@zibby/mcp-cli 0.3.1 → 0.3.2

package/index.js

@@ -433,6 +433,237 @@ server.tool(
   }
 );
 
+// ─── Apps: Managed App instances (hosted n8n / grafana / gas-town etc) ─
+// Five tools mirroring the workflow surface above. Each shells out to
+// `zibby app …` and surfaces the CLI's text output to the agent.
+
+// ── Tool: list app templates (the catalog). Public endpoint — no auth.
+server.tool(
+  'zibby_list_app_templates',
+  'List the official Zibby app catalog (n8n, grafana, gas-town, open-webui, …). These are the same apps the marketplace deploys. No auth required — anyone can browse the catalog before signing in. Each entry exposes an `architectures` array listing the CPU arches it supports (x86_64 and/or arm64); pass the first entry to zibby_deploy_app\'s `architecture` arg to honor operator preference, or omit it entirely to let the server pick.',
+  {},
+  async () => cliResult(await runCli(['app', 'templates']))
+);
+
+// ── Tool: list deployed apps. Project-scoped when projectId is given;
+// otherwise lists every instance under the caller's account.
+server.tool(
+  'zibby_list_apps',
+  'List the user\'s deployed app instances (live status, app type/version, project). Pass projectId to scope to one project, otherwise returns everything under the account.',
+  {
+    projectId: z.string().min(1).optional()
+      .describe('Optional project ID — filter to one project\'s instances'),
+  },
+  async ({ projectId }) => {
+    const args = ['app', 'list'];
+    if (projectId) args.push('--project', projectId);
+    // Use the project API token when a project is supplied (matches the
+    // workflow tools' pattern); otherwise let the CLI fall back to the
+    // session token from ~/.zibby/config.json.
+    const extraEnv = {};
+    if (projectId) {
+      const apiKey = getProjectApiToken(projectId);
+      if (apiKey) extraEnv.ZIBBY_API_KEY = apiKey;
+    }
+    return cliResult(await runCli(args, { extraEnv }));
+  }
+);
+
+// ── Tool: deploy an app. Picks a catalog entry and provisions a new
+// hosted instance under the target project. The CLI's interactive
+// project picker is skipped here because we require projectId up front.
+server.tool(
+  'zibby_deploy_app',
+  'Deploy an app from the catalog (appType) OR a custom install described in natural language (goal). Catalog is curated by Zibby and license-safe to host; goal-based deploys are user-directed installs where the user (not Zibby) chooses what to install. License-sensitive apps like n8n (SUL) should ONLY be deployed via goal at user\'s direction, never via catalog. Provisions a new hosted instance (ECS Service + ALB target + agent-ops sidecar) and returns the new instanceId + public URL. Pass EXACTLY ONE of appType or goal. Use zibby_list_app_templates first to see available appType values AND each entry\'s `architectures` array. Optionally pass provider="codex" to run with the OpenAI Codex agent instead of the default Claude agent — requires the user to have an OpenAI API key staged via zibby_set_openai_credential. Optionally pass architecture="arm64" to run on AWS Graviton (~20% greener at the SAME price — operator pockets the compute savings, user pays the same per-minute rate). Defaults to the catalog\'s first listed architecture (operator-preferred order). If the catalog entry doesn\'t support the requested arch the server returns 400 with a hint listing what it does support.',
+  {
+    appType: z.string().min(1).optional().describe('Catalog id (e.g. "grafana", "gastown"). MUTUALLY EXCLUSIVE with goal — pass exactly one. Use this when the user wants something from the curated catalog.'),
+    goal: z.string().min(1).optional().describe('Free-form description of what to install (e.g. "install n8n on port 5678 with sqlite persistence"). MUTUALLY EXCLUSIVE with appType. Use this when the user wants something NOT in catalog OR has custom config needs — the agent-ops bootstrap will follow the description to install whatever it describes. Examples: "install n8n", "set up an Outline wiki at /wiki", "deploy a basic Rails app from <repo URL>". The user is responsible for any license terms of software they install via this path.'),
+    projectId: z.string().min(1).describe('Project the instance attaches to'),
+    name: z.string().min(1).optional().describe('Display name for the instance (defaults to appType, or the first line of goal)'),
+    provider: z.enum(['claude', 'codex']).optional().describe('Agent provider. Default "claude" (Anthropic). "codex" runs the OpenAI Codex agent and requires an OpenAI API key in workspace-credentials.'),
+    architecture: z.enum(['x86_64', 'arm64']).optional().describe('CPU architecture for the Fargate task. "arm64" runs on AWS Graviton — ~20% cheaper compute (same price to user). "x86_64" is the historical default + widest catalog compatibility. Omit to accept the catalog tile\'s preferred arch (first entry in its `architectures` array — usually arm64 for tiles that support it).'),
+  },
+  async ({ appType, goal, projectId, name, provider, architecture }) => {
+    // Enforce mutual exclusivity client-side so the agent gets a clear
+    // error before we burn an HTTP round-trip. Backend enforces the
+    // same invariant (apps.js::deployApp) but this gives a faster
+    // tighter error loop for the agent.
