datasecops-cli 0.4.9__tar.gz → 0.5.1__tar.gz

datasecops_cli-0.5.1/.github/workflows/test.yml

@@ -0,0 +1,28 @@
+name: Test
+
+on:
+  pull_request:
+    branches: [main]
+
+jobs:
+  test:
+    name: Test (Python ${{ matrix.python-version }})
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: ['3.11', '3.12', '3.13']
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+
+      - name: Install package with test dependencies
+        run: pip install -e ".[test]"
+
+      - name: Run tests
+        run: pytest --tb=short

{datasecops_cli-0.4.9 → datasecops_cli-0.5.1}/CHANGELOG.md

@@ -2,6 +2,34 @@
 
 All notable changes to the DataSecOps CLI are documented in this file.
 
+## [0.5.1] - 2026-06-04
+
+### Added
+
+- **MCP server CLI arguments** — `datasecops-mcp` now accepts `--connection-name` and `--app-database` arguments, eliminating the dependency on `.datasecops.yml` being in the working directory. This fixes connection failures when AI tools (Cortex Code, Cursor, etc.) launch the MCP server from a different working directory.
+- **`init_snowflake_service()` function** — new public API in `datasecops_mcp.connection` to pre-initialize the Snowflake service singleton with explicit parameters.
+
+### Changed
+
+- **MCP registration passes connection details** — all CLI paths that register the MCP server (setup, configuration menu, downloads menu) now pass `--connection-name` and `--app-database` to the registration command and `mcp.json` args.
+- **`DownloadsMenu` accepts `datasecops_config`** — the downloads menu now receives the `DatasecopsConfig` so it can pass connection details during MCP server registration.
+
+## [0.5.0] - 2026-05-21
+
+### Added
+
+- **Work Items MCP tool** — new `get_work_items_config` tool in the MCP server returns the configured ticket system (Azure DevOps, Jira, or GitHub Issues), whether ticket numbers are required, and system-specific connection details. Used by the `new-branch` skill.
+- **WorkItems model** — new `WorkItems` model in `project_config.py` stores ticket system configuration separately from source control.
+
+### Changed
+
+- **`ticket_number_required` moved from Source Control to Work Items** — the ticket requirement is now part of the WORK_ITEMS configuration (separate from SOURCE_CONTROL). The `get_branching_rules` MCP tool no longer includes this field; use `get_work_items_config` instead.
+- **Branch format default updated** — default branch format changed from `{branch_type}/{branch_name}` to `{branch_type}/{ticket_name}_{name}` with explicit placeholders for ticket and description.
+- **Branch creation uses `str.replace()` instead of `str.format()`** — supports the new `{ticket_name}` and `{name}` placeholders in branch format without breaking on missing keys.
+- **`validate_branch_name` reads ticket requirement from WORK_ITEMS** — the MCP validation tool now queries the WORK_ITEMS config for `ticket_number_required` instead of SOURCE_CONTROL.
+- **Config class loads WORK_ITEMS** — `Config.load_from_native_app()` now also fetches the WORK_ITEMS configuration.
+- **Git operations menu accepts work_items** — `GitOperationsMenu` now receives `WorkItems` to determine ticket enforcement during branch creation.
+
 ## [0.4.9] - 2026-05-21
 
 ### Added

{datasecops_cli-0.4.9 → datasecops_cli-0.5.1}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: datasecops-cli
-Version: 0.4.9
+Version: 0.5.1
 Summary: DataSecOps Framework CLI for Snowflake Native App
 License-Expression: MIT
 License-File: LICENSE
@@ -161,7 +161,7 @@ The package includes an MCP (Model Context Protocol) server that exposes your fr
 **Cortex Code:**
 
 ```bash
-cortex mcp add datasecops-framework -- datasecops-mcp
+cortex mcp add datasecops-framework -- datasecops-mcp --connection-name <CONNECTION> --app-database <APP_DB>
 ```
 
 **VS Code / Cursor** — add to `.vscode/mcp.json` or `.cursor/mcp.json`:
@@ -171,7 +171,7 @@ cortex mcp add datasecops-framework -- datasecops-mcp
   "mcpServers": {
     "datasecops-framework": {
       "command": "datasecops-mcp",
-      "args": []
+      "args": ["--connection-name", "<CONNECTION>", "--app-database", "<APP_DB>"]
     }
   }
 }

