chnjinlei/hive
1
0
Fork 0
Code Issues Pull Requests Actions 41 Packages Projects Releases Wiki Activity

Merge pull request #6658 from saurabhiiitm062/feat/cloudflare-dns-tool

Browse Source 
feat: cloudflare DNS/Zone tool integrations
This commit is contained in:
Bryan @ Aden
2026-04-01 10:11:44 -07:00
committed by GitHub
parent 5823513fde ebb6605a86
commit c8a25a0287
9 changed files with 3357 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tools/src/aden_tools/credentials/__init__.py
+3
View File
@@ -70,6 +70,7 @@ from .brevo import BREVO_CREDENTIALS
from .browser import get_aden_auth_url, get_aden_setup_url, open_browser
from .calcom import CALCOM_CREDENTIALS
from .calendly import CALENDLY_CREDENTIALS
from .cloudflare import CLOUDFLARE_CREDENTIALS
from .cloudinary import CLOUDINARY_CREDENTIALS
from .confluence import CONFLUENCE_CREDENTIALS
from .databricks import DATABRICKS_CREDENTIALS
@@ -160,6 +161,7 @@ CREDENTIAL_SPECS = {
**BREVO_CREDENTIALS,
**CALCOM_CREDENTIALS,
**CALENDLY_CREDENTIALS,
**CLOUDFLARE_CREDENTIALS,
**CLOUDINARY_CREDENTIALS,
**CONFLUENCE_CREDENTIALS,
**DATABRICKS_CREDENTIALS,
@@ -254,6 +256,7 @@ __all__ = [
"BREVO_CREDENTIALS",
"CALCOM_CREDENTIALS",
"CALENDLY_CREDENTIALS",
"CLOUDFLARE_CREDENTIALS",
"CLOUDINARY_CREDENTIALS",
"CONFLUENCE_CREDENTIALS",
"DATABRICKS_CREDENTIALS",
tools/src/aden_tools/credentials/cloudflare.py
+75
View File
@@ -0,0 +1,75 @@
from aden_tools.credentials import CredentialSpec
CLOUDFLARE_CREDENTIALS = {
"cloudflare": CredentialSpec(
env_var="CLOUDFLARE_API_TOKEN",
description=(
"Cloudflare API token (DNS/Zone Read-Write). Provide via env var or credential store."
),
required=True,
help_url="https://dash.cloudflare.com/profile/api-tokens",
credential_id="cloudflare_api_token",
api_key_instructions=(
"Create an API token with Zone/DNS read and edit permissions: "
"https://dash.cloudflare.com/profile/api-tokens"
),
direct_api_key_supported=True,
health_check_endpoint="https://api.cloudflare.com/client/v4/user/tokens/verify",
tools=[
"cloudflare_list_zones",
"cloudflare_get_zone",
"cloudflare_get_zone_settings",
"cloudflare_list_zone_custom_pages",
"cloudflare_get_ssl_verification",
"cloudflare_list_zone_certificates",
"cloudflare_list_zone_subscriptions",
"cloudflare_get_dnssec_status",
"cloudflare_update_zone_setting",
"cloudflare_list_dns_records",
"cloudflare_get_dns_record",
"cloudflare_list_dns_record_scan",
"cloudflare_get_dns_settings",
"cloudflare_list_dns_analytics_report",
"cloudflare_check_domain_dns_health",
"cloudflare_create_dns_record",
"cloudflare_update_dns_record",
"cloudflare_delete_dns_record",
"cloudflare_get_zone_analytics",
"cloudflare_get_top_analytics",
"cloudflare_get_security_analytics",
"cloudflare_get_cache_analytics",
"cloudflare_get_performance_analytics",
"cloudflare_get_http_analytics_report",
"cloudflare_list_firewall_events",
"cloudflare_get_security_settings",
"cloudflare_list_page_rules",
"cloudflare_list_waf_rulesets",
"cloudflare_get_bot_management_settings",
"cloudflare_list_managed_transforms",
"cloudflare_get_ddos_protection_settings",
"cloudflare_create_firewall_rule",
"cloudflare_delete_firewall_rule",
"cloudflare_get_speed_settings",
"cloudflare_get_cache_settings",
"cloudflare_get_http_config",
"cloudflare_get_network_settings",
"cloudflare_purge_cache_all",
