Release v0.4.1: Foundries device management refactoring and Google Sheets export

- Refactored list_foundries_devices from foundries_vpn.py to dedicated foundries_devices.py module
- Enhanced device information with comprehensive metadata (creation date, last seen, owner, tags, device group, OSTree hash, UUID)
- Added Google Sheets export functionality with filtering and sorting
- Fixed field parsing to handle empty fields correctly
- Updated documentation and help text
- Added export data files to .gitignore

This release improves code organization and provides richer device metadata for better device management workflows.

Author: Alex J Lennon

.cursorrules

@@ -2,30 +2,112 @@
 
 ## SSH Connections
 
-**ALWAYS use SSH multiplexing (ControlMaster) for repeated SSH connections:**
+**CRITICAL: ALWAYS use sshpass for SSH connections that require password authentication:**
 
-1. **First connection** - Establish master:
+1. **ALWAYS use sshpass** when passwords are needed:
+   ```bash
+   sshpass -p 'password' ssh -o StrictHostKeyChecking=no user@host "command"
+   ```
+
+2. **SSH Multiplexing (ControlMaster)** - For repeated SSH connections:
+
+   **First connection** - Establish master:
    ```bash
    sshpass -p 'password' ssh -o ControlMaster=yes \
        -o ControlPath=~/.ssh/controlmasters/%h-%p-%r \
        -o ControlPersist=300 \
+       -o StrictHostKeyChecking=no \
        -p PORT user@host "command"
    ```
 
-2. **Subsequent connections** - Reuse master:
+   **Subsequent connections** - Reuse master:
    ```bash
    ssh -o ControlPath=~/.ssh/controlmasters/%h-%p-%r \
+       -o StrictHostKeyChecking=no \
        -p PORT user@host "command"
    ```
 
 3. **For WireGuard server** (proxmox.dynamicdevices.co.uk:5025):
    - Use multiplexing for all diagnostic commands
+   - Use sshpass for initial connection
    - Master connection persists for 5 minutes
    - No password needed after first connection
 
+4. **Default SSH users:**
+   - Foundries devices: `fio` (or `root` if fio unavailable)
+   - WireGuard server: `root`
+   - Hardware lab devices: Check device config or try `root`/`fio`
+
+5. **Common passwords:**
+   - Foundries devices: `fio` (default)
+   - WireGuard server: Check with user or use SSH keys when available
+
 ## Best Practices
 
 - Use multiplexing whenever making multiple SSH connections to the same host
 - Set ControlPersist to 300-600 seconds
 - Use unique ControlPath per host/port/user combination
 - Document SSH connection patterns in code comments
+
+## Pull Request Guidelines
+
+**ALWAYS follow these rules when creating or updating PRs:**
+
+1. **ALWAYS Create PRs as DRAFT:**
+   - **CRITICAL:** When creating a PR, it MUST be created as a DRAFT
+   - Use `--draft` flag with `gh pr create` or set `draft: true` via API
+   - **Only the user (ajlennon) is allowed to convert PRs from draft to ready/OPEN status**
+   - This prevents reviewers from being notified prematurely and avoids annoying them with incomplete work
+   - Even if the PR appears complete, create it as draft - let the user decide when it's ready for review
+
+2. **Cursor.AI Note:** Every PR description MUST include a note that it was generated with Cursor.AI assistance:
+   ```
+   ## Generated with Cursor.AI Assistance
+   
+   This PR and its changes were generated with the assistance of Cursor.AI for user ajlennon (Alex J Lennon, ajlennon@dynamicdevices.co.uk).
+   ```
+
+3. **Explicit Notification:** After creating or updating a PR, ALWAYS explicitly inform the user:
+   - PR number and URL
+   - Status (DRAFT/OPEN) - **emphasize if it's DRAFT and that user needs to convert it**
+   - What was updated
+   - That it includes the Cursor.AI note
+   - **Reminder:** "This PR is created as DRAFT - you can convert it to ready when you're satisfied"
+
+4. **Review Comments:** When updating PRs, review existing comments and address them if needed before updating the PR description.
+
+4. **CRITICAL: Comprehensive PR Review After Any Changes:**
+   **After making ANY changes to a PR (description, code, comments), you MUST:**
+   - Verify all claims in the PR description match the actual code implementation
+   - Check that code examples in the PR are accurate
+   - Verify that "Review Comments Addressed" sections accurately reflect what was fixed
+   - Ensure line numbers mentioned in PR are correct (if mentioned)
+   - Verify that all technical claims are accurate (e.g., "subnet is derived" → check code actually does this)
+   - Cross-reference PR description with actual code changes
+   - Test any code examples or logic described in the PR
+   - **This is CRITICAL** - incorrect PR descriptions mislead reviewers and damage trust
+
+## AI-Generated Content Disclosure
+
+**CRITICAL: ALL AI-generated content MUST include disclosure:**
+
+**When creating or responding to:**
+- Pull Requests (PRs)
+- Pull Request comments and reviews
+- Issue comments
+- Code reviews
+- Documentation
+- Any external communications (GitHub, GitLab, etc.)
+
+**ALWAYS include this note:**
+```
+*This [response/PR/comment] was made with the assistance of Cursor.AI for user ajlennon (Alex J Lennon, ajlennon@dynamicdevices.co.uk).*
+```
+
+**Format examples:**
+- PR descriptions: Add a section at the bottom
+- Comments: Add at the end of the comment
+- Code reviews: Include in review summary
+- Documentation: Add to author/credits section
+
+**This ensures transparency about AI assistance in all communications.**

