toolhive
toolhive copied to clipboard
stacklok
ToolHive makes deploying MCP servers easy, secure and fun
## Summary Implement secure credential handling for build environment variables during protocol builds (`npx://`, `uvx://`, `go://`). This allows users to reference ToolHive secrets or shell environment variables instead of storing...
Adds LogLevel field to VirtualMCPServer CRD OperationalConfig to allow configuring the logging level for vMCP instances. Supports info, debug, warn, and error levels with info as the default. The deployment...
## Summary - Add `--from-secret` and `--from-env` flags to `set-build-env` command for secure credential handling - Add `build_env_from_secrets` and `build_env_from_shell` config sections - Update security considerations to document URL-embedded credentials...
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/stacklok/thv-registry-api](https://images.chainguard.dev/directory/image/static/overview) ([source](https://redirect.github.com/stacklok/toolhive-registry-server)) | patch | `v0.3.5` -> `v0.3.6` | --- > [!WARNING] > Some dependencies...
![renovate[bot] avatar](https://avatars.githubusercontent.com/in/2740?v=4 "renovate[bot] avatar"){kind=avatar}
This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more.[View this repository on the Mend.io Web Portal](https://developer.mend.io/github/stacklok/toolhive). ## Repository problems These problems occurred while...
## Problem Currently, the vMCP ecosystem has duplicated logic between the operator and vMCP server: - **Operator** discovers backends, resolves ExternalAuthConfigs, fetches secrets, and embeds everything into a ConfigMap -...
e.g. setting the `kubernetes` incoming authentication doesn't work even though it's advertised by the CRDs because we use hand-rolled conversions instead of implementing pre-existing Resolver interface that does all the...
Problem Currently, when authentication configuration conversion fails in the `VirtualMCPServer` controller, the reconciliation fails completely. This prevents the VirtualMCPServer from being created/updated, even though the system could potentially continue operating...
## Summary When a `VirtualMCPServer` uses `outgoingAuth.source: inline` with `type: external_auth_config_ref`, the vMCP pod crashes because the controller generates a ConfigMap with the unresolved type, and vMCP only accepts `unauthenticated`,...
## Bug description When running an MCP server with the `--foreground` flag, it's not properly cleaned up and the status is marked as `unhealthy`. ## Steps to reproduce `thv run...
