@kya-os/create-mcpi-app 1.7.42-canary.37 ā 1.7.42-canary.39
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -8,15 +8,16 @@ interface CloudflareTemplateOptions {
|
|
|
8
8
|
/**
|
|
9
9
|
* Fetches the Cloudflare MCP-I template
|
|
10
10
|
*
|
|
11
|
-
* Generates a
|
|
12
|
-
* - package.json
|
|
13
|
-
* - wrangler.toml
|
|
14
|
-
* - .dev.vars
|
|
11
|
+
* Generates a complete project structure:
|
|
12
|
+
* - package.json with all scripts
|
|
13
|
+
* - wrangler.toml with all KV namespaces configured
|
|
14
|
+
* - .dev.vars with all secrets
|
|
15
15
|
* - src/index.ts
|
|
16
16
|
* - src/agent.ts
|
|
17
17
|
* - src/tools/greet.ts
|
|
18
18
|
* - src/mcpi-runtime-config.ts
|
|
19
|
-
* - scripts/setup.js
|
|
19
|
+
* - scripts/setup.js for KV namespace creation and key regeneration
|
|
20
|
+
* - Automatically runs setup to create KV namespaces
|
|
20
21
|
*/
|
|
21
22
|
export declare function fetchCloudflareMcpiTemplate(targetDir: string, options: CloudflareTemplateOptions | string): Promise<void>;
|
|
22
23
|
export {};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"fetch-cloudflare-mcpi-template.d.ts","sourceRoot":"","sources":["../../src/helpers/fetch-cloudflare-mcpi-template.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"fetch-cloudflare-mcpi-template.d.ts","sourceRoot":"","sources":["../../src/helpers/fetch-cloudflare-mcpi-template.ts"],"names":[],"mappings":"AAOA,UAAU,yBAAyB;IACjC,cAAc,EAAE,MAAM,CAAC;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAsB,2BAA2B,CAC/C,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,yBAAyB,GAAG,MAAM,GAC1C,OAAO,CAAC,IAAI,CAAC,CAmef"}
|
|
@@ -1,32 +1,39 @@
|
|
|
1
1
|
import fs from "fs-extra";
|
|
2
2
|
import path from "path";
|
|
3
3
|
import chalk from "chalk";
|
|
4
|
-
import {
|
|
4
|
+
import { spawn } from "child_process";
|
|
5
|
+
import crypto from "crypto";
|
|
6
|
+
import { generateIdentity } from "./generate-identity.js";
|
|
5
7
|
/**
|
|
6
8
|
* Fetches the Cloudflare MCP-I template
|
|
7
9
|
*
|
|
8
|
-
* Generates a
|
|
9
|
-
* - package.json
|
|
10
|
-
* - wrangler.toml
|
|
11
|
-
* - .dev.vars
|
|
10
|
+
* Generates a complete project structure:
|
|
11
|
+
* - package.json with all scripts
|
|
12
|
+
* - wrangler.toml with all KV namespaces configured
|
|
13
|
+
* - .dev.vars with all secrets
|
|
12
14
|
* - src/index.ts
|
|
13
15
|
* - src/agent.ts
|
|
14
16
|
* - src/tools/greet.ts
|
|
15
17
|
* - src/mcpi-runtime-config.ts
|
|
16
|
-
* - scripts/setup.js
|
|
18
|
+
* - scripts/setup.js for KV namespace creation and key regeneration
|
|
19
|
+
* - Automatically runs setup to create KV namespaces
|
|
17
20
|
*/
|
|
18
21
|
export async function fetchCloudflareMcpiTemplate(targetDir, options) {
|
|
19
22
|
// Handle legacy string argument (projectName) for backward compatibility
|
|
20
23
|
const opts = typeof options === 'string'
|
|
21
24
|
? { packageManager: 'npm', projectName: options }
|
|
22
25
|
: options;
|
|
23
|
-
const { projectName, apikey, projectId } = opts;
|
|
26
|
+
const { projectName, apikey, projectId, packageManager } = opts;
|
|
27
|
+
const projectNameUpper = projectName.toUpperCase().replace(/-/g, '_');
|
|
24
28
|
console.log(chalk.blue(`\nšļø Generating Cloudflare MCP-I project: ${projectName}...`));
|
|
25
29
|
// 1. Create directory structure
|
|
26
30
|
await fs.ensureDir(path.join(targetDir, "src"));
|
|
27
31
|
await fs.ensureDir(path.join(targetDir, "src/tools"));
|
|
28
32
|
await fs.ensureDir(path.join(targetDir, "scripts"));
|
|
29
|
-
// 2.
