@manifest-network/manifest-mcp-fred 0.8.0 → 0.10.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +9 -2
- package/dist/http/auth.d.ts +12 -0
- package/dist/http/auth.d.ts.map +1 -1
- package/dist/http/auth.js +12 -0
- package/dist/http/auth.js.map +1 -1
- package/dist/index.d.ts +2 -15
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +16 -628
- package/dist/index.js.map +1 -1
- package/dist/server/progress.d.ts +17 -0
- package/dist/server/progress.d.ts.map +1 -0
- package/dist/server/progress.js +33 -0
- package/dist/server/progress.js.map +1 -0
- package/dist/server/register-prompts.d.ts +7 -0
- package/dist/server/register-prompts.d.ts.map +1 -0
- package/dist/server/register-prompts.js +80 -0
- package/dist/server/register-prompts.js.map +1 -0
- package/dist/server/register-resources.d.ts +13 -0
- package/dist/server/register-resources.d.ts.map +1 -0
- package/dist/server/register-resources.js +119 -0
- package/dist/server/register-resources.js.map +1 -0
- package/dist/server/register-tools.d.ts +15 -0
- package/dist/server/register-tools.d.ts.map +1 -0
- package/dist/server/register-tools.js +431 -0
- package/dist/server/register-tools.js.map +1 -0
- package/package.json +2 -2
package/README.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# @manifest-network/manifest-mcp-fred
|
|
2
2
|
|
|
3
|
-
MCP server for Manifest provider (Fred) operations. Registers
|
|
3
|
+
MCP server for Manifest provider (Fred) operations. Registers 11 tools (plus 3 MCP resources and 3 prompts) for catalog browsing, deployment readiness, manifest preview, app deployment, status, logs, restart, update, diagnostics, releases, and ready-state polling. Composes on-chain operations with off-chain provider HTTP calls using ADR-036 authentication.
|
|
4
4
|
|
|
5
5
|
This package also **exports all tool functions and HTTP clients** for use by library consumers without requiring the MCP protocol.
|
|
6
6
|
|
|
@@ -15,7 +15,10 @@ npm install @manifest-network/manifest-mcp-fred
|
|
|
15
15
|
| Tool | Description |
|
|
16
16
|
|------|-------------|
|
|
17
17
|
| `browse_catalog` | Browse available providers and service tiers with health checks |
|
|
18
|
-
| `
|
|
18
|
+
| `check_deployment_readiness` | Pre-flight checks (balance, SKU availability, image pull) before `deploy_app` |
|
|
19
|
+
| `build_manifest_preview` | Preview the SDL/manifest that `deploy_app` would submit |
|
|
20
|
+
| `deploy_app` | Deploy a new application (create lease + deploy container, optional custom domain) |
|
|
21
|
+
| `wait_for_app_ready` | Poll provider until a deployed app reports ready |
|
|
19
22
|
| `app_status` | Get detailed status for a deployed app by lease UUID |
|
|
20
23
|
| `get_logs` | Get logs for a deployed app by lease UUID |
|
|
21
24
|
| `restart_app` | Restart a deployed app via the provider |
|
|
@@ -23,6 +26,10 @@ npm install @manifest-network/manifest-mcp-fred
|
|
|
23
26
|
| `app_diagnostics` | Get provision diagnostics for a deployed app |
|
|
24
27
|
| `app_releases` | Get release/version history for a deployed app |
|
|
25
28
|
|
|
29
|
+
## Resources & prompts
|
|
30
|
+
|
|
31
|
+
The Fred server also exposes 3 MCP resources (`manifest://leases/active`, `manifest://leases/recent`, `manifest://providers`) and 3 prompts (`deploy-containerized-app`, `diagnose-failing-app`, `shutdown-all-leases`).
|
|
32
|
+
|
|
26
33
|
## Usage
|
|
27
34
|
|
|
28
35
|
### As an MCP server (via node package)
|
package/dist/http/auth.d.ts
CHANGED
|
@@ -14,6 +14,18 @@ declare class AuthTimestampTracker {
|
|
|
14
14
|
private queue;
|
|
15
15
|
next(): Promise<number>;
|
|
16
16
|
}
|
|
17
|
+
/**
|
|
18
|
+
* Build the ADR-036 sign message for a generic provider/Fred call.
