Correct Jenkins trigger safety boundary #152

Closed
opened 2026-07-05 01:57:17 -05:00 by jcwalker3 · 2 comments
Owner

Context

Child implementation issue from the accepted Jenkins/GlitchTip MCP audit decision.

The accepted audit status is the working source of truth:

  • Jenkins MCP server code exists as jenkins-mcp.
  • Jenkins read-only tools exist and are tested.
  • jenkins_trigger_build exists, but it is not exposed through any configured write-capable profile.
  • The trigger audit path is best-effort rather than fail-closed.
  • Jenkins mutating trigger behavior is currently mixed into the same server boundary that docs describe as read-only, so the boundary and docs are stale.
  • #4 and #7 remain closed because real code landed, but remaining exposure/audit/integration gaps must be tracked as follow-up work.

Scope

  • Move jenkins_trigger_build out of the read-only server boundary, or otherwise separate read and write capability surfaces in a way clients can reason about.
  • Make trigger audit fail-closed using the established mutation audit pattern.
  • Preserve read-only Jenkins behavior for read-only profiles.
  • Add permission and confirmation gates around trigger behavior.
  • Update config only after operator approval of which profile, if any, may carry trigger capability.

Acceptance criteria

  • Read-only Jenkins MCP surface exposes no mutating trigger capability.
  • Any write-capable Jenkins trigger surface is separately named, configured, and documented.
  • jenkins_trigger_build fails closed when mutation audit setup or write fails.
  • Tests cover audit failure.
  • Tests cover permission/profile failure.
  • Tests cover bad or missing confirmation.
  • Tests cover successful gated trigger.
  • Config/profile changes for enabling trigger capability are either absent or explicitly tied to operator approval.

Non-goals

  • Do not use this issue to solve general MCP client registration unless required by the safety split; that belongs to #151.
  • Do not change GlitchTip filing behavior here.
  • Do not treat this as reopening the original roadmap issues.

Ordering

This is implementation issue 2 of 5 and should follow #151 because registration/naming needs to be settled before exposing any capability split.

## Context Child implementation issue from the accepted Jenkins/GlitchTip MCP audit decision. The accepted audit status is the working source of truth: - Jenkins MCP server code exists as `jenkins-mcp`. - Jenkins read-only tools exist and are tested. - `jenkins_trigger_build` exists, but it is not exposed through any configured write-capable profile. - The trigger audit path is best-effort rather than fail-closed. - Jenkins mutating trigger behavior is currently mixed into the same server boundary that docs describe as read-only, so the boundary and docs are stale. - #4 and #7 remain closed because real code landed, but remaining exposure/audit/integration gaps must be tracked as follow-up work. ## Scope - Move `jenkins_trigger_build` out of the read-only server boundary, or otherwise separate read and write capability surfaces in a way clients can reason about. - Make trigger audit fail-closed using the established mutation audit pattern. - Preserve read-only Jenkins behavior for read-only profiles. - Add permission and confirmation gates around trigger behavior. - Update config only after operator approval of which profile, if any, may carry trigger capability. ## Acceptance criteria - Read-only Jenkins MCP surface exposes no mutating trigger capability. - Any write-capable Jenkins trigger surface is separately named, configured, and documented. - `jenkins_trigger_build` fails closed when mutation audit setup or write fails. - Tests cover audit failure. - Tests cover permission/profile failure. - Tests cover bad or missing confirmation. - Tests cover successful gated trigger. - Config/profile changes for enabling trigger capability are either absent or explicitly tied to operator approval. ## Non-goals - Do not use this issue to solve general MCP client registration unless required by the safety split; that belongs to #151. - Do not change GlitchTip filing behavior here. - Do not treat this as reopening the original roadmap issues. ## Ordering This is implementation issue 2 of 5 and should follow #151 because registration/naming needs to be settled before exposing any capability split.
jcwalker3 added the mcpsecurityread-onlymutatingtestingreliabilityjenkins labels 2026-07-05 01:57:20 -05:00
Author
Owner

Duplicate triage: closing #147 as a duplicate of this issue. #147 ("Correct Jenkins trigger safety boundary") carried four acceptance bullets — trigger out of read-only boundary, fail-closed audit, tests for audit/permission/confirmation/gated-trigger, operator-approved config — all already present in this issue's fuller scope and acceptance criteria. No unique content existed on #147 (empty comment thread). This issue remains the canonical tracker. Triage by jcwalker3 / prgs-author; duplicate-check evidence: full open-issue inventory + side-by-side body comparison.

Duplicate triage: closing #147 as a duplicate of this issue. #147 ("Correct Jenkins trigger safety boundary") carried four acceptance bullets — trigger out of read-only boundary, fail-closed audit, tests for audit/permission/confirmation/gated-trigger, operator-approved config — all already present in this issue's fuller scope and acceptance criteria. No unique content existed on #147 (empty comment thread). This issue remains the canonical tracker. Triage by `jcwalker3 / prgs-author`; duplicate-check evidence: full open-issue inventory + side-by-side body comparison.
jcwalker3 added the status:in-progress label 2026-07-06 10:55:44 -05:00
Author
Owner

Claimed for Gitea-Tools documentation closure.

Context: mcp-control-plane #56 landed the read/write split (jenkins_mcp.server read-only; jenkins_mcp.write_server / jenkins-write-mcp for gated jenkins_trigger_build). No profile carries trigger capability until operator approval.

Branch: feat/issue-152-jenkins-trigger-boundary

Scope (this repo): Align docs/mcp-client-registration.md and docs/safety-model.md with the separated write boundary; extend registration doc tests.

Out of scope: Enabling trigger profiles in client config (operator approval required).

Claimed for Gitea-Tools documentation closure. **Context:** mcp-control-plane #56 landed the read/write split (`jenkins_mcp.server` read-only; `jenkins_mcp.write_server` / `jenkins-write-mcp` for gated `jenkins_trigger_build`). No profile carries trigger capability until operator approval. **Branch:** `feat/issue-152-jenkins-trigger-boundary` **Scope (this repo):** Align `docs/mcp-client-registration.md` and `docs/safety-model.md` with the separated write boundary; extend registration doc tests. **Out of scope:** Enabling trigger profiles in client config (operator approval required).
sysadmin removed the status:in-progress label 2026-07-06 12:29:01 -05:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Scaled-Tech-Consulting/Gitea-Tools#152