+    if (appType && goal) {
+      return { isError: true, content: [{ type: 'text', text: 'Pass either appType (catalog id) OR goal (free-form description), not both.' }] };
+    }
+    if (!appType && !goal) {
+      return { isError: true, content: [{ type: 'text', text: 'Pass either appType (catalog id, see zibby_list_app_templates) OR goal (free-form description) to describe what to deploy.' }] };
+    }
+    const apiKey = getProjectApiToken(projectId);
+    if (!apiKey) {
+      return { isError: true, content: [{ type: 'text', text: `No API token cached for project ${projectId}. Run zibby_login to refresh the local project list.` }] };
+    }
+    // CLI accepts EITHER `app deploy <appType>` OR `app deploy --goal <text>`
+    // (see packages/cli/bin/zibby.js); we forward whichever the agent picked.
+    const args = ['app', 'deploy'];
+    if (appType) args.push(appType);
+    if (goal)    args.push('--goal', goal);
+    args.push('--project', projectId);
+    if (name) args.push('--name', name);
+    if (provider) args.push('--provider', provider);
+    if (architecture) args.push('--arch', architecture);
+    return cliResult(await runCli(args, { extraEnv: { ZIBBY_API_KEY: apiKey } }));
+  }
+);
+
+// ── Tool: status of a single instance — live ECS state, public URL,
+// resources, app version, project.
+server.tool(
+  'zibby_get_app',
+  'Show one deployed app instance: status (running / pending / failed), running task count, app type+version, resources, public URL, project. Use when the user asks "is my app up?" or "what URL is it on?".',
+  {
+    instanceId: z.string().min(1).describe('Instance ID returned from zibby_deploy_app or zibby_list_apps'),
+    projectId: z.string().min(1).optional()
+      .describe('Project the instance belongs to (lets the tool pick the right cached API token; falls back to session token when omitted)'),
+  },
+  async ({ instanceId, projectId }) => {
+    const extraEnv = {};
+    if (projectId) {
+      const apiKey = getProjectApiToken(projectId);
+      if (apiKey) extraEnv.ZIBBY_API_KEY = apiKey;
+    }
+    return cliResult(await runCli(['app', 'status', instanceId], { extraEnv }));
+  }
+);
+
+// ── Tool: tail recent logs for a single instance. One-shot snapshot
+// (no streaming over MCP — agents can call again for fresh batches).
