feat: Allow configuration of temporary user timeout when connecting to atlas cluster

[jeroenvervaeke]

Proposed changes

Allow configuration of temporary user timeout when connecting to atlas cluster.

• config name temporaryDatabaseUserLifetimeSeconds
• flag name --temporaryDatabaseUserLifetimeSeconds
• env variable MDB_MCP_TEMPORARY_DATABASE_USER_LIFETIME_SECONDS

Ticket: [MCP-199] [Security] allow users to configure expiration timeout and limit the default 12 hours to 4 hours.

Checklist

• I have signed the MongoDB CLA

[gagik]

this array is duplicated from mongosh and shouldn't be modified.
In the future, we should definetely export it from mongosh and import it here because this is doomed to be confusing.
Maybe let's move this to a separate file now with a comment?

[jeroenvervaeke]

Could you elaborate on this comment?

[himanshusinghs]

We don't need to (and shouldn't) modify the OPTIONS type as that configuration is for part of code from mongosh which we depend on for connection related work. For general config changes the user UserConfig modification should be enough.

[jeroenvervaeke]

I only added temporaryDatabaseUserLifetimeSeconds to the list because it didn't work without adding it.

[gagik]

that's odd, it shouldn't depend on this.
This object should be only about mongosh-related args

[gagik]

We should definitely deal with this now. Just create a second object which extends this. It should take a minute.

[jeroenvervaeke]

Can this PR have a " 👍 ", or do you require any more changes on my side?

[gagik]

We should definitely deal with this now. Just create a second object which extends this. It should take a minute.

We need to split the object between what is copied of over from mongosh and what is ours.
Something like

const MONGOSH_OPTIONS = [
// copy-paste from that mongosh file
]
const MCP_SERVER_OPTIONS = [
// ...
]
const OPTIONS = [...MONGOSH_OPTIONS, ...MCP_SERVER_OPTIONS]

(this would need to be done per field as otherwise they'd override each other)

[jeroenvervaeke]

I've split the options like you suggested.

[jeroenvervaeke]

Fixed the shallow merge issue.

[nirinchev]

The new option should probably be documented in the readme. Also, we are now entering a territory where it's much more likely that an automatically created user expires while we're still connected to the cluster. We should consider how to handle such a case - we can either recreate the user and update the connection or return an error message instructing the model to re-run the atlas-connect-cluster tool. I would suggest that you test it manually to verify what the real-world behavior is and then decide whether gracefully handling it is critical for GA.

[nirinchev]

When representing time, I find it easier to reason about the numbers if they're expressed as multiplication of units of time - i.e. 1000 * 60 * 60 * 4 rather than the result - it's much easier to spot mistakes than making the calculation in your head.

[jeroenvervaeke]

Thanks for the feedback! I chose to use the plain number format here to maintain consistency with the other time values already defined in this struct, which all follow the same pattern.

[gagik]

I wouldn't mind changing the others to match as a drive-by as well

[jeroenvervaeke]

I've update the numbers

[jeroenvervaeke]

The new option should probably be documented in the readme. Also, we are now entering a territory where it's much more likely that an automatically created user expires while we're still connected to the cluster. We should consider how to handle such a case - we can either recreate the user and update the connection or return an error message instructing the model to re-run the atlas-connect-cluster tool. I would suggest that you test it manually to verify what the real-world behavior is and then decide whether gracefully handling it is critical for GA.

@nirinchev
Updated the readme

[gagik]

this is fine. alternative idea for consideration but non-blocking:

function mergeOptions(...optionSources: Array<Record<string, any>>) {
    return {
        string: optionSources.flatMap(opts => opts.string ?? []),
        boolean: optionSources.flatMap(opts => opts.boolean ?? []),
        array: optionSources.flatMap(opts => opts.array ?? []),
        alias: Object.assign({}, ...optionSources.map(opts => opts.alias ?? {})),
        configuration: Object.assign({}, ...optionSources.map(opts => opts.configuration ?? {})),
    } as const;
}

const OPTIONS = mergeOptions(MONGOSH_OPTIONS, MCP_SERVER_OPTIONS);

[jeroenvervaeke]

I have accepted your suggestion.

I had to introduce a new Options interface to make the linter happy.

[gagik]

I wouldn't mind changing the others to match as a drive-by as well

[himanshusinghs]

So this is a problem. The options that you see here are not all MONGOSH options. They contain MCP related options as well.

I don't have strong opinion on fixing this right now but consider that this is only a partial solution. We still need to address it entirely, perhaps with https://jira.mongodb.org/browse/MCP-202

[nirinchev]

Folks, let's hold off on the refactorings of the cli options that close to the release. I agree it's not ideal that we're intertwining mongosh and mcp arguments together, but this has been the case for a while now and besides being a code smell, hasn't really caused issues. Sorry for the back-and-forth here @jeroenvervaeke, but let's just revert all the options refactorings and go back to the state in the first commit where we just add the new option to the original OPTIONS object.

[coveralls]

Pull Request Test Coverage Report for Build 17668190160

Details

• 8 of 8 (100.0%) changed or added relevant lines in 2 files are covered.
• 6 unchanged lines in 1 file lost coverage.
• Overall coverage decreased (-0.1%) to 81.428%

---

Files with Coverage Reduction	New Missed Lines	%
src/common/connectionManager.ts	6	87.78%

Totals
Change from base Build 17650490388:	-0.1%
Covered Lines:	4855
Relevant Lines:	5865

---

💛 - Coveralls

[jeroenvervaeke]

Folks, let's hold off on the refactorings of the cli options that close to the release. I agree it's not ideal that we're intertwining mongosh and mcp arguments together, but this has been the case for a while now and besides being a code smell, hasn't really caused issues. Sorry for the back-and-forth here @jeroenvervaeke, but let's just revert all the options refactorings and go back to the state in the first commit where we just add the new option to the original OPTIONS object.

Reverted those requested changes

[gagik]

OPTIONS changes seemed low risk but SGTM