trigger.dev icon indicating copy to clipboard operation
trigger.dev copied to clipboard
Published 2 weeks ago verified publisher icon triggerdotdev

feat(cli): add disable-deployment, readonly, and env-only options to MCP server

Open hongkongkiwi opened this issue 4 months ago • 3 comments

Summary

This PR adds three new command-line options to the MCP server for better control over permissions and environment access:

  • --disable-deployment: Disables deployment-related tools only
  • --readonly: Runs in full read-only mode, disabling all write operations
  • --env-only <environments>: Restricts the MCP server to specific environments (comma-separated list)

Changes

New Features

  • --env-only flag: Allows fine-grained environment control with comma-separated list of allowed environments (dev, staging, prod, preview)
  • --readonly flag: Disables all write operations including deployments, task triggering, project creation, and run cancellation
  • --disable-deployment flag: Disables only deployment-related tools while keeping other write operations available

Key Implementation Details

  1. Environment Control: The --env-only flag deprecates --dev-only (kept for backward compatibility) and allows specifying exactly which environments the MCP server can access
  2. Proper Hierarchy: --readonly overrides --disable-deployment since deployments are write operations
  3. Mutual Exclusivity: --dev-only and --env-only are mutually exclusive with proper error handling
  4. Environment-specific Deployments: Deployments work for any allowed environment (not requiring access to all environments)
  5. Tool Categorization: Tools are properly categorized into read-only, write, and deployment categories

Code Quality Improvements

  • Added environment name validation for --env-only flag
  • Simplified environment validation logic by removing redundant checks
  • Standardized error messages across all tools for consistency
  • Added getAllowedEnvironments() helper method for better error messaging

Testing

  • [x] Tested --env-only with single environment
  • [x] Tested --env-only with multiple environments
  • [x] Tested --readonly mode disables write operations
  • [x] Tested --disable-deployment only disables deployments
  • [x] Verified backward compatibility with --dev-only
  • [x] Verified mutual exclusivity error handling
  • [x] Tested invalid environment name validation

Breaking Changes

None. The --dev-only flag is maintained for backward compatibility.

Documentation

Command help text has been updated with clear descriptions of each option and their relationships.

hongkongkiwi avatar Sep 23 '25 07:09 hongkongkiwi

⚠️ No Changeset found

Latest commit: 04e673f16f684add4a8bbe49e225565e659a14cb

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

changeset-bot[bot] avatar Sep 23 '25 07:09 changeset-bot[bot]

Walkthrough

Adds three MCP options across the CLI and context: --env-only (string/CSV), --disable-deployment (boolean), and --readonly (boolean). install-mcp and mcp commands expose the flags, deprecate --dev-only, enforce mutual exclusivity between --dev-only and --env-only (error if both provided), parse/validate env-only values (legacy --dev-only maps to envOnly=['dev'] if used alone), and treat env-only as taking precedence. McpContext gains envOnly, disableDeployment, readonly, plus isEnvironmentAllowed and getAllowedEnvironments. resolveMcpServerConfig and install-mcp argument construction include the new flags. Tools are refactored to use isEnvironmentAllowed, standardize denial messages, and register read/write/deployment tools conditionally based on readonly and disableDeployment.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Pre-merge checks and finishing touches

❌ Failed checks (2 warnings)
Check name Status Explanation Resolution
Description Check ⚠️ Warning The PR description is detailed and documents summary, implementation details, testing, breaking changes, and documentation updates, but it does not follow the repository's required template: it is missing a "Closes #" header, the ✓ Checklist section, and the explicit "Changelog" and "Screenshots" sections required by the template. Because the repository template is specified as required, these omissions mean the description does not fully adhere to the expected format. The substantive content is good, but the missing template sections must be added to pass the repository's description requirements. Update the PR description to exactly follow the repository template by adding a "Closes #" line if applicable, filling in the ✅ Checklist (confirm contributing guide, title convention, and tests), and adding the "Changelog" and "Screenshots" sections (or explicitly noting none). Keep the existing Summary, Changes, and Testing content but ensure the template headings and required items are present before merging.
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. You can run @coderabbitai generate docstrings to improve docstring coverage.
✅ Passed checks (1 passed)
Check name Status Explanation
Title Check ✅ Passed The title concisely and accurately describes the primary change: adding three CLI options (disable-deployment, readonly, env-only) to the MCP server. It matches the changes in the diff and is specific without extra noise or vague terms. A teammate scanning history will understand the main intent from the title alone.
✨ Finishing touches
  • [ ] 📝 Generate Docstrings
🧪 Generate unit tests
  • [ ] Create PR with unit tests
  • [ ] Post copyable unit tests in a comment

[!TIP]

👮 Agentic pre-merge checks are now available in preview!

Pro plan users can now enable pre-merge checks in their settings to enforce checklists before merging PRs.

  • Built-in checks – Quickly apply ready-made checks to enforce title conventions, require pull request descriptions that follow templates, validate linked issues for compliance, and more.
  • Custom agentic checks – Define your own rules using CodeRabbit’s advanced agentic capabilities to enforce organization-specific policies and workflows. For example, you can instruct CodeRabbit’s agent to verify that API documentation is updated whenever API schema files are modified in a PR. Note: Upto 5 custom checks are currently allowed during the preview period. Pricing for this feature will be announced in a few weeks.

Please see the documentation for more information.

Example:

reviews:
  pre_merge_checks:
    custom_checks:
      - name: "Undocumented Breaking Changes"
        mode: "warning"
        instructions: |
          Pass/fail criteria: All breaking changes to public APIs, CLI flags, environment variables, configuration keys, database schemas, or HTTP/GraphQL endpoints must be documented in the "Breaking Change" section of the PR description and in CHANGELOG.md. Exclude purely internal or private changes (e.g., code not exported from package entry points or explicitly marked as internal).

Please share your feedback with us on this Discord post.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot] avatar Sep 23 '25 07:09 coderabbitai[bot]

@hongkongkiwi this looks like a very nice change, I especially like how you've selectively not included tools when --readonly is specified. Is it possible to update the docs in this PR as well? This file here has the command line flags: https://github.com/triggerdotdev/trigger.dev/blob/main/docs/mcp-introduction.mdx

ericallam avatar Oct 13 '25 12:10 ericallam