← Back to index Esc
Kind
Mcpserverentry
Group
toolhive.stacklok.dev
Version
v1alpha1
apiVersion: toolhive.stacklok.dev/v1alpha1 kind: Mcpserverentry metadata: name: example
View raw schema
apiVersion string
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
kind string
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
metadata object
spec object
MCPServerEntrySpec defines the desired state of MCPServerEntry. MCPServerEntry is a zero-infrastructure catalog entry that declares a remote MCP server endpoint. Unlike MCPRemoteProxy, it creates no pods, services, or deployments.
caBundleRef object
CABundleRef references a ConfigMap containing CA certificates for TLS verification when connecting to the remote MCP server.
configMapRef object
ConfigMapRef references a ConfigMap containing the CA certificate bundle. If Key is not specified, it defaults to "ca.crt".
key string required
The key to select.
name string
Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional boolean
Specify whether the ConfigMap or its key must be defined
externalAuthConfigRef object
ExternalAuthConfigRef references a MCPExternalAuthConfig resource for token exchange when connecting to the remote MCP server. The referenced MCPExternalAuthConfig must exist in the same namespace as this MCPServerEntry.
name string required
Name is the name of the MCPExternalAuthConfig resource
groupRef object required
GroupRef references the MCPGroup this entry belongs to. Required — every MCPServerEntry must be part of a group for vMCP discovery.
name string required
Name is the name of the MCPGroup resource in the same namespace
minLength: 1
headerForward object
HeaderForward configures headers to inject into requests to the remote MCP server. Use this to add custom headers like API keys or correlation IDs.
addHeadersFromSecret []object
AddHeadersFromSecret references Kubernetes Secrets for sensitive header values.
headerName string required
HeaderName is the HTTP header name (e.g., "X-API-Key")
minLength: 1
maxLength: 255
valueSecretRef object required
ValueSecretRef references the Secret and key containing the header value
key string required
Key is the key within the secret
name string required
Name is the name of the secret
addPlaintextHeaders object
AddPlaintextHeaders is a map of header names to literal values to inject into requests. WARNING: Values are stored in plaintext and visible via kubectl commands. Use addHeadersFromSecret for sensitive data like API keys or tokens.
remoteUrl string required
RemoteURL is the URL of the remote MCP server. Both HTTP and HTTPS schemes are accepted at admission time.
pattern: ^https?://
transport string required
Transport is the transport method for the remote server (sse or streamable-http). No default is set (unlike MCPRemoteProxy) because MCPServerEntry points at external servers the user doesn't control — requiring explicit transport avoids silent mismatches.
enum: sse, streamable-http
status object
MCPServerEntryStatus defines the observed state of MCPServerEntry.
conditions []object
Conditions represent the latest available observations of the MCPServerEntry's state.
lastTransitionTime string required
lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
message string required
message is a human readable message indicating details about the transition. This may be an empty string.
maxLength: 32768
observedGeneration integer
observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
format: int64
minimum: 0
reason string required
reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
minLength: 1
maxLength: 1024
status string required
status of the condition, one of True, False, Unknown.
enum: True, False, Unknown
type string required
type of condition in CamelCase or in foo.example.com/CamelCase.
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
maxLength: 316
observedGeneration integer
ObservedGeneration reflects the generation most recently observed by the controller.
format: int64
phase string
Phase indicates the current lifecycle phase of the MCPServerEntry.
enum: Valid, Pending, Failed
Copied!