@zereight/mcp-gitlab 2.0.32 → 2.0.34

package/build/test/test-geteffectiveprojectid.js

@@ -0,0 +1,236 @@
+/**
+ * Test suite for getEffectiveProjectId function
+ * Tests the behavior of project ID resolution with different environment configurations
+ */
+import { describe, test, before, after } from 'node:test';
+import assert from 'node:assert';
+import { launchServer, findAvailablePort, cleanupServers, TransportMode, HOST } from './utils/server-launcher.js';
+import { MockGitLabServer, findMockServerPort } from './utils/mock-gitlab-server.js';
+import { StreamableHTTPTestClient } from './clients/streamable-http-client.js';
+// Use the same token that will be passed via GITLAB_TOKEN_TEST environment variable
+const MOCK_TOKEN = process.env.GITLAB_TOKEN_TEST || 'glpat-mock-token-12345';
+const DEFAULT_PROJECT_ID = '123';
+const OTHER_PROJECT_ID = '456';
+console.log('🔍 Testing getEffectiveProjectId functionality');
+console.log('');
+describe('getEffectiveProjectId - No GITLAB_ALLOWED_PROJECT_IDS', () => {
+    let mcpUrl;
+    let mockGitLab;
+    let servers = [];
+    let client;
+    before(async () => {
+        // Start mock GitLab server
+        const mockPort = await findMockServerPort(9100);
+        mockGitLab = new MockGitLabServer({
+            port: mockPort,
+            validTokens: [MOCK_TOKEN]
+        });
+        await mockGitLab.start();
+        const mockGitLabUrl = mockGitLab.getUrl();
+        // Start MCP server WITHOUT GITLAB_ALLOWED_PROJECT_IDS
+        const mcpPort = await findAvailablePort(3100);
+        const server = await launchServer({
+            mode: TransportMode.STREAMABLE_HTTP,
+            port: mcpPort,
+            timeout: 5000,
+            env: {
+                STREAMABLE_HTTP: 'true',
+                GITLAB_API_URL: `${mockGitLabUrl}/api/v4`,
+                GITLAB_PROJECT_ID: DEFAULT_PROJECT_ID,
+                GITLAB_READ_ONLY_MODE: 'true',
+            }
+        });
+        servers.push(server);
+        mcpUrl = `http://${HOST}:${mcpPort}/mcp`;
+        client = new StreamableHTTPTestClient();
+        await client.connect(mcpUrl);
+        console.log(`Mock GitLab: ${mockGitLabUrl}`);
+        console.log(`MCP Server: ${mcpUrl}`);
+        console.log(`Default Project: ${DEFAULT_PROJECT_ID}`);
+    });
+    after(async () => {
+        if (client) {
+            await client.disconnect();
+        }
+        cleanupServers(servers);
+        if (mockGitLab) {
+            await mockGitLab.stop();
+        }
+    });
+    test('should use GITLAB_PROJECT_ID when no project_id is provided', async () => {
+        // Call get_project without specifying project_id
+        const result = await client.callTool('get_project', {
+            project_id: ''
+        });
+        assert.ok(result.content, 'Should have content');
+        const content = result.content[0];
+        assert.ok('text' in content, 'Content should have text');
+        const project = JSON.parse(content.text);
+        // The mock server should receive a request for the default project
+        assert.strictEqual(project.id.toString(), DEFAULT_PROJECT_ID, 'Should use GITLAB_PROJECT_ID as default');
+        console.log(`  ✓ Used default project ${DEFAULT_PROJECT_ID} when no project_id provided`);
+    });
+    test('should prioritize passed project_id over GITLAB_PROJECT_ID', async () => {
+        // Call get_project with a different project_id
+        const result = await client.callTool('get_project', {
+            project_id: OTHER_PROJECT_ID
+        });
+        assert.ok(result.content, 'Should have content');
+        const content = result.content[0];
+        assert.ok('text' in content, 'Content should have text');
+        const project = JSON.parse(content.text);
+        // Should use the passed project_id, not GITLAB_PROJECT_ID
+        assert.strictEqual(project.id.toString(), OTHER_PROJECT_ID, 'Should use passed project_id');
+        console.log(`  ✓ Used passed project_id ${OTHER_PROJECT_ID} instead of default ${DEFAULT_PROJECT_ID}`);
+    });
+});
+describe('getEffectiveProjectId - With single GITLAB_ALLOWED_PROJECT_IDS', () => {
+    let mcpUrl;
+    let mockGitLab;
+    let servers = [];
+    let client;
+    before(async () => {
+        // Start mock GitLab server
+        const mockPort = await findMockServerPort(9200);
+        mockGitLab = new MockGitLabServer({
+            port: mockPort,
+            validTokens: [MOCK_TOKEN]
+        });
+        await mockGitLab.start();
+        const mockGitLabUrl = mockGitLab.getUrl();
