Skip to content

Remove JFS references + secrets engine injection #247

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 3 commits into
base: secrets-engine
Choose a base branch
from
Draft

Remove JFS references + secrets engine injection #247

wants to merge 3 commits into from

Conversation

@saucow
Copy link
Contributor

@saucow saucow commented Nov 18, 2025

What I did

Changes

Secret Injection

  • Containers: Inject se://docker/mcp/generic/{secretName} URIs, resolved by Docker Desktop at runtime
  • Remote MCPs: Query Secrets Engine for actual values (HTTP headers require plaintext)
  • Gateway: No longer holds secret values in memory

Deleted:

  • pkg/desktop/secrets.go - JFS client
  • pkg/docker/secrets.go - jcat container mechanism
  • cmd/docker-mcp/commands/policy.go - Policy commands

Removed:

  • Secret backup/restore from backup/dump.go and backup/restore.go
  • Policy fields from Backup struct
  • Secret reading from configuration loading (no more jcat containers)

Updated Components

  • pkg/gateway/clientpool.go - Build se:// URIs from secret names
  • pkg/gateway/configuration.go - Return empty secrets map
  • pkg/mcp/remote.go - Query Secrets Engine for remote MCP headers
  • cmd/docker-mcp/server/secret_config.go - Use Secrets Engine for server ls

Remaining:

  • OAuth related

@saucow saucow requested a review from Benehiko November 18, 2025 04:35
@saucow saucow changed the title Secrets engine injection Remove JFS references + secrets engine injection Nov 18, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Benehiko Benehiko Awaiting requested review from Benehiko

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@saucow