pre-commit checks

Signed-off-by: Mihai Criveti <[email protected]>

Author: crivetimihai

.gitignore

@@ -1,3 +1,4 @@
+TODO.md
 minikube-*
 .htpasswd
 .env.gcr

README.md

@@ -119,16 +119,17 @@ mcpgateway  # login to http://127.0.0.1:4444
 # Optional: run in background with configured password/key and listen to all IPs
 BASIC_AUTH_PASSWORD=password JWT_SECRET_KEY=my-test-key mcpgateway --host 0.0.0.0 --port 4444 & bg
 
-# List all options
-mcpgateway --help
+# List version / help
+mcpgateway --help; mcpgateway --version
 
-# Generate your JWT token from the key
-export MCPGATEWAY_BEARER_TOKEN=$(python3 -m mcpgateway.utils.create_jwt_token --username admin --exp 10080 --secret my-test-key)
+# Generate your JWT token from the key and list it
+export MCPGATEWAY_BEARER_TOKEN=$(python3 -m mcpgateway.utils.create_jwt_token --username admin --exp 10080 --secret my-test-key); echo $MCPGATEWAY_BEARER_TOKEN
 
 # Run a local MCP Server (github) listening on SSE http://localhost:8000/sse
 pip install uvenv
 npx -y supergateway --stdio "uvenv run mcp-server-git" # requires node.js and npx
 # or time: npx -y supergateway --stdio "uvenv run mcp_server_time -- --local-timezone=Europe/Dublin" --port 8002
+# or: python3 -m mcpgateway.translate --stdio "uvenv run mcp-server-git" --port 8000
 
 #--------------------------------------------
 # Register the MCP Server with the gateway and test it
@@ -170,7 +171,7 @@ curl -H "Authorization: Bearer $MCPGATEWAY_BEARER_TOKEN" http://localhost:4444/s
 
 # To stop the running process, you can either:
 fg # Return the process to foreground, you can not Ctrl + C, or:
-pkill mcpgateway
+pkill mcpgateway; # ps -ef | grep mcpgateway | awk '{print $2}' | xargs
 
 # Optionally, test the stdio wrapper to mirror tools from the gateway:
 # This lets you connect to the gateway with tools that don't support SSE:
@@ -196,7 +197,7 @@ docker run -d --name mcpgateway \
   -e BASIC_AUTH_PASSWORD=changeme \
   -e AUTH_REQUIRED=true \
   -e DATABASE_URL=sqlite:///./mcp.db \
-  ghcr.io/ibm/mcp-context-forge:latest
+  ghcr.io/ibm/mcp-context-forge:0.1.1
 
 docker logs mcpgateway
 ```
@@ -205,7 +206,7 @@ You can now access the UI at [http://localhost:4444/admin](http://localhost:4444
 
 > 💡 You can also use `--env-file .env` if you have a config file already. See the provided [.env.example](.env.example)
 > 💡 To access local tools, consider using `--network=host`
-> 💡 Consider using a stable / release version of the image, ex: `ghcr.io/ibm/mcp-context-forge:v0.1.1`
+> 💡 Consider using a stable / release version of the image, ex: `ghcr.io/ibm/mcp-context-forge:v0.1.1` rather than `latest`
 
 ### Optional: Mount a local volume for persistent SQLite storage
 
@@ -215,6 +216,8 @@ You can now access the UI at [http://localhost:4444/admin](http://localhost:4444
 
 ### Generate a token for API access
 
+A JWT token is required to access all API endpoints. This can be generated with the provided CLI, specifying a username, secret (that matches the one defined in `.env` for the gateway) and expiration time (in seconds).
+
 ```bash
 export MCPGATEWAY_BEARER_TOKEN=$(docker exec mcpgateway python3 -m mcpgateway.utils.create_jwt_token --username admin --exp 100800 --secret my-test-key)
 echo ${MCPGATEWAY_BEARER_TOKEN}
@@ -233,7 +236,7 @@ curl -s -H "Authorization: Bearer $MCPGATEWAY_BEARER_TOKEN" \
 