|
|
19
|
+
*
|
|
20
|
+
* NOTE (security): the message currently scopes a token to a tenant + lease +
|
|
21
|
+
* timestamp, but not to a specific HTTP operation. If the provider's replay
|
|
22
|
+
* tracker is per-endpoint rather than global, a token issued for a read
|
|
23
|
+
* endpoint (e.g. status) could be replayed against a mutating endpoint
|
|
24
|
+
* (e.g. restart, update) within the 30 s replay window. Tightening this
|
|
25
|
+
* requires a coordinated server change to also validate an operation scope —
|
|
26
|
+
* do not change this format unilaterally without updating the provider/Fred
|
|
27
|
+
* verifier in lockstep, or every auth call will fail.
|
|
28
|
+
*/
|
|
17
29
|
declare function createSignMessage(tenant: string, leaseUuid: string, timestamp: number): string;
|
|
18
30
|
declare function createLeaseDataSignMessage(leaseUuid: string, metaHashHex: string, timestamp: number): string;
|
|
19
31
|
interface AuthTokenPayload {
|
package/dist/http/auth.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.d.ts","names":[],"sources":["../../src/http/auth.ts"],"mappings":";;AAYA;;;;;;;;;cAAa,oBAAA;EAAA,QACH,IAAA;EAAA,QACA,KAAA;EAER,IAAA,CAAA,GAAQ,OAAA;AAAA
|
|
1
|
+
{"version":3,"file":"auth.d.ts","names":[],"sources":["../../src/http/auth.ts"],"mappings":";;AAYA;;;;;;;;;cAAa,oBAAA;EAAA,QACH,IAAA;EAAA,QACA,KAAA;EAER,IAAA,CAAA,GAAQ,OAAA;AAAA;;;;;;AAsCV;;;;;;;iBARgB,iBAAA,CACd,MAAA,UACA,SAAA,UACA,SAAA;AAAA,iBAKc,0BAAA,CACd,SAAA,UACA,WAAA,UACA,SAAA;AAAA,UAKe,gBAAA;EAAA,SACN,MAAA;EAAA,SACA,UAAA;EAAA,SACA,SAAA;EAAA,SACA,OAAA;EAAA,SACA,SAAA;EAAA,SACA,SAAA;AAAA;AAAA,iBAGK,eAAA,CACd,MAAA,UACA,SAAA,UACA,SAAA,UACA,MAAA,UACA,SAAA,UACA,WAAA"}
|
package/dist/http/auth.js
CHANGED
|
@@ -30,6 +30,18 @@ var AuthTimestampTracker = class {
|
|
|
30
30
|
return result;
|
|
31
31
|
}
|
|
32
32
|
};
|
|
33
|
+
/**
|
|
34
|
+
* Build the ADR-036 sign message for a generic provider/Fred call.
|
|
35
|
+
*
|
|
36
|
+
* NOTE (security): the message currently scopes a token to a tenant + lease +
|
|
37
|
+
* timestamp, but not to a specific HTTP operation. If the provider's replay
|
|
38
|
+
* tracker is per-endpoint rather than global, a token issued for a read
|
|
39
|
+
* endpoint (e.g. status) could be replayed against a mutating endpoint
|
|
40
|
+
* (e.g. restart, update) within the 30 s replay window. Tightening this
|
|
41
|
+
* requires a coordinated server change to also validate an operation scope —
|
|
42
|
+
* do not change this format unilaterally without updating the provider/Fred
|
|
43
|
+
* verifier in lockstep, or every auth call will fail.
