farhoodlabs/devcontainer
8
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 39 Wiki Activity

feat: add Kubernetes and Flux MCP servers as pod sidecars #25

Merged
cpfarhood merged 1 commits from feat/mcp-sidecars into main 2026-02-21 00:33:20 +00:00
Conversation 0 Commits 1 Files Changed 3
+83 -5
cpfarhood commented 2026-02-21 00:30:36 +00:00 (Migrated from github.com)
Copy Link
Copy Source

Summary

  • Add Kubernetes MCP server (quay.io/containers/kubernetes_mcp_server) and Flux MCP server (ghcr.io/controlplaneio-fluxcd/flux-operator-mcp) as sidecar containers in the devcontainer pod
  • Sidecars inherit the pod's ServiceAccount RBAC permissions — no separate deployments or service-level RBAC needed
  • Update .mcp.json to connect via localhost (:8080 for k8s, :8081 for flux) instead of cluster-internal service DNS
  • Both sidecars are enabled by default and configurable via mcpSidecars values

Test plan

  • Deploy with clusterAccess: readonly (or higher) and verify both sidecars start
  • Confirm Kubernetes MCP responds on http://localhost:8080/sse
  • Confirm Flux MCP responds on http://localhost:8081/sse
  • Verify sidecars can query cluster resources using the pod's ServiceAccount
  • Test with sidecars disabled (mcpSidecars.kubernetes.enabled: false) to confirm they're excluded from the pod spec

🤖 Generated with Claude Code
via Happy

## Summary - Add Kubernetes MCP server (`quay.io/containers/kubernetes_mcp_server`) and Flux MCP server (`ghcr.io/controlplaneio-fluxcd/flux-operator-mcp`) as sidecar containers in the devcontainer pod - Sidecars inherit the pod's ServiceAccount RBAC permissions — no separate deployments or service-level RBAC needed - Update `.mcp.json` to connect via localhost (`:8080` for k8s, `:8081` for flux) instead of cluster-internal service DNS - Both sidecars are enabled by default and configurable via `mcpSidecars` values ## Test plan - [ ] Deploy with `clusterAccess: readonly` (or higher) and verify both sidecars start - [ ] Confirm Kubernetes MCP responds on `http://localhost:8080/sse` - [ ] Confirm Flux MCP responds on `http://localhost:8081/sse` - [ ] Verify sidecars can query cluster resources using the pod's ServiceAccount - [ ] Test with sidecars disabled (`mcpSidecars.kubernetes.enabled: false`) to confirm they're excluded from the pod spec 🤖 Generated with [Claude Code](https://claude.ai/code) via [Happy](https://happy.engineering)
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
antigravity
architecture
automation
bug
Something isn't working
 documentation
Improvements or additions to documentation
 duplicate
This issue or pull request already exists
 enhancement
New feature or request
 examples
good first issue
Good for newcomers
 helm
help wanted
Extra attention is needed
 invalid
This doesn't seem right
 maintainability
monitoring
question
Further information is requested
 refactor
tooling
user-experience
validation
wontfix
This will not be worked on
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
fl_blake (Blake MIddleware) cpfarhood (Chris Farhood) ci (Continuous Integration [bot]) flux (Flux CD) admin (Gitea Admin) fl_hugh (Hugh Commit) renovate (Mend Renovate) fl_warren (Warren Bufferpool)
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: farhoodlabs/devcontainer#25
Delete Branch "feat/mcp-sidecars"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?