@vfarcic/dot-ai 0.103.0 → 0.104.0

package/scripts/mcp.nu

@@ -0,0 +1,139 @@
+#!/usr/bin/env nu
+
+# Creates the MCP servers configuration file.
+#
+# Usage:
+# > main apply mcp
+# > main apply mcp --location my-custom-path.json
+# > main apply mcp --location [ my-custom-path.json, another-path.json ]
+# > main apply mcp --memory-file-path /custom/memory.json --anthropic-api-key XYZ --github-token ABC
+# > main apply mcp --enable-playwright
+# > main apply mcp --enable-context7
+# > main apply mcp --enable-git
+# > main apply mcp --enable-dot-ai --kubeconfig /path/to/kubeconfig
+# > main apply mcp --enable-dot-ai --dot-ai-version 1.2.3
+# > main apply mcp --enable-taskmaster
+# > main apply mcp --enable-memory
+# > main apply mcp --enable-github
+#
+def --env "main apply mcp" [
+    --location: list<string> = [".mcp.json"], # Path(s) where the MCP servers configuration file will be created (e.g., `".cursor/mcp.json", ".roo/mcp.json", ".vscode/mcp.json", "mcp.json"`)
+    --memory-file-path: string = "",         # Path to the memory file for the memory MCP server. If empty, defaults to an absolute path for 'memory.json' in CWD.
+    --anthropic-api-key: string = "",        # Anthropic API key for the taskmaster-ai MCP server. If empty, $env.ANTHROPIC_API_KEY is used if set.
+    --github-token: string = "",             # GitHub Personal Access Token for the github MCP server. If empty, $env.GITHUB_TOKEN is used if set.
+    --kubeconfig: string = "",               # Path to kubeconfig file for dot-ai MCP server. If empty, $env.KUBECONFIG is used if set.
+    --dot-ai-version: string = "latest",     # Version of dot-ai MCP server to use. Defaults to 'latest'
+    --enable-playwright = false,             # Enable Playwright MCP server for browser automation
+    --enable-context7 = false,               # Enable Context7 MCP server
+    --enable-git = false,                    # Enable Git MCP server
+    --enable-dot-ai = false,                 # Enable dot-ai MCP server
+    --enable-taskmaster = false,             # Enable taskmaster-ai MCP server (requires Anthropic API key)
+    --enable-memory = false,                 # Enable memory MCP server
+    --enable-github = false                  # Enable GitHub MCP server (requires GitHub token)
+] {
+    let resolved_memory_file_path = if $memory_file_path == "" {
+        (pwd) | path join "memory.json" | path expand
+    } else {
+        $memory_file_path
+    }
+
+    let resolved_anthropic_api_key = if $anthropic_api_key != "" {
+        $anthropic_api_key
+    } else if ("ANTHROPIC_API_KEY" in $env) {
+        $env.ANTHROPIC_API_KEY
+    } else {
+        ""
+    }
+
+    let resolved_github_token = if $github_token != "" {
+        $github_token
+    } else if ("GITHUB_TOKEN" in $env) {
+        $env.GITHUB_TOKEN
+    } else {
+        ""
+    }
+
+    let resolved_kubeconfig = if $kubeconfig != "" {
+        $kubeconfig
+    } else if ("KUBECONFIG" in $env) {
+        $env.KUBECONFIG
+    } else {
+        ""
+    }
+
+    mut mcp_servers_map = {}
+
+    if $enable_memory {
+        $mcp_servers_map = $mcp_servers_map | upsert "memory" {
+            command: "npx",
+            args: ["-y", "@modelcontextprotocol/server-memory"],
+            env: {
+                MEMORY_FILE_PATH: $resolved_memory_file_path
+            }
+        }
+    }
+
+    if $enable_context7 {
+        $mcp_servers_map = $mcp_servers_map | upsert "context7" {
+            command: "npx",
+            args: ["-y", "@upstash/context7-mcp"]
+        }
+    }
+
+    if $enable_taskmaster and $resolved_anthropic_api_key != "" {
+        $mcp_servers_map = $mcp_servers_map | upsert "taskmaster" {
+            command: "npx",
+            args: ["-y", "--package=task-master-ai", "task-master-ai"],
+            env: {
+                ANTHROPIC_API_KEY: $resolved_anthropic_api_key
+            }
+        }
+    }
+
+    if $enable_github and $resolved_github_token != "" {
+        $mcp_servers_map = $mcp_servers_map | upsert "github" {
+            command: "docker",
+            args: ["run", "-i", "--rm", "-e", "GITHUB_PERSONAL_ACCESS_TOKEN", "ghcr.io/github/github-mcp-server"],
+            env: {
+                GITHUB_PERSONAL_ACCESS_TOKEN: $resolved_github_token
+            }
+        }
+    }
+
+    if $enable_playwright {
+        $mcp_servers_map = $mcp_servers_map | upsert "playwright" {
+            command: "npx",
+            args: ["-y", "@playwright/mcp@latest"]
+        }
+    }
+
+    if $enable_git {
+        $mcp_servers_map = $mcp_servers_map | upsert "git" {
+            command: "uvx",
+            args: ["mcp-server-git"]
+        }
+    }
+
+    if $enable_dot_ai and $resolved_anthropic_api_key != "" and $resolved_kubeconfig != "" {
+        $mcp_servers_map = $mcp_servers_map | upsert "dot-ai" {
+            command: "npx",
+            args: ["-y", $"--package=@vfarcic/dot-ai@($dot_ai_version)", "dot-ai-mcp"],
+            env: {
+                KUBECONFIG: $resolved_kubeconfig,
+                DOT_AI_SESSION_DIR: "./tmp/sessions"
+            }
+        }
+    }
+
+    let config_record = { mcpServers: $mcp_servers_map }
+
+    for $output_location in $location {
+        let parent_dir = $output_location | path dirname
+        if not ($parent_dir | path exists) {
+            mkdir $parent_dir
+            print $"Created directory: ($parent_dir)"
+        }
+        $config_record | to json --indent 2 | save -f $output_location
+        print $"MCP servers configuration file created at: ($output_location)"
+    }
+} 

