platform

package
v1.47.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 1, 2026 License: Apache-2.0 Imports: 50 Imported by: 0

Documentation

Overview

Package platform provides the main platform orchestration.

Package platform provides the main platform orchestration.

Index

Constants

View Source 
const (
	SessionStoreMemory   = "memory"
	SessionStoreDatabase = "database"
)

Session store backend names.

View Source 
const (
	ConfigStoreModeFile     = "file"
	ConfigStoreModeDatabase = "database"
)

Config store mode names.

View Source 
const CurrentConfigVersion = "v1"

CurrentConfigVersion is the current config API version.

Variables

This section is empty.

Functions

func MigrateConfig added in v0.16.0 

func MigrateConfig(r io.Reader, w io.Writer, targetVersion string) error

MigrateConfig reads YAML from r, migrates it to targetVersion, and writes the result to w. If targetVersion is empty, the current version is used. Environment variable references (${VAR}) are preserved in the output.

func MigrateConfigBytes added in v0.16.0 

func MigrateConfigBytes(data []byte, targetVersion string) ([]byte, error)

MigrateConfigBytes migrates raw YAML config bytes to targetVersion. If targetVersion is empty, the current version is used. This function does NOT expand environment variables so ${VAR} references are preserved in the output.

func PeekVersion added in v0.16.0 

func PeekVersion(data []byte) string

PeekVersion extracts the apiVersion from raw YAML bytes. Returns "v1" if the field is missing or empty (backward compatibility).

Types

type APIKeyAuthConfig 

type APIKeyAuthConfig struct {
	Enabled bool        `yaml:"enabled"`
	Keys    []APIKeyDef `yaml:"keys"`
}

APIKeyAuthConfig configures API key authentication.

type APIKeyDef 

type APIKeyDef struct {
	Key   string   `yaml:"key"`
	Name  string   `yaml:"name"`
	Roles []string `yaml:"roles"`
}

APIKeyDef defines an API key.

type AdminConfig added in v0.17.0 

type AdminConfig struct {
	Enabled    bool   `yaml:"enabled"`
	Persona    string `yaml:"persona"`     // required admin persona (default: "admin")
	PathPrefix string `yaml:"path_prefix"` // URL prefix (default: "/api/v1/admin")
}

AdminConfig configures the admin REST API.

type AppConfig added in v0.10.0 

type AppConfig struct {
	// Enabled controls whether this app is active.
	Enabled bool `yaml:"enabled"`

	// Tools lists the tool names this app attaches to.
	Tools []string `yaml:"tools"`

	// AssetsPath is the absolute filesystem path to the app's assets directory.
	// This should point to a directory containing the app's HTML/JS/CSS files.
	// Optional for built-in apps that use embedded assets; setting it overrides the embedded content.
	AssetsPath string `yaml:"assets_path"`

	// ResourceURI is the MCP resource URI for this app (e.g., "ui://query-results").
	// If not specified, defaults to "ui://<app-name>".
	ResourceURI string `yaml:"resource_uri"`

	// EntryPoint is the main HTML file within AssetsPath (e.g., "index.html").
	// Defaults to "index.html" if not specified.
	EntryPoint string `yaml:"entry_point"`

	// CSP defines Content Security Policy requirements for the app.
	CSP *CSPAppConfig `yaml:"csp"`

	// Config holds app-specific configuration that will be injected
	// into the HTML as JSON.
	Config map[string]any `yaml:"config"`
}

AppConfig configures an individual MCP App.

type AuditConfig 

type AuditConfig struct {
	Enabled       bool `yaml:"enabled"`
	LogToolCalls  bool `yaml:"log_tool_calls"`
	RetentionDays int  `yaml:"retention_days"`
}

AuditConfig configures audit logging.

type AuthConfig 

type AuthConfig struct {
	OIDC           OIDCAuthConfig       `yaml:"oidc"`
	APIKeys        APIKeyAuthConfig     `yaml:"api_keys"`
	BrowserSession BrowserSessionConfig `yaml:"browser_session"`
	AllowAnonymous bool                 `yaml:"allow_anonymous"` // default: false
}

AuthConfig configures authentication.

type BrowserSessionConfig added in v0.32.0 

type BrowserSessionConfig struct {
	Enabled    bool          `yaml:"enabled"`
	CookieName string        `yaml:"cookie_name"` // default: "mcp_session"
	TTL        time.Duration `yaml:"ttl"`         // default: 8h
	SigningKey string        `yaml:"signing_key"` // base64-encoded HMAC key
	Secure     bool          `yaml:"secure"`      // default: true
	Domain     string        `yaml:"domain"`
}

BrowserSessionConfig configures cookie-based browser sessions.

type CSPAppConfig added in v0.11.0 

type CSPAppConfig struct {
	// ResourceDomains lists origins for static resources (scripts, images, styles, fonts).
	ResourceDomains []string `yaml:"resource_domains"`

	// ConnectDomains lists origins for network requests (fetch/XHR/WebSocket).
	ConnectDomains []string `yaml:"connect_domains"`

	// FrameDomains lists origins for nested iframes.
	FrameDomains []string `yaml:"frame_domains"`

	// ClipboardWrite requests write access to the clipboard.
	ClipboardWrite bool `yaml:"clipboard_write"`
}

CSPAppConfig defines Content Security Policy requirements for an MCP App.

type CacheConfig 

type CacheConfig struct {
	Enabled bool          `yaml:"enabled"`
	TTL     time.Duration `yaml:"ttl"`
}

CacheConfig configures caching.

type ClientLoggingConfig added in v0.20.0 

type ClientLoggingConfig struct {
	Enabled bool `yaml:"enabled"`
}

ClientLoggingConfig configures server-to-client log message notifications.

