feat(proxy): provision managed MCP servers into Claude Desktop#390
Merged
Conversation
`codemie proxy connect desktop` now fetches a client-neutral managed MCP catalog from CodeMie (GET /v1/mcp/managed-servers?client=claude-desktop), maps it to Claude Desktop's managedMcpServers shape, and reconciles it into the Desktop config alongside the bundled public defaults and user entries. - connectors/managed-mcp-remote.ts: best-effort cookie-auth fetch (null on failure, [] on empty) with field validation/whitelisting - desktop.ts: canonical->Desktop mapper, reconcileManagedMcpServers with a managed-state sidecar for revocation, dedup against public defaults - index.ts: wire fetch+map into the connect desktop action; revocation is skipped on fetch failure so a transient outage never strips org MCPs Internal MCP URLs are served by the CodeMie backend (separate repo) and are never committed here. Includes spec, plan, and summary under docs/superpowers. Generated with AI Co-Authored-By: codemie-ai <codemie.ai@gmail.com>
Replace the real internal endpoint/name (mcp.epam.com, "radar") with neutral placeholders (mcp.example.com, "sample") in the managed-MCP test fixtures so no real internal MCP detail appears in the open-source repository. Generated with AI Co-Authored-By: codemie-ai <codemie.ai@gmail.com>
e508205 to
f3371b9
Compare
…ed-MCP fetch Two fixes so the managed-MCP catalog is fetched correctly from a deployed backend served under a base path (e.g. `/code-assistant-api`): - Build the request URL from the full resolved API URL instead of a root-absolute path, which dropped any base path (-> 404 -> empty list). - Treat null the same as undefined for optional fields (auth/description/ clients). FastAPI serializes unset optionals as null, which the validator rejected, dropping every entry (-> 0 servers after filtering). Generated with AI Co-Authored-By: codemie-ai <codemie.ai@gmail.com>
8820b83 to
244b86a
Compare
TarasSpashchenko
approved these changes
Jun 25, 2026
…rker writes Route fetchManagedMcpServers through the shared HTTPClient + buildAuthHeaders like every other CodeMie request (fetchCodeMieUserInfo), instead of a raw fetch. This restores provisioning on enterprise on-prem deployments that use self-signed certs (rejectUnauthorized: false), bounds the request with a timeout so `connect desktop` cannot hang, and sends the standard CLI-identifying headers. A raw fetch failed closed on those certs, silently disabling org MCP. Make writeManagedMcpState atomic (tmp + rename) so a crash mid-write cannot truncate the marker and orphan every previously-managed entry. Replace sidecar-first marker persistence with write-ahead union + narrow-after: record the union of previously- and newly-managed names before the config write so a crash cannot orphan an entry in the add or revoke direction, then narrow to the exact managed set once the config is durable so revoked names are released. Update managed-mcp-remote tests to mock HTTPClient.getRaw (the path the code now uses) and assert the CLI-identifying headers are sent. Generated with AI Co-Authored-By: codemie-ai <codemie.ai@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
codemie proxy connect desktopnow provisions internal/organization MCP servers (e.g.radar) into Claude Desktop, fetched at runtime from a client-neutral CodeMie endpoint — so internal MCP URLs are never committed to this open-source repo. Public OAuth defaults stay bundled as an offline fallback.Flow:
fetchManagedMcpServers('claude-desktop', codeMieUrl)→mapCanonicalToDesktop(...)→writeDesktopConfig(..., orgMcpServers), reconciled intomanagedMcpServersalongside public defaults and the user's own entries.Why client-neutral
The endpoint takes a
?client=discriminator and returns a neutral catalog; each connector maps to its client's config shape. A futureconnect codexreuses the same endpoint with zero backend change.Key behaviors
connect—fetchreturnsnullon failure vs[]on a confirmed-empty catalog. On failure we skip revocation and leave state untouched, so a transient blip never strips the user's internal MCPs.~/.codemie/proxy/desktop-managed-mcp-state.json) records managed names, so an MCP removed upstream is dropped even after Desktop re-stamps itsource: "user". Genuine user MCPs are preserved.Backend dependency
Requires the companion endpoint
GET /v1/mcp/managed-servers?client=in the CodeMie backend (separate repo) plus amanaged-mcp-servers.yamlkey in thecodemie-customer-configConfigMap. Until deployed,connect desktopdegrades gracefully to public defaults + user entries.Tests
lint ✅ · typecheck ✅ · build ✅ ·
vitest run src/cli/commands/proxy72/72.Design/plan/summary under
docs/superpowers/.Generated with AI