+server.tool(
+  'zibby_get_app_logs',
+  'Fetch the most recent log lines from a deployed app instance. One-shot snapshot (the user should call again for new lines). Useful for diagnosing why an app is stuck, failed to provision, or to confirm a feature works end-to-end. Returns a string with one event per line, prefixed by ISO timestamp.',
+  {
+    instanceId: z.string().min(1).describe('Instance ID returned from zibby_deploy_app or zibby_list_apps'),
+    projectId: z.string().min(1).optional().describe('Project the instance belongs to (picks the right cached API token)'),
+    lines: z.number().int().min(1).max(5000).optional().default(200)
+      .describe('Max number of recent lines to fetch (default 200, max 5000)'),
+  },
+  async ({ instanceId, projectId, lines }) => {
+    const extraEnv = {};
+    if (projectId) {
+      const apiKey = getProjectApiToken(projectId);
+      if (apiKey) extraEnv.ZIBBY_API_KEY = apiKey;
+    }
+    const args = ['app', 'logs', instanceId];
+    if (lines) args.push('--lines', String(lines));
+    return cliResult(await runCli(args, { extraEnv }));
+  }
+);
+
+// ── Tool: upgrade an instance's agent-ops version in-place.
+// Non-destructive: EFS data, bridgeToken, ALB wiring all preserved.
+// Re-registers the task def with a new image tag, then force-redeploys
+// the ECS Service so the new container picks up the data on the same
+// EFS access point.
+server.tool(
+  'zibby_upgrade_app',
+  'Upgrade a deployed app instance to a new agent-ops image version IN PLACE. EFS data, ALB wiring, and the per-instance bridgeToken are all preserved — this is NOT a destroy + redeploy. ECS rolls the service: new task pulls the new image, swaps over once healthy. Use after a new agent-ops version is published. Returns the new taskDefinitionArn and the resolved image tag.',
+  {
+    instanceId: z.string().min(1).describe('Instance ID to upgrade'),
+    projectId: z.string().min(1).optional().describe('Project the instance belongs to (picks the right cached API token)'),
+    version: z.string().min(1).max(40).optional()
+      .describe('Pin to a specific agent-ops version tag (e.g. "0.1.16"). Without this, the upgrade picks up whatever\'s in the AppsFleet base task def in SSM.'),
+  },
+  async ({ instanceId, projectId, version }) => {
+    const extraEnv = {};
+    if (projectId) {
+      const apiKey = getProjectApiToken(projectId);
+      if (apiKey) extraEnv.ZIBBY_API_KEY = apiKey;
+    }
+    const args = ['app', 'upgrade', instanceId, '--yes'];
+    if (version) args.push('--version', version);
+    return cliResult(await runCli(args, { extraEnv }));
+  }
+);
+
+// ── Tool: destroy an instance. DESTRUCTIVE — the agent must confirm
+// with the user before calling. Passes --yes through to skip the CLI's
+// own interactive confirm (which doesn't work over MCP's stdio).
+server.tool(
+  'zibby_destroy_app',
+  'Stop and destroy a deployed app instance. DESTRUCTIVE: the running ECS task is stopped, the EFS volume is released, and the instance row is removed. The agent MUST first ask the user for explicit confirmation, then call this with confirm=true.',
+  {
+    instanceId: z.string().min(1).describe('Instance ID to destroy'),
+    projectId: z.string().min(1).optional().describe('Project the instance belongs to (picks the right cached API token)'),
+    confirm: z.literal(true).describe('Must be true. Set only after the user has explicitly approved destroying this instance.'),
+  },
+  async ({ instanceId, projectId }) => {
+    const extraEnv = {};
+    if (projectId) {
+      const apiKey = getProjectApiToken(projectId);
+      if (apiKey) extraEnv.ZIBBY_API_KEY = apiKey;
+    }
+    return cliResult(await runCli(['app', 'destroy', instanceId, '--yes'], { extraEnv }));
+  }
+);
+
+// ── Tool: paste / replace a Claude credential (oauth or api).
+// The deploy flow is BYOK ONLY — agents that try to deploy an app for a
+// user with no Claude credential get the 428 CLAUDE_CREDENTIAL_REQUIRED
+// error from zibby_deploy_app, then call this tool to onboard.
+//
+// The token comes from the user; the agent should NOT mint or fabricate
+// it (no oauth flow over MCP). Common path: agent asks user to paste a
+// token, user does, agent calls this with the pasted string.
