mcp-server
Verified Safeby tektoncd
Overview
Provides a server implementing the Model Context Protocol (MCP) to manage Tekton CI/CD pipelines and tasks within a Kubernetes cluster, including discovery and installation of community artifacts from Artifact Hub.
Installation
No command providedEnvironment Variables
- SYSTEM_NAMESPACE
Security Notes
The server's container itself is deployed with good security practices (runAsNonRoot, readOnlyRootFilesystem, dropped capabilities). However, the ClusterRole granted to the server's ServiceAccount provides extensive permissions: full CRUD operations on all `tekton.dev` resources (Pipelines, Tasks, Runs, StepActions) and read-only access to core Kubernetes resources (Pods, Namespaces, ConfigMaps, Secrets). This allows the server, and any authorized client using it, to execute arbitrary code on the Kubernetes cluster via Tekton PipelineRuns/TaskRuns. A significant trust dependency exists on `artifacthub.io` when using the installation tools, as they fetch and apply YAML definitions from external URLs; a compromise of Artifact Hub or a hosted repository could lead to the deployment of malicious Tekton resources on the cluster.
Similar Servers
mcp-server-kubernetes
This MCP server enables AI agents to connect to and manage Kubernetes clusters by executing kubectl and Helm commands.
mcp-k8s-go
This MCP server enables interaction with Kubernetes clusters to list, get, apply, and execute commands on various resources through a conversational interface.
mcp-k8s
Facilitates natural language interaction and automation for Kubernetes cluster management and Helm operations via the Model Control Protocol (MCP).
k8s-mcp-server
Interacting with Kubernetes clusters and Helm releases through a standardized Model Context Protocol (MCP) interface.