|
|
33
|
+
// 2. Generate Identity (Keys & DID)
|
|
34
|
+
console.log(chalk.blue("š Generating cryptographic identity..."));
|
|
35
|
+
const identity = await generateIdentity();
|
|
36
|
+
// 3. Create package.json with all scripts
|
|
30
37
|
const packageJson = {
|
|
31
38
|
name: projectName,
|
|
32
39
|
version: "0.1.0",
|
|
@@ -37,8 +44,12 @@ export async function fetchCloudflareMcpiTemplate(targetDir, options) {
|
|
|
37
44
|
start: "wrangler dev",
|
|
38
45
|
test: "vitest",
|
|
39
46
|
"cf-typegen": "wrangler types",
|
|
40
|
-
"
|
|
41
|
-
"
|
|
47
|
+
"setup": "node scripts/setup.js",
|
|
48
|
+
"kv:create-nonce": `wrangler kv:namespace create ${projectNameUpper}_NONCE_CACHE`,
|
|
49
|
+
"kv:create-proof": `wrangler kv:namespace create ${projectNameUpper}_PROOF_ARCHIVE`,
|
|
50
|
+
"kv:create-identity": `wrangler kv:namespace create ${projectNameUpper}_IDENTITY_STORAGE`,
|
|
51
|
+
"kv:create-delegation": `wrangler kv:namespace create ${projectNameUpper}_DELEGATION_STORAGE`,
|
|
52
|
+
"kv:create-tool-protection": `wrangler kv:namespace create ${projectNameUpper}_TOOL_PROTECTION_KV`
|
|
42
53
|
},
|
|
43
54
|
dependencies: {
|
|
44
55
|
"@kya-os/mcp-i-cloudflare": "^1.5.8-canary.47",
|
|
@@ -57,10 +68,7 @@ export async function fetchCloudflareMcpiTemplate(targetDir, options) {
|
|
|
57
68
|
await fs.writeJson(path.join(targetDir, "package.json"), packageJson, {
|
|
58
69
|
spaces: 2,
|
|
59
70
|
});
|
|
60
|
-
//
|
|
61
|
-
console.log(chalk.blue("š Generating cryptographic identity..."));
|
|
62
|
-
const identity = await generateIdentity();
|
|
63
|
-
// 4. Create .dev.vars (Secrets)
|
|
71
|
+
// 4. Create .dev.vars with ALL secrets
|
|
64
72
|
const devVarsContent = `# Secrets for local development
|
|
65
73
|
# Generated by create-mcpi-app
|
|
66
74
|
|
|
@@ -68,10 +76,14 @@ export async function fetchCloudflareMcpiTemplate(targetDir, options) {
|
|
|
68
76
|
MCP_IDENTITY_PRIVATE_KEY="${identity.privateKey}"
|
|
69
77
|
|
|
70
78
|
# AgentShield Configuration
|
|
71
|
-
${apikey ? `AGENTSHIELD_API_KEY="${apikey}"` : '# AGENTSHIELD_API_KEY=""'}
|
|
79
|
+
${apikey ? `AGENTSHIELD_API_KEY="${apikey}"` : '# AGENTSHIELD_API_KEY="sk_YOUR_API_KEY_HERE"'}
|
|
80
|
+
|
|
81
|
+
# Admin API Key for cache management
|
|
82
|
+
# Generate a secure key: openssl rand -base64 32
|
|
83
|
+
ADMIN_API_KEY="${generateAdminApiKey()}"
|
|
72
84
|
`;
|
|
73
85
|
await fs.writeFile(path.join(targetDir, ".dev.vars"), devVarsContent);
|
|
74
|
-
// 5. Create wrangler.toml
|
|
86
|
+
// 5. Create wrangler.toml with all KV namespaces (placeholders initially)
|
|
75
87
|
const wranglerToml = `#:schema node_modules/wrangler/config-schema.json
|
|
76
88
|
name = "${projectName}"
|
|
77
89
|
main = "src/index.ts"
|
|
@@ -87,21 +99,136 @@ class_name = "${toPascalCase(projectName)}MCP"
|
|
|
87
99
|
tag = "v1"
|
|
88
100
|
new_classes = ["${toPascalCase(projectName)}MCP"]