{datasecops_cli-0.4.9 → datasecops_cli-0.5.1}/README.md

@@ -142,7 +142,7 @@ The package includes an MCP (Model Context Protocol) server that exposes your fr
 **Cortex Code:**
 
 ```bash
-cortex mcp add datasecops-framework -- datasecops-mcp
+cortex mcp add datasecops-framework -- datasecops-mcp --connection-name <CONNECTION> --app-database <APP_DB>
 ```
 
 **VS Code / Cursor** — add to `.vscode/mcp.json` or `.cursor/mcp.json`:
@@ -152,7 +152,7 @@ cortex mcp add datasecops-framework -- datasecops-mcp
   "mcpServers": {
     "datasecops-framework": {
       "command": "datasecops-mcp",
-      "args": []
+      "args": ["--connection-name", "<CONNECTION>", "--app-database", "<APP_DB>"]
     }
   }
 }

{datasecops_cli-0.4.9 → datasecops_cli-0.5.1}/docs/getting-started.md

@@ -156,7 +156,7 @@ Create `.vscode/mcp.json` in your project root:
   "mcpServers": {
     "datasecops-framework": {
       "command": "datasecops-mcp",
-      "args": []
+      "args": ["--connection-name", "<CONNECTION>", "--app-database", "<APP_DB>"]
     },
     "dbt": {
       "command": "uvx",
@@ -185,7 +185,7 @@ For Azure DevOps instead of GitHub:
   "mcpServers": {
     "datasecops-framework": {
       "command": "datasecops-mcp",
-      "args": []
+      "args": ["--connection-name", "<CONNECTION>", "--app-database", "<APP_DB>"]
     },
     "dbt": {
       "command": "uvx",
@@ -219,7 +219,7 @@ Add servers from the command line:
 
 ```bash
 # DataSecOps Framework
-cortex mcp add datasecops-framework -- datasecops-mcp
+cortex mcp add datasecops-framework -- datasecops-mcp --connection-name <CONNECTION> --app-database <APP_DB>
 
 # dbt
 cortex mcp add dbt -- uvx dbt-mcp

{datasecops_cli-0.4.9 → datasecops_cli-0.5.1}/docs/git-operations.md

@@ -50,12 +50,15 @@ Submenu for branch management operations.
 
 #### New Branch
 
-Creates a branch using the naming convention `{type}/{ticket}_{name}`:
-- Prompts for branch type (feature, bugfix, hotfix — or configured types)
-- Prompts for ticket number (required or optional based on config)
-- Prompts for branch name
+Creates a branch using the configured `branch_format` (default: `{branch_type}/{ticket_name}_{name}`):
+- Prompts for branch type (feature, bugfix, hotfix — or configured types from Source Control settings)
+- Prompts for ticket number (required or optional based on Work Items config `ticket_number_required`)
+- Prompts for branch name (description)
+- Builds the full name using `format_map` with placeholders: `{branch_type}`, `{ticket_name}`, `{name}`, `{branch_name}` (legacy)
 - Creates from `origin/main`, checks out, and pushes with upstream tracking
 
+> **Tip:** Use the `new-branch` Cortex Code skill instead of the CLI menu for an AI-assisted workflow that also fetches ticket details and creates a plan document.
+
 #### Delete Branch
 
 - Cannot delete the current branch

{datasecops_cli-0.4.9 → datasecops_cli-0.5.1}/docs/mcp-server.md

@@ -13,32 +13,25 @@ pip install datasecops-cli[mcp]
 Run the server:
 
 ```bash
-datasecops-mcp
+datasecops-mcp --connection-name <CONNECTION> --app-database <APP_DB>
 ```
 
 The server communicates via stdio transport and is designed to be launched by an MCP client (not run interactively).
 
+If `--connection-name` and `--app-database` are not provided, the server falls back to reading `.datasecops.yml` from the current working directory.
+
 ## Configuring Your AI Tool
 
 ### Cortex Code
 
-Add to your Cortex Code MCP configuration:
-
-```json
-{
-  "mcpServers": {
-    "datasecops-framework": {
-      "command": "datasecops-mcp",
-      "args": []
-    }
-  }
-}
+```bash
+cortex mcp add datasecops-framework -- datasecops-mcp --connection-name <CONNECTION> --app-database <APP_DB>
 ```
 
