Skip to content

feat(DIARCHERS-1498): add MCP restart/abort/rerun endpoints#621

Open
sap-yuan wants to merge 1 commit into
masterfrom
feat/mcp-restart-rerun
Open

feat(DIARCHERS-1498): add MCP restart/abort/rerun endpoints#621
sap-yuan wants to merge 1 commit into
masterfrom
feat/mcp-restart-rerun

Conversation

@sap-yuan

@sap-yuan sap-yuan commented Jul 1, 2026

Copy link
Copy Markdown
Collaborator

Summary

Implements DIARCHERS-1498 — exposes job restart, rerun, and abort capabilities via the MCP API namespace.

Depends on #620 (MCP traffic isolation — must merge first).

5 new endpoints

All require allow_trigger = TRUE on the MCP token, project scope check, rate limiting (trigger_build bucket, 5 RPM), and audit logging.

Endpoint Description
POST /api/v1/mcp/projects/<id>/builds/<bid>/restart Restart a build — re-queues Create Jobs and all subsequent jobs
DELETE /api/v1/mcp/projects/<id>/builds/<bid>/abort Abort all running jobs in a build
POST /api/v1/mcp/projects/<id>/jobs/<jid>/restart Restart a job and all its downstream dependents
POST /api/v1/mcp/projects/<id>/jobs/<jid>/rerun Rerun a single job without touching downstream (most common AI use case)
DELETE /api/v1/mcp/projects/<id>/jobs/<jid>/abort Abort a single running job

Key design notes

  • restart_build and restart_job delegate to the same DB logic as the existing /api/v1/* handlers via a shared _clone_jobs() helper — no business logic duplication
  • abort endpoints use get_mcp_user_id() instead of g.token['user']['id'] since MCP auth sets a different context
  • rerun_job (single-job retry without downstream restart) is new — not currently in the regular /api/v1/* API as a separate verb, maps to the existing /rerun endpoint logic

Test plan

  • restart_build creates a new build with incremented restart_counter
  • abort_build inserts abort records for all jobs in the build
  • restart_job clones job + all downstream dependents with .1 suffix
  • rerun_job clones only the specified job
  • abort_job inserts a single abort record
  • All 5 return 403 when allow_trigger = FALSE on the token
  • All 5 return 403 when project not in enabled_projects
  • All 5 produce mcp_access_log audit entries

Backend:
- builds.py: POST .../builds/<bid>/restart, DELETE .../builds/<bid>/abort
- jobs.py:   POST .../jobs/<jid>/restart, POST .../jobs/<jid>/rerun,
             DELETE .../jobs/<jid>/abort
- All 5 ops require allow_trigger on the MCP token (403 otherwise)
- Rate-limited via trigger_build bucket (5 RPM)
- Full mcp_auth_required + check_project_access_mcp + audit_mcp coverage
- restart/rerun: delegate to same DB logic as existing /api/v1/* handlers
  via shared _clone_jobs() helper; abort uses get_mcp_user_id() instead
  of g.token['user']['id']
@sap-yuan sap-yuan force-pushed the feat/mcp-restart-rerun branch from c7bbf87 to 6809a65 Compare July 1, 2026 08:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant