Release v1.0.0: Initial public release #6

Khauneesh-AI · 2025-10-23T18:09:31Z

🎉 First Public Release

This release represents the initial stable version of the Cloudera AI Workbench MCP Server with comprehensive security fixes, testing infrastructure, and public repository setup.

🔒Security Enhancements (Critical)

Fixed critical security vulnerability affecting 46 functions:

✅ Replaced subprocess.run() calls with secure requests library
✅ API keys no longer exposed in process lists (ps/top)
✅ All HTTP calls now use secure header-based authentication
✅ Added 30-second timeouts to prevent hanging requests
✅ Impact: Eliminated API key exposure vulnerability across entire codebase

Files affected:

All create_* functions (7 files)
All delete_* functions (10 files)
All update_* functions (10 files)
All get_* functions (9 files)
All list_* functions (8 files)
All stop_/restart_ functions (4 files)

Testing Infrastructure

Added comprehensive test suite for CI/CD:

test_all_functions.py: 11 unit tests covering all 47+ MCP tools
test_cai_mcp_client.py: FastMCP integration tests
Security vulnerability detection tests
Function signature validation tests
Response structure validation tests
Error handling tests

CI/CD Automation - Added GitHub Actions workflow:

Automated testing on all PRs
Security scanning
Multi-version Python testing (3.10, 3.11, 3.12)

Features

47+ MCP tools for Cloudera ML operations:

Project management (list, create, update, delete)
Job orchestration (create, run, monitor, stop)
Model lifecycle (build, deploy, manage)
Experiment tracking (create, log, query)
Application management (create, start, stop, restart)
File operations (upload, download, list, delete)

Protocols supported:

FastMCP-based HTTP server (experimental)
FastMCP-based stdio server (recommended)

Core dependencies:

fastmcp>=2.11.0 (MCP protocol implementation)
requests>=2.28.0 (secure HTTP client)
python-dotenv>=1.0.0 (configuration management)
fastapi>=0.115.0 (HTTP server)
pyjwt>=2.8.0 (OAuth 2.1 support)

Ready For

Production deployment
CI/CD pipeline integration
Public contributions
Security audits
Docker/Claude Desktop integration

License: Apache-2.0

🎉 First Public Release This release represents the initial stable version of the Cloudera AI Workbench MCP Server with comprehensive security fixes, testing infrastructure, and public repository setup. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Security Enhancements (Critical) Fixed critical security vulnerability affecting 46 functions: • Replaced subprocess.run() calls with secure requests library • API keys no longer exposed in process lists (ps/top) • All HTTP calls now use secure header-based authentication • Added 30-second timeouts to prevent hanging requests • Impact: Eliminated API key exposure vulnerability across entire codebase Files affected: • All create_* functions (7 files) • All delete_* functions (10 files) • All update_* functions (10 files) • All get_* functions (9 files) • All list_* functions (8 files) • All stop_/restart_ functions (4 files) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Testing Infrastructure Added comprehensive test suite for CI/CD: • test_all_functions.py: 11 unit tests covering all 47+ MCP tools • test_cai_mcp_client.py: FastMCP integration tests • Security vulnerability detection tests • Function signature validation tests • Response structure validation tests • Error handling tests CI/CD Automation Added GitHub Actions workflow: • Automated testing on all PRs • Security scanning • Multi-version Python testing (3.10, 3.11, 3.12) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Features 47+ MCP tools for Cloudera ML operations: • Project management (list, create, update, delete) • Job orchestration (create, run, monitor, stop) • Model lifecycle (build, deploy, manage) • Experiment tracking (create, log, query) • Application management (create, start, stop, restart) • File operations (upload, download, list, delete) Protocols supported: • FastMCP-based HTTP server (experimental) • FastMCP-based stdio server (recommended) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Core dependencies: • fastmcp>=2.11.0 (MCP protocol implementation) • requests>=2.28.0 (secure HTTP client) • python-dotenv>=1.0.0 (configuration management) • fastapi>=0.115.0 (HTTP server) • pyjwt>=2.8.0 (OAuth 2.1 support) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Ready For • Production deployment • CI/CD pipeline integration • Public contributions • Security audits • Docker/Claude Desktop integration License: Apache-2.0

Staging first release commit(dev)

Khauneesh-AI and others added 3 commits October 23, 2025 23:19

minor document changes cml to cai

9450c44

Merge pull request #5 from cloudera/dev

c25269a

Staging first release commit(dev)

Khauneesh-AI merged commit 591209d into main Oct 23, 2025
1 check passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Release v1.0.0: Initial public release #6

Release v1.0.0: Initial public release #6

Uh oh!

Khauneesh-AI commented Oct 23, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Release v1.0.0: Initial public release #6

Release v1.0.0: Initial public release #6

Uh oh!

Conversation

Khauneesh-AI commented Oct 23, 2025

🔒Security Enhancements (Critical)

Testing Infrastructure

Features

Ready For

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants