souschef
by kpeacocke
Overview
AI-powered Model Context Protocol (MCP) server for comprehensive Chef-to-Ansible migration, including cookbook analysis, resource conversion, Habitat-to-Docker transformation, InSpec profile translation, and CI/CD pipeline generation.
Installation
poetry run souschefEnvironment Variables
- LOG_LEVEL
- SOUSCHEF_CONFIG_PATH
- CHEF_REPO_PATH
- OPENAI_API_KEY
- REDHAT_AI_API_KEY
- VAULT_TOKEN
- CHEF_TOKEN
- TOWER_HOST
- TOWER_USERNAME
- TOWER_PASSWORD
- TOWER_VERIFY_SSL
- SOUSCHEF_UI_PORT
- SOUSCHEF_UI_HOST
- SOUSCHEF_MAX_ARCHIVE_SIZE
- SOUSCHEF_MAX_FILE_SIZE
- SOUSCHEF_MAX_FILES
- SOUSCHEF_MAX_DEPTH
- SOUSCHEF_MCP_SERVER_URL
- TESTING
Security Notes
The project has multiple critical security vulnerabilities identified as 'open' by CodeQL and SnykCode. These include 'Arbitrary File Write via Archive Extraction (Tar Slip)' in `ui/pages/cookbook_analysis.py` (line 308) and numerous instances of 'Uncontrolled data used in path expression (Path Injection)' across `souschef/ui/pages/cookbook_analysis.py`, `souschef/core/path_utils.py`, and `souschef/assessment.py`. These vulnerabilities could allow an attacker to write arbitrary files or access unexpected resources on the host system if user-provided input, particularly archive files, is processed. While the project demonstrates security awareness (CodeQL setup, explicit code standards), the presence of several critical unaddressed path manipulation issues significantly reduces its safety for processing untrusted inputs.
Similar Servers
terraform-mcp-server
Provides seamless integration with Terraform Registry APIs and HCP Terraform/Terraform Enterprise APIs, enabling AI assistants/LLMs to generate high-quality Terraform code and automate IaC workflows.
tfmcp
A CLI tool and MCP server that enables LLMs to analyze, manage, and operate Terraform configurations and infrastructure environments.
AgentUp
A developer-first framework for building, deploying, and managing secure, scalable, and configurable AI agents, supporting various agent types (reactive, iterative) and the Model-Context Protocol (MCP) for seamless interactions.
1xn-vmcp
An open-source platform for composing, customizing, and extending multiple Model Context Protocol (MCP) servers into a single logical, virtual MCP server, enabling fine-grained context engineering for AI workflows and agents.