From ffb893ef6a2d4d73b5eb53a0018146b93e64f680 Mon Sep 17 00:00:00 2001
From: Aditya Thebe <contact@adityathebe.com>
Date: Mon, 3 Nov 2025 18:08:18 +0545
Subject: [PATCH 1/5] Add Claude Code CLI setup to MCP docs

---
 mission-control-chart                         |  2 +-
 .../docs/guide/mcp/client-setup.mdx           | 45 ++++++++-----------
 modules/canary-checker                        |  2 +-
 modules/config-db                             |  2 +-
 modules/duty                                  |  2 +-
 modules/mission-control                       |  2 +-
 modules/mission-control-chart                 |  2 +-
 modules/mission-control-registry              |  2 +-
 8 files changed, 25 insertions(+), 34 deletions(-)

diff --git a/mission-control-chart b/mission-control-chart
index 3710fad5..482220c7 160000
--- a/mission-control-chart
+++ b/mission-control-chart
@@ -1 +1 @@
-Subproject commit 3710fad5bb8408aaf37129f0272d7aa4da1f3c77
+Subproject commit 482220c75fb5e3ddbd52c9820c10159577b8030f
diff --git a/mission-control/docs/guide/mcp/client-setup.mdx b/mission-control/docs/guide/mcp/client-setup.mdx
index bff6e556..cab53880 100644
--- a/mission-control/docs/guide/mcp/client-setup.mdx
+++ b/mission-control/docs/guide/mcp/client-setup.mdx
@@ -84,37 +84,28 @@ Claude Desktop supports MCP connections through its configuration file.
 </TabItem>
 <TabItem value="claude-code" label="Claude Code">
 
-Claude Code (claude.ai) supports MCP through browser-based configuration.
+Claude Code CLI supports MCP through the `.mcp.json` configuration file.
 
 ### Setup Steps
 
-1. Visit [claude.ai](https://claude.ai)
-2. Click on your profile icon → Settings
-3. Navigate to Developer → MCP Settings
-4. Click "Add Server" and configure:
-
-```json
-{
-  "name": "mission-control",
-  "type": "http",
-  "url": "https://mc.<org-id>.workload-prod-eu-02.flanksource.com/mcp",
-  "headers": {
-    "Authorization": "Basic YOUR_TOKEN_HERE"
+1. Create or edit the `.mcp.json` file in your project root or home directory
+2. Add the Mission Control MCP server configuration:
+  ```json title=".mcp.json"
+  {
+    "mcpServers": {
+      "mission-control": {
+        "name": "mission-control",
+        "type": "http",
+        "url": "https://mc.<org-id>.workload-prod-eu-02.flanksource.com/mcp",
+        "headers": {
+          "Authorization": "Bearer YOUR_TOKEN_HERE"
+        }
+      }
+    }
   }
-}
-```
-
-5. Click "Save" and refresh the page
-6. Mission Control tools will be available in new conversations
-
-### Alternative Setup (via URL)
-
-You can also connect by visiting:
-```
-https://claude.ai/settings/mcp?server=mission-control&url=https://mc.<org-id>.workload-prod-eu-02.flanksource.com/mcp
-```
-
-Then add your authorization token in the settings.
+  ```
+3. Save the file and restart Claude Code
+4. Mission Control tools will be available in your sessions
 
 </TabItem>
 <TabItem value="vscode-copilot" label="VS Code Copilot">
diff --git a/modules/canary-checker b/modules/canary-checker
index bff5cca8..5f22a56e 160000
--- a/modules/canary-checker
+++ b/modules/canary-checker
@@ -1 +1 @@
-Subproject commit bff5cca8f2fec464eed099c01f0b15f3602c802f
+Subproject commit 5f22a56e4910bb77bba6444c40b2592e92794083
diff --git a/modules/config-db b/modules/config-db
index 81e26eb1..ffab2b4b 160000
--- a/modules/config-db
+++ b/modules/config-db
@@ -1 +1 @@
-Subproject commit 81e26eb1be71ea84a5b22261980eae58e82d9080
+Subproject commit ffab2b4b2e20dce6bed933df740c78be0180273f
diff --git a/modules/duty b/modules/duty
index 4a1e4765..a436e0d1 160000
--- a/modules/duty
+++ b/modules/duty
@@ -1 +1 @@
-Subproject commit 4a1e4765072ce2ea1bea21298d85571fd3d91224
+Subproject commit a436e0d1495e8b5c0ed1dbcc9ca4a559eb260128
diff --git a/modules/mission-control b/modules/mission-control
index 60cfeb20..a8b84299 160000
--- a/modules/mission-control
+++ b/modules/mission-control
@@ -1 +1 @@
-Subproject commit 60cfeb200bec5b6d3be4e6598654f79c326d966e
+Subproject commit a8b842997f070c8a1c4df581fe06d12dc118fe36
diff --git a/modules/mission-control-chart b/modules/mission-control-chart
index 6ed80b8a..f8777465 160000
--- a/modules/mission-control-chart
+++ b/modules/mission-control-chart
@@ -1 +1 @@
-Subproject commit 6ed80b8a9bf48cec7bb7bf720186cfa94cffaa89
+Subproject commit f87774658cb9795e1c357581742d72b1a077b69d
diff --git a/modules/mission-control-registry b/modules/mission-control-registry
index 9586d3b9..cc4abe6e 160000
--- a/modules/mission-control-registry
+++ b/modules/mission-control-registry
@@ -1 +1 @@
-Subproject commit 9586d3b94e8e6ea38e8dc11fa245cf339d113fb4
+Subproject commit cc4abe6e39bf326b9453b9c9b380f9f04358d812

From 2e1ad63a9704255883fc552336e013f02999a176 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Fri, 14 Nov 2025 06:19:34 +0000
Subject: [PATCH 2/5] Initial plan


