feat: add flow reads

[AlexanderNZ]

I wired up flow reads, including text/code/Mermaid exports, so MCP can pull flow data cleanly.

What I changed

• added list/get flow reads
• added flow thumbnail reads
• added text/code/Mermaid export reads

Why I did it

• flows are core to how we describe architecture behavior
• the export formats are handy for docs and automation

Notes

• depends on the refactor in PR refactor: remove teams support and harden tests #23

Test plan

• not run

---

Note

Medium Risk
Adds new API client surface area and multiple MCP tools that call external IcePanel endpoints (including export endpoints), plus retry/timeout/env validation logic that could affect runtime behavior if misconfigured.

Overview
Adds a new icepanel-client service that centralizes IcePanel API calls with configurable base URL, timeouts, and retry/backoff, plus structured IcePanelApiError handling and filter-to-query serialization.

Introduces new MCP tools for flow reads: icepanel_list_flows (with optional fuzzy search), icepanel_get_flow, icepanel_list_flow_thumbnails, icepanel_get_flow_thumbnail, and flow export readers for text/code/Mermaid, and wires them into registerAllTools.

Extends src/types.ts with flow/diagram/tag/domain request/response shapes (and broadens ModelObject unions) to support the new endpoints.

^{Written by Cursor Bugbot for commit 1d3e6cf. This will update automatically on new commits. Configure here.}

Recommended merge order

• PR refactor: reduce filter param duplication #19 (filter refactor)
• PR feat: add HTTP transport (Streamable HTTP) #20 (HTTP transport)
• PR feat: add Docker support #21 (Docker support)
• PR feat: add IcePanel write tools #22 (write tools)
• PR refactor: remove teams support and harden tests #23 (refactor + tests)
• PR feat: add tag and tag group reads #24 (tags + tag groups)
• PR feat: add domain reads #25 (domains)
• PR feat: add connection reads #26 (connections)
• PR feat: add diagram reads #27 (diagrams)
• PR feat: add flow reads #28 (flows)
• PR feat: add model object export reads #29 (model object exports)
• PR docs: expand read tools and tests #30 (docs + tests)

[cursor]

Cursor Bugbot has reviewed your changes and found 2 potential issues.

^{Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.}

[cursor]

Incorrect Accept header for text export requests

Low Severity

The apiRequestText function sets Accept: "application/json" but is specifically used for text export endpoints (/export/text, /export/code, /export/mermaid). Requesting JSON content type when expecting plain text responses is semantically incorrect and could cause issues if the API strictly validates Accept headers.

 

[cursor]

Duplicated API request functions with identical retry logic

Medium Severity

The apiRequest and apiRequestText functions contain nearly identical implementations spanning ~70 lines each. Both share the same URL construction, header setup, retry loop, AbortController management, and error handling. The only difference is that one returns response.json() and the other returns response.text(). This duplication means any bug fix or enhancement to retry/timeout logic must be manually replicated in both places, increasing maintenance burden and risk of inconsistencies.

Additional Locations (1)

• src/services/icepanel-client.ts#L172-L245