"cloudflare_purge_cache_files",
"cloudflare_list_advanced_services",
"cloudflare_list_accounts",
"cloudflare_get_account_details",
"cloudflare_list_account_members",
"cloudflare_invite_account_member",
"cloudflare_delete_account_member",
"cloudflare_list_custom_hostnames",
"cloudflare_list_audit_logs",
"cloudflare_list_firewall_rules",
"cloudflare_list_access_applications",
"cloudflare_list_r2_buckets",
"cloudflare_list_pages_projects",
"cloudflare_create_access_policy",
"cloudflare_create_worker_route",
"cloudflare_set_ssl_mode",
],
)
}
tools/src/aden_tools/credentials/health_check.py
+6
View File
@@ -1307,6 +1307,11 @@ class YouTubeHealthChecker(BaseHttpHealthChecker):
AUTH_QUERY_PARAM_NAME = "key"
class CloudflareHealthChecker(BaseHttpHealthChecker):
ENDPOINT = "https://api.cloudflare.com/client/v4/user/tokens/verify"
SERVICE_NAME = "Cloudflare"
# Registry of health checkers
HEALTH_CHECKERS: dict[str, CredentialHealthChecker] = {
"apify": ApifyHealthChecker(),
@@ -1317,6 +1322,7 @@ HEALTH_CHECKERS: dict[str, CredentialHealthChecker] = {
"brevo": BrevoHealthChecker(),
"calcom": CalcomHealthChecker(),
"calendly_pat": CalendlyHealthChecker(),
"cloudflare": CloudflareHealthChecker(),
"discord": DiscordHealthChecker(),
"docker_hub": DockerHubHealthChecker(),
"exa_search": ExaSearchHealthChecker(),
tools/src/aden_tools/tools/__init__.py
+2
View File
@@ -44,6 +44,7 @@ from .brevo_tool import register_tools as register_brevo
from .calcom_tool import register_tools as register_calcom
from .calendar_tool import register_tools as register_calendar
from .calendly_tool import register_tools as register_calendly
from .cloudflare_tool import register_tools as register_cloudflare
from .cloudinary_tool import register_tools as register_cloudinary
from .confluence_tool import register_tools as register_confluence
from .csv_tool import register_tools as register_csv
@@ -253,6 +254,7 @@ def _register_unverified(
register_stripe(mcp, credentials=credentials)
register_postgres(mcp, credentials=credentials)
register_calendly(mcp, credentials=credentials)
register_cloudflare(mcp, credentials=credentials)
register_cloudinary(mcp, credentials=credentials)
register_confluence(mcp, credentials=credentials)
register_databricks(mcp, credentials=credentials)
tools/src/aden_tools/tools/cloudflare_tool/README.md
+271
View File
@@ -0,0 +1,271 @@
# Cloudflare DNS/Zone Management Tool
Provides comprehensive Cloudflare DNS/Zone management tools for agents to inspect domains, DNS records, manage infrastructure, and diagnose DNS configuration issues.
## Features
- **Zone Management**: List zones, get details, and manage 30+ settings (SSL, IPv6, WebSockets, etc.).
- **DNS Management**: Create, Update, Delete, and List DNS records (A, CNAME, TXT, MX, etc.).
- **Security & Firewall**: Manage firewall rules, WAF rulesets, Bot management, and Zero Trust Access policies.
- **Analytics & Metrics**: Get traffic (bandwidth), security (threats), cache, and performance analytics.
- **Performance & Cache**: Purge everything or specific files from cache, manage speed settings (Minify, Brotli).
- **Eco-system Support**: List R2 Buckets, Pages Projects, and manage Workers routing.
- **Diagnostics**: Specialized DNS health diagnosis for domains with structured troubleshooting output.
