feat: add kubernetes_list_pod_containers tool (#34)

tembleking · web-flow · commit a258bf47a4ea · 2025-11-24T14:44:39.000+01:00
diff --git a/.gemini/settings.json b/.gemini/settings.json
@@ -2,7 +2,8 @@
   "mcpServers": {
     "sysdig": {
       "command": "go",
-      "args": ["run", "./cmd/server"]
+      "args": ["run", "./cmd/server"],
+      "trust": true
     }
   }
 }
diff --git a/AGENTS.md b/AGENTS.md
@@ -52,6 +52,7 @@ The handler filters tools dynamically based on `GetMyPermissions` from Sysdig Se
 | `kubernetes_list_clusters` | `tool_kubernetes_list_clusters.go` | Lists Kubernetes cluster information. | `promql.exec` | "List all Kubernetes clusters" |
 | `kubernetes_list_nodes` | `tool_kubernetes_list_nodes.go` | Lists Kubernetes node information. | `promql.exec` | "List all Kubernetes nodes in the cluster 'production-gke'" |
 | `kubernetes_list_workloads` | `tool_kubernetes_list_workloads.go` | Lists Kubernetes workload information. | `promql.exec` | "List all desired workloads in the cluster 'production-gke' and namespace 'default'" |
+| `kubernetes_list_pod_containers` | `tool_kubernetes_list_pod_containers.go` | Retrieves information from a particular pod and container. | `promql.exec` | "Show me info for pod 'my-pod' in cluster 'production-gke'" |
 
 Every tool has a companion `_test.go` file that exercises request validation, permission metadata, and Sysdig client calls through mocks.
 Note that if you add more tools you need to also update this file to reflect that.
diff --git a/README.md b/README.md
@@ -123,6 +123,11 @@ The server dynamically filters the available tools based on the permissions asso
   - **Required Permission**: `promql.exec`
   - **Sample Prompt**: "List all desired workloads in the cluster 'production-gke' and namespace 'default'"
 
+- **`kubernetes_list_pod_containers`**
+  - **Description**: Retrieves information from a particular pod and container.
+  - **Required Permission**: `promql.exec`
+  - **Sample Prompt**: "Show me info for pod 'my-pod' in cluster 'production-gke'"
+
 ## Requirements
 
 - [Go](https://go.dev/doc/install) 1.25 or higher (if running without Docker).
diff --git a/cmd/server/main.go b/cmd/server/main.go
@@ -98,6 +98,7 @@ func setupHandler(sysdigClient sysdig.ExtendedClientWithResponsesInterface) *mcp
 		tools.NewKubernetesListClusters(sysdigClient),
 		tools.NewKubernetesListNodes(sysdigClient),
 		tools.NewKubernetesListWorkloads(sysdigClient),
+		tools.NewKubernetesListPodContainers(sysdigClient),
 	)
 	return handler
 }
diff --git a/internal/infra/mcp/tools/tool_kubernetes_list_pod_containers.go b/internal/infra/mcp/tools/tool_kubernetes_list_pod_containers.go
@@ -0,0 +1,115 @@
+package tools
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"io"
+	"strings"
+
+	"github.com/mark3labs/mcp-go/mcp"
+	"github.com/mark3labs/mcp-go/server"
+	"github.com/sysdiglabs/sysdig-mcp-server/internal/infra/sysdig"
+)
+
+type KubernetesListPodContainers struct {
+	SysdigClient sysdig.ExtendedClientWithResponsesInterface
+}
+
+func NewKubernetesListPodContainers(sysdigClient sysdig.ExtendedClientWithResponsesInterface) *KubernetesListPodContainers {
+	return &KubernetesListPodContainers{
+		SysdigClient: sysdigClient,
+	}
+}
+
+func (t *KubernetesListPodContainers) RegisterInServer(s *server.MCPServer) {
+	tool := mcp.NewTool("kubernetes_list_pod_containers",
+		mcp.WithDescription("Retrieves information from a particular pod and container."),
+		mcp.WithString("cluster_name", mcp.Description("The name of the cluster to filter by.")),
+		mcp.WithString("namespace_name", mcp.Description("The name of the namespace to filter by.")),
+		mcp.WithString("workload_type", mcp.Description("The type of the workload to filter by.")),
+		mcp.WithString("workload_name", mcp.Description("The name of the workload to filter by.")),
+		mcp.WithString("pod_name", mcp.Description("The name of the pod to filter by.")),
+		mcp.WithString("container_name", mcp.Description("The name of the container to filter by.")),
+		mcp.WithString("image_pullstring", mcp.Description("The image pullstring to filter by.")),
+		mcp.WithString("node_name", mcp.Description("The name of the node to filter by.")),
+		mcp.WithNumber("limit",
+			mcp.Description("Maximum number of pod containers to return."),
+			mcp.DefaultNumber(10),
+		),
+		mcp.WithOutputSchema[map[string]any](),
+		WithRequiredPermissions(), // FIXME(fede): Add the required permissions. It should be `promql.exec` but somehow the token does not have that permission even if you are able to execute queries.
