You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Agents previously had to read docs to learn the POST /deploy/new
multipart endpoint. This adds a first-class tool that takes a
base64-encoded gzip tarball and returns a public URL, plus list/get/
redeploy/delete tools so the full deploy lifecycle is reachable from
an MCP client.
resource_bindings is documented as "agent passes resource tokens; api
resolves server-side" — the client never pre-resolves tokens to
connection URLs, which would leak secrets into tool params.
Tools: 11 → 16. Adds requestMultipart() helper to client.ts.
| `INSTANODE_TOKEN` | No | — | Bearer JWT minted at <https://instanode.dev/dashboard>. Required for `list_resources`, `claim_token`, `delete_resource`, and `get_api_token`. Unlocks paid-tier limits on every `create_*`. |
101
+
| `INSTANODE_TOKEN` | No | — | Bearer JWT minted at <https://instanode.dev/dashboard>. Required for `list_resources`, `claim_token`, `delete_resource`, `get_api_token`, and all deploy tools (`create_deploy`, `list_deployments`, `get_deployment`, `redeploy`, `delete_deployment`). Unlocks paid-tier limits on every `create_*`. |
98
102
| `INSTANODE_API_URL` | No | `https://api.instanode.dev` | Override the API base URL. Only set this for local development against a k3s cluster. |
99
103
| `INSTANODE_DASHBOARD_URL` | No | `https://instanode.dev` | Override the dashboard host that `claim_resource` builds claim URLs against. Only set this for staging. |
100
104
@@ -108,12 +112,69 @@ to reach for this MCP, see <https://instanode.dev/agent.html>.
| `create_deploy` | `POST /deploy/new` — Upload a base64 gzip tarball (with Dockerfile) and deploy a container. Returns `deploy_id`, `status`, `url`, `build_logs_url`. Requires `INSTANODE_TOKEN`. |
116
+
| `list_deployments`| `GET /api/v1/deployments` — List all deployments on the caller's team. Requires `INSTANODE_TOKEN`. |
117
+
| `get_deployment` | `GET /api/v1/deployments/:id` — Fetch one deployment (poll until `status="running"`). Requires `INSTANODE_TOKEN`. |
118
+
| `redeploy` | `POST /deploy/:id/redeploy` — Rebuild + rolling update an existing deployment. Requires `INSTANODE_TOKEN`. |
119
+
| `delete_deployment` | `DELETE /deploy/:id` — Tear down a running deployment. Irreversible. Requires `INSTANODE_TOKEN`. |
111
120
| `claim_resource` | Helper — turn an `upgrade_jwt` from any `create_*` response into the dashboard claim URL the user should click. No API call. No auth required. |
112
121
| `claim_token` | `POST /api/me/claim` — Programmatic claim: attach an anonymous resource to the authenticated account by its UUID `token`. Requires `INSTANODE_TOKEN`. |
113
122
| `list_resources` | `GET /api/me/resources` — List resources on the caller's account. Requires `INSTANODE_TOKEN`. |
114
123
| `delete_resource` | `DELETE /api/me/resources/{token}` — Hard-delete a resource you own. Paid tier only. Requires `INSTANODE_TOKEN`. |
115
124
| `get_api_token` | `GET /api/me/token` — Mint a fresh 30-day bearer JWT (for rotation). Requires an existing `INSTANODE_TOKEN`. |
116
125
126
+
### Container deployment (`create_deploy`)
127
+
128
+
Deploying is a single multipart/form-data POST with a base64-encoded gzip
129
+
tarball of the project (Dockerfile + source). The MCP tool handles the
130
+
encoding plumbing; the agent's job is just to construct the tarball.
131
+
132
+
**Building the tarball (any language):**
133
+
134
+
```python
135
+
import base64, subprocess
136
+
tar = subprocess.check_output(["tar", "czf", "-", "-C", project_dir, "."])
137
+
tarball_base64 = base64.b64encode(tar).decode()
138
+
```
139
+
140
+
```js
141
+
import { execFileSync } from "node:child_process";
142
+
const tar = execFileSync("tar", ["czf", "-", "-C", projectDir, "."]);
143
+
const tarball_base64 = tar.toString("base64");
144
+
```
145
+
146
+
Cap: 50 MB after decode. Honor `.dockerignore` — only ship what
147
+
`docker build`needs.
148
+
149
+
**Binding provisioned resources:**
150
+
151
+
Provision the resources first with `create_postgres` / `create_cache` / etc.
152
+
to get their tokens (UUIDs), then pass the tokens as `resource_bindings`:
153
+
154
+
```json
155
+
{
156
+
"tarball_base64": "...",
157
+
"name": "my-app",
158
+
"port": 8080,
159
+
"resource_bindings": {
160
+
"DATABASE_URL": "<token from create_postgres>",
161
+
"REDIS_URL": "<token from create_cache>"
162
+
}
163
+
}
164
+
```
165
+
166
+
The agent passes **resource tokens** (not connection URLs); the API
167
+
resolves each token to its connection URL server-side at deploy time. The
168
+
MCP server never pre-resolves tokens — pre-resolving would round-trip every
169
+
binding through `GET /credentials` and embed raw secrets into the tool
Copy file name to clipboardExpand all lines: package.json
+4-2Lines changed: 4 additions & 2 deletions
Original file line number
Diff line number
Diff line change
@@ -1,7 +1,7 @@
1
1
{
2
2
"name": "instanode-mcp",
3
-
"version": "0.8.0",
4
-
"description": "MCP server for instanode.dev \u2014 lets AI coding agents provision ephemeral Postgres, Redis, MongoDB, NATS queues, S3-compatible object storage, and webhook receivers over HTTPS, with optional bearer-token auth for paid users.",
3
+
"version": "0.9.0",
4
+
"description": "MCP server for instanode.dev \u2014 lets AI coding agents provision ephemeral Postgres, Redis, MongoDB, NATS queues, S3-compatible object storage, webhook receivers, and deploy containerized apps over HTTPS, with optional bearer-token auth for paid users.",
0 commit comments