Merge remote-tracking branch 'origin/main' into 425-SECURITYFEATURE

Author: NAYANAR0502

.env.example

@@ -134,9 +134,12 @@ CORS_ENABLED=true
 #####################################
 
 RETRY_MAX_ATTEMPTS=3
-RETRY_BASE_DELAY=1.0  # seconds
-RETRY_MAX_DELAY=60.0  # seconds
-RETRY_JITTER_MAX=0.5  # fraction of delay
+# seconds
+RETRY_BASE_DELAY=1.0
+# seconds
+RETRY_MAX_DELAY=60.0
+# fraction of delay
+RETRY_JITTER_MAX=0.5
 
 #####################################
 # Logging
@@ -256,9 +259,8 @@ UNHEALTHY_THRESHOLD=3
 
 # This path is append with the system temp directory.
 # It is used to ensure that only one instance of the gateway health Check can run at a time.
-FILELOCK_NAME=gateway_healthcheck_init.lock   # saved dir in /tmp/gateway_healthcheck_init.lock
-# FILELOCK_NAME=somefolder/gateway_healthcheck_init.lock   # saved dir in /tmp/somefolder/gateway_healthcheck_init.lock#
-
+# saved dir in /tmp/gateway_healthcheck_init.lock
+FILELOCK_NAME=gateway_healthcheck_init.lock
 
 #####################################
 # Development Settings

Makefile

@@ -223,8 +223,10 @@ clean:
 ## --- Automated checks --------------------------------------------------------
 smoketest:
 	@echo "🚀 Running smoketest..."
-	@./smoketest.py --verbose || { echo "❌ Smoketest failed!"; exit 1; }
-	@echo "✅ Smoketest passed!"
+	@bash -c '\
+		./smoketest.py --verbose || { echo "❌ Smoketest failed!"; exit 1; }; \
+		echo "✅ Smoketest passed!" \
+	'
 
 test:
 	@echo "🧪 Running tests..."
@@ -1194,7 +1196,7 @@ endef
 
 # Containerfile to use (can be overridden)
 #CONTAINER_FILE ?= Containerfile
-CONTAINER_FILE ?= $(shell [ -f "Containerfile" ] && echo "Containerfile" || echo "Dockerfile")
+CONTAINER_FILE ?= $(shell [ -f "Containerfile.lite" ] && echo "Containerfile.lite" || echo "Dockerfile")
 
 
 # Define COMMA for the conditional Z flag
@@ -1267,6 +1269,7 @@ container-run-ssl: certs container-check-image
 	-$(CONTAINER_RUNTIME) stop $(PROJECT_NAME) 2>/dev/null || true
 	-$(CONTAINER_RUNTIME) rm $(PROJECT_NAME) 2>/dev/null || true
 	$(CONTAINER_RUNTIME) run --name $(PROJECT_NAME) \
+		-u $(id -u):$(id -g) \
 		--env-file=.env \
 		-e SSL=true \
 		-e CERT_FILE=certs/cert.pem \
@@ -1287,6 +1290,7 @@ container-run-ssl-host: certs container-check-image
 	-$(CONTAINER_RUNTIME) stop $(PROJECT_NAME) 2>/dev/null || true
 	-$(CONTAINER_RUNTIME) rm $(PROJECT_NAME) 2>/dev/null || true
 	$(CONTAINER_RUNTIME) run --name $(PROJECT_NAME) \
+		-u $(id -u):$(id -g) \
 		--network=host \
 		--env-file=.env \
 		-e SSL=true \
@@ -2775,47 +2779,112 @@ shfmt-fix: shell-linters-install   ## 🎨  Auto-format *.sh in place
 # =============================================================================
 # help: 🛢️  ALEMBIC DATABASE MIGRATIONS
 # help: alembic-install   - Install Alembic CLI (and SQLAlchemy) in the current env
-# help: db-new            - Create a new migration  (override with MSG="your title")
-# help: db-up             - Upgrade DB to the latest revision (head)
-# help: db-down           - Downgrade one revision       (override with REV=<id|steps>)
-# help: db-current        - Show the current head revision for the database
-# help: db-history        - Show the full migration graph / history
-# help: db-revision-id    - Echo just the current revision id (handy for scripting)
+# help: db-init           - Initialize alembic migrations
+# help: db-migrate        - Create a new migration
+# help: db-upgrade        - Upgrade database to latest migration
+# help: db-downgrade      - Downgrade database by one revision
+# help: db-current        - Show current database revision
+# help: db-history        - Show migration history
+# help: db-heads          - Show available heads
+# help: db-show           - Show a specific revision
+# help: db-stamp          - Stamp database with a specific revision
+# help: db-reset          - Reset database (CAUTION: drops all data)
+# help: db-status         - Show detailed database status
+# help: db-check          - Check if migrations are up to date
+# help: db-fix-head       - Fix multiple heads issue
 # -----------------------------------------------------------------------------
 
-# ──────────────────────────
-# Internals & defaults
-# ──────────────────────────
-ALEMBIC ?= alembic        # Override to e.g. `poetry run alembic`
-MSG     ?= "auto migration"
-REV     ?= -1             # Default: one step down; can be hash, -n, +n, etc.
+# Database migration commands
+ALEMBIC_CONFIG = mcpgateway/alembic.ini
 