+	)
+	s.AddTool(tool, t.handle)
+}
+
+func (t *KubernetesListPodContainers) handle(ctx context.Context, request mcp.CallToolRequest) (*mcp.CallToolResult, error) {
+	clusterName := mcp.ParseString(request, "cluster_name", "")
+	namespaceName := mcp.ParseString(request, "namespace_name", "")
+	workloadType := mcp.ParseString(request, "workload_type", "")
+	workloadName := mcp.ParseString(request, "workload_name", "")
+	podName := mcp.ParseString(request, "pod_name", "")
+	containerName := mcp.ParseString(request, "container_name", "")
+	imagePullstring := mcp.ParseString(request, "image_pullstring", "")
+	nodeName := mcp.ParseString(request, "node_name", "")
+	limit := mcp.ParseInt(request, "limit", 10)
+
+	query := buildKubePodContainerInfoQuery(clusterName, namespaceName, workloadType, workloadName, podName, containerName, imagePullstring, nodeName)
+
+	limitQuery := sysdig.LimitQuery(limit)
+	params := &sysdig.GetQueryV1Params{
+		Query: query,
+		Limit: &limitQuery,
+	}
+
+	httpResp, err := t.SysdigClient.GetQueryV1(ctx, params)
+	if err != nil {
+		return mcp.NewToolResultErrorFromErr("failed to get pod container list", err), nil
+	}
+
+	if httpResp.StatusCode != 200 {
+		bodyBytes, _ := io.ReadAll(httpResp.Body)
+		return mcp.NewToolResultErrorf("failed to get pod container list: status code %d, body: %s", httpResp.StatusCode, string(bodyBytes)), nil
+	}
+
+	var queryResponse sysdig.QueryResponseV1
+	if err := json.NewDecoder(httpResp.Body).Decode(&queryResponse); err != nil {
+		return mcp.NewToolResultErrorFromErr("failed to decode response", err), nil
+	}
+
+	return mcp.NewToolResultJSON(queryResponse)
+}
+
+func buildKubePodContainerInfoQuery(clusterName, namespaceName, workloadType, workloadName, podName, containerName, imagePullstring, nodeName string) string {
+	filters := []string{}
+	if clusterName != "" {
+		filters = append(filters, fmt.Sprintf("kube_cluster_name=\"%s\"", clusterName))
+	}
+	if namespaceName != "" {
+		filters = append(filters, fmt.Sprintf("kube_namespace_name=\"%s\"", namespaceName))
+	}
+	if workloadType != "" {
+		filters = append(filters, fmt.Sprintf("kube_workload_type=\"%s\"", workloadType))
+	}
+	if workloadName != "" {
+		filters = append(filters, fmt.Sprintf("kube_workload_name=\"%s\"", workloadName))
+	}
+	if podName != "" {
+		filters = append(filters, fmt.Sprintf("kube_pod_name=\"%s\"", podName))
+	}
+	if containerName != "" {
+		filters = append(filters, fmt.Sprintf("kube_pod_container_name=\"%s\"", containerName))
+	}
+	if imagePullstring != "" {
+		filters = append(filters, fmt.Sprintf("image=\"%s\"", imagePullstring))
+	}
+	if nodeName != "" {
+		filters = append(filters, fmt.Sprintf("kube_node_name=\"%s\"", nodeName))
+	}
+
+	if len(filters) == 0 {
+		return "kube_pod_container_info"
+	}
+
+	return fmt.Sprintf("kube_pod_container_info{%s}", strings.Join(filters, ","))
+}
diff --git a/internal/infra/mcp/tools/tool_kubernetes_list_pod_containers_test.go b/internal/infra/mcp/tools/tool_kubernetes_list_pod_containers_test.go
@@ -0,0 +1,208 @@
+package tools_test
+
+import (
+	"bytes"
+	"context"
+	"io"
+	"net/http"
+
+	"github.com/mark3labs/mcp-go/mcp"
+	"github.com/mark3labs/mcp-go/server"
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+	"github.com/sysdiglabs/sysdig-mcp-server/internal/infra/mcp/tools"
+	"github.com/sysdiglabs/sysdig-mcp-server/internal/infra/sysdig"
+	"github.com/sysdiglabs/sysdig-mcp-server/internal/infra/sysdig/mocks"
+	"go.uber.org/mock/gomock"
+)
+
+var _ = Describe("KubernetesListPodContainers Tool", func() {
