refactor: Remove config file

[alecron]

No description provided.

[Copilot]

Pull Request Overview

This PR refactors the application configuration system by removing the YAML config file (app_config.yaml) and transitioning to environment variable-based configuration. It also updates dependencies to newer versions and simplifies authentication middleware.

• Replaces YAML configuration with environment variable-based AppConfig class
• Updates MCP and FastMCP dependencies to latest versions
• Refactors authentication middleware and tool initialization

Reviewed Changes

Copilot reviewed 31 out of 34 changed files in this pull request and generated 7 comments.

Show a summary per file

File	Description
utils/app_config.py	Complete rewrite to use environment variables instead of YAML config
utils/mcp_server.py	Refactored to use class-based server initialization with new AppConfig
utils/query_helpers.py	Enhanced response parsing with better error handling
utils/sysdig/legacy_sysdig_api.py	Renamed from OldSysdigApi to LegacySysdigApi with new method
utils/auth/middleware/auth.py	New middleware implementation for FastMCP framework
tools/*/tool.py	Updated all tool classes to accept AppConfig and use context-based API access
charts/sysdig-mcp/*	Updated Helm chart to use new environment variable names
pyproject.toml	Updated dependency versions including FastMCP and MCP libraries

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[Copilot]

The parameter execution_time_ms accepts both float | str but should be consistently typed as float since it represents a numeric measurement. String values could lead to unexpected behavior in downstream processing.

Suggested change

	def create_standard_response(results: RESTResponseType, execution_time_ms: float | str, **metadata_kwargs) -> dict:
	def create_standard_response(results: RESTResponseType, execution_time_ms: float, **metadata_kwargs) -> dict:

[Copilot]

Global variable app_config is initialized at module level but the AppConfig is also passed to the middleware constructor. This creates redundancy and potential inconsistency. Consider removing the global variable and using only the constructor parameter.

Suggested change

	app_config = get_app_config()
	# Set up logging
	logging.basicConfig(
	format="%(asctime)s-%(process)d-%(levelname)s- %(message)s",
	level=app_config.log_level(),
	# Set up logging
	logging.basicConfig(
	format="%(asctime)s-%(process)d-%(levelname)s- %(message)s",
	level=logging.INFO, # Use a sensible default, or refactor to set this elsewhere with AppConfig

[Copilot]

The delete_on_close=False parameter may not be compatible with older Python versions. Consider using delete=False instead for better compatibility.

Suggested change

	tmp_result_file = NamedTemporaryFile(suffix=".json", prefix="sysdig_cli_scanner_", delete_on_close=False)
	tmp_result_file = NamedTemporaryFile(suffix=".json", prefix="sysdig_cli_scanner_", delete=False)

[Copilot]

The environment variable name is constructed dynamically multiple times throughout the class. Consider defining these as class constants to avoid repetition and reduce the risk of typos.

Suggested change

	def sysdig_endpoint(self) -> str:
	"""
	Get the Sysdig endpoint.
	def load_app_config() -> dict:
	"""
	Load the app config from the YAML file
	Raises:
	RuntimeError: If no SYSDIG_MCP_API_HOST environment variable is set.
	Returns:
	str: The Sysdig API host (e.g., "https://us2.app.sysdig.com").
	"""
	if f"{ENV_PREFIX}API_HOST" not in os.environ:
	raise RuntimeError(f"Variable `{ENV_PREFIX}API_HOST` must be defined.")
	Returns:
	dict: The app config loaded from the YAML file
	"""
	if not check_config_file_exists():
	log.error("Config file does not exist")
	return {}
	# Load the config file
	app_config: dict = {}
	log.debug(f"Loading app config from YAML file: {APP_CONFIG_FILE}")
	with open(APP_CONFIG_FILE, "r", encoding="utf8") as file:
	try:
	yaml.add_constructor("!env", env_constructor, Loader=yaml.SafeLoader)
	app_config: dict = yaml.safe_load(file)
	except Exception as exc:
	logging.error(exc)
	return app_config
	def get_app_config() -> dict:
	return os.environ[f"{ENV_PREFIX}API_HOST"]
	# Environment variable names as class constants
	API_HOST_ENV = f"{ENV_PREFIX}API_HOST"
	API_SECURE_TOKEN_ENV = f"{ENV_PREFIX}API_SECURE_TOKEN"
	TRANSPORT_ENV = f"{ENV_PREFIX}TRANSPORT"
	LOGLEVEL_ENV = f"{ENV_PREFIX}LOGLEVEL"
	LISTENING_PORT_ENV = f"{ENV_PREFIX}LISTENING_PORT"
	LISTENING_HOST_ENV = f"{ENV_PREFIX}LISTENING_HOST"
	MOUNT_PATH_ENV = f"{ENV_PREFIX}MOUNT_PATH"
	OAUTH_JWKS_URI_ENV = f"{ENV_PREFIX}OAUTH_JWKS_URI"
	OAUTH_AUTH_ENDPOINT_ENV = f"{ENV_PREFIX}OAUTH_AUTH_ENDPOINT"
	OAUTH_TOKEN_ENDPOINT_ENV = f"{ENV_PREFIX}OAUTH_TOKEN_ENDPOINT"
	if self.API_HOST_ENV not in os.environ:
	raise RuntimeError(f"Variable `{self.API_HOST_ENV}` must be defined.")
	return os.environ[self.API_HOST_ENV]

[tembleking]

Don't mis stdout and stderr in output, let the LLM understand which part is stdout and which part is stderr, like:

{
   "exit_code": 0,
   "stdout": "something failed",
   "stderr": "you didn't specify a token, whatever, yada yada",
   "exit_codes_explained": "..."
}

[tembleking]

Same thing here

[tembleking]

Same thing here, but it's not consistent, because here we also specify stdout.

[tembleking]

I've seen several places where we are writing files, but there's actually no need to write down the contents of the scan, we can just take it from the stdout from the CLI execution on the fly.