diff --git a/CLAUDE.md b/CLAUDE.md index f4c3e5f..efe9b7c 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -81,11 +81,11 @@ Container start MCP (Model Context Protocol) servers run as sidecar containers in the pod, enabling AI assistants to interact with various services: -| Sidecar | Image | Port | Endpoint | Default | -|---------|-------|------|----------|---------| -| `kubernetes-mcp` | `quay.io/containers/kubernetes_mcp_server` | 8080 | `http://localhost:8080/sse` | Enabled | -| `flux-mcp` | `ghcr.io/controlplaneio-fluxcd/flux-operator-mcp` | 8081 | `http://localhost:8081/sse` | Enabled | -| `homeassistant-mcp` | `ghcr.io/homeassistant-ai/ha-mcp` | 8087 | `http://localhost:8087/sse` | Disabled | +| Sidecar | Image | Version | Port | Endpoint | Default | +|---------|-------|---------|------|----------|---------| +| `kubernetes-mcp` | `quay.io/containers/kubernetes_mcp_server` | v0.0.57 | 8080 | `http://localhost:8080/sse` | Enabled | +| `flux-mcp` | `ghcr.io/controlplaneio-fluxcd/flux-operator-mcp` | v0.41.1 | 8081 | `http://localhost:8081/sse` | Enabled | +| `homeassistant-mcp` | `ghcr.io/homeassistant-ai/ha-mcp` | v6.7.1 | 8087 | `http://localhost:8087/sse` | Disabled | **Note:** - Kubernetes and Flux sidecars require `clusterAccess` != `none` to be deployed (they need RBAC permissions) diff --git a/README.md b/README.md index b07e693..4cec131 100644 --- a/README.md +++ b/README.md @@ -221,7 +221,7 @@ mcpSidecars: enabled: true image: repository: ghcr.io/homeassistant-ai/ha-mcp - tag: stable # or 'latest' for dev builds + tag: v6.7.1 # Override the pinned version if needed port: 8087 resources: requests: diff --git a/chart/values.yaml b/chart/values.yaml index 5d3c560..7dbb17f 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -73,7 +73,7 @@ mcpSidecars: enabled: true image: repository: quay.io/containers/kubernetes_mcp_server - tag: latest + tag: v0.0.57 # Pinned version (Jan 27, 2025) with token exchange and field selector support port: 8080 resources: requests: @@ -99,7 +99,7 @@ mcpSidecars: enabled: false # Disabled by default, requires HOMEASSISTANT_URL and HOMEASSISTANT_TOKEN image: repository: ghcr.io/homeassistant-ai/ha-mcp - tag: stable + tag: v6.7.1 # Pinned version (Feb 20, 2026) - latest stable release port: 8087 resources: requests: diff --git a/memory/MEMORY.md b/memory/MEMORY.md index 504492f..163c522 100644 --- a/memory/MEMORY.md +++ b/memory/MEMORY.md @@ -14,13 +14,14 @@ - Chart published as OCI artifact to GHCR, reconciled by Flux ## MCP Sidecars -- **Kubernetes MCP** (port 8080): Only deployed when enabled AND `clusterAccess` != `none` -- **Flux MCP** (port 8081): Only deployed when enabled AND `clusterAccess` != `none` -- **Home Assistant MCP** (port 8087): Disabled by default, requires secrets: +- **Kubernetes MCP** (v0.0.57, port 8080): Only deployed when enabled AND `clusterAccess` != `none` +- **Flux MCP** (v0.41.1, port 8081): Only deployed when enabled AND `clusterAccess` != `none` +- **Home Assistant MCP** (v6.7.1, port 8087): Disabled by default, requires secrets: - `homeassistant-url`: Base URL like `http://homeassistant.local:8123` - `homeassistant-token`: Long-lived access token - **Playwright MCP**: External service, not a sidecar - Configure via `mcpSidecars..enabled` in values +- **Version Strategy**: All MCP images use pinned versions for stability (no `latest` tags) ## Common Gotchas - `baseimage-gui` creates user dynamically — don't hardcode usernames in scripts, use numeric UID/GID