 ### Running the MCP Gateway stdio wrapper
 
-The `mcpgateway.wrapper` lets you connect to the gateway over **stdio**, while retaining authentication using the JWT token when the wrapper connect to a remote gateway. You should run this from a MCP client. You can test this from a shell with:
+The `mcpgateway.wrapper` lets you connect to the gateway over **stdio**, while retaining authentication using the JWT token when the wrapper connect to a remote gateway. You should run this from a MCP client (ex: defined in the `json` configuration of Claude/Copilot, etc). You can test this from a shell with:
 
 ```bash
 # Set environment variables
@@ -257,7 +260,7 @@ docker run --rm -i \
   -e MCP_SERVER_CATALOG_URLS=http://host.docker.internal:4444/servers/1 \
   -e MCP_TOOL_CALL_TIMEOUT=120 \
   -e MCP_WRAPPER_LOG_LEVEL=DEBUG \
-  ghcr.io/ibm/mcp-context-forge:latest \
+  ghcr.io/ibm/mcp-context-forge:0.1.1 \
   python3 -m mcpgateway.wrapper
 ```
 
@@ -339,7 +342,7 @@ docker run -i --rm \
   -e MCP_SERVER_CATALOG_URLS=http://localhost:4444/servers/1 \
   -e MCP_AUTH_TOKEN=${MCPGATEWAY_BEARER_TOKEN} \
   -e MCP_TOOL_CALL_TIMEOUT=120 \
-  ghcr.io/ibm/mcp-context-forge:latest \
+  ghcr.io/ibm/mcp-context-forge:0.1.1 \
   python3 -m mcpgateway.wrapper
 ```
 

docs/docs/deployment/.pages

@@ -7,6 +7,7 @@ nav:
   - openshift.md
   - minikube.md
   - helm.md
+  - argocd.md
   - google-cloud-run.md
   - ibm-code-engine.md
   - aws.md

docs/docs/deployment/argocd.md

@@ -0,0 +1,201 @@
+# 🚢 Deploying the MCP Gateway Stack with **Argo CD**
+
+This guide shows how to operate the **MCP Gateway Stack** with a *Git‑Ops* workflow powered by [Argo CD](https://argo-cd.readthedocs.io). Once wired up, every commit to the repository becomes an automatic deployment (or rollback) to your Kubernetes cluster.
+
+> 🌳 Git source of truth:
+> `https://github.com/IBM/mcp-context-forge`
+>
+> * **App manifests:** `k8s/` (Kustomize‑ready)
+> * **Helm chart (optional):** `charts/mcp-stack`
+
+---
+
+## 📋 Prerequisites
+
+| Requirement       | Notes                                                            |
+| ----------------- | ---------------------------------------------------------------- |
+| Kubernetes ≥ 1.23 | Local (Minikube/kind) or managed (EKS, AKS, GKE, etc.)           |
+| Argo CD ≥ 2.7     | Server & CLI (this guide installs server into the cluster)       |
+| kubectl           | Configured to talk to the target cluster                         |
+| Git access        | The cluster must be able to pull the repo (public or deploy‑key) |
+
+---
+
+## 🛠 Step 1 – Install Argo CD (once per cluster)
+
+```bash
+# Namespace + core components
+kubectl create namespace argocd
+kubectl apply -n argocd \
+  -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
+
+# Wait for the server component
+kubectl -n argocd rollout status deploy/argocd-server
+```
+
+### Install the CLI
+
+```bash
+# macOS
+brew install argocd
+
+# Linux (single‑binary)
+curl -sSL -o /tmp/argocd \
+  https://github.com/argoproj/argo-cd/releases/latest/download/argocd-linux-amd64
+sudo install -m 555 /tmp/argocd /usr/local/bin/argocd
+```
+
+Verify:
+
+```bash
+argocd version --client
+```
+
+---
+
+## 🔐 Step 2 – Initial Login
+
+Forward the API/UI to your workstation (leave running):
+
+```bash
+kubectl -n argocd port-forward svc/argocd-server 8083:443
+```
+
+Fetch the one‑time admin password and log in:
+
+```bash
+PASS="$(kubectl -n argocd get secret argocd-initial-admin-secret \
+          -o jsonpath='{.data.password}' | base64 -d)"
+argocd login localhost:8083 \
+  --username admin --password "$PASS" --insecure
+```
+
+Open the web UI → [http://localhost:8083](http://localhost:8083) (credentials above).
