Seven tools in three capability groups — vendor status (Atlassian Statuspage, 48 built-in vendors + raw-URL passthrough), pure-TypeScript cert/DNS checks (any domain), and incident-response guidance:

Discover available vendors before running status checks or configuring a stack.

• Accepts an optional free-text query (matches name and slug, case-insensitive) and an optional category filter
• Eight categories: cloud, cdn-edge, dev-platform, data, comms, auth, monitoring, ai
• Returns slug (what to pass to other tools), display name, category, and Statuspage base URL
• 48 built-in entries — well-known public vendors with verified Statuspage /api/v2/status.json endpoints

Built-in vendor registry:

The registry covers verified public vendors on Atlassian Statuspage. Major cloud providers (AWS, GCP, Azure) use custom status pages and are not in the registry — they can still be reached by passing their raw Statuspage-compatible URL if one exists.

Batch health snapshot across one or more vendors in a single call.

• Accepts registered vendor slugs (e.g., "github") or raw Statuspage base URLs (e.g., "https://www.githubstatus.com") — mix freely
• mode: "summary" (default): indicator + degraded components + active incidents
• mode: "detailed": adds full component list and scheduled maintenance windows
• Promise.allSettled fan-out — one failing vendor does not block the rest; errors surface inline
• Results served from a 60-second in-memory cache; cached: true flag on each result

Full incident timeline for a vendor with filter support.

• filter: "all" (default): incidents plus scheduled maintenances
• filter: "active": only incidents with status investigating / identified / monitoring
• filter: "resolved": only fully resolved incidents
• filter: "scheduled": only scheduled maintenance windows
• Returns per-update bodies in chronological order, affected component names, duration in minutes (resolved incidents), and a direct shortlink to the incident page
• Configurable limit (1–50); Statuspage returns at most 50 per call

Named, persisted vendor stack for recurring health sweeps.

• On the first call, provide vendors to define the stack — it is saved to tenant-scoped session state under stack_name
• Subsequent calls can omit vendors; the saved list is reused automatically
• Multiple stacks coexist via distinct stack_name values (e.g., "production", "data-layer")
• Aggregate health output: all_operational / degraded / partial_outage / major_outage
• Note: stack state is in-memory; it does not persist across server restarts

Direct TLS handshake inspection — no external API required.

• Accepts bare hostnames (no https:// prefix) — up to 10 per call
• Reports: days to expiry (flagged warning at < 30 days, critical at < 7), certificate subject and SANs, issuer common name, chain depth, negotiated TLS version (flags 1.0 and 1.1 as insecure), cipher suite
• HSTS detection: sends a minimal HTTP/1.1 GET over the same TLS socket, reads the Strict-Transport-Security response header
• Per-domain failures are reported inline (status: "error") rather than throwing — useful partial results when checking multiple domains
• Configurable port (default 443) and timeout per domain

Multi-resolver DNS propagation check — no external API required.

• Queries Google (8.8.8.8), Cloudflare (1.1.1.1), and Quad9 (9.9.9.9) in parallel per domain
• Supported record types: A, AAAA, CNAME, MX, TXT, NS (defaults to A, AAAA, MX, TXT)
• Reports per-resolver latency, propagation discrepancies (where resolvers disagree), and human-readable flags
• Custom resolver list supported — pass any IP addresses to test internal DNS or resolver-specific behavior
• Up to 10 domains per call; per-domain timeouts configurable

Deterministic incident-response guidance, no external calls.

• Returns a markdown playbook tailored to the vendor's category (CDN outage vs. CI/CD outage vs. auth provider outage vs. AI service outage)
• nextToolSuggestions pre-populated with arguments from the provided context — execute in sequence to gather diagnostic data
• Optional your_domain populates cert and DNS check arguments automatically
• Falls back to generic guidance for unrecognized vendors

All resource data is also reachable via tools. Tool-only agents are fully supported.