|
|
44
|
+
*/
|
|
33
45
|
function createSignMessage(tenant, leaseUuid, timestamp) {
|
|
34
46
|
return `${tenant}:${leaseUuid}:${timestamp}`;
|
|
35
47
|
}
|
package/dist/http/auth.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.js","names":[],"sources":["../../src/http/auth.ts"],"sourcesContent":["import { toBase64 } from '@cosmjs/encoding';\n\n/**\n * Produces unix-second timestamps guaranteed unique across calls.\n *\n * ADR-036 signing is deterministic, so tokens sharing the same timestamp\n * produce identical signatures. The provider's replay tracker rejects\n * duplicate signatures on protected endpoints (connection, restart, update).\n * We wait for the wall clock to advance rather than drifting into the future\n * (the provider enforces a 30 s max token age and 10 s max-future-skew).\n * A promise queue serializes concurrent callers.\n */\nexport class AuthTimestampTracker {\n private last = 0;\n private queue: Promise<number> = Promise.resolve(0);\n\n next(): Promise<number> {\n const result = this.queue.then(async () => {\n let now = Math.floor(Date.now() / 1000);\n while (now <= this.last) {\n // Cap sleep at 1 s so forward clock jumps (e.g. NTP) are\n // picked up quickly instead of waiting the full precomputed delay.\n const sleepMs = Math.min((this.last - now + 1) * 1000, 1000);\n await new Promise((resolve) => setTimeout(resolve, sleepMs));\n now = Math.floor(Date.now() / 1000);\n }\n this.last = now;\n return now;\n });\n this.queue = result.catch(() => this.last);\n return result;\n }\n}\n\nexport function createSignMessage(\n tenant: string,\n leaseUuid: string,\n timestamp: number,\n): string {\n return `${tenant}:${leaseUuid}:${timestamp}`;\n}\n\nexport function createLeaseDataSignMessage(\n leaseUuid: string,\n metaHashHex: string,\n timestamp: number,\n): string {\n return `manifest lease data ${leaseUuid} ${metaHashHex} ${timestamp}`;\n}\n\nexport interface AuthTokenPayload {\n readonly tenant: string;\n readonly lease_uuid: string;\n readonly timestamp: number;\n readonly pub_key: string;\n readonly signature: string;\n readonly meta_hash?: string;\n}\n\nexport function createAuthToken(\n tenant: string,\n leaseUuid: string,\n timestamp: number,\n pubKey: string,\n signature: string,\n metaHashHex?: string,\n): string {\n const payload: AuthTokenPayload = {\n tenant,\n lease_uuid: leaseUuid,\n timestamp,\n pub_key: pubKey,\n signature,\n ...(metaHashHex !== undefined && { meta_hash: metaHashHex }),\n };\n return toBase64(new TextEncoder().encode(JSON.stringify(payload)));\n}\n"],"mappings":";;;;;;;;;;;;AAYA,IAAa,uBAAb,MAAkC;;AAChC,OAAQ,OAAO;AACf,OAAQ,QAAyB,QAAQ,QAAQ,EAAE;;CAEnD,OAAwB;EACtB,MAAM,SAAS,KAAK,MAAM,KAAK,YAAY;GACzC,IAAI,MAAM,KAAK,MAAM,KAAK,KAAK,GAAG,IAAK;AACvC,UAAO,OAAO,KAAK,MAAM;IAGvB,MAAM,UAAU,KAAK,KAAK,KAAK,OAAO,MAAM,KAAK,KAAM,IAAK;AAC5D,UAAM,IAAI,SAAS,YAAY,WAAW,SAAS,QAAQ,CAAC;AAC5D,UAAM,KAAK,MAAM,KAAK,KAAK,GAAG,IAAK;;AAErC,QAAK,OAAO;AACZ,UAAO;IACP;AACF,OAAK,QAAQ,OAAO,YAAY,KAAK,KAAK;AAC1C,SAAO
