feat: add kubernetes_list_nodes tool (#32)

Author: tembleking

AGENTS.md

@@ -49,7 +49,8 @@ The handler filters tools dynamically based on `GetMyPermissions` from Sysdig Se
 | `get_event_process_tree` | `tool_get_event_process_tree.go` | Retrieve the process tree for an event when available. | `policy-events.read` | “Show the process tree behind event `abc123`.” |
 | `run_sysql` | `tool_run_sysql.go` | Execute caller-supplied Sysdig SysQL queries safely. | `sage.exec`, `risks.read` | “Run the following SysQL…”. |
 | `generate_sysql` | `tool_generate_sysql.go` | Convert natural language to SysQL via Sysdig Sage. | `sage.exec` (does not work with Service Accounts) | “Create a SysQL to list S3 buckets.” |
-| `kubernetes_list_clusters` | `tool_kubernetes_list_clusters.go` | Lists Kubernetes cluster information. | None | "List all Kubernetes clusters" |
+| `kubernetes_list_clusters` | `tool_kubernetes_list_clusters.go` | Lists Kubernetes cluster information. | `promql.exec` | "List all Kubernetes clusters" |
+| `kubernetes_list_nodes` | `tool_kubernetes_list_nodes.go` | Lists Kubernetes node information. | `promql.exec` | "List all Kubernetes nodes in the cluster 'production-gke'" |
 
 Every tool has a companion `_test.go` file that exercises request validation, permission metadata, and Sysdig client calls through mocks.
 Note that if you add more tools you need to also update this file to reflect that.

README.md

@@ -113,6 +113,11 @@ The server dynamically filters the available tools based on the permissions asso
   - **Required Permission**: `promql.exec`
   - **Sample Prompt**: "List all kubernetes clusters" or "Show me info for cluster 'production-gke'"
 
+- **`kubernetes_list_nodes`**
+  - **Description**: Lists the node information for all nodes, all nodes from a cluster or just the node specified.
+  - **Required Permission**: `promql.exec`
+  - **Sample Prompt**: "List all kubernetes nodes in the cluster 'production-gke'" or "Show me info for node 'node-123'"
+
 ## Requirements
 
 - [Go](https://go.dev/doc/install) 1.25 or higher (if running without Docker).

cmd/server/main.go

@@ -96,6 +96,7 @@ func setupHandler(sysdigClient sysdig.ExtendedClientWithResponsesInterface) *mcp
 		tools.NewToolGenerateSysql(sysdigClient),
 
 		tools.NewKubernetesListClusters(sysdigClient),
+		tools.NewKubernetesListNodes(sysdigClient),
 	)
 	return handler
 }

