mlgym-deploy 3.3.41 → 3.3.42

package/index.js

@@ -18,7 +18,7 @@ import crypto from 'crypto';
 const execAsync = promisify(exec);
 
 // Current version of this MCP server - INCREMENT FOR WORKFLOW FIXES
-const CURRENT_VERSION = '3.3.40';  // Fix auth.jwt_token -> auth.token consistency bug
+const CURRENT_VERSION = '3.3.42';  // Add deploy_dollie tool for Next.js dev containers with SSH
 const PACKAGE_NAME = 'mlgym-deploy';
 
 // Debug logging configuration - ENABLED BY DEFAULT
@@ -3434,6 +3434,205 @@ async function deployProject(args) {
   }
 }
 
+// ============================================================================
+// DOLLIE DEPLOYMENT - Next.js Dev Containers with SSH
+// ============================================================================
+async function deployDollie(args) {
+  const {
+    project_name,
+    project_description,
+    git_repo_url,
+    git_branch = '',
+    git_token = '',
+    app_port = 3000,
+    email,
+    password
+  } = args;
+
+  log.info('MCP >>> Starting Dollie deployment workflow');
+  log.debug('MCP >>> Arguments:', { project_name, git_repo_url, git_branch, app_port });
+
+  try {
+    // Step 1: Authenticate
+    log.info('MCP >>> STEP 1: Authenticating...');
+    const auth = await loadAuth();
+
+    // If not authenticated and credentials provided, authenticate
+    if (!auth.token && email && password) {
+      const loginResult = await apiRequest('POST', '/api/v1/auth/login', {
+        email,
+        password
+      }, false);
+
+      if (!loginResult.success || !loginResult.data.token) {
+        return {
+          content: [{
+            type: 'text',
+            text: JSON.stringify({
+              status: 'error',
+              message: 'Authentication failed',
+              error: loginResult.error || 'Invalid credentials',
+              next_steps: [
+                'Provide valid email and password',
+                'Or ensure you are already logged in'
+              ]
+            }, null, 2)
+          }]
+        };
+      }
+
+      await saveAuth(email, loginResult.data.token);
+      log.success('MCP >>> STEP 1: Authentication successful');
+    } else if (!auth.token) {
+      return {
+        content: [{
+          type: 'text',
+          text: JSON.stringify({
+            status: 'error',
+            message: 'Authentication required',
+            error: 'No authentication token found and no credentials provided',
+            next_steps: [
+              'Provide email and password in the request',
+              'Or use mlgym_auth_login first'
+            ]
+          }, null, 2)
+        }]
+      };
+    } else {
+      log.success('MCP >>> STEP 1: Using existing authentication');
+    }
+
+    // Step 2: Get current user info
+    log.info('MCP >>> STEP 2: Getting user information...');
+    const userResult = await apiRequest('GET', '/api/v1/user', null, true);
+
+    if (!userResult.success) {
+      return {
+        content: [{
+          type: 'text',
+          text: JSON.stringify({
+            status: 'error',
+            message: 'Failed to get user information',
+            error: userResult.error
+          }, null, 2)
+        }]
+      };
+    }
+
+    log.success('MCP >>> STEP 2: User information retrieved');
+
+    // Step 3: Generate SSH password
+    log.info('MCP >>> STEP 3: Generating SSH password...');
+    const sshPassword = generateRandomPassword();
+    log.success('MCP >>> STEP 3: SSH password generated');
+
+    // Step 4: Prepare environment variables
+    log.info('MCP >>> STEP 4: Preparing environment variables...');
+    const environmentVariables = {
+      GIT_REPO_URL: git_repo_url,
+      GIT_BRANCH: git_branch,
+      GIT_TOKEN: git_token,
+      SSH_PASSWORD: sshPassword,
+      S5_USERNAME: 'developer',
+      APP_PORT: app_port.toString(),
+      SSH_PORT: '22'
+    };
+    log.success('MCP >>> STEP 4: Environment variables prepared');
+    log.debug('MCP >>> Environment variables:', Object.keys(environmentVariables));
+
+    // Step 5: Create Coolify resource with docker-image
+    log.info('MCP >>> STEP 5: Creating Coolify deployment...');