Built on @cyanheads/mcp-ts-core:

• Declarative tool and resource definitions — single file per primitive, framework handles registration and validation
• Unified error handling — handlers throw, framework catches, classifies, and formats
• Pluggable auth: none, jwt, oauth
• Swappable storage backends: in-memory, filesystem, Supabase, Cloudflare KV/R2/D1
• Structured logging with optional OpenTelemetry tracing
• STDIO and Streamable HTTP transports

DevOps-status-specific:

• No API keys required — Atlassian Statuspage is a public API; TLS and DNS use Node.js stdlib (node:tls, node:dns)
• 48-vendor built-in registry covering cloud, CDN, dev-platform, data, comms, auth, monitoring, and AI categories; extendable via raw Statuspage URL passthrough
• 60-second in-memory cache on Statuspage reads shared across all tenants — prevents thundering-herd on batch calls
• devops_watch_stack persists named vendor lists in tenant-scoped state for repeat morning checks or pre-deploy sweeps
• devops_suggest_action dispatches category-specific playbooks deterministically — no LLM sampling dependency, works in all clients

Agent-friendly output:

• Batch tools (devops_status_check, devops_watch_stack, devops_check_certs, devops_check_dns) use Promise.allSettled — one failing target never blocks the rest; errors surface as inline error fields
• cached: true / checked_at on every Statuspage result — agents know when data was fetched
• Discriminated indicator and status enums (none / minor / major / critical; operational / degraded_performance / partial_outage / major_outage / under_maintenance) — callers branch on data, not string parsing
• nextToolSuggestions in devops_suggest_action pre-fills tool arguments from incident context — agents can execute the playbook mechanically

A public instance is available at https://devops-status.caseyjhand.com/mcp — no installation required. Point any MCP client at it via Streamable HTTP:

{
  "mcpServers": {
    "devops-status-mcp-server": {
      "type": "streamable-http",
      "url": "https://devops-status.caseyjhand.com/mcp"
    }
  }
}

No API key required. Add the following to your MCP client configuration file:

{
  "mcpServers": {
    "devops-status-mcp-server": {
      "type": "stdio",
      "command": "bunx",
      "args": ["@cyanheads/devops-status-mcp-server@latest"],
      "env": {
        "MCP_TRANSPORT_TYPE": "stdio",
        "MCP_LOG_LEVEL": "info"
      }
    }
  }
}

Or with npx (no Bun required):

{
  "mcpServers": {
    "devops-status-mcp-server": {
      "type": "stdio",
      "command": "npx",
      "args": ["-y", "@cyanheads/devops-status-mcp-server@latest"],
      "env": {
        "MCP_TRANSPORT_TYPE": "stdio",
        "MCP_LOG_LEVEL": "info"
      }
    }
  }
}

Or with Docker:

{
  "mcpServers": {
    "devops-status-mcp-server": {
      "type": "stdio",
      "command": "docker",
      "args": [
        "run", "-i", "--rm",
        "-e", "MCP_TRANSPORT_TYPE=stdio",
        "ghcr.io/cyanheads/devops-status-mcp-server:latest"
      ]
    }
  }
}

For Streamable HTTP, set the transport and start the server:

MCP_TRANSPORT_TYPE=http MCP_HTTP_PORT=3010 bun run start:http
# Server listens at http://localhost:3010/mcp

• Bun v1.3.0 or higher (or Node.js v24+).
• No API keys or external accounts required.

1. Clone the repository:

git clone https://github.com/cyanheads/devops-status-mcp-server.git

2. Navigate into the directory:

cd devops-status-mcp-server

3. Install dependencies:

bun install

4. Configure environment:

cp .env.example .env
# edit .env if you want to override defaults

No API keys required. All environment variables are optional.

See .env.example for the full list of optional overrides.

• Build and run:

  bun run rebuild
  bun run start:stdio
  # or
  bun run start:http

• Run checks and tests:

  bun run devcheck   # Lint, format, typecheck, security
  bun run test       # Vitest test suite
  bun run lint:mcp   # Validate MCP definitions against spec

docker build -t devops-status-mcp-server .
docker run --rm -p 3010:3010 devops-status-mcp-server

The Dockerfile defaults to HTTP transport, stateless session mode, and logs to /var/log/devops-status-mcp-server. OpenTelemetry peer dependencies are installed by default — build with --build-arg OTEL_ENABLED=false to omit them.

See CLAUDE.md for development guidelines and architectural rules. The short version:

• Handlers throw, framework catches — no try/catch in tool logic
• Use ctx.log for request-scoped logging, ctx.state for tenant-scoped storage
• Register new tools and resources via the barrels in src/mcp-server/*/definitions/index.ts
• devops_check_certs and devops_check_dns use only Node.js stdlib — add no external deps for these paths

Issues and pull requests are welcome. Run checks and tests before submitting:

bun run devcheck
bun run test

Apache-2.0 — see LICENSE for details.