support mcp #3070
Merged
support mcp #3070
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
- 实现MCP协议2025-03-26版本支持 - 添加流式工具(Streamable Tools)架构 - 支持双传输模式:流式传输(SSE)和无状态传输 - 实现30+个Arthas工具的MCP接口封装 - 添加实时进度通知和结果流式输出 - 支持watch、monitor、trace、dashboard、profiler等流式工具
* feat: 升级fastjson2版本并优化序列化处理 - 升级fastjson2版本以支持更大的序列化深度限制,修复"level too large : 2049"错误 - 优化工具类处理逻辑,解决无getter方法类的序列化问题 - 增强流式工具错误信息处理机制 * fix: 优化类名匹配和错误信息判定机制
* feat: 为MCP请求添加Bearer Token认证支持 - MCP请求现在支持Bearer Token和Basic Auth两种认证方式 - 普通HTTP请求保持原有Basic Auth认证方式不变
There was a problem hiding this comment.
Pull Request Overview
This PR adds MCP (Model Context Protocol) support to Arthas, enabling AI models to interact with Arthas diagnostic tools through a standardized protocol. The implementation includes both streamable and stateless MCP server variants.
- Adds comprehensive MCP server implementation with HTTP/SSE transport
- Integrates 35+ Arthas diagnostic tools as MCP tools (watch, trace, monitor, jad, etc.)
- Updates FastJSON dependency and adjusts monitor command default cycle time
Reviewed Changes
Copilot reviewed 106 out of 106 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| pom.xml | Adds arthas-mcp-server module and updates FastJSON to 2.0.58 |
| site/docs/*/monitor.md | Updates monitor command default cycle from 120s to 60s |
| labs/arthas-mcp-server/src/main/java/com/taobao/arthas/mcp/server/* | Core MCP server implementation with protocol specs, transport layers, and session management |
| labs/arthas-mcp-server/src/main/java/com/taobao/arthas/mcp/server/tool/* | Tool system with annotations and callback mechanisms |
| labs/arthas-mcp-server/src/main/java/com/taobao/arthas/mcp/server/tool/function// | Implementation of 35+ Arthas tools as MCP tools |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
Comment on lines +125 to +149
| protected void addParameter(StringBuilder cmd, String flag, String value) { | ||
| if (value != null && !value.trim().isEmpty()) { | ||
| cmd.append(" ").append(flag).append(" ").append(value.trim()); | ||
| } | ||
| } | ||
| | ||
| protected void addParameter(StringBuilder cmd, String value) { | ||
| if (value != null && !value.trim().isEmpty()) { | ||
| // Safely quote the value to prevent command injection | ||
| cmd.append(" '").append(value.trim().replace("'", "'\\''")).append("'"); | ||
| } | ||
| } | ||
| | ||
| protected void addFlag(StringBuilder cmd, String flag, Boolean condition) { | ||
| if (Boolean.TRUE.equals(condition)) { | ||
| cmd.append(" ").append(flag); | ||
| } | ||
| } | ||
| | ||
| /** | ||
| * 添加引用参数到命令中(用于包含空格的参数) | ||
| */ | ||
| protected void addQuotedParameter(StringBuilder cmd, String value) { | ||
| if (value != null && !value.trim().isEmpty()) { | ||
| cmd.append(" '").append(value.trim()).append("'"); |
There was a problem hiding this comment.
The shell command escaping logic may be insufficient. Consider using a more robust command escaping mechanism or parameterized command execution to prevent command injection vulnerabilities.
