feat: expand read API surface with 11 new tools (55→66)#11
Merged
Conversation
Add high-priority read operations identified by API coverage audit. Brings the server from 55 to 65 tools across 18 services, completing the debugging workflow surface for AI agents. New tools: - neutron_list_routers: Router topology for connectivity tracing - neutron_list_floating_ips: External access mapping - octavia_list_members: Backend servers in LB pools - octavia_list_healthmonitors: Health check configuration - cinder_list_snapshots: Volume snapshot inventory - cinder_get_snapshot: Snapshot detail by UUID - cinder_list_volume_types: Available storage tiers - nova_list_keypairs: SSH key inventory for access debugging - manila_list_access_rules: Share mount permissions - ironic_list_node_ports: Physical NIC details (MAC, PXE) - keppel_get_vulnerability_report: Per-manifest CVE details All tools are read-only with proper annotations, UUID validation, and response sanitization.
…dation - Add explicit strings.Contains(value, "..") check to ValidatePathSegment to block embedded traversal (e.g., "x/../../accounts/victim") that the regex alone did not catch - Add test case for embedded path traversal attack vector - Validate volume_id filter in cinder_list_snapshots - Validate pool_id filter in octavia_list_healthmonitors - Validate port_id filter in neutron_list_floating_ips - Remove inconsistent 200-result hard cap from neutron_list_routers and neutron_list_floating_ips (use limit parameter instead, matching other list handlers)
Merging this branch will not change overall coverage
Coverage by fileChanged files (no unit tests)
Please note that the "Total", "Covered", and "Missed" counts above refer to code statements instead of lines of code. The value in brackets refers to the test coverage of that file in the old version of the code. Changed unit test files
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds 11 high-priority read operations identified by a systematic API coverage audit. These tools complete the debugging workflow surface — enabling AI agents to trace connectivity end-to-end, inspect backend health, audit storage state, and drill into security vulnerabilities.
New Tools
neutron_list_routersneutron_list_floating_ipsoctavia_list_membersoctavia_list_healthmonitorscinder_list_snapshotscinder_get_snapshotcinder_list_volume_typesnova_list_keypairsmanila_list_access_rulesironic_list_node_portskeppel_get_vulnerability_reportVerification
go build ./...passes (zero errors)golangci-lintpasses (0 issues)go test ./...passesgo mod tidy && go mod verifycleanTest plan