purple-mcp/docker-compose.yml at main · Sentinel-One/purple-mcp · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
services:
  purple-mcp-sse:
    build:
      context: .
      dockerfile: Dockerfile
    container_name: purple-mcp-sse
    environment:
      MCP_MODE: sse
      MCP_HOST: 0.0.0.0
      MCP_PORT: 8000
      # Required: SentinelOne Console configuration
      PURPLEMCP_CONSOLE_BASE_URL: ${PURPLEMCP_CONSOLE_BASE_URL}
      PURPLEMCP_CONSOLE_TOKEN: ${PURPLEMCP_CONSOLE_TOKEN}

      # Optional: Observability
      PURPLEMCP_ENV: ${PURPLEMCP_ENV:-production}
      PURPLEMCP_LOGFIRE_TOKEN: ${PURPLEMCP_LOGFIRE_TOKEN:-}
    ports:
      - "8000:8000"
    restart: unless-stopped
    healthcheck:
      test: ["CMD", "wget", "--spider", "-q", "http://localhost:8000/health"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 5s
    profiles:
      - sse
      - all

  purple-mcp-streamable-http:
    build:
      context: .
      dockerfile: Dockerfile
    container_name: purple-mcp-streamable-http
    environment:
      MCP_MODE: streamable-http
      MCP_HOST: 0.0.0.0
      MCP_PORT: 8000
      PURPLEMCP_STATELESS_HTTP: ${PURPLEMCP_STATELESS_HTTP:-false}
      # Required: SentinelOne Console configuration
      PURPLEMCP_CONSOLE_BASE_URL: ${PURPLEMCP_CONSOLE_BASE_URL}
      PURPLEMCP_CONSOLE_TOKEN: ${PURPLEMCP_CONSOLE_TOKEN}
      # Optional: Custom GraphQL endpoints
      PURPLEMCP_CONSOLE_GRAPHQL_ENDPOINT: ${PURPLEMCP_CONSOLE_GRAPHQL_ENDPOINT:-/web/api/v2.1/graphql}
      PURPLEMCP_ALERTS_GRAPHQL_ENDPOINT: ${PURPLEMCP_ALERTS_GRAPHQL_ENDPOINT:-/web/api/v2.1/unifiedalerts/graphql}
      PURPLEMCP_MISCONFIGURATIONS_GRAPHQL_ENDPOINT: ${PURPLEMCP_MISCONFIGURATIONS_GRAPHQL_ENDPOINT:-/web/api/v2.1/xspm/findings/misconfigurations/graphql}
      PURPLEMCP_VULNERABILITIES_GRAPHQL_ENDPOINT: ${PURPLEMCP_VULNERABILITIES_GRAPHQL_ENDPOINT:-/web/api/v2.1/xspm/findings/vulnerabilities/graphql}
      PURPLEMCP_INVENTORY_RESTAPI_ENDPOINT: ${PURPLEMCP_INVENTORY_RESTAPI_ENDPOINT:-/web/api/v2.1/xdr/assets}
      # Optional: Observability
      PURPLEMCP_ENV: ${PURPLEMCP_ENV:-production}
      PURPLEMCP_LOGFIRE_TOKEN: ${PURPLEMCP_LOGFIRE_TOKEN:-}
    ports:
      - "8001:8000"
    restart: unless-stopped
    healthcheck:
      test: ["CMD", "wget", "--spider", "-q", "http://localhost:8000/health"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 5s
    profiles:
      - streamable-http
      - production
      - all

  purple-mcp-stdio:
    build:
      context: .
      dockerfile: Dockerfile
    container_name: purple-mcp-stdio
    environment:
      MCP_MODE: stdio
      # Required: SentinelOne Console configuration
      PURPLEMCP_CONSOLE_BASE_URL: ${PURPLEMCP_CONSOLE_BASE_URL}
      PURPLEMCP_CONSOLE_TOKEN: ${PURPLEMCP_CONSOLE_TOKEN}
      # Optional: Custom GraphQL endpoints
      PURPLEMCP_CONSOLE_GRAPHQL_ENDPOINT: ${PURPLEMCP_CONSOLE_GRAPHQL_ENDPOINT:-/web/api/v2.1/graphql}
      PURPLEMCP_ALERTS_GRAPHQL_ENDPOINT: ${PURPLEMCP_ALERTS_GRAPHQL_ENDPOINT:-/web/api/v2.1/unifiedalerts/graphql}
      PURPLEMCP_MISCONFIGURATIONS_GRAPHQL_ENDPOINT: ${PURPLEMCP_MISCONFIGURATIONS_GRAPHQL_ENDPOINT:-/web/api/v2.1/xspm/findings/misconfigurations/graphql}
      PURPLEMCP_VULNERABILITIES_GRAPHQL_ENDPOINT: ${PURPLEMCP_VULNERABILITIES_GRAPHQL_ENDPOINT:-/web/api/v2.1/xspm/findings/vulnerabilities/graphql}
      PURPLEMCP_INVENTORY_RESTAPI_ENDPOINT: ${PURPLEMCP_INVENTORY_RESTAPI_ENDPOINT:-/web/api/v2.1/xdr/assets}
      # Optional: Observability
      PURPLEMCP_ENV: ${PURPLEMCP_ENV:-production}
      PURPLEMCP_LOGFIRE_TOKEN: ${PURPLEMCP_LOGFIRE_TOKEN:-}
    stdin_open: true
    tty: true
    profiles:
      - stdio

  purple-mcp-proxy:
    image: nginx:1.27-alpine
    container_name: purple-mcp-proxy
    environment:
      PURPLEMCP_AUTH_TOKEN: ${PURPLEMCP_AUTH_TOKEN:-your-secure-token-here}
      NGINX_ENVSUBST_OUTPUT_DIR: /etc/nginx
    volumes:
      - ./deploy/nginx/nginx.conf.template:/etc/nginx/templates/nginx.conf.template:ro
      - ./ssl:/etc/nginx/ssl:ro
    ports:
      - "80:80"
      - "443:443"
    depends_on:
      - purple-mcp-streamable-http
    restart: unless-stopped
    healthcheck:
      test: ["CMD", "wget", "--spider", "--quiet", "http://localhost/internal/health"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 5s
    profiles:
      - proxy
      - production

networks:
  default:
    name: purple-mcp-network
    driver: bridge