+    const createResult = await apiRequest('POST', '/api/v1/projects', {
+      name: project_name,
+      description: project_description,
+      repository: '', // Not needed for docker-image deployments
+      branch: '',
+      build_pack: 'docker-image',
+      docker_image: 'code.stratus5.com:5050/dollie/dollie/nextjs-dev:latest',
+      environment_variables: environmentVariables,
+      ports_exposes: app_port.toString()
+    }, true);
+
+    if (!createResult.success) {
+      return {
+        content: [{
+          type: 'text',
+          text: JSON.stringify({
+            status: 'error',
+            message: 'Failed to create Dollie deployment',
+            error: createResult.error,
+            step: 'create_coolify_resource'
+          }, null, 2)
+        }]
+      };
+    }
+
+    log.success('MCP >>> STEP 5: Coolify deployment created');
+
+    // Step 6: Extract deployment details
+    const deployment = createResult.data;
+    const appUuid = deployment.coolify_uuid;
+    const appUrl = deployment.url;
+
+    // Parse URL to extract hostname
+    const urlObj = new URL(appUrl);
+    const hostname = urlObj.hostname;
+
+    // Determine SSH port based on node (typically 2201 for all nodes)
+    const sshPort = 2201;
+
+    log.success('MCP >>> Dollie deployment completed successfully');
+
+    return {
+      content: [{
+        type: 'text',
+        text: JSON.stringify({
+          success: true,
+          deployment: {
+            url: appUrl,
+            ssh: {
+              host: hostname,
+              port: sshPort,
+              username: 'developer',
+              password: sshPassword
+            },
+            status: 'deploying',
+            coolify_uuid: appUuid,
+            project_name: project_name,
+            git_repo: git_repo_url,
+            git_branch: git_branch || 'default',
+            app_port: app_port
+          },
+          next_steps: [
+            `Container is deploying at ${appUrl}`,
+            `SSH access: ssh developer@${hostname} -p ${sshPort}`,
+            `Password: ${sshPassword}`,
+            'The container will:',
+            '  1. Clone your git repository',
+            '  2. Install dependencies (npm/yarn/pnpm)',
+            '  3. Start Next.js dev server',
+            '  4. Enable SSH access',
+            'Wait 2-3 minutes for deployment to complete'
+          ]
+        }, null, 2)
+      }]
+    };
+
+  } catch (error) {
+    log.error('MCP >>> Dollie deployment failed:', error.message);
+    return {
+      content: [{
+        type: 'text',
+        text: JSON.stringify({
+          status: 'error',
+          message: 'Dollie deployment failed',
+          error: error.message
+        }, null, 2)
+      }]
+    };
+  }
+}
+
 // ============================================================================
 // SIMPLIFIED STATUS CHECK
 // ============================================================================
@@ -4767,6 +4966,55 @@ server.setRequestHandler(ListToolsRequestSchema, async () => {
           }
         }
       },
+      {
+        name: 'deploy_dollie',
+        description: 'Deploy a Next.js development container with SSH access for AI-assisted development. Uses the Dollie base image which clones your git repository and runs the dev server. Supports any public git repo or private repos with token authentication.',
+        inputSchema: {
+          type: 'object',
+          properties: {
+            project_name: {
+              type: 'string',
+              description: 'Project name (lowercase alphanumeric with hyphens, e.g., "my-nextjs-app")',
+              pattern: '^[a-z0-9][a-z0-9-]*[a-z0-9]$',
+              minLength: 3
+            },
+            project_description: {
+              type: 'string',
+              description: 'Brief project description (min 10 characters)',
+              minLength: 10
+            },
+            git_repo_url: {
+              type: 'string',
+              description: 'Git repository URL (https://github.com/user/repo.git)',
+              pattern: '^https://.*\\.git$'
+            },
+            git_branch: {
+              type: 'string',
