@centrali-io/centrali-mcp 4.2.6 → 4.2.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/tools/compute.js +71 -0
- package/dist/tools/describe.js +29 -1
- package/package.json +1 -1
- package/src/tools/compute.ts +87 -0
- package/src/tools/describe.ts +29 -1
package/dist/tools/compute.js
CHANGED
|
@@ -454,4 +454,75 @@ function registerComputeTools(server, sdk) {
|
|
|
454
454
|
};
|
|
455
455
|
}
|
|
456
456
|
}));
|
|
457
|
+
// ── Allowed Domains tools ──────────────────────────────────────────
|
|
458
|
+
server.tool("list_allowed_domains", "List all allowed domains for compute function HTTP requests. Functions can only call external APIs on domains in this allowlist.", {}, () => __awaiter(this, void 0, void 0, function* () {
|
|
459
|
+
try {
|
|
460
|
+
const result = yield sdk.allowedDomains.list();
|
|
461
|
+
return {
|
|
462
|
+
content: [
|
|
463
|
+
{ type: "text", text: JSON.stringify(result.data, null, 2) },
|
|
464
|
+
],
|
|
465
|
+
};
|
|
466
|
+
}
|
|
467
|
+
catch (error) {
|
|
468
|
+
return {
|
|
469
|
+
content: [
|
|
470
|
+
{
|
|
471
|
+
type: "text",
|
|
472
|
+
text: formatError(error, "listing allowed domains"),
|
|
473
|
+
},
|
|
474
|
+
],
|
|
475
|
+
isError: true,
|
|
476
|
+
};
|
|
477
|
+
}
|
|
478
|
+
}));
|
|
479
|
+
server.tool("add_allowed_domain", "Add a domain to the allowlist so compute functions can make HTTP requests to it. Supports wildcards (e.g., '*.example.com').", {
|
|
480
|
+
domain: zod_1.z.string().describe("Domain to allow (e.g., 'api.stripe.com' or '*.googleapis.com')"),
|
|
481
|
+
}, (_a) => __awaiter(this, [_a], void 0, function* ({ domain }) {
|
|
482
|
+
try {
|
|
483
|
+
const result = yield sdk.allowedDomains.add({ domain });
|
|
484
|
+
return {
|
|
485
|
+
content: [
|
|
486
|
+
{ type: "text", text: JSON.stringify(result.data, null, 2) },
|
|
487
|
+
],
|
|
488
|
+
};
|
|
489
|
+
}
|
|
490
|
+
catch (error) {
|
|
491
|
+
return {
|
|
492
|
+
content: [
|
|
493
|
+
{
|
|
494
|
+
type: "text",
|
|
495
|
+
text: formatError(error, `adding allowed domain '${domain}'`),
|
|
496
|
+
},
|
|
497
|
+
],
|
|
498
|
+
isError: true,
|
|
499
|
+
};
|
|
500
|
+
}
|
|
501
|
+
}));
|
|
502
|
+
server.tool("remove_allowed_domain", "Remove a domain from the allowlist. Compute functions will no longer be able to call this domain.", {
|
|
503
|
+
domainId: zod_1.z.string().describe("The allowed domain ID (UUID) to remove"),
|
|
504
|
+
}, (_a) => __awaiter(this, [_a], void 0, function* ({ domainId }) {
|
|
505
|
+
try {
|
|
506
|
+
yield sdk.allowedDomains.remove(domainId);
|
|
507
|
+
return {
|
|
508
|
+
content: [
|
|
509
|
+
{
|
|
510
|
+
type: "text",
|
|
511
|
+
text: `Allowed domain '${domainId}' removed successfully.`,
|
|
512
|
+
},
|
|
513
|
+
],
|
|
514
|
+
};
|
|
515
|
+
}
|
|
516
|
+
catch (error) {
|
|
517
|
+
return {
|
|
518
|
+
content: [
|
|
519
|
+
{
|
|
520
|
+
type: "text",
|
|
521
|
+
text: formatError(error, `removing allowed domain '${domainId}'`),
|
|
522
|
+
},
|
