Open
Conversation
* Add x-mcp-session-id to default identity headers Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * Pass x-mcp-session-id to mcp_session_pool headers and prioritize if found * wip sa Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * add e2e test Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * flake8 fix Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * remove plan Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * pylint fix Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * Implement multi worker Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * Implement multi worker for mcp session pool Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * linting fixes Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * Minor bug fixes Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * Fix critical bugs Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * Fix sse session_id, add logging and fix test Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * fix url of rpc from nginx Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * add stateful sessions in http Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * WIP fixes to streamable http Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * Fix streamable http Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * Updated ADR Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * Update ADR Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * black fixes Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * Fix failing doctests Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * Fix more tests Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * flake8 fixes Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * pylint fixes Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * pylint fixes Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * Fix streamable http for single gunicorn Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * Revert base_url Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * Fix test Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * revert replica count Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * Fix bandit test Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * remove plan Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * Fix bug for local Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * Update ADR and remove print Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * Fix lint issues Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * Fix test Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * Remove accidental utf-8 headers from incorrect rebase Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * fix: replace debug print statements with logger calls in session affinity code Convert print() statements to appropriate logger.debug()/logger.info()/logger.warning() calls for proper log management in the multi-worker session affinity feature. Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: harden session affinity and redis event store Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * lint Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: avoid broad exception in streamable http header parsing Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * lint Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * docs: add missing docstrings for interrogate compliance Add docstrings to _pool_owner_key, _rehydrate_content_items, and send_with_capture to achieve 100% docstring coverage. Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: add missing newline at end of redis_event_store.py Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * docs: complete docstrings with Args and Returns sections Fix darglint DAR101/DAR201 errors by adding missing parameter and return documentation to docstrings. Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * lint Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> --------- Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> Co-authored-by: Mihai Criveti <crivetimihai@gmail.com>
…M#2638) * fix: prompts are an Optional[set[str]] - set of prompt names. Signed-off-by: habeck <habeck@us.ibm.com> * revert: llmguard plugins.conditions.prompts Signed-off-by: habeck <habeck@us.ibm.com> * feat: add external plugin metrics endpoint Signed-off-by: habeck <habeck@us.ibm.com> * perf: use rapidfuzz.distance instead of word-wise Levenshtein distance, add metrics for scan duration seconds Signed-off-by: habeck <habeck@us.ibm.com> * perf: add metric for policy compile duration seconds Signed-off-by: habeck <habeck@us.ibm.com> * perf: policy singleton Signed-off-by: habeck <habeck@us.ibm.com> * chore: missed commit to add rapidfuzz dependency Signed-off-by: habeck <habeck@us.ibm.com> * perf: add scan caching Signed-off-by: habeck <habeck@us.ibm.com> * enh: make _create_new_vault_on_expiry async Signed-off-by: habeck <habeck@us.ibm.com> * chore: lint fixes