From 079322fc05176b19fe4182979592bfd7466a6ecb Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Fri, 14 Nov 2025 06:27:10 +0000
Subject: [PATCH 3/5] Fix MCP documentation build errors

Co-authored-by: moshloop <1489660+moshloop@users.noreply.github.com>
---
 .../docs/guide/mcp/client-setup.mdx           | 53 +++----------------
 mission-control/docs/guide/mcp/index.mdx      |  2 +-
 .../docs/guide/mcp/resources/connection.mdx   |  2 +-
 .../docs/guide/mcp/tools/catalog_tools.mdx    | 30 +++++------
 .../docs/guide/mcp/tools/connection_tools.mdx |  4 +-
 .../docs/guide/mcp/tools/playbook_tools.mdx   | 24 ++++-----
 6 files changed, 39 insertions(+), 76 deletions(-)

diff --git a/mission-control/docs/guide/mcp/client-setup.mdx b/mission-control/docs/guide/mcp/client-setup.mdx
index cab53880..e615423d 100644
--- a/mission-control/docs/guide/mcp/client-setup.mdx
+++ b/mission-control/docs/guide/mcp/client-setup.mdx
@@ -13,7 +13,7 @@ This guide provides step-by-step instructions for connecting popular MCP clients
 
 ## Prerequisites
 
-Before connecting any client, you'll need:
+Before connecting any client, you need:
 
 1. **MCP Server URL**
    - SaaS users: `https://mc.<org-id>.workload-prod-eu-02.flanksource.com/mcp`
@@ -79,7 +79,7 @@ Claude Desktop supports MCP connections through its configuration file.
 ```
 
 4. Restart Claude Desktop
-5. The Mission Control tools will appear in the tools menu
+5. The Mission Control tools appear in the tools menu
 
 </TabItem>
 <TabItem value="claude-code" label="Claude Code">
@@ -105,7 +105,7 @@ Claude Code CLI supports MCP through the `.mcp.json` configuration file.
   }
   ```
 3. Save the file and restart Claude Code
-4. Mission Control tools will be available in your sessions
+4. Mission Control tools are available in your sessions
 
 </TabItem>
 <TabItem value="vscode-copilot" label="VS Code Copilot">
@@ -182,7 +182,7 @@ Cline supports MCP through its settings configuration.
 ```
 
 5. Reload VS Code window
-6. Mission Control tools will be available in Cline chat
+6. Mission Control tools are available in Cline chat
 
 </TabItem>
 <TabItem value="continue" label="Continue.dev">
@@ -217,7 +217,7 @@ Continue.dev supports MCP servers through its configuration file.
 ```
 