 ### Claude Code
 
 ```bash
-claude mcp add datasecops-framework datasecops-mcp
+claude mcp add datasecops-framework datasecops-mcp -- --connection-name <CONNECTION> --app-database <APP_DB>
 ```
 
 ### Cursor / VS Code
@@ -50,7 +43,7 @@ Add to `.cursor/mcp.json` or your IDE's MCP settings:
   "mcpServers": {
     "datasecops-framework": {
       "command": "datasecops-mcp",
-      "args": []
+      "args": ["--connection-name", "<CONNECTION>", "--app-database", "<APP_DB>"]
     }
   }
 }
@@ -58,7 +51,7 @@ Add to `.cursor/mcp.json` or your IDE's MCP settings:
 
 ## Prerequisites
 
-The MCP server requires a `.datasecops.yml` file in your project root (the same file used by the `datasecops` CLI):
+The MCP server connects to Snowflake using the connection name specified via CLI arguments (or from `.datasecops.yml`):
 
 ```yaml
 connection_name: my_snowflake_connection
@@ -74,7 +67,8 @@ It uses your Snowflake connection from `~/.snowflake/connections.toml` to authen
 
 | Tool | Description |
 |------|-------------|
-| `get_branching_rules` | Branch types, naming conventions, ticket requirements, merge strategies |
+| `get_branching_rules` | Branch types, naming conventions, environment branches, merge strategies |
+| `get_work_items_config` | Work item system (Azure DevOps / Jira / GitHub Issues), ticket requirement, connection details |
 | `get_linting_rules` | SQLFluff rules (dialect, indentation, enabled rule codes) |
 | `get_dbt_packages` | Approved packages with pinned versions |
 | `get_pipeline_config` | CI/CD pipeline YAML templates (GitHub Actions or Azure DevOps) |
@@ -110,6 +104,11 @@ The MCP server works transparently in the background. When you ask your AI assis
 
 ### Example Interactions
 
+**Starting work on a ticket (using the `new-branch` skill):**
+> "Start work on ticket JIRA-456"
+
+The AI calls `get_branching_rules` for branch format and types, `get_work_items_config` for the ticket system, fetches the ticket details via the platform MCP server (Azure DevOps / Atlassian / GitHub), creates a branch like `feature/JIRA-456_add-customer-dim`, and saves the ticket details to a plan document.
+
 **Creating a branch:**
 > "Create a new branch for ticket JIRA-456 to add a customer dimension model"
 
@@ -166,7 +165,7 @@ For full platform integration (PR creation, CI status, issue tracking), add the
   "mcpServers": {
     "datasecops-framework": {
       "command": "datasecops-mcp",
-      "args": []
+      "args": ["--connection-name", "<CONNECTION>", "--app-database", "<APP_DB>"]
     },
     "github": {
       "command": "npx",
@@ -193,7 +192,7 @@ This enables:
   "mcpServers": {
     "datasecops-framework": {
       "command": "datasecops-mcp",
-      "args": []
+      "args": ["--connection-name", "<CONNECTION>", "--app-database", "<APP_DB>"]
     },
     "azure-devops": {
       "command": "npx",
@@ -212,8 +211,39 @@ This enables:
 - Creating pull requests with templates
 - Checking build pipeline status
 - Linking to work items
+- Managing and updating work items
 - Managing boards and sprints
 
+### Atlassian (Jira)
+
+The Atlassian Rovo MCP Server provides access to Jira, Confluence, and Compass. Authentication is handled via OAuth 2.1 (browser flow) or API token — no local credentials needed.
+
+```json
+{
+  "mcpServers": {
+    "datasecops-framework": {
+      "command": "datasecops-mcp",
+      "args": ["--connection-name", "<CONNECTION>", "--app-database", "<APP_DB>"]
+    },
+    "atlassian": {
+      "url": "https://mcp.atlassian.com/v1/mcp/authv2"
+    }
+  }
+}
+```
+
+Or via CLI:
+
+```bash
+cortex mcp add atlassian https://mcp.atlassian.com/v1/mcp/authv2 --transport http
+```
+
+This enables:
+- Searching, creating, and updating Jira issues
+- Reading Confluence pages for context
+- Querying Compass components and dependencies
+- Linking tickets to branches and PRs
+
 ## Combined Workflow Example
 
 With both the framework MCP server and GitHub MCP server configured, a developer can say:

{datasecops_cli-0.4.9 → datasecops_cli-0.5.1}/mcp-servers.json

@@ -2,7 +2,7 @@