Signed-off-by: habeck <habeck@us.ibm.com> * chore: lint fix Signed-off-by: habeck <habeck@us.ibm.com> * chore: lint fixes Signed-off-by: habeck <habeck@us.ibm.com> * chore: add doc comments Signed-off-by: habeck <habeck@us.ibm.com> * fix: pin transformers to 4.55.1 to prevent TFPreTrainedModel error Signed-off-by: habeck <habeck@us.ibm.com> * chore: lint fix Signed-off-by: habeck <habeck@us.ibm.com> * fix: Since prompt_ids are only known after creation, apply to all so that the plugin works out of the box. Signed-off-by: habeck <habeck@us.ibm.com> * chore: test fix Signed-off-by: habeck <habeck@us.ibm.com> * chore: remove duplicate import Signed-off-by: habeck <habeck@us.ibm.com> * chore: lint fix Signed-off-by: habeck <habeck@us.ibm.com> * enh: Key Improvements: Code Quality: Reduced cyclomatic complexity by ~50% Performance: Vault retrieval moved outside message loop (eliminates redundant async cache lookups) Consistency: All processing methods follow same pattern as input methods Maintainability: Clear separation of concerns, easier to test individual components Zero Breaking Changes: Maintains exact functional behavior Signed-off-by: habeck <habeck@us.ibm.com> * fix: use lazy evaluation rather than f-strings Signed-off-by: habeck <habeck@us.ibm.com> * chore: enable snatizers by default Signed-off-by: habeck <habeck@us.ibm.com> * chore: add env var to disable TensorFlow in plugin startup. Signed-off-by: habeck <habeck@us.ibm.com> * chore: fix return type on __update_context api. Signed-off-by: habeck <habeck@us.ibm.com> * enh: run the cache cleanup in a background thread rather than on every scan. Signed-off-by: habeck <habeck@us.ibm.com> * chore: lint fix Signed-off-by: habeck <habeck@us.ibm.com> * fix: test case for Test _handle_vault_caching handles case when no vault exists. Signed-off-by: habeck <habeck@us.ibm.com> * chore: add unit tests for new code Signed-off-by: habeck <habeck@us.ibm.com> * chore: test coverage for llmguard.py to 94% from 80% Signed-off-by: habeck <habeck@us.ibm.com> * chore: policy.py coverage to 100% Signed-off-by: habeck <habeck@us.ibm.com> * chore: cache.py tests to 100% Signed-off-by: habeck <habeck@us.ibm.com> * chore: lint fixes Signed-off-by: habeck <habeck@us.ibm.com> * chore: add missing class doc to test_llmguardplugin.py Signed-off-by: habeck <habeck@us.ibm.com> * chore: update readme Signed-off-by: habeck <habeck@us.ibm.com> * chore: clearer comment for plugin.conditions.prompts Signed-off-by: habeck <habeck@us.ibm.com> --------- Signed-off-by: habeck <habeck@us.ibm.com>
* Fix compose-tls for certs with passphrase Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * Update documentation Signed-off-by: Madhav Kandukuri <madhav165@gmail.com> * fix: improve security and validation for passphrase-protected keys - Use env:KEY_FILE_PASSWORD instead of pass: to avoid exposing password in process listings - Add validation to ensure cert.pem exists when key-encrypted.pem is provided, preventing silent key overwrite with self-signed cert Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> --------- Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> Co-authored-by: Mihai Criveti <crivetimihai@gmail.com>
Closes IBM#2563 This commit fixes two issues: 1. Gateway Tags Returned as Empty List (IBM#2563): - Fixed type annotation mismatch in validate_tags_field() to correctly return List[Dict[str, str]] instead of List[str] - Added passthrough logic for already-formatted tag dictionaries in TagValidator.validate_list() - Updated GatewayCreate.tags and GatewayUpdate.tags to accept both legacy string format and new dict format - Fixed parenthesis placement in get_gateway_by_url() to correctly call masked() on GatewayRead instead of DbGateway 2. Transport Field Reset During Gateway Update: - Changed GatewayUpdate.transport from default="SSE" to None to prevent overwriting existing values when field is omitted in PUT/PATCH requests Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> Co-authored-by: Mihai Criveti <crivetimihai@gmail.com>
Signed-off-by: oaslananka <169144131+oaslananka@users.noreply.github.com>
Signed-off-by: oaslananka <oaslananka@users.noreply.github.com> Co-authored-by: oaslananka <oaslananka@users.noreply.github.com>
The conditional expression always returned the same value regardless of the condition. Simplified to direct assignment. Closes IBM#2367 Signed-off-by: ChaiAndCode <saaiaravindhraja@gmail.com>
* Resource tags are being displayed
Signed-off-by: NAYANAR <nayana.r7813@gmail.com>
* Fix tag display bug where {{ tag.id }} crashes if tags are plain strings; render tags defensively
Signed-off-by: NAYANAR <nayana.r7813@gmail.com>
* fix: Apply defensive tag pattern consistently across all templates
Apply the `{% if tag is mapping %}{{ tag.id }}{% else %}{{ tag }}{% endif %}`
pattern to resources_partial.html, plugins_partial.html, and
tools_with_pagination.html that were missing the defensive check.