type Closer 

type Closer interface {
	Close() error
}

Closer is something that can be closed.

type Component 

type Component interface {
	Start(ctx context.Context) error
	Stop(ctx context.Context) error
}

Component is something that can be started and stopped.

type Config 

type Config struct {
	APIVersion    string              `yaml:"apiVersion"`
	ConfigStore   ConfigStoreConfig   `yaml:"config_store"`
	Server        ServerConfig        `yaml:"server"`
	Auth          AuthConfig          `yaml:"auth"`
	OAuth         OAuthConfig         `yaml:"oauth"`
	Database      DatabaseConfig      `yaml:"database"`
	Personas      PersonasConfig      `yaml:"personas"`
	Toolkits      map[string]any      `yaml:"toolkits"`
	Tools         ToolsConfig         `yaml:"tools"`
	Semantic      SemanticConfig      `yaml:"semantic"`
	Query         QueryConfig         `yaml:"query"`
	Storage       StorageConfig       `yaml:"storage"`
	Injection     InjectionConfig     `yaml:"injection"`
	Tuning        TuningConfig        `yaml:"tuning"`
	Audit         AuditConfig         `yaml:"audit"`
	MCPApps       MCPAppsConfig       `yaml:"mcpapps"`
	Sessions      SessionsConfig      `yaml:"sessions"`
	Knowledge     KnowledgeConfig     `yaml:"knowledge"`
	Portal        PortalConfig        `yaml:"portal"`
	Admin         AdminConfig         `yaml:"admin"`
	Resources     ResourcesConfig     `yaml:"resources"`
	Progress      ProgressConfig      `yaml:"progress"`
	ClientLogging ClientLoggingConfig `yaml:"client_logging"`
	Icons         IconsConfig         `yaml:"icons"`
	Elicitation   ElicitationConfig   `yaml:"elicitation"`
	Workflow      WorkflowConfig      `yaml:"workflow"`
	SessionGate   SessionGateConfig   `yaml:"session_gate"`
}

Config holds the complete platform configuration.

func LoadConfig 

func LoadConfig(path string) (*Config, error)

LoadConfig loads configuration from a file. The path is expected to come from command line arguments, controlled by the administrator.

func LoadConfigFromBytes added in v0.16.0 

func LoadConfigFromBytes(data []byte) (*Config, error)

LoadConfigFromBytes loads configuration from raw YAML bytes. Environment variables are expanded before parsing. The apiVersion field is validated against the default version registry.

func (*Config) Validate 

func (c *Config) Validate() error

Validate validates the configuration.

type ConfigEnvelope added in v0.16.0 

type ConfigEnvelope struct {
	APIVersion string `yaml:"apiVersion"`
}

ConfigEnvelope is a minimal struct for peeking at the apiVersion field without parsing the full config.

type ConfigStoreConfig added in v0.17.0 

type ConfigStoreConfig struct {
	Mode string `yaml:"mode"` // "file" (default) or "database"
}

ConfigStoreConfig configures how configuration is stored and managed.

type ConfigVersionInfo added in v0.16.0 

type ConfigVersionInfo struct {
	APIVersion        string   `json:"api_version"`
	SupportedVersions []string `json:"supported_versions"`
	LatestVersion     string   `json:"latest_version"`
}

ConfigVersionInfo provides information about the config API version.

type CostEstimationConfig added in v0.21.0 

type CostEstimationConfig struct {
	// Enabled controls whether query cost estimation triggers elicitation.
	Enabled bool `yaml:"enabled"`

	// RowThreshold is the estimated row count above which confirmation is requested.
	// Default: 1000000 (1 million rows).
	RowThreshold int64 `yaml:"row_threshold"`
}

CostEstimationConfig configures query cost estimation.

type CustomResourceDef added in v0.29.0 

type CustomResourceDef struct {
	URI         string `yaml:"uri"`
	Name        string `yaml:"name"`
	Description string `yaml:"description,omitempty"`
	MIMEType    string `yaml:"mime_type"`
	Content     string `yaml:"content,omitempty"`      // inline text/JSON/SVG
	ContentFile string `yaml:"content_file,omitempty"` // absolute or relative path
}

CustomResourceDef defines a user-configured static MCP resource.

type DCRConfig 

type DCRConfig struct {
	Enabled                 bool     `yaml:"enabled"`
	AllowedRedirectPatterns []string `yaml:"allowed_redirect_patterns"`
}

DCRConfig configures Dynamic Client Registration.

type DatabaseConfig 

type DatabaseConfig struct {
	DSN          string `yaml:"dsn"`
	MaxOpenConns int    `yaml:"max_open_conns"`
}

DatabaseConfig configures the database connection.

type ElicitationConfig added in v0.21.0 

type ElicitationConfig struct {
	// Enabled is the master switch for all elicitation features.
	Enabled bool `yaml:"enabled"`

	// CostEstimation configures query cost estimation and confirmation.
	CostEstimation CostEstimationConfig `yaml:"cost_estimation"`

	// PIIConsent configures PII access consent.
	PIIConsent PIIConsentConfig `yaml:"pii_consent"`
}

ElicitationConfig configures user confirmation for expensive operations.

type EscalationConfig added in v0.27.0 

type EscalationConfig struct {
	// AfterWarnings is the number of standard warnings before escalation.
	// Defaults to 3.
	AfterWarnings int `yaml:"after_warnings"`

	// EscalationMessage replaces the standard warning after the threshold.
	// The placeholder {count} is replaced with the current warning count.
	EscalationMessage string `yaml:"escalation_message"`
}

EscalationConfig configures progressive escalation for workflow gating.