package/scripts/port.nu

@@ -0,0 +1,71 @@
+#!/usr/bin/env nu
+
+# Installs Port.io for software catalog management
+#
+# Examples:
+# > main apply port myuser my-repo
+def "main apply port" [
+    github_user: string
+    github_repo: string
+    --port-client-id: string,      # Port Client ID (optional, falls back to PORT_CLIENT_ID env var)
+    --port-client-secret: string   # Port Client Secret (optional, falls back to PORT_CLIENT_SECRET env var)
+] {
+
+    start "https://getport.io"
+
+    print $"
+(ansi yellow_bold)Sign Up(ansi reset) \(if not already registered\) and (ansi yellow_bold)Log In(ansi reset) to Port.
+Press any key to continue.
+"
+    input
+
+    mut client_id = $port_client_id
+    if ($client_id | is-empty) and ("PORT_CLIENT_ID" in $env) {
+        $client_id = $env.PORT_CLIENT_ID
+    } else if ($client_id | is-empty) {
+        error make { msg: "Port Client ID required via --port-client-id parameter or PORT_CLIENT_ID environment variable" }
+    }
+    $"export PORT_CLIENT_ID=($client_id)\n"
+        | save --append .env
+
+    mut client_secret = $port_client_secret
+    if ($client_secret | is-empty) and ("PORT_CLIENT_SECRET" in $env) {
+        $client_secret = $env.PORT_CLIENT_SECRET
+    } else if ($client_secret | is-empty) {
+        error make { msg: "Port Client Secret required via --port-client-secret parameter or PORT_CLIENT_SECRET environment variable" }
+    }
+    $"export PORT_CLIENT_SECRET=($client_secret)\n"
+        | save --append .env
+
+    print $"
+Install (ansi green_bold)Port's GitHub app(ansi reset).
+Open https://docs.getport.io/build-your-software-catalog/sync-data-to-catalog/git/github/#installation for more information.
+Press any key to continue.
+"
+    input
+
+    (
+        helm upgrade --install port-k8s-exporter port-k8s-exporter
+            --repo https://port-labs.github.io/helm-charts
+            --namespace port-k8s-exporter --create-namespace
+            --set $"secret.secrets.portClientId=($client_id)"
+            --set $"secret.secrets.portClientSecret=($client_secret)"
+            --set stateKey="k8s-exporter"
+            --set createDefaultResources=false
+            --set "extraEnv[0].name"="dot"
+            --set "extraEnv[0].value"=dot
+            --wait
+    )
+
+}
+
+# Guides cleanup of Port.io resources
+def "main delete port" [] {
+
+    print $"
+Delete all items from the (ansi yellow_bold)Catalog(ansi reset), (ansi yellow_bold)Self-service(ansi reset), and (ansi yellow_bold)Builder > Data model(ansi reset) pages in Port's Web UI.
+Press any key to continue.
+"
+    input
+
+}