Also fix accidental indentation change in admin.html.
Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
---------
Signed-off-by: NAYANAR <nayana.r7813@gmail.com>
Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
Co-authored-by: Mihai Criveti <crivetimihai@gmail.com>
Add Prompt ID visibility to the admin panel's Prompts page: - Added "Prompt ID" column header in the prompts table - Display prompt.id in the table row with monospace styling - Added "Prompt ID" field as the first item in the view prompt modal Closes IBM#2656 Signed-off-by: rakdutta <rakhibiswas@yahoo.com> Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
…BM#2713) * fix: ovelapping Authorize and Fetch Tool buttons on MCP servers page Signed-off-by: Marek Dano <mk.dano@gmail.com> * fix: center the header text Actions in the MCP Servers Gateways table Signed-off-by: Marek Dano <mk.dano@gmail.com> --------- Signed-off-by: Marek Dano <mk.dano@gmail.com>
The Edit User modal's password requirement icons remained unchanged when typing because both Create User and Edit User forms used identical element IDs (req-length, req-uppercase, etc.). When JavaScript called document.getElementById(), it returned the Create form's elements instead of the Edit form's elements. Renamed Edit User form element IDs to use 'edit-' prefix to ensure uniqueness and updated the corresponding JavaScript functions in admin.js to reference the new IDs. Closes IBM#2702 Signed-off-by: Gabriel Costa <gabrielcg@proton.me>
Updates the HX-Trigger in admin_update_team to use 'refreshUnifiedTeamsList' instead of 'refreshTeamsList', ensuring the UI updates correctly after editing a team. Signed-off-by: Adnan Vahora <adnan.vahora1@motorolasolutions.com> Co-authored-by: Adnan Vahora <adnan.vahora1@motorolasolutions.com>
This commit addresses multiple loading spinner issues in the admin UI:
1. Fixed double loading spinners on initial page load/refresh
- Removed redundant initial placeholder spinners from Gateways, Catalog,
Tools, and Tool Operations panels
- Now relies solely on HTMX indicators for loading states
- Affected files: mcpgateway/templates/admin.html
2. Fixed spurious spinners triggered by background requests
- Added CSS rules to prevent all .htmx-indicator elements from showing
on unrelated requests
- Scoped indicators to specific panels
- Only show indicators when explicitly targeted via hx-indicator attribute
- Uses proper CSS specificity to ensure targeted indicators are shown
- Prevents spinners from appearing during background /trace requests
- Affected files: mcpgateway/static/admin.css
3. Standardized Resources panel loading indicator
- Replaced simple spinner div with proper HTMX indicator matching other panels
- Added animated SVG spinner with "Loading resources..." text
- Affected files: mcpgateway/templates/admin.html
4. Aligned Prompts panel implementation with other panels
- Removed dual loading state (inline + external indicator)
- Standardized to single external HTMX indicator for consistency
- Changed spinner color to indigo for consistency with other panels
- Affected files: mcpgateway/templates/admin.html
5. Fixed Tool Operations panel loading indicator
- Added indicator to admin.html (outside swap target) so it exists on
initial page load
- Removed duplicate indicator from toolops_partial.html to avoid ID conflict
- Affected files: mcpgateway/templates/admin.html,
mcpgateway/templates/toolops_partial.html
All panels now have consistent loading behavior:
- Single loading indicator per panel
- No spurious spinners on background requests
- Proper HTMX indicator visibility control via CSS
Fixes IBM#2689
Signed-off-by: Gabriel Costa <gabrielcg@proton.me>
…BM#2701) The Edit User modal was hidden when HTMX tried to swap content into #user-edit-modal-content, causing htmx:targetError console errors. Changes: - Add hx-on::before-request to Edit button to show modal synchronously - Remove global htmx:afterRequest listener that showed modal after request - Remove hx-target from form since content swaps into modal while visible The modal is now visible before HTMX requests, preventing targetError. Closes IBM#2693 Signed-off-by: Marek Dano <mk.dano@gmail.com> Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
