@teampitch/mcpx 0.2.1

package/src/index.ts

@@ -0,0 +1,364 @@
+import { readFileSync } from "node:fs";
+import { join, dirname } from "node:path";
+import { fileURLToPath } from "node:url";
+
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { WebStandardStreamableHTTPServerTransport } from "@modelcontextprotocol/sdk/server/webStandardStreamableHttp.js";
+import { Hono } from "hono";
+import { z } from "zod";
+
+import { createAuthVerifier, filterBackendsByClaims, type AuthClaims } from "./auth.js";
+import {
+  connectBackends,
+  generateTypeDefinitions,
+  generateToolListing,
+  refreshAllTools,
+  type Backend,
+} from "./backends.js";
+import { loadConfig } from "./config.js";
+import { executeCode } from "./executor.js";
+import { createOAuthRoutes } from "./oauth.js";
+import { startStdioServer } from "./stdio.js";
+import { watchConfig } from "./watcher.js";
+
+// Resolve version from package.json at startup
+const __dirname = dirname(fileURLToPath(import.meta.url));
+const pkg = JSON.parse(readFileSync(join(__dirname, "../package.json"), "utf-8")) as {
+  version: string;
+};
+const VERSION = pkg.version;
+
+const command = process.argv[2];
+
+// mcpx init [backend...]
+if (command === "init") {
+  const { runInit } = await import("./init.js");
+  runInit(process.argv.slice(3));
+  process.exit(0);
+}
+
+// mcpx stdio mcpx.json
+if (command === "stdio") {
+  const configPath = process.argv[3] ?? "mcpx.json";
+  await startStdioServer(configPath);
+  // Intentional: no process.exit() — StdioServerTransport keeps the event loop alive.
+}
+
+// HTTP server mode (default)
+const configPath = process.argv[2] ?? "mcpx.json";
+
+let config;
+try {
+  config = loadConfig(configPath);
+} catch (err) {
+  const msg =
+    (err as NodeJS.ErrnoException).code === "ENOENT"
+      ? `Config file not found: ${configPath}\n  Create it or pass the path as an argument: mcpx <config.json>`
+      : `Failed to load config from ${configPath}: ${(err as Error).message}`;
+  console.error(`mcpx startup error: ${msg}`);
+  process.exit(1);
+}
+
+console.log("mcpx starting...");
+console.log(`  version: ${VERSION}`);
+console.log(`  config: ${configPath}`);
+console.log(`  port: ${config.port}`);
+console.log(`  backends: ${Object.keys(config.backends).join(", ")}`);
+
+// Connect to all backend MCP servers
+console.log("\nConnecting to backends:");
+let backends: Map<string, import("./backends.js").Backend>;
+try {
+  backends = await connectBackends(config.backends);
+} catch (err) {
+  console.error(`Failed to connect backends: ${(err as Error).message}`);
+  process.exit(1);
+}
+
+if (backends.size === 0 && !config.failOpen) {
+  console.error(
+    "No backends connected. Check that your backend commands are installed and accessible.\n  Use failOpen: true in config to start anyway.",
+  );
+  process.exit(1);
+}
+
+if (backends.size === 0) {
+  console.warn("Warning: no backends connected (failOpen mode — server will start degraded)");
+}
+
+// Pre-generate type definitions and tool listing (mutable for hot-reload + tool refresh)
+let typeDefs = generateTypeDefinitions(backends);
+let toolListing = generateToolListing(backends);
+
+let totalTools = Array.from(backends.values()).reduce((sum, b) => sum + b.tools.length, 0);
+console.log(`\n${totalTools} tools from ${backends.size} backends → 2 Code Mode tools`);
+
+// Periodic tool refresh
+if (config.toolRefreshInterval && config.toolRefreshInterval > 0) {
+  setInterval(async () => {
+    try {
+      await refreshAllTools(backends);
+      typeDefs = generateTypeDefinitions(backends);
+      toolListing = generateToolListing(backends);
+      totalTools = Array.from(backends.values()).reduce((sum, b) => sum + b.tools.length, 0);
+    } catch (err) {
+      console.error("Tool refresh failed:", (err as Error).message);
+    }
+  }, config.toolRefreshInterval * 1000);
+}
+
+// Hot-reload: watch config file for changes
+watchConfig(configPath, backends, (newConfig, diff) => {
+  config = newConfig;
+  typeDefs = generateTypeDefinitions(backends);
+  toolListing = generateToolListing(backends);
+  totalTools = Array.from(backends.values()).reduce((sum, b) => sum + b.tools.length, 0);
+  console.log(
+    `Config reloaded: +${diff.added.length} -${diff.removed.length} ~${diff.changed.length} (${totalTools} tools)`,
+  );
+});
+
+// Create the MCP server with 2 Code Mode tools
+function createMcpServer(visibleBackends: Map<string, Backend>): McpServer {
+  const server = new McpServer({
+    name: "mcpx",
+    version: VERSION,
+  });
+
+  server.tool(
+    "search",
+    `Search available tools across all connected MCP servers. Returns type definitions for matched tools.