type Features added in v0.9.0 

type Features struct {
	SemanticEnrichment bool                `json:"semantic_enrichment"`
	QueryEnrichment    bool                `json:"query_enrichment"`
	StorageEnrichment  bool                `json:"storage_enrichment"`
	AuditLogging       bool                `json:"audit_logging"`
	KnowledgeCapture   bool                `json:"knowledge_capture"`
	KnowledgeApply     *KnowledgeApplyInfo `json:"knowledge_apply,omitempty"`
}

Features describes enabled platform features.

type IconDef added in v0.21.0 

type IconDef struct {
	// Source is the icon URL (HTTP/HTTPS) or data URI.
	Source string `yaml:"src"`

	// MIMEType is the optional MIME type (e.g., "image/svg+xml").
	MIMEType string `yaml:"mime_type,omitempty"`
}

IconDef defines an icon for config-driven injection.

type IconsConfig added in v0.21.0 

type IconsConfig struct {
	// Enabled is the master switch for icon injection.
	Enabled bool `yaml:"enabled"`

	// Tools maps tool names to their icon definitions.
	Tools map[string]IconDef `yaml:"tools"`

	// Resources maps resource URI templates to their icon definitions.
	Resources map[string]IconDef `yaml:"resources"`

	// Prompts maps prompt names to their icon definitions.
	Prompts map[string]IconDef `yaml:"prompts"`
}

IconsConfig configures visual metadata for tools, resources, and prompts.

type ImplementorConfig added in v1.38.5 

type ImplementorConfig struct {
	Name string `yaml:"name"` // display name (e.g., "ACME Corp")
	URL  string `yaml:"url"`  // link URL (e.g., "https://acme.com")
}

ImplementorConfig configures the optional implementor brand shown in the far-left zone of the public viewer header (e.g., "ACME Corp").

type Info added in v0.14.0 

type Info struct {
	Name                string                `json:"name"`
	Version             string                `json:"version"`
	Description         string                `json:"description,omitempty"`
	Tags                []string              `json:"tags,omitempty"`
	AgentInstructions   string                `json:"agent_instructions,omitempty"`
	Toolkits            []string              `json:"toolkits"`
	ToolkitDescriptions map[string]string     `json:"toolkit_descriptions,omitempty"`
	PortalURL           string                `json:"portal_url,omitempty"`
	Persona             *PersonaInfo          `json:"persona,omitempty"`
	Prompts             []registry.PromptInfo `json:"prompts,omitempty"`
	Features            Features              `json:"features"`
	ConfigVersion       ConfigVersionInfo     `json:"config_version"`
}

Info contains information about the platform deployment.

type InjectionConfig 

type InjectionConfig struct {
	TrinoSemanticEnrichment  bool               `yaml:"trino_semantic_enrichment"`
	DataHubQueryEnrichment   bool               `yaml:"datahub_query_enrichment"`
	S3SemanticEnrichment     bool               `yaml:"s3_semantic_enrichment"`
	DataHubStorageEnrichment bool               `yaml:"datahub_storage_enrichment"`
	EstimateRowCounts        bool               `yaml:"estimate_row_counts"`
	SessionDedup             SessionDedupConfig `yaml:"session_dedup"`

	// ColumnContextFiltering limits column-level semantic enrichment to
	// columns referenced in the SQL query. Saves tokens when queries
	// touch a subset of a wide table. Defaults to true (nil = enabled).
	ColumnContextFiltering *bool `yaml:"column_context_filtering"`

	// SearchSchemaPreview adds a bounded column-name+type preview to
	// datahub_search query_context, eliminating the intermediate
	// datahub_get_schema or trino_describe_table call before writing SQL.
	// Defaults to true (nil = enabled).
	SearchSchemaPreview *bool `yaml:"search_schema_preview"`

	// SchemaPreviewMaxColumns caps how many columns appear in each
	// schema preview. Defaults to 15 (nil = 15).
	SchemaPreviewMaxColumns *int `yaml:"schema_preview_max_columns"`
}

InjectionConfig configures cross-injection.

func (*InjectionConfig) EffectiveSchemaPreviewMaxColumns added in v0.25.0 

func (c *InjectionConfig) EffectiveSchemaPreviewMaxColumns() int

EffectiveSchemaPreviewMaxColumns returns the configured max columns for schema preview, defaulting to 15 when not explicitly set.

func (*InjectionConfig) IsColumnContextFilteringEnabled added in v0.25.0 

func (c *InjectionConfig) IsColumnContextFilteringEnabled() bool

IsColumnContextFilteringEnabled returns whether column context filtering is enabled, defaulting to true when not explicitly set.

func (*InjectionConfig) IsSearchSchemaPreviewEnabled added in v0.25.0 

func (c *InjectionConfig) IsSearchSchemaPreviewEnabled() bool

IsSearchSchemaPreviewEnabled returns whether search schema preview is enabled, defaulting to true when not explicitly set.

type KnowledgeApplyConfig added in v0.16.0 

type KnowledgeApplyConfig struct {
	Enabled             bool   `yaml:"enabled"`
	DataHubConnection   string `yaml:"datahub_connection"`
	RequireConfirmation bool   `yaml:"require_confirmation"`
}

KnowledgeApplyConfig configures the apply_knowledge tool.

type KnowledgeApplyInfo added in v0.16.0 

type KnowledgeApplyInfo struct {
	Enabled           bool   `json:"enabled"`
	DataHubConnection string `json:"datahub_connection,omitempty"`
}

KnowledgeApplyInfo provides information about the knowledge apply feature.

type KnowledgeConfig added in v0.16.0 

type KnowledgeConfig struct {
	Enabled bool                 `yaml:"enabled"`
	Apply   KnowledgeApplyConfig `yaml:"apply"`
}