+              description: 'Branch to clone (optional, defaults to repo\'s default branch)'
+            },
+            git_token: {
+              type: 'string',
+              description: 'OAuth token for private repos (optional)'
+            },
+            app_port: {
+              type: 'number',
+              description: 'Next.js port inside container (optional, default: 3000)',
+              default: 3000
+            },
+            email: {
+              type: 'string',
+              description: 'Email for authentication (optional if already authenticated)',
+              pattern: '^[^@]+@[^@]+\\.[^@]+$'
+            },
+            password: {
+              type: 'string',
+              description: 'Password (optional if already authenticated, min 8 characters)',
+              minLength: 8
+            }
+          },
+          required: ['project_name', 'project_description', 'git_repo_url']
+        }
+      },
       {
         name: 'mlgym_help',
         description: 'Display all available MLGym tools with descriptions and usage examples. Use this to discover what operations you can perform.',
@@ -4902,13 +5150,18 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
         result = await rollback(args);
         break;
 
+      case 'deploy_dollie':
+        log.info(`Deploying Dollie development container...`);
+        result = await deployDollie(args);
+        break;
+
       case 'mlgym_help':
         log.info(`Showing help...`);
         result = await showHelp(args);
         break;
 
       default:
-        throw new Error(`Unknown tool: ${name}. Available tools: mlgym_deploy, mlgym_status, mlgym_deploy_logs, mlgym_user_create, mlgym_auth_login, mlgym_set_env_vars, mlgym_set_health_check, mlgym_set_domain, mlgym_set_deployment_commands, mlgym_deploy_manual, mlgym_set_options, mlgym_rollback`);
+        throw new Error(`Unknown tool: ${name}. Available tools: mlgym_deploy, mlgym_status, mlgym_deploy_logs, deploy_dollie, mlgym_user_create, mlgym_auth_login, mlgym_set_env_vars, mlgym_set_health_check, mlgym_set_domain, mlgym_set_deployment_commands, mlgym_deploy_manual, mlgym_set_options, mlgym_rollback`);
     }
 
     const duration = Date.now() - startTime;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mlgym-deploy",
-  "version": "3.3.41",
+  "version": "3.3.42",
   "description": "MCP server for MLGym - Complete deployment management: deploy, configure, monitor, and rollback applications",
   "main": "index.js",
   "type": "module",
@@ -80,6 +80,10 @@
         "name": "mlgym_rollback",
         "description": "Rollback to previous deployment"
       },
+      {
+        "name": "deploy_dollie",
+        "description": "Deploy Next.js development container with SSH access using pre-built Dollie image"
+      },
       {
         "name": "mlgym_help",
         "description": "Display all available tools with descriptions and usage examples"

package/tests/README.md

@@ -13,7 +13,8 @@ tests/
 ├── mlgym_auth_logout_test.sh         # ✅ 8 tests (auth_logout)
 ├── mlgym_project_init_test.sh        # ✅ 6 tests (project_init)
 ├── mlgym_projects_list_test.sh       # ✅ 6 tests (projects_list)
-└── mlgym_projects_get_test.sh        # ✅ 7 tests (projects_get)
+├── mlgym_projects_get_test.sh        # ✅ 7 tests (projects_get)
+└── deploy_dollie_test.sh             # ✅ 20 tests (deploy_dollie)
 ```
 
 ## Running Tests
@@ -32,7 +33,7 @@ cd mcp-server
 
 ## Test Coverage
 
-### Completed (6 functions, 62 total tests)
+### Completed (7 functions, 82 total tests)
 - ✅ **mlgym_auth_login** (15 tests)
   - Valid/invalid credentials, SQL injection, XSS, buffer overflow, token storage
 - ✅ **mlgym_user_create** (20 tests)
@@ -45,6 +46,10 @@ cd mcp-server
   - List projects, user isolation, response format
 - ✅ **mlgym_projects_get** (7 tests)
   - Get project details, validation, non-existent projects
+- ✅ **deploy_dollie** (20 tests)
+  - Authentication, deployment workflow, public repos, custom ports/branches
+  - Required fields, validation, security (SQL injection, XSS, buffer overflow)
+  - Response format, SSH password strength
 
 ### Remaining (37 functions)
 See TODO.md for priority order and testing plan.