+
+Available tools:
+${toolListing}`,
+    {
+      query: z.string().describe("Search query — tool name, backend name, or keyword"),
+    },
+    async ({ query }) => {
+      const q = query.toLowerCase();
+      const matched: string[] = [];
+
+      for (const [name, backend] of visibleBackends) {
+        for (const tool of backend.tools) {
+          const fullName = `${name}_${tool.name}`;
+          const desc = tool.description?.toLowerCase() ?? "";
+          if (
+            fullName.toLowerCase().includes(q) ||
+            desc.includes(q) ||
+            name.toLowerCase().includes(q)
+          ) {
+            const params = tool.inputSchema?.properties
+              ? JSON.stringify(tool.inputSchema.properties, null, 2)
+              : "{}";
+            matched.push(`### ${fullName}\n${tool.description ?? ""}\nParameters: ${params}`);
+          }
+        }
+      }
+
+      if (matched.length === 0) {
+        return {
+          content: [
+            {
+              type: "text" as const,
+              text: `No tools found matching "${query}". Available backends: ${Array.from(visibleBackends.keys()).join(", ")}`,
+            },
+          ],
+        };
+      }
+
+      return {
+        content: [
+          {
+            type: "text" as const,
+            text: `Found ${matched.length} tools:\n\n${matched.join("\n\n")}`,
+          },
+        ],
+      };
+    },
+  );
+
+  server.tool(
+    "execute",
+    `Execute JavaScript code that calls MCP tools. The code runs in a V8 isolate.
+
+Write an async function body. Available tool functions (call with await):
+${typeDefs}
+
+Example (namespace style):
+  const result = await grafana.searchDashboards({ query: "pods" });
+  return result;
+
+Example (classic style):
+  const result = await grafana_search_dashboards({ query: "pods" });
+  return result;`,
+    { code: z.string().describe("JavaScript async function body to execute") },
+    async ({ code }) => {
+      const result = await executeCode(code, visibleBackends);
+
+      if (result.isErr()) {
+        const e = result.error;
+        let msg = e.kind === "runtime" ? `Execution failed with code ${e.code}` : e.message;
+        if (e.kind === "parse" && e.snippet) {
+          msg += `\n\n${e.snippet}`;
+        }
+        return {
+          content: [{ type: "text" as const, text: `Error: ${msg}` }],
+          isError: true,
+        };
+      }
+
+      const val = result.value.value;
+      const text = typeof val === "string" ? val : JSON.stringify(val, null, 2);
+      const logText =
+        result.value.logs.length > 0
+          ? `\n\n--- Console Output ---\n${result.value.logs.map((l) => `[${l.level}] ${l.args.map((a) => (typeof a === "string" ? a : JSON.stringify(a))).join(" ")}`).join("\n")}`
+          : "";
+
+      return {
+        content: [
+          {
+            type: "text" as const,
+            text: text + logText,
+          },
+        ],
+      };
+    },
+  );
+
+  return server;
+}
+
+// HTTP server with Hono
+const app = new Hono();
+
+// Record start time for uptime reporting
+const startedAt = Date.now();
+
+// Health check — includes uptime, version, and per-backend tool counts
+app.get("/health", (c) => {
+  const backendDetails = Array.from(backends.entries()).map(([name, backend]) => ({
+    name,
+    tools: backend.tools.length,
+  }));
+
+  return c.json({
+    status: backends.size === 0 ? "degraded" : "ok",
+    version: VERSION,
