fix(mcp): add readonly guard to createHandler#3811
Conversation
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: Elvand-Lie The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
|
Hi @Elvand-Lie. Thanks for your PR. I'm waiting for a knative member to verify that this patch is reasonable to test. If it is, they should reply with Tip We noticed you've done this a few times! Consider joining the org to skip this step and gain Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #3811 +/- ##
==========================================
+ Coverage 53.42% 53.47% +0.05%
==========================================
Files 200 200
Lines 23426 23445 +19
==========================================
+ Hits 12515 12538 +23
+ Misses 9655 9654 -1
+ Partials 1256 1253 -3
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
1ea04b7 to
c4cd153
Compare
c4cd153 to
b8524f9
Compare
b8524f9 to
86fa702
Compare
There was a problem hiding this comment.
Pull request overview
This PR closes a gap in the MCP server’s readonly-mode enforcement by adding the same s.readonly.Load() guard to the create tool handler that already exists for other mutating tools (e.g., deploy/delete). This prevents MCP clients from writing project scaffolding files to disk when the server is configured as readonly.
Changes:
- Added a readonly-mode guard to
createHandlerto block create operations when readonly is enabled. - Added a unit test to verify the
createtool is rejected in readonly mode.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| pkg/mcp/tools_create.go | Adds s.readonly.Load() early-return guard to prevent writes in readonly mode. |
| pkg/mcp/tools_create_test.go | Adds a test ensuring create returns an error when readonly mode is enabled. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
The createHandler lacks the s.readonly.Load() check that is present in other mutating tools like deployHandler and deleteHandler. Because of this, an MCP client can execute the create command (which writes project scaffolding files to the disk) even when the server is operating in readonly mode. Added the guard to match the behavior of other tools. Fixes knative#3810
86fa702 to
461d9c5
Compare
Problem
The createHandler in pkg/mcp/tools_create.go lacks the s.readonly.Load() check that is present in other mutating tools like deployHandler and deleteHandler.
Because of this, an MCP client can execute the create command (which writes project scaffolding files to the disk) even when the server is operating in readonly mode.
Fix
Added the s.readonly.Load() guard to match the behavior of other tools.
Fixes #3810