Suggested change
| protected void addParameter(StringBuilder cmd, String flag, String value) { | |
| if (value != null && !value.trim().isEmpty()) { | |
| cmd.append(" ").append(flag).append(" ").append(value.trim()); | |
| } | |
| } | |
| protected void addParameter(StringBuilder cmd, String value) { | |
| if (value != null && !value.trim().isEmpty()) { | |
| // Safely quote the value to prevent command injection | |
| cmd.append(" '").append(value.trim().replace("'", "'\\''")).append("'"); | |
| } | |
| } | |
| protected void addFlag(StringBuilder cmd, String flag, Boolean condition) { | |
| if (Boolean.TRUE.equals(condition)) { | |
| cmd.append(" ").append(flag); | |
| } | |
| } | |
| /** | |
| * 添加引用参数到命令中(用于包含空格的参数) | |
| */ | |
| protected void addQuotedParameter(StringBuilder cmd, String value) { | |
| if (value != null && !value.trim().isEmpty()) { | |
| cmd.append(" '").append(value.trim()).append("'"); | |
| /** | |
| * Safely add a parameter to a command argument list. | |
| */ | |
| protected void addParameter(java.util.List<String> cmdArgs, String flag, String value) { | |
| if (value != null && !value.trim().isEmpty()) { | |
| cmdArgs.add(flag); | |
| cmdArgs.add(value.trim()); | |
| } | |
| } | |
| /** | |
| * Safely add a single parameter to a command argument list. | |
| */ | |
| protected void addParameter(java.util.List<String> cmdArgs, String value) { | |
| if (value != null && !value.trim().isEmpty()) { | |
| cmdArgs.add(value.trim()); | |
| } | |
| } | |
| protected void addFlag(java.util.List<String> cmdArgs, String flag, Boolean condition) { | |
| if (Boolean.TRUE.equals(condition)) { | |
| cmdArgs.add(flag); | |
| } | |
| } | |
| /** | |
| * 添加引用参数到命令中(用于包含空格的参数) | |
| * This is now safe, as each argument is a separate element. | |
| */ | |
| protected void addQuotedParameter(java.util.List<String> cmdArgs, String value) { | |
| if (value != null && !value.trim().isEmpty()) { | |
| cmdArgs.add(value.trim()); |
Comment on lines +99 to +105
| for (StoredEvent event : events) { | ||
| if (!foundStartEvent) { | ||
| if (event.getEventId().equals(fromEventId)) { | ||
| foundStartEvent = true; | ||
| result.add(event); | ||
| // clear the replayed events | ||
| events.remove(event); |
There was a problem hiding this comment.
Modifying the collection while iterating over it can cause ConcurrentModificationException. The code removes events from the list during iteration, which is unsafe.
Suggested change
| for (StoredEvent event : events) { | |
| if (!foundStartEvent) { | |
| if (event.getEventId().equals(fromEventId)) { | |
| foundStartEvent = true; | |
| result.add(event); | |
| // clear the replayed events | |
| events.remove(event); | |
| java.util.Iterator<StoredEvent> iterator = events.iterator(); | |
| while (iterator.hasNext()) { | |
| StoredEvent event = iterator.next(); | |
| if (!foundStartEvent) { | |
| if (event.getEventId().equals(fromEventId)) { | |
| foundStartEvent = true; | |
| result.add(event); | |
| // clear the replayed events | |
| iterator.remove(); |
Comment on lines +114 to +115
| public static Object toTypedObject(Object value, Class<?> type) { | ||
| if (value == null) { |
There was a problem hiding this comment.
[nitpick] The method throws IllegalArgumentException for null values, but the method signature and documentation don't clearly indicate this behavior. Consider using more specific exception types or documenting the null handling behavior.
Suggested change
| public static Object toTypedObject(Object value, Class<?> type) { | |
| if (value == null) { | |
| /** | |
| * Converts the given value to the specified Java type. | |
| * <p> | |
| * @param value the value to convert (must not be null) | |
| * @param type the target type to convert to (must not be null) | |
| * @return the converted value | |
| * @throws IllegalArgumentException if {@code value} or {@code type} is {@code null} | |
| */ | |
| public static Object toTypedObject(Object value, Class<?> type) { |
Comment on lines +197 to +201
| message.contains("Malformed OGNL expression") || | ||
| message.contains("ParseException") || | ||
| message.contains("ExpressionSyntaxException") || | ||
| message.matches(".*Exception.*") || | ||
| message.matches(".*Error.*")) { |
There was a problem hiding this comment.
[nitpick] The error detection logic uses multiple hardcoded string patterns and regex matches. Consider consolidating this into a configurable list of error patterns or using a more structured approach for better maintainability.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Add this suggestion to a batch that can be applied as a single commit. This suggestion is invalid because no changes were made to the code. Suggestions cannot be applied while the pull request is closed. Suggestions cannot be applied while viewing a subset of changes. Only one suggestion per line can be applied in a batch. Add this suggestion to a batch that can be applied as a single commit. Applying suggestions on deleted lines is not supported. You must change the existing code in this line in order to create a valid suggestion. Outdated suggestions cannot be applied. This suggestion has been applied or marked resolved. Suggestions cannot be applied from pending reviews. Suggestions cannot be applied on multi-line comments. Suggestions cannot be applied while the pull request is queued to merge. Suggestion cannot be applied right now. Please check back later.
No description provided.