|
|
1
|
+
{"version":3,"file":"auth.js","names":[],"sources":["../../src/http/auth.ts"],"sourcesContent":["import { toBase64 } from '@cosmjs/encoding';\n\n/**\n * Produces unix-second timestamps guaranteed unique across calls.\n *\n * ADR-036 signing is deterministic, so tokens sharing the same timestamp\n * produce identical signatures. The provider's replay tracker rejects\n * duplicate signatures on protected endpoints (connection, restart, update).\n * We wait for the wall clock to advance rather than drifting into the future\n * (the provider enforces a 30 s max token age and 10 s max-future-skew).\n * A promise queue serializes concurrent callers.\n */\nexport class AuthTimestampTracker {\n private last = 0;\n private queue: Promise<number> = Promise.resolve(0);\n\n next(): Promise<number> {\n const result = this.queue.then(async () => {\n let now = Math.floor(Date.now() / 1000);\n while (now <= this.last) {\n // Cap sleep at 1 s so forward clock jumps (e.g. NTP) are\n // picked up quickly instead of waiting the full precomputed delay.\n const sleepMs = Math.min((this.last - now + 1) * 1000, 1000);\n await new Promise((resolve) => setTimeout(resolve, sleepMs));\n now = Math.floor(Date.now() / 1000);\n }\n this.last = now;\n return now;\n });\n this.queue = result.catch(() => this.last);\n return result;\n }\n}\n\n/**\n * Build the ADR-036 sign message for a generic provider/Fred call.\n *\n * NOTE (security): the message currently scopes a token to a tenant + lease +\n * timestamp, but not to a specific HTTP operation. If the provider's replay\n * tracker is per-endpoint rather than global, a token issued for a read\n * endpoint (e.g. status) could be replayed against a mutating endpoint\n * (e.g. restart, update) within the 30 s replay window. Tightening this\n * requires a coordinated server change to also validate an operation scope —\n * do not change this format unilaterally without updating the provider/Fred\n * verifier in lockstep, or every auth call will fail.\n */\nexport function createSignMessage(\n tenant: string,\n leaseUuid: string,\n timestamp: number,\n): string {\n return `${tenant}:${leaseUuid}:${timestamp}`;\n}\n\nexport function createLeaseDataSignMessage(\n leaseUuid: string,\n metaHashHex: string,\n timestamp: number,\n): string {\n return `manifest lease data ${leaseUuid} ${metaHashHex} ${timestamp}`;\n}\n\nexport interface AuthTokenPayload {\n readonly tenant: string;\n readonly lease_uuid: string;\n readonly timestamp: number;\n readonly pub_key: string;\n readonly signature: string;\n readonly meta_hash?: string;\n}\n\nexport function createAuthToken(\n tenant: string,\n leaseUuid: string,\n timestamp: number,\n pubKey: string,\n signature: string,\n metaHashHex?: string,\n): string {\n const payload: AuthTokenPayload = {\n tenant,\n lease_uuid: leaseUuid,\n timestamp,\n pub_key: pubKey,\n signature,\n ...(metaHashHex !