   "mcpServers": {
     "datasecops-framework": {
       "command": "datasecops-mcp",
-      "args": [],
+      "args": ["--connection-name", "<CONNECTION>", "--app-database", "<APP_DB>"],
       "env": {},
       "description": "DataSecOps Framework governance rules, branching conventions, linting config, and project profiles from your Snowflake Native App"
     },

{datasecops_cli-0.4.9 → datasecops_cli-0.5.1}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "datasecops-cli"
-version = "0.4.9"
+version = "0.5.1"
 description = "DataSecOps Framework CLI for Snowflake Native App"
 readme = "README.md"
 requires-python = ">=3.10"

datasecops_cli-0.5.1/src/datasecops_cli/__init__.py

@@ -0,0 +1 @@
+__version__ = "0.5.1"

{datasecops_cli-0.4.9 → datasecops_cli-0.5.1}/src/datasecops_cli/config.py

@@ -2,7 +2,7 @@ from pathlib import Path
 from typing import Optional
 
 from datasecops_cli.models.project_config import (
-    DatasecopsConfig, ProjectSettings, SourceControl, ProjectProfile, DbtTarget
+    DatasecopsConfig, ProjectSettings, SourceControl, WorkItems, ProjectProfile, DbtTarget
 )
 from datasecops_cli.utilities.yaml_utils import read_datasecops_config, read_dbt_project
 from datasecops_cli.utilities.display import error_line, info_line
@@ -15,6 +15,7 @@ class Config:
         self.datasecops: DatasecopsConfig = DatasecopsConfig()
         self.project_settings: ProjectSettings = ProjectSettings()
         self.source_control: SourceControl = SourceControl()
+        self.work_items: WorkItems = WorkItems()
         self.profile: Optional[ProjectProfile] = None
         self.all_profiles: list[ProjectProfile] = []
         self.project_dir: Path = Path.cwd()
@@ -77,6 +78,11 @@ class Config:
             if raw:
                 self.source_control = SourceControl(**{k: v for k, v in raw.items() if k in SourceControl.model_fields})
             
+            # Load work items
+            raw = snowflake_service.get_framework_config("WORK_ITEMS")
+            if raw:
+                self.work_items = WorkItems(**{k: v for k, v in raw.items() if k in WorkItems.model_fields})
+            
             # Load project profiles
             profiles_data = snowflake_service.get_project_profiles()
             if profiles_data:

{datasecops_cli-0.4.9 → datasecops_cli-0.5.1}/src/datasecops_cli/main.py

@@ -175,11 +175,12 @@ def _run_setup(project_dir: Path):
     # --- Connect to Snowflake ---
     info_line("")
     info_line("Connecting to Snowflake...")
-    from datasecops_cli.models.project_config import DatasecopsConfig, ProjectSettings, ProjectProfile, SourceControl
+    from datasecops_cli.models.project_config import DatasecopsConfig, ProjectSettings, ProjectProfile, SourceControl, WorkItems
     temp_config = DatasecopsConfig(connection_name=connection_name, app_database=app_database)
     temp_sf = SnowflakeService(temp_config)
     project_settings = ProjectSettings()
     source_control = SourceControl()
+    work_items = WorkItems()
     matched_profile = None
 
     try:
@@ -196,6 +197,11 @@ def _run_setup(project_dir: Path):
         if raw_sc:
             source_control = SourceControl(**{k: v for k, v in raw_sc.items() if k in SourceControl.model_fields})
 
+        # Load WORK_ITEMS settings (for ticket system and ticket_number_required)
+        raw_wi = temp_sf.get_framework_config("WORK_ITEMS")
+        if raw_wi:
+            work_items = WorkItems(**{k: v for k, v in raw_wi.items() if k in WorkItems.model_fields})
+
         # Get account identifier for MCP URL construction
         account_identifier = ""
         try:
@@ -311,11 +317,16 @@ def _run_setup(project_dir: Path):
             info_line("")
             info_line("Adding MCP servers to Cortex Code...")
             try:
-                subprocess.run(["cortex", "mcp", "add", "datasecops-framework", "--", "datasecops-mcp"],
+                subprocess.run(["cortex", "mcp", "add", "datasecops-framework", "--",
+                                "datasecops-mcp", "--connection-name", connection_name,