|
|
89
101
|
|
|
90
|
-
#
|
|
91
|
-
#
|
|
92
|
-
#
|
|
93
|
-
#
|
|
94
|
-
#
|
|
102
|
+
# Cron trigger for proof batch queue flushing (OPTIONAL - CURRENTLY DISABLED)
|
|
103
|
+
#
|
|
104
|
+
# NOTE: Cloudflare Workers cron triggers are currently experiencing API parsing issues
|
|
105
|
+
# that prevent deployment. This section is commented out by default.
|
|
106
|
+
#
|
|
107
|
+
# Proofs will still work correctly without cron because:
|
|
108
|
+
# 1. First proof submits immediately (for dashboard setup detection)
|
|
109
|
+
# 2. Proofs auto-flush when batch size is reached (default: 10 proofs)
|
|
110
|
+
#
|
|
111
|
+
# If you want to enable cron-based flushing in the future:
|
|
112
|
+
# 1. Uncomment the section below
|
|
113
|
+
# 2. Adjust the schedule as needed (cron format: minute hour day month weekday)
|
|
114
|
+
# 3. Try deploying - if it fails with "Could not parse request body", cron triggers
|
|
115
|
+
# may not be supported for your account/region yet
|
|
116
|
+
#
|
|
117
|
+
# [[triggers.crons]]
|
|
118
|
+
# cron = "*/5 * * * *" # Every 5 minutes
|
|
119
|
+
#
|
|
120
|
+
# Note: Proofs are also flushed immediately when batch size is reached (default: 10 proofs),
|
|
121
|
+
# so cron is mainly for flushing small batches that haven't reached the size limit yet.
|
|
122
|
+
|
|
123
|
+
# KV Namespace for nonce cache (REQUIRED for replay attack prevention)
|
|
124
|
+
#
|
|
125
|
+
# RECOMMENDED: Share a single NONCE_CACHE namespace across all MCP-I workers
|
|
126
|
+
# This namespace is automatically created by the setup script (npm run setup)
|
|
127
|
+
# If you need to recreate it: npm run kv:create-nonce
|
|
128
|
+
[[kv_namespaces]]
|
|
129
|
+
binding = "${projectNameUpper}_NONCE_CACHE"
|
|
130
|
+
id = "TODO_REPLACE_WITH_ID" # Auto-filled by setup script
|
|
131
|
+
|
|
132
|
+
# KV Namespace for proof archive (RECOMMENDED for auditability)
|
|
133
|
+
#
|
|
134
|
+
# Stores detached cryptographic proofs for all tool calls
|
|
135
|
+
# Enables proof querying, session tracking, and audit trails
|
|
136
|
+
# This namespace is automatically created by the setup script (npm run setup)
|
|
137
|
+
# If you need to recreate it: npm run kv:create-proof
|
|
138
|
+
#
|
|
139
|
+
# Note: Comment out if you don't need proof archiving
|
|
140
|
+
[[kv_namespaces]]
|
|
141
|
+
binding = "${projectNameUpper}_PROOF_ARCHIVE"
|
|
142
|
+
id = "TODO_REPLACE_WITH_ID" # Auto-filled by setup script
|
|
143
|
+
|
|
144
|
+
# KV Namespace for identity storage (RECOMMENDED for persistent agent identity)
|
|
145
|
+
#
|
|
146
|
+
# Stores the agent's cryptographic identity (DID, keys) in KV
|
|
147
|
+
# Ensures consistent identity across Worker restarts and deployments
|
|
148
|
+
# This namespace is automatically created by the setup script (npm run setup)
|
|
149
|
+
# If you need to recreate it: npm run kv:create-identity
|
|
150
|
+
[[kv_namespaces]]
|
|
151
|
+
binding = "${projectNameUpper}_IDENTITY_STORAGE"
|
|
152
|
+
id = "TODO_REPLACE_WITH_ID" # Auto-filled by setup script
|
|
153
|
+
|
|
154
|
+
# KV Namespace for delegation storage (REQUIRED for OAuth/delegation flows)
|
|
155
|
+
#
|
|
156
|
+
# Stores active delegations from users to agents
|
|
157
|
+
# Enables OAuth consent flows and scope-based authorization
|
|
158
|
+
# This namespace is automatically created by the setup script (npm run setup)
|
|
159
|
+
# If you need to recreate it: npm run kv:create-delegation
|
|
160
|
+
[[kv_namespaces]]
|
|
161
|
+
binding = "${projectNameUpper}_DELEGATION_STORAGE"
|
|
162
|
+
id = "TODO_REPLACE_WITH_ID" # Auto-filled by setup script
|
|
163
|
+
|
|
164
|
+
# KV Namespace for tool protection config (ENABLED for dashboard-controlled delegation)
|
|
165
|
+
#
|
|
166
|
+
# š Enables dynamic tool protection configuration from AgentShield dashboard
|
|
167
|
+
# Caches which tools require user delegation based on dashboard toggle switches
|
|
168
|
+
#
|
|
169
|
+
# Benefits:
|
|
170
|
+
# - Control tool permissions from AgentShield dashboard without code changes
|
|
171
|
+
# - Update delegation requirements in real-time (5-minute cache)
|
|
172
|
+
# - No redeployments needed to change tool permissions
|
|
173
|
+
#
|
|
174
|
+
# Setup:
|
|
175
|
+
# This namespace is automatically created by the setup script (npm run setup)
|
|
176
|
+
# If you need to recreate it: npm run kv:create-tool-protection
|
|
177
|
+
# After deployment, toggle delegation requirements in AgentShield dashboard
|
|
178
|
+
#
|
|
179
|
+
# Note: This namespace is REQUIRED when using AgentShield API key (--apikey)
|
|
180
|
+
# It will be automatically created by the setup script (npm run setup)
|
