Mcp vuln

.github/workflows/pr-build.yml

@@ -252,8 +252,9 @@ jobs:
           pip3 install virtualenv
           virtualenv venv
           source venv/bin/activate
-          pip3 install -r requirements.txt
-          pip3 install -r dev-requirements.txt
+          pip install --upgrade pip setuptools 
+          pip install -r requirements.txt
+          pip install -r dev-requirements.txt
           mkdir -p test-results
           source .env
           IS_TESTING=True python3 manage.py test --no-input --testrunner xmlrunner.extra.djangotestrunner.XMLTestRunner

deploy/docker/docker-compose.yml

@@ -154,6 +154,8 @@ services:
   crapi-chatbot:
     container_name: crapi-chatbot
     image: crapi/crapi-chatbot:${VERSION:-latest}
+    ports:
+      - "${LISTEN_IP:-127.0.0.1}:5500:5500" # MCP server
     environment:
       - TLS_ENABLED=${TLS_ENABLED:-false}
       - SERVER_PORT=${CHATBOT_SERVER_PORT:-5002}

deploy/helm/templates/chatbot/deployment.yaml

@@ -51,6 +51,7 @@ spec:
           imagePullPolicy: {{ .Values.imagePullPolicy }}
           ports:
             - containerPort: {{ .Values.chatbot.port }}
+            - containerPort: {{ .Values.chatbot.mcpPort }}
           envFrom:
             - configMapRef:
                 name: {{ .Values.chatbot.config.name }}

deploy/helm/templates/chatbot/ingress.yaml

@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .Values.chatbot.service.name }}-mcp
+  labels:
+    release: {{ .Release.Name }}
+    {{- with .Values.chatbot.service.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+spec:
+  ports:
+  - name: mcp
+    port: {{ .Values.chatbot.mcpPort }}
+    nodePort: {{ .Values.chatbot.service.mcpNodePort }}
+    protocol: TCP
+  selector:
+    {{- toYaml .Values.chatbot.serviceSelectorLabels | nindent 4 }}
+  sessionAffinity: None
+  type: LoadBalancer

deploy/helm/templates/chatbot/service.yaml

@@ -10,6 +10,8 @@ metadata:
 spec:
   ports:
   - port: {{ .Values.chatbot.port }}
-    name: python
+    name: chatbot
+  - port: {{ .Values.chatbot.mcpPort }}
+    name: mcp
   selector:
     {{- toYaml .Values.chatbot.serviceSelectorLabels | nindent 4 }}

deploy/helm/values.yaml

@@ -188,11 +188,13 @@ chatbot:
   name: crapi-chatbot
   image: crapi/crapi-chatbot
   port: 5002
+  mcpPort: 5500
   replicaCount: 1
   service:
     name: crapi-chatbot
     labels:
       app: crapi-chatbot
+    mcpNodePort: 30500
   config:
     name: crapi-chatbot-configmap
     labels:

deploy/k8s/base/chatbot/deployment.yaml

@@ -18,6 +18,7 @@ spec:
         imagePullPolicy: Always
         ports:
         - containerPort: 5002
+        - containerPort: 5500
         envFrom:
             - configMapRef:
                 name: crapi-chatbot-configmap

deploy/k8s/base/chatbot/ingress.yaml

@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: crapi-chatbot-mcp
+  labels:
+    app: crapi-chatbot
+spec:
+  ports:
+  - name: mcp
+    port: 5500
+    nodePort: 30500
+    protocol: TCP
+  selector:
+    app: crapi-chatbot
+  sessionAffinity: None
+  type: LoadBalancer

deploy/k8s/base/chatbot/service.yaml

@@ -7,6 +7,8 @@ metadata:
 spec:
   ports:
   - port: 5002
-    name: go
+    name: chatbot
+  - port: 5500
+    name: mcp
   selector:
     app: crapi-chatbot