KnowledgeConfig configures the knowledge capture feature.

type Lifecycle 

type Lifecycle struct {
	// contains filtered or unexported fields
}

Lifecycle manages the startup and shutdown of platform components.

func NewLifecycle 

func NewLifecycle() *Lifecycle

NewLifecycle creates a new lifecycle manager.

func (*Lifecycle) IsStarted 

func (l *Lifecycle) IsStarted() bool

IsStarted returns whether the lifecycle has been started.

func (*Lifecycle) OnStart 

func (l *Lifecycle) OnStart(callback func(context.Context) error)

OnStart registers a callback to run on startup.

func (*Lifecycle) OnStop 

func (l *Lifecycle) OnStop(callback func(context.Context) error)

OnStop registers a callback to run on shutdown.

func (*Lifecycle) RegisterCloser 

func (l *Lifecycle) RegisterCloser(c Closer)

RegisterCloser registers a closer to be closed on shutdown.

func (*Lifecycle) RegisterComponent 

func (l *Lifecycle) RegisterComponent(c Component)

RegisterComponent registers a component with the lifecycle.

func (*Lifecycle) Start 

func (l *Lifecycle) Start(ctx context.Context) error

Start runs all start callbacks.

func (*Lifecycle) Stop 

func (l *Lifecycle) Stop(ctx context.Context) error

Stop runs all stop callbacks in reverse order.

type MCPAppsConfig added in v0.10.0 

type MCPAppsConfig struct {
	// Enabled is the master switch for MCP Apps support.
	// Nil (not set) defaults to true — the built-in platform-info app is always registered.
	// Set to false explicitly to disable all MCP Apps.
	Enabled *bool `yaml:"enabled"`

	// Apps configures individual MCP Apps.
	Apps map[string]AppConfig `yaml:"apps"`
}

MCPAppsConfig configures MCP Apps support for interactive UI components.

func (*MCPAppsConfig) IsEnabled added in v0.28.1 

func (c *MCPAppsConfig) IsEnabled() bool

IsEnabled returns whether MCP Apps support is enabled. Defaults to true when not explicitly set.

type OAuthClientConfig added in v0.3.0 

type OAuthClientConfig struct {
	ID           string   `yaml:"id"`
	Secret       string   `yaml:"secret"` // #nosec G117 -- API key secret from admin YAML config
	RedirectURIs []string `yaml:"redirect_uris"`
}

OAuthClientConfig defines a pre-registered OAuth client.

type OAuthConfig 

type OAuthConfig struct {
	Enabled    bool                `yaml:"enabled"`
	Issuer     string              `yaml:"issuer"`
	SigningKey string              `yaml:"signing_key"` // Base64-encoded HMAC key for JWT signing
	Clients    []OAuthClientConfig `yaml:"clients"`
	DCR        DCRConfig           `yaml:"dcr"`
	Upstream   *UpstreamIDPConfig  `yaml:"upstream,omitempty"`
}

OAuthConfig configures the OAuth server.

type OIDCAuthConfig 

type OIDCAuthConfig struct {
	Enabled       bool     `yaml:"enabled"`
	Issuer        string   `yaml:"issuer"`
	ClientID      string   `yaml:"client_id"`
	ClientSecret  string   `yaml:"client_secret"` // #nosec G117 -- OIDC secret from admin config
	Audience      string   `yaml:"audience"`
	RoleClaimPath string   `yaml:"role_claim_path"`
	RolePrefix    string   `yaml:"role_prefix"`
	Scopes        []string `yaml:"scopes"` // default: [openid, profile, email]
}

OIDCAuthConfig configures OIDC authentication.

type Option 

type Option func(*Options)

Option is a functional option for configuring the platform.

func WithAuditLogger 

func WithAuditLogger(logger middleware.AuditLogger) Option

WithAuditLogger sets the audit logger.

func WithAuthenticator 

func WithAuthenticator(auth middleware.Authenticator) Option

WithAuthenticator sets the authenticator.

func WithAuthorizer 

func WithAuthorizer(authz middleware.Authorizer) Option

WithAuthorizer sets the authorizer.

func WithConfig 

func WithConfig(cfg *Config) Option

WithConfig sets the configuration.

func WithDB 

func WithDB(db *sql.DB) Option

WithDB sets the database connection.

func WithPersonaRegistry 

func WithPersonaRegistry(reg *persona.Registry) Option

WithPersonaRegistry sets the persona registry.

func WithQueryProvider 

func WithQueryProvider(provider query.Provider) Option

WithQueryProvider sets the query provider.

func WithRuleEngine 

func WithRuleEngine(engine *tuning.RuleEngine) Option

WithRuleEngine sets the rule engine.

func WithSemanticProvider 

func WithSemanticProvider(provider semantic.Provider) Option

WithSemanticProvider sets the semantic provider.

func WithSessionStore added in v0.15.0 

func WithSessionStore(store session.Store) Option

WithSessionStore sets the session store.

func WithStorageProvider 

func WithStorageProvider(provider storage.Provider) Option

WithStorageProvider sets the storage provider.

func WithToolkitRegistry 

func WithToolkitRegistry(reg *registry.Registry) Option

WithToolkitRegistry sets the toolkit registry.

type Options 

type Options struct {
	// Config is the platform configuration.
	Config *Config

	// Database connection (optional, will be created from config if not provided).
	DB *sql.DB

	// SemanticProvider (optional, will be created from config if not provided).
	SemanticProvider semantic.Provider

	// QueryProvider (optional, will be created from config if not provided).
	QueryProvider query.Provider

	// StorageProvider (optional, will be created from config if not provided).
	StorageProvider storage.Provider

