controllers

package
v0.3.11 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 17, 2025 License: Apache-2.0 Imports: 48 Imported by: 0

Documentation

Overview

Package controllers contains the reconciliation logic for the MCPServer custom resource. It handles the creation, update, and deletion of MCP servers in Kubernetes.

Index

Constants

View Source 
const (
	RestartedAtAnnotationKey          = "mcpserver.toolhive.stacklok.dev/restarted-at"
	RestartStrategyAnnotationKey      = "mcpserver.toolhive.stacklok.dev/restart-strategy"
	LastProcessedRestartAnnotationKey = "mcpserver.toolhive.stacklok.dev/last-processed-restart"
)

Restart annotation keys for triggering pod restart

View Source 
const (
	RestartStrategyRolling   = "rolling"
	RestartStrategyImmediate = "immediate"
)

Restart strategy constants

View Source 
const (
	// DefaultControllerRetryAfterConstant is the constant default retry interval for controller operations that fail
	DefaultControllerRetryAfterConstant = time.Minute * 5
)

Default timing constants for the controller

View Source 
const (
	// ExternalAuthConfigFinalizerName is the name of the finalizer for MCPExternalAuthConfig
	ExternalAuthConfigFinalizerName = "mcpexternalauthconfig.toolhive.stacklok.dev/finalizer"
)
View Source 
const (
	// ToolConfigFinalizerName is the name of the finalizer for MCPToolConfig
	ToolConfigFinalizerName = "toolhive.stacklok.dev/toolconfig-finalizer"
)

Variables

View Source 
var (
	// DefaultControllerRetryAfter is the configurable default retry interval for controller operations that fail
	// This can be modified in tests to speed up retry behavior
	DefaultControllerRetryAfter = DefaultControllerRetryAfterConstant
)

Configurable timing variables for testing

Functions

func AddAuthzConfigOptions added in v0.3.10 

func AddAuthzConfigOptions(
	ctx context.Context,
	c client.Client,
	namespace string,
	authzRef *mcpv1alpha1.AuthzConfigRef,
	options *[]runner.RunConfigBuilderOption,
) error

AddAuthzConfigOptions adds authorization configuration options to builder options This is a shared helper that works for both MCPServer and MCPRemoteProxy

func CalculateConfigHash added in v0.3.9 

func CalculateConfigHash[T any](spec T) string

CalculateConfigHash calculates a hash of any configuration spec using Kubernetes utilities. This function uses k8s.io/apimachinery/pkg/util/dump.ForHash which is designed for generating consistent string representations for hashing in Kubernetes. It then applies FNV-1a hash which is commonly used in Kubernetes for fast hashing. See: https://github.com/kubernetes/kubernetes/blob/master/pkg/controller/controller_utils.go

func EnsureAuthzConfigMap added in v0.3.10 

func EnsureAuthzConfigMap(
	ctx context.Context,
	c client.Client,
	scheme *runtime.Scheme,
	owner client.Object,
	namespace string,
	resourceName string,
	authzConfig *mcpv1alpha1.AuthzConfigRef,
	labels map[string]string,
) error

EnsureAuthzConfigMap ensures the authorization ConfigMap exists for inline configuration

func EnsureRBACResource added in v0.3.10 

func EnsureRBACResource(
	ctx context.Context,
	c client.Client,
	scheme *runtime.Scheme,
	owner client.Object,
	resourceType string,
	createResource func() client.Object,
) error

EnsureRBACResource is a generic helper function to ensure a Kubernetes RBAC resource exists

func FindReferencingMCPServers added in v0.3.9 

func FindReferencingMCPServers(
	ctx context.Context,
	c client.Client,
	namespace string,
	configName string,
	refExtractor func(*mcpv1alpha1.MCPServer) *string,
) ([]mcpv1alpha1.MCPServer, error)

FindReferencingMCPServers finds MCPServers in the given namespace that reference a config resource. The refExtractor function should return the config name from an MCPServer if it references the config, or nil if it doesn't reference any config of this type.

