Skip to content
reaatechREAATECH

Files · AWS Bedrock MCP Server for GitHub Small Business DevOps

71 (1 binary, 644.3 kB total)attempt 1

Download example (zip)Back to tutorial
README.md·4752 B·markdown
markdown
# AWS Bedrock MCP Server for GitHub Small Business DevOps
 
> Give your developers an MCP server that lets AI agents query GitHub repositories, issues, and pull requests using natural language through AWS Bedrock.
 
A production-ready reference solution demonstrating how to build an MCP (Model Context Protocol) server with the `@reaatech/*` package family. This server bridges AWS Bedrock's foundation models with GitHub's API, enabling AI-powered DevOps workflows.
 
## Architecture
 
```
┌─────────────┐     ┌──────────────────┐     ┌─────────────┐
│  AI Agent   │────▶│  Express MCP     │────▶│  AWS Bedrock│
│  (Claude)   │◀────│  Server          │◀────│  Runtime    │
└─────────────┘     └──────────────────┘     └─────────────┘


                    ┌─────────────┐
                    │  GitHub API │
                    │  (Octokit)  │
                    └─────────────┘
```
 
- **Express MCP Server** — JSON-RPC 2.0 endpoint for tool discovery and execution
- **Authentication** — API key or Bearer token validation via `@reaatech/mcp-server-auth`
- **Tool Registry** — Type-safe tool definitions with Zod schemas via `@reaatech/mcp-server-tools`
- **Firewall** — Policy enforcement engine via `@reaatech/tool-use-firewall-core`
- **AWS Bedrock** — LLM integration via the AWS SDK client
- **Next.js App** — Frontend dashboard and health API route
 
## Prerequisites
 
- Node.js >= 22
- pnpm >= 10
- AWS account with Bedrock access
- GitHub personal access token
 
## Setup
 
```bash
pnpm install
cp .env.example .env
```
 
Edit `.env` with your credentials:
 
| Variable | Description |
|----------|-------------|
| `NODE_ENV` | Environment (`development`, `production`, `test`) |
| `PORT` | Server port (default `8080`) |
| `AWS_REGION` | AWS region (e.g. `us-east-1`) |
| `AWS_ACCESS_KEY_ID` | AWS access key |
| `AWS_SECRET_ACCESS_KEY` | AWS secret key |
| `GITHUB_TOKEN` | GitHub personal access token |
| `GITHUB_OWNER` | GitHub owner (user or org) |
| `API_KEY` | MCP server API key |
| `AUTH_MODE` | `api-key` or `bearer` |
| `LOG_LEVEL` | Log level (`debug`, `info`, `warn`, `error`) |
| `LANGFUSE_PUBLIC_KEY` | Langfuse public key for LLM observability |
| `LANGFUSE_SECRET_KEY` | Langfuse secret key |
| `LANGFUSE_BASE_URL` | Langfuse base URL (default `https://cloud.langfuse.com`) |
 
## Available Tools
 
| Tool | Description |
|------|-------------|
| `search-repos` | Search GitHub repositories by query |
| `list-repos` | List repositories for the configured owner |
| `list-issues` | List issues for a given repository |
| `get-pull-request` | Get details of a specific pull request |
 
## AWS Bedrock Integration
 
AI agents invoke GitHub tools through the AWS Bedrock Converse API. The server provides three integration points:
 
- **`ConverseCommand`** — Sends a conversation with messages and optional `toolConfig` to a Bedrock foundation model. The server maps registered MCP tools to Bedrock's `toolSpec` format: `{ name, description, inputSchema: { json } }`.
- **`ConverseStreamCommand`** — Streams token-by-token responses from the model for real-time agent output.
- **Tool execution loop** — When the model's `stopReason` is `"tool_use"`, the server extracts `toolUse` blocks from the response content, executes the corresponding tool handler, and returns results back to the model.
 
The integration uses `@aws-sdk/client-bedrock-runtime` with SigV4-signed requests via `BedrockRuntimeClient`.
 
## Firewall
 
The server includes a policy enforcement engine built on `@reaatech/tool-use-firewall-core`. It blocks destructive operations and admin-level escalation:
 
- **Delete/Destroy deny-pattern**: Tool names matching `\b(delete|remove|destroy|purge)\b` are blocked via `safeRegExp` pattern matching. Examples: `delete-repo`, `remove-issue`, `destroy-branch`.
- **Admin-escalation blocking**: Arguments containing `isAdmin`, `force`, or `skipChecks` flags are rejected with a `PolicyViolationError`.
 
The firewall is applied as middleware before every tool execution, returning `{ action: "BLOCK", reason }` for policy violations.
 
## Development
 
```bash
pnpm dev          # Start Next.js dev server
pnpm test         # Run tests with Vitest
pnpm lint         # Run ESLint
pnpm typecheck    # Run TypeScript type checking
pnpm build        # Production build
```
 
## License
 
MIT — see [LICENSE](./LICENSE).