internal/infra/mcp/tools/tool_kubernetes_list_nodes.go

@@ -0,0 +1,85 @@
+package tools
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"io"
+	"strings"
+
+	"github.com/mark3labs/mcp-go/mcp"
+	"github.com/mark3labs/mcp-go/server"
+	"github.com/sysdiglabs/sysdig-mcp-server/internal/infra/sysdig"
+)
+
+type KubernetesListNodes struct {
+	SysdigClient sysdig.ExtendedClientWithResponsesInterface
+}
+
+func NewKubernetesListNodes(sysdigClient sysdig.ExtendedClientWithResponsesInterface) *KubernetesListNodes {
+	return &KubernetesListNodes{
+		SysdigClient: sysdigClient,
+	}
+}
+
+func (t *KubernetesListNodes) RegisterInServer(s *server.MCPServer) {
+	tool := mcp.NewTool("kubernetes_list_nodes",
+		mcp.WithDescription("Lists the information from all nodes, all nodes from a cluster or a specific node with some name."),
+		mcp.WithString("cluster_name", mcp.Description("The name of the cluster to filter by.")),
+		mcp.WithString("node_name", mcp.Description("The name of the node to filter by.")),
+		mcp.WithNumber("limit",
+			mcp.Description("Maximum number of nodes to return."),
+			mcp.DefaultNumber(10),
+		),
+		mcp.WithOutputSchema[map[string]any](),
+		WithRequiredPermissions(), // FIXME(fede): Add the required permissions. It should be `promql.exec` but somehow the token does not have that permission even if you are able to execute queries.
+	)
+	s.AddTool(tool, t.handle)
+}
+
+func (t *KubernetesListNodes) handle(ctx context.Context, request mcp.CallToolRequest) (*mcp.CallToolResult, error) {
+	clusterName := mcp.ParseString(request, "cluster_name", "")
+	nodeName := mcp.ParseString(request, "node_name", "")
+	limit := mcp.ParseInt(request, "limit", 10)
+
+	query := buildKubeNodeInfoQuery(clusterName, nodeName)
+
+	limitQuery := sysdig.LimitQuery(limit)
+	params := &sysdig.GetQueryV1Params{
+		Query: query,
+		Limit: &limitQuery,
+	}
+
+	httpResp, err := t.SysdigClient.GetQueryV1(ctx, params)
+	if err != nil {
+		return mcp.NewToolResultErrorFromErr("failed to get node list", err), nil
+	}
+
+	if httpResp.StatusCode != 200 {
+		bodyBytes, _ := io.ReadAll(httpResp.Body)
+		return mcp.NewToolResultErrorf("failed to get node list: status code %d, body: %s", httpResp.StatusCode, string(bodyBytes)), nil
+	}
+
+	var queryResponse sysdig.QueryResponseV1
+	if err := json.NewDecoder(httpResp.Body).Decode(&queryResponse); err != nil {
+		return mcp.NewToolResultErrorFromErr("failed to decode response", err), nil
+	}
+
+	return mcp.NewToolResultJSON(queryResponse)
+}
+
+func buildKubeNodeInfoQuery(clusterName, nodeName string) string {
+	filters := []string{}
+	if clusterName != "" {
+		filters = append(filters, fmt.Sprintf("cluster=\"%s\"", clusterName))
+	}
+	if nodeName != "" {
+		filters = append(filters, fmt.Sprintf("kube_node_name=\"%s\"", nodeName))
+	}
+
+	if len(filters) == 0 {
+		return "kube_node_info"
+	}
+
+	return fmt.Sprintf("kube_node_info{%s}", strings.Join(filters, ","))
+}