+        // Start MCP server WITH single GITLAB_ALLOWED_PROJECT_IDS
+        const mcpPort = await findAvailablePort(3200);
+        const server = await launchServer({
+            mode: TransportMode.STREAMABLE_HTTP,
+            port: mcpPort,
+            timeout: 5000,
+            env: {
+                STREAMABLE_HTTP: 'true',
+                GITLAB_API_URL: `${mockGitLabUrl}/api/v4`,
+                GITLAB_PROJECT_ID: DEFAULT_PROJECT_ID,
+                GITLAB_ALLOWED_PROJECT_IDS: DEFAULT_PROJECT_ID,
+                GITLAB_READ_ONLY_MODE: 'true',
+            }
+        });
+        servers.push(server);
+        mcpUrl = `http://${HOST}:${mcpPort}/mcp`;
+        client = new StreamableHTTPTestClient();
+        await client.connect(mcpUrl);
+        console.log(`Mock GitLab: ${mockGitLabUrl}`);
+        console.log(`MCP Server: ${mcpUrl}`);
+        console.log(`Allowed Project: ${DEFAULT_PROJECT_ID}`);
+    });
+    after(async () => {
+        if (client) {
+            await client.disconnect();
+        }
+        cleanupServers(servers);
+        if (mockGitLab) {
+            await mockGitLab.stop();
+        }
+    });
+    test('should use single allowed project as default', async () => {
+        const result = await client.callTool('get_project', {
+            project_id: ''
+        });
+        assert.ok(result.content, 'Should have content');
+        const content = result.content[0];
+        assert.ok('text' in content, 'Content should have text');
+        const project = JSON.parse(content.text);
+        assert.strictEqual(project.id.toString(), DEFAULT_PROJECT_ID, 'Should use allowed project as default');
+        console.log(`  ✓ Used allowed project ${DEFAULT_PROJECT_ID} as default`);
+    });
+    test('should reject access to non-allowed project', async () => {
+        try {
+            await client.callTool('get_project', {
+                project_id: OTHER_PROJECT_ID
+            });
+            assert.fail('Should have rejected access to non-allowed project');
+        }
+        catch (error) {
+            assert.ok(error instanceof Error);
+            assert.ok(error.message.includes('Access denied'), 'Should indicate access denied');
+            console.log('  ✓ Correctly rejected access to non-allowed project');
+        }
+    });
+});
+describe('getEffectiveProjectId - With multiple GITLAB_ALLOWED_PROJECT_IDS', () => {
+    let mcpUrl;
+    let mockGitLab;
+    let servers = [];
+    let client;
+    before(async () => {
+        // Start mock GitLab server
+        const mockPort = await findMockServerPort(9300);
+        mockGitLab = new MockGitLabServer({
+            port: mockPort,
+            validTokens: [MOCK_TOKEN]
+        });
+        await mockGitLab.start();
+        const mockGitLabUrl = mockGitLab.getUrl();
+        // Start MCP server WITH multiple GITLAB_ALLOWED_PROJECT_IDS
+        const mcpPort = await findAvailablePort(3300);
+        const server = await launchServer({
+            mode: TransportMode.STREAMABLE_HTTP,
+            port: mcpPort,
+            timeout: 5000,
+            env: {
+                STREAMABLE_HTTP: 'true',
+                GITLAB_API_URL: `${mockGitLabUrl}/api/v4`,
+                GITLAB_ALLOWED_PROJECT_IDS: `${DEFAULT_PROJECT_ID},${OTHER_PROJECT_ID}`,
+                GITLAB_READ_ONLY_MODE: 'true',
+            }
+        });
+        servers.push(server);
+        mcpUrl = `http://${HOST}:${mcpPort}/mcp`;
+        client = new StreamableHTTPTestClient();
+        await client.connect(mcpUrl);
+        console.log(`Mock GitLab: ${mockGitLabUrl}`);
+        console.log(`MCP Server: ${mcpUrl}`);
+        console.log(`Allowed Projects: ${DEFAULT_PROJECT_ID},${OTHER_PROJECT_ID}`);
+    });
+    after(async () => {
+        if (client) {
+            await client.disconnect();
+        }
+        cleanupServers(servers);
+        if (mockGitLab) {
+            await mockGitLab.stop();
+        }
+    });
+    test('should require explicit project_id when multiple projects allowed', async () => {
+        try {
+            await client.callTool('get_project', {
+                project_id: ''
+            });
+            assert.fail('Should have required explicit project_id');
+        }
+        catch (error) {
+            assert.ok(error instanceof Error);
+            assert.ok(error.message.includes('Please specify a project ID'), 'Should require project ID');
+            console.log('  ✓ Correctly required explicit project_id');
+        }
+    });
+    test('should allow access to first allowed project', async () => {