+	var (
+		tool       *tools.KubernetesListPodContainers
+		mockSysdig *mocks.MockExtendedClientWithResponsesInterface
+		mcpServer  *server.MCPServer
+		ctrl       *gomock.Controller
+	)
+
+	BeforeEach(func() {
+		ctrl = gomock.NewController(GinkgoT())
+		mockSysdig = mocks.NewMockExtendedClientWithResponsesInterface(ctrl)
+		tool = tools.NewKubernetesListPodContainers(mockSysdig)
+		mcpServer = server.NewMCPServer("test", "test")
+		tool.RegisterInServer(mcpServer)
+	})
+
+	It("should register successfully in the server", func() {
+		Expect(mcpServer.GetTool("kubernetes_list_pod_containers")).NotTo(BeNil())
+	})
+
+	When("listing pod containers", func() {
+		DescribeTable("it succeeds", func(ctx context.Context, toolName string, request mcp.CallToolRequest, expectedParamsRequested sysdig.GetQueryV1Params) {
+			mockSysdig.EXPECT().GetQueryV1(gomock.Any(), &expectedParamsRequested).Return(&http.Response{
+				StatusCode: http.StatusOK,
+				Body:       io.NopCloser(bytes.NewBufferString(`{"status":"success"}`)),
+			}, nil)
+
+			serverTool := mcpServer.GetTool(toolName)
+			result, err := serverTool.Handler(ctx, request)
+			Expect(err).NotTo(HaveOccurred())
+
+			resultData, ok := result.Content[0].(mcp.TextContent)
+			Expect(ok).To(BeTrue())
+			Expect(resultData.Text).To(MatchJSON(`{"status":"success"}`))
+		},
+			Entry(nil,
+				"kubernetes_list_pod_containers",
+				mcp.CallToolRequest{
+					Params: mcp.CallToolParams{
+						Name:      "kubernetes_list_pod_containers",
+						Arguments: map[string]any{},
+					},
+				},
+				sysdig.GetQueryV1Params{
+					Query: `kube_pod_container_info`,
+					Limit: asPtr(sysdig.LimitQuery(10)),
+				},
+			),
+			Entry(nil,
+				"kubernetes_list_pod_containers",
+				mcp.CallToolRequest{
+					Params: mcp.CallToolParams{
+						Name:      "kubernetes_list_pod_containers",
+						Arguments: map[string]any{"limit": "20"},
+					},
+				},
+				sysdig.GetQueryV1Params{
+					Query: `kube_pod_container_info`,
+					Limit: asPtr(sysdig.LimitQuery(20)),
+				},
+			),
+			Entry(nil,
+				"kubernetes_list_pod_containers",
+				mcp.CallToolRequest{
+					Params: mcp.CallToolParams{
+						Name:      "kubernetes_list_pod_containers",
+						Arguments: map[string]any{"cluster_name": "my_cluster"},
+					},
+				},
+				sysdig.GetQueryV1Params{
+					Query: `kube_pod_container_info{kube_cluster_name="my_cluster"}`,
+					Limit: asPtr(sysdig.LimitQuery(10)),
+				},
+			),
+			Entry(nil,
+				"kubernetes_list_pod_containers",
+				mcp.CallToolRequest{
+					Params: mcp.CallToolParams{
+						Name:      "kubernetes_list_pod_containers",
+						Arguments: map[string]any{"namespace_name": "my_namespace"},
+					},
+				},
+				sysdig.GetQueryV1Params{
+					Query: `kube_pod_container_info{kube_namespace_name="my_namespace"}`,
+					Limit: asPtr(sysdig.LimitQuery(10)),
+				},
+			),
+			Entry(nil,
+				"kubernetes_list_pod_containers",
+				mcp.CallToolRequest{
+					Params: mcp.CallToolParams{
+						Name:      "kubernetes_list_pod_containers",
+						Arguments: map[string]any{"workload_type": "my_workload_type"},
+					},
+				},
+				sysdig.GetQueryV1Params{
+					Query: `kube_pod_container_info{kube_workload_type="my_workload_type"}`,
+					Limit: asPtr(sysdig.LimitQuery(10)),
+				},
+			),
+			Entry(nil,
+				"kubernetes_list_pod_containers",
+				mcp.CallToolRequest{
+					Params: mcp.CallToolParams{
+						Name:      "kubernetes_list_pod_containers",
+						Arguments: map[string]any{"workload_name": "my_workload_name"},
+					},