package/scripts/prometheus.nu

@@ -0,0 +1,21 @@
+#!/usr/bin/env nu
+
+def apply_prometheus [ingress_class: string, ingress_host: string] {
+
+    open values-prometheus.yaml
+        | upsert grafana.ingress.ingressClassName $ingress_class
+        | upsert grafana.ingress.hosts.0 $"grafana.($ingress_host)"
+        | upsert prometheus.ingress.ingressClassName $ingress_class
+        | upsert prometheus.ingress.hosts.0 $"prometheus.($ingress_host)"
+        | save values-prometheus.yaml --force
+
+    (
+        helm upgrade --install
+            kube-prometheus-stack kube-prometheus-stack
+            --repo https://prometheus-community.github.io/helm-charts
+            --values values-prometheus.yaml
+            --namespace prometheus-system --create-namespace
+            --wait
+    )
+
+}

package/scripts/registry.nu

@@ -0,0 +1,55 @@
+#!/usr/bin/env nu
+
+# Returns registry information.
+#
+# Parameters:
+# --registry-server: Container registry server (optional, falls back to REGISTRY_SERVER env var)
+# --registry-user: Container registry user (optional, falls back to REGISTRY_USER env var)
+# --registry-email: Container registry email (optional, falls back to REGISTRY_EMAIL env var)
+# --registry-password: Container registry password/token (optional, falls back to REGISTRY_PASSWORD env var)
+#
+# Example: `{server: "my-server", user: "my-user", email: "my-email", password: "my-password"}`
+def --env "main get registry" [
+    --registry-server: string,
+    --registry-user: string,
+    --registry-email: string,
+    --registry-password: string
+]: [
+    string -> record
+] {
+
+    mut server = $registry_server
+    if ($server | is-empty) and ("REGISTRY_SERVER" in $env) {
+        $server = $env.REGISTRY_SERVER
+    } else if ($server | is-empty) {
+        error make { msg: "Registry server required via --registry-server parameter or REGISTRY_SERVER environment variable" }
+    }
+    $"export REGISTRY_SERVER=($server)\n" | save --append .env
+
+    mut user = $registry_user
+    if ($user | is-empty) and ("REGISTRY_USER" in $env) {
+        $user = $env.REGISTRY_USER
+    } else if ($user | is-empty) {
+        error make { msg: "Registry user required via --registry-user parameter or REGISTRY_USER environment variable" }
+    }
+    $"export REGISTRY_USER=($user)\n" | save --append .env
+
+    mut email = $registry_email
+    if ($email | is-empty) and ("REGISTRY_EMAIL" in $env) {
+        $email = $env.REGISTRY_EMAIL
+    } else if ($email | is-empty) {
+        error make { msg: "Registry email required via --registry-email parameter or REGISTRY_EMAIL environment variable" }
+    }
+    $"export REGISTRY_EMAIL=($email)\n" | save --append .env
+
+    mut password = $registry_password
+    if ($password | is-empty) and ("REGISTRY_PASSWORD" in $env) {
+        $password = $env.REGISTRY_PASSWORD
+    } else if ($password | is-empty) {
+        error make { msg: "Registry password required via --registry-password parameter or REGISTRY_PASSWORD environment variable" }
+    }
+    $"export REGISTRY_PASSWORD=($password)\n" | save --append .env
+
+    {server: $server, user: $user, email: $email, password: $password}
+
+}