+        const result = await client.callTool('get_project', {
+            project_id: DEFAULT_PROJECT_ID
+        });
+        assert.ok(result.content, 'Should have content');
+        const content = result.content[0];
+        assert.ok('text' in content, 'Content should have text');
+        const project = JSON.parse(content.text);
+        assert.strictEqual(project.id.toString(), DEFAULT_PROJECT_ID, 'Should allow first project');
+        console.log(`  ✓ Allowed access to first project ${DEFAULT_PROJECT_ID}`);
+    });
+    test('should allow access to second allowed project', async () => {
+        const result = await client.callTool('get_project', {
+            project_id: OTHER_PROJECT_ID
+        });
+        assert.ok(result.content, 'Should have content');
+        const content = result.content[0];
+        assert.ok('text' in content, 'Content should have text');
+        const project = JSON.parse(content.text);
+        assert.strictEqual(project.id.toString(), OTHER_PROJECT_ID, 'Should allow second project');
+        console.log(`  ✓ Allowed access to second project ${OTHER_PROJECT_ID}`);
+    });
+});

package/build/test/test-upload-markdown.js

@@ -0,0 +1,148 @@
+import { describe, test, before, after } from 'node:test';
+import assert from 'node:assert';
+import { spawn } from 'node:child_process';
+import fs from 'node:fs';
+import os from 'node:os';
+import path from 'node:path';
+import { MockGitLabServer, findMockServerPort } from './utils/mock-gitlab-server.js';
+const MOCK_TOKEN = 'glpat-mock-token-12345';
+const TEST_PROJECT_ID = '123';
+function callUploadMarkdown(args, env, timeoutMs = 15_000) {
+    return new Promise((resolve, reject) => {
+        const proc = spawn('node', ['build/index.js'], {
+            stdio: ['pipe', 'pipe', 'pipe'],
+            env: { ...process.env, ...env },
+        });
+        const timer = setTimeout(() => {
+            proc.kill();
+            reject(new Error(`Process timed out after ${timeoutMs}ms`));
+        }, timeoutMs);
+        let stdout = '';
+        let stderr = '';
+        proc.stdout?.on('data', (d) => (stdout += d.toString()));
+        proc.stderr?.on('data', (d) => (stderr += d.toString()));
+        proc.on('error', (err) => {
+            clearTimeout(timer);
+            reject(new Error(`Failed to spawn process: ${err.message}`));
+        });
+        proc.on('close', () => {
+            clearTimeout(timer);
+            const lines = stdout.split('\n').filter(l => l.trim().startsWith('{'));
+            for (const line of lines) {
+                try {
+                    const parsed = JSON.parse(line);
+                    if (parsed.id === 1) {
+                        resolve(parsed);
+                        return;
+                    }
+                }
+                catch { /* try next line */ }
+            }
+            reject(new Error(`No matching JSON-RPC response found.\nstdout: ${stdout}\nstderr: ${stderr}`));
+        });
+        proc.stdin?.end(JSON.stringify({
+            jsonrpc: '2.0',
+            id: 1,
+            method: 'tools/call',
+            params: { name: 'upload_markdown', arguments: args },
+        }) + '\n');
+    });
+}
+const MOCK_UPLOAD_RESPONSE = {
+    id: 42,
+    alt: 'test-file.txt',
+    url: '/uploads/abc123secret/test-file.txt',
+    full_path: '/test-group/test-project/uploads/abc123secret/test-file.txt',
+    markdown: '[test-file.txt](/uploads/abc123secret/test-file.txt)',
+};
+describe('upload_markdown', () => {
+    let mockGitLab;
+    let env;
+    // Captured per-request state, reset before each invocation via the handler
+    let lastContentType;
+    let lastRawBody;
+    before(async () => {
+        const port = await findMockServerPort(9200);
+        mockGitLab = new MockGitLabServer({ port, validTokens: [MOCK_TOKEN] });
+        await mockGitLab.start();
+        env = {
+            GITLAB_API_URL: `${mockGitLab.getUrl()}/api/v4`,
+            GITLAB_PERSONAL_ACCESS_TOKEN: MOCK_TOKEN,
+        };
+        mockGitLab.addMockHandler('post', `/projects/${TEST_PROJECT_ID}/uploads`, (req, res) => {
+            lastContentType = req.headers['content-type'];
+            const chunks = [];
+            req.on('data', (chunk) => chunks.push(chunk));
+            req.on('end', () => {
+                lastRawBody = Buffer.concat(chunks).toString('binary');
+                res.status(201).json(MOCK_UPLOAD_RESPONSE);
+            });
+        });
+    });
+    after(async () => {
+        await mockGitLab.stop();
+    });
