Add bucket management tools (create/update/delete/flush/compact/load_sample)#195
Open
celticht32 wants to merge 3 commits into
Open
Add bucket management tools (create/update/delete/flush/compact/load_sample)#195celticht32 wants to merge 3 commits into
celticht32 wants to merge 3 commits into
Conversation
Move Validation to RestAPI path (couchbase#194)
This was referenced Jul 7, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Phase 2 of the phased admin-tool contribution discussed in #157. Follows the same shape and safety model as #187.
What this adds
Six tools that complete the bucket lifecycle the server currently only reads (
get_buckets_in_clustershows them; these create, update, and destroy them):create_bucket— POST/pools/default/buckets. Structured fields (name + ram_quota_mb + optional bucket_type / storage_backend / replica_number / eviction_policy / flush_enabled / durability_min_level / etc.) or a rawbodydict. Both paths run through the same allow-listed key validator.update_bucket— POST/pools/default/buckets/{name}. Same shape as create; create-only fields (bucket_type, storage_backend, conflict_resolution_type, num_vbuckets) intentionally omitted.delete_bucket— DELETE/pools/default/buckets/{name}. Requires bothconfirm=Trueandconfirm_namematching the target bucket exactly — matches the Couchbase Web Console "type the bucket name to delete" pattern.flush_bucket— POST.../controller/doFlush. Requiresconfirm=True. Server enforcesflushEnabled=trueon the bucket separately.compact_bucket— POST.../controller/compactBucketor.../controller/cancelBucketCompactionperaction="start"|"cancel".load_sample_bucket— POST/sampleBuckets/installwith a JSON array. Sample name allow-listed against the documented set (travel-sample,beer-sample,gamesim-sample).REST goes through a new
utils/bucket_admin_rest.pyhelper that reuses_extract_hosts_from_connection_stringand_determine_ssl_verificationfromutils/index_utils.py— same patternutils/index_settings.pyuses in #187, so multi-host fallback, TLS detection, and Capella root-CA handling stay consistent.Why it's shaped this way
Follows the conventions #187 established:
ctx-first tool functions, dict returns, raise on error, registration viatools/__init__.pylists +TOOL_ANNOTATIONS.ADMIN_WRITE_TOOLS— bucket lifecycle loads only whenread_only_modeis false ANDadmin_write_modeis true. Bucket create/delete is at least as privileged as index DDL._require_write_scope()shape asindex_admin.py. When an OAuth token is present the caller must additionally hold the write scope.bodydict, both validated against the same allow-list of documented REST form keys. A permitted key set cannot be smuggled around: unknown keys are rejected before the request is built.bucket_name, sample-install target) are validated against the documented Couchbase bucket-name charset ([A-Za-z0-9._%-]{1,100}) AND then URL-encoded via_encode_path_segmentbefore interpolation.%is a valid bucket-name character per Couchbase docs, so a name like%2f%2e%2epasses the charset check; encoding it before insertion makes sure the server can't route on the decoded form.compact_bucket's controller path is chosen from a small allow-list ({"start", "cancel"}→compactBucket/cancelBucketCompaction) rather than accepting an arbitrary controller name.load_sample_bucket's sample name is validated against the documented sample-bucket allow-list."true"/"false"in the form body (Couchbase REST rejects Python'sstr(True)). Dicts render as JSON (forautoCompactionSettingsetc.). Ints render bare.Testing
Unit tests in
tests/unit/test_bucket_admin.py(no cluster required): bucket-name validator (charset, length, non-string, path-traversal characters), extra-key allow-list, form-value rendering (bool/int/dict), write-scope gate (present / missing / no-token), argument construction (snake→camel mapping), confirm-gate coverage (delete requiresconfirm=TrueAND matchingconfirm_name; flush requiresconfirm=True), REST URL construction (correct method, correct path per endpoint, TLS uses https+18091), URL path encoding (%2f%2e%2e→%252f%252e%252e), and allow-list matching between the tool and REST layers.ruff checkandruff format --checkpass against pinned ruff 0.12.5.ast.parsewithfeature_version=(3, 10)).Open questions for maintainers
Same three from #187 apply here; happy to align with whatever you decide on that PR:
create_bucket,delete_bucket, etc.) to match Add index management tools (create/drop/build + GSI settings) #187'screate_index/drop_index. Noadmin_bucket_settings_*because bucket settings ARE the bucket —update_bucketcovers that surface.--admin-write-mode/CB_MCP_ADMIN_WRITE_MODEflag Add index management tools (create/drop/build + GSI settings) #187 introduced. If you decide to collapse that intoread_only_modeon Add index management tools (create/drop/build + GSI settings) #187, I'll follow suit here.ok()/err()envelope deferred to a future PR (best done uniformly at the registration layer).Refs #157, #187.