This repository provides a minimal implementation of a Kubernetes operator and sidecar that expose microservice APIs as MCP services.

• Sidecar - Lightweight FastAPI application that proxies requests to the main container and exposes its OpenAPI specification from a configurable path.
• Operator - A Kopf based operator watching for deployments annotated with mcp-server: "true", injecting the sidecar and creating a service for it.
• CRD - MCPConfig allows selecting deployments by label and exposing only those annotated.
• Helm chart - Installs the operator and CRD.

graph TD subgraph Pod App[Microservice] Sidecar[MCP Sidecar] App <--> Sidecar end Client --> Sidecar Operator[MCP Operator] -- watches --> Deployment["Deployment with mcp-server=true"] Operator -- injects sidecar --> Deployment Operator -- creates --> Service Service --> Sidecar 

Sidecar image:

docker build -t mcp-sidecar ./sidecar

Operator image:

docker build -t mcp-operator ./mcp_operator

helm install mcp-operator charts/mcp-operator

Annotate your deployment to enable MCP integration:

metadata: annotations: mcp-server: "true"

When the operator sees this annotation it injects the MCP sidecar and creates a service <deployment>-mcp exposing port 8000. Existing annotated deployments are processed on startup so sidecars are injected even if the operator is installed later.

The sidecar locates the upstream service using environment variables:

• SERVICE_HOST – hostname of the microservice (default localhost)
• SERVICE_PORT – port of the microservice (default 80)
• OPENAPI_PATH – path to the OpenAPI or Swagger file including the file name (default openapi.json)

Requests to /openapi.json on the sidecar return the file from http://$SERVICE_HOST:$SERVICE_PORT/$OPENAPI_PATH.

Run the unit tests with coverage:

pip install -e .[dev] pytest --cov=sidecar --cov=mcp_operator --cov-report=term --cov-fail-under=80

The GitHub Actions workflow builds the sidecar Docker image and packages the Helm chart on each push. When changes land on main, a release is created using python-semantic-release (GitHub Action v9) which automatically bumps the version, updates the changelog and attaches:

• mcp-sidecar.tar – the Docker image saved as a tarball
• mcp-operator-<version>.tgz – the packaged Helm chart

Version history lives in CHANGELOG.md and is maintained by python-semantic-release via the latest GitHub Action.

Each build scans the sidecar image using Trivy. The generated report is available in SECURITY.md and is committed back to the repository whenever a new release is published.

Please see CONTRIBUTING.md for guidelines on developing and submitting changes.