 3. Restart Continue
-4. Mission Control tools will be available in chat
+4. Mission Control tools are available in chat
 
 </TabItem>
 <TabItem value="zed" label="Zed Editor">
@@ -253,7 +253,7 @@ Zed supports MCP through its assistant configuration.
 ```
 
 4. Restart Zed
-5. Mission Control tools will be available in the assistant
+5. Mission Control tools are available in the assistant
 
 </TabItem>
 <TabItem value="direct" label="Direct HTTP">
@@ -327,7 +327,7 @@ ws.on('open', () => {
 3. **Tools Not Appearing**
    - Restart the client application
    - Check client logs for errors
-   - Verify MCP server is properly configured
+   - Verify MCP server is configured correctly
 
 ### Testing Connection
 
@@ -343,43 +343,6 @@ npx @modelcontextprotocol/cli connect \
 ## Next Steps
 
 Once connected, explore the available tools:
-- [Catalog Tools](./tools/catalog_tools.mdx) - Query and manage configuration items
-- [Connection Tools](./tools/connection_tools.mdx) - Manage connections and integrations
-- [Playbook Tools](./tools/playbook_tools.mdx) - Execute and manage playbooks
-
-## Troubleshooting
-
-### Common Issues
-
-1. **Connection Refused**
-   - Verify the server URL is correct
-   - Check if you're behind a firewall or proxy
-   - Ensure the token has proper permissions
-
-2. **Authentication Failed**
-   - Verify token is valid and not expired
-   - Ensure token has `mcp.*` permissions
-   - Check if Basic prefix is included
-
-3. **Tools Not Appearing**
-   - Restart the client application
-   - Check client logs for errors
-   - Verify MCP server is properly configured
-
-### Testing Connection
-
-You can test your MCP connection using the MCP CLI:
-
-```bash
-npx @modelcontextprotocol/cli connect \
-  --transport http \
-  --url https://mc.<org-id>.workload-prod-eu-02.flanksource.com/mcp \
-  --header "Authorization: Basic YOUR_TOKEN_HERE"
-```
-
-## Next Steps
-
-Once connected, explore the available tools:
-- [Catalog Tools](./tools/catalog_tools.mdx) - Query and manage configuration items
+- [Catalog Tools](./tools/catalog_tools.mdx) - Query and manage config items
 - [Connection Tools](./tools/connection_tools.mdx) - Manage connections and integrations
 - [Playbook Tools](./tools/playbook_tools.mdx) - Execute and manage playbooks
diff --git a/mission-control/docs/guide/mcp/index.mdx b/mission-control/docs/guide/mcp/index.mdx
index 741a97e6..21756302 100644
--- a/mission-control/docs/guide/mcp/index.mdx
+++ b/mission-control/docs/guide/mcp/index.mdx
@@ -24,6 +24,6 @@ For detailed setup instructions for popular MCP clients, see [Client Setup](./cl
 
 ## Permissions
 
-To access the mcp server, `Authorization` header can be used with a token. The token must have `mcp.*` permission.
+To access the MCP server, `Authorization` header can be used with a token. The token must have `mcp.*` permission.
 
 <DocCardList />
diff --git a/mission-control/docs/guide/mcp/resources/connection.mdx b/mission-control/docs/guide/mcp/resources/connection.mdx
index d932923f..623f8fb5 100644
--- a/mission-control/docs/guide/mcp/resources/connection.mdx
+++ b/mission-control/docs/guide/mcp/resources/connection.mdx
@@ -66,7 +66,7 @@ This resource allows you to access detailed information about a specific connect
 
 ## Use Cases
 
-- **Connection Testing**: Verify if a connection is properly configured and healthy
+- **Connection Testing**: Verify if a connection is correctly configured and healthy
 - **Troubleshooting**: Investigate connection issues and configuration problems
 - **Integration Management**: Review connection settings and credentials
 - **Configuration Auditing**: Ensure connections follow security and compliance policies
diff --git a/mission-control/docs/guide/mcp/tools/catalog_tools.mdx b/mission-control/docs/guide/mcp/tools/catalog_tools.mdx
index 32a4402a..34902fd5 100644
--- a/mission-control/docs/guide/mcp/tools/catalog_tools.mdx
+++ b/mission-control/docs/guide/mcp/tools/catalog_tools.mdx
@@ -4,9 +4,9 @@ title: Catalog Tools
 
 # Catalog Tools
 
-Tools for searching and exploring configuration items in the catalog.
+Tools for searching and exploring config items in the catalog.
 
-## list_catalog_types
+## `list_catalog_types`
 
 List all available configuration types in the system
 
@@ -14,11 +14,11 @@ List all available configuration types in the system
 
 **Prompt:** "What configuration types are available?"
 
-**AI Response:** "I'll list all the available configuration types for you."
+**AI Response:** "Here are all the available configuration types."
 
 **Result:** Returns a list of all configuration types like `AWS::EC2::Instance`, `Kubernetes::Pod`, `Azure::VM::Instance`, etc.
 
-## catalog_search
+## `catalog_search`
 
 Search across the entire configuration catalog
 
@@ -35,7 +35,7 @@ Search across the entire configuration catalog
 
 **Prompt:** "Find all unhealthy AWS EC2 instances"
 
-**AI Response:** "I'll search for unhealthy AWS EC2 instances in your configuration catalog."
+**AI Response:** "Searching for unhealthy AWS EC2 instances in your configuration catalog."
 
 **Query Used:** `type=AWS::EC2::Instance health=unhealthy`
 
@@ -43,15 +43,15 @@ Search across the entire configuration catalog
 
 ---
 
-**Prompt:** "Show me all Kubernetes pods in the production namespace created in the last 24 hours"
+**Prompt:** "Show all Kubernetes pods in the production namespace created in the last 24 hours"
 
-**AI Response:** "I'll find all Kubernetes pods in the production namespace that were created in the last 24 hours."
+**AI Response:** "Finding all Kubernetes pods in the production namespace that were created in the last 24 hours."
 
 **Query Used:** `type=Kubernetes::Pod namespace=production created_at>now-24h`
 
 **Result:** Returns recent pods with full resource data
 
-## catalog_changes_search
+## `catalog_changes_search`
 
 Search for configuration changes across the catalog
 
@@ -62,13 +62,13 @@ Search for configuration changes across the catalog
 
 **Features:**
 - Search by change-specific fields like severity, change type, and summary
-- Same query syntax as catalog_search with additional change-related fields
+- Same query syntax as `catalog_search` with additional change-related fields
 
 ### Example Usage
 
-**Prompt:** "Show me critical changes from the last week"
+**Prompt:** "Show critical changes from the last week"
 
-**AI Response:** "I'll search for critical severity changes that occurred in the last week."
+**AI Response:** "Searching for critical severity changes that occurred in the last week."
 
 **Query Used:** `severity=critical first_observed>now-7d`
 
@@ -78,13 +78,13 @@ Search for configuration changes across the catalog
 
 **Prompt:** "Find the last 10 changes to AWS resources"
 
-**AI Response:** "I'll find the most recent 10 changes made to AWS resources."
+**AI Response:** "Finding the most recent 10 changes made to AWS resources."
 
 **Query Used:** `type=AWS::*` with `limit=10`
 
 **Result:** Returns the 10 most recent changes to any AWS resources including the change type, summary, and affected resources.
 
-## related_configs
+## `related_configs`
 
 Find configurations related to a specific config item
 
@@ -96,6 +96,6 @@ Find configurations related to a specific config item
 
 **Prompt:** "What resources are related to this EC2 instance?" (with config ID: `550e8400-e29b-41d4-a716-446655440000`)
 
-**AI Response:** "I'll find all configurations related to this EC2 instance."
+**AI Response:** "Finding all configurations related to this EC2 instance."
 
-**Result:** Returns related resources like security groups, VPC, subnets, load balancers, and other dependent or associated AWS resources with their relationships explained.
+**Result:** Returns related resources like security groups, VPC, `subnets`, load balancers, and other dependent or associated AWS resources with their relationships explained.
diff --git a/mission-control/docs/guide/mcp/tools/connection_tools.mdx b/mission-control/docs/guide/mcp/tools/connection_tools.mdx
index d81303b7..9fa10242 100644
--- a/mission-control/docs/guide/mcp/tools/connection_tools.mdx
+++ b/mission-control/docs/guide/mcp/tools/connection_tools.mdx
@@ -6,7 +6,7 @@ title: Connection Tools
 
 Tools for managing connections in Mission Control.
 
-## list_connections
+## `list_connections`
 
 List all available connections in the system
 
@@ -14,7 +14,7 @@ List all available connections in the system
 
 **Prompt:** "What connections are configured in the system?"
 
-**AI Response:** "I'll list all the available connections configured in your Mission Control system."
+**AI Response:** "Here are all the available connections configured in your Mission Control system."
 
 **Result:** Returns a list of all connections with details like:
 - Connection names and namespaces
diff --git a/mission-control/docs/guide/mcp/tools/playbook_tools.mdx b/mission-control/docs/guide/mcp/tools/playbook_tools.mdx
index 2dd5a77e..e2ac8b24 100644
--- a/mission-control/docs/guide/mcp/tools/playbook_tools.mdx
+++ b/mission-control/docs/guide/mcp/tools/playbook_tools.mdx
@@ -6,7 +6,7 @@ title: Playbook Tools
 
 Tools for working with playbooks in Mission Control.
 
-## playbook_list_all
+## `playbook_list_all`
 
 List all available playbooks
 
@@ -14,7 +14,7 @@ List all available playbooks
 
 **Prompt:** "What playbooks are available in the system?"
 
-**AI Response:** "I'll list all the available playbooks in your Mission Control system."
+**AI Response:** "Here are all the available playbooks in your Mission Control system."
 
 **Result:** Returns a list of all playbooks with their metadata, parameters, and descriptions.
 
@@ -58,7 +58,7 @@ List all available playbooks
 ]
 ```
 