+    uptimeSeconds: Math.floor((Date.now() - startedAt) / 1000),
+    backends: backendDetails,
+    totalTools,
+  });
+});
+
+// Mount OAuth routes if configured
+if (config.auth?.oauth) {
+  createOAuthRoutes(config.auth.oauth, app);
+}
+
+// Auth middleware — JWT, bearer, OAuth, or open
+const verifier = createAuthVerifier(config);
+if (verifier) {
+  app.use("/mcp", async (c, next) => {
+    const authHeader = c.req.header("Authorization");
+    const token = authHeader?.replace(/^Bearer\s+/i, "");
+    if (!token) {
+      // Per MCP OAuth spec — include metadata URL in 401 response
+      const headers: Record<string, string> = {};
+      if (config.auth?.oauth) {
+        headers["WWW-Authenticate"] =
+          `Bearer resource_metadata="/.well-known/oauth-authorization-server"`;
+      }
+      return c.json({ error: "unauthorized" }, { status: 401, headers });
+    }
+
+    const result = await verifier(token);
+    if (result.isErr()) return c.json({ error: result.error }, 401);
+
+    // Store claims for per-backend filtering
+    c.set("claims" as never, result.value as never);
+    await next();
+  });
+}
+
+// Session management for stateful MCP connections
+const sessions = new Map<
+  string,
+  {
+    server: McpServer;
+    transport: WebStandardStreamableHTTPServerTransport;
+    lastAccess: number;
+  }
+>();
+const sessionTtlMs = (config.sessionTtlMinutes ?? 30) * 60 * 1000;
+
+// Expire stale sessions every minute
+setInterval(() => {
+  const now = Date.now();
+  for (const [id, session] of sessions) {
+    if (now - session.lastAccess > sessionTtlMs) {
+      sessions.delete(id);
+    }
+  }
+}, 60_000);
+
+// MCP endpoint — Streamable HTTP with session support
+app.all("/mcp", async (c) => {
+  // Resolve visible backends based on auth claims
+  const claims = c.get("claims" as never) as AuthClaims | undefined;
+  const visibleBackends = claims
+    ? filterBackendsByClaims(backends, claims, config.backends)
+    : backends;
+
+  const sessionId = c.req.header("mcp-session-id");
+
+  // Reuse existing session
+  if (sessionId && sessions.has(sessionId)) {
+    const session = sessions.get(sessionId)!;
+    session.lastAccess = Date.now();
+    const response = await session.transport.handleRequest(c.req.raw);
+    return response;
+  }
+
+  // New session
+  const server = createMcpServer(visibleBackends);
+  const transport = new WebStandardStreamableHTTPServerTransport({
+    sessionIdGenerator: () => crypto.randomUUID(),
+  });
+
+  await server.connect(transport);
+
+  // Store session after first response (which contains the session ID)
+  const response = await transport.handleRequest(c.req.raw);
+
+  const newSessionId = response.headers.get("mcp-session-id");
+  if (newSessionId) {
+    sessions.set(newSessionId, { server, transport, lastAccess: Date.now() });
+  }
+
+  return response;
+});
+
+// Graceful shutdown — disconnect all backend clients before exiting
+async function shutdown(signal: string): Promise<void> {
+  console.log(`\nmcpx received ${signal}, shutting down...`);
+  const disconnects = Array.from(backends.values()).map((b) =>
+    b.client.close().catch((err: Error) => {
+      console.error(`  failed to disconnect backend ${b.name}: ${err.message}`);
+    }),
+  );
+  await Promise.allSettled(disconnects);
+  console.log("mcpx shutdown complete");
+  process.exit(0);
+}
+
+process.on("SIGTERM", () => shutdown("SIGTERM"));
+process.on("SIGINT", () => shutdown("SIGINT"));
+
+console.log(`\nmcpx listening on http://localhost:${config.port}`);
