Skip to content

Add CRD type and converter for upstream_inject strategy#4391

Merged
tgrunnagle merged 1 commit intomainfrom
vmcp-add-as-scaffolding-6b
Mar 30, 2026
Merged

Add CRD type and converter for upstream_inject strategy#4391
tgrunnagle merged 1 commit intomainfrom
vmcp-add-as-scaffolding-6b

Conversation

@jhrozek
Copy link
Copy Markdown
Contributor

@jhrozek jhrozek commented Mar 26, 2026

Summary

  • Phase 4 of RFC-0054: the runtime upstream_inject strategy (added in Implement upstream_inject strategy and SubjectProviderName #4390)
    needs CRD types and converters so the operator can wire it from the Kubernetes
    API to the vMCP runtime config.
  • Adds ExternalAuthTypeUpstreamInject constant, UpstreamInjectSpec struct with
    CEL validation, and SubjectProviderName on TokenExchangeConfig in the CRD types.
  • Adds UpstreamInjectConverter and wires SubjectProviderName in
    TokenExchangeConverter, both registered in the converter registry.

Fixes #4146

Type of change

  • New feature

Test plan

  • Unit tests (task test)
  • Linting (task lint-fix)

Changes

File Change
cmd/thv-operator/api/v1alpha1/mcpexternalauthconfig_types.go Add ExternalAuthTypeUpstreamInject, UpstreamInjectSpec with CEL rules, SubjectProviderName on token exchange
cmd/thv-operator/api/v1alpha1/mcpexternalauthconfig_types_test.go Tests for new types
cmd/thv-operator/api/v1alpha1/zz_generated.deepcopy.go Generated deepcopy
cmd/thv-operator/controllers/virtualmcpserver_deployment.go Mount upstream inject env vars into deployment
cmd/thv-operator/pkg/controllerutil/tokenexchange.go Wire SubjectProviderName in token exchange helper
pkg/vmcp/auth/converters/upstream_inject.go New UpstreamInjectConverter — CRD spec to runtime config
pkg/vmcp/auth/converters/upstream_inject_test.go Comprehensive converter tests
pkg/vmcp/auth/converters/token_exchange.go Map SubjectProviderName through token exchange converter
pkg/vmcp/auth/converters/token_exchange_test.go Tests for SubjectProviderName conversion
deploy/charts/*/crds/*.yaml Updated CRD manifests
docs/operator/crd-api.md Updated CRD API docs

Special notes for reviewers

🤖 Generated with Claude Code

@github-actions github-actions bot added the size/M Medium PR: 300-599 lines changed label Mar 26, 2026
jerm-dro
jerm-dro previously approved these changes Mar 26, 2026
View reviewed changes
@jhrozek jhrozek mentioned this pull request Mar 26, 2026
Open
3 tasks
@jhrozek jhrozek force-pushed the vmcp-add-as-scaffolding-6a branch from fc12658 to 9f25687 Compare March 26, 2026 22:33
@jhrozek jhrozek force-pushed the vmcp-add-as-scaffolding-6b branch from 12e1fc2 to a4b2892 Compare March 26, 2026 22:34
@github-actions github-actions bot added size/M Medium PR: 300-599 lines changed and removed size/M Medium PR: 300-599 lines changed labels Mar 26, 2026
@codecov
Copy link
Copy Markdown

codecov bot commented Mar 26, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 84.37500% with 5 lines in your changes missing coverage. Please review.
✅ Project coverage is 69.55%. Comparing base (e3c605f) to head (1d21cae).
⚠️ Report is 25 commits behind head on main.

Files with missing lines Patch % Lines
...perator/controllers/virtualmcpserver_deployment.go 0.00% 2 Missing ⚠️
...d/thv-operator/pkg/controllerutil/tokenexchange.go 0.00% 2 Missing ⚠️
...erator/api/v1alpha1/mcpexternalauthconfig_types.go 87.50% 0 Missing and 1 partial ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #4391      +/-   ##
==========================================
+ Coverage   69.48%   69.55%   +0.07%     
==========================================
  Files         486      487       +1     
  Lines       50017    50043      +26     
==========================================
+ Hits        34753    34807      +54     
+ Misses      12578    12553      -25     
+ Partials     2686     2683       -3

