316c2c4275
check-and-test / check-and-test (pull_request) Has been cancelled
Closes #13. Today GITEA_DEBUG=true only flips the zap level to debug, dumps a contextless `Text Result:` blob per tool call, and enables the gitea SDK's own debug stream (which doesn't merge with our log file). That is not enough to diagnose a misbehaving tool call in production. This change introduces: - A `pkg/middleware.ToolLogging` ToolHandlerMiddleware that logs each tool invocation on entry and exit with structured fields: tool name, redacted args, request_id, token source, duration_ms, and status. The request_id is stashed in the context so downstream layers can correlate. - A `loggingRoundTripper` in `pkg/gitea` that wraps the shared HTTP transport and emits one structured line per upstream Gitea API call (method, token-stripped URL, status, duration_ms, bytes). This replaces — and is far more useful than — `gitea.SetDebugMode()`. - An effective-config dump at startup (`logEffectiveConfig`) when debug+config scope is on, so "did my env var get picked up?" becomes answerable from the log file. - Token source tracking. CLI flag / GITEA_ACCESS_TOKEN / GITEA_ACCESS_TOKEN_FILE / per-request Authorization header are now distinguished in logs as flag/env/env-file/header. - A baseline redactor in `pkg/debug` that masks args / query params whose keys look like secrets (token, password, secret, api_key, authorization, …). This is the placeholder for issue #5's shared redactor; once that lands, callers here should defer to it. - `GITEA_DEBUG_SCOPES` env var to scope debug output to any subset of `tools,http,config`. Default (unset) is "everything". Test coverage was added for the redactor, scope flag, request-id helpers, preview truncation (multibyte-safe), and the middleware's context wiring + error propagation. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
188 lines
5.4 KiB
Go
188 lines
5.4 KiB
Go
package operation
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
"fmt"
|
|
"net/http"
|
|
"os"
|
|
"os/signal"
|
|
"strings"
|
|
"syscall"
|
|
"time"
|
|
|
|
"gitea.com/gitea/gitea-mcp/operation/actions"
|
|
"gitea.com/gitea/gitea-mcp/operation/issue"
|
|
"gitea.com/gitea/gitea-mcp/operation/label"
|
|
"gitea.com/gitea/gitea-mcp/operation/milestone"
|
|
"gitea.com/gitea/gitea-mcp/operation/notification"
|
|
"gitea.com/gitea/gitea-mcp/operation/packages"
|
|
"gitea.com/gitea/gitea-mcp/operation/pull"
|
|
"gitea.com/gitea/gitea-mcp/operation/repo"
|
|
"gitea.com/gitea/gitea-mcp/operation/search"
|
|
"gitea.com/gitea/gitea-mcp/operation/timetracking"
|
|
"gitea.com/gitea/gitea-mcp/operation/user"
|
|
"gitea.com/gitea/gitea-mcp/operation/version"
|
|
"gitea.com/gitea/gitea-mcp/operation/wiki"
|
|
mcpContext "gitea.com/gitea/gitea-mcp/pkg/context"
|
|
"gitea.com/gitea/gitea-mcp/pkg/flag"
|
|
"gitea.com/gitea/gitea-mcp/pkg/log"
|
|
"gitea.com/gitea/gitea-mcp/pkg/middleware"
|
|
"gitea.com/gitea/gitea-mcp/pkg/tool"
|
|
|
|
"github.com/mark3labs/mcp-go/server"
|
|
"go.uber.org/zap"
|
|
)
|
|
|
|
var (
|
|
mcpServer *server.MCPServer
|
|
|
|
domainTools = []*tool.Tool{
|
|
user.Tool, actions.Tool, repo.Tool, notification.Tool, issue.Tool,
|
|
label.Tool, milestone.Tool, packages.Tool, pull.Tool, search.Tool,
|
|
version.Tool, wiki.Tool, timetracking.Tool,
|
|
}
|
|
)
|
|
|
|
func RegisterTool(s *server.MCPServer) {
|
|
for _, t := range domainTools {
|
|
s.AddTools(t.Tools()...)
|
|
}
|
|
tool.WarnUnmatchedAllowedTools(domainTools...)
|
|
}
|
|
|
|
// parseAuthToken extracts the token from an Authorization header.
|
|
// Supports "Bearer <token>" (case-insensitive per RFC 7235) and
|
|
// Gitea-style "token <token>" formats.
|
|
// Returns the token and true if valid, empty string and false otherwise.