	// Authenticator (optional, will be created from config if not provided).
	Authenticator middleware.Authenticator

	// Authorizer (optional, will be created from config if not provided).
	Authorizer middleware.Authorizer

	// AuditLogger (optional, will be created from config if not provided).
	AuditLogger middleware.AuditLogger

	// PersonaRegistry (optional, will be created from config if not provided).
	PersonaRegistry *persona.Registry

	// ToolkitRegistry (optional, will be created if not provided).
	ToolkitRegistry *registry.Registry

	// RuleEngine (optional, will be created from config if not provided).
	RuleEngine *tuning.RuleEngine

	// SessionStore (optional, will be created from config if not provided).
	SessionStore session.Store
}

Options configures the platform.

type PIIConsentConfig added in v0.21.0 

type PIIConsentConfig struct {
	// Enabled controls whether PII table access triggers elicitation.
	Enabled bool `yaml:"enabled"`
}

PIIConsentConfig configures PII access consent.

type PersonaDef 

type PersonaDef struct {
	DisplayName string            `yaml:"display_name"`
	Description string            `yaml:"description,omitempty"`
	Roles       []string          `yaml:"roles"`
	Tools       ToolRulesDef      `yaml:"tools"`
	Prompts     PromptsDef        `yaml:"prompts"`
	Hints       map[string]string `yaml:"hints,omitempty"`
	Priority    int               `yaml:"priority,omitempty"`
}

PersonaDef defines a persona.

type PersonaInfo added in v0.12.0 

type PersonaInfo struct {
	Name        string `json:"name"`
	DisplayName string `json:"display_name"`
	Description string `json:"description,omitempty"`
}

PersonaInfo provides summary information about a persona.

type PersonasConfig 

type PersonasConfig struct {
	Definitions    map[string]PersonaDef `yaml:",inline"`
	DefaultPersona string                `yaml:"default_persona"`
	RoleMapping    RoleMappingConfig     `yaml:"role_mapping"`
}

PersonasConfig holds persona definitions.

type Platform 

type Platform struct {
	// contains filtered or unexported fields
}

Platform is the main platform facade.

func New 

func New(opts ...Option) (*Platform, error)

New creates a new platform instance.

func (*Platform) APIKeyAuthenticator added in v0.17.0 

func (p *Platform) APIKeyAuthenticator() *auth.APIKeyAuthenticator

APIKeyAuthenticator returns the API key authenticator, or nil if API keys are disabled.

func (*Platform) AuditStore added in v0.17.0 

func (p *Platform) AuditStore() *auditpostgres.Store

AuditStore returns the PostgreSQL audit store, or nil if audit is disabled.

func (*Platform) Authenticator added in v0.17.0 

func (p *Platform) Authenticator() middleware.Authenticator

Authenticator returns the platform authenticator.

func (*Platform) BrandLogoSVG added in v1.38.5 

func (p *Platform) BrandLogoSVG() string

BrandLogoSVG returns the resolved brand logo SVG content (from portal.logo or mcpapps platform-info config), or empty string if none is configured.

func (*Platform) BrandURL added in v1.38.5 

func (p *Platform) BrandURL() string

BrandURL returns the resolved brand URL from the mcpapps platform-info config (brand_url), or empty string if not configured.

func (*Platform) BrowserSessionAuth added in v0.32.0 

func (p *Platform) BrowserSessionAuth() *browsersession.Authenticator

BrowserSessionAuth returns the cookie-based authenticator, or nil if browser sessions are disabled.

func (*Platform) BrowserSessionFlow added in v0.32.0 

func (p *Platform) BrowserSessionFlow() *browsersession.Flow

BrowserSessionFlow returns the OIDC login flow, or nil if browser sessions are disabled.

func (*Platform) Close 

func (p *Platform) Close() error

Close closes all platform resources in the correct order:

  1. Flush enrichment state, stop session cache, close session store
  2. Close audit logger + audit store (goroutine stops, can still use DB)
  3. Close providers and toolkit registry (trino, datahub, s3)
  4. Close database connection (last — nothing else needs it)

func (*Platform) Config 

func (p *Platform) Config() *Config

Config returns the platform configuration.

func (*Platform) ConfigStore added in v0.17.0 

func (p *Platform) ConfigStore() configstore.Store

ConfigStore returns the config store.

func (*Platform) HintManager added in v0.12.0 

func (p *Platform) HintManager() *tuning.HintManager

HintManager returns the hint manager.

func (*Platform) KnowledgeChangesetStore added in v0.17.0 

func (p *Platform) KnowledgeChangesetStore() knowledgekit.ChangesetStore

KnowledgeChangesetStore returns the changeset store, or nil if knowledge apply is disabled.

func (*Platform) KnowledgeDataHubWriter added in v0.17.0 

func (p *Platform) KnowledgeDataHubWriter() knowledgekit.DataHubWriter

KnowledgeDataHubWriter returns the DataHub writer, or nil if knowledge apply is disabled.

func (*Platform) KnowledgeInsightStore added in v0.17.0 

func (p *Platform) KnowledgeInsightStore() knowledgekit.InsightStore

KnowledgeInsightStore returns the insight store, or nil if knowledge is disabled.

func (*Platform) MCPServer 

func (p *Platform) MCPServer() *mcp.Server

MCPServer returns the MCP server.

func (*Platform) OAuthServer added in v0.3.0 

func (p *Platform) OAuthServer() *oauth.Server

OAuthServer returns the OAuth server, or nil if not enabled.

func (*Platform) PersonaRegistry 

func (p *Platform) PersonaRegistry() *persona.Registry

PersonaRegistry returns the persona registry.

func (*Platform) PlatformTools added in v0.18.2 

func (*Platform) PlatformTools() []ToolInfo

PlatformTools returns tools registered directly on the platform outside of any toolkit.

func (*Platform) PortalAssetStore added in v0.32.0 

func (p *Platform) PortalAssetStore() portal.AssetStore

PortalAssetStore returns the portal asset store, or nil if portal is disabled.

func (*Platform) PortalCollectionStore added in v1.47.0 

func (p *Platform) PortalCollectionStore() portal.CollectionStore

PortalCollectionStore returns the portal collection store, or nil if portal is disabled.

func (*Platform) PortalS3Client added in v0.32.0 

func (p *Platform) PortalS3Client() portal.S3Client

PortalS3Client returns the portal S3 client, or nil if portal is disabled.

func (*Platform) PortalShareStore added in v0.32.0 

func (p *Platform) PortalShareStore() portal.ShareStore

PortalShareStore returns the portal share store, or nil if portal is disabled.

func (*Platform) PortalVersionStore added in v1.43.0 

func (p *Platform) PortalVersionStore() portal.VersionStore

PortalVersionStore returns the portal version store, or nil if portal is disabled.

func (*Platform) QueryProvider 

func (p *Platform) QueryProvider() query.Provider

QueryProvider returns the query provider. 

func (p *Platform) ResolveImplementorLogo() string

ResolveImplementorLogo fetches the implementor logo SVG from the URL configured in portal.implementor.logo. The result is cached so subsequent calls return the same value without another HTTP request. Returns empty string if no logo URL is configured or the fetch fails.

func (*Platform) RuleEngine 

func (p *Platform) RuleEngine() *tuning.RuleEngine

RuleEngine returns the rule engine.

func (*Platform) SemanticProvider 

func (p *Platform) SemanticProvider() semantic.Provider

SemanticProvider returns the semantic provider.

func (*Platform) SessionStore added in v0.15.0 

func (p *Platform) SessionStore() session.Store

SessionStore returns the session store.

func (*Platform) Start 

func (p *Platform) Start(ctx context.Context) error

Start starts the platform.

func (*Platform) Stop 

func (p *Platform) Stop(ctx context.Context) error

Stop stops the platform.

func (*Platform) StorageProvider 

func (p *Platform) StorageProvider() storage.Provider

StorageProvider returns the storage provider.

func (*Platform) ToolkitRegistry 

func (p *Platform) ToolkitRegistry() *registry.Registry

ToolkitRegistry returns the toolkit registry.

type PortalConfig added in v0.32.0 

type PortalConfig struct {
	Enabled        bool                  `yaml:"enabled"`
	Title          string                `yaml:"title"`            // sidebar/branding title (default: "MCP Data Platform")
	LogoLight      string                `yaml:"logo_light"`       // URL to logo for light theme
	LogoDark       string                `yaml:"logo_dark"`        // URL to logo for dark theme
	S3Connection   string                `yaml:"s3_connection"`    // name of the S3 toolkit instance to use
	S3Bucket       string                `yaml:"s3_bucket"`        // bucket for artifact storage
	S3Prefix       string                `yaml:"s3_prefix"`        // key prefix within the bucket
	PublicBaseURL  string                `yaml:"public_base_url"`  // base URL for portal links (e.g., "https://portal.example.com")
	MaxContentSize int                   `yaml:"max_content_size"` // max artifact size in bytes (default: 10MB)
	Implementor    ImplementorConfig     `yaml:"implementor"`      // optional implementor brand (far-left header zone)
	RateLimit      PortalRateLimitConfig `yaml:"rate_limit"`
}

PortalConfig configures the asset portal for saving AI-generated artifacts.

type PortalRateLimitConfig added in v0.32.0 

type PortalRateLimitConfig struct {
	RequestsPerMinute int `yaml:"requests_per_minute"` // default: 60
	BurstSize         int `yaml:"burst_size"`          // default: 10
}

PortalRateLimitConfig configures rate limiting for the public portal viewer.

type ProgressConfig added in v0.20.0 

type ProgressConfig struct {
	Enabled bool `yaml:"enabled"`
}

ProgressConfig configures progress notifications during tool execution.

type PromptArgumentConfig added in v1.38.0 

type PromptArgumentConfig struct {
	Name        string `yaml:"name"`
	Description string `yaml:"description"`
	Required    bool   `yaml:"required"`
}

PromptArgumentConfig defines an argument for a platform-level MCP prompt.

type PromptConfig added in v0.11.0 

type PromptConfig struct {
	Name        string                 `yaml:"name"`
	Description string                 `yaml:"description"`
	Content     string                 `yaml:"content"`
	Arguments   []PromptArgumentConfig `yaml:"arguments"`
}

PromptConfig defines a platform-level MCP prompt.

type PromptsDef 

type PromptsDef struct {
	SystemPrefix string `yaml:"system_prefix,omitempty"`
	SystemSuffix string `yaml:"system_suffix,omitempty"`
	Instructions string `yaml:"instructions,omitempty"`
}

PromptsDef defines prompt customizations.

type QueryConfig 

type QueryConfig struct {
	Provider   string           `yaml:"provider"` // "trino", "noop"
	Instance   string           `yaml:"instance"`
	URNMapping URNMappingConfig `yaml:"urn_mapping"`
}

QueryConfig configures the query provider.

type ResourcesConfig added in v0.20.0 

type ResourcesConfig struct {
	Enabled bool                `yaml:"enabled"` // gates schema/glossary/availability templates
	Custom  []CustomResourceDef `yaml:"custom"`  // always registered when non-empty
}

ResourcesConfig configures MCP resource templates.

type RoleMappingConfig 

type RoleMappingConfig struct {
	OIDCToPersona map[string]string `yaml:"oidc_to_persona"`
}