Example usage for ToolConfig: 

servers, err := FindReferencingMCPServers(ctx, client, namespace, configName,
    func(server *mcpv1alpha1.MCPServer) *string {
        if server.Spec.ToolConfigRef != nil {
            return &server.Spec.ToolConfigRef.Name
        }
        return nil
    })

func GenerateAuthzVolumeConfig added in v0.3.10 

func GenerateAuthzVolumeConfig(
	authzConfig *mcpv1alpha1.AuthzConfigRef,
	resourceName string,
) (*corev1.VolumeMount, *corev1.Volume)

GenerateAuthzVolumeConfig generates volume mount and volume for authorization policies

func GenerateOpenTelemetryEnvVars added in v0.3.10 

func GenerateOpenTelemetryEnvVars(
	telemetryConfig *mcpv1alpha1.TelemetryConfig,
	resourceName string,
	namespace string,
) []corev1.EnvVar

GenerateOpenTelemetryEnvVars generates OpenTelemetry environment variables

func GenerateTokenExchangeEnvVars added in v0.3.10 

func GenerateTokenExchangeEnvVars(
	ctx context.Context,
	c client.Client,
	namespace string,
	externalAuthConfigRef *mcpv1alpha1.ExternalAuthConfigRef,
	getExternalAuthConfig func(context.Context, client.Client, string, string) (*mcpv1alpha1.MCPExternalAuthConfig, error),
) ([]corev1.EnvVar, error)

GenerateTokenExchangeEnvVars generates environment variables for token exchange

func GetExternalAuthConfigByName added in v0.3.10 

func GetExternalAuthConfigByName(
	ctx context.Context,
	c client.Client,
	namespace string,
	name string,
) (*mcpv1alpha1.MCPExternalAuthConfig, error)

GetExternalAuthConfigByName is a generic helper for fetching MCPExternalAuthConfig by name

func GetExternalAuthConfigForMCPServer added in v0.3.9 

func GetExternalAuthConfigForMCPServer(
	ctx context.Context,
	c client.Client,
	mcpServer *mcpv1alpha1.MCPServer,
) (*mcpv1alpha1.MCPExternalAuthConfig, error)

GetExternalAuthConfigForMCPServer retrieves the MCPExternalAuthConfig referenced by an MCPServer. This function is exported for use by the MCPServer controller (Phase 5 integration).

func GetToolConfigForMCPServer added in v0.3.0 

func GetToolConfigForMCPServer(
	ctx context.Context,
	c client.Client,
	mcpServer *mcpv1alpha1.MCPServer,
) (*mcpv1alpha1.MCPToolConfig, error)

GetToolConfigForMCPServer retrieves the MCPToolConfig referenced by an MCPServer

Types

type MCPExternalAuthConfigReconciler added in v0.3.9 

type MCPExternalAuthConfigReconciler struct {
	client.Client
	Scheme *runtime.Scheme
}

MCPExternalAuthConfigReconciler reconciles a MCPExternalAuthConfig object

func (*MCPExternalAuthConfigReconciler) Reconcile added in v0.3.9 

func (r *MCPExternalAuthConfigReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)

Reconcile is part of the main kubernetes reconciliation loop which aims to move the current state of the cluster closer to the desired state.

func (*MCPExternalAuthConfigReconciler) SetupWithManager added in v0.3.9 

func (r *MCPExternalAuthConfigReconciler) SetupWithManager(mgr ctrl.Manager) error

SetupWithManager sets up the controller with the Manager.

type MCPRegistryReconciler added in v0.2.17 

type MCPRegistryReconciler struct {
	client.Client
	Scheme *runtime.Scheme
	// contains filtered or unexported fields
}

MCPRegistryReconciler reconciles a MCPRegistry object

func NewMCPRegistryReconciler added in v0.3.0 

func NewMCPRegistryReconciler(k8sClient client.Client, scheme *runtime.Scheme) *MCPRegistryReconciler

NewMCPRegistryReconciler creates a new MCPRegistryReconciler with required dependencies

func (*MCPRegistryReconciler) Reconcile added in v0.2.17 

func (r *MCPRegistryReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)

Reconcile is part of the main kubernetes reconciliation loop which aims to move the current state of the cluster closer to the desired state.

