Coverity Connect MCP Server

# Dockerfile FROM python:3.11-slim LABEL maintainer="keides2 <your-email@example.com>" LABEL description="Coverity Connect MCP Server for AI-powered static analysis" LABEL version="1.0.0" # Set environment variables ENV PYTHONUNBUFFERED=1 ENV PYTHONDONTWRITEBYTECODE=1 ENV COVERITY_BASE_DIR=/app/coverity # Create non-root user RUN groupadd -r coverity && useradd -r -g coverity coverity # Install system dependencies RUN apt-get update && apt-get install -y \ curl \ git \ && rm -rf /var/lib/apt/lists/* \ && apt-get clean # Set working directory WORKDIR /app # Copy requirements first for better caching COPY requirements.txt requirements-dev.txt ./ # Install Python dependencies RUN pip install --no-cache-dir --upgrade pip && \ pip install --no-cache-dir -r requirements.txt # Copy application code COPY src/ ./src/ COPY pyproject.toml ./ COPY README.md LICENSE ./ # Install the package RUN pip install -e . # Create necessary directories RUN mkdir -p /app/coverity/{config,groups,log,snapshots} && \ chown -R coverity:coverity /app # Switch to non-root user USER coverity # Health check HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \ CMD python -c "import coverity_mcp_server; print('OK')" || exit 1 # Expose port (if running as HTTP server) EXPOSE 8000 # Default command CMD ["coverity-mcp-server"] --- # docker-compose.yml version: '3.8' services: coverity-mcp: build: . image: keides2/coverity-connect-mcp:latest container_name: coverity-mcp-server restart: unless-stopped environment: - COVAUTHUSER=${COVAUTHUSER} - COVAUTHKEY=${COVAUTHKEY} - COVERITY_HOST=${COVERITY_HOST:-sast.kbit-repo.net} - COVERITY_PORT=${COVERITY_PORT:-443} - COVERITY_SSL=${COVERITY_SSL:-True} - COVERITY_BASE_DIR=/app/coverity - PYTHONPATH=/app volumes: - coverity_data:/app/coverity - ./config:/app/coverity/config:ro - ./logs:/app/coverity/log ports: - "${MCP_PORT:-8000}:8000" networks: - coverity-network healthcheck: test: ["CMD", "python", "-c", "import coverity_mcp_server; print('OK')"] interval: 30s timeout: 10s retries: 3 start_period: 40s # Optional: Nginx reverse proxy for production nginx: image: nginx:alpine container_name: coverity-mcp-nginx restart: unless-stopped ports: - "80:80" - "443:443" volumes: - ./nginx.conf:/etc/nginx/nginx.conf:ro - ./ssl:/etc/nginx/ssl:ro depends_on: - coverity-mcp networks: - coverity-network profiles: - production volumes: coverity_data: driver: local networks: coverity-network: driver: bridge --- # docker-compose.test.yml version: '3.8' services: coverity-mcp-test: build: context: . dockerfile: Dockerfile environment: - COVAUTHUSER=test_user - COVAUTHKEY=test_key - COVERITY_HOST=test.coverity.com - COVERITY_PORT=443 - COVERITY_SSL=True volumes: - ./tests:/app/tests:ro - ./src:/app/src:ro command: | sh -c " pip install -e '.[dev]' && pytest tests/ --cov=coverity_mcp_server --cov-report=term-missing --cov-report=xml && flake8 src tests && black --check src tests && mypy src " networks: - test-network # Mock Coverity server for testing coverity-mock: image: wiremock/wiremock:latest container_name: coverity-mock-server ports: - "8080:8080" volumes: - ./tests/fixtures/wiremock:/home/wiremock networks: - test-network profiles: - testing networks: test-network: driver: bridge --- # .dockerignore .git .github .gitignore .pytest_cache .mypy_cache .coverage __pycache__ *.pyc *.pyo *.pyd *.egg-info build/ dist/ .tox .venv venv/ .env .env.local docs/_build *.log .DS_Store Thumbs.db node_modules/ coverage.xml htmlcov/ .coverage.* pytest.ini tox.ini