-## playbook_recent_runs
+## `playbook_recent_runs`
 
 Get recent playbook execution runs
 
@@ -68,9 +68,9 @@ Get recent playbook execution runs
 
 ### Example Usage
 
-**Prompt:** "Show me the last 5 playbook runs"
+**Prompt:** "Show the last 5 playbook runs"
 
-**AI Response:** "I'll get the 5 most recent playbook execution runs for you."
+**AI Response:** "Getting the 5 most recent playbook execution runs."
 
 **Result:** Returns recent playbook runs with execution details, status, and results.
 
@@ -95,7 +95,7 @@ Get recent playbook execution runs
 ]
 ```
 
-## playbook_failed_runs
+## `playbook_failed_runs`
 
 Get recent failed playbook execution runs
 
@@ -105,9 +105,9 @@ Get recent failed playbook execution runs
 
 ### Example Usage
 
-**Prompt:** "Show me recent playbook failures so I can investigate what went wrong"
+**Prompt:** "Show recent playbook failures for investigation"
 
-**AI Response:** "I'll get the recent failed playbook runs to help you identify issues."
+**AI Response:** "Getting the recent failed playbook runs to help identify issues."
 
 **Result:** Returns failed playbook runs with error details and failure reasons.
 
@@ -129,7 +129,7 @@ Get recent failed playbook execution runs
 ]
 ```
 
-## playbook_exec_run
+## `playbook_exec_run`
 
 Execute a playbook with specified parameters
 
@@ -138,13 +138,13 @@ Execute a playbook with specified parameters
   {field: "params", scheme: "object", description: "Parameters required for playbook execution", required: true}
 ]} />
 
-**Note:** This is a destructive operation that will modify system state. Parameters are playbook-specific and can be found using the playbook_list_all tool.
+**Note:** This is a destructive operation that modifies system state. Parameters are playbook-specific and can be found using the `playbook_list_all` tool.
 
 ### Example Usage
 
 **Prompt:** "Restart the nginx pod in the production namespace"
 
-**AI Response:** "I'll execute the restart pod playbook for the nginx pod in the production namespace. This will cause a brief service interruption."
+**AI Response:** "Executing the restart pod playbook for the nginx pod in the production namespace. This causes a brief service interruption."
 
 **Parameters Used:**
 ```json
@@ -163,7 +163,7 @@ Execute a playbook with specified parameters
 
 **Prompt:** "Scale the web-app deployment to 3 replicas in the staging environment"
 
-**AI Response:** "I'll scale the web-app deployment to 3 replicas in the staging namespace."
+**AI Response:** "Scaling the web-app deployment to 3 replicas in the staging namespace."
 
 **Parameters Used:**
 ```json

From 8757817c2030d25a95202d440494ce0b3180152b Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Fri, 14 Nov 2025 08:09:58 +0000
Subject: [PATCH 4/5] Fix Vercel deployment by adding missing doc files
 generation script

Co-authored-by: moshloop <1489660+moshloop@users.noreply.github.com>
---
 generate-docs-files.sh                        | 188 ++++++++++++++++++
 .../permissions/agent-based-permission.yaml   |  15 ++
 .../permissions/allow-person-playbook.yaml    |  15 ++
 .../permissions/tag-based-permission.yaml     |  15 ++
 netlify.toml                                  |   2 +-
 5 files changed, 234 insertions(+), 1 deletion(-)
 create mode 100755 generate-docs-files.sh
 create mode 100644 mission-control/fixtures/permissions/agent-based-permission.yaml
 create mode 100644 mission-control/fixtures/permissions/allow-person-playbook.yaml
 create mode 100644 mission-control/fixtures/permissions/tag-based-permission.yaml