-.PHONY: alembic-install db-new db-up db-down db-current db-history db-revision-id
+.PHONY: alembic-install db-init db-migrate db-upgrade db-downgrade db-current db-history db-heads db-show db-stamp db-reset db-status db-check db-fix-head
 
 alembic-install:
 	@echo "➜ Installing Alembic ..."
 	pip install --quiet alembic sqlalchemy
 
-db-new:
-	@echo "➜ Generating revision: $(MSG)"
-	$(ALEMBIC) -c mcpgateway/alembic.ini revision --autogenerate -m $(MSG)
-
-db-up:
-	@echo "➜ Upgrading database to head ..."
-	$(ALEMBIC) -c mcpgateway/alembic.ini upgrade head
-
-db-down:
-	@echo "➜ Downgrading database → $(REV) ..."
-	$(ALEMBIC) -c mcpgateway/alembic.ini downgrade $(REV)
-
-db-current:
-	$(ALEMBIC) -c mcpgateway/alembic.ini current
+.PHONY: db-init
+db-init: ## Initialize alembic migrations
+	@echo "🗄️ Initializing database migrations..."
+	alembic -c $(ALEMBIC_CONFIG) init alembic
+
+.PHONY: db-migrate
+db-migrate: ## Create a new migration
+	@echo "�️ Creating new migration..."
+	@read -p "Enter migration message: " msg; \
+	alembic -c $(ALEMBIC_CONFIG) revision --autogenerate -m "$$msg"
+
+.PHONY: db-upgrade
+db-upgrade: ## Upgrade database to latest migration
+	@echo "🗄️ Upgrading database..."
+	alembic -c $(ALEMBIC_CONFIG) upgrade head
+
+.PHONY: db-downgrade
+db-downgrade: ## Downgrade database by one revision
+	@echo "�️ Downgrading database..."
+	alembic -c $(ALEMBIC_CONFIG) downgrade -1
+
+.PHONY: db-current
+db-current: ## Show current database revision
+	@echo "🗄️ Current database revision:"
+	@alembic -c $(ALEMBIC_CONFIG) current
+
+.PHONY: db-history
+db-history: ## Show migration history
+	@echo "🗄️ Migration history:"
+	@alembic -c $(ALEMBIC_CONFIG) history
+
+.PHONY: db-heads
+db-heads: ## Show available heads
+	@echo "�️ Available heads:"
+	@alembic -c $(ALEMBIC_CONFIG) heads
+
+.PHONY: db-show
+db-show: ## Show a specific revision
+	@read -p "Enter revision ID: " rev; \
+	alembic -c $(ALEMBIC_CONFIG) show $$rev
+
+.PHONY: db-stamp
+db-stamp: ## Stamp database with a specific revision
+	@read -p "Enter revision to stamp: " rev; \
+	alembic -c $(ALEMBIC_CONFIG) stamp $$rev
+
+.PHONY: db-reset
+db-reset: ## Reset database (CAUTION: drops all data)
+	@echo "⚠️  WARNING: This will drop all data!"
+	@read -p "Are you sure? (y/N): " confirm; \
+	if [ "$$confirm" = "y" ]; then \
+		alembic -c $(ALEMBIC_CONFIG) downgrade base && \
+		alembic -c $(ALEMBIC_CONFIG) upgrade head; \
+		echo "✅ Database reset complete"; \
+	else \
+		echo "❌ Database reset cancelled"; \
+	fi
 
-db-history:
-	$(ALEMBIC) -c mcpgateway/alembic.ini history --verbose
+.PHONY: db-status
+db-status: ## Show detailed database status
+	@echo "�️ Database Status:"
+	@echo "Current revision:"
+	@alembic -c $(ALEMBIC_CONFIG) current
+	@echo ""
+	@echo "Pending migrations:"
+	@alembic -c $(ALEMBIC_CONFIG) history -r current:head
+
+.PHONY: db-check
+db-check: ## Check if migrations are up to date
+	@echo "🗄️ Checking migration status..."
+	@if alembic -c $(ALEMBIC_CONFIG) current | grep -q "(head)"; then \
+		echo "✅ Database is up to date"; \
+	else \
+		echo "⚠️  Database needs migration"; \
+		echo "Run 'make db-upgrade' to apply pending migrations"; \
+		exit 1; \
+	fi
 
-db-revision-id:
-	@$(ALEMBIC) -c mcpgateway/alembic.ini current --verbose | awk '/Current revision/ {print $$3}'
+.PHONY: db-fix-head
+db-fix-head: ## Fix multiple heads issue
+	@echo "�️ Fixing multiple heads..."
+	alembic -c $(ALEMBIC_CONFIG) merge -m "merge heads"
 
 
 # =============================================================================

README.md

@@ -1094,6 +1094,20 @@ You can get started by copying the provided [.env.example](.env.example) to `.en
 
 > 🧠 `none` disables caching entirely. Use `memory` for dev, `database` for persistence, or `redis` for distributed caching.
 