RoleMappingConfig configures role mapping.

type RulesConfig 

type RulesConfig struct {
	RequireDataHubCheck bool    `yaml:"require_datahub_check"`
	WarnOnDeprecated    bool    `yaml:"warn_on_deprecated"`
	QualityThreshold    float64 `yaml:"quality_threshold"`
}

RulesConfig configures operational rules.

type SemanticConfig 

type SemanticConfig struct {
	Provider   string                        `yaml:"provider"` // "datahub", "noop"
	Instance   string                        `yaml:"instance"`
	Cache      CacheConfig                   `yaml:"cache"`
	URNMapping URNMappingConfig              `yaml:"urn_mapping"`
	Lineage    datahubsemantic.LineageConfig `yaml:"lineage"`
}

SemanticConfig configures the semantic layer.

type ServerConfig 

type ServerConfig struct {
	Name              string           `yaml:"name"`
	Version           string           `yaml:"version"`
	Description       string           `yaml:"description"`
	Tags              []string         `yaml:"tags"`               // Discovery keywords for routing
	AgentInstructions string           `yaml:"agent_instructions"` // Inline operational guidance for AI agents
	Prompts           []PromptConfig   `yaml:"prompts"`            // Platform-level MCP prompts
	Transport         string           `yaml:"transport"`          // "stdio", "http" (or "sse" for backward compat)
	Address           string           `yaml:"address"`
	TLS               TLSConfig        `yaml:"tls"`
	Streamable        StreamableConfig `yaml:"streamable"`
	Shutdown          ShutdownConfig   `yaml:"shutdown"`
}

ServerConfig configures the MCP server.

type SessionDedupConfig added in v0.14.0 

type SessionDedupConfig struct {
	// Enabled controls whether session dedup is active. Defaults to true.
	Enabled *bool `yaml:"enabled"`

	// Mode controls what is sent for previously-enriched tables.
	// Values: "reference" (default), "summary", "none".
	Mode string `yaml:"mode"`

	// EntryTTL is how long a table's enrichment is considered fresh.
	// Defaults to the semantic cache TTL (typically 5m).
	EntryTTL time.Duration `yaml:"entry_ttl"`

	// SessionTimeout is how long an idle session persists before cleanup.
	// Defaults to the server's streamable session timeout (typically 30m).
	SessionTimeout time.Duration `yaml:"session_timeout"`
}

SessionDedupConfig configures session-level metadata deduplication.

func (*SessionDedupConfig) EffectiveMode added in v0.14.0 

func (c *SessionDedupConfig) EffectiveMode() string

EffectiveMode returns the dedup mode, defaulting to "reference".

func (*SessionDedupConfig) IsEnabled added in v0.14.0 

func (c *SessionDedupConfig) IsEnabled() bool

IsEnabled returns whether session dedup is enabled, defaulting to true.

type SessionGateConfig added in v0.31.0 

type SessionGateConfig struct {
	// Enabled activates the session initialization gate.
	Enabled bool `yaml:"enabled"`

	// InitTool is the tool that initializes the session (default: "platform_info").
	InitTool string `yaml:"init_tool"`

	// ExemptTools lists tool names that bypass the gate (e.g., "list_connections").
	ExemptTools []string `yaml:"exempt_tools"`
}

SessionGateConfig configures the session initialization gate that requires agents to call platform_info before using any other tool.

type SessionsConfig added in v0.15.0 

type SessionsConfig struct {
	// Store selects the session storage backend: "memory" (default) or "database".
	Store string `yaml:"store"`

	// TTL is the session lifetime. Defaults to streamable.session_timeout.
	TTL time.Duration `yaml:"ttl"`

	// CleanupInterval is how often the cleanup routine runs. Defaults to 1m.
	CleanupInterval time.Duration `yaml:"cleanup_interval"`
}

SessionsConfig configures session externalization.

type ShutdownConfig added in v0.15.0 

type ShutdownConfig struct {
	// GracePeriod is the maximum time to drain in-flight requests after
	// receiving a shutdown signal. Defaults to 25s (fits within K8s 30s
	// terminationGracePeriodSeconds with headroom for pre-shutdown delay).
	GracePeriod time.Duration `yaml:"grace_period"`

	// PreShutdownDelay is the time to sleep after marking the pod as
	// not-ready and before starting the HTTP drain. This gives the K8s
	// load balancer time to deregister the pod. Defaults to 2s.
	PreShutdownDelay time.Duration `yaml:"pre_shutdown_delay"`
}

ShutdownConfig configures graceful shutdown timing.

type StorageConfig 

type StorageConfig struct {
	Provider string `yaml:"provider"` // "s3", "noop"
	Instance string `yaml:"instance"`
}

StorageConfig configures the storage provider.

type StreamableConfig added in v0.13.0 

type StreamableConfig struct {
	// SessionTimeout is how long an idle session persists before cleanup.
	// Defaults to 30 minutes.
	SessionTimeout time.Duration `yaml:"session_timeout"`
	// Stateless disables session tracking (no Mcp-Session-Id validation).
	Stateless bool `yaml:"stateless"`
}

StreamableConfig configures the Streamable HTTP transport.

type TLSConfig 

type TLSConfig struct {
	Enabled  bool   `yaml:"enabled"`
	CertFile string `yaml:"cert_file"`
	KeyFile  string `yaml:"key_file"`
}

TLSConfig configures TLS.

type ToolInfo added in v0.18.2 

type ToolInfo struct {
	Name string
	Kind string
}

ToolInfo describes a tool registered directly on the platform (not via a toolkit).

type ToolRulesDef 

type ToolRulesDef struct {
	Allow []string `yaml:"allow"`
	Deny  []string `yaml:"deny"`
}

