Skip to content

feat(proxy): provision managed MCP servers into Claude Desktop#390

Merged
codemie-ai merged 5 commits into
mainfrom
feat/managed-mcp-provisioning
Jun 25, 2026
Merged

feat(proxy): provision managed MCP servers into Claude Desktop#390
codemie-ai merged 5 commits into
mainfrom
feat/managed-mcp-provisioning

Conversation

@vadimvlasenko

Copy link
Copy Markdown
Collaborator

What

codemie proxy connect desktop now provisions internal/organization MCP servers (e.g. radar) into Claude Desktop, fetched at runtime from a client-neutral CodeMie endpoint — so internal MCP URLs are never committed to this open-source repo. Public OAuth defaults stay bundled as an offline fallback.

Flow: fetchManagedMcpServers('claude-desktop', codeMieUrl)mapCanonicalToDesktop(...)writeDesktopConfig(..., orgMcpServers), reconciled into managedMcpServers alongside public defaults and the user's own entries.

Why client-neutral

The endpoint takes a ?client= discriminator and returns a neutral catalog; each connector maps to its client's config shape. A future connect codex reuses the same endpoint with zero backend change.

Key behaviors

  • Best-effort: a CodeMie outage never breaks connectfetch returns null on failure vs [] on a confirmed-empty catalog. On failure we skip revocation and leave state untouched, so a transient blip never strips the user's internal MCPs.
  • Revocation: a CLI-owned sidecar (~/.codemie/proxy/desktop-managed-mcp-state.json) records managed names, so an MCP removed upstream is dropped even after Desktop re-stamps it source: "user". Genuine user MCPs are preserved.
  • No secrets on disk: v1 entries are OAuth/none only; Desktop runs the OAuth flow.

Backend dependency

Requires the companion endpoint GET /v1/mcp/managed-servers?client= in the CodeMie backend (separate repo) plus a managed-mcp-servers.yaml key in the codemie-customer-config ConfigMap. Until deployed, connect desktop degrades gracefully to public defaults + user entries.

Tests

lint ✅ · typecheck ✅ · build ✅ · vitest run src/cli/commands/proxy 72/72.

Design/plan/summary under docs/superpowers/.

Generated with AI

vadimvlasenko and others added 3 commits June 24, 2026 15:10
`codemie proxy connect desktop` now fetches a client-neutral managed MCP
catalog from CodeMie (GET /v1/mcp/managed-servers?client=claude-desktop),
maps it to Claude Desktop's managedMcpServers shape, and reconciles it into
the Desktop config alongside the bundled public defaults and user entries.

- connectors/managed-mcp-remote.ts: best-effort cookie-auth fetch
  (null on failure, [] on empty) with field validation/whitelisting
- desktop.ts: canonical->Desktop mapper, reconcileManagedMcpServers with a
  managed-state sidecar for revocation, dedup against public defaults
- index.ts: wire fetch+map into the connect desktop action; revocation is
  skipped on fetch failure so a transient outage never strips org MCPs

Internal MCP URLs are served by the CodeMie backend (separate repo) and are
never committed here. Includes spec, plan, and summary under docs/superpowers.

Generated with AI

Co-Authored-By: codemie-ai <codemie.ai@gmail.com>
Replace the real internal endpoint/name (mcp.epam.com, "radar") with neutral
placeholders (mcp.example.com, "sample") in the managed-MCP test fixtures so no
real internal MCP detail appears in the open-source repository.

Generated with AI

Co-Authored-By: codemie-ai <codemie.ai@gmail.com>
@vadimvlasenko vadimvlasenko force-pushed the feat/managed-mcp-provisioning branch from e508205 to f3371b9 Compare June 25, 2026 11:10
…ed-MCP fetch

Two fixes so the managed-MCP catalog is fetched correctly from a deployed
backend served under a base path (e.g. `/code-assistant-api`):

- Build the request URL from the full resolved API URL instead of a
  root-absolute path, which dropped any base path (-> 404 -> empty list).
- Treat null the same as undefined for optional fields (auth/description/
  clients). FastAPI serializes unset optionals as null, which the validator
  rejected, dropping every entry (-> 0 servers after filtering).

Generated with AI

Co-Authored-By: codemie-ai <codemie.ai@gmail.com>
@vadimvlasenko vadimvlasenko force-pushed the feat/managed-mcp-provisioning branch from 8820b83 to 244b86a Compare June 25, 2026 13:41
…rker writes

Route fetchManagedMcpServers through the shared HTTPClient + buildAuthHeaders
like every other CodeMie request (fetchCodeMieUserInfo), instead of a raw
fetch. This restores provisioning on enterprise on-prem deployments that use
self-signed certs (rejectUnauthorized: false), bounds the request with a
timeout so `connect desktop` cannot hang, and sends the standard CLI-identifying
headers. A raw fetch failed closed on those certs, silently disabling org MCP.

Make writeManagedMcpState atomic (tmp + rename) so a crash mid-write cannot
truncate the marker and orphan every previously-managed entry.

Replace sidecar-first marker persistence with write-ahead union + narrow-after:
record the union of previously- and newly-managed names before the config write
so a crash cannot orphan an entry in the add or revoke direction, then narrow to
the exact managed set once the config is durable so revoked names are released.

Update managed-mcp-remote tests to mock HTTPClient.getRaw (the path the code now
uses) and assert the CLI-identifying headers are sent.

Generated with AI

Co-Authored-By: codemie-ai <codemie.ai@gmail.com>
@codemie-ai codemie-ai merged commit edaa246 into main Jun 25, 2026
5 checks passed
@codemie-ai codemie-ai deleted the feat/managed-mcp-provisioning branch June 25, 2026 18:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants