b402de83fe
Address reviewer blockers on PR #8: - Remove trailing whitespace in credential-isolation.md and release-workflows.md - Add approved naming coverage (MCP Control Plane / mcp-control-plane project and repo names; common, gitea-mcp, jenkins-mcp, ops-mcp, release-mcp packages) to tool-boundaries.md Documentation-only. No code, scaffolding, or config changes. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
14 lines
1.1 KiB
Markdown
14 lines
1.1 KiB
Markdown
# Tool Boundaries
|
|
|
|
This document defines the strict boundaries between the different MCP server packages within the monorepo.
|
|
|
|
The project is named **MCP Control Plane** and lives in the `mcp-control-plane` repository. It groups the following packages: `common`, `gitea-mcp`, `jenkins-mcp`, `ops-mcp`, and `release-mcp`.
|
|
|
|
## 1. Architectural Philosophy
|
|
- **One MCP Server per Trust Boundary**: While the packages share a monorepo, their runtime services must remain entirely separate. There is no single "everything" server.
|
|
|
|
## 2. Package-Specific Boundaries
|
|
- **gitea-mcp**: Restricted to source-control and work-item capabilities (issues, PRs, comments). This package **must not** have Jenkins or Ops credentials, nor can it execute deploy operations.
|
|
- **jenkins-mcp**: Focused on CI/CD capabilities. This package **must not** have Ops credentials unless explicitly configured for a specific, isolated pipeline later.
|
|
- **ops-mcp**: Dedicated to live environment and host checks. In its initial state, this package starts as strictly read-only (e.g., health checks, status checks, log reading).
|