fix(mcp-server,skills): fix onboarding blockers from test report

[goldmedal]

Summary

Fixes 6 issues discovered during onboarding testing with BigQuery (see test report):

• Container crash on missing MDL: Wrap MDL_PATH file read in try/except — start without MDL instead of crashing
• BigQuery Web UI field mismatch: Fix form field names (project→project_id, dataset→dataset_id, credentials_base64→credentials) to match backend pydantic model
• BigQuery file upload UX: Replace base64 text input with a file picker that auto-encodes credentials.json client-side
• Skill field name corrections: Fix wren-connection-info for BigQuery (credentials), Snowflake (schema), Athena (region_name), Databricks (camelCase aliases)
• Databricks in Web UI: Add Databricks data source to the connection form
• Session troubleshooting: Document "Session not found" error after container restart in docs and skills

Test plan

• Start container without target/mdl.json — should log warning and start normally
• Start container with invalid JSON at MDL_PATH — should log parse error and start normally
• Open Web UI → select BigQuery → verify field names are project_id, dataset_id, and file upload for credentials
• Upload a credentials.json via file picker → verify base64 value is sent on form submit
• Open Web UI → select Databricks → verify serverHostname, httpPath, accessToken fields appear
• Verify wren-connection-info skill documents correct field names for all data sources

🤖 Generated with Claude Code

Summary by CodeRabbit

• New Features

  • Databricks datasource support
  • File-based JSON credential upload for BigQuery

• Improvements

  • Startup is more tolerant of missing/invalid datasource configs
  • Editing connections preserves previously uploaded credentials (no forced re-upload)

• Documentation

  • Standardized connection field names across docs
  • Added troubleshooting: start a new session after container restart to recover from “Session not found”

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 59e667b5-c5ea-4323-91f5-4989a12d9afa

📥 Commits

Reviewing files that changed from the base of the PR and between 314c4e7 and 76ee9d2.

📒 Files selected for processing (1)

• mcp-server/app/templates/_fields.html

---

📝 Walkthrough

Walkthrough

Adds a base64 file-upload field to the MCP web UI, renames and adds datasource credential fields (BigQuery, Snowflake, Athena, Databricks), merges posted connection info with stored state to preserve omitted sensitive fields, hardens MDL loading, and updates related docs and skill metadata and troubleshooting.

Changes

Cohort / File(s)	Summary
Web UI — file input mcp-server/app/templates/_fields.html	Added file_base64 rendering: visible file picker + hidden base64 input, per-field status <small>, and inline handleFileBase64(fileInput, fieldName) JS to read file → base64 and update hidden input/status.
Server — datasource schemas & submit mcp-server/app/web.py	Renamed BigQuery fields (project→project_id, dataset→dataset_id), replaced credentials_base64 with credentials file_base64, added DATABRICKS datasource (serverHostname, httpPath, accessToken), and changed post_connection to merge submitted conn_info with existing state["connection_info"] to retain omitted sensitive fields.
MDL loading robustness mcp-server/app/wren.py	Wrap MDL open/parse in try/except; use mdl_schema.get("dataSource", ""); handle FileNotFoundError / JSONDecodeError / KeyError with diagnostics and skip loading instead of raising.
Docs & skill metadata — connection-info / versions skills/.../SKILL.md, skills/.../references/databases.md, skills/index.json, skills/versions.json	Bumped wren-mcp-setup version to 1.4; updated documented field names (BigQuery credentials, Snowflake schema, Athena region_name, Databricks camelCase fields and service principal keys); updated troubleshooting to note “Session not found” after container restart.
User docs docs/getting_started_with_claude_code.md	Added troubleshooting bullet: container restart can cause MCP tools to show “Session not found”; instruct user to start a new Claude Code session (or restart MCP client) to obtain a fresh session ID.

Sequence Diagram(s)

sequenceDiagram
  participant User
  participant Browser
  participant MCP_Server
  participant StateStore

  User->>Browser: choose credentials JSON file
  Browser->>Browser: handleFileBase64(file) -> read ArrayBuffer, encode base64
  Browser->>MCP_Server: POST connection form (may include `credentials` base64)
  MCP_Server->>StateStore: read existing connection_info
  MCP_Server->>MCP_Server: merge submitted conn_info with existing (preserve omitted sensitive fields)
  MCP_Server->>StateStore: save merged connection_info
  MCP_Server-->>Browser: respond (success/failure)

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• feat(mcp-server): add Web UI for connection info management with read-only mode #1447: Overlaps changes to MCP web UI and web.py datasource/credential handling (file upload and server-side handling).
• feat(mcp): introduce MCP server #1094: Related to MDL-loading robustness and wren.py MDL parsing behavior.
• docs(skills): add file-based connector docs, venv setup, and fix path/typo issues #1438: Related skill docs and credential representation changes in connection-info documentation.

