DevOps MCP Server
Performs real Git operations including branch creation, commits, and inspection against a local sandbox repository.
Provides CI/CD pipeline integration for listing, triggering, monitoring, and alerting, mirroring GitHub Actions functionality.
Provides CI/CD pipeline integration for listing, triggering, monitoring, and alerting, mirroring Jenkins functionality.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@DevOps MCP ServerList all CI/CD pipelines"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
DevOps MCP Server
A small, working Model Context Protocol (MCP) server that automates common DevOps tasks — CI/CD pipeline control, PR review, Git operations, and monitoring/alerting — all gated behind a role-based access control layer.
Built as a portfolio project to demonstrate the concepts from an MCP for DevOps course: MCP server architecture, security & access control, CI/CD platform integration, PR review agents, approval workflows, and Git automation.
Why this project
Rather than one script per topic, this wires the concepts into one coherent system: an AI assistant (or any MCP client) can call these tools to check pipeline health, review a pull request for risky/secret-leaking code, automate git branching/commits, and trigger deploys — but every action is authorized against a role first, and every decision (allowed or denied) is written to an audit log.
Related MCP server: mctl
Architecture
devops-mcp-server/
├── server/
│ ├── main.py # MCP server entry point — registers all tools
│ ├── security.py # RBAC: roles, authorization, audit log
│ ├── pipelines.py # Simulated CI/CD backend + monitoring/alerts
│ ├── pr_review.py # Static analysis PR review agent
│ └── git_ops.py # Real git automation (subprocess against sandbox repo)
├── sandbox_repo/ # A real local git repo the tools operate on
├── demo/
│ └── run_demo.py # Scripted walkthrough exercising every tool
└── requirements.txtConcept → implementation map
Course topic | Where it lives |
MCP Architecture / Server Design |
|
Security and Access Control in MCP |
|
MCP Integration with CI/CD Platforms |
|
Pipeline Monitoring and Alerting |
|
Building Intelligent PR Review Agents |
|
Approval Workflows / Human-AI Collaboration |
|
Automated Git Operations via MCP |
|
Roles (simulated identity directory)
User | Role | Can do |
| VIEWER | Read-only: view pipelines, status, alerts, repo state |
| DEVELOPER | + review PRs, create branches, commit |
| OPERATOR | + trigger pipelines, deploy to staging |
| ADMIN | + approve production deploys, view audit log |
Every tool declares its minimum required role. Unauthorized calls are rejected and logged — nothing fails silently.
Running it
pip install -r requirements.txt
# Option A: scripted demo (no MCP client needed) — recommended first run
python demo/run_demo.py
# Option B: run as a real MCP server over stdio, e.g. to plug into
# Claude Desktop / any MCP client
python -m server.mainTo wire it into an MCP client config (e.g. Claude Desktop), point it at:
{
"mcpServers": {
"devops-mcp-server": {
"command": "python",
"args": ["-m", "server.main"],
"cwd": "/path/to/devops-mcp-server"
}
}
}What the demo shows
demo/run_demo.py runs a full scripted transcript:
A
VIEWERcan read pipeline data but is denied when trying to trigger one.An
OPERATORtriggers a staging deploy — succeeds and runs.An
OPERATORtriggers a production deploy — it stalls inawaiting_approval.The
OPERATORtries to self-approve production — denied (needsADMIN).An
ADMINapproves it — the deploy proceeds.A
DEVELOPERsubmits a diff containing a hardcoded API key — the PR review agent flags it as critical and recommendsREQUEST_CHANGES.A
DEVELOPERcreates a real git branch and commits a real file to the sandbox repo — verifiable afterward withgit log.A
VIEWERtries to read the audit log — denied (ADMIN-only).An
ADMINreads the full audit log, showing every allowed/denied call.
Notes on scope
The CI/CD backend and identity directory are simulated in-memory so the project runs standalone with no cloud credentials — the interface shape (
list/status/trigger/approve) mirrors a real GitHub Actions/Jenkins integration.Git operations are real — they run actual
gitcommands againstsandbox_repo/, so you can inspect the result withgit logyourself.The PR review agent uses deterministic static-analysis rules so the demo runs fully offline; swapping in an LLM call (e.g. the Anthropic API) for natural-language review comments is a natural next step and slots cleanly into
pr_review.py.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/kpate273-sketch/devops-mcp-server'
If you have feedback or need assistance with the MCP directory API, please join our Discord server