feat: resolve tool profiles at runtime for dynamic MCP/policy activation#83
Open
tycenjmccann wants to merge 3 commits into
Open
feat: resolve tool profiles at runtime for dynamic MCP/policy activation#83tycenjmccann wants to merge 3 commits into
tycenjmccann wants to merge 3 commits into
Conversation
…election Introduces named Tool Profiles — deploy-time configurations that define which MCP servers, skills, and Cedar policies are available to the agent on a per-task basis. This is PR 1 of 2: schema, validation, and CLI flag only (no runtime resolution yet). - Add ToolProfile interface and toolProfiles prop to Blueprint construct - Store profiles as JSON in RepoConfig DynamoDB table - Add tool_profile field to CreateTaskRequest, TaskRecord, TaskDetail - Validate profile name format (lowercase alphanumeric + hyphens, 1-64 chars) - Validate profile exists in repo's Blueprint at task admission - Add --tool-profile flag to CLI submit command - Add tool_profile field to agent TaskConfig model - Mirror types across CDK ↔ CLI sync boundary Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
… runtime The orchestrator now resolves the task's tool_profile against the Blueprint's stored profiles, merging profile cedar policies with base policies and including profile MCP servers and skills in the agent payload. The agent reads these fields, writes profile MCP server entries to .mcp.json (convention-based URL via env vars), and logs skills for future activation. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
… activation Adds server.py tests for tool_profile/profile_mcp_servers/profile_skills extraction from orchestrator payload, and pipeline integration tests verifying configure_profile_mcp is called only when profile_mcp_servers is non-empty. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
tool_profileagainst Blueprint-stored profiles, merging profile-specific Cedar policies with base policies and includingprofile_mcp_serversandprofile_skillsin the agent payload.mcp.jsonusing convention-based env var URLs (MCP_SERVER_<NAME>_URL)configure_channel_mcppattern — same merge-into-existing-config behavior, same SDK pickup viasetting_sources=["project"]Builds on PR #82 (schema + validation + CLI flag)
Changes
orchestrator.tsparseToolProfilesimport,buildCedarPoliciesPayload(),buildToolProfilePayload(),tool_profilesinloadBlueprintConfigreturnserver.pytool_profile,profile_mcp_servers,profile_skillsfrom payloadpipeline.pyconfigure_profile_mcp()before SDK startchannel_mcp.pyconfigure_profile_mcp()functionorchestrate-task.test.tstest_channel_mcp.pyconfigure_profile_mcpTest plan
--tool-profile frontendand confirm Cedar policies merge correctly🤖 Generated with Claude Code