package/tests/deploy_dollie_test.sh

@@ -0,0 +1,199 @@
+#!/bin/bash
+# Comprehensive test suite for deploy_dollie
+# Tests functional requirements, edge cases, and security
+
+set -e
+
+PASSED=0
+FAILED=0
+
+echo "=== deploy_dollie Comprehensive Test Suite ==="
+echo ""
+
+# Helper to run test
+run_test() {
+    local test_name="$1"
+    local project_name="$2"
+    local project_description="$3"
+    local git_repo_url="$4"
+    local git_branch="$5"
+    local app_port="$6"
+    local expected_result="$7"  # "success" or "error"
+
+    # Build JSON request
+    local branch_field=""
+    if [ -n "$git_branch" ]; then
+        branch_field=",\"git_branch\":\"$git_branch\""
+    fi
+
+    local port_field=""
+    if [ -n "$app_port" ]; then
+        port_field=",\"app_port\":$app_port"
+    fi
+
+    local req="{\"jsonrpc\":\"2.0\",\"method\":\"tools/call\",\"params\":{\"name\":\"deploy_dollie\",\"arguments\":{\"project_name\":\"$project_name\",\"project_description\":\"$project_description\",\"git_repo_url\":\"$git_repo_url\"$branch_field$port_field}},\"id\":99}"
+    local resp=$(echo "$req" | node index.js 2>/dev/null | tail -1)
+
+    # Check for deployment details (success) or error message
+    local content=$(echo "$resp" | jq -r '.result.content[0].text' 2>/dev/null)
+    local success=$(echo "$content" | jq -r '.success' 2>/dev/null)
+    local error_msg=$(echo "$content" | jq -r '.message' 2>/dev/null)
+
+    if [ "$expected_result" = "success" ]; then
+        if [ "$success" = "true" ]; then
+            local ssh_host=$(echo "$content" | jq -r '.deployment.ssh.host' 2>/dev/null)
+            local ssh_password=$(echo "$content" | jq -r '.deployment.ssh.password' 2>/dev/null)
+            echo "✅ $test_name (host: $ssh_host, password: ${ssh_password:0:8}...)"
+            PASSED=$((PASSED + 1))
+        else
+            echo "❌ $test_name (expected deployment success, got: $error_msg)"
+            FAILED=$((FAILED + 1))
+        fi
+    else
+        # Expected error
+        if echo "$content" | grep -qE "error|missing|required|invalid|must|Authentication"; then
+            echo "✅ $test_name"
+            PASSED=$((PASSED + 1))
+        else
+            echo "❌ $test_name (expected error, got success or no error)"
+            FAILED=$((FAILED + 1))
+        fi
+    fi
+}
+
+# Test 1: Authentication check - should fail without auth
+echo "Test 1: Deployment without authentication"
+TEST_PROJECT="dollie-test-$(date +%s)"
+run_test "Deployment without auth" "$TEST_PROJECT" "Test deployment without authentication" "https://github.com/vercel/next.js.git" "canary" "3000" "error"
+
+# Test 2: Authenticate first
+echo "Test 2: Authenticate with test account"
+LOGIN_REQ='{"jsonrpc":"2.0","method":"tools/call","params":{"name":"mlgym_auth_login","arguments":{"email":"test-dollie@ezb.net","password":"TestPassword123!"}},"id":100}'
+LOGIN_RESP=$(echo "$LOGIN_REQ" | node index.js 2>/dev/null | tail -1)
+LOGIN_STATUS=$(echo "$LOGIN_RESP" | jq -r '.result.content[0].text' | jq -r '.status' 2>/dev/null)
+
+if [ "$LOGIN_STATUS" = "authenticated" ]; then
+    echo "✅ Test 2: Authentication successful"
+    PASSED=$((PASSED + 1))
+else
+    # Try to create the user first
+    echo "Creating test user..."