services/chatbot/src/chatbot/aws_credentials.py

@@ -45,8 +45,11 @@
     logger.info(
         "[BASE_SESSION] Creating boto3 session - region: %s, has_access_key: %s, "
         "has_secret_key: %s, has_session_token: %s, will_use_instance_profile: %s",
-        region, has_access_key, has_secret_key, has_session_token,
-        not (has_access_key and has_secret_key)
+        region,
+        has_access_key,
+        has_secret_key,
+        has_session_token,
+        not (has_access_key and has_secret_key),
     )
     # Use None for empty strings so boto3 falls back to instance profile/IRSA
     session = boto3.Session(
@@ -60,8 +63,8 @@
     if creds:
         logger.info(
             "[BASE_SESSION] Session created - credential_method: %s, access_key_prefix: %s",
-            creds.method if hasattr(creds, 'method') else 'unknown',
-            creds.access_key[:8] + "..." if creds and creds.access_key else "(none)"
+            creds.method if hasattr(creds, "method") else "unknown",
+            creds.access_key[:8] + "..." if creds and creds.access_key else "(none)",
         )
     else:
         logger.warning("[BASE_SESSION] Session created but NO credentials found!")
@@ -76,7 +79,9 @@
 
     logger.info(
         "[ASSUME_ROLE] Starting assume role - role_arn: %s, session_name: %s, has_external_id: %s",
-        role_arn, session_name, bool(external_id)
+        role_arn,
+        session_name,
+        bool(external_id),
     )
 
     try:
@@ -85,7 +90,8 @@
     except Exception as e:
         logger.error(
             "Failed to create base session for assume role - role_arn: %s, error: %s",
-            role_arn, str(e)
+            role_arn,
+            str(e),
         )
         raise
 
@@ -95,7 +101,8 @@
     except Exception as e:
         logger.error(
             "Failed to create STS client for assume role - role_arn: %s, error: %s",
-            role_arn, str(e)
+            role_arn,
+            str(e),
         )
         raise
 
@@ -109,7 +116,10 @@
         assume_role_kwargs["ExternalId"] = external_id
         logger.debug("External ID configured for assume role")
 
-    logger.debug("Calling STS assume_role with kwargs: %s", {k: v for k, v in assume_role_kwargs.items() if k != "ExternalId"})
+    logger.debug(
+        "Calling STS assume_role with kwargs: %s",
+        {k: v for k, v in assume_role_kwargs.items() if k != "ExternalId"},
+    )
 
     try:
         logger.info("[ASSUME_ROLE] Calling sts:AssumeRole...")
@@ -123,7 +133,9 @@
             session_name,
             credentials["Expiration"],
             response.get("AssumedRoleUser", {}).get("AssumedRoleId", "unknown"),
-            credentials["AccessKeyId"][:8] + "..." if credentials.get("AccessKeyId") else "(none)",
+            credentials["AccessKeyId"][:8] + "..."
+            if credentials.get("AccessKeyId")
+            else "(none)",
         )
 
         return {
@@ -135,7 +147,10 @@
     except Exception as e:
         logger.error(
             "[ASSUME_ROLE] FAILED - role_arn: %s, session_name: %s, error_type: %s, error: %s",
-            role_arn, session_name, type(e).__name__, str(e)
+            role_arn,
+            session_name,
+            type(e).__name__,
+            str(e),
         )
         raise
 
@@ -152,13 +167,14 @@
         if time_until_expiry <= CREDENTIALS_REFRESH_BUFFER_SECONDS:
             logger.info(
                 "Cached credentials expiring soon - time_until_expiry: %.0f seconds, refresh_buffer: %d seconds",
-                time_until_expiry, CREDENTIALS_REFRESH_BUFFER_SECONDS
+                time_until_expiry,
+                CREDENTIALS_REFRESH_BUFFER_SECONDS,
             )
             return None
 
         logger.debug(
             "Using cached credentials - time_until_expiry: %.0f seconds",
-            time_until_expiry
+            time_until_expiry,
         )
         return _credentials_cache["credentials"]
 
@@ -169,8 +185,7 @@
         _credentials_cache["credentials"] = credentials
         _credentials_cache["expiration"] = credentials["expiry_time"]
         logger.debug(
-            "Cached new credentials - expires_at: %s",
-            credentials["expiry_time"]
+            "Cached new credentials - expires_at: %s", credentials["expiry_time"]
         )
 
 
@@ -192,21 +207,22 @@
         Config.AWS_ASSUME_ROLE_ARN or "(not set)",
         bool(os.getenv("AWS_ACCESS_KEY_ID")),
         bool(os.getenv("AWS_SECRET_ACCESS_KEY")),
-        bool(Config.AWS_BEARER_TOKEN_BEDROCK)
+        bool(Config.AWS_BEARER_TOKEN_BEDROCK),
     )
 