+console.log(`  MCP endpoint: http://localhost:${config.port}/mcp`);
+console.log(`  Health: http://localhost:${config.port}/health`);
+
+export default {
+  port: config.port,
+  fetch: app.fetch,
+};

package/src/init.ts

@@ -0,0 +1,115 @@
+import { existsSync, readFileSync, writeFileSync } from "node:fs";
+import { resolve, join } from "node:path";
+import { homedir } from "node:os";
+
+interface McpJsonServer {
+  command?: string;
+  args?: string[];
+  env?: Record<string, string>;
+  type?: string;
+  url?: string;
+}
+
+/** Find and parse existing .mcp.json files from Claude Code */
+function findExistingMcpConfigs(): Record<string, McpJsonServer> {
+  const locations = [resolve(".mcp.json"), join(homedir(), ".claude.json")];
+
+  const servers: Record<string, McpJsonServer> = {};
+
+  for (const path of locations) {
+    if (!existsSync(path)) continue;
+    try {
+      const raw = JSON.parse(readFileSync(path, "utf-8"));
+      const mcpServers = raw.mcpServers ?? {};
+      for (const [name, config] of Object.entries(mcpServers)) {
+        servers[name] = config as McpJsonServer;
+      }
+      console.log(`  Found ${Object.keys(mcpServers).length} MCP servers in ${path}`);
+    } catch {
+      // skip unparseable files
+    }
+  }
+
+  return servers;
+}
+
+/** Convert a Claude Code MCP server config to an mcpx backend config */
+function convertToBackend(server: McpJsonServer): object | null {
+  if (server.type === "http" || server.url) {
+    return { transport: "http", url: server.url };
+  }
+
+  if (server.command) {
+    return {
+      transport: "stdio",
+      command: server.command,
+      args: server.args ?? [],
+      ...(server.env ? { env: server.env } : {}),
+    };
+  }
+
+  return null;
+}
+
+export function runInit(args?: string[]) {
+  const configPath = resolve("mcpx.json");
+
+  if (existsSync(configPath)) {
+    console.error("mcpx.json already exists. Delete it first to re-initialize.");
+    process.exit(1);
+  }
+
+  const isEmpty = args?.[0] === "--empty";
+  let backends: Record<string, object> = {};
+
+  if (isEmpty) {
+    // Empty config — user fills in manually
+    backends = {
+      "my-server": {
+        transport: "stdio",
+        command: "npx",
+        args: ["-y", "your-mcp-server"],
+        env: { API_KEY: "${YOUR_API_KEY}" },
+      },
+    };
+  } else {
+    // Default: scan for existing MCP configs
+    console.log("Scanning for existing MCP server configs...");
+    const existing = findExistingMcpConfigs();
+
+    if (Object.keys(existing).length === 0) {
+      console.log("  No MCP servers found in .mcp.json or ~/.claude.json");
+      console.log("  Creating empty config — edit mcpx.json to add your backends.\n");
+      backends = {
+        "my-server": {
+          transport: "stdio",
+          command: "npx",
+          args: ["-y", "your-mcp-server"],
+          env: { API_KEY: "${YOUR_API_KEY}" },
+        },
+      };
+    } else {
+      for (const [name, server] of Object.entries(existing)) {
+        const backend = convertToBackend(server);
+        if (backend) {
+          backends[name] = backend;
+          console.log(`  Imported: ${name}`);
+        } else {
+          console.log(`  Skipped: ${name} (unsupported config)`);
+        }
+      }
+    }
+  }
+
+  const config = { port: 3100, backends };
+
+  writeFileSync(configPath, JSON.stringify(config, null, 2) + "\n");
+
+  const count = Object.keys(backends).length;
