feat: implement tool-mode orchestration (ENG-132) #230
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
betterclever
changed the title
betterclever
force-pushed
the
eng-132/tool-mode-orchestration
branch
from
9e18750 to
0e50bc2
Compare
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 9e1875057c
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Comment on lines
+48
to
+51
| const cacheKey = | ||
| allowedNodeIds && allowedNodeIds.length > 0 | ||
| ? `${runId}:${allowedNodeIds.sort().join(',')}` | ||
| : runId; |
There was a problem hiding this comment.
This change stores MCP servers under a cache key that includes allowedNodeIds, but cleanupRun(runId) (and the controller’s disconnect handler) still deletes by runId only. That means any agent run that uses scoped tools will leave its server instance in memory forever, because the key no longer matches. Consider updating cleanupRun to remove all entries for the run (or accept the same cache key) so scoped servers are closed on disconnect.
Useful? React with 👍 / 👎.
Detailed plan for enabling graph-based tool→agent binding: - Phase 1: Compiler tracks tool→agent edges - Phase 2: Runtime passes connectedToolNodeIds to agent - Phase 3: Agent queries MCP Gateway for tools - Phase 4: Gateway filters tools by nodeIds - Phase 5: E2E tests Linear-issue: ENG-132 Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Phase 1 of ENG-132: - Added connectedToolNodeIds to WorkflowNodeMetadata (backend/worker) - Added tools input port to AI agent component - Included connectedToolNodeIds in RunComponentActivityInput metadata Linear-issue: ENG-132 Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Phase 2 of ENG-132: - Modified compiler to collect connectedToolNodeIds from graph edges - Updated validator to allow multiple edges to 'tools' port - Virtualized 'tools' output port for nodes in tool mode - Updated DTO schemas to support tool mode metadata - Added unit test to verify tool->agent binding Linear-issue: ENG-132 Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Phase 3 of ENG-132: - Updated shipsecWorkflowRun to extract connectedToolNodeIds from node metadata - Included connectedToolNodeIds in activity metadata for agent discovery - Synchronized worker types for workflow execution Linear-issue: ENG-132 Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Phase 4 of ENG-132: - Added nodeIds filter to ToolRegistryService.getToolsForRun - Updated McpGatewayService to support tool scoping by nodeId - Included allowedNodeIds in session token and metadata - Updated InternalMcpController to allow scoped token generation Linear-issue: ENG-132 Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Phase 3 of ENG-132: - Updated ExecutionContextMetadata to include connectedToolNodeIds and organizationId - Modified runComponentActivity to inject metadata into the execution context - Ensured organizationId is available for agent tool discovery Linear-issue: ENG-132 Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Phase 5 of ENG-132: - Added McpGatewayClient support to AI agent component - Implemented runtime tool discovery via MCP Gateway - Scoped tool discovery using connectedToolNodeIds - Integrated discovered tools with agent reasoning loop - Added session token generation helper Linear-issue: ENG-132 Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
- Add ApiKeysModule import to McpModule to fix DI issues - Cache gateway servers/transports by runId + allowedNodeIds for agent isolation - Implement buildMcpToolSchema to convert JSON Schema to Zod format - Fix MCP tool content handling (extract text from array results) - Add proper imports for StreamableHTTPClientTransport and Client Tests now pass: - Agent can run with no tools - Multiple agents have isolated tool sets based on graph connections This enables workflow graphs to connect tool-mode nodes directly to agents, with the agent automatically discovering and using only its connected tools. Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
- Explicitly type tool execution to return Promise<string> - Add comprehensive fallback conversions for tool result content - Handle all formats: arrays, strings, objects, primitives - Update test to use more reliable httpbin.org endpoint Tool discovery is working correctly (tests 1 & 3 pass). Test 2 fails due to tool execution issues, not discovery. Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
- Create DebugLogger utility for structured JSON logging to /tmp/shipsec-debug/ - Separate heartbeat logs to dedicated file (not printed to console) - Add view-debug-logs.ts script for easy log viewing/filtering - Convert agent gateway functions to use DebugLogger - Remove verbose console heartbeat logs (15-second polling logs) - Add getRecentLogs, getLogsByContext, getLogsByLevel utilities Benefits: - Cleaner console output (no heartbeat spam) - All debug context centralized in one place - Easy filtering by context, level, or search terms - Structured JSON format for programmatic access Debug logs now available at: /tmp/shipsec-debug/worker.log Usage: bun scripts/view-debug-logs.ts [filter] [line-count] Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
- Log tool invocation arguments to debug-logger - Log MCP result type and content before conversion - Log final tool execution result with preview - Log errors with stack traces for debugging Root cause identified in Test 2: MCP protocol timeout on external endpoint The tool is called successfully, gateway discovery works, but the MCP callTool() times out waiting for the HTTP endpoint response. This is NOT a tool discovery or integration issue - it's endpoint latency. Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
betterclever
force-pushed
the
eng-132/tool-mode-orchestration
branch
from
0e50bc2 to
d3f56bf
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Overview
Implements ENG-132 tool-mode orchestration end-to-end: tool-mode nodes bind to agents via graph edges, agents discover tools through the MCP gateway at runtime, and tool execution is scoped per agent to only the connected tool nodes.
Key Changes
DSL + Compiler + Temporal
connectedToolNodeIdsmetadata and expose an agenttoolsport for graph binding.connectedToolNodeIdsfrom tool→agenttoolsport edges (virtual tools port support).Backend MCP Gateway
allowedNodeIdsfor per-agent tool visibility.Worker + Agent
Tests + Cleanup
Commits (Chronological)
Testing