fix: add Docker configuration file support (fixes #105)

This commit adds comprehensive support for JSON configuration files in Docker containers, addressing the issue where the Docker image fails to start in server mode and ignores configuration files. ## Changes ### Docker Configuration Support - Added parse-config.js to safely parse JSON configs and export as shell variables - Implemented secure shell quoting to prevent command injection - Added dangerous environment variable blocking for security - Support for all JSON data types with proper edge case handling ### Docker Server Mode Fix - Added support for "n8n-mcp serve" command in entrypoint - Properly transforms serve command to HTTP mode - Fixed missing n8n-mcp binary issue in Docker image ### Security Enhancements - POSIX-compliant shell quoting without eval - Blocked dangerous variables (PATH, LD_PRELOAD, etc.) - Sanitized configuration keys to prevent invalid shell variables - Protection against shell metacharacters in values ### Testing - Added 53 comprehensive tests for Docker configuration - Unit tests for parsing, security, and edge cases - Integration tests for Docker entrypoint behavior - Security-focused tests for injection prevention ### Documentation - Updated Docker README with config file mounting examples - Enhanced troubleshooting guide with config file issues - Added version bump to 2.8.2 ### Additional Files - Included deployment-engineer and technical-researcher agent files 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-07-31 11:48:31 +02:00
parent dce2d9d83b
commit 903a49d3b0
20 changed files with 3130 additions and 3 deletions
--- a/docs/CHANGELOG.md
+++ b/docs/CHANGELOG.md
@@ -5,6 +5,41 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

+## [2.8.2] - 2025-07-31
+
+### Added
+- **Docker Configuration File Support**: Full support for JSON config files in Docker containers (fixes #105)
+  - Parse JSON configuration files and safely export as environment variables
+  - Support for `/app/config.json` mounting in Docker containers
+  - Secure shell quoting to prevent command injection vulnerabilities
+  - Dangerous environment variable blocking (PATH, LD_PRELOAD, etc.)
+  - Key sanitization for invalid environment variable names
+  - Support for all JSON data types with proper edge case handling
+
+### Fixed
+- **Docker Server Mode**: Fixed Docker image failing to start in server mode
+  - Added `n8n-mcp serve` command support in Docker entrypoint
+  - Properly set HTTP mode when `serve` command is used
+  - Fixed missing n8n-mcp binary in Docker image
+
+### Security
+- **Command Injection Prevention**: Comprehensive security hardening for config parsing
+  - Implemented POSIX-compliant shell quoting without using eval
+  - Blocked dangerous environment variables that could affect system security
+  - Added protection against shell metacharacters in configuration values
+  - Sanitized configuration keys to prevent invalid shell variable names
+
+### Testing
+- **Docker Configuration Tests**: Added 53 comprehensive tests for Docker config support
+  - Unit tests for config parsing, security, and edge cases
+  - Integration tests for Docker entrypoint behavior
+  - Tests for serve command transformation
+  - Security-focused tests for injection prevention
+
+### Documentation
+- Updated Docker documentation with config file mounting examples
+- Added troubleshooting guide for Docker configuration issues
+
 ## [2.8.0] - 2025-07-30

 ### Added
--- a/docs/DOCKER_README.md
+++ b/docs/DOCKER_README.md
@@ -68,6 +68,37 @@ docker run -d \

 *Either `AUTH_TOKEN` or `AUTH_TOKEN_FILE` must be set for HTTP mode. If both are set, `AUTH_TOKEN` takes precedence.

+### Configuration File Support (v2.8.2+)
+
+You can mount a JSON configuration file to set environment variables:
+
+```bash
+# Create config file
+cat > config.json << EOF
+{
+  "MCP_MODE": "http",
+  "AUTH_TOKEN": "your-secure-token",
+  "LOG_LEVEL": "info",
+  "N8N_API_URL": "https://your-n8n-instance.com",
+  "N8N_API_KEY": "your-api-key"
+}
+EOF
+
+# Run with config file
+docker run -d \
+  --name n8n-mcp \
+  -v $(pwd)/config.json:/app/config.json:ro \
+  -p 3000:3000 \
+  ghcr.io/czlonkowski/n8n-mcp:latest
+```
+
+The config file supports:
+- All standard environment variables
+- Nested objects (flattened with underscore separators)
+- Arrays, booleans, numbers, and strings
+- Secure handling with command injection prevention
+- Dangerous variable blocking for security
+
 ### Docker Compose Configuration

 The default `docker-compose.yml` provides:
@@ -142,6 +173,19 @@ docker run --rm -i --init \
  ghcr.io/czlonkowski/n8n-mcp:latest
 ```

+### Server Mode (Command Line)
+
+You can also use the `serve` command to start in HTTP mode:
+
+```bash
+# Using the serve command (v2.8.2+)
+docker run -d \
+  --name n8n-mcp \
+  -e AUTH_TOKEN=your-secure-token \
+  -p 3000:3000 \
+  ghcr.io/czlonkowski/n8n-mcp:latest serve
+```
+
 Configure Claude Desktop:
 ```json
 {
--- a/docs/DOCKER_TROUBLESHOOTING.md
+++ b/docs/DOCKER_TROUBLESHOOTING.md
@@ -14,6 +14,41 @@ This guide helps resolve common issues when running n8n-mcp with Docker, especia

 ## Common Issues

+### Docker Configuration File Not Working (v2.8.2+)
+
+**Symptoms:**
+- Config file mounted but environment variables not set
+- Container starts but ignores configuration
+- Getting "permission denied" errors
+
+**Solutions:**
+
+1. **Ensure file is mounted correctly:**
+```bash
+# Correct - mount as read-only
+docker run -v $(pwd)/config.json:/app/config.json:ro ...
+
+# Check if file is accessible
+docker exec n8n-mcp cat /app/config.json
+```
+
+2. **Verify JSON syntax:**
+```bash
+# Validate JSON file
+cat config.json | jq .
+```
+
+3. **Check Docker logs for parsing errors:**
+```bash
+docker logs n8n-mcp | grep -i config
+```
+
+4. **Common issues:**
+- Invalid JSON syntax (use a JSON validator)
+- File permissions (should be readable)
+- Wrong mount path (must be `/app/config.json`)
+- Dangerous variables blocked (PATH, LD_PRELOAD, etc.)
+
 ### Custom Database Path Not Working (v2.7.16+)

 **Symptoms:**