+                                "--app-database", app_database],
                                capture_output=True, text=True)
                 success_line("Added datasecops-framework MCP server")
             except FileNotFoundError:
-                warning_line("cortex not found — run manually: cortex mcp add datasecops-framework -- datasecops-mcp")
+                warning_line(
+                    "cortex not found — run manually: cortex mcp add datasecops-framework "
+                    f"-- datasecops-mcp --connection-name {connection_name} --app-database {app_database}"
+                )
 
             # Add AI Agent MCP server if enabled
             if ai_agent_mcp_url:
@@ -366,7 +377,10 @@ def _run_setup(project_dir: Path):
             mcp_dir = dir_map.get(tool_choice, ".vscode")
             mcp_path = project_dir / mcp_dir / "mcp.json"
 
-            servers = {"datasecops-framework": {"command": "datasecops-mcp", "args": []}}
+            servers = {"datasecops-framework": {
+                "command": "datasecops-mcp",
+                "args": ["--connection-name", connection_name, "--app-database", app_database],
+            }}
 
             # Add AI Agent MCP server if enabled
             if ai_agent_mcp_url:
@@ -683,7 +697,8 @@ def _main_menu(config: Config, dbt_runner: DbtRunner, git_service: GitService,
         elif option == 2 and git_service:
             git_menu = GitOperationsMenu(
                 git_service, config.source_control,
-                config.get_deployment_branches(), profile_name
+                config.get_deployment_branches(), profile_name,
+                work_items=config.work_items
             )
             git_menu.show()
 
@@ -741,6 +756,7 @@ def _main_menu(config: Config, dbt_runner: DbtRunner, git_service: GitService,
                 profile=config.profile,
                 source_control=config.source_control,
                 all_profiles=config.all_profiles,
+                datasecops_config=config.datasecops,
             )
             dl_menu.show()
 

{datasecops_cli-0.4.9 → datasecops_cli-0.5.1}/src/datasecops_cli/menus/configuration.py

@@ -167,13 +167,19 @@ class ConfigurationMenu:
         info_line("")
         for server in servers:
             if server == "datasecops-framework":
+                conn = self.datasecops_config.connection_name
+                app_db = self.datasecops_config.app_database
                 try:
-                    subprocess.run(["cortex", "mcp", "add", "datasecops-framework",
-                                    "--", "datasecops-mcp"],
+                    subprocess.run(["cortex", "mcp", "add", "datasecops-framework", "--",
+                                    "datasecops-mcp", "--connection-name", conn,
+                                    "--app-database", app_db],
                                    capture_output=True, text=True)
                     success_line("Added datasecops-framework MCP server")
                 except FileNotFoundError:
-                    warning_line("cortex not found — run manually: cortex mcp add datasecops-framework -- datasecops-mcp")
+                    warning_line(
+                        "cortex not found — run manually: cortex mcp add datasecops-framework "
+                        f"-- datasecops-mcp --connection-name {conn} --app-database {app_db}"
+                    )
 
             elif server == "GitHub":
                 token = get_input_string("Enter your GitHub PAT (or press Enter to skip): ", allow_empty=True)
@@ -228,7 +234,12 @@ class ConfigurationMenu:
 
         for server in servers:
             if server == "datasecops-framework":
-                server_config["datasecops-framework"] = {"command": "datasecops-mcp", "args": []}
+                conn = self.datasecops_config.connection_name
+                app_db = self.datasecops_config.app_database
+                server_config["datasecops-framework"] = {
+                    "command": "datasecops-mcp",
+                    "args": ["--connection-name", conn, "--app-database", app_db],
