From acb184a8486bb6d92b4c3c69b48ab56f869a1c71 Mon Sep 17 00:00:00 2001 From: Dimitrios Giannopoulos Date: Wed, 16 Jul 2025 15:01:21 +0300 Subject: [PATCH 1/4] feat: add mcp server to helm chart and expose values --- .../helm/openslice/templates/mcp-server.yaml | 76 +++++++++++++++++++ kubernetes/helm/openslice/values.yaml | 16 +++- 2 files changed, 90 insertions(+), 2 deletions(-) create mode 100644 kubernetes/helm/openslice/templates/mcp-server.yaml diff --git a/kubernetes/helm/openslice/templates/mcp-server.yaml b/kubernetes/helm/openslice/templates/mcp-server.yaml new file mode 100644 index 0000000..8c346fe --- /dev/null +++ b/kubernetes/helm/openslice/templates/mcp-server.yaml @@ -0,0 +1,76 @@ +{{- if .Values.mcpserver.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + namespace: {{ .Release.Namespace }} + labels: + app: {{ include "openslice.fullname" . }} + org.etsi.osl.service: mcpserver + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + {{- include "openslice.labels" . | nindent 4 }} + name: {{ include "openslice.fullname" . }}-mcpserver +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "openslice.fullname" . }} + org.etsi.osl.service: mcpserver + {{- include "openslice.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + app: {{ include "openslice.fullname" . }} + org.etsi.osl.service: mcpserver + {{- include "openslice.selectorLabels" . | nindent 8 }} + spec: + containers: + - name: {{ include "openslice.fullname" . }}-mcpserver + image: "{{ .Values.image.mcpserver.repository }}:{{ .Values.image.mcpserver.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.mcpserver.pullPolicy | default "Always" }} + env: + - name: SPRING_APPLICATION_JSON + value: >- + { + "spring.datasource.url": "jdbc:mysql://{{ include "openslice.fullname" . }}-mysql/osdb?createDatabaseIfNotExist=true", + "spring.datasource.username": "{{ .Values.oscreds.mysql.username }}", + "spring.datasource.password": "{{ .Values.oscreds.mysql.password }}", + "spring-addons.issuers[0].uri": "http://keycloak:8080/auth/realms/openslice", + "spring-addons.issuers[0].username-json-path":"$.preferred_username", + "spring-addons.issuers[0].claims[0].jsonPath":"$.realm_access.roles", + "spring-addons.issuers[0].claims[1].jsonPath":"$.resource_access.*.roles", + "spring.security.oauth2.resourceserver.jwt.issuer-uri": "http://keycloak:8080/auth/realms/openslice", + "springdoc.oAuthFlow.authorizationUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/auth", + "springdoc.oAuthFlow.tokenUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/token", + "springdoc.oauth.client-id": "osapiWebClientId", + "springdoc.oauth.clientsecret": "{{ .Values.mcpserver.springdoc.clientSecret }}", + "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", + "spring.activemq.user": "{{ .Values.oscreds.activemq.user }}", + "spring.activemq.password": "{{ .Values.oscreds.activemq.password }}", + "logging.level.org.springframework": "{{ .Values.mcpserver.spring.logLevel | default "INFO" }}" + } + ports: + - containerPort: 13015 + resources: + {{- toYaml .Values.resources | nindent 12 }} + restartPolicy: Always +--- +apiVersion: v1 +kind: Service +metadata: + namespace: {{ .Release.Namespace }} + labels: + app: {{ include "openslice.fullname" . }} + org.etsi.osl.service: mcpserver + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + {{- include "openslice.labels" . | nindent 4 }} + name: {{ include "openslice.fullname" . }}-mcpserver +spec: + ports: + - name: "13015" + port: 13015 + targetPort: 13015 + selector: + app: {{ include "openslice.fullname" . }} + org.etsi.osl.service: mcpserver + {{- include "openslice.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/kubernetes/helm/openslice/values.yaml b/kubernetes/helm/openslice/values.yaml index e531b73..d9c29db 100644 --- a/kubernetes/helm/openslice/values.yaml +++ b/kubernetes/helm/openslice/values.yaml @@ -85,6 +85,11 @@ image: pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. tag: "develop" + mcpserver: + repository: labs.etsi.org:5050/osl/code/org.etsi.osl.mcp.server + # Overrides the image tag whose default is the chart appVersion. + tag: develop + pullPolicy: Always bugzillaurl: example.com:443/bugzilla bugzillakey: VH2Vw0iI5aYgALFFzVDWqhACwt6Hu3bXla9kSC1Z @@ -114,7 +119,7 @@ spring: oauthClientSecret: secret mysql: - storage: 10Gi + storage: 100Mi metrico: enabled: true @@ -123,7 +128,7 @@ metrico: loglevel: DEBUG cridge: - enabled: true + enabled: false logLevel: INFO spring: loglevel: INFO @@ -154,6 +159,13 @@ osscapi: spring: loglevel: INFO +mcpserver: + enabled: true + springdoc: + clientSecret: secret + spring: + logLevel: INFO + # Storage class to be used for provisioning. Default is manual # storageClass: ~ -- GitLab From fad20a7922e0ab98932d1c96a8c0776981f3d6c2 Mon Sep 17 00:00:00 2001 From: Dimitrios Giannopoulos Date: Wed, 16 Jul 2025 15:02:08 +0300 Subject: [PATCH 2/4] feat: use correct values --- kubernetes/helm/openslice/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kubernetes/helm/openslice/values.yaml b/kubernetes/helm/openslice/values.yaml index d9c29db..65d6918 100644 --- a/kubernetes/helm/openslice/values.yaml +++ b/kubernetes/helm/openslice/values.yaml @@ -119,7 +119,7 @@ spring: oauthClientSecret: secret mysql: - storage: 100Mi + storage: 10Gi metrico: enabled: true @@ -128,7 +128,7 @@ metrico: loglevel: DEBUG cridge: - enabled: false + enabled: true logLevel: INFO spring: loglevel: INFO -- GitLab From 557665165172ecfcf53e87484ad8f8e2a726c04c Mon Sep 17 00:00:00 2001 From: Dimitrios Giannopoulos Date: Wed, 16 Jul 2025 15:48:35 +0300 Subject: [PATCH 3/4] feat: expose the mcp server by ingress --- kubernetes/helm/openslice/values.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/kubernetes/helm/openslice/values.yaml b/kubernetes/helm/openslice/values.yaml index 65d6918..d65bcf8 100644 --- a/kubernetes/helm/openslice/values.yaml +++ b/kubernetes/helm/openslice/values.yaml @@ -225,6 +225,9 @@ ingress: - path: "/" service: "tmfweb" port: 80 + - path: "/mcpserver" + service: "mcpserver" + port: 13015 annotations: {} -- GitLab From 852fc256139761b2aeeaedec1d8e172210599d70 Mon Sep 17 00:00:00 2001 From: Dimitrios Giannopoulos Date: Thu, 17 Jul 2025 12:38:49 +0300 Subject: [PATCH 4/4] feat: created correct ingress for mcpserver --- .../templates/mcp-server-ingress.yaml.yaml | 23 +++++++++++++++++++ .../helm/openslice/templates/mcp-server.yaml | 8 +++---- kubernetes/helm/openslice/values.yaml | 3 --- 3 files changed, 27 insertions(+), 7 deletions(-) create mode 100644 kubernetes/helm/openslice/templates/mcp-server-ingress.yaml.yaml diff --git a/kubernetes/helm/openslice/templates/mcp-server-ingress.yaml.yaml b/kubernetes/helm/openslice/templates/mcp-server-ingress.yaml.yaml new file mode 100644 index 0000000..0c515e6 --- /dev/null +++ b/kubernetes/helm/openslice/templates/mcp-server-ingress.yaml.yaml @@ -0,0 +1,23 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + namespace: {{ .Release.Namespace }} + labels: + app: {{ include "openslice.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + {{- include "openslice.labels" . | nindent 4 }} + annotations: + nginx.ingress.kubernetes.io/rewrite-target: "/$1" + name: {{ include "openslice.fullname" . }}-mcpserver-ingress +spec: + ingressClassName: {{ .Values.ingress.ingressClassName | quote }} + rules: + - http: + paths: + - pathType: ImplementationSpecific + path: "/mcpserver/(.*)" + backend: + service: + name: {{ include "openslice.fullname" . }}-mcpserver + port: + number: 13015 diff --git a/kubernetes/helm/openslice/templates/mcp-server.yaml b/kubernetes/helm/openslice/templates/mcp-server.yaml index 8c346fe..942f9a9 100644 --- a/kubernetes/helm/openslice/templates/mcp-server.yaml +++ b/kubernetes/helm/openslice/templates/mcp-server.yaml @@ -34,13 +34,13 @@ spec: "spring.datasource.url": "jdbc:mysql://{{ include "openslice.fullname" . }}-mysql/osdb?createDatabaseIfNotExist=true", "spring.datasource.username": "{{ .Values.oscreds.mysql.username }}", "spring.datasource.password": "{{ .Values.oscreds.mysql.password }}", - "spring-addons.issuers[0].uri": "http://keycloak:8080/auth/realms/openslice", + "spring-addons.issuers[0].uri": "{{ .Values.rooturl }}/auth/realms/openslice", "spring-addons.issuers[0].username-json-path":"$.preferred_username", "spring-addons.issuers[0].claims[0].jsonPath":"$.realm_access.roles", "spring-addons.issuers[0].claims[1].jsonPath":"$.resource_access.*.roles", - "spring.security.oauth2.resourceserver.jwt.issuer-uri": "http://keycloak:8080/auth/realms/openslice", - "springdoc.oAuthFlow.authorizationUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/auth", - "springdoc.oAuthFlow.tokenUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/token", + "spring.security.oauth2.resourceserver.jwt.issuer-uri": "{{ .Values.rooturl }}/auth/realms/openslice", + "springdoc.oAuthFlow.authorizationUrl": "{{ .Values.rooturl }}/auth/realms/openslice/protocol/openid-connect/auth", + "springdoc.oAuthFlow.tokenUrl": "{{ .Values.rooturl }}/auth/realms/openslice/protocol/openid-connect/token", "springdoc.oauth.client-id": "osapiWebClientId", "springdoc.oauth.clientsecret": "{{ .Values.mcpserver.springdoc.clientSecret }}", "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", diff --git a/kubernetes/helm/openslice/values.yaml b/kubernetes/helm/openslice/values.yaml index d65bcf8..65d6918 100644 --- a/kubernetes/helm/openslice/values.yaml +++ b/kubernetes/helm/openslice/values.yaml @@ -225,9 +225,6 @@ ingress: - path: "/" service: "tmfweb" port: 80 - - path: "/mcpserver" - service: "mcpserver" - port: 13015 annotations: {} -- GitLab