+    CREATE_REQ='{"jsonrpc":"2.0","method":"tools/call","params":{"name":"mlgym_user_create","arguments":{"email":"test-dollie@ezb.net","name":"Dollie Test User","password":"TestPassword123!","accept_terms":true}},"id":101}'
+    CREATE_RESP=$(echo "$CREATE_REQ" | node index.js 2>/dev/null | tail -1)
+
+    # Try login again
+    LOGIN_RESP=$(echo "$LOGIN_REQ" | node index.js 2>/dev/null | tail -1)
+    LOGIN_STATUS=$(echo "$LOGIN_RESP" | jq -r '.result.content[0].text' | jq -r '.status' 2>/dev/null)
+
+    if [ "$LOGIN_STATUS" = "authenticated" ]; then
+        echo "✅ Test 2: Authentication successful (after user creation)"
+        PASSED=$((PASSED + 1))
+    else
+        echo "⚠️  Test 2: Could not authenticate - skipping authenticated tests"
+        FAILED=$((FAILED + 1))
+    fi
+fi
+
+# Test 3: Valid deployment with public repo
+echo "Test 3: Valid deployment with public GitHub repo"
+TEST_PROJECT="dollie-valid-$(date +%s)"
+run_test "Valid public repo deployment" "$TEST_PROJECT" "Test Next.js deployment from public repo" "https://github.com/vercel/next-learn.git" "main" "3000" "success"
+
+# Test 4: Missing project_name
+run_test "Missing project_name" "" "Test deployment" "https://github.com/vercel/next.js.git" "" "" "error"
+
+# Test 5: Missing project_description
+run_test "Missing description" "test-project" "" "https://github.com/vercel/next.js.git" "" "" "error"
+
+# Test 6: Missing git_repo_url
+run_test "Missing git repo URL" "test-project" "Test deployment" "" "" "" "error"
+
+# Test 7: Invalid project_name format (uppercase)
+run_test "Invalid project name (uppercase)" "INVALID-NAME" "Test deployment" "https://github.com/vercel/next.js.git" "" "" "error"
+
+# Test 8: Invalid project_name format (spaces)
+run_test "Invalid project name (spaces)" "invalid name" "Test deployment" "https://github.com/vercel/next.js.git" "" "" "error"
+
+# Test 9: Short project_name (< 3 chars)
+run_test "Short project name" "ab" "Test deployment" "https://github.com/vercel/next.js.git" "" "" "error"
+
+# Test 10: Short project_description (< 10 chars)
+run_test "Short description" "test-project" "Short" "https://github.com/vercel/next.js.git" "" "" "error"
+
+# Test 11: Invalid git URL format (not https)
+run_test "Invalid git URL (not https)" "test-project" "Test deployment" "git@github.com:vercel/next.js.git" "" "" "error"
+
+# Test 12: Invalid git URL format (no .git)
+run_test "Invalid git URL (no .git)" "test-project" "Test deployment" "https://github.com/vercel/next.js" "" "" "error"
+
+# Test 13: Custom app_port
+echo "Test 13: Custom app_port (8080)"
+TEST_PROJECT="dollie-port-$(date +%s)"
+run_test "Custom app port 8080" "$TEST_PROJECT" "Test deployment with custom port" "https://github.com/vercel/next-learn.git" "main" "8080" "success"
+
+# Test 14: Custom git_branch
+echo "Test 14: Custom git_branch"
+TEST_PROJECT="dollie-branch-$(date +%s)"
+run_test "Custom git branch" "$TEST_PROJECT" "Test deployment with custom branch" "https://github.com/vercel/next-learn.git" "canary" "3000" "success"
+
+# Test 15: SQL injection in project_name
+run_test "SQL injection (project_name)" "'; DROP TABLE applications;--" "Test deployment" "https://github.com/vercel/next.js.git" "" "" "error"
+