|
181
|
+
[[kv_namespaces]]
|
|
182
|
+
binding = "${projectNameUpper}_TOOL_PROTECTION_KV"
|
|
183
|
+
id = "TODO_REPLACE_WITH_ID" # Auto-filled by setup script
|
|
95
184
|
|
|
96
185
|
[vars]
|
|
97
|
-
#
|
|
186
|
+
# Agent DID (public identifier - safe to commit)
|
|
187
|
+
MCP_IDENTITY_AGENT_DID = "${identity.did}"
|
|
188
|
+
|
|
189
|
+
# Public identity key (safe to commit - not sensitive)
|
|
190
|
+
MCP_IDENTITY_PUBLIC_KEY = "${identity.publicKey}"
|
|
191
|
+
|
|
192
|
+
# Private identity key (SECRET - NOT declared here)
|
|
193
|
+
# For local development: Add to .dev.vars file
|
|
194
|
+
# For production: Use wrangler secret put MCP_IDENTITY_PRIVATE_KEY
|
|
195
|
+
|
|
196
|
+
# ALLOWED_ORIGINS for CORS (update for production)
|
|
197
|
+
ALLOWED_ORIGINS = "https://claude.ai,https://app.anthropic.com"
|
|
198
|
+
|
|
199
|
+
# DO routing strategy: "session" for dev, "shard" for production high-load
|
|
200
|
+
DO_ROUTING_STRATEGY = "session"
|
|
201
|
+
DO_SHARD_COUNT = "10" # Number of shards if using shard strategy
|
|
202
|
+
|
|
203
|
+
XMCP_I_TS_SKEW_SEC = "120"
|
|
204
|
+
XMCP_I_SESSION_TTL = "1800"
|
|
205
|
+
|
|
206
|
+
# AgentShield Integration (https://kya.vouched.id)
|
|
98
207
|
AGENTSHIELD_API_URL = "https://kya.vouched.id"
|
|
99
|
-
|
|
208
|
+
|
|
209
|
+
# AGENTSHIELD_PROJECT_ID - Your project ID from AgentShield dashboard (e.g., "batman-txh0ae")
|
|
210
|
+
# Required for project-scoped tool protection configuration (recommended)
|
|
211
|
+
# Find it in your dashboard URL: https://kya.vouched.id/dashboard/projects/{PROJECT_ID}
|
|
212
|
+
# Or in your project settings
|
|
213
|
+
# This is not sensitive, so it's safe to keep a value here
|
|
100
214
|
${projectId ? `AGENTSHIELD_PROJECT_ID = "${projectId}"` : '# AGENTSHIELD_PROJECT_ID = "your-project-id"'}
|
|
101
215
|
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
216
|
+
MCPI_ENV = "development"
|
|
217
|
+
|
|
218
|
+
# Secrets (NOT declared here - see instructions below)
|
|
219
|
+
# For local development: Add secrets to .dev.vars file
|
|
220
|
+
# For production: Use wrangler secret put COMMAND_NAME
|
|
221
|
+
# $ wrangler secret put MCP_IDENTITY_PRIVATE_KEY
|
|
222
|
+
# $ wrangler secret put AGENTSHIELD_API_KEY
|
|
223
|
+
# $ wrangler secret put ADMIN_API_KEY
|
|
224
|
+
|
|
225
|
+
# Note: .dev.vars is git-ignored and contains actual secret values for local dev
|
|
226
|
+
|
|
227
|
+
# Optional: MCP Server URL for tool discovery and consent page generation
|
|
228
|
+
# Uncomment to explicitly set your MCP server URL (auto-detected from request origin if not set)
|
|
229
|
+
# IMPORTANT: Use base URL WITHOUT /mcp suffix (e.g., "https://your-worker.workers.dev")
|
|
230
|
+
# The consent pages are at /consent, not /mcp/consent
|
|
231
|
+
# MCP_SERVER_URL = "https://${projectName}.YOUR-SUBDOMAIN.workers.dev"
|
|
105
232
|
`;
|
|
106
233
|
await fs.writeFile(path.join(targetDir, "wrangler.toml"), wranglerToml);
|
|
107
234
|
// 6. Create src/index.ts (Entry Point)
|
|
@@ -169,7 +296,7 @@ export const greetTool: ToolDefinition = {
|
|
|
169
296
|
inputSchema: {
|
|
170
297
|
type: "object",
|
|
171
298
|
properties: {
|
|
172
|
-
name: { type: "string" },
|
|
299
|
+
name: { type: "string", description: "Name of the person to greet" },
|
|
173
300
|
},
|
|
174
301
|
required: ["name"],
|
|
175
302
|
},
|
|
@@ -178,7 +305,7 @@ export const greetTool: ToolDefinition = {
|
|
|
178
305
|
content: [
|
|
179
306
|
{
|
|
180
307
|
type: "text",
|
|
181
|
-
text: \`Hello, \${args.name}
|
|
308
|
+
text: \`Hello, \${args.name}! Welcome to ${projectName}.\`,
|
|
182
309
|
},
|
|
183
310
|
],
|
|
184
311
|
};
|
|
@@ -204,48 +331,108 @@ const config: RuntimeConfig = {
|
|
|
204
331
|
export default config;
|
|
205
332
|
`;
|
|
206
333
|
await fs.writeFile(path.join(targetDir, "src/mcpi-runtime-config.ts"), runtimeConfigTs);
|
|
207
|
-
// 10. Create scripts/setup.js (Key Regeneration Script)
|
|
208
|
-
|
|
209
|
-
|
|
334
|
+
// 10. Create scripts/setup.js (KV Namespace Creation & Key Regeneration Script)
|
|
335
|
+
const setupJs = `#!/usr/bin/env node
|
|
336
|
+
const { execSync } = require('child_process');
|
|
210
337
|
const fs = require('fs');
|
|
211
338
|
const path = require('path');
|
|
212
|
-
const
|
|
213
|
-
const { promisify } = require('util');
|
|
339
|
+
const crypto = require('crypto');
|
|
214
340
|
|
|
215
|
-
|
|
216
|
-
|
|
217
|
-
// or assume node_modules are installed.
|
|
218
|
-
// Since this runs after install, we can try to use the installed packages if available,
|
|
219
|
-
// or fallback to standard crypto.
