npm - venafi-connector-machine - Versions diffs - 1.0.0 - Mend

venafi-connector-machine 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/README.md ADDED Viewed

@@ -0,0 +1,93 @@
+# venafi-connector-machine
+An MCP (Model Context Protocol) server that provides machine connector-specific knowledge, templates, and tools for building **Venafi TLS Protect Cloud machine connectors**.
+Use this with Claude Code or any MCP-compatible AI assistant to get expert guidance on SSH and REST API machine connectors — discovery, provisioning, manifest design, and all the gotchas.
+## What's Inside
+| Tool | Description |
+|---|---|
+| `get_machine_manifest` | Complete machine connector manifest.json template with all sections explained |
+| `get_machine_domain_types` | Go domain types: Connection, Keystore, Binding, CertificateBundle, Client |
+| `get_machine_endpoints` | Handler and service interface templates for all 5 endpoints |
+| `get_machine_best_practices` | 28+ lessons learned from building production connectors |
+| `get_ssh_client_pattern` | SSH client abstraction: Connect, RunCommand, WriteFile, ReadFile |
+| `get_rest_client_pattern` | REST API client: multi-auth, 3-service decomposition, uber/fx DI |
+### 5 Machine Connector Endpoints
+| Endpoint | Purpose |
+|---|---|
+| `testConnection` | Validate connectivity to the target system |
+| `discoverCertificates` | Find certificates on the target (paginated) |
+| `installCertificateBundle` | Write cert + chain + key to the target |
+| `configureInstallationEndpoint` | Apply the certificate (restart service) |
+| `getTargetConfiguration` | Return target system info for dynamic UI dropdowns |
+### 28 Lessons Learned
+Covering SSH and REST API patterns from all machine connector projects:
+- DER→PEM conversion, DER→PKCS12 conversion, key type detection
+- Discovery pagination, `discoveryPage: null` vs `{}`, response `messages` key
+- `x-primaryKey` UI visibility, empty values causing silent MI drops
+- OAuth2 token exchange (JSON vs form-urlencoded body formats)
+- Null-safe JSON arrays, binding must never be nil
+- Discovery label rules (`title` vs `x-labelLocalizationKey`)
+- Per-profile enrichment patterns, retired certificate handling
+- And more...
+## Setup
+### Claude Code
+Add to your project's `.claude/settings.json`:
+```json
+{
+  "mcpServers": {
+    "venafi-connector-machine": {
+      "command": "npx",
+      "args": ["-y", "venafi-connector-machine"]
+    }
+  }
+}
+```
+Best used alongside the core MCP:
+```json
+{
+  "mcpServers": {
+    "venafi-connector-core": {
+      "command": "npx",
+      "args": ["-y", "venafi-connector-core"]
+    },
+    "venafi-connector-machine": {
+      "command": "npx",
+      "args": ["-y", "venafi-connector-machine"]
+    }
+  }
+}
+```
+## Built From Experience
+Knowledge extracted from building these machine connectors:
+| Connector | Connection | Key Patterns |
+|---|---|---|
+| **Splunk** | SSH | Combined PEM, heredoc file writing, systemctl restart |
+| **FortiGate** | REST API | PKCS12 provisioning, multi-VDOM discovery, API token auth |
+| **IBM APIC** | REST API | OAuth2 token exchange, per-profile enrichment, PATCH vs PUT |
+| **IBM DataPower** | REST API | PKCS12 provisioning, REST client patterns |
+## Related Packages
+- [`venafi-connector-core`](https://www.npmjs.com/package/venafi-connector-core) — Shared architecture, templates, deployment, troubleshooting
+- [`venafi-connector-ca`](https://www.npmjs.com/package/venafi-connector-ca) — CA connector endpoints, certificate issuance/import/revocation
+## License
+Apache-2.0