stacklok / toolhive / 18687983454 / 1
59%
main: 59%

DEFAULT BRANCH: main
Ran
Files 283
Run time 17s
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 47.422% (+0.8%) from 46.664%
18687983454.1

push

github

web-flow 
Add MCPRemoteProxy CRD controller for remote MCP server proxying (#2226)

* Add MCPRemoteProxy CRD and controller for remote MCP server proxying

Implements the MCPRemoteProxy custom resource to enable Kubernetes-based
proxying of remote MCP servers with authentication, authorization, audit
logging, and tool filtering. This brings feature parity with the existing
CLI 'thv run <remote-url>' capability to the Kubernetes operator.

Organizations can now deploy centralized remote MCP proxies in Kubernetes
to gain visibility, policy enforcement, and audit trails for employee
interactions with external SaaS MCP services (e.g., Salesforce MCP, GitHub MCP).

Key features:
- Validates incoming OAuth tokens (JWT or introspection)
- Extracts user identity from validated tokens for policy enforcement
- Applies existing ToolHive middleware (authz, audit, tool filtering, telemetry)
- Optional token exchange when IDP federation exists
- Stateless, horizontally scalable architecture
- User-configurable transport (SSE or streamable-http)

Implementation includes:
- MCPRemoteProxy CRD with comprehensive validation
- Controller with refactored, maintainable code structure
- Common helpers shared with MCPServer controller
- Comprehensive unit tests (20+ test functions, 60+ test cases)
- Generated CRD manifests and API documentation

Related proposal: docs/proposals/THV-2151-remote-mcp-proxy.md

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: Juan Antonio Osorio <ozz@stacklok.com>

* Fix CI: Update chainsaw tests and bump operator chart version

Updates chainsaw E2E test assertions to include MCPRemoteProxy RBAC
permissions, and bumps operator chart version to 0.2.24 for the new
controller and RBAC changes.

Changes:
- Add mcpremoteproxies RBAC assertions to multi-tenancy test
- Add mcpremoteproxies RBAC assertions to single-tenancy test
- Bump operator chart version from 0.2.23 to 0.2.24

🤖 Gen... (continued)

18284 of 38556 relevant lines covered (47.42%)

15.82 hits per line

Source Files on job 18687983454.1