Suggested labels

python

Suggested reviewers

• douenergy
• wwwy3y3
• chilijung

Poem

🐰 I tucked a JSON in a hop so neat,
Base64 crumbs for servers to eat.
If sessions snooze when containers part,
Start Claude anew — I'll guard the heart. 🥕

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The PR title accurately reflects the main objectives: fixing onboarding blockers discovered during testing. It addresses six specific issues across mcp-server and skills components, making it a comprehensive fix PR.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (1)

mcp-server/app/templates/_fields.html (1)

41-59: Consider UTF-8 safety for btoa() encoding.

btoa() only handles Latin-1 characters and will throw an error if the file contains multi-byte UTF-8 characters. While GCP service account JSON files are typically ASCII-only, a more robust approach would handle arbitrary UTF-8:

♻️ Optional: UTF-8-safe base64 encoding

     reader.onload = function() {
-      hidden.value = btoa(reader.result);
+      // UTF-8 safe base64 encoding
+      var bytes = new TextEncoder().encode(reader.result);
+      var binary = '';
+      for (var i = 0; i < bytes.length; i++) {
+        binary += String.fromCharCode(bytes[i]);
+      }
+      hidden.value = btoa(binary);
       status.textContent = '✓ ' + file.name + ' loaded (' + Math.ceil(reader.result.length / 1024) + ' KB)';

Note: The static analysis hints about "special characters must be escaped" and "id must be unique" are false positives — they don't account for Jinja2 template syntax and loop-generated unique IDs.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@mcp-server/app/templates/_fields.html` around lines 41 - 59, handleFileBase64
currently uses FileReader.readAsText and btoa(reader.result), which will fail
for multi-byte UTF‑8; change the reader to read the file as binary (e.g., use
readAsArrayBuffer or readAsDataURL) and produce a proper base64 string instead
of btoa(reader.result). Specifically, in handleFileBase64 replace the readAsText
+ btoa(reader.result) flow with reading as an ArrayBuffer (or DataURL) and
convert the resulting ArrayBuffer/Blob into a base64 payload, then set
document.getElementById('fb64-'+fieldName).value to that base64 string and
update the status element as before; keep the existing hidden/id pattern
('fb64-'+fieldName and 'fb64-status-'+fieldName) and error handling.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@mcp-server/app/templates/_fields.html`:
- Around line 41-59: handleFileBase64 currently uses FileReader.readAsText and
btoa(reader.result), which will fail for multi-byte UTF‑8; change the reader to
read the file as binary (e.g., use readAsArrayBuffer or readAsDataURL) and
produce a proper base64 string instead of btoa(reader.result). Specifically, in
handleFileBase64 replace the readAsText + btoa(reader.result) flow with reading
as an ArrayBuffer (or DataURL) and convert the resulting ArrayBuffer/Blob into a
base64 payload, then set document.getElementById('fb64-'+fieldName).value to
that base64 string and update the status element as before; keep the existing
hidden/id pattern ('fb64-'+fieldName and 'fb64-status-'+fieldName) and error
handling.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: e14a1295-ad29-4470-9ba2-56ddd7399c4d

📥 Commits

Reviewing files that changed from the base of the PR and between 0843fa2 and e1e5983.

📒 Files selected for processing (7)

• docs/getting_started_with_claude_code.md
• mcp-server/app/templates/_fields.html
• mcp-server/app/web.py
• mcp-server/app/wren.py
• skills/versions.json
• skills/wren-connection-info/SKILL.md
• skills/wren-mcp-setup/SKILL.md

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@mcp-server/app/templates/_fields.html`:
- Around line 9-10: The hidden input currently injects full saved credentials
via value="{{ connection_info.get(field.name, '') }}" (id="fb64-{{ field.name
}}"), which exposes secrets; remove the prefilled credential value and instead
leave the hidden input empty or store only a non-sensitive flag/ID (e.g.,
boolean like connection_info.get(field.name) and/or a credential_id) so actual
credentials are never rendered into the DOM—update the template to clear the
value attribute and adjust any server-side/JS logic that relied on the raw value
to read the non-sensitive flag or fetch secrets securely from the server when
needed.
- Around line 47-50: The current reader.onload uses btoa(reader.result) and
reader.readAsText(file), which fails on non-Latin-1 UTF‑8 content; change to
read the file as an ArrayBuffer (replace reader.readAsText with
reader.readAsArrayBuffer) and set hidden.value to a UTF‑8‑safe base64 conversion
of the ArrayBuffer (use new Uint8Array(reader.result).toBase64() when available,
otherwise convert the Uint8Array to a binary string in safe chunks and call btoa
on that binary string) inside the reader.onload that currently references
hidden.value, status and file so uploads of JSON/non‑ASCII files succeed.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 321fc0d6-8cf4-46ae-b886-3cb1acf6a8c4

📥 Commits

Reviewing files that changed from the base of the PR and between e1e5983 and c402f5c.

📒 Files selected for processing (9)

• docs/getting_started_with_claude_code.md
• mcp-server/app/templates/_fields.html
• mcp-server/app/web.py
• mcp-server/app/wren.py
• skills/index.json
• skills/versions.json
• skills/wren-connection-info/SKILL.md
• skills/wren-connection-info/references/databases.md
• skills/wren-mcp-setup/SKILL.md

✅ Files skipped from review due to trivial changes (2)

• skills/versions.json
• skills/index.json

🚧 Files skipped from review as they are similar to previous changes (5)

• docs/getting_started_with_claude_code.md
• mcp-server/app/web.py
• mcp-server/app/wren.py
• skills/wren-mcp-setup/SKILL.md
• skills/wren-connection-info/SKILL.md

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@mcp-server/app/templates/_fields.html`:
- Around line 55-58: The onerror handler leaves the previous base64 in
hidden.value causing stale credentials to be submitted; update the
reader.onerror function (the handler that currently sets status and
status.style.color) to also clear the hidden input (set hidden.value to an empty
string) and, if the file input element is available in scope, reset it (e.g.,
set fileInput.value = '') so a failed read does not retain the previous file
data.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 2f64b7bf-c65b-4427-b1ec-bfd5bc9ab13a

📥 Commits

Reviewing files that changed from the base of the PR and between c402f5c and 314c4e7.

📒 Files selected for processing (2)

• mcp-server/app/templates/_fields.html
• mcp-server/app/web.py

🚧 Files skipped from review as they are similar to previous changes (1)

• mcp-server/app/web.py