einherjar/mcp
2
0
Fork 0
Code Issues Pull Requests Packages Releases 2 Activity
Files
main
mcp/internal/rules/wire_rules.go

234 lines
6.0 KiB
Go
Raw Permalink Normal View History

feat(mcp): initial implementation — MCP server, framework indexer, 10 tools, 8 validation rules (v0.1.0) Introduces code.nochebuena.dev/einherjar/mcp — the Einherjar Model Context Protocol server. A remote, streamable-HTTP service that teaches AI assistants about every other module of the framework: which package exposes which type, what each module guarantees through its compliance tests, the canonical wiring shape for a service, and whether a Go snippet follows the conventions. Indexes the framework on disk at build time and ships a self-contained binary via go:embed; imports nothing from other einherjar/* modules at compile time. server (cmd/server): - Streamable-HTTP MCP server built on github.com/modelcontextprotocol/go-sdk v1.0.0 - mcp.NewServer + mcp.NewStreamableHTTPHandler, served via net/http on EINHERJAR_MCP_ADDR (default :8080) and EINHERJAR_MCP_PATH (default /mcp) - /healthz liveness endpoint; structured JSON logging via log/slog - Loads the embedded data/index.json once at startup; in-memory for the process lifetime indexer (cmd/indexer): - Walks an Einherjar repository checkout (default ../), parses every sibling module's go.mod, README.md, CHANGELOG.md, docs/adr/ADR-*.md, doc.go package comments, every exported type/interface/func/method/const/var (via go/doc on go/parser ASTs), and compliance_test.go - Captures module dependency edges by regex over each go.mod's require lines (einherjar/* paths only; self-reference filtered) - Appends a synthetic "wire" module documenting canonical application wiring conventions, authored at internal/index/builtins/README.md and embedded via go:embed; participates in list_modules / get_module / get_example like a real module internal/index: - Schema einherjar.mcp/index/v1; types: Index, Module, SubPackage, Symbol, ADR, Example, Compliance, InterfaceAssert, ComplianceTest - Build(repoRoot) → *Index walks the repo; BuildBuiltins() returns the synthetic wire module from the embedded markdown - Load([]byte) → *Index validates the schema version on read - FindModule, SearchSymbols helpers used by tools internal/tools (10 tools): - list_modules — enumerate every module with purpose + sub-packages - get_module — package doc, dependencies, sub-packages, key symbols, ADRs, compliance counts; optional embedded README - search_symbols — full-text across name, doc, sub-package, module; filterable by module and kind - get_symbol — full signature, doc comment, source file:line for one symbol - list_adrs — list ADRs across the framework or within one module - get_adr — fetch one ADR's markdown body - get_example — canonical usage snippets extracted from module READMEs and from the synthetic wire conventions - get_compliance — interface assertions (var _ Iface = impl) and structural test names from a module's compliance_test.go - get_changelog — full CHANGELOG.md markdown for one module - validate_snippet — pattern-match a Go snippet against framework conventions internal/rules (8 rules, registered via init() against a single registered slice): - launcher.missing-run — launcher constructed but Run() never called - launcher.no-components — launcher.New() called without any .Append(...) - launcher.run-error-discarded — lc.Run() invoked as an ExprStmt (return ignored) - logz.direct-env-read — os.Getenv("EINHERJAR_LOG_*") bypassing logz config - web.server-not-appended — web/server constructed but not added to the launcher - wire.hook-bad-signature — with<Feature>(...) first param is not launcher.Launcher - wire.hook-outside-beforestart — repo/service/handler construction or route registration at the top level of a hook (outside lc.BeforeStart) - wire.route-specific-after-param — /users/{id} registered before a sibling /users/me of the same length and method (chi would shadow the literal route) Synthetic wire module (internal/index/builtins/README.md): - Project layout (cmd/<app>/main.go + internal/wire/*.go + per-feature domain dirs) - Canonical Run() shape: config → logger → infra (db, cache, pool, mc, srv) → cross- cutting (validator, permission provider) → launcher.New → lc.Append(infra...) → withMigrations / withSuperAdminSeed / withHealth / withFeature hooks → return lc.Run() - Canonical with<Feature> hook shape: signature (launcher.Launcher first, server.Server second, deps last), single lc.BeforeStart closure containing all construction + route registration - chi route ordering, srv.With(authz(...)) authorization, middleware helpers (authz / skipPublicPaths / skipMethodPath), tokenSignerAdapter pattern showing that the framework exposes Signer.Sign as a primitive and the application owns the access/refresh response shape Packaging: - Multi-stage Dockerfile that builds from the einherjar repository root (docker build -f mcp/Dockerfile .) so cmd/indexer can walk every sibling module at image-build time; runtime layer is gcr.io/distroless/static-debian12:nonroot - 86-byte placeholder data/index.json committed once with `git add -f`; subsequent indexer runs overwrite it locally but the file is .gitignored - .gitea/CODEOWNERS and pull_request_template.md mirror the sibling layout Design notes: - mcp depends on nothing in einherjar/* — it reads the framework via the filesystem at index time. This keeps mcp outside the framework dependency graph and lets it index any version of einherjar without versioning itself in lock-step. - All structured-output tool responses initialise empty slices ([]Type{}) rather than relying on Go's nil-marshals-to-null default, so the SDK's JSON-schema output validator never rejects a tools/call result.
2026-05-29 18:12:45 +00:00
package rules
import (
"fmt"
"go/ast"
"go/token"
"strings"
)
func init() {
registered = append(registered,
Rule{
ID: "wire.hook-bad-signature",
Severity: SeverityWarning,
Module: "wire",
Check: checkHookSignature,
},
Rule{
ID: "wire.hook-outside-beforestart",
Severity: SeverityWarning,
Module: "wire",
Check: checkHookBodyShape,
},
Rule{
ID: "wire.route-specific-after-param",
Severity: SeverityWarning,
Module: "web",
Check: checkRouteOrdering,
},
)
}
// isHookName reports whether name matches the with<Feature> convention.
// A hook is "with" + capital letter + anything, so "with" and "withers"
// don't qualify but "withUsers", "withAuth", "withSuperAdminSeed" do.
func isHookName(name string) bool {
if len(name) < 5 || !strings.HasPrefix(name, "with") {
return false
}
c := name[4]
return c >= 'A' && c <= 'Z'
}
func checkHookSignature(c *Context) []Finding {
var findings []Finding
for _, decl := range c.File.Decls {
fn, ok := decl.(*ast.FuncDecl)
if !ok || fn.Recv != nil || !isHookName(fn.Name.Name) {
continue
}
params := fn.Type.Params
if params == nil || len(params.List) == 0 {
findings = append(findings, Finding{
Message: fmt.Sprintf("hook %s has no parameters; expected first param launcher.Launcher", fn.Name.Name),
Hint: "func with<Feature>(lc launcher.Launcher, srv server.Server, deps...)",
Line: c.Fset.Position(fn.Pos()).Line,
})
continue
}
first := exprName(params.List[0].Type)
if !strings.Contains(first, "Launcher") {
findings = append(findings, Finding{
Message: fmt.Sprintf("hook %s first param is %q; expected launcher.Launcher", fn.Name.Name, first),
Hint: "Always pass the launcher as the first argument so the hook can register BeforeStart.",
Line: c.Fset.Position(fn.Pos()).Line,
})
}
}
return findings
}
func checkHookBodyShape(c *Context) []Finding {
var findings []Finding
for _, decl := range c.File.Decls {
fn, ok := decl.(*ast.FuncDecl)
if !ok || fn.Recv != nil || fn.Body == nil || !isHookName(fn.Name.Name) {
continue
}
for _, stmt := range fn.Body.List {
if !suspiciousTopLevelStmt(stmt) {
continue
}
findings = append(findings, Finding{
Message: fmt.Sprintf("hook %s performs wiring outside lc.BeforeStart", fn.Name.Name),
Hint: "Move repo/service/handler construction and route registration inside lc.BeforeStart(func() error { ... return nil }).",
Line: c.Fset.Position(stmt.Pos()).Line,
})
}
}
return findings
}
// suspiciousTopLevelStmt is true for top-level statements inside a hook that
// look like wiring work (route registration or component construction) but
// are not the canonical lc.BeforeStart or lc.Append calls.