…pre-commit to pass on Linux or Mac. (IBM#2740) * fix 2731 - Change file permissions on test/client/__init__.py Signed-off-by: Brian Hussey <redacted@ie.ibm.com> * fix 2732 - Change file permissions on executable scripts and python files that are self executable Signed-off-by: Brian Hussey <redacted@ie.ibm.com> * fix 2733 - set pre-commit detect-private-key to ignore the specific files with tests for the not allowed terms Signed-off-by: Brian Hussey <redacted@ie.ibm.com> * fix 2734 - correct config of check-yaml to allow multiple files and to fix yaml linting issue with tests/performance/plugins/config.yaml Signed-off-by: Brian Hussey <redacted@ie.ibm.com> * fix 2735 - correct config of name-tests-test to exclude further tests that are procedural and not specific units, including jmeter, loadtest(locust) and client Signed-off-by: Brian Hussey <redacted@ie.ibm.com> --------- Signed-off-by: Brian Hussey <redacted@ie.ibm.com> Co-authored-by: Brian Hussey <redacted@ie.ibm.com>
…nd (IBM#2654) - Backend: Extract root cause from BaseExceptionGroup when MCP SDK uses TaskGroup, ensuring actual HTTP errors (401, 405, etc.) are shown instead of generic "Failed to initialize gateway" messages - Backend: Change HTTP status from 503 to 502 for GatewayConnectionError as 502 Bad Gateway more accurately represents upstream server failures - Backend: Include sanitized error details in GatewayConnectionError messages for better debugging while protecting sensitive URL params - Backend: Add userinfo (user:pass@host) redaction to sanitize_url_for_logging as defense-in-depth against credential leakage in error messages - Frontend: Add safeParseJsonResponse() helper to validate response status and Content-Type before parsing JSON, preventing crashes when proxies or auth redirects return HTML error pages - Frontend: Update extractApiError() to also check error.message field - Frontend: Detect HTML responses and show user-friendly message instead of raw HTML; truncate long text responses to 200 chars - Apply safeParseJsonResponse to 12 high-risk form handlers (POST/PUT): Gateway, Resource, Prompt, Server, A2A Agent, Tool (add & edit each) Closes IBM#2562 Signed-off-by: Keval Mahajan <mahajankeval23@gmail.com> Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
* 2346 - Fixed root buttons of view, edit and export
Signed-off-by: Mihai-Vlad Rusu <vladrusu@MacBookPro.lan>
* Fixed lint, test and format issue
Signed-off-by: Mihai-Vlad Rusu <vladrusu@MacBookPro.lan>
* chore: remove unrelated files from rebase
Signed-off-by: Mihai-Vlad Rusu <vladrusu@MacBookPro.lan>
* fix: correct route ordering for /roots/changes endpoint
- Move /changes endpoint before catch-all /{root_uri:path} to fix routing
- Remove debug print statement from update_root
- Restore correct test expectations for SSE endpoint
Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
* fix: address code review findings
- Normalize URIs in get/update/remove_root to match storage key
- Fix JS null-deref when Content-Disposition header is missing
- Fix misleading 'getting' log message in update_root
- Return Root object directly instead of dict for type consistency
Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
* lint
Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
* lint
Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
---------
Signed-off-by: Mihai-Vlad Rusu <vladrusu@MacBookPro.lan>
Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
Co-authored-by: Mihai-Vlad Rusu <vladrusu@MacBookPro.lan>
Co-authored-by: Mihai Criveti <crivetimihai@gmail.com>
Signed-off-by: Shoumi <shoumimukherjee@gmail.com>