+### Database Management
+
+MCP Gateway uses Alembic for database migrations. Common commands:
+
+- `make db-current` - Show current database version
+- `make db-upgrade` - Apply pending migrations
+- `make db-migrate` - Create new migration
+- `make db-history` - Show migration history
+- `make db-status` - Detailed migration status
+
+#### Troubleshooting
+
+If you see "No 'script_location' key found", ensure you're running from the project root directory.
+
 ### Development
 
 | Setting    | Description            | Default | Options |

mcpgateway/static/admin.js

@@ -3022,50 +3022,73 @@ function updateEditToolRequestTypes(selectedMethod = null) {
 // TOOL SELECT FUNCTIONALITY
 // ===================================================================
 
-function initToolSelect(selectId, pillsId, warnId, max = 6) {
-    const select = safeGetElement(selectId);
-    const pillsBox = safeGetElement(pillsId);
-    const warnBox = safeGetElement(warnId);
+function initToolSelect(
+    selectId,
+    pillsId,
+    warnId,
+    max = 6,
+    selectBtnId = null,
+    clearBtnId = null,
+) {
+    const container = document.getElementById(selectId);
+    const pillsBox = document.getElementById(pillsId);
+    const warnBox = document.getElementById(warnId);
+    const clearBtn = clearBtnId ? document.getElementById(clearBtnId) : null;
+    const selectBtn = selectBtnId ? document.getElementById(selectBtnId) : null;
 
-    if (!select || !pillsBox || !warnBox) {
+    if (!container || !pillsBox || !warnBox) {
         console.warn(
             `Tool select elements not found: ${selectId}, ${pillsId}, ${warnId}`,
         );
         return;
     }
 
+    const checkboxes = container.querySelectorAll('input[type="checkbox"]');
     const pillClasses =
-        "inline-block px-2 py-1 text-xs font-medium text-blue-800 bg-blue-100 rounded";
+        "inline-block px-3 py-1 text-xs font-semibold text-indigo-700 bg-indigo-100 rounded-full shadow";
 
     function update() {
         try {
-            const chosen = Array.from(select.selectedOptions);
-            const count = chosen.length;
+            const checked = Array.from(checkboxes).filter((cb) => cb.checked);
+            const count = checked.length;
 
             // Rebuild pills safely
             pillsBox.innerHTML = "";
-            chosen.forEach((opt) => {
+            checked.forEach((cb) => {
                 const span = document.createElement("span");
                 span.className = pillClasses;
-                span.textContent = opt.text; // Safe text content
+                span.textContent =
+                    cb.nextElementSibling?.textContent?.trim() || "Unnamed";
                 pillsBox.appendChild(span);
             });
 
             // Warning when > max
             if (count > max) {
                 warnBox.textContent = `Selected ${count} tools. Selecting more than ${max} tools can degrade agent performance with the server.`;
-                warnBox.className = "text-yellow-600 text-sm mt-2";
             } else {
                 warnBox.textContent = "";
-                warnBox.className = "";
             }
         } catch (error) {
             console.error("Error updating tool select:", error);
         }
     }
 
+    if (clearBtn) {
+        clearBtn.addEventListener("click", () => {
+            checkboxes.forEach((cb) => (cb.checked = false));
+            update();
+        });
+    }
+
+    if (selectBtn) {
+        selectBtn.addEventListener("click", () => {
+            checkboxes.forEach((cb) => (cb.checked = true));
+            update();
+        });
+    }
+
     update(); // Initial render
-    select.addEventListener("change", update);
+    checkboxes.forEach((cb) => cb.addEventListener("change", update));
 }
 
 // ===================================================================
@@ -4415,8 +4438,12 @@ async function handleEditToolFormSubmit(event) {
 
         // // Save CodeMirror editors' contents if present
 
-        if (window.editToolHeadersEditor) window.editToolHeadersEditor.save();
-        if (window.editToolSchemaEditor) window.editToolSchemaEditor.save();
+        if (window.editToolHeadersEditor) {
+            window.editToolHeadersEditor.save();
+        }
+        if (window.editToolSchemaEditor) {
+            window.editToolSchemaEditor.save();
+        }
 
         const isInactiveCheckedBool = isInactiveChecked("tools");
         formData.append("is_inactive_checked", isInactiveCheckedBool);
@@ -4428,7 +4455,7 @@ async function handleEditToolFormSubmit(event) {
             headers: { "X-Requested-With": "XMLHttpRequest" },
         });
         console.log("response:", response);
-        result = await response.json();
+        const result = await response.json();
         console.log("result edit tool form:", result);
         if (!result.success) {
             throw new Error(result.message || "An error occurred");
@@ -4838,12 +4865,16 @@ function initializeToolSelects() {
         "selectedToolsPills",
         "selectedToolsWarning",
         6,
+        "selectAllToolsBtn",
+        "clearAllToolsBtn",
     );
     initToolSelect(
         "edit-server-tools",
         "selectedEditToolsPills",
         "selectedEditToolsWarning",
         6,
+        "selectAllEditToolsBtn",
+        "clearAllEditToolsBtn",
     );
 }