Merge branch 'main' into fix_ci

Author: dmartinol

cmd/thv-operator/controllers/mcpremoteproxy_runconfig.go

@@ -15,6 +15,7 @@ import (
 
 	mcpv1alpha1 "github.com/stacklok/toolhive/cmd/thv-operator/api/v1alpha1"
 	ctrlutil "github.com/stacklok/toolhive/cmd/thv-operator/pkg/controllerutil"
+	runconfig "github.com/stacklok/toolhive/cmd/thv-operator/pkg/runconfig"
 	configMapChecksum "github.com/stacklok/toolhive/cmd/thv-operator/pkg/runconfig/configmap/checksum"
 	"github.com/stacklok/toolhive/pkg/runner"
 	transporttypes "github.com/stacklok/toolhive/pkg/transport/types"
@@ -169,7 +170,7 @@ func (r *MCPRemoteProxyReconciler) createRunConfigFromMCPRemoteProxy(
 	}
 
 	// Add telemetry configuration if specified
-	addTelemetryConfigOptions(&options, proxy.Spec.Telemetry, proxy.Name)
+	runconfig.AddTelemetryConfigOptions(&options, proxy.Spec.Telemetry, proxy.Name)
 
 	// Add authorization configuration if specified
 	ctx, cancel := context.WithTimeout(context.Background(), defaultAPITimeout)
@@ -192,7 +193,7 @@ func (r *MCPRemoteProxyReconciler) createRunConfigFromMCPRemoteProxy(
 	}
 
 	// Add audit configuration if specified
-	addAuditConfigOptions(&options, proxy.Spec.Audit)
+	runconfig.AddAuditConfigOptions(&options, proxy.Spec.Audit)
 
 	// Use the RunConfigBuilder for operator context
 	// Deployer is nil for remote proxies because they connect to external services

cmd/thv-operator/controllers/mcpremoteproxy_runconfig_test.go

@@ -164,76 +164,6 @@ func TestCreateRunConfigFromMCPRemoteProxy(t *testing.T) {
 				assert.Contains(t, config.AuthzConfig.Cedar.Policies[0], "tools/list")
 			},
 		},
-		{
-			name: "with audit enabled",
-			proxy: &mcpv1alpha1.MCPRemoteProxy{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      "audit-proxy",
-					Namespace: "default",
-				},
-				Spec: mcpv1alpha1.MCPRemoteProxySpec{
-					RemoteURL: "https://mcp.example.com",
-					Port:      8080,
-					OIDCConfig: mcpv1alpha1.OIDCConfigRef{
-						Type: mcpv1alpha1.OIDCConfigTypeInline,
-						Inline: &mcpv1alpha1.InlineOIDCConfig{
-							Issuer:   "https://auth.example.com",
-							Audience: "mcp-proxy",
-						},
-					},
-					Audit: &mcpv1alpha1.AuditConfig{
-						Enabled: true,
-					},
-				},
-			},
-			expectError: false,
-			validate: func(t *testing.T, config *runner.RunConfig) {
-				t.Helper()
-				assert.Equal(t, "audit-proxy", config.Name)
-				assert.NotNil(t, config.AuditConfig)
-			},
-		},
-		{
-			name: "with telemetry configuration",
-			proxy: &mcpv1alpha1.MCPRemoteProxy{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      "telemetry-proxy",
-					Namespace: "default",
-				},
-				Spec: mcpv1alpha1.MCPRemoteProxySpec{
-					RemoteURL: "https://mcp.example.com",
-					Port:      8080,
-					OIDCConfig: mcpv1alpha1.OIDCConfigRef{
-						Type: mcpv1alpha1.OIDCConfigTypeInline,
-						Inline: &mcpv1alpha1.InlineOIDCConfig{
-							Issuer:   "https://auth.example.com",
-							Audience: "mcp-proxy",
-						},
-					},
-					Telemetry: &mcpv1alpha1.TelemetryConfig{
-						OpenTelemetry: &mcpv1alpha1.OpenTelemetryConfig{
-							Enabled:     true,
-							Endpoint:    "http://otel-collector:4317",
-							ServiceName: "salesforce-proxy",
-							Insecure:    true,
-							Tracing: &mcpv1alpha1.OpenTelemetryTracingConfig{
-								Enabled:      true,
-								SamplingRate: "0.1",
-							},
-						},
-					},
-				},
-			},
-			expectError: false,
-			validate: func(t *testing.T, config *runner.RunConfig) {
-				t.Helper()
-				assert.Equal(t, "telemetry-proxy", config.Name)
-				assert.NotNil(t, config.TelemetryConfig)
-				assert.Equal(t, "otel-collector:4317", config.TelemetryConfig.Endpoint)
-				assert.Equal(t, "salesforce-proxy", config.TelemetryConfig.ServiceName)
-				assert.True(t, config.TelemetryConfig.TracingEnabled)
-			},
-		},
 		{
 			name: "with trust proxy headers",
 			proxy: &mcpv1alpha1.MCPRemoteProxy{

cmd/thv-operator/controllers/mcpserver_runconfig.go

@@ -5,7 +5,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"os"
-	"strconv"
 	"strings"
 	"time"
 