## Authentication
Requires a Cloudflare API token with the following permissions:
### Recommended Permissions
- `Zone:Read`, `Zone:Edit` — zone information and settings
- `DNS:Read`, `DNS:Edit` — DNS records management
- `Account:Read`, `Account:Edit` — (Optional) account members and R2/Pages listing
- `Analytics:Read` — Analytics dashboards
### Setup
1. Navigate to [Cloudflare API Tokens](https://dash.cloudflare.com/profile/api-tokens)
2. Create/Configure an API token with appropriate permissions.
3. Set the environment variable:
```bash
export CLOUDFLARE_API_TOKEN="your_api_token_here"
```
_Note: Can also be configured via the Aden Credential Store._
## Key Tools Summary
### Infrastructure & Zones
- `cloudflare_list_zones`: List zones in the account.
- `cloudflare_get_zone_settings`: Read 30+ common zone settings.
- `cloudflare_update_zone_setting`: Update specific settings (IPv6, settings IDs, etc.).
- `cloudflare_set_ssl_mode`: Quick toggle for SSL modes (Strict, Flexible, etc.).
### DNS Operations
- `cloudflare_list_dns_records`: List and filter DNS records.
- `cloudflare_create_dns_record`: Add new A, CNAME, TXT, etc. records.
- `cloudflare_update_dns_record`: Modify existing records.
- `cloudflare_delete_dns_record`: Remove records permanently.
### Analytics & Health
- `cloudflare_get_zone_analytics`: Get last 24h traffic/threat stats.
- `cloudflare_check_domain_dns_health`: Deep diagnostic check for domain misconfigurations.
- `cloudflare_get_http_analytics_report`: Detailed status code and content type distribution.
### Security
- `cloudflare_create_firewall_rule`: Create custom blocking/allow rules.
- `cloudflare_list_waf_rulesets`: View modern WAF configuration.
- `cloudflare_create_access_policy`: Set Zero Trust Access policies.
### Cache & Performance
- `cloudflare_purge_cache_all`: Clear the entire zone cache.
- `cloudflare_purge_cache_files`: Clear specific URLs from cache.
- `cloudflare_get_speed_settings`: Check Minify, Brotli, and Rocket Loader status.
### Account & Advanced
- `cloudflare_list_accounts`: List all accessible accounts.
- `cloudflare_invite_account_member`: Manage team access.
- `cloudflare_list_r2_buckets`: Overview of R2 storage.
- `cloudflare_create_worker_route`: Bind Worker scripts to URL patterns.
---
_Generated for the Model Context Protocol (MCP) as part of the Aden Tools suite._
### `cloudflare_get_zone`
Get details for a specific zone.
**Parameters:**
- `zone_id` (str, required): Zone ID (32-character hex string)
**Returns:**
```json
{
"id": "023e105f4ecef8ad9ca31a8372d0c353",
"name": "example.com",
"status": "active",
"name_servers": ["ns1.cloudflare.com", "ns2.cloudflare.com"],
"created_on": "2014-01-01T23:27:06.000Z",
"modified_on": "2014-07-10T05:35:15.000Z",
"plan": "pro",
"type": "full"
}
```
### `cloudflare_list_dns_records`
List DNS records for a zone.
**Parameters:**
- `zone_id` (str, required): Zone ID
- `name` (str, optional): Filter by DNS record name
- `type` (str, optional): Filter by record type (A, AAAA, CNAME, MX, TXT, etc.)
- `page` (int, default=1): Page number for pagination
- `per_page` (int, default=20): Results per page (max 100)
**Returns:**
```json
{
"records": [
{
"id": "372e67954025e0ba6aaa6d586b9e0b59",
"type": "A",
"name": "example.com",
"content": "192.0.2.1",
"ttl": 3600,
"proxied": true,
"priority": null
}
],
"zone_id": "023e105f4ecef8ad9ca31a8372d0c353",
"page": 1,
"per_page": 20,
"total": 1
}
```
### `cloudflare_get_dns_record`
Get a specific DNS record by ID.
