the monitor logs a one-time warning and returns. The iptables REJECT rules
 //! still provide fast-fail UX — the monitor only adds diagnostic visibility.
 
+use crate::activity_aggregator::ActivityEvent;
 use crate::denial_aggregator::DenialEvent;
 use openshell_ocsf::{
     ActionId, ActivityId, ConfidenceId, DetectionFindingBuilder, DispositionId, Endpoint,
@@ -118,6 +119,7 @@ pub fn spawn(
     namespace_name: String,
     entrypoint_pid: Arc<AtomicU32>,
     denial_tx: Option<mpsc::UnboundedSender<DenialEvent>>,
+    activity_tx: Option<mpsc::UnboundedSender<ActivityEvent>>,
 ) -> Option<tokio::task::JoinHandle<()>> {
     use std::io::BufRead;
     use std::process::{Command, Stdio};
@@ -277,6 +279,12 @@ pub fn spawn(
                     l7_path: None,
                 });
             }
+            if let Some(ref tx) = activity_tx {
+                let _ = tx.send(ActivityEvent {
+                    denied: true,
+                    deny_group: "bypass",
+                });
+            }
         }
 
         // Clean up the dmesg child process.

crates/openshell-sandbox/src/grpc_client.rs

@@ -10,10 +10,10 @@ use std::time::Duration;
 use miette::{IntoDiagnostic, Result, WrapErr};
 use openshell_core::proto::{
     DenialSummary, GetDraftPolicyRequest, GetInferenceBundleRequest, GetInferenceBundleResponse,
-    GetSandboxConfigRequest, GetSandboxProviderEnvironmentRequest, PolicyChunk, PolicySource,
-    PolicyStatus, ReportPolicyStatusRequest, SandboxPolicy as ProtoSandboxPolicy,
-    SubmitPolicyAnalysisRequest, SubmitPolicyAnalysisResponse, UpdateConfigRequest,
-    inference_client::InferenceClient, open_shell_client::OpenShellClient,
+    GetSandboxConfigRequest, GetSandboxProviderEnvironmentRequest, NetworkActivitySummary,
+    PolicyChunk, PolicySource, PolicyStatus, ReportPolicyStatusRequest,
+    SandboxPolicy as ProtoSandboxPolicy, SubmitPolicyAnalysisRequest, SubmitPolicyAnalysisResponse,
+    UpdateConfigRequest, inference_client::InferenceClient, open_shell_client::OpenShellClient,
 };
 use tonic::transport::{Certificate, Channel, ClientTlsConfig, Endpoint, Identity};
 use tracing::debug;
@@ -307,6 +307,7 @@ impl CachedOpenShellClient {
         sandbox_name: &str,
         summaries: Vec<DenialSummary>,
         proposed_chunks: Vec<PolicyChunk>,
+        network_activity_summaries: Vec<NetworkActivitySummary>,
         analysis_mode: &str,
     ) -> Result<SubmitPolicyAnalysisResponse> {
         let response = self
@@ -316,6 +317,7 @@ impl CachedOpenShellClient {
                 name: sandbox_name.to_string(),
                 summaries,
                 proposed_chunks,
+                network_activity_summaries,
                 analysis_mode: analysis_mode.to_string(),
             })
             .await

crates/openshell-sandbox/src/l7/graphql.rs

@@ -801,6 +801,7 @@ network_policies:
             ancestors: Vec::new(),
             cmdline_paths: Vec::new(),
             secret_resolver: None,
+            activity_tx: None,
         };
         let request_info = crate::l7::L7RequestInfo {
             action: req.action,