+  console.log(`\nCreated mcpx.json with ${count} backend${count !== 1 ? "s" : ""}`);
+  console.log();
+  console.log("Next steps:");
+  console.log("  1. Edit mcpx.json — add or configure your MCP backends");
+  console.log("  2. Set environment variables referenced in the config");
+  console.log("  3. Run: bunx mcpx-tools stdio mcpx.json");
+}

package/src/k8s-controller.test.ts

@@ -0,0 +1,108 @@
+import { describe, test, expect } from "bun:test";
+
+import { crdToConfig } from "./k8s-controller.js";
+
+describe("crdToConfig", () => {
+  test("converts empty resources to empty backends", () => {
+    const config = crdToConfig(new Map());
+    expect(config.backends).toEqual({});
+    expect(config.port).toBe(3100);
+    expect(config.failOpen).toBe(true);
+  });
+
+  test("converts stdio backend", () => {
+    const resources = new Map([
+      [
+        "grafana",
+        {
+          transport: "stdio" as const,
+          command: "uvx",
+          args: ["mcp-grafana"],
+          env: { GRAFANA_URL: "http://localhost:3333" },
+        },
+      ],
+    ]);
+
+    const config = crdToConfig(resources);
+    expect(config.backends.grafana).toEqual({
+      transport: "stdio",
+      command: "uvx",
+      args: ["mcp-grafana"],
+      env: { GRAFANA_URL: "http://localhost:3333" },
+      url: undefined,
+      headers: undefined,
+      allowedRoles: undefined,
+      allowedTeams: undefined,
+    });
+  });
+
+  test("converts http backend with headers", () => {
+    const resources = new Map([
+      [
+        "remote",
+        {
+          transport: "http" as const,
+          url: "https://mcp.example.com/mcp",
+          headers: { Authorization: "Bearer token" },
+        },
+      ],
+    ]);
+
+    const config = crdToConfig(resources);
+    expect(config.backends.remote.transport).toBe("http");
+    expect(config.backends.remote.url).toBe("https://mcp.example.com/mcp");
+    expect(config.backends.remote.headers).toEqual({
+      Authorization: "Bearer token",
+    });
+  });
+
+  test("converts multiple backends", () => {
+    const resources = new Map([
+      ["grafana", { transport: "stdio" as const, command: "uvx", args: ["mcp-grafana"] }],
+      [
+        "github",
+        {
+          transport: "stdio" as const,
+          command: "docker",
+          args: ["run", "-i", "ghcr.io/github/github-mcp-server"],
+        },
+      ],
+    ]);
+
+    const config = crdToConfig(resources);
+    expect(Object.keys(config.backends)).toHaveLength(2);
+    expect(config.backends.grafana.command).toBe("uvx");
+    expect(config.backends.github.command).toBe("docker");
+  });
+
+  test("preserves access control fields", () => {
+    const resources = new Map([
+      [
+        "restricted",
+        {
+          transport: "stdio" as const,
+          command: "mcp-server",
+          allowedRoles: ["admin"],
+          allowedTeams: ["platform"],
+        },
+      ],
+    ]);
+
+    const config = crdToConfig(resources);
+    expect(config.backends.restricted.allowedRoles).toEqual(["admin"]);
+    expect(config.backends.restricted.allowedTeams).toEqual(["platform"]);
+  });
+
+  test("applies base config overrides", () => {
+    const resources = new Map();
+    const config = crdToConfig(resources, {
+      port: 4000,
+      authToken: "my-token",
+      sessionTtlMinutes: 60,
+    });
+
+    expect(config.port).toBe(4000);
+    expect(config.authToken).toBe("my-token");
+    expect(config.sessionTtlMinutes).toBe(60);
+  });
+});