Conversation
greedy52
added
no-changelog
greedy52
commented
Jul 9, 2025
| } | ||
| } | ||
|
|
||
| type inMemoryServerRunner struct { |
Contributor
Author
There was a problem hiding this comment.
moved from stdio_test.go with some minor modifications
github-actions
Bot
added
application-access
size/md
tctl
r0mant
reviewed
Jul 9, 2025
Collaborator
r0mant
left a comment
r0mant
left a comment
There was a problem hiding this comment.
Looks good with a handful of mostly non-blocking comments.
Comment on lines
+147
to
+153
| To run a Teleport demo MCP server for MCP access: | ||
|
|
||
| > teleport app start \ | ||
| --token={{.token}} \{{range .ca_pins}} | ||
| --ca-pin={{.}} \{{end}} | ||
| --auth-server={{.auth_server}} \ | ||
| --mcp-demo-server |
Collaborator
There was a problem hiding this comment.
Nit: I would probably not add this here tbh. I think this may confuse people who just want to start a regular app service, MCP seems to be a much more niche use-case for now.
Contributor
Author
There was a problem hiding this comment.
dropped.
(add added the flag to teleport configure, which should make the getting started guide super easy)
|
|
||
| > teleport app start --token=xyz --auth-server=proxy.example.com:3080 \ | ||
| --mcp-demo-server | ||
| Runs a Teleport demo MCP server from the app server. |
Collaborator
There was a problem hiding this comment.
This should probably give a very brief description of what the demo MCP server actually does (functions it provides).
| } | ||
| } | ||
|
|
||
| func makeEnrollMCPGuideToolHandler() mcpserver.ToolHandlerFunc { |
Collaborator
There was a problem hiding this comment.
It's an interesting idea to have LLM explain to you how to setup its own integration but I'm worried that a) this is basically a less comprehensive copy of the documentation guide and b) it will deviate from the docs very quickly and/or we'd have to remember to keep this updated. In general, keeping the docs in the code I think should be avoided.
I think instead of this we should have:
- Clear and easy to follow documentation guide (which we do / will have).
- A guided and easily discoverable MCP enrollment flow in Discover similar to those we built for other resources.
That would help most users get started quickly, and for those who want to use LLM to help with configuration, I'm pretty sure LLM will already be able to do that once we have the docs up via web search.
So WDYT about removing this particular tool to simplify things for now?
Contributor
Author
There was a problem hiding this comment.
the mini guide in the binary would match what the current binary supports. but i totally agree this is a gimmick and needs to be maintained.
i have tried to give the AI the web link for it to figure out but it doesn't do a good job atm. well, that will improve eventually and it is not the task for this demo.
i've removed this tool and added a teleport_session_info instead.
greedy52
force-pushed
the
STeve/56587_demo_server
branch
from
52507dc to
005e390
Compare
gabrielcorado
approved these changes
Jul 11, 2025
Contributor
Merged
greedy52
added a commit
that referenced
this pull request
Jul 18, 2025
* Teleport MCP demo server * replace guide tool with session tool, and switch to resource label * add new flag to teleport configure * replace teleport_session_id with mcp_transport_type
github-merge-queue Bot
pushed a commit
that referenced
this pull request
Jul 21, 2025
* Initial PostgreSQL MCP support (#54431) * feat(mcp): initial postgres mcp * test(postgres): fix missing mock function * fix(gomod): go mod tidy all * refactor: code review suggestions * fix(tsh): mcp init missing logger * chore(tsh): missing other route to database field * refactor: use in-memory net listener * test(tsh): add mcp db command test * chore: fix license * refactor(tsh): move logger init * test(mcp): sort slices to avoid flakiness * chore: fix lint * test(mcp): sort the resources before assertion * fix(mcp): update error handler for better message * refactor: code review suggestions * feat: add external error retriever for more accurate error messages * refactor: use the same logger init for mcp purposes * refactor: code