Add GitHub MCP server integration to integration-proxy with agent proxy support (#41)

* Initial plan

* Add GitHub MCP server integration to integration-proxy

Co-authored-by: phrocker <[email protected]>

* Update build scripts and documentation for GitHub integration

Co-authored-by: phrocker <[email protected]>

* Fix code review issues: HttpStatus constants, values.yaml, and env variables

Co-authored-by: phrocker <[email protected]>

* Add null safety checks and fix environment file formatting

Co-authored-by: phrocker <[email protected]>

* Add proxy endpoint and abstract integration management

- Created IntegrationServerManager abstract base class for reusable K8s management
- Refactored GitHubMCPServerService to extend IntegrationServerManager
- Added GitHubMCPProxyService for forwarding MCP requests to GitHub servers
- Added /api/v1/github/mcp/proxy endpoint for agents to communicate with MCP server
- Updated tests to cover new proxy functionality
- Updated documentation with proxy endpoint usage examples

This enables agents to directly communicate with GitHub MCP servers while abstracting the Kubernetes management logic for future integrations.

Co-authored-by: phrocker <[email protected]>

---------

Co-authored-by: copilot-swe-agent[bot] <[email protected]>
Co-authored-by: phrocker <[email protected]>

Author: Copilot

.gcp.env

@@ -4,4 +4,5 @@ SENTRIUS_KEYCLOAK_VERSION=1.0.10
 SENTRIUS_AGENT_VERSION=1.0.19
 SENTRIUS_AI_AGENT_VERSION=1.0.0
 LLMPROXY_VERSION=1.0.0
-LAUNCHER_VERSION=1.0.0
+LAUNCHER_VERSION=1.0.0
+GITHUB_MCP_VERSION=1.0.0

.local.env

@@ -11,3 +11,4 @@ LAUNCHER_VERSION=1.0.91
 AGENTPROXY_VERSION=1.0.92
 SSHPROXY_VERSION=1.0.91
 RDPPROXY_VERSION=1.0.122
+GITHUB_MCP_VERSION=1.0.0

README.md

@@ -10,7 +10,7 @@ sub-projects:
     core – Handles the core functionalities (e.g., SSH session management, zero trust policy enforcement).
     api – Provides a RESTful API layer to interface with the core module.
     dataplane – Offers dataplane functionality for secure data transfer and processing.
-    integration-proxy – A proxy service that integrates with large language models (LLMs) to enhance security and compliance in SSH sessions.
+    integration-proxy – A proxy service that integrates with large language models (LLMs) and external services (like GitHub, JIRA) to enhance security and compliance. Supports dynamic MCP (Model Context Protocol) server management for GitHub integrations.
     llm-dataplane – A data processing layer that leverages LLMs for advanced analysis and decision-making in SSH sessions.
     ops-scripts – Contains operational scripts for deployment and management tasks.
     ai-agent – Java-based intelligent agent framework for monitoring and controlling SSH sessions.
@@ -28,6 +28,7 @@ Table of Contents
     Running Sentrius
     Helm Chart Deployment
     Testing
+    Integrations
     Custom Agents
     Usage
     API Documentation
@@ -396,6 +397,50 @@ The charts support multiple deployment environments with different configuration
 
 For comprehensive testing documentation including CI/CD testing, local testing, and troubleshooting, see [docs/helm-testing.md](docs/helm-testing.md).
 
+## Integrations
+
+Sentrius supports external service integrations through the integration-proxy module, providing secure, zero-trust access to external APIs and services.
+
+### GitHub Integration
+
+The GitHub MCP (Model Context Protocol) integration enables secure access to GitHub repositories, issues, and pull requests through dynamically launched MCP server containers.
+
+**Features:**
+- Query GitHub issues and pull requests
+- Access repository information
+- Clone and interact with repositories
+- All operations use zero-trust security model
+
+**Setup:**
+
+1. **Store GitHub Token:**
+   Create an `IntegrationSecurityToken` with:
+   - `connectionType`: "github"
+   - `connectionInfo`: Your GitHub Personal Access Token
+
+2. **Launch MCP Server:**
+   ```bash
+   curl -X POST "http://integration-proxy:8080/api/v1/github/mcp/launch?tokenId=<TOKEN_ID>" \
+     -H "Authorization: Bearer <JWT_TOKEN>"
+   ```
+
+3. **Access via Service URL:**
+   The response includes a `serviceUrl` for accessing the GitHub MCP server within the cluster.
+
+For detailed documentation, see [integration-proxy/GITHUB_INTEGRATION.md](integration-proxy/GITHUB_INTEGRATION.md).
+
+### JIRA Integration
+
+The JIRA integration provides secure proxy access to JIRA APIs for ticket management and tracking.
+
+**Available Endpoints:**
+- `/api/v1/jira/rest/api/3/search` - Search for JIRA issues
+- `/api/v1/jira/rest/api/3/issue` - Get issue details
+- `/api/v1/jira/rest/api/3/issue/comment` - Manage issue comments
+- `/api/v1/jira/rest/api/3/issue/assignee` - Assign issues
+
+All JIRA requests are authenticated through Keycloak and validated against the user's permissions.
+
 ## Custom Agents
 
 Sentrius supports both Java and Python-based custom agents that can extend the platform's functionality for monitoring, automation, and user assistance.

docker/github-mcp-server/Dockerfile

@@ -0,0 +1,22 @@
+# GitHub MCP Server Docker Image
+FROM node:20-alpine
+
+# Install git (required for repository operations)
+RUN apk add --no-cache git
+
+# Create app directory
+WORKDIR /app
+
+# Clone and build the github-mcp-server
+RUN git clone https://github.com/github/github-mcp-server.git . && \
+    npm install && \
+    npm run build
+
+# Expose the port for MCP server (using stdio by default, but we'll add HTTP support)
+EXPOSE 3000
+
+# Environment variables for GitHub token will be passed at runtime
+ENV GITHUB_PERSONAL_ACCESS_TOKEN=""
+
+# Run the MCP server
+CMD ["node", "dist/index.js"]