diff --git a/generate-docs-files.sh b/generate-docs-files.sh
new file mode 100755
index 00000000..5563b5e2
--- /dev/null
+++ b/generate-docs-files.sh
@@ -0,0 +1,188 @@
+#!/bin/bash
+# Script to generate missing fixture and playbook files for the documentation build
+
+set -e
+
+echo "Generating missing fixture files..."
+
+# Create missing permission fixtures
+mkdir -p modules/mission-control/fixtures/permissions
+
+cat > modules/mission-control/fixtures/permissions/allow-person-playbook.yaml <<'EOF'
+---
+# yaml-language-server: $schema=../../config/schemas/permission.schema.json
+apiVersion: mission-control.flanksource.com/v1
+kind: Permission
+metadata:
+  name: allow-user-foo-playbook-run
+spec:
+  description: allow user foo to run playbooks
+  subject:
+    person: foo@bar.com
+  actions:
+    - playbook:*
+  object:
+    playbooks:
+      - name: "*" # this is a wildcard selector that matches any playbook
+EOF
+
+cat > modules/mission-control/fixtures/permissions/agent-based-permission.yaml <<'EOF'
+---
+apiVersion: mission-control.flanksource.com/v1
+kind: Permission
+metadata:
+  name: allow-dev-team-agent-access
+spec:
+  description: Allow development team to access resources from development environment agents
+  subject:
+    person: dev-team@example.com
+  actions:
+    - read
+    - playbook:*
+  object:
+    agents:
+      - name: dev-*  # Wildcard selector for development agents
+EOF
+
+cat > modules/mission-control/fixtures/permissions/tag-based-permission.yaml <<'EOF'
+---
+apiVersion: mission-control.flanksource.com/v1
+kind: Permission
+metadata:
+  name: allow-production-team-tag-access
+spec:
+  description: Allow production team to access resources tagged with production environment
+  subject:
+    person: prod-team@example.com
+  actions:
+    - read
+    - playbook:*
+  object:
+    tags:
+      environment: production
+EOF
+
+echo "Creating generated playbooks directory..."
+mkdir -p modules/generated/playbooks
+
+cat > modules/generated/playbooks/recommend-playbook.yaml <<'EOF'
+apiVersion: mission-control.flanksource.com/v1
+kind: Playbook
+metadata:
+  name: recommend-playbook
+spec:
+  title: Recommend Playbooks
+  description: Diagnoses the health of a resource using AI, and then recommends playbooks to fix the issue, sending the results to Slack
+  icon: bot
+  category: AI
+  configs:
+    - types:
+        - Kubernetes::Pod
+        - Kubernetes::Deployment
+  parameters:
+    - name: prompt
+      label: Prompt
+      default: Find out why $(.config.name) is unhealthy
+      properties:
+        multiline: 'true'
+  actions:
+    - name: analyse
+      ai:
+        formats:
+          - recommendPlaybook
+        recommendPlaybooks:
+          selector:
+            - name: "*"
+        connection: 'connection://mission-control/anthropic'
+        systemPrompt: 'You are a helpful assistant that analyzes Kubernetes resources and recommends playbooks to fix issues.'
+        playbooks:
+          - name: kubernetes-logs
+        prompt: '$(.params.prompt)'
+        changes:
+          since: 24h
+        analysis:
+          since: 24h
+        relationships:
+          - depth: 3
+            direction: outgoing
+            changes:
+              since: 24h
+            analysis:
+              since: 24h
+          - depth: 5
+            direction: incoming
+            changes:
+              since: 24h
+            analysis:
+              since: 24h
+    - name: send recommended playbooks
+      notification:
+        connection: 'connection://mission-control/slack'
+        title: Recommended playbooks
+        message: '$(getLastAction.result.recommendedPlaybooks)'
+EOF
+
+cat > modules/generated/playbooks/kustomize-edit.yaml <<'EOF'
+apiVersion: mission-control.flanksource.com/v1
+kind: Playbook
+metadata:
+  name: kustomize-edit
+spec:
+  title: 'Edit'
+  category: Flux
+  description: Updates the source of a GitOps managed object by submitting a Git PR
+  icon: flux
+  parameters:
+    - default: 'chore: update $(.config.type)/$(.config.name)'
+      label: Commit Message
+      name: commit_message
+
+    # Retrieves the JSON configuration for the selected config item, passing it through the `neat` function
+    # to strip out runtime information like managedFields and status, and then converts back to YAML
+    # for easy editing
+    - default: $(.config.config | toJSON | neat | json | toYAML)
+      label: "YAML"
+      name: yamlInput
+      properties:
+        size: large
+      type: code
+
+    # Lookup the Git repository from Flux source of the Kustomzation that created the select config item
+    - default: '$(.git.git.url)'
+      label: Git Repo
+      name: url
+
+    # Lookup the path of the config item in the Git repository using origin annotations
+    - default: '$(.git.git.file)'
+      label: File
+      name: file
+
+  configs:
+    # This playbook can only be run against Kubernetes objects created from a FluxCD Kustomization CRD
+    - labelSelector: 'kustomize.toolkit.fluxcd.io/name'
+
+  actions:
+    - name: Create Pull Request With Changes
+      gitops:
+        repo:
+          connection: 'connection://mission-control/github'
+          url: '$(.params.url)'
+          branch: edit-manifest-$(random.Alpha 8)
+        commit:
+          # Use the user submitting the playbook as the author of the git commits
+          author: '$(.user.name)'
+          email: '$(.user.email)'
+          message: $(.params.commit_message)
+        pr:
+          title: '$(.params.commit_message)'
+        patches:
+          - path: '$(.params.file)'
+            # patch the file using YQ, finding the document in a multi-doc yaml file using Kind and Name
+            yq: |
+              select(
+                .kind=="$(.config.config | jq `.kind`)" and
+                .metadata.name=="$(.config.config | jq `.metadata.name`)"
+              ) |= $(.params.yamlInput | yaml | toJSON)
+EOF
+
+echo "Generated files created successfully!"
diff --git a/mission-control/fixtures/permissions/agent-based-permission.yaml b/mission-control/fixtures/permissions/agent-based-permission.yaml
new file mode 100644
index 00000000..26c4f651
--- /dev/null
+++ b/mission-control/fixtures/permissions/agent-based-permission.yaml
@@ -0,0 +1,15 @@
+---
+apiVersion: mission-control.flanksource.com/v1
+kind: Permission
+metadata:
+  name: allow-dev-team-agent-access
+spec:
+  description: Allow development team to access resources from development environment agents
+  subject:
+    person: dev-team@example.com
+  actions:
+    - read
+    - playbook:*
+  object:
+    agents:
+      - name: dev-*  # Wildcard selector for development agents
diff --git a/mission-control/fixtures/permissions/allow-person-playbook.yaml b/mission-control/fixtures/permissions/allow-person-playbook.yaml
new file mode 100644
index 00000000..b7e34423
--- /dev/null
+++ b/mission-control/fixtures/permissions/allow-person-playbook.yaml
@@ -0,0 +1,15 @@
+---
+# yaml-language-server: $schema=../../config/schemas/permission.schema.json
+apiVersion: mission-control.flanksource.com/v1
+kind: Permission
+metadata:
+  name: allow-user-foo-playbook-run
+spec:
+  description: allow user foo to run playbooks
+  subject:
+    person: foo@bar.com
+  actions:
+    - playbook:*
+  object:
+    playbooks:
+      - name: "*" # this is a wildcard selector that matches any playbook
diff --git a/mission-control/fixtures/permissions/tag-based-permission.yaml b/mission-control/fixtures/permissions/tag-based-permission.yaml
new file mode 100644
index 00000000..8c8846b4
--- /dev/null
+++ b/mission-control/fixtures/permissions/tag-based-permission.yaml
@@ -0,0 +1,15 @@
+---
+apiVersion: mission-control.flanksource.com/v1
+kind: Permission
+metadata:
+  name: allow-production-team-tag-access
+spec:
+  description: Allow production team to access resources tagged with production environment
+  subject:
+    person: prod-team@example.com
+  actions:
+    - read
+    - playbook:*
+  object:
+    tags:
+      environment: production
diff --git a/netlify.toml b/netlify.toml
index 7cb5a2da..ea81fa76 100644
--- a/netlify.toml
+++ b/netlify.toml
@@ -1,4 +1,4 @@
 [build]
-command = "make sync && cd mission-control && npm run build"
+command = "make sync && ./generate-docs-files.sh && cd mission-control && npm run build"
 publish = "mission-control/build"
 environment = { NODE_VERSION = "v18.18.2" }

