From 7b333c0d443d03a68722882cc259e41df5b99aeb Mon Sep 17 00:00:00 2001 From: habeck Date: Fri, 21 Nov 2025 11:51:35 -0500 Subject: [PATCH 1/6] doc: correct .env creation instruction. Signed-off-by: habeck --- plugins/external/opa/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/external/opa/README.md b/plugins/external/opa/README.md index 830be72b1..fc8815efa 100644 --- a/plugins/external/opa/README.md +++ b/plugins/external/opa/README.md @@ -40,7 +40,7 @@ The OPA plugin and loader configuration can be customized in `resources/plugins/ ## Installation -1. In the folder `external/opa`, copy .env.example .env +1. In the folder `external/opa`, copy .env.template .env 2. Add the plugin configuration to `plugins/external/opa/resources/plugins/config.yaml`: ```yaml From fbffefcaed898a2e762e487b6abcef4671239fe2 Mon Sep 17 00:00:00 2001 From: habeck Date: Fri, 21 Nov 2025 12:10:31 -0500 Subject: [PATCH 2/6] doc: provide example token generation instruction. Signed-off-by: habeck --- plugins/external/opa/README.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/plugins/external/opa/README.md b/plugins/external/opa/README.md index fc8815efa..7fc14bef3 100644 --- a/plugins/external/opa/README.md +++ b/plugins/external/opa/README.md @@ -173,6 +173,16 @@ starting ## Testing with gateway +### Authentication & Tokens +```bash +# Generate JWT bearer token +python3 -m mcpgateway.utils.create_jwt_token --username admin@example.com --exp 10080 --secret my-test-key + +# Export for API calls +export MCPGATEWAY_BEARER_TOKEN=$(python3 -m mcpgateway.utils.create_jwt_token --username admin@example.com --exp 0 --secret my-test-key) +``` + + 1. Add server fast-time that exposes git tools in the mcp gateway ```bash curl -s -X POST -H "Authorization: Bearer $MCPGATEWAY_BEARER_TOKEN" \ From 8e07cae2e73bfc03f6fd2e5e6b5b85ca335662e6 Mon Sep 17 00:00:00 2001 From: habeck Date: Fri, 21 Nov 2025 13:53:05 -0500 Subject: [PATCH 3/6] chore: update .env template adding PLUGINS_TRANSPORT=streamablehttp Signed-off-by: habeck --- plugins/external/opa/.env.template | 1 + 1 file changed, 1 insertion(+) diff --git a/plugins/external/opa/.env.template b/plugins/external/opa/.env.template index b46620b71..30fcb9b2f 100644 --- a/plugins/external/opa/.env.template +++ b/plugins/external/opa/.env.template @@ -22,5 +22,6 @@ PLUGINS_CONFIG=./resources/plugins/config.yaml # Configuration path for chuck mcp runtime CHUK_MCP_CONFIG_PATH=./resources/runtime/config.yaml +PLUGINS_TRANSPORT=streamablehttp # Path to the repo policy file (optional, default: ./opaserver/rego/policy.rego) # POLICY_PATH=./opaserver/rego/policy.rego From 8d74f231961b1695d88e255334dd4c3a99b22d7f Mon Sep 17 00:00:00 2001 From: habeck Date: Fri, 21 Nov 2025 16:01:25 -0500 Subject: [PATCH 4/6] doc: update template to add PLUUGINS_SERVER_HOST env var Signed-off-by: habeck --- plugins/external/opa/.env.template | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/plugins/external/opa/.env.template b/plugins/external/opa/.env.template index 30fcb9b2f..8db7a6ef9 100644 --- a/plugins/external/opa/.env.template +++ b/plugins/external/opa/.env.template @@ -4,7 +4,8 @@ # Enable the plugin framework PLUGINS_ENABLED=false - +# default host port to listen on +PLUGINS_SERVER_HOST=0.0.0.0 # Enable auto-completion for plugins CLI PLUGINS_CLI_COMPLETION=false From d0f599b6edaef2208d7e87cb3caaf685a0d09047 Mon Sep 17 00:00:00 2001 From: habeck Date: Fri, 21 Nov 2025 16:07:25 -0500 Subject: [PATCH 5/6] doc: ensure that tokens are generated from the project root folder. Signed-off-by: habeck --- plugins/external/opa/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/plugins/external/opa/README.md b/plugins/external/opa/README.md index 7fc14bef3..6c89d9960 100644 --- a/plugins/external/opa/README.md +++ b/plugins/external/opa/README.md @@ -174,6 +174,8 @@ starting ## Testing with gateway ### Authentication & Tokens +Run the following from the project root folder: + ```bash # Generate JWT bearer token python3 -m mcpgateway.utils.create_jwt_token --username admin@example.com --exp 10080 --secret my-test-key From b7abe12b0a76f3264960de4e3a5b09206b9520f3 Mon Sep 17 00:00:00 2001 From: habeck Date: Fri, 21 Nov 2025 16:08:35 -0500 Subject: [PATCH 6/6] chore: bump OPA server version Signed-off-by: habeck --- plugins/external/opa/Containerfile | 2 +- plugins/external/opa/Makefile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/external/opa/Containerfile b/plugins/external/opa/Containerfile index f59ac13ba..988ca3d29 100644 --- a/plugins/external/opa/Containerfile +++ b/plugins/external/opa/Containerfile @@ -11,7 +11,7 @@ ARG SKILLS_SDK_COMMIT_ID ARG SKILLS_SDK_VERSION ARG BUILD_TIME_SKILLS_INSTALL -ARG OPASERVER_VERSION=1.8.0 +ARG OPASERVER_VERSION=1.10.1 ARG TARGETARCH ENV APP_HOME=/app diff --git a/plugins/external/opa/Makefile b/plugins/external/opa/Makefile index 3fb6bab37..a64571b74 100644 --- a/plugins/external/opa/Makefile +++ b/plugins/external/opa/Makefile @@ -8,7 +8,7 @@ SHELL := /bin/bash PACKAGE_NAME = opapluginfilter PROJECT_NAME = opapluginfilter TARGET ?= opapluginfilter -OPASERVER_VERSION ?= 1.8.0 +OPASERVER_VERSION ?= 1.10.1 POLICY_PATH = "./opaserver/rego/policy.rego" # Virtual-environment variables