|
|
341
|
+
const projectName = '${projectName}';
|
|
342
|
+
const projectNameUpper = '${projectNameUpper}';
|
|
220
343
|
|
|
221
|
-
|
|
222
|
-
|
|
344
|
+
console.log('š Setting up MCP-I Cloudflare Worker...');
|
|
345
|
+
console.log('');
|
|
346
|
+
|
|
347
|
+
// Function to execute command and capture output
|
|
348
|
+
function exec(command, silent = false) {
|
|
349
|
+
try {
|
|
350
|
+
const output = execSync(command, { encoding: 'utf8', stdio: silent ? 'pipe' : 'inherit' });
|
|
351
|
+
return output?.trim();
|
|
352
|
+
} catch (error) {
|
|
353
|
+
if (!silent) {
|
|
354
|
+
console.error(\`ā Command failed: \${command}\`);
|
|
355
|
+
console.error(error.message);
|
|
356
|
+
}
|
|
357
|
+
return null;
|
|
358
|
+
}
|
|
359
|
+
}
|
|
360
|
+
|
|
361
|
+
// Function to extract namespace ID from wrangler output
|
|
362
|
+
function extractNamespaceId(output) {
|
|
363
|
+
// Match patterns like: id = "abc123" or { id: "abc123" }
|
|
364
|
+
const match = output.match(/id\\s*[:=]\\s*"([^"]+)"/);
|
|
365
|
+
return match ? match[1] : null;
|
|
366
|
+
}
|
|
367
|
+
|
|
368
|
+
// Function to update wrangler.toml with namespace ID
|
|
369
|
+
function updateWranglerToml(binding, namespaceId) {
|
|
370
|
+
const wranglerPath = path.join(__dirname, '..', 'wrangler.toml');
|
|
371
|
+
let content = fs.readFileSync(wranglerPath, 'utf8');
|
|
372
|
+
|
|
373
|
+
// Find the binding section and update the ID
|
|
374
|
+
const bindingPattern = new RegExp(\`binding\\\\s*=\\\\s*"\${binding}"[^\\\\[]*id\\\\s*=\\\\s*"[^"]*"\`, 's');
|
|
375
|
+
content = content.replace(bindingPattern, (match) => {
|
|
376
|
+
return match.replace(/id\\s*=\\s*"[^"]*"/, \`id = "\${namespaceId}"\`);
|
|
377
|
+
});
|
|
378
|
+
|
|
379
|
+
fs.writeFileSync(wranglerPath, content);
|
|
380
|
+
console.log(\`ā
Updated wrangler.toml with \${binding} namespace ID: \${namespaceId}\`);
|
|
381
|
+
}
|
|
223
382
|
|
|
224
|
-
|
|
225
|
-
|
|
383
|
+
// Create KV namespaces
|
|
384
|
+
const namespaces = [
|
|
385
|
+
{ binding: \`\${projectNameUpper}_NONCE_CACHE\`, name: 'NONCE_CACHE', description: 'Nonce cache for replay attack prevention' },
|
|
386
|
+
{ binding: \`\${projectNameUpper}_PROOF_ARCHIVE\`, name: 'PROOF_ARCHIVE', description: 'Proof archive for auditability' },
|
|
387
|
+
{ binding: \`\${projectNameUpper}_IDENTITY_STORAGE\`, name: 'IDENTITY_STORAGE', description: 'Identity storage for persistent agent identity' },
|
|
388
|
+
{ binding: \`\${projectNameUpper}_DELEGATION_STORAGE\`, name: 'DELEGATION_STORAGE', description: 'Delegation storage for OAuth flows' },
|
|
389
|
+
{ binding: \`\${projectNameUpper}_TOOL_PROTECTION_KV\`, name: 'TOOL_PROTECTION_KV', description: 'Tool protection configuration cache' },
|
|
390
|
+
];
|
|
226
391
|
|
|
227
|
-
|
|
228
|
-
|
|
229
|
-
const publicKeyBase64 = publicKey.export({ format: 'der', type: 'spki' }).toString('base64');
|
|
392
|
+
console.log('š¦ Creating KV namespaces...');
|
|
393
|
+
console.log('');
|
|
230
394
|
|
|
231
|
-
|
|
232
|
-
|
|
233
|
-
|
|
395
|
+
for (const ns of namespaces) {
|
|
396
|
+
console.log(\`Creating \${ns.name} (\${ns.description})...\`);
|
|
397
|
+
|
|
398
|
+
// Try to create the namespace
|
|
399
|
+
const output = exec(\`wrangler kv:namespace create \${ns.binding}\`, true);
|
|
234
400
|
|
|
235
|
-
|
|
236
|
-
|
|
237
|
-
|
|
238
|
-
|
|
239
|
-
|
|
240
|
-
|
|
241
|
-
|
|
242
|
-
|
|
243
|
-
|
|
401
|
+
if (output) {
|
|
402
|
+
const namespaceId = extractNamespaceId(output);
|
|
403
|
+
if (namespaceId) {
|
|
404
|
+
updateWranglerToml(ns.binding, namespaceId);
|
|
405
|
+
} else {
|
|
406
|
+
