Skip to content

Release v1.0.0: Initial public release #6

Merged
Khauneesh-AI merged 3 commits into
mainfrom
release/v1.0.0
Oct 23, 2025
Merged

Release v1.0.0: Initial public release #6
Khauneesh-AI merged 3 commits into
mainfrom
release/v1.0.0

Conversation

@Khauneesh-AI
Copy link
Copy Markdown
Collaborator

@Khauneesh-AI Khauneesh-AI commented Oct 23, 2025

🎉 First Public Release

This release represents the initial stable version of the Cloudera AI Workbench MCP Server with comprehensive security fixes, testing infrastructure, and public repository setup.

🔒Security Enhancements (Critical)

Fixed critical security vulnerability affecting 46 functions:

  • ✅ Replaced subprocess.run() calls with secure requests library
  • ✅ API keys no longer exposed in process lists (ps/top)
  • ✅ All HTTP calls now use secure header-based authentication
  • ✅ Added 30-second timeouts to prevent hanging requests
  • Impact: Eliminated API key exposure vulnerability across entire codebase

Files affected:

  • All create_* functions (7 files)
  • All delete_* functions (10 files)
  • All update_* functions (10 files)
  • All get_* functions (9 files)
  • All list_* functions (8 files)
  • All stop_/restart_ functions (4 files)

Testing Infrastructure

Added comprehensive test suite for CI/CD:

  • test_all_functions.py: 11 unit tests covering all 47+ MCP tools
  • test_cai_mcp_client.py: FastMCP integration tests
  • Security vulnerability detection tests
  • Function signature validation tests
  • Response structure validation tests
  • Error handling tests

CI/CD Automation - Added GitHub Actions workflow:

  • Automated testing on all PRs
  • Security scanning
  • Multi-version Python testing (3.10, 3.11, 3.12)

Features

47+ MCP tools for Cloudera ML operations:

  • Project management (list, create, update, delete)
  • Job orchestration (create, run, monitor, stop)
  • Model lifecycle (build, deploy, manage)
  • Experiment tracking (create, log, query)
  • Application management (create, start, stop, restart)
  • File operations (upload, download, list, delete)

Protocols supported:

  • FastMCP-based HTTP server (experimental)
  • FastMCP-based stdio server (recommended)

Core dependencies:

  • fastmcp>=2.11.0 (MCP protocol implementation)
  • requests>=2.28.0 (secure HTTP client)
  • python-dotenv>=1.0.0 (configuration management)
  • fastapi>=0.115.0 (HTTP server)
  • pyjwt>=2.8.0 (OAuth 2.1 support)

Ready For

  • Production deployment
  • CI/CD pipeline integration
  • Public contributions
  • Security audits
  • Docker/Claude Desktop integration

License: Apache-2.0

Khauneesh-AI and others added 3 commits October 23, 2025 23:19
@Khauneesh-AI
minor document changes cml to cai
9450c44
@Khauneesh-AI
Release v1.0.0: Initial public release with security enhancements
bb8554c 
🎉 First Public Release

This release represents the initial stable version of the Cloudera AI Workbench MCP Server
with comprehensive security fixes, testing infrastructure, and public repository
setup.

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Security Enhancements (Critical)

Fixed critical security vulnerability affecting 46 functions:

• Replaced subprocess.run() calls with secure requests library
• API keys no longer exposed in process lists (ps/top)
• All HTTP calls now use secure header-based authentication
• Added 30-second timeouts to prevent hanging requests
• Impact: Eliminated API key exposure vulnerability across entire codebase

Files affected:

• All create_* functions (7 files)
• All delete_* functions (10 files)
• All update_* functions (10 files)
• All get_* functions (9 files)
• All list_* functions (8 files)
• All stop_/restart_ functions (4 files)

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Testing Infrastructure

Added comprehensive test suite for CI/CD:

• test_all_functions.py: 11 unit tests covering all 47+ MCP tools
• test_cai_mcp_client.py: FastMCP integration tests
• Security vulnerability detection tests
• Function signature validation tests
• Response structure validation tests
• Error handling tests

CI/CD Automation

Added GitHub Actions workflow:

• Automated testing on all PRs
• Security scanning
• Multi-version Python testing (3.10, 3.11, 3.12)

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Features

47+ MCP tools for Cloudera ML operations:

• Project management (list, create, update, delete)
• Job orchestration (create, run, monitor, stop)
• Model lifecycle (build, deploy, manage)
• Experiment tracking (create, log, query)
• Application management (create, start, stop, restart)
• File operations (upload, download, list, delete)

Protocols supported:

• FastMCP-based HTTP server (experimental)
• FastMCP-based stdio server (recommended)

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

Core dependencies:

• fastmcp>=2.11.0 (MCP protocol implementation)
• requests>=2.28.0 (secure HTTP client)
• python-dotenv>=1.0.0 (configuration management)
• fastapi>=0.115.0 (HTTP server)
• pyjwt>=2.8.0 (OAuth 2.1 support)

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Ready For

• Production deployment
• CI/CD pipeline integration
• Public contributions
• Security audits
• Docker/Claude Desktop integration

License: Apache-2.0
@Khauneesh-AI
Merge pull request #5 from cloudera/dev
c25269a 
Staging first release commit(dev)
@Khauneesh-AI Khauneesh-AI merged commit 591209d into main Oct 23, 2025
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Khauneesh-AI