it-tools-mcp 3.0.23 → 3.1.0

package/build/tools/ansible/ansible-playbook-validator/index.js

@@ -0,0 +1,128 @@
+import { z } from "zod";
+export function registerAnsiblePlaybookValidator(server) {
+    server.tool("ansible-playbook-validator", "Validate Ansible playbook syntax and structure", {
+        playbook: z.string().describe("Ansible playbook YAML content"),
+    }, async ({ playbook }) => {
+        if (!playbook?.trim()) {
+            return {
+                content: [
+                    {
+                        type: "text",
+                        text: "Please provide playbook content to validate",
+                    },
+                ],
+            };
+        }
+        try {
+            const yaml = await import('js-yaml');
+            let parsed;
+            try {
+                parsed = yaml.load(playbook);
+            }
+            catch (yamlError) {
+                return {
+                    content: [
+                        {
+                            type: "text",
+                            text: `YAML syntax error: ${yamlError.message}`,
+                        },
+                    ],
+                };
+            }
+            const errors = [];
+            const warnings = [];
+            // Basic playbook structure validation
+            if (!Array.isArray(parsed)) {
+                errors.push('Playbook must be a YAML array of plays');
+            }
+            else {
+                // Validate each play
+                parsed.forEach((play, index) => {
+                    const playNum = index + 1;
+                    if (typeof play !== 'object' || play === null) {
+                        errors.push(`Play ${playNum}: must be an object`);
+                        return;
+                    }
+                    // Check required fields
+                    if (!play.name && !play.hosts) {
+                        warnings.push(`Play ${playNum}: should have either 'name' or 'hosts' field`);
+                    }
+                    if (!play.hosts) {
+                        errors.push(`Play ${playNum}: missing required 'hosts' field`);
+                    }
+                    // Validate tasks
+                    if (play.tasks) {
+                        if (!Array.isArray(play.tasks)) {
+                            errors.push(`Play ${playNum}: 'tasks' must be an array`);
+                        }
+                        else {
+                            play.tasks.forEach((task, taskIndex) => {
+                                const taskNum = taskIndex + 1;
+                                if (typeof task !== 'object' || task === null) {
+                                    errors.push(`Play ${playNum}, Task ${taskNum}: must be an object`);
+                                    return;
+                                }
+                                // Check for task action
+                                const taskActions = Object.keys(task).filter(key => !['name', 'when', 'tags', 'become', 'become_user', 'vars', 'register', 'failed_when', 'changed_when', 'ignore_errors', 'notify'].includes(key));
+                                if (taskActions.length === 0) {
+                                    errors.push(`Play ${playNum}, Task ${taskNum}: no action module specified`);
+                                }
+                                else if (taskActions.length > 1) {
+                                    warnings.push(`Play ${playNum}, Task ${taskNum}: multiple action modules found: ${taskActions.join(', ')}`);
+                                }
+                                if (!task.name) {
+                                    warnings.push(`Play ${playNum}, Task ${taskNum}: should have a 'name' field for better readability`);
+                                }
+                            });
+                        }
+                    }
+                    // Validate handlers
+                    if (play.handlers) {
+                        if (!Array.isArray(play.handlers)) {
+                            errors.push(`Play ${playNum}: 'handlers' must be an array`);
+                        }
+                    }
+                    // Check for common variables sections
+                    if (play.vars && typeof play.vars !== 'object') {
+                        errors.push(`Play ${playNum}: 'vars' must be an object`);
+                    }
+                    if (play.vars_files && !Array.isArray(play.vars_files)) {