From 4d67fab4f04a30069dad25c7fe5f4479e752ed49 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Fri, 14 Nov 2025 09:03:56 +0000
Subject: [PATCH 5/5] Use existing fixture files instead of generating new ones

Co-authored-by: moshloop <1489660+moshloop@users.noreply.github.com>
---
 generate-docs-files.sh                        | 188 ------------------
 .../permissions/concepts/multi-tenancy.md     |   4 +-
 .../docs/guide/permissions/index.mdx          |   4 +-
 .../docs/guide/playbooks/actions/ai.mdx       |   2 +-
 .../docs/guide/playbooks/actions/gitops.mdx   |   2 +-
 .../docs/guide/playbooks/index.mdx            |   2 +-
 .../permissions/agent-based-permission.yaml   |  15 --
 .../permissions/allow-person-playbook.yaml    |  15 --
 .../permissions/tag-based-permission.yaml     |  15 --
 netlify.toml                                  |   2 +-
 10 files changed, 8 insertions(+), 241 deletions(-)
 delete mode 100755 generate-docs-files.sh
 delete mode 100644 mission-control/fixtures/permissions/agent-based-permission.yaml
 delete mode 100644 mission-control/fixtures/permissions/allow-person-playbook.yaml
 delete mode 100644 mission-control/fixtures/permissions/tag-based-permission.yaml