     # If assume role is configured, use it
     if Config.AWS_ASSUME_ROLE_ARN:
         logger.info(
-            "[AWS_CREDS] Assume role path - role_arn: %s",
-            Config.AWS_ASSUME_ROLE_ARN
+            "[AWS_CREDS] Assume role path - role_arn: %s", Config.AWS_ASSUME_ROLE_ARN
         )
         # Try to use cached credentials
         cached = _get_cached_credentials()
         if cached:
             logger.info(
                 "[AWS_CREDS] Using CACHED assume role credentials - access_key_prefix: %s",
-                cached["access_key"][:8] + "..." if cached.get("access_key") else "(none)"
+                cached["access_key"][:8] + "..."
+                if cached.get("access_key")
+                else "(none)",
             )
             return {
                 "access_key": cached["access_key"],
@@ -221,7 +237,9 @@
         _set_cached_credentials(credentials)
         logger.info(
             "[AWS_CREDS] Assume role succeeded - access_key_prefix: %s",
-            credentials["access_key"][:8] + "..." if credentials.get("access_key") else "(none)"
+            credentials["access_key"][:8] + "..."
+            if credentials.get("access_key")
+            else "(none)",
         )
         return {
             "access_key": credentials["access_key"],
@@ -239,7 +257,7 @@
         logger.info(
             "[AWS_CREDS] Using STATIC credentials from env - access_key_prefix: %s, has_session_token: %s",
             access_key[:8] + "..." if access_key else "(none)",
-            bool(session_token)
+            bool(session_token),
         )
         result = {
             "access_key": access_key,
@@ -280,15 +298,23 @@
 
     This bypasses any token-based auth that botocore might pick up from env vars.
     """
-    logger.info("[BEDROCK_CLIENT] Creating bedrock-runtime client with explicit credentials")
+    logger.info(
+        "[BEDROCK_CLIENT] Creating bedrock-runtime client with explicit credentials"
+    )
     credentials = get_aws_credentials()
-    region = credentials.get("region") or os.getenv("AWS_REGION") or os.getenv("AWS_DEFAULT_REGION")
+    region = (
+        credentials.get("region")
+        or os.getenv("AWS_REGION")
+        or os.getenv("AWS_DEFAULT_REGION")
+    )
 
     logger.info(
         "[BEDROCK_CLIENT] Using credentials - access_key_prefix: %s, has_token: %s, region: %s",
-        credentials["access_key"][:8] + "..." if credentials.get("access_key") else "(none)",
+        credentials["access_key"][:8] + "..."
+        if credentials.get("access_key")
+        else "(none)",
         bool(credentials.get("token")),
-        region
+        region,
     )
 
     # Create client with explicit credentials, bypassing any default chain or token discovery
@@ -304,7 +330,9 @@
             retries={"max_attempts": 3},
         ),
     )
-    logger.info("[BEDROCK_CLIENT] Client created successfully with explicit credentials")
+    logger.info(
+        "[BEDROCK_CLIENT] Client created successfully with explicit credentials"
+    )
     return client
 
 
@@ -323,11 +351,16 @@
     except Exception as e:
         logger.error(
             "[BEDROCK_KWARGS] Failed to get credentials: %s - %s",
-            type(e).__name__, str(e)
+            type(e).__name__,
+            str(e),
         )
         raise
 
-    region = credentials.get("region") or os.getenv("AWS_REGION") or os.getenv("AWS_DEFAULT_REGION")
+    region = (
+        credentials.get("region")
+        or os.getenv("AWS_REGION")
+        or os.getenv("AWS_DEFAULT_REGION")
+    )
 
     # Pass explicit credentials to ChatBedrock/BedrockEmbeddings
     # This ensures we use SigV4 signing, not any token-based auth
@@ -343,9 +376,11 @@
 
     logger.info(
         "[BEDROCK_KWARGS] Using explicit credentials - access_key_prefix: %s, has_token: %s, region: %s",
-        credentials["access_key"][:8] + "..." if credentials.get("access_key") else "(none)",
+        credentials["access_key"][:8] + "..."
+        if credentials.get("access_key")
+        else "(none)",
         bool(credentials.get("token")),
-        region
+        region,
     )
 
     return kwargs