+                        errors.push(`Play ${playNum}: 'vars_files' must be an array`);
+                    }
+                });
+            }
+            let result = '';
+            if (errors.length === 0 && warnings.length === 0) {
+                result = '✅ Playbook validation passed! No errors or warnings found.';
+            }
+            else {
+                if (errors.length > 0) {
+                    result += `❌ Errors found:\n${errors.map(error => `  • ${error}`).join('\n')}`;
+                }
+                if (warnings.length > 0) {
+                    if (result)
+                        result += '\n\n';
+                    result += `⚠️  Warnings:\n${warnings.map(warning => `  • ${warning}`).join('\n')}`;
+                }
+            }
+            return {
+                content: [
+                    {
+                        type: "text",
+                        text: result,
+                    },
+                ],
+            };
+        }
+        catch (error) {
+            return {
+                content: [
+                    {
+                        type: "text",
+                        text: `Error validating playbook: ${error.message}`,
+                    },
+                ],
+            };
+        }
+    });
+}

package/build/tools/ansible/ansible-reference/index.js

@@ -0,0 +1,393 @@
+export function registerAnsibleReference(server) {
+    server.tool("ansible-reference", "Get Ansible commands reference and cheatsheet", {}, async () => {
+        const reference = `# Ansible Quick Reference
+
+## Installation
+\`\`\`bash
+# Install via pip
+pip install ansible
+
+# Install via apt (Ubuntu/Debian)
+sudo apt update
+sudo apt install ansible
+
+# Install via yum (CentOS/RHEL)
+sudo yum install ansible
+
+# Verify installation
+ansible --version
+\`\`\`
+
+## Configuration Files
+- \`/etc/ansible/ansible.cfg\` - Global configuration
+- \`~/.ansible.cfg\` - User configuration
+- \`./ansible.cfg\` - Project configuration
+- \`/etc/ansible/hosts\` - Default inventory file
+
+## Basic Commands
+\`\`\`bash
+# Run ad-hoc command
+ansible <hosts> -m <module> -a "<arguments>"
+
+# Run playbook
+ansible-playbook playbook.yml
+
+# Check playbook syntax
+ansible-playbook --syntax-check playbook.yml
+
+# Dry run (check mode)
+ansible-playbook --check playbook.yml
+
+# Limit to specific hosts
+ansible-playbook -l <host_pattern> playbook.yml
+
+# Use specific inventory
+ansible-playbook -i inventory.ini playbook.yml
+
+# Ask for sudo password
+ansible-playbook --ask-become-pass playbook.yml
+\`\`\`
+
+## Inventory Examples
+
+### INI Format
+\`\`\`ini
+[webservers]
+web1.example.com
+web2.example.com
+
+[databases]
+db1.example.com
+db2.example.com
+
+[production:children]
+webservers
+databases
+
+[webservers:vars]
+http_port=80
+max_clients=200
+\`\`\`
+
+### YAML Format
+\`\`\`yaml
+all:
+  children:
+    webservers:
+      hosts:
+        web1.example.com:
+        web2.example.com:
+      vars:
+        http_port: 80
+        max_clients: 200
+    databases:
+      hosts:
+        db1.example.com:
+        db2.example.com:
+\`\`\`
+
+## Playbook Structure
+\`\`\`yaml
+---
+- name: Configure web servers
+  hosts: webservers
+  become: yes
+  vars:
+    http_port: 80
+  
+  tasks:
+    - name: Install Apache
+      package:
+        name: apache2
+        state: present
+    
+    - name: Start Apache service
+      service:
+        name: apache2
+        state: started
+        enabled: yes
+  
+  handlers:
+    - name: restart apache
+      service:
+        name: apache2
+        state: restarted
+\`\`\`
+
+## Common Modules
+
+### Package Management
+\`\`\`yaml
+# Install package
+- package:
+    name: nginx
+    state: present
+
+# Install specific version
+- package:
+    name: nginx=1.18.0
+    state: present
+
+# Remove package
+- package:
+    name: nginx
+    state: absent
+\`\`\`
+
+### Service Management
+\`\`\`yaml
+# Start and enable service
+- service:
+    name: nginx
+    state: started
+    enabled: yes
+
+# Stop service
+- service:
+    name: nginx
+    state: stopped
+\`\`\`
+
+### File Operations
+\`\`\`yaml
+# Copy file
+- copy:
+    src: /local/file.txt
+    dest: /remote/file.txt
+    owner: root
+    group: root
+    mode: '0644'
+
+# Create directory
+- file:
+    path: /path/to/directory
+    state: directory
+    mode: '0755'
+
+# Create symlink
+- file:
+    src: /path/to/source
+    dest: /path/to/link
+    state: link
+\`\`\`
+
+### Template
+\`\`\`yaml
