feat(cluster,server,auth): add operational health endpoints, persist cluster topology, and hide credential secrets from runtime listings

rust/src/auth.rs

@@ -176,6 +176,12 @@ pub struct RuntimeCredentialStore {
     credentials: RwLock<Vec<Credential>>,
 }
 
+#[derive(Debug, Clone, serde::Serialize)]
+#[serde(rename_all = "camelCase")]
+pub struct CredentialMetadata {
+    pub access_key_id: String,
+}
+
 impl RuntimeCredentialStore {
     pub fn new(config: &AuthConfig) -> Self {
         Self {
@@ -188,8 +194,15 @@ impl RuntimeCredentialStore {
         self.enabled
     }
 
-    pub async fn list_credentials(&self) -> Vec<Credential> {
-        self.credentials.read().await.clone()
+    pub async fn list_credentials(&self) -> Vec<CredentialMetadata> {
+        self.credentials
+            .read()
+            .await
+            .iter()
+            .map(|credential| CredentialMetadata {
+                access_key_id: credential.access_key_id.clone(),
+            })
+            .collect()
     }
 
     pub async fn snapshot_credentials(&self) -> Vec<Credential> {