Skip to content

Commit 7af3027

Browse files
authored
Remove permissionProfile from K8s examples (#2139)
Signed-off-by: Dan Barr <[email protected]> Co-authored-by: Dan Barr <[email protected]>
1 parent ad59fdc commit 7af3027

14 files changed

+16
-59
lines changed

cmd/thv-operator/README.md

Lines changed: 16 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -145,9 +145,6 @@ spec:
145145
image: docker.io/mcp/fetch
146146
transport: stdio
147147
port: 8080
148-
permissionProfile:
149-
type: builtin
150-
name: network
151148
resources:
152149
limits:
153150
cpu: "100m"
@@ -177,9 +174,6 @@ spec:
177174
image: ghcr.io/github/github-mcp-server
178175
transport: stdio
179176
port: 8080
180-
permissionProfile:
181-
type: builtin
182-
name: network
183177
secrets:
184178
- name: github-token
185179
key: token
@@ -219,20 +213,21 @@ kubectl describe mcpserver <name>
219213

220214
### MCPServer Spec
221215

222-
| Field | Description | Required | Default |
223-
|---------------------|--------------------------------------------------|----------|---------|
224-
| `image` | Container image for the MCP server | Yes | - |
225-
| `transport` | Transport method (stdio, streamable-http or sse) | No | stdio |
226-
| `port` | Port to expose the MCP server on | No | 8080 |
227-
| `targetPort` | Port that MCP server listens to | No | - |
228-
| `args` | Additional arguments to pass to the MCP server | No | - |
229-
| `env` | Environment variables to set in the container | No | - |
230-
| `volumes` | Volumes to mount in the container | No | - |
231-
| `resources` | Resource requirements for the container | No | - |
232-
| `secrets` | References to secrets to mount in the container | No | - |
233-
| `permissionProfile` | Permission profile configuration | No | - |
234-
| `tools` | Allow-list filter on the list of tools | No | - |
235-
216+
| Field | Description | Required | Default |
217+
|---------------------|----------------------------------------------------|----------|---------|
218+
| `image` | Container image for the MCP server | Yes | - |
219+
| `transport` | Transport method (stdio, streamable-http or sse) | No | stdio |
220+
| `port` | Port to expose the MCP server on | No | 8080 |
221+
| `targetPort` | Port that MCP server listens to | No | - |
222+
| `args` | Additional arguments to pass to the MCP server | No | - |
223+
| `env` | Environment variables to set in the container | No | - |
224+
| `volumes` | Volumes to mount in the container | No | - |
225+
| `resources` | Resource requirements for the container | No | - |
226+
| `secrets` | References to secrets to mount in the container | No | - |
227+
| `permissionProfile` | Permission profile configuration (not implemented) | No | - |
228+
| `tools` | Allow-list filter on the list of tools | No | - |
229+
230+
<!-- not implemented; commenting out until a decision is made on removal
236231
### Permission Profiles
237232
238233
Permission profiles can be configured in two ways:
@@ -255,6 +250,7 @@ permissionProfile:
255250
```
256251
257252
The ConfigMap should contain a JSON permission profile.
253+
-->
258254

259255
### Creating an MCP Registry (Experimental)
260256

examples/operator/mcp-servers/mcpserver_fetch.yaml

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -12,9 +12,6 @@ spec:
1212
transport: streamable-http
1313
port: 8080
1414
targetPort: 8080
15-
permissionProfile:
16-
type: builtin
17-
name: network
1815
resources:
1916
limits:
2017
cpu: "100m"

examples/operator/mcp-servers/mcpserver_fetch_otel.yaml

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -8,9 +8,6 @@ spec:
88
transport: streamable-http
99
port: 8080
1010
targetPort: 8080
11-
permissionProfile:
12-
type: builtin
13-
name: network
1411
resources:
1512
limits:
1613
cpu: "100m"

examples/operator/mcp-servers/mcpserver_fetch_tools_filter.yaml

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -10,9 +10,6 @@ spec:
1010
- fetch
1111
port: 8080
1212
targetPort: 8080
13-
permissionProfile:
14-
type: builtin
15-
name: network
1613
resources:
1714
limits:
1815
cpu: "100m"

examples/operator/mcp-servers/mcpserver_github.yaml

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -7,9 +7,6 @@ spec:
77
image: ghcr.io/github/github-mcp-server
88
transport: stdio
99
port: 8080
10-
permissionProfile:
11-
type: builtin
12-
name: network
1310
secrets:
1411
- name: github-token
1512
key: token

examples/operator/mcp-servers/mcpserver_mkp.yaml

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -11,9 +11,6 @@ spec:
1111
args:
1212
# Change to true for read-write access.
1313
- --read-write=false
14-
permissionProfile:
15-
type: builtin
16-
name: network
1714
# We create this service account below with the desired permissions.
1815
serviceAccount: mkp-sa
1916
resources:

examples/operator/mcp-servers/mcpserver_with_configmap_oidc.yaml

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -18,9 +18,6 @@ spec:
1818
image: docker.io/mcp/fetch
1919
transport: stdio
2020
port: 8080
21-
permissionProfile:
22-
type: builtin
23-
name: network
2421
oidcConfig:
2522
type: configmap
2623
configMap:

examples/operator/mcp-servers/mcpserver_with_inline_oidc.yaml

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -7,9 +7,6 @@ spec:
77
image: docker.io/mcp/fetch
88
transport: stdio
99
port: 8080
10-
permissionProfile:
11-
type: builtin
12-
name: network
1310
oidcConfig:
1411
type: inline
1512
inline:

examples/operator/mcp-servers/mcpserver_with_kubernetes_oidc.yaml

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -7,9 +7,6 @@ spec:
77
image: docker.io/mcp/fetch
88
transport: stdio
99
port: 8080
10-
permissionProfile:
11-
type: builtin
12-
name: network
1310
oidcConfig:
1411
type: kubernetes
1512
kubernetes:

examples/operator/mcp-servers/mcpserver_with_resource_overrides.yaml

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -7,9 +7,6 @@ spec:
77
image: docker.io/mcp/github
88
transport: stdio
99
port: 8080
10-
permissionProfile:
11-
type: builtin
12-
name: network
1310
secrets:
1411
- name: github-token
1512
key: GITHUB_PERSONAL_ACCESS_TOKEN

0 commit comments

Comments
 (0)