kubernetes-mcp-server

mirror of https://github.com/containers/kubernetes-mcp-server.git synced 2025-10-23 01:22:57 +03:00

Author	SHA1	Message	Date
Calum Murray	86628bb1bf	feat(config): introduce provider-specific config registry Signed-off-by: Calum Murray <cmurray@redhat.com>	2025-10-16 12:39:52 +02:00
Marc Nuri	25032699db	test(kubernetes): add unit tests for ProviderSingle functionality (#376 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-10-15 17:16:55 +02:00
Marc Nuri	dfddf23823	test(kubernetes): add unit tests for ProviderKubeconfig functionality (#375 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-10-15 12:12:09 +02:00
Marc Nuri	f3a446676f	refactor(kubernetes): keep Provider as only external Kubernetes interface (#372 ) * refactor(kubernetes): keep Provider as only external Kubernetes interface Initial phase to unify-merge the Provider interface with the Manager struct. - Renamed ManagerProvider to Provider (i.e. kubernets.Provider) - Moved Manager related logic to specific files - Exposed relevant method through Provider interface (GetDerivedKubernetes, IsOpenShift, VerifyToken) Signed-off-by: Marc Nuri <marc@marcnuri.com> * Update pkg/kubernetes/provider_kubeconfig.go Co-authored-by: Calum Murray <cmurray@redhat.com> Signed-off-by: Marc Nuri <marc@marcnuri.com> --------- Signed-off-by: Marc Nuri <marc@marcnuri.com> Co-authored-by: Calum Murray <cmurray@redhat.com>	2025-10-14 15:25:49 +02:00
Marc Nuri	1e154d7587	test(kubernetes): refactor tests for Derived manager functionality to use testify (#369 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-10-13 13:12:29 +02:00
Marc Nuri	086afefc75	test(kubernetes): provider registry tests (#371 ) Required tests prior to refactoring Provider and Manager Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-10-10 15:07:37 +02:00
Harshal Patil	65cc304c3c	feat(kubernetes): expose AccessControlClientset to enable its usage in toolsets (#364 ) Signed-off-by: Harshal Patil <12152047+harche@users.noreply.github.com>	2025-10-10 09:31:19 +02:00
Calum Murray	31e90fbece	refactor(kubernetes): move provider initialization into factory (#365 ) Signed-off-by: Calum Murray <cmurray@redhat.com>	2025-10-09 04:25:34 +02:00
Calum Murray	a056981f53	feat(config): add "disabled" mutli cluster strategy (#360 ) * feat: add 'disabled' ClusterProviderStrategy Signed-off-by: Calum Murray <cmurray@redhat.com> * feat: add --disable-multi-cluster flag Signed-off-by: Calum Murray <cmurray@redhat.com> * test: check that --disable-multi-cluster flag changes config Signed-off-by: Calum Murray <cmurray@redhat.com> * refactor: move flag names to constants Signed-off-by: Calum Murray <cmurray@redhat.com> * fix(test): correct subtest name Signed-off-by: Calum Murray <cmurray@redhat.com> * fix: explicit clusterproviderstrategy is now recommended, instead of advisable Signed-off-by: Calum Murray <cmurray@redhat.com> --------- Signed-off-by: Calum Murray <cmurray@redhat.com>	2025-10-08 10:19:34 +02:00
Calum Murray	a2d16e9f41	feat: Multi Cluster Support (#348 ) * feat: add cluster provider for kubeconfig Signed-off-by: Calum Murray <cmurray@redhat.com> * feat: move server to use ClusterProvider interface Signed-off-by: Calum Murray <cmurray@redhat.com> * feat: authentication middleware works with cluster provider Signed-off-by: Calum Murray <cmurray@redhat.com> * fix: unit tests work after cluster provider changes Signed-off-by: Calum Murray <cmurray@redhat.com> * feat: add tool mutator to add cluster parameter Signed-off-by: Calum Murray <cmurray@redhat.com> * test: handle cluster parameter Signed-off-by: Calum Murray <cmurray@redhat.com> * fix: handle lazy init correctly Signed-off-by: Calum Murray <cmurray@redhat.com> * refactor: move to using multi-strategy ManagerProvider Signed-off-by: Calum Murray <cmurray@redhat.com> * feat: add contexts_list tool Signed-off-by: Calum Murray <cmurray@redhat.com> * refactor: make tool mutator generic between cluster/context naming Signed-off-by: Calum Murray <cmurray@redhat.com> * feat: introduce tool filter Signed-off-by: Calum Murray <cmurray@redhat.com> * refactor: use new ManagerProvider/mutator/filter within mcp server Signed-off-by: Calum Murray <cmurray@redhat.com> * fix(test): tests expect context parameter in tool defs Signed-off-by: Calum Murray <cmurray@redhat.com> * feat: auth handles multi-cluster case correctly Signed-off-by: Calum Murray <cmurray@redhat.com> * fix: small changes from local testing Signed-off-by: Calum Murray <cmurray@redhat.com> * chore: fix enum test Signed-off-by: Calum Murray <cmurray@redhat.com> * review: Multi Cluster support (#1) * nit: rename contexts_list to configuration_contexts_list Besides the conventional naming, it helps LLMs understand the context of the tool by providing a certain level of hierarchy. Signed-off-by: Marc Nuri <marc@marcnuri.com> * fix(mcp): ToolMutator doesn't rely on magic strings Signed-off-by: Marc Nuri <marc@marcnuri.com> * refactor(api): don't expose ManagerProvider to toolsets Signed-off-by: Marc Nuri <marc@marcnuri.com> * test(mcp): configuration_contexts_list basic tests Signed-off-by: Marc Nuri <marc@marcnuri.com> * test(toolsets): revert edge-case test This test should not be touched. Signed-off-by: Marc Nuri <marc@marcnuri.com> * test(toolsets): add specific metadata tests for multi-cluster Signed-off-by: Marc Nuri <marc@marcnuri.com> * fix(mcp): ToolFilter doesn't rely on magic strings (partially) Signed-off-by: Marc Nuri <marc@marcnuri.com> * test(api): IsClusterAware and IsTargetListProvider default values Signed-off-by: Marc Nuri <marc@marcnuri.com> * test(mcp): revert unneeded changes in mcp_tools_test.go Signed-off-by: Marc Nuri <marc@marcnuri.com> --------- Signed-off-by: Marc Nuri <marc@marcnuri.com> * fix: always include configuration_contexts_list if contexts > 1 Signed-off-by: Calum Murray <cmurray@redhat.com> * feat: include server urls in configuration_contexts_list Signed-off-by: Calum Murray <cmurray@redhat.com> --------- Signed-off-by: Calum Murray <cmurray@redhat.com> Signed-off-by: Marc Nuri <marc@marcnuri.com> Co-authored-by: Marc Nuri <marc@marcnuri.com>	2025-10-06 12:01:16 +02:00
Matthias Wessendorf	c447bf819f	fix(auth): move 401 response handling to a common helper func (#353 ) Signed-off-by: Matthias Wessendorf <mwessend@redhat.com>	2025-10-02 10:42:19 +02:00
Marc Nuri	b55f28b36e	feat(mcp): events_list returns parseable YAML output (#346 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-09-26 11:01:21 +02:00
Marc Nuri	792d2f5b80	chore(lint): fix linting issues (#344 ) * chore(lint): fix linting issues Signed-off-by: Marc Nuri <marc@marcnuri.com> * feat(ci): add linting to build and build-all-platforms target Signed-off-by: Marc Nuri <marc@marcnuri.com> --------- Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-09-26 06:56:48 +02:00
Marc Nuri	c69e90c70d	fix(mcp): InputSchema schema with empty properties for no-arg tools (#341 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-09-25 11:54:07 +02:00
iamsudip	053fb2e31c	feat(pods): add optional tail parameter to pod logs retrieval (#335 ) * feat(pods): add tailLines parameter to pod logs retrieval with default 256 lines Signed-off-by: iamsudip <sudip.maji@harness.io> * address review comments Signed-off-by: iamsudip <sudip.maji@harness.io> * test(pods): add tailLines parameter to pod logs retrieval with default 256 lines Signed-off-by: Marc Nuri <marc@marcnuri.com> --------- Signed-off-by: iamsudip <sudip.maji@harness.io> Signed-off-by: Marc Nuri <marc@marcnuri.com> Co-authored-by: Marc Nuri <marc@marcnuri.com>	2025-09-25 09:17:53 +02:00