+                }
             elif server == "GitHub":
                 server_config["github"] = {
                     "command": "npx",

{datasecops_cli-0.4.9 → datasecops_cli-0.5.1}/src/datasecops_cli/menus/downloads.py

@@ -3,7 +3,7 @@ import json
 import shutil
 import subprocess
 
-from datasecops_cli.models.project_config import ProjectProfile, ProjectSettings, SourceControl
+from datasecops_cli.models.project_config import DatasecopsConfig, ProjectProfile, ProjectSettings, SourceControl
 from datasecops_cli.services.download_service import DownloadService
 from datasecops_cli.services.skill_service import SkillService
 from datasecops_cli.services.dbt_runner import DbtRunner
@@ -19,7 +19,8 @@ class DownloadsMenu:
     def __init__(self, download_service: DownloadService, skill_service: SkillService,
                  dbt_runner: DbtRunner, profile_name: str, dbt_project_dir: Path,
                  project_settings: ProjectSettings = None, profile: ProjectProfile = None,
-                 source_control: SourceControl = None, all_profiles: list[ProjectProfile] = None):
+                 source_control: SourceControl = None, all_profiles: list[ProjectProfile] = None,
+                 datasecops_config: DatasecopsConfig = None):
         self.downloads = download_service
         self.skills = skill_service
         self.dbt = dbt_runner
@@ -29,6 +30,7 @@ class DownloadsMenu:
         self.profile = profile
         self.source_control = source_control
         self.all_profiles = all_profiles
+        self.datasecops_config = datasecops_config or DatasecopsConfig()
     
     def show(self) -> None:
         self._menu()
@@ -149,13 +151,19 @@ class DownloadsMenu:
         info_line("")
         for server in servers:
             if server == "datasecops-framework":
+                conn = self.datasecops_config.connection_name
+                app_db = self.datasecops_config.app_database
                 try:
-                    subprocess.run(["cortex", "mcp", "add", "datasecops-framework",
-                                    "--", "datasecops-mcp"],
+                    subprocess.run(["cortex", "mcp", "add", "datasecops-framework", "--",
+                                    "datasecops-mcp", "--connection-name", conn,
+                                    "--app-database", app_db],
                                    capture_output=True, text=True)
                     success_line("Added datasecops-framework MCP server")
                 except FileNotFoundError:
-                    warning_line("cortex not found — run manually: cortex mcp add datasecops-framework -- datasecops-mcp")
+                    warning_line(
+                        "cortex not found — run manually: cortex mcp add datasecops-framework "
+                        f"-- datasecops-mcp --connection-name {conn} --app-database {app_db}"
+                    )
 
             elif server == "GitHub":
                 token = get_input_string("Enter your GitHub PAT (or press Enter to skip): ", allow_empty=True)
@@ -210,7 +218,12 @@ class DownloadsMenu:
 
         for server in servers:
             if server == "datasecops-framework":
-                server_config["datasecops-framework"] = {"command": "datasecops-mcp", "args": []}
+                conn = self.datasecops_config.connection_name
+                app_db = self.datasecops_config.app_database
+                server_config["datasecops-framework"] = {
+                    "command": "datasecops-mcp",
+                    "args": ["--connection-name", conn, "--app-database", app_db],
+                }
             elif server == "GitHub":
                 server_config["github"] = {
                     "command": "npx",

{datasecops_cli-0.4.9 → datasecops_cli-0.5.1}/src/datasecops_cli/menus/git_operations.py

@@ -1,5 +1,7 @@
+from collections import defaultdict
+
 from datasecops_cli.services.git_service import GitService
-from datasecops_cli.models.project_config import SourceControl
+from datasecops_cli.models.project_config import SourceControl, WorkItems