@@ -15,6 +14,7 @@ import (
 
 	mcpv1alpha1 "github.com/stacklok/toolhive/cmd/thv-operator/api/v1alpha1"
 	ctrlutil "github.com/stacklok/toolhive/cmd/thv-operator/pkg/controllerutil"
+	runconfig "github.com/stacklok/toolhive/cmd/thv-operator/pkg/runconfig"
 	"github.com/stacklok/toolhive/cmd/thv-operator/pkg/runconfig/configmap"
 	configMapChecksum "github.com/stacklok/toolhive/cmd/thv-operator/pkg/runconfig/configmap/checksum"
 	"github.com/stacklok/toolhive/pkg/operator/accessors"
@@ -166,7 +166,7 @@ func (r *MCPServerReconciler) createRunConfigFromMCPServer(m *mcpv1alpha1.MCPSer
 	}
 
 	// Add telemetry configuration if specified
-	addTelemetryConfigOptions(&options, m.Spec.Telemetry, m.Name)
+	runconfig.AddTelemetryConfigOptions(&options, m.Spec.Telemetry, m.Name)
 
 	// Add authorization configuration if specified
 	ctx, cancel := context.WithTimeout(context.Background(), defaultAPITimeout)
@@ -186,7 +186,7 @@ func (r *MCPServerReconciler) createRunConfigFromMCPServer(m *mcpv1alpha1.MCPSer
 	}
 
 	// Add audit configuration if specified
-	addAuditConfigOptions(&options, m.Spec.Audit)
+	runconfig.AddAuditConfigOptions(&options, m.Spec.Audit)
 
 	// Check for Vault Agent Injection and add env-file-dir if needed
 	vaultDetected := false
@@ -446,92 +446,6 @@ func convertVolumesFromMCPServer(vols []mcpv1alpha1.Volume) []string {
 	return volumes
 }
 
-// addTelemetryConfigOptions adds telemetry configuration options to the builder options
-func addTelemetryConfigOptions(
-	options *[]runner.RunConfigBuilderOption,
-	telemetryConfig *mcpv1alpha1.TelemetryConfig,
-	mcpServerName string,
-) {
-	if telemetryConfig == nil {
-		return
-	}
-
-	// Default values
-	var otelEndpoint string
-	var otelEnablePrometheusMetricsPath bool
-	var otelTracingEnabled bool
-	var otelMetricsEnabled bool
-	var otelServiceName string
-	var otelSamplingRate = 0.05 // Default sampling rate
-	var otelHeaders []string
-	var otelInsecure bool
-	var otelEnvironmentVariables []string
-
-	// Process OpenTelemetry configuration
-	if telemetryConfig.OpenTelemetry != nil && telemetryConfig.OpenTelemetry.Enabled {
-		otel := telemetryConfig.OpenTelemetry
-
-		// Strip http:// or https:// prefix if present, as OTLP client expects host:port format
-		otelEndpoint = strings.TrimPrefix(strings.TrimPrefix(otel.Endpoint, "https://"), "http://")
-		otelInsecure = otel.Insecure
-		otelHeaders = otel.Headers
-
-		// Use MCPServer name as service name if not specified
-		if otel.ServiceName != "" {
-			otelServiceName = otel.ServiceName
-		} else {
-			otelServiceName = mcpServerName
-		}
-
-		// Handle tracing configuration
-		if otel.Tracing != nil {
-			otelTracingEnabled = otel.Tracing.Enabled
-			if otel.Tracing.SamplingRate != "" {
-				// Parse sampling rate string to float64
-				if rate, err := strconv.ParseFloat(otel.Tracing.SamplingRate, 64); err == nil {
-					otelSamplingRate = rate
-				}
-			}
-		}
-
-		// Handle metrics configuration
-		if otel.Metrics != nil {
-			otelMetricsEnabled = otel.Metrics.Enabled
-		}
-	}
-
-	// Process Prometheus configuration
-	if telemetryConfig.Prometheus != nil {
-		otelEnablePrometheusMetricsPath = telemetryConfig.Prometheus.Enabled
-	}
-
-	// Add telemetry config to options
-	*options = append(*options, runner.WithTelemetryConfig(
-		otelEndpoint,
-		otelEnablePrometheusMetricsPath,
-		otelTracingEnabled,
-		otelMetricsEnabled,
-		otelServiceName,
-		otelSamplingRate,
-		otelHeaders,
-		otelInsecure,
-		otelEnvironmentVariables,
-	))
-}
-
-// addAuditConfigOptions adds audit configuration options to the builder options
-func addAuditConfigOptions(
-	options *[]runner.RunConfigBuilderOption,
-	auditConfig *mcpv1alpha1.AuditConfig,
-) {
-	if auditConfig == nil {
-		return
-	}
-
-	// Add audit config to options with default config (no custom config path for now)
-	*options = append(*options, runner.WithAuditEnabled(auditConfig.Enabled, ""))
-}
-
 // hasVaultAgentInjection checks if Vault Agent Injection is enabled in the pod annotations
 func hasVaultAgentInjection(annotations map[string]string) bool {
 	if annotations == nil {