-{pipeline.result?.generated_yaml ?? "Click Generate Pipeline to preview YAML…"}
+{pipeline.result?.yaml ?? pipeline.result?.generated_yaml ?? "Click Generate Pipeline to preview YAML…"}
You may now return to the application.
" + ); + } catch (err) { + console.error("[AWS DEVICE FLOW ERROR] Failed during device callback", err); + return res.status(500).send("Failed to complete device authorization: " + err.message); + } +}); \ No newline at end of file diff --git a/server/routes/auth.google.js b/server/routes/auth.google.js new file mode 100644 index 0000000..bff9d94 --- /dev/null +++ b/server/routes/auth.google.js @@ -0,0 +1,16 @@ +import express from 'express'; +import { google_adapter } from '../tools/google_adapter.js'; + +const router = express.Router(); + +// Route to initiate Google OAuth +router.get('/', async (req, res) => { + await google_adapter.connect(req, res); +}); + +// OAuth callback route +router.get('/callback', async (req, res) => { + await google_adapter.callback(req, res); +}); + +export default router; \ No newline at end of file diff --git a/server/server.js b/server/server.js index 28062a0..1f0bfac 100644 --- a/server/server.js +++ b/server/server.js @@ -10,10 +10,12 @@ import mcpRoutes from './routes/mcp.js'; import agentRoutes from './routes/agent.js'; import cookieParser from 'cookie-parser'; import deploymentsRouter from './routes/deployments.js'; -import authRoutes from './routes/authRoutes.js'; +import authAws from './routes/auth.aws.js'; +import authGoogle from './routes/auth.google.js'; import { z } from 'zod'; import { query } from './db.js'; import jenkinsRouter from "./routes/jenkins.js"; +// app.use(authRoutes); const app = express(); app.use(express.json()); @@ -139,7 +141,13 @@ app.use('/mcp/v1', mcpRoutes); // Mount GitHub OAuth routes at /auth/github app.use('/auth/github', githubAuthRouter); -app.use(authRoutes); + + +// Mount AWS SSO routes +app.use('/auth/aws', authAws); + +// Mount Google OAuth routes +app.use('/auth/google', authGoogle); // --- Global Error Handler --- app.use((err, req, res, next) => { diff --git a/server/tools/MCP_AWS_Deployment_Flow.md b/server/tools/MCP_AWS_Deployment_Flow.md new file mode 100644 index 0000000..cc90a51 --- /dev/null +++ b/server/tools/MCP_AWS_Deployment_Flow.md @@ -0,0 +1,74 @@ +# 🧩 MCP → AWS Deployment Flow Diagram + +**File generated:** 2025-10-30 02:21:51 UTC + +--- + +## 🧠 Overview + +This diagram outlines how the MCP CI/CD Builder interacts with AWS when the **provider** is set to `aws`. + +--- + +```mermaid +flowchart TD + A[🧑 Developer Prompt] -->|Natural language command| B[MCP Wizard Agent] + B --> C[pipeline_generator Tool] + C -->|provider = "aws"| D[AWS Adapter (aws_adapter.js)] + D --> E{{AWS SDK / OIDC Authentication}} + E --> F1[S3: Upload Artifacts] + E --> F2[ECS: Update Service] + E --> F3[Lambda: Update Function] + F1 --> G[(Deployed Resources)] + F2 --> G + F3 --> G + G --> H[✅ Success Response to MCP] + H --> I[Frontend Wizard: Display Deployment Info] +``` + +--- + +## ⚙️ Key Components + +| Component | Description | +|------------|--------------| +| **MCP Wizard** | Frontend agent that captures developer intent | +| **pipeline_generator** | Generates YAML config and determines provider | +| **aws_adapter** | Handles S3, ECS, Lambda deployments using AWS SDK | +| **AWS OIDC / IAM Role** | Provides secure, keyless authentication | +| **AWS Resources** | S3 Buckets, ECS Services, or Lambda Functions | + +--- + +## 🔐 Example IAM Trust Policy (OIDC) + +```json +{ + "Version": "2012-10-17", + "Statement": [{ + "Effect": "Allow", + "Principal": { "Federated": "token.actions.githubusercontent.com" }, + "Action": "sts:AssumeRoleWithWebIdentity", + "Condition": { + "StringEquals": { + "token.actions.githubusercontent.com:sub": "repo:username/repo-name:ref:refs/heads/main" + } + } + }] +} +``` + +--- + +## 🚀 Example Deployment Steps + +1. Developer runs: + `node wizardAgent.js "Deploy repo my-app using AWS"` +2. MCP identifies the repo, provider, and template. +3. `pipeline_generator` calls the **AWS Adapter**. +4. AWS Adapter uploads artifacts or triggers ECS/Lambda updates. +5. MCP returns deployment status and URLs to the wizard. + +--- + +**End of file.** diff --git a/server/tools/aws_adapter.js b/server/tools/aws_adapter.js new file mode 100644 index 0000000..eea4a46 --- /dev/null +++ b/server/tools/aws_adapter.js @@ -0,0 +1,152 @@ +// server/tools/aws_adapter.js +import { z } from "zod"; +import { query } from "../db.js"; + +/** + * aws_adapter + * - Focus: produce GitHub Actions YAML snippets for AWS deploys. + * - Start: simple S3 deploy (sync a folder to a bucket). + * + * Nothing here talks to AWS directly — that will happen in GitHub Actions + * using OIDC + aws-actions/configure-aws-credentials. + */ + +const DeployS3Schema = z.object({ + // The local build output directory (in the runner workspace) + sourceDir: z.string().default("dist"), + // Target S3 bucket + bucket: z.string(), + // Optional key prefix inside the bucket (e.g. "web/" -> s3://bucket/web/*) + prefix: z.string().optional().default(""), + // AWS region for the bucket + region: z.string().default("us-east-1"), + // OIDC role to assume from GitHub Actions (recommended) + roleToAssume: z.string().optional(), // e.g. "arn:aws:iam::