console.log(\`ā ļø Could not extract namespace ID for \${ns.binding}. You may need to update wrangler.toml manually.\`);
|
|
407
|
+
console.log(\` Output: \${output}\`);
|
|
408
|
+
}
|
|
409
|
+
} else {
|
|
410
|
+
// Namespace might already exist, try to list and find it
|
|
411
|
+
console.log(\` Checking if namespace already exists...\`);
|
|
412
|
+
const listOutput = exec(\`wrangler kv:namespace list\`, true);
|
|
413
|
+
if (listOutput && listOutput.includes(ns.binding)) {
|
|
414
|
+
console.log(\` ā Namespace \${ns.binding} already exists\`);
|
|
415
|
+
} else {
|
|
416
|
+
console.log(\` ā ļø Could not create or find namespace \${ns.binding}. You may need to create it manually.\`);
|
|
417
|
+
}
|
|
418
|
+
}
|
|
244
419
|
}
|
|
245
420
|
|
|
246
|
-
|
|
421
|
+
console.log('');
|
|
422
|
+
console.log('āØ Setup complete!');
|
|
423
|
+
console.log('');
|
|
424
|
+
console.log('Next steps:');
|
|
425
|
+
console.log('1. Review wrangler.toml to ensure all namespace IDs are populated');
|
|
426
|
+
console.log('2. Run "npm run dev" to start the development server');
|
|
427
|
+
console.log('3. Run "npm run deploy" to deploy to Cloudflare Workers');
|
|
428
|
+
console.log('');
|
|
429
|
+
console.log('For production deployment:');
|
|
430
|
+
console.log(' wrangler secret put MCP_IDENTITY_PRIVATE_KEY');
|
|
431
|
+
console.log(' wrangler secret put AGENTSHIELD_API_KEY');
|
|
432
|
+
console.log(' wrangler secret put ADMIN_API_KEY');
|
|
247
433
|
`;
|
|
248
434
|
await fs.writeFile(path.join(targetDir, "scripts/setup.js"), setupJs);
|
|
435
|
+
await fs.chmod(path.join(targetDir, "scripts/setup.js"), '755');
|
|
249
436
|
// 11. Create tsconfig.json
|
|
250
437
|
const tsConfig = {
|
|
251
438
|
compilerOptions: {
|
|
@@ -272,8 +459,22 @@ dist
|
|
|
272
459
|
await fs.writeFile(path.join(targetDir, ".gitignore"), gitignore);
|
|
273
460
|
console.log(chalk.green("ā Created Cloudflare MCP-I template files"));
|
|
274
461
|
console.log(chalk.gray(" - Generated identity keys in .dev.vars"));
|
|
275
|
-
console.log(chalk.gray(" - Configured wrangler.toml"));
|
|
462
|
+
console.log(chalk.gray(" - Configured wrangler.toml with KV namespaces"));
|
|
276
463
|
console.log(chalk.gray(" - Created modular tool structure"));
|
|
464
|
+
console.log(chalk.gray(" - Created setup script for KV namespace creation"));
|
|
465
|
+
// 13. Run npm install first
|
|
466
|
+
console.log(chalk.blue("\nš¦ Installing dependencies..."));
|
|
467
|
+
await runCommand(packageManager, ["install"], targetDir);
|
|
468
|
+
// 14. Run setup script to create KV namespaces
|
|
469
|
+
console.log(chalk.blue("\nš§ Running setup script to create KV namespaces..."));
|
|
470
|
+
try {
|
|
471
|
+
await runCommand("node", ["scripts/setup.js"], targetDir);
|
|
472
|
+
}
|
|
473
|
+
catch (error) {
|
|
474
|
+
console.log(chalk.yellow("\nā ļø Setup script encountered issues. You may need to:"));
|
|
475
|
+
console.log(chalk.yellow(" 1. Make sure you're logged in to Cloudflare: wrangler login"));
|
|
476
|
+
console.log(chalk.yellow(" 2. Run 'npm run setup' manually after logging in"));
|
|
477
|
+
}
|
|
277
478
|
}
|
|
278
479
|
function toPascalCase(str) {
|
|
279
480
|
return str
|
|
@@ -283,4 +484,26 @@ function toPascalCase(str) {
|
|
|
283
484
|
.replace(/\s+/g, "")
|
|
284
485
|
.replace(/-/g, "");
|
|
285
486
|
}
|
|
487
|
+
function generateAdminApiKey() {
|
|
488
|
+
// Generate a secure random API key
|
|
489
|
+
return Buffer.from(crypto.randomBytes(32)).toString('base64');
|
|
490
|
+
}
|
|
491
|
+
function runCommand(command, args, cwd) {
|
|
492
|
+
return new Promise((resolve, reject) => {
|
|
493