+				},
+				sysdig.GetQueryV1Params{
+					Query: `kube_pod_container_info{kube_workload_name="my_workload_name"}`,
+					Limit: asPtr(sysdig.LimitQuery(10)),
+				},
+			),
+			Entry(nil,
+				"kubernetes_list_pod_containers",
+				mcp.CallToolRequest{
+					Params: mcp.CallToolParams{
+						Name:      "kubernetes_list_pod_containers",
+						Arguments: map[string]any{"pod_name": "my_pod_name"},
+					},
+				},
+				sysdig.GetQueryV1Params{
+					Query: `kube_pod_container_info{kube_pod_name="my_pod_name"}`,
+					Limit: asPtr(sysdig.LimitQuery(10)),
+				},
+			),
+			Entry(nil,
+				"kubernetes_list_pod_containers",
+				mcp.CallToolRequest{
+					Params: mcp.CallToolParams{
+						Name:      "kubernetes_list_pod_containers",
+						Arguments: map[string]any{"container_name": "my_container_name"},
+					},
+				},
+				sysdig.GetQueryV1Params{
+					Query: `kube_pod_container_info{kube_pod_container_name="my_container_name"}`,
+					Limit: asPtr(sysdig.LimitQuery(10)),
+				},
+			),
+			Entry(nil,
+				"kubernetes_list_pod_containers",
+				mcp.CallToolRequest{
+					Params: mcp.CallToolParams{
+						Name:      "kubernetes_list_pod_containers",
+						Arguments: map[string]any{"image_pullstring": "my_image"},
+					},
+				},
+				sysdig.GetQueryV1Params{
+					Query: `kube_pod_container_info{image="my_image"}`,
+					Limit: asPtr(sysdig.LimitQuery(10)),
+				},
+			),
+			Entry(nil,
+				"kubernetes_list_pod_containers",
+				mcp.CallToolRequest{
+					Params: mcp.CallToolParams{
+						Name:      "kubernetes_list_pod_containers",
+						Arguments: map[string]any{"node_name": "my_node_name"},
+					},
+				},
+				sysdig.GetQueryV1Params{
+					Query: `kube_pod_container_info{kube_node_name="my_node_name"}`,
+					Limit: asPtr(sysdig.LimitQuery(10)),
+				},
+			),
+			Entry(nil,
+				"kubernetes_list_pod_containers",
+				mcp.CallToolRequest{
+					Params: mcp.CallToolParams{
+						Name: "kubernetes_list_pod_containers",
+						Arguments: map[string]any{
+							"cluster_name":     "my_cluster",
+							"namespace_name":   "my_namespace",
+							"workload_type":    "my_workload_type",
+							"workload_name":    "my_workload_name",
+							"pod_name":         "my_pod_name",
+							"container_name":   "my_container_name",
+							"image_pullstring": "my_image",
+							"node_name":        "my_node_name",
+						},
+					},
+				},
+				sysdig.GetQueryV1Params{
+					Query: `kube_pod_container_info{kube_cluster_name="my_cluster",kube_namespace_name="my_namespace",kube_workload_type="my_workload_type",kube_workload_name="my_workload_name",kube_pod_name="my_pod_name",kube_pod_container_name="my_container_name",image="my_image",kube_node_name="my_node_name"}`,
+					Limit: asPtr(sysdig.LimitQuery(10)),
+				},
+			),
+		)
+	})
+})

Original file line number	Diff line number	Diff line change
`@@ -2,7 +2,8 @@`
`2`	`2`	`"mcpServers": {`
`3`	`3`	`"sysdig": {`
`4`	`4`	`"command": "go",`
`5`		`- "args": ["run", "./cmd/server"]`
	`5`	`+ "args": ["run", "./cmd/server"],`
	`6`	`+ "trust": true`
`6`	`7`	`}`
`7`	`8`	`}`
`8`	`9`	`}`
Original file line number	Diff line number	Diff line change
`@@ -98,6 +98,7 @@ func setupHandler(sysdigClient sysdig.ExtendedClientWithResponsesInterface) *mcp`
`98`	`98`	`tools.NewKubernetesListClusters(sysdigClient),`
`99`	`99`	`tools.NewKubernetesListNodes(sysdigClient),`
`100`	`100`	`tools.NewKubernetesListWorkloads(sysdigClient),`
	`101`	`+ tools.NewKubernetesListPodContainers(sysdigClient),`
`101`	`102`	`)`
`102`	`103`	`return handler`
`103`	`104`	`}`