Marc Nuri	8af889bc8f	test(mcp): refactor helm toolset tests (#333 ) Refactor tests to new approach before adding more functionality. Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-09-18 16:08:53 +02:00
Marc Nuri	6e29a2ada5	feat(pods): update metrics to comply with new API Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-09-18 07:07:46 +02:00
Marc Nuri	94baad6570	fix(cmd): disable klog in STDIO mode (#331 ) Prevents protocol issues with some clients. Kubernetes tooling uses klog to log messages. Some of these messages end up logged in the stderr or stdout which breaks some of the clients that expect jsonrpc messages. Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-09-17 17:03:40 +02:00
Marc Nuri	e16114dfc5	test(mcp): refactor core toolset tests (namespaces) (#330 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-09-17 15:48:57 +02:00
Marc Nuri	2bf6c549fe	test(mcp): remove side-effects from toolsets tests (#329 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-09-17 12:06:33 +02:00
Marc Nuri	d6936f42d3	test(mcp): refactor events toolset tests (#328 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-09-17 11:48:35 +02:00
Marc Nuri	f496c643e7	test(mcp): refactor configuration toolset tests (#327 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-09-17 11:11:50 +02:00
Marc Nuri	d9d35b9834	test(toolsets): toolset specific metadata tests (#326 ) - Refactor tests to use testify (more clarity+composability for complex tests) - Tests for default toolsets - Tests for configured, granular toolsets Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-09-17 11:06:17 +02:00
Marc Nuri	48cf204a89	feat(toolsets): add support for multiple toolsets in configuration (#323 ) Users can now enable or disable different toolsets either by providing a command-line flag or by setting the toolsets array field in the TOML configuration. Downstream Kubernetes API developers can declare toolsets for their APIs by creating a new nested package in pkg/toolsets and registering it in pkg/mcp/modules.go Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-09-17 10:53:56 +02:00
Marc Nuri	209e8434d5	feat(mcp): toolset definitions completely agnostic from underlying MCP impl (#322 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-09-12 11:56:22 +02:00
Marc Nuri	2b6c886d95	refactor(mcp): toolset Tools definition is agnostic of MCP impl (#319 ) Initial PR to make the toolsets agnostic of the usd MCP implementation (migration to go-sdk). The decoupling will also be needed to move the different toolsets to separate nested packages (toolsets). Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-09-12 09:58:54 +02:00
Marc Nuri	ea641e6796	test(mcp): toolset metadata assertion (#318 ) This test ensures that any tool definition refactoring preserves the current behavior. Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-09-11 10:31:39 +02:00
Samuel Masuy	6c573f31c8	feat(kubernetes): add support for previousPod container logs (#256 ) Add 'previous' parameter to pods_log tool to retrieve logs from terminated containers, equivalent to kubectl logs --previous functionality. This enables debugging of containers that have restarted due to crashes or updates. Signed-off-by: Samuel Masuy <samuel.masuy@goto.com> Co-authored-by: opencode <noreply@opencode.ai>	2025-09-11 09:29:51 +02:00
Marc Nuri	10c82f7bff	refactor(toolsets): renamed Profile to Toolset (#309 ) As a prior step to providing support for toolsets this change repurposes the current work in profiles which partially aligns with the toolsets expected features Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-09-11 09:25:09 +02:00
Marc Nuri	1bd0b32976	test: misc fixes and typos (#284 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-08-26 15:38:05 +02:00
Marc Nuri	0ec2599bd8	fix:test: prevent usage of real cluster in tests (#282 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-08-26 14:52:27 +02:00
Marc Nuri	19a92418e4	feat(auth): support for VSCode auth flow (#258 ) Adds DisableDynamicClientRegistration and OAuthScopes to be able to override the values proxied from the configured authorization server. DisableDynamicClientRegistration removes the registration_endpoint field from the well-known authorization resource metadata. This forces VSCode to show a for to input the Client ID and Client Secret since these can't be discovered. The OAuthScopes allows to override the scopes_supported field. VSCode automatically makes an auth request for all of the supported scopes. In many cases, this is not supported by the auth server. By providing this configuration, the user (MCP Server administrator) is able to set which scopes are effectively supported and force VSCode to only request these. Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-08-11 14:39:27 +03:00
Marc Nuri	90d4bb03f3	feat(auth): token exchange auth workflow (#255 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-08-08 15:30:33 +03:00
Marc Nuri	58c47dc95c	refactor(auth): temporarily disable scope authorization (#254 ) It's unclear how the scopes are going to be populated in the JWT. Disable scope authorization for the time being. Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-08-08 12:46:45 +03:00
Marc Nuri	fde4b1dc0f	test(auth): complete test cases for token validation (#253 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-08-08 10:31:50 +03:00
Marc Nuri	dfcecd5089	feat(auth): configurable Kubernetes API token validation (#252 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-08-08 10:23:12 +03:00
Marc Nuri	7b11c1667a	feat(auth): configurable audience validation (#251 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-08-08 08:50:50 +03:00
Marc Nuri	b0da9fb459	feat(auth): implemented SecurityTokenService to handle token exchange (#250 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-08-08 06:03:23 +03:00
Marc Nuri	cfc42b3bd3	test(auth): complete test scenarios for raw token and oidc (#248 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-08-07 16:04:12 +03:00
Marc Nuri	43744f2978	test: extract mock-server for reutilization (#247 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-08-07 15:32:20 +03:00
Marc Nuri	9ec5c829db	feat(auth): .well-known endpoints delegated to auth server (#246 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-08-07 10:49:21 +03:00
Marc Nuri	aba5f548d8	feat(auth): implement proxied /.well-known/oauth-authorization-server (#244 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-08-06 15:51:45 +03:00
Marc Nuri	94b85990e3	fix(npm): child process exits gracefully on SIGxxx (#243 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-08-06 14:31:33 +03:00
Marc Nuri	4dcede178b	refactor(auth): consolidate JWT validation into single method (#238 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-08-06 13:17:44 +03:00
Marc Nuri	c1af9c0335	fix(npm): child process exits gracefully on SIGxxx (#241 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-08-05 16:39:48 +03:00
Marc Nuri	29b65fd565	fix: linting issues (#240 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-08-05 16:14:00 +03:00
Marc Nuri	9cc7192d4d	feat(mcp): log tool call (hide sensitive HTTP headers) (#225 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-07-31 15:36:34 +02:00
Arda Güçlü	be80db1a01	feat(auth): introduce scoped based authorization Signed-off-by: Arda Güçlü <aguclu@redhat.com>	2025-07-31 11:01:26 +02:00
Marc Nuri	49dcff3f21	feat(mcp): log tool call (HTTP headers) (#221 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-07-30 15:25:07 +02:00
Marc Nuri	1f670ebec6	test(auth): complete test suite for unauthorized scenarios (#220 ) Signed-off-by: Marc Nuri <marc@marcnuri.com>	2025-07-29 13:32:31 +02:00

1 2 3 4

177 Commits