**Parameters:**
- `zone_id` (str, required): Zone ID
- `record_id` (str, required): DNS record ID
**Returns:**
```json
{
"id": "372e67954025e0ba6aaa6d586b9e0b59",
"type": "A",
"name": "example.com",
"content": "192.0.2.1",
"ttl": 3600,
"proxied": true,
"priority": null,
"created_on": "2014-01-01T23:28:48.000Z",
"modified_on": "2014-07-10T05:35:15.000Z"
}
```
### `cloudflare_check_domain_dns_health`
Perform a comprehensive DNS health check for a domain, identifying common configuration issues.
**Parameters:**
- `domain` (str, required): Domain name (e.g., "example.com")
**Returns:**
```json
{
"domain": "example.com",
"zone_found": true,
"zone_id": "023e105f4ecef8ad9ca31a8372d0c353",
"zone_status": "active",
"root_records": [
{
"id": "372e67954025e0ba6aaa6d586b9e0b59",
"type": "A",
"name": "example.com",
"content": "192.0.2.1",
"ttl": 3600,
"proxied": false
}
],
"www_records": [
{
"id": "372e67954025e0ba6aaa6d586b9e0b60",
"type": "A",
"name": "www.example.com",
"content": "192.0.2.1",
"ttl": 3600,
"proxied": false
}
],
"mx_records": [],
"ns_records": [],
"total_records": 2,
"issues": [
{
"code": "MX_MISSING",
"message": "No MX records configured for example.com"
}
],
"summary": "Zone is active. Found 2 DNS records. Issues detected: MX_MISSING."
}
```
## Common Issue Codes
- `ZONE_NOT_FOUND` — Zone not found for the domain in Cloudflare
- `ZONE_INACTIVE` — Zone status is not "active"
- `ROOT_MISSING` — No A/AAAA records for root domain
- `WWW_MISSING` — No www subdomain DNS record
- `MX_MISSING` — No MX records configured
- `PROXY_INVALID` — Proxied record has no valid target
## Usage Examples
```python
# List all zones
zones = mcp.tools["cloudflare_list_zones"](page=1, per_page=20)
# Get zone details
zone = mcp.tools["cloudflare_get_zone"](zone_id="023e105f4ecef8ad9ca31a8372d0c353")
# List DNS records for a zone
records = mcp.tools["cloudflare_list_dns_records"](
zone_id="023e105f4ecef8ad9ca31a8372d0c353",
type="A"
)
# Check DNS health for a domain
health = mcp.tools["cloudflare_check_domain_dns_health"](domain="example.com")
```
## Error Handling
All tools return structured error dictionaries on failure:
```json
{
"error": "Unauthorized - invalid or missing CLOUDFLARE_API_TOKEN",
"status_code": 401
}
```
Common error codes:
- `401` — Invalid or missing credentials
- `403` — Insufficient permissions
- `404` — Resource not found
- `429` — Rate limited (check `retry_after` header)
## Implementation Notes
- Tools encompass both resource query (GET) and update/create (POST/PATCH/DELETE) operations
- Credentials are retrieved from the `CLOUDFLARE_API_TOKEN` environment variable
- Requests are validated and sanitized for security
- Responses are normalized into compact, agent-friendly objects
- Pagination defaults to 20 results, maximum 100 per page
- API timeout is 30 seconds
## Files
- `cloudflare_tool.py` — Main tool implementation
- `__init__.py` — Package export
- `README.md` — This documentation
tools/src/aden_tools/tools/cloudflare_tool/__init__.py
+5
View File
@@ -0,0 +1,5 @@
"""Cloudflare DNS/Zone management tool package for Aden Tools."""
from .cloudflare_tool import register_tools
__all__ = ["register_tools"]
tools/src/aden_tools/tools/cloudflare_tool/cloudflare_tool.py
+1882
View File
File diff suppressed because it is too large Load Diff
tools/tests/test_health_checks.py
+1
View File
@@ -66,6 +66,7 @@ class TestHealthCheckerRegistry:
"brevo",
"calcom",
"calendly_pat",
"cloudflare",
"discord",
"docker_hub",
"exa_search",
tools/tests/tools/test_cloudflare.py
+1112
View File
File diff suppressed because it is too large Load Diff