|
523
|
+
],
|
|
524
|
+
isError: true,
|
|
525
|
+
};
|
|
526
|
+
}
|
|
527
|
+
}));
|
|
457
528
|
}
|
package/dist/tools/describe.js
CHANGED
|
@@ -62,7 +62,7 @@ function registerDescribeTools(server) {
|
|
|
62
62
|
tools: ["search_records"],
|
|
63
63
|
},
|
|
64
64
|
compute: {
|
|
65
|
-
summary: "Server-side JavaScript functions with triggers (on-demand, event-driven, scheduled, http-trigger).",
|
|
65
|
+
summary: "Server-side JavaScript functions with triggers (on-demand, event-driven, scheduled, http-trigger) and domain allowlisting for external API calls.",
|
|
66
66
|
describeWith: "describe_compute",
|
|
67
67
|
tools: [
|
|
68
68
|
"list_functions",
|
|
@@ -79,6 +79,9 @@ function registerDescribeTools(server) {
|
|
|
79
79
|
"invoke_trigger",
|
|
80
80
|
"pause_trigger",
|
|
81
81
|
"resume_trigger",
|
|
82
|
+
"list_allowed_domains",
|
|
83
|
+
"add_allowed_domain",
|
|
84
|
+
"remove_allowed_domain",
|
|
82
85
|
],
|
|
83
86
|
},
|
|
84
87
|
smart_queries: {
|
|
@@ -478,6 +481,30 @@ function registerDescribeTools(server) {
|
|
|
478
481
|
required_params: ["triggerId"],
|
|
479
482
|
},
|
|
480
483
|
},
|
|
484
|
+
allowed_domains: {
|
|
485
|
+
description: "Workspace-level allowlist controlling which external domains compute functions can call via api.httpGet/httpPost/etc. Functions attempting to reach unlisted domains get an error.",
|
|
486
|
+
domain_shape: {
|
|
487
|
+
id: "UUID",
|
|
488
|
+
domain: "string — the allowed domain (e.g., 'api.stripe.com' or '*.googleapis.com')",
|
|
489
|
+
createdAt: "ISO 8601 datetime",
|
|
490
|
+
createdBy: "UUID",
|
|
491
|
+
},
|
|
492
|
+
tools: {
|
|
493
|
+
list_allowed_domains: {
|
|
494
|
+
description: "List all allowed domains in the workspace",
|
|
495
|
+
},
|
|
496
|
+
add_allowed_domain: {
|
|
497
|
+
description: "Add a domain to the allowlist",
|
|
498
|
+
required_params: ["domain"],
|
|
499
|
+
},
|
|
500
|
+
remove_allowed_domain: {
|
|
501
|
+
description: "Remove a domain from the allowlist by ID",
|
|
502
|
+
required_params: ["domainId"],
|
|
503
|
+
},
|
|
504
|
+
},
|
|
505
|
+
wildcards: "Use '*.example.com' to allow all subdomains of example.com",
|
|
506
|
+
note: "Functions can only make HTTP requests to domains on this list. Add domains before creating functions that call external APIs.",
|
|
507
|
+
},
|
|
481
508
|
sandbox_api: {
|
|
482
509
|
description: "Functions receive an `api` object with built-in utilities. Key crypto methods:",
|
|
483
510
|
crypto: {
|
|
@@ -497,6 +524,7 @@ function registerDescribeTools(server) {
|
|
|
497
524
|
"Use test_function to validate code before creating or updating a function",
|
|
498
525
|
"Use create_function + create_trigger together to set up a complete compute pipeline",
|
|
499
526
|
"Use api.crypto.signJwt() for GitHub App, Google Cloud, or Azure AD authentication flows",
|
|
527
|
+
"Before creating functions that call external APIs, add the target domains with add_allowed_domain",
|
|
500
528
|
],
|
