hana-cli

# MCP Connection Context - Visual Summary ## The Problem: Connection Mismatch ```mermaid flowchart LR subgraph PA[Project A: ~/projects/project-a] Aenv[.env host=db-a.company.com user=admin-a password=pass-a] Apkg[package.json] end subgraph PB[Project B: ~/projects/project-b] Benv[.env host=db-b.company.com user=admin-b password=pass-b] Bpkg[package.json] end Q["AI Agent asks: List tables in Project B"] --> M["MCP Server calls: hana_tables"] M --> C["CLI connects via: ~/.hana-cli/default.json (WRONG DB)"] C --> R["Result: Tables from Project A's database"] ``` ## The Solution: Project Context Passing ```mermaid flowchart LR subgraph PA2[Project A: ~/projects/project-a] A2env[.env database-a credentials] A2pkg[package.json] end subgraph PB2[Project B: ~/projects/project-b] B2env[.env database-b credentials] B2pkg[package.json] end Q2["AI Agent asks: List tables in Project B + __projectContext.projectPath"] --> M2["MCP Server extracts context"] M2 --> X2["CLI changes to: ~/projects/project-b/"] X2 --> C2["CLI connects via: ~/projects/project-b/.env (CORRECT DB)"] C2 --> R2["Result: Tables from Project B's database"] ``` --- ## Current Architecture ```mermaid flowchart TB A["AI Agent / LLM"] --> B["MCP Server (index.ts) ✓ Lists commands, discovers features ✗ No project context received"] B --> C["Executor (executor.ts) spawn('node', [cli.js, 'tables', '--schema...']) ✗ cwd = install path (hardcoded) ✗ No project-specific env vars"] C --> D["CLI Process"] D --> E["Database Client (database/index.js) dbClientClass.getNewClient() ✓ Gets connection options from getConnOptions()"] E --> F["Connections Module (connections.js) Search order (cwd=install path): 1. .cdsrc-private.json 2. default-env.json (install path) ← USED 3. ~/.hana-cli/default.json (home dir) 4. .env file 5. VCAP_SERVICES ✗ Never looks in project dir ✗ Always uses install path or home dir"] F --> G["✗ WRONG DATABASE!"] ``` ## Proposed Architecture ```mermaid flowchart TB A2["AI Agent / LLM"] --> B2["MCP Server (index.ts) [UPDATED] ✓ Extracts __projectContext from args ✓ Removes context from CLI args (not a param) ✓ Passes context to executeCommand()"] B2 --> C2["Executor (executor.ts) [UPDATED] ✓ Receives connection context ✓ Sets cwd = context.projectPath ✓ Sets env vars: HANA_CLI_PROJECT_PATH ✓ Sets env vars: HANA_CLI_CONN_FILE spawn('node', [cli.js, 'tables'...], {env, cwd})"] C2 --> D2["CLI Process"] D2 --> E2["Database Client (database/index.js) dbClientClass.getNewClient() ✓ Gets connection options from getConnOptions()"] E2 --> F2["Connections Module (connections.js) [UPDATED] NEW: Check HANA_CLI_PROJECT_PATH and chdir Search order (project directory): 1. .cdsrc-private.json (project) ← USED 2. default-env.json (project) ← USED 3. ~/.hana-cli/default.json (fallback) 4. .env file (project) ← USED 5. VCAP_SERVICES ✓ First looks in project directory ✓ Can still fall back to home dir"] F2 --> G2["✓ CORRECT DATABASE!"] ``` --- ## Message Flow Comparison ### Before (All commands use install path) ```mermaid flowchart TB subgraph Before[Before: install path always used] B1["Agent: List tables in Project A"] --> B2["MCP: tables {schema: 'A_SCHEMA'}"] B2 --> B3["CLI connects via ~/.hana-cli/default.json (Database A)"] B4["Agent: List tables in Project B"] --> B5["MCP: tables {schema: 'B_SCHEMA'}"] B5 --> B6["CLI connects via ~/.hana-cli/default.json (Database A) ✗"] B3 --> B7["Result: Both commands hit Database A (WRONG)"] B6 --> B7 end ``` ### After (Each command uses project context) ```mermaid flowchart TB subgraph After[After: project context applied] A1["Agent: List tables in Project A"] --> A2["MCP: tables {schema: 'A_SCHEMA', __projectContext: {projectPath: '/proj/a'}}"] A2 --> A3["CLI changes to /proj/a, connects via ./default-env.json (Database A) ✓"] A4["Agent: List tables in Project B"] --> A5["MCP: tables {schema: 'B_SCHEMA', __projectContext: {projectPath: '/proj/b'}}"] A5 --> A6["CLI