+
+---
+
+## 🚀 Step 3 – Bootstrap the Application
+
+Create an Argo CD *Application* that tracks the **`k8s/`** folder from the main branch:
+
+```bash
+APP=mcp-gateway
+REPO=https://github.com/IBM/mcp-context-forge.git
+
+argocd app create "$APP" \
+  --repo "$REPO" \
+  --path k8s \
+  --dest-server https://kubernetes.default.svc \
+  --dest-namespace default \
+  --sync-policy automated \
+  --revision main
+```
+
+Trigger the first sync:
+
+```bash
+argocd app sync "$APP"
+```
+
+Argo CD will apply all manifests and keep them in the *Synced* 🌿 / *Healthy* 💚 state.
+
+---
+
+## ✅ Step 4 – Verify Deployment
+
+```bash
+kubectl get pods,svc,ingress
+argocd app list
+argocd app get mcp-gateway
+```
+
+If using the sample Ingress:
+
+```bash
+curl http://gateway.local/health
+```
+
+Otherwise, port‑forward:
+
+```bash
+kubectl port-forward svc/mcp-context-forge 8080:80 &
+curl http://localhost:8080/health
+```
+
+---
+
+## 🔄 Day‑2 Operations
+
+### Sync after a new commit
+
+```bash
+argocd app sync mcp-gateway
+```
+
+### View diff before syncing
+
+```bash
+argocd app diff mcp-gateway
+```
+
+### Roll back to a previous revision
+
+```bash
+argocd app history mcp-gateway
+argocd app rollback mcp-gateway <REVISION>
+```
+
+### Disable / enable auto‑sync
+
+```bash
+# Pause auto‑sync
+a rgocd app set mcp-gateway --sync-policy none
+# Re‑enable
+argocd app set mcp-gateway --sync-policy automated
+```
+
+---
+
+## 🧹 Uninstall
+
+```bash
+# Delete the application (leaves cluster objects intact)
+argocd app delete mcp-gateway --yes
+
+# Remove Argo CD completely\ nkubectl delete ns argocd
+```
+
+---
+
+## 🧰 Makefile Shortcuts
+
+The repository ships with ready‑made targets:
+
+| Target                      | Action                                                                 |
+| --------------------------- | ---------------------------------------------------------------------- |
+| `make argocd-install`       | Installs Argo CD server into the current cluster                       |
+| `make argocd-forward`       | Port‑forwards UI/API on [http://localhost:8083](http://localhost:8083) |
+| `make argocd-app-bootstrap` | Creates & auto‑syncs the *mcp‑gateway* application                     |
+| `make argocd-app-sync`      | Forces a manual sync                                                   |
+
+Run `make help` to list them all.
+
+---
+
+## 🧯 Troubleshooting
+
+| Symptom            | Fix                                                                                               |
+| ------------------ | ------------------------------------------------------------------------------------------------- |
+| `ImagePullBackOff` | Check image name / pull secret & that the repo is public or credentials are configured in Argo CD |
+| `SyncFailed`       | `argocd app logs mcp-gateway` for details; often due to immutable fields                          |
+| Web UI 404         | Ensure `argocd-forward` is still running, or expose via Ingress/LoadBalancer                      |
+| RBAC denied        | Argo CD needs ClusterRoleBinding for non‑default namespaces – see docs                            |
+
+---
+
+## 📚 Further Reading
+
+* Argo CD Docs – [https://argo-cd.readthedocs.io](https://argo-cd.readthedocs.io)
+* GitOps Pattern – [https://www.weave.works/technologies/gitops/](https://www.weave.works/technologies/gitops/)
+* Kustomize – [https://kubectl.docs.kubernetes.io/references/kustomize/](https://kubectl.docs.kubernetes.io/references/kustomize/)
+* Helm + Argo CD – [https://argo-cd.readthedocs.io/en/stable/user-guide/helm/](https://argo-cd.readthedocs.io/en/stable/user-guide/helm/)