|
501
529
|
}, null, 2),
|
|
502
530
|
},
|
package/package.json
CHANGED
package/src/tools/compute.ts
CHANGED
|
@@ -510,4 +510,91 @@ export function registerComputeTools(server: McpServer, sdk: CentraliSDK) {
|
|
|
510
510
|
}
|
|
511
511
|
}
|
|
512
512
|
);
|
|
513
|
+
|
|
514
|
+
// ── Allowed Domains tools ──────────────────────────────────────────
|
|
515
|
+
|
|
516
|
+
server.tool(
|
|
517
|
+
"list_allowed_domains",
|
|
518
|
+
"List all allowed domains for compute function HTTP requests. Functions can only call external APIs on domains in this allowlist.",
|
|
519
|
+
{},
|
|
520
|
+
async () => {
|
|
521
|
+
try {
|
|
522
|
+
const result = await sdk.allowedDomains.list();
|
|
523
|
+
return {
|
|
524
|
+
content: [
|
|
525
|
+
{ type: "text", text: JSON.stringify(result.data, null, 2) },
|
|
526
|
+
],
|
|
527
|
+
};
|
|
528
|
+
} catch (error: unknown) {
|
|
529
|
+
return {
|
|
530
|
+
content: [
|
|
531
|
+
{
|
|
532
|
+
type: "text",
|
|
533
|
+
text: formatError(error, "listing allowed domains"),
|
|
534
|
+
},
|
|
535
|
+
],
|
|
536
|
+
isError: true,
|
|
537
|
+
};
|
|
538
|
+
}
|
|
539
|
+
}
|
|
540
|
+
);
|
|
541
|
+
|
|
542
|
+
server.tool(
|
|
543
|
+
"add_allowed_domain",
|
|
544
|
+
"Add a domain to the allowlist so compute functions can make HTTP requests to it. Supports wildcards (e.g., '*.example.com').",
|
|
545
|
+
{
|
|
546
|
+
domain: z.string().describe("Domain to allow (e.g., 'api.stripe.com' or '*.googleapis.com')"),
|
|
547
|
+
},
|
|
548
|
+
async ({ domain }) => {
|
|
549
|
+
try {
|
|
550
|
+
const result = await sdk.allowedDomains.add({ domain });
|
|
551
|
+
return {
|
|
552
|
+
content: [
|
|
553
|
+
{ type: "text", text: JSON.stringify(result.data, null, 2) },
|
|
554
|
+
],
|
|
555
|
+
};
|
|
556
|
+
} catch (error: unknown) {
|
|
557
|
+
return {
|
|
558
|
+
content: [
|
|
559
|
+
{
|
|
560
|
+
type: "text",
|
|
561
|
+
text: formatError(error, `adding allowed domain '${domain}'`),
|
|
562
|
+
},
|
|
563
|
+
],
|
|
564
|
+
isError: true,
|
|
565
|
+
};
|
|
566
|
+
}
|
|
567
|
+
}
|
|
568
|
+
);
|
|
569
|
+
|
|
570
|
+
server.tool(
|
|
571
|
+
"remove_allowed_domain",
|
|
572
|
+
"Remove a domain from the allowlist. Compute functions will no longer be able to call this domain.",
|
|
573
|
+
{
|
|
574
|
+
domainId: z.string().describe("The allowed domain ID (UUID) to remove"),
|
|
575
|
+
},
|
|
576
|
+
async ({ domainId }) => {
|
|
577
|
+
try {
|
|
578
|
+
await sdk.allowedDomains.remove(domainId);
|
|
579
|
+
return {
|
|
580
|
+
content: [
|
|
581
|
+
{
|
|
582
|
+
type: "text",
|
|
583
|
+
text: `Allowed domain '${domainId}' removed successfully.`,
|
|
584
|
+
},
|
|
585
|
+
],
|
|
586
|
+
};
|
|
587
|
+
} catch (error: unknown) {
|
|
588
|
+
return {
|
|
589
|
+
content: [
|
|
590
|
+
{
|
|
591
|
+
type: "text",
|
|
592
|
+
text: formatError(error, `removing allowed domain '${domainId}'`),
|
|
593
|
+
},
|
|
594
|
+
],
|
|
595
|
+
isError: true,
|
|
596
|
+
};
|
|
597
|
+
}
|
|
598
|
+
}