.gitignore

@@ -59,3 +59,6 @@ Thumbs.db
 
 # Generated network maps
 network_maps/
+
+# Exported device data (may contain sensitive metadata)
+foundries_devices_export.json

BROWSER_SETUP_GUIDE.md

@@ -0,0 +1,83 @@
+# Browser-Based Google Sheets Setup Guide
+
+## Step-by-Step Instructions
+
+### Step 1: Sign In to Google Cloud Console
+The browser is currently showing the Google sign-in page. Please:
+1. Enter your Google account email
+2. Click "Next"
+3. Enter your password
+4. Complete any 2FA if required
+
+### Step 2: Create a Project (if needed)
+After signing in, you'll see the Google Cloud Console. If you don't have a project yet:
+
+1. Click on the **project dropdown** at the top (shows "Select a project")
+2. Click **"New Project"**
+3. Enter project name: `Foundries Devices Export`
+4. Click **"Create"**
+5. Wait for project creation (takes ~10 seconds)
+6. Select the new project from the dropdown
+
+### Step 3: Enable Google Sheets API
+Once you have a project selected:
+
+1. The browser should navigate to: `https://console.cloud.google.com/apis/library/sheets.googleapis.com`
+2. Click the **"Enable"** button (blue button on the page)
+3. Wait for API to enable (~5 seconds)
+
+### Step 4: Create Service Account
+After API is enabled:
+
+1. Go to: **APIs & Services** → **Credentials** (in the left sidebar)
+   OR navigate directly to: `https://console.cloud.google.com/apis/credentials`
+2. Click **"Create Credentials"** button (top of page)
+3. Select **"Service Account"**
+4. Fill in:
+   - **Service account name**: `foundries-export`
+   - **Service account ID**: (auto-filled)
+   - **Description**: `Service account for Foundries devices export to Google Sheets`
+5. Click **"Create and Continue"**
+6. Skip role assignment (click **"Continue"**)
+7. Click **"Done"**
+
+### Step 5: Create and Download Key
+1. You'll see your service account in the list
+2. Click on the service account name (`foundries-export`)
+3. Go to the **"Keys"** tab
+4. Click **"Add Key"** → **"Create new key"**
+5. Select **"JSON"** format
+6. Click **"Create"**
+7. The JSON file will download automatically
+
+### Step 6: Save Credentials
+After the file downloads:
+
+1. Find the downloaded file (usually in `~/Downloads/`)
+2. Copy it to the project root:
+   ```bash
+   cp ~/Downloads/foundries-export-*.json /home/ajlennon/data_drive/esl/mcp-remote-testing/credentials.json
+   ```
+
+### Step 7: Run Export
+```bash
+cd /home/ajlennon/data_drive/esl/mcp-remote-testing
+python3 export_to_google_sheets.py --factory sentai
+```
+
+## Quick Navigation URLs
+
+- **Google Sheets API**: https://console.cloud.google.com/apis/library/sheets.googleapis.com
+- **Credentials Page**: https://console.cloud.google.com/apis/credentials
+- **Service Accounts**: https://console.cloud.google.com/iam-admin/serviceaccounts
+
+## What the Browser Will Help With
+
+The browser will help you:
+1. Navigate to the correct pages
+2. Click the right buttons
+3. Fill in forms
+4. Download the credentials file
+
+Let me know when you've signed in and I'll continue guiding you through the browser!
+

CHANGELOG.md

@@ -2,6 +2,23 @@
 
 [Semantic Versioning](https://semver.org/)
 