+server.tool(
+  'zibby_set_claude_credential',
+  'Store a Claude credential (oauth long-lived token from `claude setup-token`, or an Anthropic `sk-ant-…` API key) in the user\'s workspace credentials store. KMS-encrypted server-side; the plaintext is sent over HTTPS but never persisted client-side. Auto-detects oauth vs api by token prefix (`sk-ant-oat` / `oat_` → oauth; `sk-ant-api` → api). Use this AFTER the user pastes a token, NOT to mint one yourself. After this succeeds, retry the original zibby_deploy_app call.',
+  {
+    token: z.string().min(8).describe('The Claude token the user pasted. Either an OAuth subscription token from `claude setup-token` (long-lived, bills against Claude Code sub) or an Anthropic API key starting with sk-ant-… (bills against Anthropic API credits).'),
+    type: z.enum(['oauth', 'api']).optional().describe('Force the credential kind. Omit to auto-detect from token prefix.'),
+  },
+  async ({ token, type }) => {
+    const args = ['creds', 'set', 'claude', token];
+    if (type) args.push('--type', type);
+    return cliResult(await runCli(args));
+  }
+);
+
+// ── Tool: paste an OpenAI API key for Codex deploys. Mirror of the
+// Claude tool above. Codex v1 is API-key only (no OAuth flow), so the
+// kind is hardcoded api server-side; agents only need to pass the
+// token. The deploy flow is BYOK — agents that try a Codex deploy
+// without an OpenAI cred get a 428 OPENAI_CREDENTIAL_REQUIRED error
+// from zibby_deploy_app, then call this tool to onboard.
+server.tool(
+  'zibby_set_openai_credential',
+  'Store an OpenAI API key in the user\'s workspace credentials store, for use by the Codex agent on Managed App deploys. KMS-encrypted server-side; the plaintext is sent over HTTPS but never persisted client-side. API-key only (Codex v1 has no OAuth flow). Use this AFTER the user pastes their key, NOT to mint one yourself. After this succeeds, retry the original zibby_deploy_app call with provider="codex".',
+  {
+    token: z.string().min(8).describe('The OpenAI API key the user pasted (typically starts with sk-…). Mint one at https://platform.openai.com/api-keys. Bills against the user\'s OpenAI account.'),
+  },
+  async ({ token }) => {
+    const args = ['creds', 'set', 'openai', token];
+    return cliResult(await runCli(args));
+  }
+);
+
+// ── Tool: rotate the per-instance Claude credential to whatever's
+// currently in the user's workspace-credentials. EFS data + bridgeToken
+// + ALB wiring all preserved; ECS Service rolls the task ~30s.
+//
+// Use after `zibby_set_claude_credential` rotated the workspace cred,
+// to push the change to already-running app instances.
+server.tool(
+  'zibby_update_app_credential',
+  'Rotate the per-instance Claude credential on a running app instance to whatever is currently stored in the user\'s workspace-credentials. Use after the user has uploaded a new token (via zibby_set_claude_credential) and wants existing instances to pick it up. EFS data, ALB wiring, and the bridgeToken are preserved. The task restarts (~30s) and ECS swaps over.',
+  {
+    instanceId: z.string().min(1).describe('Instance ID to rotate the credential on'),
+    projectId: z.string().min(1).optional().describe('Project the instance belongs to (picks the right cached API token)'),
+  },
+  async ({ instanceId, projectId }) => {
+    const extraEnv = {};
+    if (projectId) {
+      const apiKey = getProjectApiToken(projectId);
+      if (apiKey) extraEnv.ZIBBY_API_KEY = apiKey;
+    }
+    return cliResult(await runCli(['app', 'update-credential', instanceId], { extraEnv }));
+  }
+);
+
 // ── Connect ─────────────────────────────────────────────────────────────
 
 await server.connect(new StdioServerTransport());

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@zibby/mcp-cli",
-  "version": "0.3.1",
+  "version": "0.3.2",
   "description": "Zibby local-essential MCP Server — local workflow scaffold/validate/run + deploy/download (bundles local files). Pure-API tools live in the Zibby Remote MCP (api-prod.zibby.app/mcp).",
   "type": "module",
   "main": "index.js",