Add stable pseudonymous telemetry identifiers

[de1987]

Description

Replaces the volatile user_unique_id (which changed on every server restart) with three new stable, privacy-preserving telemetry fields:

• user_pseudo_id: HMAC-SHA-256 of the user's ansible_id from the /api/gateway/v1/me/ endpoint. Stable across restarts. Falls back to literal "anonymous" when ansible_id is unavailable.
• installer_pseudo_id: HMAC-SHA-256 of the INSTALLER_ID env var (injected by the Operator or Containerized installer). Defaults to "unknown" when not set.
• user_type: "internal" or "external" based on email domain matching against INTERNAL_EMAIL_DOMAINS (defaults to redhat.com,ibm.com,ansible.com).

All pseudonymous identifiers use HMAC-SHA-256 with a persistent secret key (TELEMETRY_HMAC_KEY), making brute-force reversal infeasible. No PII is transmitted in any telemetry event.

[github-actions]

Coverage Report

Status	Category	Percentage	Covered / Total
🔵	Lines	85.98%	761 / 885
🔵	Statements	85.52%	786 / 919
🟢	Functions	90.81% (🎯 70%)	168 / 185
🟢	Branches	75.84% (🎯 70%)	405 / 534

File Coverage

File	Stmts	Branches	Functions	Lines	Uncovered Lines
Changed Files
src/analytics-validation-plugin.ts	96.29%	96.47%	100%	96.29%	139-144, 172-176
src/analytics.ts	77.96%	72.72%	66.66%	76.78%	46, 58-59, 65-66, 78-79, 98, 137, 184, 222, 254, 274
src/index.ts	80%	58.62%	91.83%	79.82%	39, 103-106, 132-134, 146-153, 190, 206, 215, 244-247, 282-285, 311, 334, 344, 375, 383, 387, 401-402, 413, 425-428, 458-461, 533-538, 544-548, 555-567, 582, 587-591, 610-620, 643-645, 666-679, 768-769, 803, 863-889, 893-894
src/pseudo-identity.ts	100%	100%	100%	100%
src/session.ts	95.12%	85.18%	100%	96.29%	76, 181, 190, 199

Generated in workflow #394 for commit 2b13a43 by the Vitest Coverage Report Action

[de1987]

#141
this PR will fix the audit check

[omaciel]

Rebase

[TamiTakamiya]

While I left two comments, they are minor and I think it is good overall. Thanks!

[mabashian]

lgtm