package/scripts/storage.nu

@@ -0,0 +1,210 @@
+#!/usr/bin/env nu
+
+# Creates cloud storage resources based on the specified provider
+#
+# Returns:
+# A record with the storage bucket name
+def create_storage [provider: string, auth = true] {
+
+    let bucket = $"dot-(date now | format date "%Y%m%d%H%M%S")"
+    $"export STORAGE_NAME=($bucket)\n" | save --append .env
+
+    if $provider == "aws" {
+
+        (
+            aws s3api create-bucket --bucket $bucket
+                --region us-east-1
+        )
+        
+        aws iam create-user --user-name velero
+        
+        (
+            aws iam put-user-policy --user-name velero
+                --policy-name velero
+                --policy-document file://aws-storage-policy.json
+        )
+        
+        let access_key_id = (
+            aws iam create-access-key --user-name velero
+                | from json
+                | get AccessKey.AccessKeyId
+        )
+        $"export STORAGE_ACCESS_KEY_ID=($access_key_id)\n"
+            | save --append .env
+
+    } else if $provider == "google" {
+
+        if $auth {
+            gcloud auth login
+        }
+
+        (
+            gcloud storage buckets create $"gs://($bucket)"
+                --project $env.PROJECT_ID --location us-east1
+        )
+
+        (
+            gcloud iam service-accounts create velero
+                --project $env.PROJECT_ID --display-name "Velero"
+        )
+
+        let sa_email = $"velero@($env.PROJECT_ID).iam.gserviceaccount.com"
+
+        (
+            gcloud iam roles create velero.server
+                --project $env.PROJECT_ID
+                --file google-permissions.yaml
+        )
+
+        (
+            gcloud projects add-iam-policy-binding $env.PROJECT_ID
+                --member $"serviceAccount:($sa_email)"
+                --role $"projects/($env.PROJECT_ID)/roles/velero.server"
+        )
+
+        (
+            gsutil iam ch
+                $"serviceAccount:($sa_email):objectAdmin"
+                $"gs://($bucket)"
+        )
+
+        (
+            gcloud iam service-accounts keys create
+                google-creds.json --iam-account $sa_email
+        )
+
+    } else if $provider == "azure" {
+
+        let sa_id = $"velero(uuidgen | cut -d '-' -f5 | tr '[A-Z]' '[a-z]')"
+        $"export AZURE_SA_ID=($sa_id)\n" | save --append .env
+
+        (
+            az storage account create
+                --name $sa_id
+                --resource-group $env.RESOURCE_GROUP
+                --sku Standard_GRS --encryption-services blob
+                --https-only true --min-tls-version TLS1_2
+                --kind BlobStorage --access-tier Hot
+        )
+
+        (
+            az storage container create --name velero
+                --public-access off --account-name $sa_id
+                --resource-group $env.RESOURCE_GROUP
+        )
+
+        let subscription_id = (az account list 
+            --query '[?isDefault].id' --output tsv)
+
+        open azure-permissions.json
+            | upsert AssignableScopes.0 $"/subscriptions/($subscription_id)"
+            | save azure-permissions.json --force
+
+        (
+            az role definition create
+                --role-definition azure-permissions.json
+                --resource-group $env.RESOURCE_GROUP
+        )
+
+        let tenant_id = (az account list
+            --query '[?isDefault].tenantId' --output tsv)
+        
+        let client_secret = (az ad sp create-for-rbac
+            --name velero --role Velero --query 'password'
+            --output tsv
+            --scopes  $"/subscriptions/($subscription_id)"
+            --resource-group $env.RESOURCE_GROUP
+        )
+
+        let client_id = (az ad sp list --display-name "velero"
+            --query '[0].appId' --output tsv)
+        $"export AZURE_CLIENT_ID=($client_id)\n"
+            | save --append .env
+
+        $"AZURE_SUBSCRIPTION_ID=($subscription_id)
+AZURE_TENANT_ID=($tenant_id)
+AZURE_CLIENT_ID=($client_id)
+AZURE_CLIENT_SECRET=($client_secret)
+AZURE_RESOURCE_GROUP=($env.RESOURCE_GROUP)
+AZURE_CLOUD_NAME=AzurePublicCloud" | save azure-creds.env --force
+
+    } else {
+
+        print $"(ansi red_bold)($provider)(ansi reset) is not a supported."
+        exit 1
+
+    }
+
+    {name: $bucket}
+
+}
+
+# Destroys cloud storage resources created for the specified provider
+def destroy_storage [provider: string, storage_name: string, delete_project = true] {
+
+    if $provider == "aws" {
+
+        do --ignore-errors {
+            
+            (
+                aws iam delete-access-key --user-name velero
+                    --access-key-id $env.STORAGE_ACCESS_KEY_ID
+                    --region us-east-1
+            )
+
+            (
+                aws iam delete-user-policy --user-name velero
+                    --policy-name velero
+                    --region us-east-1
+            )
+
+            aws iam delete-user --user-name velero
+
+        }
+
+        (        
+            aws s3 rm $"s3://($storage_name)" --recursive
+                --include "*"
+        )
+
+        (
+            aws s3api delete-bucket --bucket $storage_name
+                --region us-east-1
+        )
+    
+    } else if $provider == "google" {
+
+        (
+            gcloud storage rm $"gs://($storage_name)" --recursive
+                --project $env.PROJECT_ID
+        )
+
+        if $delete_project {
+            gcloud projects delete $env.PROJECT_ID --quiet
+        }
+
+    } else if $provider == "azure" {
+
+        (
+            az storage container delete --name velero
+                --account-name $env.AZURE_SA_ID
+        )
+
+        (
+            az storage account delete
+                --name $env.AZURE_SA_ID
+                --resource-group $env.RESOURCE_GROUP --yes
+        )
+
+        az ad sp delete --id $env.AZURE_CLIENT_ID
+        
+        az role definition delete --name Velero
+
+    } else {
+
+        print $"(ansi red_bold)($provider)(ansi reset) is not a supported."
+        exit 1
+
+    }
+
+}

