Skip to content

feat: add safe application env upsert tool#56

Open
agentHits wants to merge 2 commits into
Dokploy:mainfrom
agentHits:feat/application-env-upsert
Open

feat: add safe application env upsert tool#56
agentHits wants to merge 2 commits into
Dokploy:mainfrom
agentHits:feat/application-env-upsert

Conversation

@agentHits

@agentHits agentHits commented Jul 2, 2026

Copy link
Copy Markdown

Summary

Status: ready for review, blocked for merge.

Please review the MCP implementation now, but do not merge until Dokploy/dokploy#4581 lands or maintainers confirm the final /application/env/upsert API/OpenAPI shape.

Adds dependent MCP support for the safe application environment variable upsert API from Dokploy core.

This PR exposes application-env-upsert for POST /application/env/upsert so MCP clients can send only the variables they need to add or update, without reading or reconstructing the full current application env block.

Closes #55.
Refs Dokploy/dokploy#4525.
Depends on Dokploy/dokploy#4581.

Current Support Status

The core workflow has also been validated in a self-hosted Dokploy + MCP setup with dryRun. The verified behavior is the same contract this MCP tool is meant to provide: send only selected env variables, let Dokploy merge server-side, and return metadata without exposing raw secret values.

This PR still intentionally remains merge-gated because the final upstream core API/OpenAPI shape must be confirmed by maintainers first.

Dependency / Merge Gate

/application/env/upsert is not present in the published Dokploy OpenAPI yet. This PR is ready for review, but should not merge until Dokploy/dokploy#4581 lands or maintainers confirm the final API/OpenAPI shape.

The core issue and implementation were opened by @agentHits. Review from Dokploy maintainers, including @Siumauricio if this API surface is in scope, would help confirm when the MCP side can be safely promoted.

What Changed

  • Added /application/env/upsert to src/generated/openapi.json.
  • Regenerated src/generated/tools.ts and TOOLS.md, increasing the tool count from 524 to 525.
  • Updated the generated application-env-upsert tool description/path to call /application/env/upsert.
  • Updated the tool generator to preserve OpenAPI propertyNames.pattern + minProperties for string record schemas.
  • Added a handler redaction guard so submitted env variable values are redacted in logs for this tool even when global env redaction is disabled.
  • Added regression tests for tool exposure, schema constraints, call routing, no full env replacement fallback, and no raw submitted value in MCP output/logs.

Safety Notes

  • No client-side full env read/replace is introduced.
  • No fallback to application.saveEnvironment is used.
  • The MCP response remains metadata-only in tests.
  • Submitted env values are still forwarded to Dokploy, but are redacted from MCP logs for this tool.

Checks

  • corepack pnpm run generate
  • corepack pnpm test
  • corepack pnpm run type-check
  • corepack pnpm run lint (passes with existing src/utils/responseFormatter.ts warning)
  • corepack pnpm run build
  • git diff --check origin/feat/application-env-upsert...HEAD
  • Independent Agent Flow QA reviewed the MCP diff and reported no blocking findings.

Not Verified

  • Live call against merged upstream Dokploy core was not exercised because the core PR is still open.
  • Final published OpenAPI sync is blocked until the core PR is merged or the API is confirmed stable.

Что:
- Добавлен generated MCP tool `application-env-upsert` для `POST /application.env.upsert`.
- Добавлена поддержка OpenAPI pattern-record схем в генераторе, чтобы MCP валидировал имена env-переменных и непустой `variables`.
- Добавлено редактирование submitted env values в логах handler для нового tool и regression tests на безопасный routing.
Зачем:
- MCP-клиенты смогут безопасно отправлять только нужные application env variables без client-side read/replace полного env блока.
- Это снижает риск удаления или раскрытия существующих секретов при автоматизации через MCP.
Риски:
- Endpoint пока зависит от Dokploy core PR #4581 и отсутствует в published OpenAPI.
- Live Dokploy backend не вызывался.
Проверки:
- Команды и результаты: `corepack pnpm exec vitest run src/server.test.ts --reporter=verbose` passed, 1 file / 6 tests; `corepack pnpm run lint` passed with existing `src/utils/responseFormatter.ts` warning; `corepack pnpm run type-check` passed; `corepack pnpm run test` passed, 3 files / 27 tests; `corepack pnpm run build` passed; `git diff --check` passed.
- Ограничения: live Dokploy backend and final core OpenAPI sync were not verified because core PR #4581 is still open.