== undefined && { meta_hash: metaHashHex }),\n };\n return toBase64(new TextEncoder().encode(JSON.stringify(payload)));\n}\n"],"mappings":";;;;;;;;;;;;AAYA,IAAa,uBAAb,MAAkC;;AAChC,OAAQ,OAAO;AACf,OAAQ,QAAyB,QAAQ,QAAQ,EAAE;;CAEnD,OAAwB;EACtB,MAAM,SAAS,KAAK,MAAM,KAAK,YAAY;GACzC,IAAI,MAAM,KAAK,MAAM,KAAK,KAAK,GAAG,IAAK;AACvC,UAAO,OAAO,KAAK,MAAM;IAGvB,MAAM,UAAU,KAAK,KAAK,KAAK,OAAO,MAAM,KAAK,KAAM,IAAK;AAC5D,UAAM,IAAI,SAAS,YAAY,WAAW,SAAS,QAAQ,CAAC;AAC5D,UAAM,KAAK,MAAM,KAAK,KAAK,GAAG,IAAK;;AAErC,QAAK,OAAO;AACZ,UAAO;IACP;AACF,OAAK,QAAQ,OAAO,YAAY,KAAK,KAAK;AAC1C,SAAO;;;;;;;;;;;;;;;AAgBX,SAAgB,kBACd,QACA,WACA,WACQ;AACR,QAAO,GAAG,OAAO,GAAG,UAAU,GAAG;;AAGnC,SAAgB,2BACd,WACA,aACA,WACQ;AACR,QAAO,uBAAuB,UAAU,GAAG,YAAY,GAAG;;AAY5D,SAAgB,gBACd,QACA,WACA,WACA,QACA,WACA,aACQ;CACR,MAAM,UAA4B;EAChC;EACA,YAAY;EACZ;EACA,SAAS;EACT;EACA,GAAI,gBAAgB,KAAA,KAAa,EAAE,WAAW,aAAa;EAC5D;AACD,QAAO,SAAS,IAAI,aAAa,CAAC,OAAO,KAAK,UAAU,QAAQ,CAAC,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { AuthTokenPayload, createAuthToken, createLeaseDataSignMessage, createSignMessage } from "./http/auth.js";
|
|
1
|
+
import { AuthTimestampTracker, AuthTokenPayload, createAuthToken, createLeaseDataSignMessage, createSignMessage } from "./http/auth.js";
|
|
2
2
|
import { ConnectionDetails, InstanceInfo, LeaseConnectionResponse, ProviderApiError, ProviderHealthResponse, ServiceConnectionDetails, checkedFetch, getLeaseConnectionInfo, getProviderHealth, uploadLeaseData, validateProviderUrl } from "./http/provider.js";
|
|
3
3
|
import { FredActionResponse, FredInstanceInfo, FredLeaseInfo, FredLeaseLogs, FredLeaseProvision, FredLeaseRelease, FredLeaseReleases, FredLeaseStatus, FredServiceStatus, MAX_TAIL, PollOptions, TerminalChainLeaseState, TerminalChainState, TerminalChainStateContext, TerminalChainStateError, getLeaseInfo, getLeaseLogs, getLeaseProvision, getLeaseReleases, getLeaseStatus, pollLeaseUntilReady, restartLease, updateLease } from "./http/fred.js";
|
|
4
4
|
import { BuildManifestOptions, ManifestFormat, ManifestValidationResult, buildManifest, buildStackManifest, deriveAppNameFromImage, getServiceNames, isStackManifest, mergeManifest, metaHashHex, normalizePorts, parseStackManifest, validateManifest, validateServiceName } from "./manifest.js";
|
|
@@ -23,24 +23,11 @@ declare class FredMCPServer {
|
|
|
23
23
|
private walletProvider;
|
|
24
24
|
private authTokens;
|
|
25
25
|
constructor(options: ManifestMCPServerOptions$1);
|
|
26
|
-
private registerTools;
|
|
27
|
-
private registerResources;
|
|
28
|
-
private registerPrompts;
|
|
29
|
-
/**
|
|
30
|
-
* Builds a fire-and-forget progress emitter for a long-running tool.
|
|
31
|
-
* Returns `undefined` if the caller didn't request progress (no
|
|
32
|
-
* `progressToken` in `extra._meta`); callers can branch on that to skip
|
|
33
|
-
* notification work entirely.
|
|
34
|
-
*
|
|
35
|
-
* Notifications are best-effort: failures are logged but don't fail the
|
|
36
|
-
* tool. Each call increments the progress counter.
