gitlab-mcp 0.1.4 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.dockerignore +7 -0
- package/.editorconfig +9 -0
- package/.env.example +75 -0
- package/.github/workflows/nodejs.yml +31 -0
- package/.github/workflows/npm-publish.yml +31 -0
- package/.husky/pre-commit +1 -0
- package/.nvmrc +1 -0
- package/.prettierrc.json +6 -0
- package/Dockerfile +20 -0
- package/README.md +416 -251
- package/docker-compose.yml +10 -0
- package/docs/architecture.md +310 -0
- package/docs/authentication.md +299 -0
- package/docs/configuration.md +149 -0
- package/docs/deployment.md +336 -0
- package/docs/tools.md +294 -0
- package/eslint.config.js +23 -0
- package/package.json +70 -32
- package/scripts/get-oauth-token.example.sh +15 -0
- package/src/config/env.ts +171 -0
- package/src/http.ts +605 -0
- package/src/index.ts +77 -0
- package/src/lib/auth-context.ts +19 -0
- package/src/lib/gitlab-client.ts +1810 -0
- package/src/lib/logger.ts +17 -0
- package/src/lib/network.ts +45 -0
- package/src/lib/oauth.ts +287 -0
- package/src/lib/output.ts +51 -0
- package/src/lib/policy.ts +78 -0
- package/src/lib/request-runtime.ts +376 -0
- package/src/lib/sanitize.ts +25 -0
- package/src/server/build-server.ts +17 -0
- package/src/tools/gitlab.ts +3128 -0
- package/src/tools/health.ts +27 -0
- package/src/tools/mr-code-context.ts +473 -0
- package/src/types/context.ts +13 -0
- package/tests/auth-context.test.ts +102 -0
- package/tests/gitlab-client.test.ts +674 -0
- package/tests/graphql-guard.test.ts +121 -0
- package/tests/integration/agent-loop.integration.test.ts +552 -0
- package/tests/integration/server.integration.test.ts +543 -0
- package/tests/mr-code-context.test.ts +600 -0
- package/tests/oauth.test.ts +43 -0
- package/tests/output.test.ts +186 -0
- package/tests/policy.test.ts +324 -0
- package/tests/request-runtime.test.ts +252 -0
- package/tests/sanitize.test.ts +123 -0
- package/tests/upload-reference.test.ts +84 -0
- package/tsconfig.build.json +11 -0
- package/tsconfig.json +21 -0
- package/vitest.config.ts +12 -0
- package/LICENSE +0 -21
- package/build/index.js +0 -1641
- package/build/schemas.js +0 -684
- package/build/test-note.js +0 -54
package/.dockerignore
ADDED
package/.editorconfig
ADDED
package/.env.example
ADDED
|
@@ -0,0 +1,75 @@
|
|
|
1
|
+
NODE_ENV=development
|
|
2
|
+
LOG_LEVEL=info
|
|
3
|
+
|
|
4
|
+
MCP_SERVER_NAME=gitlab-mcp
|
|
5
|
+
MCP_SERVER_VERSION=0.1.0
|
|
6
|
+
|
|
7
|
+
# Base API URL(s). Supports comma-separated multi-instance URLs.
|
|
8
|
+