What:
- Added the generated MCP `application-env-upsert` tool for `POST /application.env.upsert`.
- Added OpenAPI pattern-record support to the generator so MCP validates env variable names and non-empty `variables`.
- Added handler log redaction for submitted env values on the new tool and regression tests for safe routing.
Why:
- MCP clients can send only the requested application env variables without client-side full env read/replace.
- This reduces the risk of deleting or exposing existing secrets during MCP automation.
Risks:
- The endpoint still depends on Dokploy core PR #4581 and is not present in the published OpenAPI yet.
- Live Dokploy backend was not exercised.
Checks:
- Commands and results: `corepack pnpm exec vitest run src/server.test.ts --reporter=verbose` passed, 1 file / 6 tests; `corepack pnpm run lint` passed with existing `src/utils/responseFormatter.ts` warning; `corepack pnpm run type-check` passed; `corepack pnpm run test` passed, 3 files / 27 tests; `corepack pnpm run build` passed; `git diff --check` passed.
- Limitations: live Dokploy backend and final core OpenAPI sync were not verified because core PR #4581 is still open.
@agentHits

agentHits commented Jul 6, 2026

Copy link
Copy Markdown
Author

Update (2026-07-06): the MCP PR has now been aligned with the route shape implemented in Dokploy/dokploy#4581.

Current confirmed MCP behavior:

  • application-env-upsert calls POST /application/env/upsert.
  • src/generated/openapi.json, src/generated/tools.ts, and the routing regression test all use /application/env/upsert consistently.
  • MCP still sends only selected env variables, relies on Dokploy for server-side merge, does not fall back to application.saveEnvironment, and does not return raw submitted values in output/logs.

Checks passed: pnpm generate, tests, type-check, lint, build, diff check, and independent Agent Flow QA with no blocking findings.

The PR remains ready for review and blocked for merge until Dokploy/dokploy#4581 lands or maintainers confirm the final API/OpenAPI contract.

Что:
- Перевел generated MCP tool `application-env-upsert` на `/application/env/upsert`, синхронизировал OpenAPI snapshot и обновил regression test.
Зачем:
- Core API support теперь публикует и обслуживает slash route, поэтому MCP PR должен отправлять запрос в тот route, который обслуживается рабочей core-реализацией.
Риски:
- Изменение касается только одного generated tool path; input schema, redaction guard и full-env replacement запрет не менялись.
Проверки:
- Команды и результаты: `corepack pnpm run generate` прошел и regenerated 525 tools; `corepack pnpm test` прошел, 3 файла и 27 тестов; `corepack pnpm run type-check` прошел; `corepack pnpm run lint` прошел с существующим warning в `src/utils/responseFormatter.ts`; `corepack pnpm run build` прошел; `git diff --check origin/feat/application-env-upsert...HEAD` прошел после amend.
- Ограничения: live call against merged upstream Dokploy core не запускался, потому что core PR еще открыт.

What:
- Switched the generated MCP `application-env-upsert` tool to `/application/env/upsert`, synchronized the OpenAPI snapshot, and updated the regression test.
Why:
- Core API support now publishes and serves the slash route, so the MCP PR should call the route served by the working core implementation.
Risks:
- The change only affects one generated tool path; input schema, the redaction guard, and the no-full-env-replacement guarantee are unchanged.
Checks:
- Commands and results: `corepack pnpm run generate` passed and regenerated 525 tools; `corepack pnpm test` passed, 3 files and 27 tests; `corepack pnpm run type-check` passed; `corepack pnpm run lint` passed with the existing warning in `src/utils/responseFormatter.ts`; `corepack pnpm run build` passed; `git diff --check origin/feat/application-env-upsert...HEAD` passed after amend.
- Limitations: live call against merged upstream Dokploy core was not run because the core PR is still open.
@agentHits

Copy link
Copy Markdown
Author

Code update pushed for the final route shape currently implemented in Dokploy/dokploy#4581.

What changed in this MCP PR now:

  • src/generated/openapi.json uses /application/env/upsert.
  • src/generated/tools.ts exposes application-env-upsert as POST /application/env/upsert.
  • The routing regression test now asserts calls go to /application/env/upsert.
  • Existing safety behavior remains unchanged: no full env replacement fallback, no raw submitted env values in MCP output/logs.

Latest local checks passed: pnpm generate, tests, type-check, lint, build, diff check, and independent QA review with no blocking findings.

This is still ready for review but merge-gated until Dokploy/dokploy#4581 lands or maintainers confirm the final API/OpenAPI contract.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Add safe application env upsert MCP tool

1 participant