feat: harden gateway with policy engine, secure tools, and governance docs

2026-02-14 16:05:56 +01:00
parent e17d34e6d7
commit 5969892af3
55 changed files with 4711 additions and 1587 deletions
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -1,53 +1,45 @@
-# Multi-stage build for AegisGitea MCP Server
-FROM python:3.11-slim as builder
+# syntax=docker/dockerfile:1
+
+# Build stage
+FROM python:3.12-slim AS builder
+
+ENV PYTHONDONTWRITEBYTECODE=1
+ENV PYTHONUNBUFFERED=1

-# Set working directory
 WORKDIR /app

-# Install build dependencies
-RUN apt-get update && \
-    apt-get install -y --no-install-recommends \
-    gcc \
+RUN apt-get update \
+    && apt-get install -y --no-install-recommends gcc \
    && rm -rf /var/lib/apt/lists/*

-# Copy requirements
-COPY requirements.txt .
-
-# Install Python dependencies
+COPY requirements.txt ./
 RUN pip install --no-cache-dir --user -r requirements.txt

-# Final stage
-FROM python:3.11-slim
+# Runtime stage
+FROM python:3.12-slim

-# Set working directory
-WORKDIR /app
-
-# Create non-root user for security
-RUN useradd -m -u 1000 -s /bin/bash aegis
-
-# Copy Python dependencies from builder to aegis user's home
-COPY --from=builder --chown=aegis:aegis /root/.local /home/aegis/.local
-
-# Copy application code
-COPY --chown=aegis:aegis src/ ./src/
-
-# Create directory for audit logs
-RUN mkdir -p /var/log/aegis-mcp && \
-    chown -R aegis:aegis /var/log/aegis-mcp
-
-# Switch to non-root user
-USER aegis
-
-# Add user's local bin to PATH
+ENV PYTHONDONTWRITEBYTECODE=1
+ENV PYTHONUNBUFFERED=1
 ENV PATH=/home/aegis/.local/bin:$PATH
 ENV PYTHONPATH=/app/src:$PYTHONPATH

-# Expose MCP server port
+WORKDIR /app
+
+# Non-root runtime user
+RUN useradd -m -u 1000 -s /usr/sbin/nologin aegis
+
+COPY --from=builder --chown=aegis:aegis /root/.local /home/aegis/.local
+COPY --chown=aegis:aegis src/ ./src/
+COPY --chown=aegis:aegis scripts/ ./scripts/
+
+RUN mkdir -p /var/log/aegis-mcp /tmp/aegis-mcp \
+    && chown -R aegis:aegis /var/log/aegis-mcp /tmp/aegis-mcp
+
+USER aegis
+
 EXPOSE 8080

-# Health check
-HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
-    CMD python -c "import httpx; httpx.get('http://localhost:8080/health')" || exit 1
+HEALTHCHECK --interval=30s --timeout=10s --start-period=10s --retries=3 \
+  CMD python -c "import httpx; httpx.get('http://127.0.0.1:8080/health', timeout=5)" || exit 1

-# Run server
 CMD ["python", "-m", "aegis_gitea_mcp.server"]
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -1,5 +1,3 @@
-version: '3.8'
-
 services:
  aegis-mcp:
    build:
@@ -7,53 +5,27 @@ services:
      dockerfile: docker/Dockerfile
    container_name: aegis-gitea-mcp
    restart: unless-stopped
-    
+    env_file:
+      - ../.env
    environment:
-      # Gitea configuration (REQUIRED)
-      GITEA_URL: ${GITEA_URL}
-      GITEA_TOKEN: ${GITEA_TOKEN}
-      
-      # MCP server configuration
-      MCP_HOST: ${MCP_HOST:-0.0.0.0}
-      MCP_PORT: ${MCP_PORT:-8080}
-      
-      # Logging configuration
-      LOG_LEVEL: ${LOG_LEVEL:-INFO}
-      AUDIT_LOG_PATH: ${AUDIT_LOG_PATH:-/var/log/aegis-mcp/audit.log}
-      
-      # Security configuration
-      MAX_FILE_SIZE_BYTES: ${MAX_FILE_SIZE_BYTES:-1048576}
-      REQUEST_TIMEOUT_SECONDS: ${REQUEST_TIMEOUT_SECONDS:-30}
-      RATE_LIMIT_PER_MINUTE: ${RATE_LIMIT_PER_MINUTE:-60}
-    
+      ENVIRONMENT: production
+      MCP_HOST: ${MCP_HOST:-127.0.0.1}
+      ALLOW_INSECURE_BIND: ${ALLOW_INSECURE_BIND:-false}
    ports:
-      - "${MCP_PORT:-8080}:8080"
-    
+      - "127.0.0.1:${MCP_PORT:-8080}:8080"
    volumes:
-      # Persist audit logs
      - aegis-mcp-logs:/var/log/aegis-mcp
-      # Optional: mount config file
-      # - ./.env:/app/.env:ro
-    
-    networks:
-      - aegis-network
-    
-    # Security options
+      - ../policy.yaml:/app/policy.yaml:ro
+    read_only: true
+    tmpfs:
+      - /tmp
    security_opt:
      - no-new-privileges:true
-    
-    # Resource limits
-    deploy:
-      resources:
-        limits:
-          cpus: '1.0'
-          memory: 512M
-        reservations:
-          cpus: '0.25'
-          memory: 128M
-    
+    cap_drop:
+      - ALL
+    user: "1000:1000"
    healthcheck:
-      test: ["CMD", "python", "-c", "import httpx; httpx.get('http://localhost:8080/health')"]
+      test: ["CMD", "python", "-c", "import httpx; httpx.get('http://127.0.0.1:8080/health', timeout=5)"]
      interval: 30s
      timeout: 10s
      retries: 3
@@ -62,7 +34,3 @@ services:
 volumes:
  aegis-mcp-logs:
    driver: local
-
-networks:
-  aegis-network:
-    driver: bridge