# Each URL will be normalized to /api/v4 automatically.
|
|
9
|
+
GITLAB_API_URL=https://gitlab.com/api/v4
|
|
10
|
+
|
|
11
|
+
# For stdio/local mode. In REMOTE_AUTHORIZATION mode this can stay empty.
|
|
12
|
+
GITLAB_PERSONAL_ACCESS_TOKEN=
|
|
13
|
+
|
|
14
|
+
# Optional built-in OAuth (PKCE)
|
|
15
|
+
GITLAB_USE_OAUTH=false
|
|
16
|
+
GITLAB_OAUTH_CLIENT_ID=
|
|
17
|
+
GITLAB_OAUTH_CLIENT_SECRET=
|
|
18
|
+
GITLAB_OAUTH_GITLAB_URL=
|
|
19
|
+
GITLAB_OAUTH_REDIRECT_URI=http://127.0.0.1:8765/callback
|
|
20
|
+
GITLAB_OAUTH_SCOPES=api
|
|
21
|
+
GITLAB_OAUTH_TOKEN_PATH=~/.gitlab-mcp-oauth-token.json
|
|
22
|
+
GITLAB_OAUTH_AUTO_OPEN_BROWSER=true
|
|
23
|
+
|
|
24
|
+
# Tool/runtime policy
|
|
25
|
+
GITLAB_READ_ONLY_MODE=false
|
|
26
|
+
GITLAB_ALLOWED_PROJECT_IDS=
|
|
27
|
+
GITLAB_ALLOWED_TOOLS=
|
|
28
|
+
GITLAB_DENIED_TOOLS_REGEX=
|
|
29
|
+
GITLAB_ALLOW_GRAPHQL_WITH_PROJECT_SCOPE=false
|
|
30
|
+
|
|
31
|
+
# Output tuning
|
|
32
|
+
GITLAB_RESPONSE_MODE=json
|
|
33
|
+
GITLAB_MAX_RESPONSE_BYTES=200000
|
|
34
|
+
GITLAB_HTTP_TIMEOUT_MS=20000
|
|
35
|
+
GITLAB_ERROR_DETAIL_MODE=
|
|
36
|
+
|
|
37
|
+
# Optional auth/runtime enhancements
|
|
38
|
+
GITLAB_AUTH_COOKIE_PATH=
|
|
39
|
+
GITLAB_COOKIE_WARMUP_PATH=/user
|
|
40
|
+
GITLAB_TOKEN_SCRIPT=
|
|
41
|
+
GITLAB_TOKEN_SCRIPT_TIMEOUT_MS=10000
|
|
42
|
+
GITLAB_TOKEN_CACHE_SECONDS=300
|
|
43
|
+
GITLAB_TOKEN_FILE=
|
|
44
|
+
GITLAB_ALLOW_INSECURE_TOKEN_FILE=false
|
|
45
|
+
|
|
46
|
+
# Cloudflare/proxy compatibility
|
|
47
|
+
GITLAB_CLOUDFLARE_BYPASS=false
|
|
48
|
+
GITLAB_USER_AGENT=
|
|
49
|
+
GITLAB_ACCEPT_LANGUAGE=en-US,en;q=0.9
|
|
50
|
+
|
|
51
|
+
# TLS safety guard (must acknowledge if disabled)
|
|
52
|
+
NODE_TLS_REJECT_UNAUTHORIZED=
|
|
53
|
+
GITLAB_ALLOW_INSECURE_TLS=false
|
|
54
|
+
GITLAB_CA_CERT_PATH=
|
|
55
|
+
HTTP_PROXY=
|
|
56
|
+
HTTPS_PROXY=
|
|
57
|
+
|
|
58
|
+
# Feature toggles
|
|
59
|
+
USE_GITLAB_WIKI=true
|
|
60
|
+
USE_MILESTONE=true
|
|
61
|
+
USE_PIPELINE=true
|
|
62
|
+
USE_RELEASE=true
|
|
63
|
+
|
|
64
|
+
# Remote auth/session controls (for Streamable HTTP)
|
|
65
|
+
REMOTE_AUTHORIZATION=false
|
|
66
|
+
ENABLE_DYNAMIC_API_URL=false
|
|
67
|
+
SESSION_TIMEOUT_SECONDS=3600
|
|
68
|
+
MAX_SESSIONS=1000
|
|
69
|
+
MAX_REQUESTS_PER_MINUTE=300
|
|
70
|
+
|
|
71
|
+
# HTTP server
|
|
72
|
+
HTTP_HOST=127.0.0.1
|
|
73
|
+
HTTP_PORT=3333
|
|
74
|
+
HTTP_JSON_ONLY=false
|
|
75
|
+
SSE=false
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
name: Node CI
|
|
2
|
+
|
|
3
|
+
on: [push]
|
|
4
|
+
|
|
5
|
+
jobs:
|
|
6
|
+
build:
|
|
7
