~/.kube/config inaccessible to container #5
Description
My kube config file has permissions set to 0600, which means the MCP server can't read them unless I relax these. I tried running the container with a different user ID, but I got the following error:
➜ ~ docker run -i --rm -u 1000:1000 \ <k8s:gke_one-website-1490370639043_us-east4_staging-k8s-cluster-bngx>
-v ~/.kube:/home/appuser/.kube:ro \ ghcr.io/alexei-led/k8s-mcp-server:latest
Traceback (most recent call last):
File "<frozen runpy>", line 198, in _run_module_as_main
File "<frozen runpy>", line 88, in _run_code
File "/usr/local/lib/python3.13/site-packages/k8s_mcp_server/__main__.py", line 52, in <module>
main()
~~~~^^
File "/usr/local/lib/python3.13/site-packages/k8s_mcp_server/__main__.py", line 34, in main
from k8s_mcp_server.server import mcp
File "/usr/local/lib/python3.13/site-packages/k8s_mcp_server/server.py", line 17, in <module>
from k8s_mcp_server.cli_executor import (
...<3 lines>...
)
File "/usr/local/lib/python3.13/site-packages/k8s_mcp_server/cli_executor.py", line 28, in <module>
from k8s_mcp_server.security import validate_command
File "/usr/local/lib/python3.13/site-packages/k8s_mcp_server/security.py", line 165, in <module>
SECURITY_CONFIG = load_security_config()
File "/usr/local/lib/python3.13/site-packages/k8s_mcp_server/security.py", line 127, in load_security_config
if config_path.exists():
~~~~~~~~~~~~~~~~~~^^
File "/usr/local/lib/python3.13/pathlib/_abc.py", line 450, in exists
self.stat(follow_symlinks=follow_symlinks)
~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.13/pathlib/_local.py", line 515, in stat
return os.stat(self, follow_symlinks=follow_symlinks)
~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
PermissionError: [Errno 13] Permission denied: '/app/security_config.yaml'