package/scripts/tests.nu

@@ -0,0 +1,12 @@
+#!/usr/bin/env nu
+
+# Builds a container image
+def "main run tests" [
+    --language = "go" # The language of the project; supported values: `go`
+] {
+
+    if $language == "go" {
+        go test -v $"(pwd)/..."
+    }
+
+}

package/scripts/toolhive.nu

@@ -0,0 +1,21 @@
+#!/usr/bin/env nu
+
+# Installs Stacklock Toolhive
+#
+# Examples:
+# > main apply toolhive
+def "main apply toolhive" [] {
+
+    (
+        helm upgrade --install toolhive-operator-crds
+            oci://ghcr.io/stacklok/toolhive/toolhive-operator-crds
+    )
+
+    (
+        helm upgrade --install toolhive-operator
+            oci://ghcr.io/stacklok/toolhive/toolhive-operator
+            --namespace toolhive-system --create-namespace
+            --wait
+    )
+
+}

package/scripts/velero.nu

@@ -0,0 +1,45 @@
+#!/usr/bin/env nu
+
+# Installs Velero backup and restore solution for Kubernetes with provider-specific configuration
+def apply_velero [provider: string, storage_name: string] {
+
+    if $provider == "aws" {
+
+        (
+            velero install --provider aws
+                --plugins velero/velero-plugin-for-aws:v1.10.0
+                --bucket $storage_name
+                --backup-location-config region=us-east-1
+                --snapshot-location-config region=us-east-1
+                --secret-file ./aws-creds.conf --output yaml
+        )
+
+    } else if $provider == "google" {
+
+        (
+            velero install --provider gcp
+                --plugins velero/velero-plugin-for-gcp:v1.11.0
+                --bucket $storage_name
+                --secret-file ./google-creds.json --output yaml
+        )
+
+    } else if $provider == "azure" {
+
+        (
+            velero install --provider azure
+                --plugins velero/velero-plugin-for-microsoft-azure:v1.11.0
+                --bucket $storage_name
+                --service-account-name velero
+                --pod-labels azure.workload.identity/use=true
+                --secret-file azure-creds.env
+                --backup-location-config $"useAAD='true',resourceGroup=($env.RESOURCE_GROUP),storageAccount=($env.AZURE_SA_ID)"
+        )
+
+    } else {
+
+        print $"(ansi red_bold)($provider)(ansi reset) is not a supported."
+        exit 1
+
+    }
+
+}