JFrog MCP Server

Instructions

Implementation Reference

• tools/permissions.ts:121-138 (handler)

  Core handler function that executes the PATCH request to the JFrog Access API to update the permission resource for the specified target and resource type. This is invoked by the tool's handler.
  export async function updatePermissionResource( name: string, resourceType: "artifact" | "release_bundle" | "build", resource: z.infer<typeof ArtifactResourceSchema> | z.infer<typeof ReleaseBundleResourceSchema> | z.infer<typeof BuildResourceSchema> ) { const response = await jfrogRequest(`/access/api/v2/permissions/${name}/${resourceType}`, { method: "PATCH", body: resource }); switch (resourceType) { case "artifact": return ArtifactResourceSchema.parse(response); case "release_bundle": return ReleaseBundleResourceSchema.parse(response); case "build": return BuildResourceSchema.parse(response); } }
• tools/permissions.ts:245-257 (registration)

  MCP tool definition for 'jfrog_update_permission_resource', including input schema (converted to JSON schema), description, and thin handler that delegates to the core update function.
  const updatePermissionResourceTool = { name: "jfrog_update_permission_resource", description: "Update a specific resource type within a permission target", inputSchema: zodToJsonSchema(z.object({ name: z.string().describe("The name of the permission target"), resourceType: z.enum(["artifact", "release_bundle", "build"]).describe("The type of resource to update"), resource: z.union([ArtifactResourceSchema, ReleaseBundleResourceSchema, BuildResourceSchema]) })), //outputSchema: zodToJsonSchema(z.union([ArtifactResourceSchema, ReleaseBundleResourceSchema, BuildResourceSchema])), handler: async (args: any) => { return await updatePermissionResource(args.name, args.resourceType, args.resource); } };
• tools/permissions.ts:6-54 (schema)

  Zod schema definitions for resource targets, actions, and specific resource types (artifact, release_bundle, build) used in the tool's input schema and response parsing.
  const ResourceTargetSchema = z.object({ include_patterns: z.array(z.string()), exclude_patterns: z.array(z.string()) }); const ResourceActionsSchema = z.object({ users: z.record(z.array(z.enum([ "READ", "WRITE", "ANNOTATE", "DELETE", "DISTRIBUTE", "MANAGE" ]))), groups: z.record(z.array(z.enum([ "READ", "WRITE", "ANNOTATE", "DELETE", "DISTRIBUTE", "MANAGE" ]))).default({}).describe("The actions that the group can perform on the resource") }); const ArtifactResourceSchema = z.object({ actions: ResourceActionsSchema, targets: z.record(ResourceTargetSchema) }); const ReleaseBundleResourceSchema = z.object({ actions: ResourceActionsSchema, targets: z.record(ResourceTargetSchema) }); const BuildResourceSchema = z.object({ actions: ResourceActionsSchema, targets: z.record(ResourceTargetSchema) }); const PermissionTargetSchema = z.object({ name: z.string(), resources: z.object({ artifact: ArtifactResourceSchema.optional(), release_bundle: ReleaseBundleResourceSchema.optional(), build: BuildResourceSchema.optional() }), created_by: z.string().optional(), modified_by: z.string().optional() });
• tools/permissions.ts:288-298 (registration)

  Local array registering all permissions-related tools, including jfrog_update_permission_resource.
  export const PermissionsTools = [ listPermissionTargetsTool, getPermissionTargetTool, createPermissionTargetTool, updatePermissionTargetTool, deletePermissionTargetTool, getPermissionResourceTool, updatePermissionResourceTool, replacePermissionResourceTool, deletePermissionResourceTool ];
• tools/index.ts:10-23 (registration)

  Global registration: imports PermissionsTools and spreads it into the main tools array for the MCP server.
  import { PermissionsTools } from "./permissions.js"; import { ArtifactSecurityTools } from "./security.js"; export const tools =[ ...RepositoryTools, ...BuildsTools, ...RuntimeTools, ...AccessTools, ...AQLTools, ...CatalogTools, ...CurationTools, ...PermissionsTools, ...ArtifactSecurityTools, ];