|
|
599
|
+
);
|
|
513
600
|
}
|
package/src/tools/describe.ts
CHANGED
|
@@ -62,7 +62,7 @@ export function registerDescribeTools(server: McpServer) {
|
|
|
62
62
|
},
|
|
63
63
|
compute: {
|
|
64
64
|
summary:
|
|
65
|
-
"Server-side JavaScript functions with triggers (on-demand, event-driven, scheduled, http-trigger).",
|
|
65
|
+
"Server-side JavaScript functions with triggers (on-demand, event-driven, scheduled, http-trigger) and domain allowlisting for external API calls.",
|
|
66
66
|
describeWith: "describe_compute",
|
|
67
67
|
tools: [
|
|
68
68
|
"list_functions",
|
|
@@ -79,6 +79,9 @@ export function registerDescribeTools(server: McpServer) {
|
|
|
79
79
|
"invoke_trigger",
|
|
80
80
|
"pause_trigger",
|
|
81
81
|
"resume_trigger",
|
|
82
|
+
"list_allowed_domains",
|
|
83
|
+
"add_allowed_domain",
|
|
84
|
+
"remove_allowed_domain",
|
|
82
85
|
],
|
|
83
86
|
},
|
|
84
87
|
smart_queries: {
|
|
@@ -548,6 +551,30 @@ export function registerDescribeTools(server: McpServer) {
|
|
|
548
551
|
required_params: ["triggerId"],
|
|
549
552
|
},
|
|
550
553
|
},
|
|
554
|
+
allowed_domains: {
|
|
555
|
+
description: "Workspace-level allowlist controlling which external domains compute functions can call via api.httpGet/httpPost/etc. Functions attempting to reach unlisted domains get an error.",
|
|
556
|
+
domain_shape: {
|
|
557
|
+
id: "UUID",
|
|
558
|
+
domain: "string — the allowed domain (e.g., 'api.stripe.com' or '*.googleapis.com')",
|
|
559
|
+
createdAt: "ISO 8601 datetime",
|
|
560
|
+
createdBy: "UUID",
|
|
561
|
+
},
|
|
562
|
+
tools: {
|
|
563
|
+
list_allowed_domains: {
|
|
564
|
+
description: "List all allowed domains in the workspace",
|
|
565
|
+
},
|
|
566
|
+
add_allowed_domain: {
|
|
567
|
+
description: "Add a domain to the allowlist",
|
|
568
|
+
required_params: ["domain"],
|
|
569
|
+
},
|
|
570
|
+
remove_allowed_domain: {
|
|
571
|
+
description: "Remove a domain from the allowlist by ID",
|
|
572
|
+
required_params: ["domainId"],
|
|
573
|
+
},
|
|
574
|
+
},
|
|
575
|
+
wildcards: "Use '*.example.com' to allow all subdomains of example.com",
|
|
576
|
+
note: "Functions can only make HTTP requests to domains on this list. Add domains before creating functions that call external APIs.",
|
|
577
|
+
},
|
|
551
578
|
sandbox_api: {
|
|
552
579
|
description: "Functions receive an `api` object with built-in utilities. Key crypto methods:",
|
|
553
580
|
crypto: {
|
|
@@ -567,6 +594,7 @@ export function registerDescribeTools(server: McpServer) {
|
|
|
567
594
|
"Use test_function to validate code before creating or updating a function",
|
|
568
595
|
"Use create_function + create_trigger together to set up a complete compute pipeline",
|
|
569
596
|
"Use api.crypto.signJwt() for GitHub App, Google Cloud, or Azure AD authentication flows",
|
|
597
|
+
"Before creating functions that call external APIs, add the target domains with add_allowed_domain",
|
|
570
598
|
],
|
|
571
599
|
},
|
|
572
600
|
null,
|