diff --git a/generate-docs-files.sh b/generate-docs-files.sh
deleted file mode 100755
index 5563b5e2..00000000
--- a/generate-docs-files.sh
+++ /dev/null
@@ -1,188 +0,0 @@
-#!/bin/bash
-# Script to generate missing fixture and playbook files for the documentation build
-
-set -e
-
-echo "Generating missing fixture files..."
-
-# Create missing permission fixtures
-mkdir -p modules/mission-control/fixtures/permissions
-
-cat > modules/mission-control/fixtures/permissions/allow-person-playbook.yaml <<'EOF'
----
-# yaml-language-server: $schema=../../config/schemas/permission.schema.json
-apiVersion: mission-control.flanksource.com/v1
-kind: Permission
-metadata:
-  name: allow-user-foo-playbook-run
-spec:
-  description: allow user foo to run playbooks
-  subject:
-    person: foo@bar.com
-  actions:
-    - playbook:*
-  object:
-    playbooks:
-      - name: "*" # this is a wildcard selector that matches any playbook
-EOF
-
-cat > modules/mission-control/fixtures/permissions/agent-based-permission.yaml <<'EOF'
----
-apiVersion: mission-control.flanksource.com/v1
-kind: Permission
-metadata:
-  name: allow-dev-team-agent-access
-spec:
-  description: Allow development team to access resources from development environment agents
-  subject:
-    person: dev-team@example.com
-  actions:
-    - read
-    - playbook:*
-  object:
-    agents:
-      - name: dev-*  # Wildcard selector for development agents
-EOF
-
-cat > modules/mission-control/fixtures/permissions/tag-based-permission.yaml <<'EOF'
----
-apiVersion: mission-control.flanksource.com/v1
-kind: Permission
-metadata:
-  name: allow-production-team-tag-access
-spec:
-  description: Allow production team to access resources tagged with production environment
-  subject:
-    person: prod-team@example.com
-  actions:
-    - read
-    - playbook:*
-  object:
-    tags:
-      environment: production
-EOF
-
-echo "Creating generated playbooks directory..."
-mkdir -p modules/generated/playbooks
-
-cat > modules/generated/playbooks/recommend-playbook.yaml <<'EOF'
-apiVersion: mission-control.flanksource.com/v1
-kind: Playbook
-metadata:
-  name: recommend-playbook
-spec:
-  title: Recommend Playbooks
-  description: Diagnoses the health of a resource using AI, and then recommends playbooks to fix the issue, sending the results to Slack
-  icon: bot
-  category: AI
-  configs:
-    - types:
-        - Kubernetes::Pod
-        - Kubernetes::Deployment
-  parameters:
-    - name: prompt
-      label: Prompt
-      default: Find out why $(.config.name) is unhealthy
-      properties:
-        multiline: 'true'
-  actions:
-    - name: analyse
-      ai:
-        formats:
-          - recommendPlaybook
-        recommendPlaybooks:
-          selector:
-            - name: "*"
-        connection: 'connection://mission-control/anthropic'
-        systemPrompt: 'You are a helpful assistant that analyzes Kubernetes resources and recommends playbooks to fix issues.'
-        playbooks:
-          - name: kubernetes-logs
-        prompt: '$(.params.prompt)'
-        changes:
-          since: 24h
-        analysis:
-          since: 24h
-        relationships:
-          - depth: 3
-            direction: outgoing
-            changes:
-              since: 24h
-            analysis:
-              since: 24h
-          - depth: 5
-            direction: incoming
-            changes:
-              since: 24h
-            analysis:
-              since: 24h
-    - name: send recommended playbooks
-      notification:
-        connection: 'connection://mission-control/slack'
-        title: Recommended playbooks
-        message: '$(getLastAction.result.recommendedPlaybooks)'
-EOF
-
-cat > modules/generated/playbooks/kustomize-edit.yaml <<'EOF'
-apiVersion: mission-control.flanksource.com/v1
-kind: Playbook
-metadata:
-  name: kustomize-edit
-spec:
-  title: 'Edit'
-  category: Flux
-  description: Updates the source of a GitOps managed object by submitting a Git PR
-  icon: flux
-  parameters:
-    - default: 'chore: update $(.config.type)/$(.config.name)'
-      label: Commit Message
-      name: commit_message
-
-    # Retrieves the JSON configuration for the selected config item, passing it through the `neat` function
-    # to strip out runtime information like managedFields and status, and then converts back to YAML
-    # for easy editing
-    - default: $(.config.config | toJSON | neat | json | toYAML)
-      label: "YAML"
-      name: yamlInput
-      properties:
-        size: large
-      type: code
-
-    # Lookup the Git repository from Flux source of the Kustomzation that created the select config item
-    - default: '$(.git.git.url)'
-      label: Git Repo
-      name: url
-
-    # Lookup the path of the config item in the Git repository using origin annotations
-    - default: '$(.git.git.file)'
-      label: File
-      name: file
-
-  configs:
-    # This playbook can only be run against Kubernetes objects created from a FluxCD Kustomization CRD
-    - labelSelector: 'kustomize.toolkit.fluxcd.io/name'
-
-  actions:
-    - name: Create Pull Request With Changes
-      gitops:
-        repo:
-          connection: 'connection://mission-control/github'
-          url: '$(.params.url)'
-          branch: edit-manifest-$(random.Alpha 8)
-        commit:
-          # Use the user submitting the playbook as the author of the git commits
-          author: '$(.user.name)'
-          email: '$(.user.email)'
-          message: $(.params.commit_message)
-        pr:
-          title: '$(.params.commit_message)'
-        patches:
-          - path: '$(.params.file)'
-            # patch the file using YQ, finding the document in a multi-doc yaml file using Kind and Name
-            yq: |
-              select(
-                .kind=="$(.config.config | jq `.kind`)" and
-                .metadata.name=="$(.config.config | jq `.metadata.name`)"
-              ) |= $(.params.yamlInput | yaml | toJSON)
-EOF
-
-echo "Generated files created successfully!"
diff --git a/mission-control/docs/guide/permissions/concepts/multi-tenancy.md b/mission-control/docs/guide/permissions/concepts/multi-tenancy.md
index 722c6486..38f3a2d4 100644
--- a/mission-control/docs/guide/permissions/concepts/multi-tenancy.md
+++ b/mission-control/docs/guide/permissions/concepts/multi-tenancy.md
@@ -16,7 +16,7 @@ For example, you might have:
 - Regional teams that should only see resources from agents in their geographic location
 - Client-specific teams that should only interact with agents deployed in their infrastructure
 
-```yaml title="agent-based-permission.yaml" file=<rootDir>/modules/mission-control/fixtures/permissions/agent-based-permission.yaml
+```yaml title="agent-based-permission.yaml" file=<rootDir>/modules/mission-control/fixtures/permissions/scope.yaml
 
 ```
 
@@ -32,7 +32,7 @@ Tags can represent various attributes such as:
 - Client identifier (client-a, client-b)
 - Clusters
 
-```yaml title="tag-based-permission.yaml" file=<rootDir>/modules/mission-control/fixtures/permissions/tag-based-permission.yaml
+```yaml title="tag-based-permission.yaml" file=<rootDir>/modules/mission-control/fixtures/permissions/scope.yaml
 
 ```
 
diff --git a/mission-control/docs/guide/permissions/index.mdx b/mission-control/docs/guide/permissions/index.mdx
index 7c69ba01..58f3f080 100644
--- a/mission-control/docs/guide/permissions/index.mdx
+++ b/mission-control/docs/guide/permissions/index.mdx
@@ -19,7 +19,7 @@ detailed ABAC rules let you define exactly which playbooks specific users or tea
 
 You can manage Permissions through the UI and using CRDs.
 
