feat(scorecard): Scorecard mcp actions#3332
Conversation
Signed-off-by: Stephanie <yangcao@redhat.com>
Signed-off-by: Stephanie <yangcao@redhat.com>
Signed-off-by: Stephanie <yangcao@redhat.com>
|
Important This PR includes changes that affect public-facing API. Please ensure you are adding/updating documentation for new features or behavior. Changed Packages
|
Code Review by Qodo
Context used✅ Tickets:
RHIDP-14049 1.
|
|
🤖 Review · Started 9:54 PM UTC |
…scorecard-mcp Signed-off-by: Stephanie <yangcao@redhat.com>
ReviewFindingsHigh
Medium
Low
Previous runReviewFindingsHigh
Medium
Low
Info
Previous run (2)ReviewReason: stale-head The review agent reviewed commit Previous run (3)ReviewFindingsMedium
Low
Info
Previous run (4)ReviewFindingsHigh
Medium
Low
Info
Previous run (5)ReviewFindingsHigh
Medium
Low
Previous run (6)ReviewReason: stale-head The review agent reviewed commit Previous run (7)ReviewFindingsHigh
Medium
Low
Info
Previous run (8)ReviewReason: stale-head The review agent reviewed commit |
|
🤖 Finished Review · ❌ Failure · Started 9:54 PM UTC · Completed 10:01 PM UTC |
|
🤖 Review · Started 10:03 PM UTC |
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## main #3332 +/- ##
==========================================
+ Coverage 50.23% 53.87% +3.63%
==========================================
Files 2252 2398 +146
Lines 85416 87157 +1741
Branches 24173 24129 -44
==========================================
+ Hits 42910 46954 +4044
+ Misses 42328 39990 -2338
- Partials 178 213 +35
*This pull request uses carry forward flags. Click here to find out more. Continue to review full report in Codecov by Harness.
🚀 New features to boost your workflow:
|
|
🤖 Finished Review · ✅ Success · Started 10:03 PM UTC · Completed 10:15 PM UTC |
|
The mcp-integrations workspace (with scaffolder-mcp-extras, software-catalog-mcp-extras, techdocs-mcp-extras) exists specifically as a temporary overlay for upstream Backstage plugins. some of the changes are already in, and will be included with the next backstage release we adopt, therefore those specific temporary plugins will be removed. Scorecard is a RHDH owned plugin so actions belong directly inside scorecard-backend. Creating a separate -mcp-extras package would be unnecessary indirection. in addition, all the actions registered under The fullsend bot is doing pattern-matching without understanding the distinction. dismiss comments from fullsend on the actions location. |
Signed-off-by: Stephanie <yangcao@redhat.com>
Signed-off-by: Stephanie <yangcao@redhat.com>
|
🤖 Finished Review · ❌ Failure · Started 7:45 PM UTC · Completed 7:55 PM UTC |
|
|
🤖 Finished Review · ✅ Success · Started 7:57 PM UTC · Completed 8:12 PM UTC |
|
🤖 Finished Review · ✅ Success · Started 4:11 PM UTC · Completed 4:28 PM UTC |
Signed-off-by: Stephanie <yangcao@redhat.com>
|
🤖 Finished Review · ✅ Success · Started 7:15 PM UTC · Completed 7:28 PM UTC |
|
🤖 Finished Review · ✅ Success · Started 3:27 PM UTC · Completed 3:41 PM UTC |
|
This pull request adds a new top-level directory under |
|
/fs-review |
|
🤖 Finished Review · ✅ Success · Started 3:42 PM UTC · Completed 3:56 PM UTC |
|
@its-mitesh-kumar @Eswaraiahsapram @imykhno PTAL on this PR. Thanks! |
Signed-off-by: Stephanie <yangcao@redhat.com>
|
🤖 Finished Review · ✅ Success · Started 4:38 PM UTC · Completed 4:52 PM UTC |
|
* add scorecard actions to get entity metrics and also list metrics Signed-off-by: Stephanie <yangcao@redhat.com> * add config Signed-off-by: Stephanie <yangcao@redhat.com> * update doc and add changeset Signed-off-by: Stephanie <yangcao@redhat.com> * fix ai review comments Signed-off-by: Stephanie <yangcao@redhat.com> * fix yarn dedupe Signed-off-by: Stephanie <yangcao@redhat.com> * --amend Signed-off-by: Stephanie <yangcao@redhat.com> * try fixing ci tests Signed-off-by: Stephanie <yangcao@redhat.com> * fix ci Signed-off-by: Stephanie <yangcao@redhat.com> * cleanup tests Signed-off-by: Stephanie <yangcao@redhat.com> --------- Signed-off-by: Stephanie <yangcao@redhat.com>






PR Summary by Qodo
Enable Scorecard MCP actions for listing and fetching entity metrics
✨ Enhancement🧪 Tests📝 Documentation⚙️ Configuration changes🕐 40+ MinutesWalkthroughs
User Description
Hey, I just made a Pull Request!
for issue: https://redhat.atlassian.net/browse/RHIDP-14049
https://redhat.atlassian.net/browse/RHIDP-14050
This PR enables action registry in scorecard plugin, and also introduced 2 actions and their tests are included:
see recording:
scorecard-mcp.mov
✔️ Checklist
AI Description
Diagram
graph TD A(("MCP client")) --> B["MCP Actions backend"] --> C["Actions Registry"] --> D["Scorecard actions"] D --> E["CatalogMetricService"] --> F[("Scorecard metrics DB")] D --> H["MetricProvidersRegistry"] E --> G["Catalog Service"] subgraph Legend direction LR _act(("Client")) ~~~ _svc["Service/Module"] ~~~ _db[("Database")] endHigh-Level Assessment
The following are alternative approaches to this PR:
1. Rely on existing Scorecard REST endpoints (no MCP actions)
2. Generate MCP actions from Scorecard metric/provider registry dynamically
Recommendation: Current approach is appropriate for an initial MCP integration: explicit, stable actions (
list-metrics,get-entity-metrics) with permission enforcement reuse existing conditional authorization utilities. Consider dynamic generation only if the number of actions/metrics grows and schema maintenance becomes a burden.File Changes
Enhancement (5)
Tests (2)
Documentation (1)
Other (4)