+# Test 16: SQL injection in git_repo_url
+run_test "SQL injection (git_repo_url)" "test-project" "Test deployment" "https://github.com/vercel/next.js.git'; DROP TABLE--" "" "" "error"
+
+# Test 17: XSS attempt in project_description
+run_test "XSS attempt (description)" "test-project" "<script>alert('XSS')</script>" "https://github.com/vercel/next.js.git" "" "" "success"
+
+# Test 18: Buffer overflow in project_name
+echo "Test 18: Buffer overflow (very long project_name)"
+LONG_NAME=$(python3 -c "print('a' * 1000)")
+run_test "Buffer overflow (project_name)" "$LONG_NAME" "Test deployment" "https://github.com/vercel/next.js.git" "" "" "error"
+
+# Test 19: Response format validation
+echo "Test 19: Response format validation"
+TEST_PROJECT="dollie-format-$(date +%s)"
+REQ="{\"jsonrpc\":\"2.0\",\"method\":\"tools/call\",\"params\":{\"name\":\"deploy_dollie\",\"arguments\":{\"project_name\":\"$TEST_PROJECT\",\"project_description\":\"Test deployment for response format validation\",\"git_repo_url\":\"https://github.com/vercel/next-learn.git\",\"git_branch\":\"main\"}},\"id\":102}"
+RESP=$(echo "$REQ" | node index.js 2>/dev/null | tail -1)
+CONTENT=$(echo "$RESP" | jq -r '.result.content[0].text')
+
+HAS_SUCCESS=$(echo "$CONTENT" | jq -e '.success' > /dev/null 2>&1 && echo "yes" || echo "no")
+HAS_URL=$(echo "$CONTENT" | jq -e '.deployment.url' > /dev/null 2>&1 && echo "yes" || echo "no")
+HAS_SSH=$(echo "$CONTENT" | jq -e '.deployment.ssh' > /dev/null 2>&1 && echo "yes" || echo "no")
+HAS_SSH_HOST=$(echo "$CONTENT" | jq -e '.deployment.ssh.host' > /dev/null 2>&1 && echo "yes" || echo "no")
+HAS_SSH_PORT=$(echo "$CONTENT" | jq -e '.deployment.ssh.port' > /dev/null 2>&1 && echo "yes" || echo "no")
+HAS_SSH_USERNAME=$(echo "$CONTENT" | jq -e '.deployment.ssh.username' > /dev/null 2>&1 && echo "yes" || echo "no")
+HAS_SSH_PASSWORD=$(echo "$CONTENT" | jq -e '.deployment.ssh.password' > /dev/null 2>&1 && echo "yes" || echo "no")
+
+if [ "$HAS_SUCCESS" = "yes" ] && [ "$HAS_URL" = "yes" ] && [ "$HAS_SSH" = "yes" ] && [ "$HAS_SSH_HOST" = "yes" ] && [ "$HAS_SSH_PORT" = "yes" ] && [ "$HAS_SSH_USERNAME" = "yes" ] && [ "$HAS_SSH_PASSWORD" = "yes" ]; then
+    echo "✅ Test 19: Response format valid"
+    PASSED=$((PASSED + 1))
+else
+    echo "❌ Test 19: Response format invalid (success:$HAS_SUCCESS, url:$HAS_URL, ssh:$HAS_SSH, host:$HAS_SSH_HOST, port:$HAS_SSH_PORT, user:$HAS_SSH_USERNAME, pass:$HAS_SSH_PASSWORD)"
+    FAILED=$((FAILED + 1))
+fi
+
+# Test 20: SSH password strength validation
+echo "Test 20: SSH password strength validation"
+SSH_PASSWORD=$(echo "$CONTENT" | jq -r '.deployment.ssh.password')
+PASSWORD_LENGTH=${#SSH_PASSWORD}
+if [ $PASSWORD_LENGTH -ge 16 ]; then
+    echo "✅ Test 20: SSH password is strong (length: $PASSWORD_LENGTH)"
+    PASSED=$((PASSED + 1))
+else
+    echo "❌ Test 20: SSH password is weak (length: $PASSWORD_LENGTH, expected >= 16)"
+    FAILED=$((FAILED + 1))
+fi
+
+echo ""
+echo "==============================================="
+echo "RESULTS: $PASSED passed, $FAILED failed (Total: $((PASSED + FAILED)))"
+echo "==============================================="
+
+if [ $FAILED -eq 0 ]; then
+    echo "✅ ALL TESTS PASSED"
+    exit 0
+else
+    echo "⚠️  SOME TESTS FAILED"
+    exit 1
+fi