-```yaml title="permission.yaml" file=<rootDir>/modules/mission-control/fixtures/permissions/allow-person-playbook.yaml
+```yaml title="permission.yaml" file=<rootDir>/modules/mission-control/fixtures/permissions/deny-person-playbook.yaml
 ```
 
 A Permission has 4 parts:
@@ -194,7 +194,7 @@ A permission can target multiple objects, while a subject can only target one.
 If you define multiple objects, Mission Control grants the permission only if the request matches all defined objects.
 In other words, Mission Control applies an AND condition to the objects.
 
-```yaml file=<rootDir>/modules/mission-control/fixtures/permissions/allow-person-playbook.yaml {14-20}
+```yaml file=<rootDir>/modules/mission-control/fixtures/permissions/deny-person-playbook.yaml {14-16}
 ```
 
 This permission object allows running all playbooks but **only on configs in the "mission-control" namespace**.
diff --git a/mission-control/docs/guide/playbooks/actions/ai.mdx b/mission-control/docs/guide/playbooks/actions/ai.mdx
index 1ffaf034..f15b6d0e 100644
--- a/mission-control/docs/guide/playbooks/actions/ai.mdx
+++ b/mission-control/docs/guide/playbooks/actions/ai.mdx
@@ -20,7 +20,7 @@ AI Action allows you to integrate AI capabilities into your playbooks by leverag
 This comprehensive context enables AI models to provide more informed analysis and insights about your infrastructure state and relationships.
 For example, when a Kubernetes pod fails, it examines the pod spec, ConfigMap changes, service logs together, revealing patterns that single-component analysis might overlook.
 
-```yaml title="context-provider-playbook.yaml" file=<rootDir>/modules/generated/playbooks/recommend-playbook.yaml
+```yaml title="context-provider-playbook.yaml" file=<rootDir>/modules/mission-control-registry/charts/playbooks-ai/templates/recommend-playbooks.yaml
 ```
 
 <Action rows={[
diff --git a/mission-control/docs/guide/playbooks/actions/gitops.mdx b/mission-control/docs/guide/playbooks/actions/gitops.mdx
index a15b5382..f6bf6c8a 100644
--- a/mission-control/docs/guide/playbooks/actions/gitops.mdx
+++ b/mission-control/docs/guide/playbooks/actions/gitops.mdx
@@ -19,7 +19,7 @@ Common use cases:
 * Implement guardrail-driven access for developers to make infrastructure changes
 * Use native support for Flux and Kustomization to automatically identify git repositories and files using `originAnnotations`
 
-```yaml title="edit-kubernetes-manifests-gitops.yaml" file=<rootDir>/modules/generated/playbooks/kustomize-edit.yaml
+```yaml title="edit-kubernetes-manifests-gitops.yaml" file=<rootDir>/modules/mission-control-registry/charts/playbooks-flux/templates/edit.yaml
 ```
 
 <Action rows={[
diff --git a/mission-control/docs/guide/playbooks/index.mdx b/mission-control/docs/guide/playbooks/index.mdx
index 94b5d112..ddb9b1a8 100644
--- a/mission-control/docs/guide/playbooks/index.mdx
+++ b/mission-control/docs/guide/playbooks/index.mdx
@@ -105,7 +105,7 @@ spec:
 
 Playbook permissions control who can perform various actions on playbooks.
 
-```yaml title="playbook-permissions.yaml" file=<rootDir>/modules/mission-control/fixtures/permissions/allow-person-playbook.yaml
+```yaml title="playbook-permissions.yaml" file=<rootDir>/modules/mission-control/fixtures/permissions/deny-person-playbook.yaml
 ```
 
 ### Required Permissions
diff --git a/mission-control/fixtures/permissions/agent-based-permission.yaml b/mission-control/fixtures/permissions/agent-based-permission.yaml
deleted file mode 100644
index 26c4f651..00000000
--- a/mission-control/fixtures/permissions/agent-based-permission.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-apiVersion: mission-control.flanksource.com/v1
-kind: Permission
-metadata:
-  name: allow-dev-team-agent-access
-spec:
-  description: Allow development team to access resources from development environment agents
-  subject:
-    person: dev-team@example.com
-  actions:
-    - read
-    - playbook:*
-  object:
-    agents:
-      - name: dev-*  # Wildcard selector for development agents
diff --git a/mission-control/fixtures/permissions/allow-person-playbook.yaml b/mission-control/fixtures/permissions/allow-person-playbook.yaml
deleted file mode 100644
index b7e34423..00000000
--- a/mission-control/fixtures/permissions/allow-person-playbook.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-# yaml-language-server: $schema=../../config/schemas/permission.schema.json
-apiVersion: mission-control.flanksource.com/v1
-kind: Permission
-metadata:
-  name: allow-user-foo-playbook-run
-spec:
-  description: allow user foo to run playbooks
-  subject:
-    person: foo@bar.com
-  actions:
-    - playbook:*
-  object:
-    playbooks:
-      - name: "*" # this is a wildcard selector that matches any playbook
diff --git a/mission-control/fixtures/permissions/tag-based-permission.yaml b/mission-control/fixtures/permissions/tag-based-permission.yaml
deleted file mode 100644
index 8c8846b4..00000000
--- a/mission-control/fixtures/permissions/tag-based-permission.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-apiVersion: mission-control.flanksource.com/v1
-kind: Permission
-metadata:
-  name: allow-production-team-tag-access
-spec:
-  description: Allow production team to access resources tagged with production environment
-  subject:
-    person: prod-team@example.com
-  actions:
-    - read
-    - playbook:*
-  object:
-    tags:
-      environment: production
diff --git a/netlify.toml b/netlify.toml
index ea81fa76..7cb5a2da 100644
--- a/netlify.toml
+++ b/netlify.toml
@@ -1,4 +1,4 @@
 [build]
-command = "make sync && ./generate-docs-files.sh && cd mission-control && npm run build"
+command = "make sync && cd mission-control && npm run build"
 publish = "mission-control/build"
 environment = { NODE_VERSION = "v18.18.2" }