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@jhrozek jhrozek force-pushed the vmcp-add-as-scaffolding-6a branch from 9f25687 to c904405 Compare March 27, 2026 10:21
@jhrozek jhrozek force-pushed the vmcp-add-as-scaffolding-6b branch from a4b2892 to e49c89e Compare March 27, 2026 10:31
@github-actions github-actions bot added size/M Medium PR: 300-599 lines changed and removed size/M Medium PR: 300-599 lines changed labels Mar 27, 2026
@jhrozek jhrozek force-pushed the vmcp-add-as-scaffolding-6b branch from e49c89e to d17a27e Compare March 27, 2026 10:39
@github-actions github-actions bot added size/M Medium PR: 300-599 lines changed and removed size/M Medium PR: 300-599 lines changed labels Mar 27, 2026
@jhrozek jhrozek force-pushed the vmcp-add-as-scaffolding-6a branch from 8156719 to dacf7fb Compare March 27, 2026 15:36
@jhrozek jhrozek force-pushed the vmcp-add-as-scaffolding-6b branch from d17a27e to 2bdc632 Compare March 27, 2026 15:36
@github-actions github-actions bot added size/M Medium PR: 300-599 lines changed and removed size/M Medium PR: 300-599 lines changed labels Mar 27, 2026
tgrunnagle
tgrunnagle previously approved these changes Mar 27, 2026
View reviewed changes
This was referenced Mar 27, 2026
Open
Open
@jhrozek jhrozek force-pushed the vmcp-add-as-scaffolding-6a branch from dacf7fb to 99c8e33 Compare March 27, 2026 19:56
@jhrozek jhrozek force-pushed the vmcp-add-as-scaffolding-6b branch from 2bdc632 to 8eebdd8 Compare March 27, 2026 20:35
@github-actions github-actions bot removed the size/M Medium PR: 300-599 lines changed label Mar 27, 2026
@github-actions github-actions bot added the size/M Medium PR: 300-599 lines changed label Mar 27, 2026
Base automatically changed from vmcp-add-as-scaffolding-6a to main March 28, 2026 07:53
@jhrozek jhrozek dismissed stale reviews from tgrunnagle and jerm-dro March 28, 2026 07:53

The base branch was changed.

github-actions[bot]
github-actions bot previously requested changes Mar 28, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Large PR Detected

This PR exceeds 1000 lines of changes and requires justification before it can be reviewed.

How to unblock this PR:

Add a section to your PR description with the following format:

## Large PR Justification

[Explain why this PR must be large, such as:]
- Generated code that cannot be split
- Large refactoring that must be atomic
- Multiple related changes that would break if separated
- Migration or data transformation

Alternative:

Consider splitting this PR into smaller, focused changes (< 1000 lines each) for easier review and reduced risk.

See our Contributing Guidelines for more details.

This review will be automatically dismissed once you add the justification section.

@github-actions github-actions bot added size/XL Extra large PR: 1000+ lines changed and removed size/M Medium PR: 300-599 lines changed labels Mar 28, 2026
@jhrozek @claude
Add CRD type and converter for upstream_inject strategy (#4146)
1d21cae 
Bridge the Kubernetes operator API to the vMCP runtime config for the
upstream_inject outgoing auth strategy. This is Phase 4 of RFC-0054.

CRD changes: add ExternalAuthTypeUpstreamInject constant, UpstreamInjectSpec
struct, CEL validation rules, and SubjectProviderName on TokenExchangeConfig.
Converter changes: add UpstreamInjectConverter, wire SubjectProviderName in
TokenExchangeConverter, and register in the converter registry.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@jhrozek jhrozek force-pushed the vmcp-add-as-scaffolding-6b branch from 8eebdd8 to 1d21cae Compare March 28, 2026 07:57
@github-actions github-actions bot added size/M Medium PR: 300-599 lines changed and removed size/XL Extra large PR: 1000+ lines changed labels Mar 28, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Mar 28, 2026

✅ PR size has been reduced below the XL threshold. The size review has been dismissed and this PR can now proceed with normal review. Thank you for splitting this up!

@github-actions github-actions bot dismissed their stale review March 28, 2026 07:57

PR size has been reduced below the XL threshold. Thank you for splitting this up!

@tgrunnagle tgrunnagle merged commit d8ca363 into main Mar 30, 2026
42 of 43 checks passed
@tgrunnagle tgrunnagle deleted the vmcp-add-as-scaffolding-6b branch March 30, 2026 14:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jerm-dro jerm-dro jerm-dro approved these changes

@tgrunnagle tgrunnagle tgrunnagle left review comments

@github-actions github-actions[bot] github-actions[bot] left review comments

@JAORMX JAORMX Awaiting requested review from JAORMX JAORMX is a code owner

@yrobla yrobla Awaiting requested review from yrobla yrobla is a code owner

@amirejaz amirejaz Awaiting requested review from amirejaz amirejaz is a code owner

@ChrisJBurns ChrisJBurns Awaiting requested review from ChrisJBurns ChrisJBurns is a code owner

Assignees

No one assigned

Labels

size/M Medium PR: 300-599 lines changed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Phase 4: Add CRD type and converter for upstream_inject strategy (RFC-0054)

3 participants

@jhrozek @tgrunnagle @jerm-dro