+- template:
+    src: nginx.conf.j2
+    dest: /etc/nginx/nginx.conf
+    owner: root
+    group: root
+    mode: '0644'
+  notify: restart nginx
+\`\`\`
+
+### Command Execution
+\`\`\`yaml
+# Run command
+- command: /bin/ls -la /tmp
+
+# Run shell command
+- shell: echo "Hello" > /tmp/hello.txt
+
+# Raw command (no processing)
+- raw: /bin/ls
+\`\`\`
+
+## Variables and Facts
+
+### Variable Files
+\`\`\`yaml
+# vars.yml
+database_name: myapp
+database_user: myuser
+database_password: mypass
+\`\`\`
+
+### Using Variables
+\`\`\`yaml
+- name: Create database
+  mysql_db:
+    name: "{{ database_name }}"
+    state: present
+\`\`\`
+
+### Gathering Facts
+\`\`\`yaml
+# Disable fact gathering
+- hosts: all
+  gather_facts: no
+
+# Use facts
+- debug:
+    msg: "OS is {{ ansible_distribution }}"
+\`\`\`
+
+## Conditionals and Loops
+
+### Conditionals
+\`\`\`yaml
+- name: Install package on Ubuntu
+  package:
+    name: apache2
+    state: present
+  when: ansible_distribution == "Ubuntu"
+\`\`\`
+
+### Loops
+\`\`\`yaml
+# Simple loop
+- name: Install packages
+  package:
+    name: "{{ item }}"
+    state: present
+  loop:
+    - nginx
+    - git
+    - curl
+
+# Loop with dictionaries
+- name: Create users
+  user:
+    name: "{{ item.name }}"
+    group: "{{ item.group }}"
+  loop:
+    - { name: 'alice', group: 'admins' }
+    - { name: 'bob', group: 'users' }
+\`\`\`
+
+## Handlers
+\`\`\`yaml
+tasks:
+  - name: Copy config file
+    copy:
+      src: nginx.conf
+      dest: /etc/nginx/nginx.conf
+    notify:
+      - restart nginx
+      - reload nginx
+
+handlers:
+  - name: restart nginx
+    service:
+      name: nginx
+      state: restarted
+  
+  - name: reload nginx
+    service:
+      name: nginx
+      state: reloaded
+\`\`\`
+
+## Vault (Encryption)
+\`\`\`bash
+# Create encrypted file
+ansible-vault create secret.yml
+
+# Edit encrypted file
+ansible-vault edit secret.yml
+
+# Encrypt existing file
+ansible-vault encrypt file.yml
+
+# Decrypt file
+ansible-vault decrypt file.yml
+
+# View encrypted file
+ansible-vault view secret.yml
+
+# Run playbook with vault
+ansible-playbook --ask-vault-pass playbook.yml
+ansible-playbook --vault-password-file vault_pass.txt playbook.yml
+\`\`\`
+
+## Roles Structure
+\`\`\`
+roles/
+  webserver/
+    tasks/
+      main.yml
+    handlers/
+      main.yml
+    templates/
+      nginx.conf.j2
+    files/
+      index.html
+    vars/
+      main.yml
+    defaults/
+      main.yml
+    meta/
+      main.yml
+\`\`\`
+
+## Best Practices
+- Use descriptive task names
+- Organize with roles and includes
+- Use variables for configuration
+- Always use version control
+- Test with \`--check\` mode first
+- Use handlers for service restarts
+- Make playbooks idempotent
+- Use tags for selective execution
+- Keep secrets in vault files
+
+## Common Patterns
+
+### Rolling Updates
+\`\`\`yaml
+- hosts: webservers
+  serial: 1
+  max_fail_percentage: 25
+\`\`\`
+
+### Tags
+\`\`\`yaml
+- name: Install packages
+  package:
+    name: nginx
+  tags:
+    - install
+    - packages
+\`\`\`
+
+### Error Handling
+\`\`\`yaml
+- name: Risky task
+  command: /bin/risky-command
+  ignore_errors: yes
+  register: result
+  failed_when: result.rc != 0 and "expected error" not in result.stderr
+\`\`\`
+
+## Useful Commands
+\`\`\`bash
+# List hosts
+ansible-inventory --list
+
+# Check connectivity
+ansible all -m ping
+
+# Gather facts
+ansible hostname -m setup
+
+# Run with tags
+ansible-playbook --tags "install,config" playbook.yml
+
+# Skip tags
+ansible-playbook --skip-tags "slow" playbook.yml
+
+# Limit hosts
+ansible-playbook -l "webservers:!web3" playbook.yml
+\`\`\`
+`;
+        return {
+            content: [
+                {
+                    type: "text",
+                    text: reference,
+                },
+            ],
+        };
+    });
+}

package/build/tools/ansible/ansible-vault-decrypt/index.js

@@ -0,0 +1,137 @@
+import { z } from "zod";
+import { pbkdf2Sync } from "crypto";
+export function registerAnsibleVaultDecrypt(server) {
+    server.tool("ansible-vault-decrypt", "Decrypt Ansible Vault encrypted text", {
+        encryptedText: z.string().describe("Ansible Vault encrypted text to decrypt"),
+        password: z.string().describe("Password for decryption"),
+    }, async ({ encryptedText, password }) => {
+        if (!encryptedText?.trim()) {
+            return {
+                content: [
+                    {
+                        type: "text",