|
+
const child = spawn(command, args, {
|
|
494
|
+
cwd,
|
|
495
|
+
stdio: 'inherit',
|
|
496
|
+
shell: process.platform === 'win32'
|
|
497
|
+
});
|
|
498
|
+
child.on('error', reject);
|
|
499
|
+
child.on('exit', (code) => {
|
|
500
|
+
if (code === 0) {
|
|
501
|
+
resolve();
|
|
502
|
+
}
|
|
503
|
+
else {
|
|
504
|
+
reject(new Error(`Command failed with exit code ${code}`));
|
|
505
|
+
}
|
|
506
|
+
});
|
|
507
|
+
});
|
|
508
|
+
}
|
|
286
509
|
//# sourceMappingURL=fetch-cloudflare-mcpi-template.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"fetch-cloudflare-mcpi-template.js","sourceRoot":"","sources":["../../src/helpers/fetch-cloudflare-mcpi-template.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,UAAU,CAAC;AAC1B,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,gBAAgB,EAAE,MAAM,
|
|
1
|
+
{"version":3,"file":"fetch-cloudflare-mcpi-template.js","sourceRoot":"","sources":["../../src/helpers/fetch-cloudflare-mcpi-template.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,UAAU,CAAC;AAC1B,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AACtC,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAU1D;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,KAAK,UAAU,2BAA2B,CAC/C,SAAiB,EACjB,OAA2C;IAE3C,yEAAyE;IACzE,MAAM,IAAI,GAA8B,OAAO,OAAO,KAAK,QAAQ;QACjE,CAAC,CAAC,EAAE,cAAc,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE;QACjD,CAAC,CAAC,OAAO,CAAC;IAEZ,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,SAAS,EAAE,cAAc,EAAE,GAAG,IAAI,CAAC;IAChE,MAAM,gBAAgB,GAAG,WAAW,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IAEtE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,+CAA+C,WAAW,KAAK,CAAC,CAAC,CAAC;IAEzF,gCAAgC;IAChC,MAAM,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC;IAChD,MAAM,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,CAAC;IACtD,MAAM,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC;IAEpD,oCAAoC;IACpC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,yCAAyC,CAAC,CAAC,CAAC;IACnE,MAAM,QAAQ,GAAG,MAAM,gBAAgB,EAAE,CAAC;IAE1C,0CAA0C;IAC1C,MAAM,WAAW,GAAG;QAClB,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,OAAO;QAChB,OAAO,EAAE,IAAI;QACb,OAAO,EAAE;YACP,MAAM,EAAE,iBAAiB;YACzB,GAAG,EAAE,cAAc;YACnB,KAAK,EAAE,cAAc;YACrB,IAAI,EAAE,QAAQ;YACd,YAAY,EAAE,gBAAgB;YAC9B,OAAO,EAAE,uBAAuB;YAChC,iBAAiB,EAAE,gCAAgC,gBAAgB,cAAc;YACjF,iBAAiB,EAAE,gCAAgC,gBAAgB,gBAAgB;YACnF,oBAAoB,EAAE,gCAAgC,gBAAgB,mBAAmB;YACzF,sBAAsB,EAAE,gCAAgC,gBAAgB,qBAAqB;YAC7F,2BAA2B,EAAE,gCAAgC,gBAAgB,qBAAqB;SACnG;QACD,YAAY,EAAE;YACZ,0BAA0B,EAAE,kBAAkB;YAC9C,2BAA2B,EAAE,QAAQ;YACrC,MAAM,EAAE,QAAQ;SACjB;QACD,eAAe,EAAE;YACf,iCAAiC,EAAE,QAAQ;YAC3C,2BAA2B,EAAE,eAAe;YAC5C,aAAa,EAAE,SAAS;YACxB,YAAY,EAAE,QAAQ;YACtB,QAAQ,EAAE,OAAO;YACjB,UAAU,EAAE,UAAU;SACvB;KACF,CAAC;IAEF,MAAM,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,cAAc,CAAC,EAAE,WAAW,EAAE;QACpE,MAAM,EAAE,CAAC;KACV,CAAC,CAAC;IAEH,uCAAuC;IACvC,MAAM,cAAc,GAAG;;;;4BAIG,QAAQ,CAAC,UAAU;;;EAG7C,MAAM,CAAC,CAAC,CAAC,wBAAwB,MAAM,GAAG,CAAC,CAAC,CAAC,8CAA8C;;;;iBAI5E,mBAAmB,EAAE;CACrC,CAAC;IAEA,MAAM,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,WAAW,CAAC,EAAE,cAAc,CAAC,CAAC;IAEtE,0EAA0E;IAC1E,MAAM,YAAY,GAAG;UACb,WAAW;;;;;;;;gBAQL,YAAY,CAAC,WAAW,CAAC;;;;kBAIvB,YAAY,CAAC,WAAW,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;aA6B9B,gBAAgB;;;;;;;;;;;;aAYhB,gBAAgB;;;;;;;;;;aAUhB,gBAAgB;;;;;;;;;;aAUhB,gBAAgB;;;;;;;;;;;;;;;;;;;;;aAqBhB,gBAAgB;;;;;4BAKD,QAAQ,CAAC,GAAG;;;6BAGX,QAAQ,CAAC,SAAS;;;;;;;;;;;;;;;;;;;;;;;;EAwB7C,SAAS,CAAC,CAAC,CAAC,6BAA6B,SAAS,GAAG,CAAC,CAAC,CAAC,8CAA8C;;;;;;;;;;;;;;;;;8BAiB1E,WAAW;CACxC,CAAC;IAEA,MAAM,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,EAAE,YAAY