@thotischner/observability-mcp 1.7.1 → 1.8.1

package/dist/catalog/loader.test.js

@@ -0,0 +1,108 @@
+import { test } from "node:test";
+import assert from "node:assert/strict";
+import { mkdtemp, writeFile, rm } from "node:fs/promises";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import { readCatalogFile, validateCatalog, CatalogStore } from "./loader.js";
+test("readCatalogFile — missing path returns empty catalog", async () => {
+    const c = await readCatalogFile(undefined);
+    assert.deepEqual(c, { services: {} });
+});
+test("readCatalogFile — missing file returns empty catalog (no crash)", async () => {
+    const c = await readCatalogFile("/tmp/definitely-does-not-exist-omcp.json");
+    assert.deepEqual(c, { services: {} });
+});
+test("readCatalogFile — malformed JSON returns empty catalog", async () => {
+    const dir = await mkdtemp(join(tmpdir(), "omcp-catalog-"));
+    try {
+        const file = join(dir, "catalog.json");
+        await writeFile(file, "{this is not json", "utf8");
+        const c = await readCatalogFile(file);
+        assert.deepEqual(c, { services: {} });
+    }
+    finally {
+        await rm(dir, { recursive: true, force: true });
+    }
+});
+test("readCatalogFile — valid file returns parsed catalog", async () => {
+    const dir = await mkdtemp(join(tmpdir(), "omcp-catalog-"));
+    try {
+        const file = join(dir, "catalog.json");
+        await writeFile(file, JSON.stringify({
+            services: {
+                "payment-service": {
+                    owner: "team-payments",
+                    tier: "tier-1",
+                    dataClassification: "confidential",
+                    slo: "99.9%",
+                    runbooks: ["https://runbooks.example/payments"],
+                    tags: ["pci", "regulated"],
+                },
+            },
+        }), "utf8");
+        const c = await readCatalogFile(file);
+        assert.equal(c.services["payment-service"].owner, "team-payments");
+        assert.equal(c.services["payment-service"].tier, "tier-1");
+        assert.deepEqual(c.services["payment-service"].tags, ["pci", "regulated"]);
+    }
+    finally {
+        await rm(dir, { recursive: true, force: true });
+    }
+});
+test("validateCatalog — rejects invalid tier values", () => {
+    const c = validateCatalog({ services: { svc: { tier: "tier-9" } } });
+    assert.equal(c.services.svc.tier, undefined);
+});
+test("validateCatalog — rejects invalid data classification", () => {
+    const c = validateCatalog({ services: { svc: { dataClassification: "ultra-secret" } } });
+    assert.equal(c.services.svc.dataClassification, undefined);
+});
+test("validateCatalog — strips non-string entries from runbooks / tags", () => {
+    const c = validateCatalog({
+        services: { svc: { runbooks: ["a", 1, "b", null], tags: [{}, "tag1"] } },
+    });
+    assert.deepEqual(c.services.svc.runbooks, ["a", "b"]);
+    assert.deepEqual(c.services.svc.tags, ["tag1"]);
+});
+test("validateCatalog — skips non-object service entries", () => {
+    const c = validateCatalog({ services: { svc1: "string", svc2: null, svc3: { owner: "team" } } });
+    assert.equal(c.services.svc1, undefined);
+    assert.equal(c.services.svc2, undefined);
+    assert.equal(c.services.svc3.owner, "team");
+});
+test("CatalogStore — get / list / count / replace", () => {
+    const store = new CatalogStore({
+        services: {
+            a: { owner: "team-a" },
+            b: { owner: "team-b" },
+        },
+    });
+    assert.equal(store.count(), 2);
+    assert.equal(store.get("a")?.owner, "team-a");
+    assert.equal(store.get("nope"), undefined);
+    assert.equal(Object.keys(store.list()).length, 2);
+    store.replace({ services: { x: { owner: "team-x" } } });
+    assert.equal(store.count(), 1);
+    assert.equal(store.get("x")?.owner, "team-x");
+});
+test("CatalogStore — tenant filter scopes get / list / count", () => {
+    const store = new CatalogStore({
+        services: {
+            "acme-payments": { owner: "team-a", tenant: "acme" },
+            "bigco-payments": { owner: "team-b", tenant: "bigco" },
+            "shared-cdn": { owner: "team-c" }, // no tenant → "default"
+        },
+    });
+    // No tenant filter → see everything (admin-style read)
+    assert.equal(store.count(), 3);
+    // Tenant-scoped: each sees its own entries + nothing else
+    assert.equal(store.count("acme"), 1);
+    assert.equal(store.get("acme-payments", "acme")?.owner, "team-a");
+    assert.equal(store.get("bigco-payments", "acme"), undefined, "cross-tenant get must return undefined");
+    assert.equal(Object.keys(store.list("acme"))[0], "acme-payments");
+    // Default tenant includes entries with no tenant field
+    assert.equal(store.count("default"), 1);
+    assert.equal(store.get("shared-cdn", "default")?.owner, "team-c");
+    // Unknown tenant → empty
+    assert.equal(store.count("unknown"), 0);
+});

package/dist/context.d.ts

@@ -18,10 +18,22 @@ export interface RequestContext {
      * scoping (tools/services/lookback/read-only) is a separate concern.
      */
     allowedSources?: string[];
+    /** When true, the credential is allowed to opt out of redaction on a
+     *  per-tool-call basis. The actual bypass is engaged only when the
+     *  tool call ALSO sets `bypass_redaction: true` in its args. Default
+     *  false. Configured via OMCP_KEY_BYPASS_REDACTION. */
+    allowBypassRedaction?: boolean;
+    /** Tenant the request operates in. ALWAYS set — defaults to
+     *  "default" for anonymous principals + missing-tenant credentials,
+     *  preserving the single-namespace behaviour of pre-E7 deployments. */
+    tenant: string;
     /** Correlates all tool calls within one transport request/session. */
     correlationId: string;
 }
 /** Default all-access anonymous context — preserves current behaviour. */
 export declare function defaultContext(): RequestContext;
 /** Context for an authenticated API-key principal. */
-export declare function principalContext(principalId: string, allowedSources?: string[]): RequestContext;
+export declare function principalContext(principalId: string, allowedSources?: string[], opts?: {
+    allowBypassRedaction?: boolean;
+    tenant?: string;
+}): RequestContext;

package/dist/context.js

@@ -1,18 +1,22 @@
 import { randomUUID } from "node:crypto";
+import { DEFAULT_TENANT, normaliseTenant } from "./tenancy/context.js";
 /** Default all-access anonymous context — preserves current behaviour. */
 export function defaultContext() {
     return {
         principalId: "anonymous",
         auth: "anonymous",
+        tenant: DEFAULT_TENANT,
         correlationId: randomUUID(),
     };
 }
 /** Context for an authenticated API-key principal. */
-export function principalContext(principalId, allowedSources) {
+export function principalContext(principalId, allowedSources, opts = {}) {
     return {
         principalId,
         auth: "apikey",
         allowedSources: allowedSources && allowedSources.length > 0 ? allowedSources : undefined,
+        allowBypassRedaction: opts.allowBypassRedaction || undefined,
+        tenant: normaliseTenant(opts.tenant),
         correlationId: randomUUID(),
     };
 }