- Add execute_bash tool to Orchestrator for direct command execution
- Add execute_bash tool to Review agent for running tests/linters
- Fix Dockerfile to copy agents/ and tools/ directories
- Add PERMISSIONS.md documenting agent write access
Fixes ModuleNotFoundError: No module named 'agents'
MAJOR SIMPLIFICATION:
- Removed 20+ specialized MCP tools
- Added 3 universal tools: bash_command, read_file, write_file
- All agents now use the same tools (behavior controlled by prompts)
Changes:
1. Added universal_tools (bash-centric approach):
- bash_command: Execute any bash command (kubectl, git, npm, python, etc.)
- read_file: Read files (convenience wrapper)
- write_file: Write files (convenience wrapper)
2. All agents now use universal_tools:
- orchestrator (Claude)
- backend_developer (Groq)
- frontend_developer (Groq)
- sre_specialist (Groq)
- yaml_manager (Groq)
3. Updated orchestrator prompt:
- Focus on bash_command usage
- Clear examples of bash commands
- Simpler, more powerful approach
4. Legacy tools kept for backward compatibility:
- Old specialized tools still available but not recommended
- Use bash_command instead
Benefits:
- Extreme simplicity: 3 tools vs 20+
- Complete autonomy: Agents can do anything via bash
- Maintainable: No need to add new tools, just use bash
Updated orchestrator prompt to include:
- Explicit /app/projects/ path information
- List of available repositories (11 repos)
- Instruction to use /app/projects when user asks about Projects folder
- Added git_read_file and git_show_file_changes to tool documentation
This fixes the issue where orchestrator tried to access 'Projects' instead of '/app/projects'.
Major changes:
- Kubernetes tools: Replace subprocess kubectl calls with kubernetes-client library
- Supports in-cluster config for pod execution
- Fallback to local kubeconfig for development
- All k8s tools (nodes, pods, deployments, logs, describe) now use Python API
- PostgreSQL tools: Replace kubectl exec psql with direct psycopg2 connection
- Connect via Kubernetes service DNS
- Support for environment-based configuration
- Improved error handling with proper pgcode/pgerror
- Prometheus tools: Replace kubectl exec wget with direct HTTP requests
- Use requests library to query Prometheus API
- Connect via Kubernetes service DNS
- Configurable via PROMETHEUS_URL env var
- Deployment updates: Add explicit PostgreSQL connection env vars
- POSTGRES_HOST, POSTGRES_PORT, POSTGRES_USER
- Already had POSTGRES_PASSWORD from secret
Benefits:
- No longer requires kubectl binary in container
- Faster execution (no subprocess overhead)
- Better error handling and type safety
- Works seamlessly in Kubernetes pods with RBAC
- ServiceAccount for mas pod
- ClusterRole with read-only permissions
- ClusterRoleBinding
- kubectl installed in Docker image
- Now mas can query Kubernetes API!
Orchestrator and SRE agents now:
- Don't guess cluster-specific information
- Explicitly state when real verification is needed
- Provide general best practices only
- Created mas database in PostgreSQL
- Changed from mas_user to bluemayne (existing user)
- Use postgresql-password secret (root password)
- Add CHAINLIT_DATABASE_URL for Chainlit compatibility
- Improved error handling in chainlit_app.py
- Create /root/.chainlit directory in Dockerfile to prevent FileExistsError
- Reduce replicas from 2 to 1 to conserve resources
- Lower CPU request from 500m to 100m (insufficient CPU on nodes)
- Lower memory request from 512Mi to 256Mi
- Remove health check probes (Chainlit doesn't have /health endpoint)