,CAAC,CAAC;IAExE,uCAAuC;IACvC,MAAM,OAAO,GAAG;WACP,YAAY,CAAC,WAAW,CAAC;;;;;WAKzB,YAAY,CAAC,WAAW,CAAC;;;aAGvB,WAAW;;;;;;;;WAQb,YAAY,CAAC,WAAW,CAAC;CACnC,CAAC;IAEA,MAAM,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,cAAc,CAAC,EAAE,OAAO,CAAC,CAAC;IAElE,uCAAuC;IACvC,MAAM,OAAO,GAAG;;;;;;;eAOH,YAAY,CAAC,WAAW,CAAC;;;;;;;;;;;;;;;;;;;;;;;;eAwBzB,YAAY,CAAC,WAAW,CAAC,eAAe,YAAY,CAAC,WAAW,CAAC;CAC/E,CAAC;IAEA,MAAM,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,cAAc,CAAC,EAAE,OAAO,CAAC,CAAC;IAElE,+BAA+B;IAC/B,MAAM,WAAW,GAAG;;;;;;;;;;;;;;;;;qDAiB+B,WAAW;;;;;;CAM/D,CAAC;IAEA,MAAM,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,oBAAoB,CAAC,EAAE,WAAW,CAAC,CAAC;IAE5E,uCAAuC;IACvC,MAAM,eAAe,GAAG;;;;;;;;;;;;;;;CAezB,CAAC;IAEA,MAAM,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,4BAA4B,CAAC,EAAE,eAAe,CAAC,CAAC;IAExF,gFAAgF;IAChF,MAAM,OAAO,GAAG;;;;;;uBAMK,WAAW;4BACN,gBAAgB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA2F3C,CAAC;IAEA,MAAM,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,kBAAkB,CAAC,EAAE,OAAO,CAAC,CAAC;IACtE,MAAM,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,kBAAkB,CAAC,EAAE,KAAK,CAAC,CAAC;IAEhE,2BAA2B;IAC3B,MAAM,QAAQ,GAAG;QACf,eAAe,EAAE;YACf,MAAM,EAAE,QAAQ;YAChB,MAAM,EAAE,QAAQ;YAChB,gBAAgB,EAAE,SAAS;YAC3B,KAAK,EAAE,CAAC,2BAA2B,EAAE,gBAAgB,CAAC;YACtD,MAAM,EAAE,IAAI;YACZ,YAAY,EAAE,IAAI;YAClB,MAAM,EAAE,IAAI;SACb;QACD,OAAO,EAAE,CAAC,UAAU,CAAC;QACrB,OAAO,EAAE,CAAC,cAAc,CAAC;KAC1B,CAAC;IAEF,MAAM,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,EAAE,QAAQ,EAAE;QAClE,MAAM,EAAE,CAAC;KACV,CAAC,CAAC;IAEH,wBAAwB;IACxB,MAAM,SAAS,GAAG;;;;CAInB,CAAC;IAEA,MAAM,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,YAAY,CAAC,EAAE,SAAS,CAAC,CAAC;IAElE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,2CAA2C,CAAC,CAAC,CAAC;IACtE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,0CAA0C,CAAC,CAAC,CAAC;IACpE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC,CAAC;IAC3E,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAC,CAAC;IAC9D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,oDAAoD,CAAC,CAAC,CAAC;IAE9E,4BAA4B;IAC5B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC,CAAC;IAC3D,MAAM,UAAU,CAAC,cAAc,EAAE,CAAC,SAAS,CAAC,EAAE,SAAS,CAAC,CAAC;IAEzD,+CAA+C;IAC/C,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,sDAAsD,CAAC,CAAC,CAAC;IAChF,IAAI,CAAC;QACH,MAAM,UAAU,CAAC,MAAM,EAAE,CAAC,kBAAkB,CAAC,EAAE,SAAS,CAAC,CAAC;IAC5D,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,yDAAyD,CAAC,CAAC,CAAC;QACrF,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,gEAAgE,CAAC,CAAC,CAAC;QAC5F,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,qDAAqD,CAAC,CAAC,CAAC;IACnF,CAAC;AACH,CAAC;AAED,SAAS,YAAY,CAAC,GAAW;IAC/B,OAAO,GAAG;SACP,OAAO,CAAC,qBAAqB,EAAE,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC9C,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC;IAC5B,CAAC,CAAC;SACD,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC;SACnB,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;AACvB,CAAC;AAED,SAAS,mBAAmB;IAC1B,mCAAmC;IACnC,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AAChE,CAAC;AAED,SAAS,UAAU,CAAC,OAAe,EAAE,IAAc,EAAE,GAAW;IAC9D,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,EAAE,IAAI,EAAE;YACjC,GAAG;YACH,KAAK,EAAE,SAAS;YAChB,KAAK,EAAE,OAAO,CAAC,QAAQ,KAAK,OAAO;SACpC,CAAC,CAAC;QAEH,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAC1B,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;YACxB,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;gBACf,OAAO,EAAE,CAAC;YACZ,CAAC;iBAAM,CAAC;gBACN,MAAM,CAAC,IAAI,KAAK,CAAC,iCAAiC,IAAI,EAAE,CAAC,CAAC,CAAC;YAC7D,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC"}
|