nexus-mcp

nathan/nexus-mcp

Fork 0

Commit Graph

Author	SHA1	Message	Date
nathan	6337182226	feat: Add enterprise system resilience and graceful degradation Resolves CRITICAL #1 from code-health-report-2026-04-13.md Changes: - Add tenacity dependency for retry logic - Create lib/resilience.py with: - resilient_http_call decorator (3 retries, exponential backoff 2s→4s→8s) - CircuitBreaker class (opens after 5 consecutive failures) - handle_404_gracefully decorator for safe resource lookups - Apply retry decorators to all HTTP clients: - workday_client.py: get(), raas() - entra_client.py: get(), get_all_pages() - helix_client.py: get(), post() - intune_client.py: get() - lansweeper_client.py: gql() - fedex_client.py: post() - Add graceful degradation to audit tools: - audit_user_drift(): Wrap Workday, AD, Entra calls separately - audit_device_drift(): Wrap Lansweeper, Intune, Helix calls separately - Both now return systems_available and systems_failed fields - Create check_system_health() tool for proactive monitoring - Add comprehensive unit tests for resilience module Benefits: - HTTP clients now automatically retry transient failures (5xx, timeouts) - Circuit breaker prevents hammering failing services (fast-fail after threshold) - Audit tools continue with partial data if some systems unavailable - Health check tool enables proactive system monitoring before bulk audits	2026-04-13 10:54:06 -04:00
nathan	0c9aebf97a	feat(nexus): implement sharded architecture - Create nexus-mcp/ with 6-shard plugin model (identity, workday, audit, itsm, assets, logistics) - Migrate 31 tools from legacy Identity + Workday servers into unified orchestrator - Add feature flag control (ENABLE_) for atomic shard deployment per Gemini design - Implement SOC 2 audit logging with automatic PII redaction (CC7.2 / CC6.1) - Create stub shards for ITSM, Assets, Logistics (Red status awaiting credentials) - Add comprehensive mock data library with drift scenarios for credential-free testing - Update README.md: reposition from Workday-MCP to Nexus-MCP as primary server - Document installation, configuration, and shard toggling in Local-Setup.md Architecture: Orchestrator (main.py) + Shards (src/shards/.py) + Adapters (lib/) enables piece-at-a-time deployment. Mock mode (USE_MOCK=true) supports full 53-tool testing without credentials. Smoke test verified: 33 tools registered successfully. BREAKING CHANGE: Legacy Identity/ and Workday/ servers deprecated. Users must update Claude Desktop config to point to nexus-mcp/src/main.py. Legacy folders preserved for reference pending verification. Refs: WIS-006, WIS-009, WIS-014-018, Gemini conversation 2026-04-06	2026-04-13 09:20:35 -04:00

Author

SHA1

Message

Date

nathan

6337182226

feat: Add enterprise system resilience and graceful degradation

Resolves CRITICAL #1 from code-health-report-2026-04-13.md

Changes:
- Add tenacity dependency for retry logic
- Create lib/resilience.py with:
  - resilient_http_call decorator (3 retries, exponential backoff 2s→4s→8s)
  - CircuitBreaker class (opens after 5 consecutive failures)
  - handle_404_gracefully decorator for safe resource lookups
- Apply retry decorators to all HTTP clients:
  - workday_client.py: get(), raas()
  - entra_client.py: get(), get_all_pages()
  - helix_client.py: get(), post()
  - intune_client.py: get()
  - lansweeper_client.py: gql()
  - fedex_client.py: post()
- Add graceful degradation to audit tools:
  - audit_user_drift(): Wrap Workday, AD, Entra calls separately
  - audit_device_drift(): Wrap Lansweeper, Intune, Helix calls separately
  - Both now return systems_available and systems_failed fields
- Create check_system_health() tool for proactive monitoring
- Add comprehensive unit tests for resilience module

Benefits:
- HTTP clients now automatically retry transient failures (5xx, timeouts)
- Circuit breaker prevents hammering failing services (fast-fail after threshold)
- Audit tools continue with partial data if some systems unavailable
- Health check tool enables proactive system monitoring before bulk audits

2026-04-13 10:54:06 -04:00

nathan

0c9aebf97a

feat(nexus): implement sharded architecture

- Create nexus-mcp/ with 6-shard plugin model (identity, workday, audit, itsm, assets, logistics)
- Migrate 31 tools from legacy Identity + Workday servers into unified orchestrator
- Add feature flag control (ENABLE_*) for atomic shard deployment per Gemini design
- Implement SOC 2 audit logging with automatic PII redaction (CC7.2 / CC6.1)
- Create stub shards for ITSM, Assets, Logistics (Red status awaiting credentials)
- Add comprehensive mock data library with drift scenarios for credential-free testing
- Update README.md: reposition from Workday-MCP to Nexus-MCP as primary server
- Document installation, configuration, and shard toggling in Local-Setup.md

Architecture: Orchestrator (main.py) + Shards (src/shards/*.py) + Adapters (lib/)
enables piece-at-a-time deployment. Mock mode (USE_MOCK=true) supports full 53-tool
testing without credentials. Smoke test verified: 33 tools registered successfully.

BREAKING CHANGE: Legacy Identity/ and Workday/ servers deprecated. Users must update
Claude Desktop config to point to nexus-mcp/src/main.py. Legacy folders preserved
for reference pending verification.

Refs: WIS-006, WIS-009, WIS-014-018, Gemini conversation 2026-04-06

2026-04-13 09:20:35 -04:00

2 Commits