+    test('Content-Type is multipart/form-data with a boundary', async () => {
+        const tmpFile = path.join(os.tmpdir(), 'mcp-upload-ct-test.txt');
+        fs.writeFileSync(tmpFile, 'content-type test');
+        try {
+            await callUploadMarkdown({ project_id: TEST_PROJECT_ID, file_path: tmpFile }, env);
+            assert.ok(lastContentType, 'Content-Type header must be present');
+            assert.ok(lastContentType.startsWith('multipart/form-data'), `Expected multipart/form-data, got: ${lastContentType}`);
+            assert.ok(lastContentType.includes('boundary='), `Content-Type must include boundary, got: ${lastContentType}`);
+        }
+        finally {
+            fs.unlinkSync(tmpFile);
+        }
+    });
+    test('multipart body contains a "file" field with the file content', async () => {
+        const tmpFile = path.join(os.tmpdir(), 'mcp-upload-body-test.txt');
+        const fileContent = 'hello from multipart upload test';
+        fs.writeFileSync(tmpFile, fileContent);
+        try {
+            await callUploadMarkdown({ project_id: TEST_PROJECT_ID, file_path: tmpFile }, env);
+            assert.ok(lastRawBody, 'Request body must be captured');
+            assert.ok(lastRawBody.includes('name="file"'), 'Multipart body should include a field named "file"');
+            assert.ok(lastRawBody.includes(fileContent), 'Multipart body should contain the uploaded file content');
+        }
+        finally {
+            fs.unlinkSync(tmpFile);
+        }
+    });
+    test('multipart body includes the original filename', async () => {
+        const tmpFile = path.join(os.tmpdir(), 'mcp-upload-filename-check.txt');
+        fs.writeFileSync(tmpFile, 'filename check');
+        try {
+            await callUploadMarkdown({ project_id: TEST_PROJECT_ID, file_path: tmpFile }, env);
+            assert.ok(lastRawBody, 'Request body must be captured');
+            assert.ok(lastRawBody.includes('mcp-upload-filename-check.txt'), 'Multipart body should include the original filename');
+        }
+        finally {
+            fs.unlinkSync(tmpFile);
+        }
+    });
+    test('returns markdown, url, alt, and full_path from upload response', async () => {
+        const tmpFile = path.join(os.tmpdir(), 'mcp-upload-response-test.txt');
+        fs.writeFileSync(tmpFile, 'response field test');
+        try {
+            const raw = await callUploadMarkdown({ project_id: TEST_PROJECT_ID, file_path: tmpFile }, env);
+            assert.ok(!raw.error, `Unexpected RPC error: ${raw.error?.message}`);
+            const text = raw.result?.content?.[0]?.text;
+            assert.ok(text, 'Result should contain a text content block');
+            const parsed = JSON.parse(text);
+            assert.strictEqual(parsed.markdown, MOCK_UPLOAD_RESPONSE.markdown);
+            assert.strictEqual(parsed.url, MOCK_UPLOAD_RESPONSE.url);
+            assert.strictEqual(parsed.alt, MOCK_UPLOAD_RESPONSE.alt);
+            assert.strictEqual(parsed.full_path, MOCK_UPLOAD_RESPONSE.full_path);
+        }
+        finally {
+            fs.unlinkSync(tmpFile);
+        }
+    });
+    test('returns an error when the file does not exist', async () => {
+        const raw = await callUploadMarkdown({ project_id: TEST_PROJECT_ID, file_path: '/nonexistent/no-such-file.txt' }, env);
+        const hasError = typeof raw.error?.message === 'string' ||
+            raw.result?.content?.some(c => c.text && (c.text.toLowerCase().includes('not found') || c.text.toLowerCase().includes('error')));
+        assert.ok(hasError, 'Should return an error for a nonexistent file path');
+    });
+});

package/build/test/utils/mock-gitlab-server.js

@@ -78,8 +78,12 @@ export class MockGitLabServer {
         this.app.use('/api/v4', (req, res, next) => {
             const authHeader = req.headers['authorization'];
             const privateToken = req.headers['private-token'];
+            const jobToken = req.headers['job-token'];
             let token = null;
-            if (authHeader) {
+            if (jobToken) {
+                token = jobToken.trim();
+            }
+            else if (authHeader) {
                 // Extract token from "Bearer <token>"
                 const match = authHeader.match(/^Bearer\s+(.+)$/i);
                 token = match ? match[1].trim() : null;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@zereight/mcp-gitlab",
-  "version": "2.0.32",
+  "version": "2.0.34",
   "description": "MCP server for using the GitLab API",
   "license": "MIT",
   "author": "zereight",