Securechain MCP Server

🚀 Secure Chain MCP Server

An MCP server that offers tools for checking the status of your software supply chain within the Secure Chain context.

🚀 Quick Start

The Secure Chain MCP Server provides tools to check the status of your software supply chain. Here's how to get started.

✨ Features

• Offers tools for checking the status of the software supply chain within the Secure Chain context.
• Supports deployment via Docker and Docker Compose.
• Allows visualization of graph data with the Neo4J browser interface.

📦 Installation

Development Requirements Installation

1. Install Docker to deploy the tool.
2. Install Docker Compose for container orchestration.
3. It's recommended to use a GUI such as MongoDB Compass.
4. The Neo4J browser interface for visualizing the graph built from the data is available at localhost:7474 when the container is running.
5. Install Python 3.13 or higher.

Deployment with Docker

1. Clone the repository

Clone the repository from the official GitHub repository:

git clone https://github.com/securechaindev/securechain-mcp-server.git
cd securechain-mcp-server

2. Configure environment variables

Create a .env.local file from the .env.example file and place it in the root directory.

• Get API Keys:
  • Learn how to get a GitHub API key.
  • Modify the Json Web Token (JWT) secret key and algorithm with your own. You can generate your own secret key with the command openssl rand -base64 32.

3. Create Docker network

Ensure you have the securechain Docker network created. If not, create it with:

docker network create securechain

4. Databases containers

For graphs and vulnerabilities information, download the zipped data dumps from Zenodo. Once you have unzipped the dumps, inside the root folder run the command:

docker compose up --build

The containerized databases will also be seeded automatically.

5. Start the application

Run the command from the project root:

docker compose -f dev/docker-compose.yml up --build

6. Create a User in Secure Chain local deployment

Go here and create a user, for example:

{
  "email": "mcp-bot@example.com",
  "password": "supersecre3T*"
}

7. Configure the MCP with VSCode

Inside the folder .vscode/ add the file mcp.json with this template:

{
  "servers": {
    "Secure Chain": {
      "type": "http",
      "url": "http://localhost:8005/mcp",
      "headers": {
        "X-Auth-Email": "mcp-bot@example.com",
        "X-Auth-Pass": "supersecre3T*"
      }
    }
  }
}

Then start the MCP server and begin using it with Copilot, for example.

Python Environment Setup

The project uses Python 3.13, and the dependencies are listed in requirements.txt.

Setting up the development environment

1. Create a virtual environment:

   python3.13 -m venv depex-env
   

2. Activate the virtual environment:

   source depex-env/bin/activate
   

3. Install dependencies:

   pip install -r requirements.txt
   

🤝 Contributing

Pull requests are welcome! For major changes, please open an issue first to discuss what you would like to change.

📄 License

GNU General Public License 3.0

🔗 Links

• Secure Chain Team
• Secure Chain Organization
• Secure Chain Documentation