|
|
37
|
-
*/
|
|
38
|
-
private progressEmitter;
|
|
39
26
|
getServer(): Server;
|
|
40
27
|
getClientManager(): CosmosClientManager;
|
|
41
28
|
disconnect(): void;
|
|
42
29
|
}
|
|
43
30
|
declare function createMnemonicFredServer(config: MnemonicServerConfig): Promise<FredMCPServer>;
|
|
44
31
|
//#endregion
|
|
45
|
-
export { type AuthTokenPayload, type BuildManifestOptions, type BuildManifestPreviewInput, type BuildManifestPreviewResult, type CheckDeploymentReadinessInput, type CheckDeploymentReadinessResult, type ConnectionDetails, type DeployAppInput, type DeployAppResult, type FredActionResponse, type FredInstanceInfo, type FredLeaseInfo, type FredLeaseLogs, type FredLeaseProvision, type FredLeaseRelease, type FredLeaseReleases, type FredLeaseStatus, FredMCPServer, type FredServiceStatus, INFRASTRUCTURE_ERROR_CODES, type InstanceInfo, type LeaseConnectionResponse, MAX_TAIL, type ManifestFormat, ManifestMCPError, ManifestMCPErrorCode, type ManifestMCPServerOptions, type ManifestPreviewServiceInput, type ManifestValidationResult, type PollOptions, ProviderApiError, type ProviderHealthResponse, type ServiceConfig, type ServiceConnectionDetails, type SkuSummary, type TerminalChainLeaseState, type TerminalChainState, type TerminalChainStateContext, TerminalChainStateError, type WaitForAppReadyOptions, type WaitForAppReadyResult, appStatus, browseCatalog, buildManifest, buildManifestPreview, buildStackManifest, checkDeploymentReadiness, checkedFetch, createAuthToken, createLeaseDataSignMessage, createMnemonicFredServer, createSignMessage, deployApp, deriveAppNameFromImage, fetchActiveLease, getAppLogs, getLeaseConnectionInfo, getLeaseInfo, getLeaseLogs, getLeaseProvision, getLeaseReleases, getLeaseStatus, getProviderHealth, getServiceNames, isStackManifest, mapWithConcurrency, mergeManifest, metaHashHex, normalizePorts, parseStackManifest, pollLeaseUntilReady, resolveProviderUrl, restartApp, restartLease, updateApp, updateLease, uploadLeaseData, validateManifest, validateProviderUrl, validateServiceName, waitForAppReady };
|
|
32
|
+
export { AuthTimestampTracker, type AuthTokenPayload, type BuildManifestOptions, type BuildManifestPreviewInput, type BuildManifestPreviewResult, type CheckDeploymentReadinessInput, type CheckDeploymentReadinessResult, type ConnectionDetails, type DeployAppInput, type DeployAppResult, type FredActionResponse, type FredInstanceInfo, type FredLeaseInfo, type FredLeaseLogs, type FredLeaseProvision, type FredLeaseRelease, type FredLeaseReleases, type FredLeaseStatus, FredMCPServer, type FredServiceStatus, INFRASTRUCTURE_ERROR_CODES, type InstanceInfo, type LeaseConnectionResponse, MAX_TAIL, type ManifestFormat, ManifestMCPError, ManifestMCPErrorCode, type ManifestMCPServerOptions, type ManifestPreviewServiceInput, type ManifestValidationResult, type PollOptions, ProviderApiError, type ProviderHealthResponse, type ServiceConfig, type ServiceConnectionDetails, type SkuSummary, type TerminalChainLeaseState, type TerminalChainState, type TerminalChainStateContext, TerminalChainStateError, type WaitForAppReadyOptions, type WaitForAppReadyResult, appStatus, browseCatalog, buildManifest, buildManifestPreview, buildStackManifest, checkDeploymentReadiness, checkedFetch, createAuthToken, createLeaseDataSignMessage, createMnemonicFredServer, createSignMessage, deployApp, deriveAppNameFromImage, fetchActiveLease, getAppLogs, getLeaseConnectionInfo, getLeaseInfo, getLeaseLogs, getLeaseProvision, getLeaseReleases, getLeaseStatus, getProviderHealth, getServiceNames, isStackManifest, mapWithConcurrency, mergeManifest, metaHashHex, normalizePorts, parseStackManifest, pollLeaseUntilReady, resolveProviderUrl, restartApp, restartLease, updateApp, updateLease, uploadLeaseData, validateManifest, validateProviderUrl, validateServiceName, waitForAppReady };
|
|
46
33
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","names":[],"sources":["../src/index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"index.d.ts","names":[],"sources":["../src/index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;cAkHa,aAAA;EAAA,QACH,SAAA;EAAA,QACA,aAAA;EAAA,QACA,cAAA;EAAA,QACA,UAAA;cAEI,OAAA,EAAS,0BAAA;EAqCrB,SAAA,CAAA,GAAa,MAAA;EAIb,gBAAA,CAAA,GAAoB,mBAAA;EAIpB,UAAA,CAAA;AAAA;AAAA,iBAKc,wBAAA,CACd,MAAA,EAAQ,oBAAA,GACP,OAAA,CAAQ,aAAA"}
|