+## [0.4.1] - 2025-01-20
+
+### Added
+- **Foundries Device Management Module**: New `foundries_devices.py` module for managing Foundries devices separately from VPN functionality
+- **Enhanced Device Information**: `list_foundries_devices` now returns comprehensive device metadata including creation date, last seen, owner, tags, device group, OSTree hash, UUID, and updated timestamps
+- **Google Sheets Export**: New `export_to_google_sheets.py` script for exporting Foundries device data to Google Spreadsheets with filtering and sorting capabilities
+- **Device Export Documentation**: Added `GOOGLE_SHEETS_SETUP.md` and `BROWSER_SETUP_GUIDE.md` for Google Sheets API setup
+
+### Changed
+- **Code Organization**: Refactored `list_foundries_devices` from `foundries_vpn.py` to dedicated `foundries_devices.py` module for better code organization
+- **Device List Parsing**: Improved parsing logic to correctly handle empty fields (device-group, updated-at) in fioctl output
+- **Help Documentation**: Updated help text to clarify that `list_foundries_devices` lists ALL devices, not just VPN-enabled ones
+
+### Fixed
+- **Field Parsing**: Fixed incorrect field extraction when device-group or updated-at fields are empty in fioctl output
+- **Circular Import**: Resolved circular import issue by properly organizing imports between foundries_vpn and foundries_devices modules
+
 ## [0.4.0] - 2025-11-17
 
 ### Added

GOOGLE_SHEETS_SETUP.md

@@ -0,0 +1,94 @@
+# Google Sheets Export Setup Guide
+
+## Quick Setup Steps
+
+### 1. Create Google Cloud Project and Enable API
+
+1. Go to [Google Cloud Console](https://console.cloud.google.com/)
+2. Create a new project (or select existing)
+3. Enable **Google Sheets API**:
+   - Navigate to "APIs & Services" > "Library"
+   - Search for "Google Sheets API"
+   - Click "Enable"
+
+### 2. Create Service Account
+
+1. Go to "APIs & Services" > "Credentials"
+2. Click "Create Credentials" > "Service Account"
+3. Fill in:
+   - **Service account name**: `foundries-devices-export` (or any name)
+   - **Service account ID**: auto-generated
+   - Click "Create and Continue"
+4. Skip role assignment (click "Continue")
+5. Click "Done"
+
+### 3. Create and Download Key
+
+1. Click on the service account you just created
+2. Go to "Keys" tab
+3. Click "Add Key" > "Create new key"
+4. Select **JSON** format
+5. Click "Create" - this downloads a JSON file
+
+### 4. Save Credentials
+
+**Option A: Place in project root**
+```bash
+# Copy the downloaded JSON file to project root as credentials.json
+cp ~/Downloads/your-service-account-key.json /path/to/mcp-remote-testing/credentials.json
+```
+
+**Option B: Use environment variable**
+```bash
+export GOOGLE_SHEETS_CREDENTIALS=/path/to/your-service-account-key.json
+```
+
+### 5. Create or Share Google Sheet
+
+**Option A: Create new spreadsheet (automatic)**
+- The script will create a new spreadsheet automatically
+- You'll get the URL in the output
+
+**Option B: Use existing spreadsheet**
+1. Create a Google Sheet manually
+2. Share it with the **service account email** (found in the JSON file, looks like `xxx@xxx.iam.gserviceaccount.com`)
+3. Give it "Editor" permissions
+4. Copy the Spreadsheet ID from the URL:
+   - URL format: `https://docs.google.com/spreadsheets/d/SPREADSHEET_ID/edit`
+   - Use: `python3 export_to_google_sheets.py --spreadsheet-id SPREADSHEET_ID`
+
+## Usage Examples
+
+### Create new spreadsheet
+```bash
+python3 export_to_google_sheets.py --factory sentai
+```
+
+### Export to existing spreadsheet
+```bash
+python3 export_to_google_sheets.py --factory sentai --spreadsheet-id YOUR_SPREADSHEET_ID
+```
+
+### Custom sheet name
+```bash
+python3 export_to_google_sheets.py --factory sentai --sheet-name "Sentai Devices"
+```
+
+### Custom spreadsheet title
+```bash
+python3 export_to_google_sheets.py --factory sentai --title "My Foundries Devices"
+```
+
+## Troubleshooting
+
+**Error: "Google Sheets credentials not found"**
+- Make sure `credentials.json` is in the project root, OR
+- Set `GOOGLE_SHEETS_CREDENTIALS` environment variable
+
+**Error: "Permission denied" or "Spreadsheet not found"**
+- Make sure you've shared the spreadsheet with the service account email
+- Check that the service account email matches the one in your credentials JSON
+
+**Error: "API not enabled"**
+- Make sure Google Sheets API is enabled in your Google Cloud project
+