|
+
runs-on: ubuntu-latest
|
|
8
|
+
|
|
9
|
+
strategy:
|
|
10
|
+
matrix:
|
|
11
|
+
node-version: [22.x]
|
|
12
|
+
|
|
13
|
+
steps:
|
|
14
|
+
- uses: actions/checkout@v4
|
|
15
|
+
- name: Setup pnpm
|
|
16
|
+
uses: pnpm/action-setup@v4
|
|
17
|
+
with:
|
|
18
|
+
version: 10.28.1
|
|
19
|
+
run_install: false
|
|
20
|
+
- name: Use Node.js ${{ matrix.node-version }}
|
|
21
|
+
uses: actions/setup-node@v4
|
|
22
|
+
with:
|
|
23
|
+
node-version: ${{ matrix.node-version }}
|
|
24
|
+
cache: "pnpm"
|
|
25
|
+
- name: pnpm install, build, and test
|
|
26
|
+
run: |
|
|
27
|
+
pnpm install --frozen-lockfile
|
|
28
|
+
pnpm build
|
|
29
|
+
pnpm test
|
|
30
|
+
env:
|
|
31
|
+
CI: true
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
name: Node.js Package
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
release:
|
|
5
|
+
types: [created]
|
|
6
|
+
|
|
7
|
+
jobs:
|
|
8
|
+
publish-npm:
|
|
9
|
+
runs-on: ubuntu-latest
|
|
10
|
+
permissions:
|
|
11
|
+
contents: read
|
|
12
|
+
id-token: write
|
|
13
|
+
steps:
|
|
14
|
+
- uses: actions/checkout@v4
|
|
15
|
+
- name: Setup pnpm
|
|
16
|
+
uses: pnpm/action-setup@v4
|
|
17
|
+
with:
|
|
18
|
+
version: 10.28.1
|
|
19
|
+
run_install: false
|
|
20
|
+
- uses: actions/setup-node@v4
|
|
21
|
+
with:
|
|
22
|
+
node-version: "22.x"
|
|
23
|
+
cache: "pnpm"
|
|
24
|
+
registry-url: "https://registry.npmjs.org"
|
|
25
|
+
- run: pnpm install --frozen-lockfile
|
|
26
|
+
- run: pnpm build
|
|
27
|
+
- run: pnpm test
|
|
28
|
+
- run: npm publish --provenance
|
|
29
|
+
env:
|
|
30
|
+
NODE_AUTH_TOKEN: ${{secrets.NPM_AUTH_TOKEN}}
|
|
31
|
+
CI: true
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
npm run lint-staged
|
package/.nvmrc
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
22
|
package/.prettierrc.json
ADDED
package/Dockerfile
ADDED
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
FROM node:22-alpine AS deps
|
|
2
|
+
WORKDIR /app
|
|
3
|
+
RUN corepack enable
|
|
4
|
+
COPY package.json pnpm-lock.yaml ./
|
|
5
|
+
RUN pnpm install --frozen-lockfile
|
|
6
|
+
|
|
7
|
+
FROM deps AS build
|
|
8
|
+
COPY . .
|
|
9
|
+
RUN pnpm build
|
|
10
|
+
|
|
11
|
+
FROM node:22-alpine AS runtime
|
|
12
|
+
WORKDIR /app
|
|
13
|
+
ENV NODE_ENV=production
|
|
14
|
+
RUN corepack enable
|
|
15
|
+
COPY package.json pnpm-lock.yaml ./
|
|
16
|
+
RUN pnpm install --prod --frozen-lockfile
|
|
17
|
+
COPY --from=build /app/dist ./dist
|
|
18
|
+
COPY .env.example ./.env.example
|
|
19
|
+
EXPOSE 3333
|
|
20
|
+
CMD ["node", "dist/http.js"]
|