func suspiciousTopLevelStmt(stmt ast.Stmt) bool {
if expr, ok := stmt.(*ast.ExprStmt); ok {
if call, ok := expr.X.(*ast.CallExpr); ok {
name := exprName(call.Fun)
if strings.HasSuffix(name, ".BeforeStart") ||
strings.HasSuffix(name, ".Append") ||
strings.HasSuffix(name, ".Run") {
return false
}
}
}
suspicious := false
ast.Inspect(stmt, func(n ast.Node) bool {
call, ok := n.(*ast.CallExpr)
if !ok {
return true
}
name := exprName(call.Fun)
switch {
case strings.HasSuffix(name, ".Get"),
strings.HasSuffix(name, ".Post"),
strings.HasSuffix(name, ".Put"),
strings.HasSuffix(name, ".Patch"),
strings.HasSuffix(name, ".Delete"),
strings.HasSuffix(name, ".New"):
suspicious = true
return false
}
return true
})
return suspicious
}
type routeReg struct {
method string
path string
pos token.Pos
}
func collectRoutes(file *ast.File) []routeReg {
var routes []routeReg
ast.Inspect(file, func(n ast.Node) bool {
call, ok := n.(*ast.CallExpr)
if !ok {
return true
}
sel, ok := call.Fun.(*ast.SelectorExpr)
if !ok {
return true
}
switch sel.Sel.Name {
case "Get", "Post", "Put", "Patch", "Delete":
default:
return true
}
if len(call.Args) < 1 {
return true
}
lit, ok := call.Args[0].(*ast.BasicLit)
if !ok || lit.Kind != token.STRING {
return true
}
routes = append(routes, routeReg{
method: sel.Sel.Name,
path: strings.Trim(lit.Value, `"`),
pos: call.Pos(),
})
return true
})
return routes
}
func checkRouteOrdering(c *Context) []Finding {
routes := collectRoutes(c.File)
var findings []Finding
for i := 0; i < len(routes); i++ {
for j := i + 1; j < len(routes); j++ {
if routes[i].method != routes[j].method {
continue
}
if !routesConflict(routes[i].path, routes[j].path) {
continue
}
findings = append(findings, Finding{
Message: fmt.Sprintf("%s %s registered before %s %s — chi will bind %q to a path parameter and the literal route becomes unreachable",
routes[i].method, routes[i].path,
routes[j].method, routes[j].path,
conflictingSegment(routes[i].path, routes[j].path),
),
Hint: "Register literal-segment routes before parametrised siblings that share the same prefix.",
Line: c.Fset.Position(routes[i].pos).Line,
})
}
}
return findings
}
// routesConflict reports whether `param` is a parametrised route that would
// shadow `literal` (a route differing only in one segment being a literal
// where param has {placeholder}).
func routesConflict(param, literal string) bool {
p := strings.Split(strings.Trim(param, "/"), "/")
l := strings.Split(strings.Trim(literal, "/"), "/")
if len(p) != len(l) {
return false
}
hasParam := false
for i := range p {
pIsParam := isParamSeg(p[i])
lIsParam := isParamSeg(l[i])
if pIsParam {
if lIsParam {
return false
}
hasParam = true
continue
}
if p[i] != l[i] {
return false
}
}
return hasParam
}
func isParamSeg(s string) bool {
return strings.HasPrefix(s, "{") && strings.HasSuffix(s, "}")
}
func conflictingSegment(param, literal string) string {
p := strings.Split(strings.Trim(param, "/"), "/")
l := strings.Split(strings.Trim(literal, "/"), "/")
for i := range p {
if isParamSeg(p[i]) && !isParamSeg(l[i]) {
return l[i]
}
}
return ""
}
Reference in New Issue Copy Permalink