internal/infra/mcp/tools/tool_kubernetes_list_nodes_test.go

@@ -0,0 +1,134 @@
+package tools_test
+
+import (
+	"bytes"
+	"context"
+	"io"
+	"net/http"
+
+	"github.com/mark3labs/mcp-go/mcp"
+	"github.com/mark3labs/mcp-go/server"
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+	"github.com/sysdiglabs/sysdig-mcp-server/internal/infra/mcp/tools"
+	"github.com/sysdiglabs/sysdig-mcp-server/internal/infra/sysdig"
+	"github.com/sysdiglabs/sysdig-mcp-server/internal/infra/sysdig/mocks"
+	"go.uber.org/mock/gomock"
+)
+
+var _ = Describe("KubernetesListNodes Tool", func() {
+	var (
+		tool       *tools.KubernetesListNodes
+		mockSysdig *mocks.MockExtendedClientWithResponsesInterface
+		mcpServer  *server.MCPServer
+		ctrl       *gomock.Controller
+	)
+
+	BeforeEach(func() {
+		ctrl = gomock.NewController(GinkgoT())
+		mockSysdig = mocks.NewMockExtendedClientWithResponsesInterface(ctrl)
+		tool = tools.NewKubernetesListNodes(mockSysdig)
+		mcpServer = server.NewMCPServer("test", "test")
+		tool.RegisterInServer(mcpServer)
+	})
+
+	It("should register successfully in the server", func() {
+		Expect(mcpServer.GetTool("kubernetes_list_nodes")).NotTo(BeNil())
+	})
+
+	When("listing nodes", func() {
+		DescribeTable("it succeeds", func(ctx context.Context, toolName string, request mcp.CallToolRequest, expectedParamsRequested sysdig.GetQueryV1Params) {
+			mockSysdig.EXPECT().GetQueryV1(gomock.Any(), &expectedParamsRequested).Return(&http.Response{
+				StatusCode: http.StatusOK,
+				Body:       io.NopCloser(bytes.NewBufferString(`{"status":"success"}`)),
+			}, nil)
+
+			serverTool := mcpServer.GetTool(toolName)
+			result, err := serverTool.Handler(ctx, request)
+			Expect(err).NotTo(HaveOccurred())
+
+			resultData, ok := result.Content[0].(mcp.TextContent)
+			Expect(ok).To(BeTrue())
+			Expect(resultData.Text).To(MatchJSON(`{"status":"success"}`))
+		},
+			Entry(nil,
+				"kubernetes_list_nodes",
+				mcp.CallToolRequest{
+					Params: mcp.CallToolParams{
+						Name:      "kubernetes_list_nodes",
+						Arguments: map[string]any{},
+					},
+				},
+				sysdig.GetQueryV1Params{
+					Query: `kube_node_info`,
+					Limit: asPtr(sysdig.LimitQuery(10)),
+				},
+			),
+			Entry(nil,
+				"kubernetes_list_nodes",
+				mcp.CallToolRequest{
+					Params: mcp.CallToolParams{
+						Name:      "kubernetes_list_nodes",
+						Arguments: map[string]any{"limit": "20"},
+					},
+				},
+				sysdig.GetQueryV1Params{
+					Query: `kube_node_info`,
+					Limit: asPtr(sysdig.LimitQuery(20)),
+				},
+			),
+			Entry(nil,
+				"kubernetes_list_nodes",
+				mcp.CallToolRequest{
+					Params: mcp.CallToolParams{
+						Name:      "kubernetes_list_nodes",
+						Arguments: map[string]any{"cluster_name": "my_cluster"},
+					},
+				},
+				sysdig.GetQueryV1Params{
+					Query: `kube_node_info{cluster="my_cluster"}`,
+					Limit: asPtr(sysdig.LimitQuery(10)),
+				},
+			),
+			Entry(nil,
+				"kubernetes_list_nodes",
+				mcp.CallToolRequest{
+					Params: mcp.CallToolParams{
+						Name:      "kubernetes_list_nodes",
+						Arguments: map[string]any{"node_name": "my_node"},
+					},
+				},
+				sysdig.GetQueryV1Params{
+					Query: `kube_node_info{kube_node_name="my_node"}`,
+					Limit: asPtr(sysdig.LimitQuery(10)),
+				},
+			),
+			Entry(nil,
+				"kubernetes_list_nodes",
+				mcp.CallToolRequest{
+					Params: mcp.CallToolParams{
+						Name:      "kubernetes_list_nodes",
+						Arguments: map[string]any{"cluster_name": "my_cluster", "node_name": "my_node"},
+					},
+				},
+				sysdig.GetQueryV1Params{
+					Query: `kube_node_info{cluster="my_cluster",kube_node_name="my_node"}`,
+					Limit: asPtr(sysdig.LimitQuery(10)),
+				},
+			),
+			Entry(nil,
+				"kubernetes_list_nodes",
+				mcp.CallToolRequest{
+					Params: mcp.CallToolParams{
+						Name:      "kubernetes_list_nodes",
+						Arguments: map[string]any{"cluster_name": "my_cluster", "limit": "20"},
+					},
+				},
+				sysdig.GetQueryV1Params{
+					Query: `kube_node_info{cluster="my_cluster"}`,
+					Limit: asPtr(sysdig.LimitQuery(20)),
+				},
+			),
+		)
+	})
+})