|
|
func parseAuthToken(authHeader string) (string, bool) {
|
|
if len(authHeader) > 7 && strings.EqualFold(authHeader[:7], "Bearer ") {
|
|
token := strings.TrimSpace(authHeader[7:])
|
|
if token != "" {
|
|
return token, true
|
|
}
|
|
}
|
|
if len(authHeader) > 6 && strings.EqualFold(authHeader[:6], "token ") {
|
|
token := strings.TrimSpace(authHeader[6:])
|
|
if token != "" {
|
|
return token, true
|
|
}
|
|
}
|
|
return "", false
|
|
}
|
|
|
|
func getContextWithToken(ctx context.Context, r *http.Request) context.Context {
|
|
authHeader := r.Header.Get("Authorization")
|
|
if authHeader == "" {
|
|
return ctx
|
|
}
|
|
|
|
token, ok := parseAuthToken(authHeader)
|
|
if !ok {
|
|
return ctx
|
|
}
|
|
|
|
ctx = context.WithValue(ctx, mcpContext.TokenContextKey, token)
|
|
// Mark per-request header tokens so debug logs can show whether a tool
|
|
// call was authenticated via the header (per-request) or fell through
|
|
// to the process-wide flag/env token.
|
|
ctx = context.WithValue(ctx, mcpContext.TokenSourceContextKey, "header")
|
|
return ctx
|
|
}
|
|
|
|
func Run() error {
|
|
mcpServer = newMCPServer(flag.Version)
|
|
RegisterTool(mcpServer)
|
|
logEffectiveConfig()
|
|
switch flag.Mode {
|
|
case "stdio":
|
|
if err := server.ServeStdio(
|
|
mcpServer,
|
|
); err != nil {
|
|
return err
|
|
}
|
|
case "http":
|
|
httpServer := server.NewStreamableHTTPServer(
|
|
mcpServer,
|
|
server.WithLogger(log.Default().Sugar()),
|
|
server.WithHeartbeatInterval(30*time.Second),
|
|
server.WithHTTPContextFunc(getContextWithToken),
|
|
)
|
|
log.Infof("Gitea MCP HTTP server listening on :%d", flag.Port)
|
|
|
|
// Graceful shutdown setup
|
|
sigCh := make(chan os.Signal, 1)
|
|
signal.Notify(sigCh, os.Interrupt, syscall.SIGTERM)
|
|
shutdownDone := make(chan struct{})
|
|
|
|
go func() {
|
|
<-sigCh
|
|
log.Infof("Shutdown signal received, gracefully stopping HTTP server...")
|
|
shutdownCtx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
|
|
defer cancel()
|
|
if err := httpServer.Shutdown(shutdownCtx); err != nil {
|
|
log.Errorf("HTTP server shutdown error: %v", err)
|
|
}
|
|
close(shutdownDone)
|
|
}()
|
|
|
|
if err := httpServer.Start(fmt.Sprintf(":%d", flag.Port)); err != nil && !errors.Is(err, http.ErrServerClosed) {
|
|
return err
|
|
}
|
|
<-shutdownDone // Wait for shutdown to finish
|
|
default:
|
|
return fmt.Errorf("invalid transport type: %s. Must be 'stdio' or 'http'", flag.Mode)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func newMCPServer(version string) *server.MCPServer {
|
|
return server.NewMCPServer(
|
|
"Gitea MCP Server",
|
|
version,
|
|
server.WithToolCapabilities(true),
|
|
server.WithLogging(),
|
|
server.WithRecovery(),
|
|
// ToolLogging emits structured entry/exit logs and attaches a
|
|
// request_id + tool name to the context so downstream layers
|
|
// (the gitea RoundTripper, pkg/to result logging) can correlate.
|
|
server.WithToolHandlerMiddleware(middleware.ToolLogging),
|
|
)
|
|
}
|
|
|
|
// logEffectiveConfig records the runtime configuration once at startup
|
|
// when debug mode is on. This makes "did my env var actually take effect?"
|
|
// answerable from the log file without having to instrument the process.
|
|
//
|
|
// Token *values* are never logged — only the source (flag / env / env-file)
|
|
// so the operator can tell which auth path was taken.
|
|
func logEffectiveConfig() {
|
|
if !flag.DebugScopeEnabled("config") {
|
|
return
|
|
}
|
|
tokenSource := flag.TokenSource
|
|
if tokenSource == "" {
|
|
tokenSource = "none"
|
|
}
|
|
scopes := "all"
|
|
if len(flag.DebugScopes) > 0 {
|
|
keys := make([]string, 0, len(flag.DebugScopes))
|
|
for k := range flag.DebugScopes {
|
|
keys = append(keys, k)
|
|
}
|
|
scopes = strings.Join(keys, ",")
|
|
}
|
|
log.Info("gitea-mcp effective config",
|
|
zap.String("version", flag.Version),
|
|
zap.String("host", flag.Host),
|
|
zap.String("mode", flag.Mode),
|
|
zap.Int("port", flag.Port),
|
|
zap.Bool("read_only", flag.ReadOnly),
|
|
zap.Bool("insecure", flag.Insecure),
|
|
zap.Bool("debug", flag.Debug),
|
|
zap.String("debug_scopes", scopes),
|
|
zap.String("token_source", tokenSource),
|
|
zap.Int("allowed_tools", len(flag.AllowedTools)),
|
|
)
|
|
}
|