feat(#3301): add tool lifecycle, kagenti admin, and MCP server routes#3553
Conversation
Implement Kagenti tool lifecycle routes (tasks 4.1-4.4), Kagenti infrastructure admin routes (task 5.1), and MCP server registration CRUD routes as specified in issue #3301. Tool lifecycle routes (boost-backend/src/tools/): - PUT /tools/:id/promote — draft→pending (boost.tool.promote) - PUT /tools/:id/demote — pending→draft or published→pending (boost.tool.demote) - PUT /tools/:id/publish — pending→published (boost.tool.publish) - PUT /tools/:id/unpublish — published→archived (boost.tool.unpublish) - ToolLifecycleStore with DB-backed persistence (boost_tools table) - Tool lifecycle transition validation Kagenti admin routes (boost-backend/src/kagenti/): - GET /kagenti/status — infrastructure status endpoint gated by boost.kagenti.admin with boost.admin fallback MCP server registration routes (boost-backend/src/mcp/): - GET /mcp/servers — list registered MCP servers - GET /mcp/servers/:id — get single server - POST /mcp/servers — register new server (URL, transport, auth) - PUT /mcp/servers/:id — update server config - DELETE /mcp/servers/:id — remove server - POST /mcp/servers/:id/test — connection test stub - McpServerStore with DB-backed persistence (boost_mcp_servers) - All routes gated by boost.mcp.manage with boost.admin fallback Types added to boost-common: - ToolRecord — governance record for Kagenti tools - McpServerRecord, McpTransport, McpAuthType — MCP server types All routes follow the existing authorizeLifecycleAction middleware pattern with fine-grained permission check → admin fallback → 403. Closes #3301
Missing ChangesetsThe following package(s) are changed by this PR but do not have a changeset:
See CONTRIBUTING.md for more information about how to add changesets. Changed Packages
|
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## main #3553 +/- ##
========================================
Coverage 53.74% 53.74%
========================================
Files 2268 2274 +6
Lines 86468 86858 +390
Branches 24266 24343 +77
========================================
+ Hits 46468 46683 +215
- Misses 38519 38666 +147
- Partials 1481 1509 +28
*This pull request uses carry forward flags. Click here to find out more. Continue to review full report in Codecov by Harness.
🚀 New features to boost your workflow:
|
|
🤖 Finished Review · ✅ Success · Started 2:49 PM UTC · Completed 3:04 PM UTC |
ReviewFindingsMedium
Low
Info
Previous runReviewFindingsLow
Info
|
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add missing validateServerId() call to GET /mcp/servers/:id handler - Replace inline import() type casts with top-level LifecycleStage import in tools/routes.ts demote handler - Rename misleading test name to accurately describe what it tests Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: gabemontero <gmontero@redhat.com>
|
🤖 Finished Review · ✅ Success · Started 3:30 PM UTC · Completed 3:42 PM UTC |
|


Implement Kagenti tool lifecycle routes (tasks 4.1-4.4), Kagenti infrastructure admin routes (task 5.1), and MCP server registration CRUD routes as specified in issue #3301.
Tool lifecycle routes (boost-backend/src/tools/):
(boost.tool.demote)
(boost.tool.unpublish)
Kagenti admin routes (boost-backend/src/kagenti/):
boost.kagenti.admin with boost.admin fallback
MCP server registration routes (boost-backend/src/mcp/):
Types added to boost-common:
All routes follow the existing authorizeLifecycleAction middleware pattern with fine-grained permission check → admin fallback → 403.
Closes #3301
Post-script verification
agent/3301-tool-kagenti-mcp-routes)34a23c2a26ffe1a0cee4f85bed67c2d21acccec0..HEAD)