Skip to content

fix: read Caldera host, port, and API key from conf/default.yml#6

Open
ChenFryd wants to merge 1 commit into
mitre:mainfrom
autonet-internal:fix/mcp-server-hardcoded-connection
Open

fix: read Caldera host, port, and API key from conf/default.yml#6
ChenFryd wants to merge 1 commit into
mitre:mainfrom
autonet-internal:fix/mcp-server-hardcoded-connection

Conversation

@ChenFryd

Copy link
Copy Markdown

Description

app/mcp_server.py hardcoded the Caldera API connection details (localhost:8888 and ADMIN123), completely ignoring the host, port, and api_key_red values configured in conf/default.yml. This caused all MCP tool calls to fail when Caldera is deployed on a non-localhost IP or with a non-default port/API key.

The fix reads those values in get_env() in both mcp_planner_client.py and mcp_factory_client.py, and passes them to the mcp_server.py subprocess as CALDERA_URL and CALDERA_API_KEY environment variables — following the same pattern already used for LLM config. mcp_server.py reads them via os.environ.get() with the original hardcoded values as safe fallbacks.

Closes #5

Type of change

  • Bug fix (non-breaking change which fixes an issue)

How Has This Been Tested?

Manually tested by configuring Caldera with host: 203.0.113.1 in conf/default.yml and triggering both factory and planner MCP executions. Prior to the fix all API calls failed with a connection error; after the fix the MCP server correctly connects to the configured host, port, and API key.

Checklist:

  • My code follows the style guidelines of this project
  • I have performed a self-review of my own code
  • I have made corresponding changes to the documentation
  • I have added tests that prove my fix is effective or that my feature works

mcp_server.py hardcoded localhost:8888 and ADMIN123 as the Caldera API
connection details, ignoring the values configured in conf/default.yml.

The fix reads host, port, and api_key_red from the Caldera config in
get_env() in both mcp_planner_client.py and mcp_factory_client.py, and
passes them to the mcp_server.py subprocess as CALDERA_URL and
CALDERA_API_KEY environment variables. mcp_server.py now reads these
via os.environ.get() with the original hardcoded values as fallbacks.

Closes mitre#5
@github-actions

Copy link
Copy Markdown

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

MCP Server Ignores Caldera Connection Configuration

1 participant