+                        text: "Please provide encrypted text to decrypt",
+                    },
+                ],
+            };
+        }
+        if (!password?.trim()) {
+            return {
+                content: [
+                    {
+                        type: "text",
+                        text: "Please provide a password for decryption",
+                    },
+                ],
+            };
+        }
+        try {
+            // Parse Ansible Vault format
+            const lines = encryptedText.trim().split('\n');
+            if (!lines[0].startsWith('$ANSIBLE_VAULT;')) {
+                return {
+                    content: [
+                        {
+                            type: "text",
+                            text: "Invalid Ansible Vault format: missing header",
+                        },
+                    ],
+                };
+            }
+            // Extract vault header info
+            const headerParts = lines[0].split(';');
+            if (headerParts.length < 3) {
+                return {
+                    content: [
+                        {
+                            type: "text",
+                            text: "Invalid Ansible Vault format: malformed header",
+                        },
+                    ],
+                };
+            }
+            const version = headerParts[1];
+            const cipher = headerParts[2];
+            const vaultId = headerParts.length > 3 ? headerParts[3] : null;
+            if (version !== '1.1' && version !== '1.2') {
+                return {
+                    content: [
+                        {
+                            type: "text",
+                            text: `Unsupported Ansible Vault version: ${version}`,
+                        },
+                    ],
+                };
+            }
+            if (cipher !== 'AES256') {
+                return {
+                    content: [
+                        {
+                            type: "text",
+                            text: `Unsupported cipher: ${cipher}`,
+                        },
+                    ],
+                };
+            }
+            // Combine data lines and decode base64
+            const dataLines = lines.slice(1).join('');
+            const combined = Buffer.from(dataLines, 'base64');
+            if (combined.length < 80) { // 32 (salt) + 16 (iv) + 32 (mac) = 80 minimum
+                return {
+                    content: [
+                        {
+                            type: "text",
+                            text: "Invalid Ansible Vault format: insufficient data",
+                        },
+                    ],
+                };
+            }
+            // Extract components
+            const salt = combined.subarray(0, 32);
+            const iv = combined.subarray(32, 48);
+            const encryptedData = combined.subarray(48, -32);
+            const mac = combined.subarray(-32);
+            // Derive key using PBKDF2
+            const key = pbkdf2Sync(password, salt, 10000, 32, 'sha256');
+            // Verify HMAC
+            const crypto = await import('crypto');
+            const hmac = crypto.createHmac('sha256', key);
+            hmac.update(salt);
+            hmac.update(iv);
+            hmac.update(encryptedData);
+            const calculatedMac = hmac.digest();
+            if (!calculatedMac.equals(mac)) {
+                return {
+                    content: [
+                        {
+                            type: "text",
+                            text: "Decryption failed: invalid password or corrupted data",
+                        },
+                    ],
+                };
+            }
+            // Decrypt using AES-256-CTR
+            const decipher = crypto.createDecipheriv('aes-256-ctr', key, iv);
+            let decrypted = decipher.update(encryptedData, undefined, 'utf8');
+            decrypted += decipher.final('utf8');
+            return {
+                content: [
+                    {
+                        type: "text",
+                        text: decrypted,
+                    },
+                ],
+            };
+        }
+        catch (error) {
+            return {
+                content: [
+                    {
+                        type: "text",
+                        text: `Error decrypting text: ${error.message}`,
+                    },
+                ],
+            };
+        }
+    });
+}