…ion (IBM#2649) Add guard check for empty decoded_auth_value before accessing dict keys in convert_tool_to_read for authheaders auth type. When auth_value decrypts to an empty dict, set auth to None instead of crashing. Closes IBM#1430 Signed-off-by: Keval Mahajan <mahajankeval23@gmail.com> Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
* fix(auth): add missing fields to EmailUser instantiations Signed-off-by: Shoumi <shoumimukherjee@gmail.com> * add regression test for API token /me endpoint serialization Signed-off-by: Shoumi <shoumimukherjee@gmail.com> * test fixes Signed-off-by: Shoumi <shoumimukherjee@gmail.com> --------- Signed-off-by: Shoumi <shoumimukherjee@gmail.com>
…n updating user details (IBM#2736) * fix: add password and full_name fields as optional for update user request Signed-off-by: Marek Dano <mk.dano@gmail.com> * fix: add is_admin field as optional for the update user request Signed-off-by: Marek Dano <mk.dano@gmail.com> * fix: lint issue when running make flake8 Signed-off-by: Marek Dano <mk.dano@gmail.com> --------- Signed-off-by: Marek Dano <mk.dano@gmail.com>
…200 (IBM#2680) * fix: not authenticate API with Cookies. Returns response 401 instead 200 Signed-off-by: Marek Dano <mk.dano@gmail.com> * test: add test for cookie rejection on API requests Verify that cookie-only authentication returns 401 for non-browser API requests (Accept: application/json), ensuring the security fix is explicitly covered by tests. Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> --------- Signed-off-by: Marek Dano <mk.dano@gmail.com> Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> Co-authored-by: Mihai Criveti <crivetimihai@gmail.com>
…content (IBM#2655) Move RESOURCE_POST_FETCH hook invocation to after invoke_resource() resolves content from the gateway. Previously, post-fetch plugins (e.g. secrets_detection) received raw template URIs instead of actual content, allowing secrets to pass through unredacted. Also adds null-checks before setting blob/text from invoke_resource() response, and normalizes the content resolution into a single if/elif/else chain with one return point. Closes IBM#2648 Signed-off-by: Satya <tsp.0713@gmail.com> Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
…#2745) Add Teams Discovery and Auth Profile endpoints to REST mix fragment, increase concurrent users to 1000 with 60s ramp-up, and display summariser output every 10s for better observability during test runs. Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
* fix(cedar-plugin): optimize Cedar policy evaluation with async and batch support - Convert synchronous CedarPy calls to async via asyncio.to_thread - Implement batch policy evaluation using is_authorized_batch - Move regex compilation and policy parsing to plugin initialization - Add user context handling from gateway (is_admin role detection) - Add recursive output redaction with configurable redaction string - Add server_id extraction from gateway metadata with fallback - Add correlation_id support for batch request tracking - Add example configs and end-to-end testing documentation - Update tests for new redaction_str configuration field Signed-off-by: Shriti Priya <shritip@ibm.com> Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix(cedar-plugin): address review issues in cedar plugin optimization - Initialize _output_redaction_string with default to prevent AttributeError - Replace mutable default arguments (dict) with None in _preprocess_request - Use public diagnostics attribute instead of private _diagnostics - Use ToolHookType enums consistently instead of hardcoded strings - Fix wrong docstring on _create_dsl_policy_template (was copy-pasted) - Remove duplicate docstring in tool_post_invoke - Simplify redundant conditionals in _get_output_request_list - Fix stale OPA references in resource hook docstrings - Remove near-duplicate example config (keep config-cedar.yaml) Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * lint Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> --------- Signed-off-by: Shriti Priya <shritip@ibm.com> Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> Co-authored-by: Mihai Criveti <crivetimihai@gmail.com>