changes to /proj/b, connects via ./default-env.json (Database B) ✓"] A3 --> A7["Result: Each command hits correct database (CORRECT)"] A6 --> A7 end ``` --- ## Implementation Timeline ```mermaid timeline title Implementation Timeline Week 1 : Update executor.ts, Update index.ts, Update schemas Week 2 : CLI updates, Security, Testing Week 3 onwards : Testing, Documentation, Rollout ``` --- ## Key Code Sections to Modify | Component | File | Lines | Change Type | | --------- | ---- | ----- | ----------- | | Context Interface | `mcp-server/src/connection-context.ts` | NEW | Create | | Executor Function | `mcp-server/src/executor.ts` | 240-280 | Update signature & spawn | | Tool Handler | `mcp-server/src/index.ts` | 145, 1325 | Update schemas & handler | | CLI Connections | `utils/connections.js` | 92-110 | Add env var checks | --- ## Data Flow: Single Command Execution ```mermaid flowchart TB A["Tool Called: hana_tables"] --> B["Arguments: {schema: 'MY_SCHEMA', __projectContext: {projectPath: '/app'}}"] B --> C["Tool Handler Extract context and remove __projectContext"] C --> D["executeCommand('tables', cleanArgs, context)"] D --> E["Executor builds env HANA_CLI_PROJECT_PATH=/app HANA_CLI_CONN_FILE=.env"] E --> F["Spawn CLI node /install/bin/cli.js tables cwd=/app"] F --> G["CLI Process (bin/cli.js) Table handler → getNewClient()"] G --> H["Database Client (database/index.js) getConnOptions()"] H --> I["Connections Module (connections.js) chdir('/app') and search .env Load credentials"] I --> J["Return: Connection to app's database ✓"] ``` --- ## Backward Compatibility ```mermaid flowchart LR subgraph Current[Current Users (No Context)] C1["MCP Tool Call: hana_tables {schema: 'X_SCHEMA'}"] --> C2["Behavior: No context extracted Uses install path (cwd) Finds ~/.hana-cli/default.json Works as before ✓"] end subgraph New[New Users (With Context)] N1["MCP Tool Call: hana_tables {schema: 'X_SCHEMA', __projectContext: {...}}"] --> N2["Behavior: Context extracted Uses project path (cwd) Finds /project/.env Works correctly ✓"] end ``` --- ## Security Model ```mermaid flowchart TB S1["MCP Tool Input (from AI Agent) ✓ projectPath ✓ connectionFile name ✓ host/port/user/password (prefer .env files)"] S1 --> S2["Validation Layer"] S2 --> S3["Executor Security Checks ✓ Normalize paths (prevent ..) ✓ Check path exists ✓ Optional: whitelist allowed paths ✓ Sanitize env variable names ✓ Don't log passwords"] S3 --> S4["Environment Variables (to CLI) ✓ HANA_CLI_PROJECT_PATH=/safe/path ✓ HANA_CLI_USER=safe_user ✗ HANA_CLI_PASSWORD=[NEVER LOG]"] ``` --- ## Testing Matrix | Test Case | Before | After | Expected | | --- | --- | --- | --- | | No context param | ✓ Works | ✓ Works | Same behavior | | With projectPath | ✗ Ignored | ✓ Used | Uses project dir | | With connectionFile | ✗ Ignored | ✓ Used | Uses specified file | | With direct credentials | ✗ Ignored | ✓ Used | Direct connection | | Context switching | ✗ N/A | ✓ Works | Each cmd gets own DB | | Multiple projects | ✗ Fails | ✓ Works | Isolated contexts | --- ## Benefits Summary | Perspective | Benefit | | ----------- | ------- | | **AI Agents** | Can work with multiple projects, switching databases mid-conversation | | **Developers** | No manual connection setup per project | | **Teams** | Project-specific DBs for different environments (dev/test/prod) | | **Security** | Each project isolated to its credentials | | **Backward Compat** | Existing integrations work unchanged | --- ## Quick Reference: 5-Step Implementation 1. **Create interface** → `connection-context.ts` 2. **Update executor** → Handle context in `executeCommand()` 3. **Update MCP tools** → Pass context from handler 4. **Update CLI** → Check env vars in `connections.js` 5. **Test & Deploy** → Backward compatible, no breaking changes ## See Also - [Architecture](./architecture.md) - [Connection Guide](./connection-guide.md) - [Server Usage](./server-usage.md)