func (*MCPRegistryReconciler) SetupWithManager added in v0.2.17 

func (r *MCPRegistryReconciler) SetupWithManager(mgr ctrl.Manager) error

SetupWithManager sets up the controller with the Manager.

type MCPServerPodTemplateSpecBuilder added in v0.2.8 

type MCPServerPodTemplateSpecBuilder struct {
	// contains filtered or unexported fields
}

MCPServerPodTemplateSpecBuilder provides an interface for building PodTemplateSpec patches for MCP Servers

func NewMCPServerPodTemplateSpecBuilder added in v0.2.8 

func NewMCPServerPodTemplateSpecBuilder(userTemplate *corev1.PodTemplateSpec) *MCPServerPodTemplateSpecBuilder

NewMCPServerPodTemplateSpecBuilder creates a new builder, optionally starting with a user-provided template

func (*MCPServerPodTemplateSpecBuilder) Build added in v0.2.8 

func (b *MCPServerPodTemplateSpecBuilder) Build() *corev1.PodTemplateSpec

Build returns the final PodTemplateSpec, or nil if no customizations were made

func (*MCPServerPodTemplateSpecBuilder) WithSecrets added in v0.2.8 

func (b *MCPServerPodTemplateSpecBuilder) WithSecrets(secrets []mcpv1alpha1.SecretRef) *MCPServerPodTemplateSpecBuilder

WithSecrets adds secret environment variables to the MCP container

func (*MCPServerPodTemplateSpecBuilder) WithServiceAccount added in v0.2.8 

func (b *MCPServerPodTemplateSpecBuilder) WithServiceAccount(serviceAccount *string) *MCPServerPodTemplateSpecBuilder

WithServiceAccount sets the service account name

type MCPServerReconciler 

type MCPServerReconciler struct {
	client.Client
	Scheme           *runtime.Scheme
	PlatformDetector *SharedPlatformDetector
	ImageValidation  validation.ImageValidation
}

MCPServerReconciler reconciles a MCPServer object

func (*MCPServerReconciler) Reconcile 

func (r *MCPServerReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)

Reconcile is part of the main kubernetes reconciliation loop which aims to move the current state of the cluster closer to the desired state.

func (*MCPServerReconciler) SetupWithManager 

func (r *MCPServerReconciler) SetupWithManager(mgr ctrl.Manager) error

SetupWithManager sets up the controller with the Manager.

type PlatformDetectorInterface added in v0.3.10 

type PlatformDetectorInterface interface {
	DetectPlatform(ctx context.Context) (kubernetes.Platform, error)
}

PlatformDetectorInterface provides platform detection capabilities

type SharedPlatformDetector added in v0.3.10 

type SharedPlatformDetector struct {
	// contains filtered or unexported fields
}

SharedPlatformDetector provides shared platform detection across controllers

func NewSharedPlatformDetector added in v0.3.10 

func NewSharedPlatformDetector() *SharedPlatformDetector

NewSharedPlatformDetector creates a new shared platform detector

func NewSharedPlatformDetectorWithDetector added in v0.3.10 

func NewSharedPlatformDetectorWithDetector(detector kubernetes.PlatformDetector) *SharedPlatformDetector

NewSharedPlatformDetectorWithDetector creates a new shared platform detector with a custom detector (for testing)

func (*SharedPlatformDetector) DetectPlatform added in v0.3.10 

func (s *SharedPlatformDetector) DetectPlatform(ctx context.Context) (kubernetes.Platform, error)

DetectPlatform detects the platform once and caches the result

type ToolConfigReconciler added in v0.3.0 

type ToolConfigReconciler struct {
	client.Client
	Scheme *runtime.Scheme
}

ToolConfigReconciler reconciles a MCPToolConfig object

func (*ToolConfigReconciler) Reconcile added in v0.3.0 

func (r *ToolConfigReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)

Reconcile is part of the main kubernetes reconciliation loop which aims to move the current state of the cluster closer to the desired state.

func (*ToolConfigReconciler) SetupWithManager added in v0.3.0 

func (r *ToolConfigReconciler) SetupWithManager(mgr ctrl.Manager) error

SetupWithManager sets up the controller with the Manager.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.