Add Poutine MCP Server #346
Conversation
* Updated tool description * Add MCP tool annotations and improve descriptions - Added human-readable titles for all MCP tools - Added tool hint annotations (ReadOnly, Destructive, Idempotent, OpenWorld) - Improved tool descriptions to be more specific about CI/CD pipeline security scanning - Updated descriptions to emphasize supply chain vulnerability detection - analyze_org, analyze_repo, analyze_repo_stale_branches: OpenWorld tools that interact with external SCM providers - analyze_manifest: Closed-world idempotent tool for static analysis 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]> --------- Co-authored-by: Claude <[email protected]>
There was a problem hiding this comment.
Pull Request Overview
This PR adds Model Context Protocol (MCP) server functionality to Poutine, enabling AI assistants and agents to analyze CI/CD pipelines for security vulnerabilities and generate secure pipeline manifests.
Key changes:
- Adds MCP server with four analysis tools for organizations, repositories, stale branches, and manifest validation
- Introduces a "noop" formatter that returns no output for MCP integration
- Implements direct manifest analysis capability for validating CI/CD pipeline security
Reviewed Changes
Copilot reviewed 7 out of 8 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| go.mod | Adds mcp-go dependency and related packages for MCP server functionality |
| formatters/noop/noop.go | New formatter that produces no output, used for MCP server integration |
| cmd/root.go | Adds noop formatter option to existing formatter selection logic |
| cmd/mcp_server.go | Main MCP server implementation with four analysis tools and their handlers |
| cmd/handle_analyze_manifest_test.go | Comprehensive test suite for the manifest analysis MCP tool |
| analyze/analyze_test.go | Unit tests for the direct manifest analysis functionality |
| analyze/analyze.go | Implements AnalyzeManifest method for analyzing CI/CD pipeline manifests |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 7 out of 8 changed files in this pull request and generated 6 comments.
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 7 out of 8 changed files in this pull request and generated 6 comments.
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 7 out of 8 changed files in this pull request and generated 5 comments.
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
|
@SUSTAPLE117 LGTM 👍 |
Adds MCP Server for providing utilities for LLMs and Agents to provide secure CI/CD manifests