ToolRulesDef defines tool access rules.

type ToolsConfig added in v0.18.0 

type ToolsConfig struct {
	Allow                []string          `yaml:"allow"`
	Deny                 []string          `yaml:"deny"`
	DescriptionOverrides map[string]string `yaml:"description_overrides"`
}

ToolsConfig configures global tool visibility filtering for tools/list responses. This is a visibility filter to reduce token usage — not a security boundary. Persona auth continues to gate tools/call independently.

type TuningConfig 

type TuningConfig struct {
	Rules      RulesConfig `yaml:"rules"`
	PromptsDir string      `yaml:"prompts_dir"`
}

TuningConfig configures AI tuning.

type URNMappingConfig added in v0.6.0 

type URNMappingConfig struct {
	// Platform overrides the platform name used in DataHub URN building.
	// For example, if Trino queries a PostgreSQL database, set this to "postgres"
	// so URNs match DataHub's platform identifier.
	Platform string `yaml:"platform"`

	// CatalogMapping maps catalog names between systems.
	// For semantic provider: maps Trino catalogs to DataHub catalogs (rdbms → warehouse)
	// For query provider: maps DataHub catalogs to Trino catalogs (warehouse → rdbms)
	CatalogMapping map[string]string `yaml:"catalog_mapping"`
}

URNMappingConfig configures URN translation between query engines and metadata catalogs. This is necessary when Trino catalog/platform names differ from DataHub's metadata catalog names.

type UpstreamIDPConfig added in v0.3.0 

type UpstreamIDPConfig struct {
	Issuer       string `yaml:"issuer"`        // Keycloak issuer URL
	ClientID     string `yaml:"client_id"`     // MCP Server's client ID in Keycloak
	ClientSecret string `yaml:"client_secret"` // #nosec G117 -- MCP Server's client secret from admin YAML config
	RedirectURI  string `yaml:"redirect_uri"`  // Callback URL (e.g., http://localhost:8080/oauth/callback)
}

UpstreamIDPConfig configures the upstream identity provider (e.g., Keycloak).

type VersionConverter added in v0.16.0 

type VersionConverter func(data []byte) (*Config, error)

VersionConverter converts raw YAML bytes directly to the latest Config. A nil converter means the version uses standard YAML unmarshalling.

type VersionInfo added in v0.16.0 

type VersionInfo struct {
	// Version is the version string (e.g., "v1").
	Version string

	// Status is the lifecycle state of this version.
	Status VersionStatus

	// DeprecationMessage is shown when a deprecated version is loaded.
	DeprecationMessage string

	// MigrationGuide is shown when a removed version is loaded.
	MigrationGuide string

	// Converter transforms raw YAML bytes into a Config. Nil means
	// standard YAML unmarshalling is used (i.e., the version matches
	// the current schema).
	Converter VersionConverter
}

VersionInfo describes a config API version.

type VersionRegistry added in v0.16.0 

type VersionRegistry struct {
	// contains filtered or unexported fields
}

VersionRegistry holds known config API versions.

func DefaultRegistry added in v0.16.0 

func DefaultRegistry() *VersionRegistry

DefaultRegistry returns the standard version registry with v1 registered.

func NewVersionRegistry added in v0.16.0 

func NewVersionRegistry() *VersionRegistry

NewVersionRegistry creates an empty version registry.

func (*VersionRegistry) Current added in v0.16.0 

func (r *VersionRegistry) Current() string

Current returns the current version string.

func (*VersionRegistry) Get added in v0.16.0 

func (r *VersionRegistry) Get(version string) (*VersionInfo, bool)

Get returns the version info for the given version string.

func (*VersionRegistry) IsDeprecated added in v0.16.0 

func (r *VersionRegistry) IsDeprecated(version string) bool

IsDeprecated returns true if the version exists and is deprecated.

func (*VersionRegistry) ListSupported added in v0.16.0 

func (r *VersionRegistry) ListSupported() []string

ListSupported returns all non-removed version strings, sorted.

func (*VersionRegistry) Register added in v0.16.0 

func (r *VersionRegistry) Register(info *VersionInfo)

Register adds a version to the registry. If current is empty and this is the first VersionCurrent entry, it becomes the current version.

type VersionStatus added in v0.16.0 

type VersionStatus int

VersionStatus represents the lifecycle state of a config version. 

const (
	// VersionCurrent is an actively supported version.
	VersionCurrent VersionStatus = iota
	// VersionDeprecated is a version that still works but emits warnings.
	VersionDeprecated
	// VersionRemoved is a version that is no longer supported.
	VersionRemoved
)

func (VersionStatus) String added in v0.16.0 

func (s VersionStatus) String() string

String returns a human-readable representation of the version status.

type WorkflowConfig added in v0.27.0 

type WorkflowConfig struct {
	// RequireDiscoveryBeforeQuery enables session-aware gating.
	// When true, query tools get a warning if no discovery tool has been
	// called in the current session.
	RequireDiscoveryBeforeQuery bool `yaml:"require_discovery_before_query"`

	// DiscoveryTools lists tool names that count as discovery.
	// Defaults to all datahub_* tools.
	DiscoveryTools []string `yaml:"discovery_tools"`

	// QueryTools lists tool names that are gated by discovery.
	// Defaults to trino_query and trino_execute.
	QueryTools []string `yaml:"query_tools"`

	// WarningMessage is prepended to query results when discovery hasn't occurred.
	WarningMessage string `yaml:"warning_message"`

	// Escalation configures progressive escalation after repeated warnings.
	Escalation EscalationConfig `yaml:"escalation"`
}

WorkflowConfig configures session-aware workflow gating that encourages agents to perform DataHub discovery before running Trino queries.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.