 from datasecops_cli.utilities.display import (
     clear, section_header, display_action_header, menu_option,
     get_input_number, get_input_string, get_input_true_false,
@@ -10,9 +12,11 @@ from datasecops_cli.utilities.display import (
 
 class GitOperationsMenu:
     def __init__(self, git_service: GitService, source_control: SourceControl,
-                 deployment_branches: dict[str, str], profile_name: str):
+                 deployment_branches: dict[str, str], profile_name: str,
+                 work_items: WorkItems = None):
         self.git = git_service
         self.source_control = source_control
+        self.work_items = work_items or WorkItems()
         self.deployment_branches = deployment_branches
         self.profile_name = profile_name
 
@@ -106,7 +110,7 @@ class GitOperationsMenu:
             return
 
         ticket = ""
-        if self.source_control.ticket_number_required:
+        if self.work_items.ticket_number_required:
             ticket = get_input_string("Enter ticket number: ")
             if ticket == "0":
                 return
@@ -119,10 +123,13 @@ class GitOperationsMenu:
 
         branch_name = name.replace(" ", "-").lower()
         fmt = self.source_control.branch_format
-        if ticket:
-            full_name = fmt.format(branch_type=selected_type, branch_name=f"{ticket}_{branch_name}")
-        else:
-            full_name = fmt.format(branch_type=selected_type, branch_name=branch_name)
+        ctx = {
+            "branch_type": selected_type,
+            "ticket_name": ticket,
+            "name": branch_name,
+            "branch_name": f"{ticket}_{branch_name}" if ticket else branch_name,
+        }
+        full_name = fmt.format_map(defaultdict(str, ctx))
 
         self.git.create_branch(full_name)
 

{datasecops_cli-0.4.9 → datasecops_cli-0.5.1}/src/datasecops_cli/models/project_config.py

@@ -1,6 +1,9 @@
 from pydantic import BaseModel, Field
 from typing import Optional
 
+# Centralized default branch format used across the CLI and MCP server
+DEFAULT_BRANCH_FORMAT = "{branch_type}/{ticket_name}_{name}"
+
 class DatasecopsConfig(BaseModel):
     """Local .datasecops.yml config."""
     connection_name: str = ""
@@ -60,11 +63,21 @@ class EnvironmentBranch(BaseModel):
 
 class SourceControl(BaseModel):
     branch_types: list[BranchType] = Field(default_factory=list)
-    ticket_number_required: bool = False
-    branch_format: str = "{branch_type}/{branch_name}"
+    branch_format: str = DEFAULT_BRANCH_FORMAT
     source_control_platform: str = "GitHub"
     environments: list[EnvironmentBranch] = Field(default_factory=list)
 
+class WorkItems(BaseModel):
+    system: str = ""  # "azure_devops", "jira", "github_issues", or ""
+    ticket_number_required: bool = False
+    azure_devops_org_url: str = ""
+    azure_devops_project: str = ""
+    azure_devops_auth_method: str = "pat"
+    jira_project_key: str = ""
+    github_owner: str = ""
+    github_repo: str = ""
+    github_auth_method: str = "pat"
+
 class ProjectProfile(BaseModel):
     project_id: int = 0
     profile_name: str = ""

{datasecops_cli-0.4.9 → datasecops_cli-0.5.1}/src/datasecops_mcp/connection.py

@@ -141,6 +141,17 @@ def load_datasecops_config(project_dir: Path = None) -> dict:
 _service: Optional[MCPSnowflakeService] = None
 
 
+def init_snowflake_service(connection_name: str, app_database: str) -> MCPSnowflakeService:
+    """Pre-initialize the Snowflake service with explicit parameters.
+
+    Use this when connection_name and app_database are provided via CLI arguments,
+    bypassing the need for .datasecops.yml in the working directory.
+    """
+    global _service
+    _service = MCPSnowflakeService(connection_name, app_database)
+    return _service
+
+
 def get_snowflake_service(project_dir: Path = None) -> MCPSnowflakeService:
     """Get or create the Snowflake service singleton."""
     global _service

{datasecops_cli-0.4.9 → datasecops_cli-0.5.1}/src/datasecops_mcp/server.py

@@ -11,6 +11,7 @@ import logging