review suggestions * refactor(tsh): rename command to `tsh mcp db start` * refactor(mcp): protect database resources with rw mutex * chore: update server godocs * chore: go mod tidy * refactor: update command to take list of databases * chore(mcp): license * chore(tsh): remove unused function * refactor: code review suggestions * refactor(tsh): validate duplicated databases in MCP configuration * refactor(tsh): rename files to mcp_db * feat(mcp): add cluster name to the database resource * fix(tsh): update InitLogger return type (#55479) * MCP access part 1: update app definition and config (#54706) * MCP access part 1: update app definition and config * address feedback * make -C integrations/operator crd * MCP access part 2: new role options, access checker, role editor (#54734) * MCP access part 2: new role options, access checker, role editor * catch unsupported mcp fields * simplify mcpToolsToModel * MCP access part 3: audit events and reporting (#54779) * MCP access part 3: audit events and reporting * add new icon, storybook, format * MCP access part 4: mcputils (#54880) * MCP access part 4: mcp helpers * address feedback * address comment, minor edits * update mcp-go * MCP access part 5: Claude desktop config parser (#55179) * claude desktop config * rework * split Config to Config and FileConfig * add a comment on unofficial linux * MCP access part 6: "tsh mcp ls" (#55292) * MCP access part 6: "tsh mcp ls" * address feedback * MCP access part 7: MCP app in Web UI (#55306) * MCP access part 7: MCP app in Web UI * Make spacing in modal closer to what's in database modal * add mcp app to ResourceActionButton.story.tsx * move AppSubKind to shared/services/types. * remove --format claude (not needed see part 8) * add jsdoc --------- Co-authored-by: Rafał Cieślak <rafal.cieslak@goteleport.com> * MCP access part 8: tsh mcp config (#55370) * MCP access part 8: tsh mcp login/logout * change to --format and --config-file * switch to config and drop logout * enable debug by default * remove unused ut functions * MCP access part 9: tsh mcp connect, stub server, integration test (#55547) * MCP access part 9: tsh mcp connect, stub server, integration test * fix tests and lint * MCP access part 10: server handler (#55644) * MCP access part 10: server handler * address feedback and fix docker tests * add more comments * minor lint fix * move set logger default after other checks * Implement `tsh mcp db config` (#55781) * feat(tsh): add `tsh mcp db config` subcommand * chore(claude): fix lint * refactor: code review suggestions * refactor: code review suggestions * test(tsh): add missing option on test case * chore(tsh): add message on manually adding database URI * Refactor MCP database access to dial ALPN proxy directly (#55836) * refactor: dial database instead of using local proxy for MCP servers * refactor: review suggestions * manual fixes * tctl users add/update to support mcp tools trait (#56771) * tctl users add/update to support mcp tools trait * revert empty slice capability * Enhances MCP servers usage with Cursor (#56474) * feat(mcp): enhances MCP servers usage with Cursor * refactor: code review suggestions * mcputils refactor and new mcptest package (#56010) * mcp server and mcputils refactor * mcptest package * allow testing in mcptest * Teleport MCP demo server (#56637) * Teleport MCP demo server * replace guide tool with session tool, and switch to resource label * add new flag to teleport configure * replace teleport_session_id with mcp_transport_type * feat(gomod): update mcp-go to v0.32.0 * eslint-disable-next-line (same in master) --------- Co-authored-by: Gabriel Corado <gabriel.oliveira@goteleport.com> Co-authored-by: Rafał Cieślak <rafal.cieslak@goteleport.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
implements #56587
Replaces the in-memory test server with a proper "Teleport Demo" server. This demo server can be started with
teleport app start --mcp-demo-serveror equivalent configapp_service.mcp_demo_server: true.The demo server allows user to test out MCP access without external MCP server setup.
sample prompts:
demo: https://goteleport.zoom.us/clips/share/PhJBPNVHR_Ke3IZP4CfvVw