…IBM#2747) Add 17 new User classes (batches 12-14) covering entity updates, LLM CRUD, gateway CRUD, auth email, teams/RBAC/token write ops, reverse proxy, admin detail reads, admin gRPC, admin HTMX ops, admin MCP registry, admin LLM ops, admin observability queries, and misc endpoints. Coverage goes from 64% (244/380) to 98.2% (373/380), with the remaining 7 being intentionally skipped SSE/streaming and OAuth browser flow endpoints. Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
* feat: added grpc capabilities to plugin framework. Signed-off-by: Teryl Taylor <terylt@ibm.com> * feat: added test cases, documentation and features for gRPC and unix socket. Signed-off-by: Teryl Taylor <terylt@ibm.com> * fix: added proto files to manifest. Signed-off-by: Teryl Taylor <terylt@ibm.com> * fix: CI/CD failings. Signed-off-by: Teryl Taylor <terylt@ibm.com> * fix: lint issues, test cases etc. Signed-off-by: Teryl Taylor <terylt@ibm.com> * fix: skip grpc tests if grpc not available. Signed-off-by: Teryl Taylor <terylt@ibm.com> * cicd: excluded generated pb files from vulture. Signed-off-by: Teryl Taylor <terylt@ibm.com> * cicd: exclude pb files from main linter. Signed-off-by: Teryl Taylor <terylt@ibm.com> * fix: flake8 issue. Signed-off-by: Teryl Taylor <terylt@ibm.com> * fix: added conftest.py to ignore grpc doc tests when grpc is not installed. Signed-off-by: Teryl Taylor <terylt@ibm.com> * docs: updated the docs and template to support tls. Signed-off-by: Teryl Taylor <terylt@ibm.com> * fix: add grpc to dev deps and boost test coverage to 90%+ for new plugin files Add grpcio to dev dependencies so CI installs it and grpc/unix plugin tests run during coverage checks. Exclude generated proto _pb2 files from coverage measurement. Add comprehensive tests for proto_convert, unix runtime, and extend existing test suites to cover exception handling, error dispatch, reconnection, and lifecycle edge cases. Signed-off-by: Mihai Criveti <crmihai1@ie.ibm.com> Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: add grpcio-reflection to dev deps to fix test_translate_grpc failures Adding grpcio without grpcio-reflection caused grpc_service.py to set GRPC_AVAILABLE=True but reflection_pb2 remained None, breaking all gRPC reflection tests. Signed-off-by: Mihai Criveti <crmihai1@ie.ibm.com> Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> --------- Signed-off-by: Teryl Taylor <terylt@ibm.com> Signed-off-by: Mihai Criveti <crmihai1@ie.ibm.com> Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> Co-authored-by: Teryl Taylor <terylt@ibm.com> Co-authored-by: Mihai Criveti <crivetimihai@gmail.com>
Add MCP Inspector (ghcr.io/modelcontextprotocol/inspector) as a docker-compose service behind the `inspector` profile for interactive MCP debugging and testing. - Add `mcp_inspector` service with ports 6274 (UI) and 6277 (proxy) - Add Makefile targets: inspector-up, inspector-down, inspector-logs, inspector-status - Include inspector in `make testing-up` for a batteries-included testing stack - Document connection instructions inline in docker-compose.yml and Makefile output Closes IBM#2198 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
CYFR-209 add protected secrets
CYFR-209 Protected secrets
…override support Signed-off-by: Nithin Katta <Nithin.Katta@ibm.com>
Signed-off-by: Nithin Katta <Nithin.Katta@ibm.com>
Signed-off-by: Nithin Katta <Nithin.Katta@ibm.com>
…orge-Resync-09-03-2026
…ild-only-linux-amd64 fix(CYFR-88824): correct multi-arch build condition and add platform override support
Signed-off-by: Nithin Katta <Nithin.Katta@ibm.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🔗 Related Issue
Closes #
📝 Summary
What does this PR do and why?
🏷️ Type of Change
🧪 Verification
make lintmake testmake coverage✅ Checklist
make black isort pre-commit)📓 Notes (optional)
Screenshots, design decisions, or additional context.