 from mcp.server.fastmcp import FastMCP
 
 from datasecops_mcp.connection import get_snowflake_service
+from datasecops_cli.models.project_config import DEFAULT_BRANCH_FORMAT
 
 logger = logging.getLogger(__name__)
 
@@ -25,7 +26,7 @@ def get_branching_rules() -> str:
     """Get the source control branching rules enforced by the framework.
 
     Returns branch types (feature, hotfix, etc.), naming conventions,
-    environment branches, merge strategies, and whether ticket numbers are required.
+    environment branches, and merge strategies.
     Use this to understand how branches should be created and named.
     """
     sf = get_snowflake_service()
@@ -35,14 +36,30 @@ def get_branching_rules() -> str:
 
     result = {
         "branch_types": raw.get("branch_types", []),
-        "ticket_number_required": raw.get("ticket_number_required", False),
-        "branch_format": raw.get("branch_format", "{branch_type}/{branch_name}"),
+        "branch_format": raw.get("branch_format", DEFAULT_BRANCH_FORMAT),
         "source_control_platform": raw.get("source_control_platform", "GitHub"),
         "environments": raw.get("environments", []),
     }
     return json.dumps(result, indent=2)
 
 
+@mcp.tool()
+def get_work_items_config() -> str:
+    """Get the work item tracking configuration from the framework.
+
+    Returns which ticket system is configured (Azure DevOps, Jira, or GitHub Issues),
+    whether ticket numbers are required in branch names, and the system-specific
+    connection details (org URL, project, etc.).
+    Auth tokens are managed per-user via the CLI — not stored here.
+    """
+    sf = get_snowflake_service()
+    raw = sf.get_framework_config("WORK_ITEMS")
+    if not raw:
+        return json.dumps({"system": "", "ticket_number_required": False})
+
+    return json.dumps(raw, indent=2)
+
+
 @mcp.tool()
 def get_linting_rules() -> str:
     """Get the SQLFluff linting rules configured for this project.
@@ -313,8 +330,11 @@ def validate_branch_name(branch_name: str) -> str:
         return "No source control config found - cannot validate"
 
     branch_types = [bt.get("name", "") for bt in raw.get("branch_types", [])]
-    ticket_required = raw.get("ticket_number_required", False)
-    branch_format = raw.get("branch_format", "{branch_type}/{branch_name}")
+    branch_format = raw.get("branch_format", DEFAULT_BRANCH_FORMAT)
+
+    # Check WORK_ITEMS for ticket requirement
+    work_items = sf.get_framework_config("WORK_ITEMS") or {}
+    ticket_required = work_items.get("ticket_number_required", False)
 
     parts = branch_name.split("/", 1)
     errors = []
@@ -528,6 +548,19 @@ def _find_project_dir() -> "Path":
 
 def main():
     """Run the MCP server via stdio transport."""
+    import argparse
+
+    parser = argparse.ArgumentParser(description="DataSecOps MCP Server")
+    parser.add_argument("--connection-name", help="Snowflake connection name (overrides .datasecops.yml)")
+    parser.add_argument("--app-database", help="Native app database name (overrides .datasecops.yml)")
+    args = parser.parse_args()
+
+    if args.connection_name or args.app_database:
+        if not args.connection_name or not args.app_database:
+            parser.error("--connection-name and --app-database must both be provided")
+        from datasecops_mcp.connection import init_snowflake_service
+        init_snowflake_service(args.connection_name, args.app_database)
+
     mcp.run(transport="stdio")
 
 

{datasecops_cli-0.4.9 → datasecops_cli-0.5.1}/tests/test_models.py

@@ -100,8 +100,7 @@ class TestSourceControl:
     def test_defaults(self):
         sc = SourceControl()
         assert sc.branch_types == []
-        assert sc.ticket_number_required is False
-        assert sc.branch_format == "{branch_type}/{branch_name}"
+        assert sc.branch_format == "{branch_type}/{ticket_name}_{name}"
         assert sc.source_control_platform == "GitHub"
         assert sc.environments == []
 

datasecops_cli-0.4.9/src/datasecops_cli/__init__.py

@@ -1 +0,0 @@
-__version__ = "0.4.8"