Allow forcing an MCP Server to be remote with an env var

Signed-off-by: David Gageot <david.gageot@docker.com>

Author: dgageot

pkg/secrets/gather.go

@@ -29,14 +29,12 @@ func GatherMissingEnvVars(ctx context.Context, cfg *latest.Config, env environme
 	}
 
 	// Tools
-	if mcpGatewayURL := os.Getenv(mcp.DOCKER_MCP_GATEWAY_URL_ENV); mcpGatewayURL == "" {
-		names, err := GatherEnvVarsForTools(ctx, cfg)
-		if err != nil {
-			return nil, err
-		}
-		for _, e := range names {
-			requiredEnv[e] = true
-		}
+	names, err := GatherEnvVarsForTools(ctx, cfg)
+	if err != nil {
+		return nil, err
+	}
+	for _, e := range names {
+		requiredEnv[e] = true
 	}
 
 	// Check for missing
@@ -82,6 +80,10 @@ func GatherEnvVarsForTools(ctx context.Context, cfg *latest.Config) ([]string, e
 
 	for _, ref := range config.GatherMCPServerReferences(cfg) {
 		mcpServerName := gateway.ParseServerRef(ref)
+		if mcpServerURL := os.Getenv(mcp.ENV_DOCKER_MCP_URL_PREFIX + mcpServerName); mcpServerURL != "" {
+			// This MCP server is configured at runtime to be remote. We don't need to know its secrets.
+			continue
+		}
 
 		secrets, err := gateway.RequiredEnvVars(ctx, mcpServerName, gateway.DockerCatalogURL)
 		if err != nil {

pkg/teamloader/teamloader.go

@@ -13,6 +13,7 @@ import (
 	"github.com/docker/cagent/pkg/config"
 	latest "github.com/docker/cagent/pkg/config/v2"
 	"github.com/docker/cagent/pkg/environment"
+	"github.com/docker/cagent/pkg/gateway"
 	"github.com/docker/cagent/pkg/memory"
 	"github.com/docker/cagent/pkg/memory/database/sqlite"
 	"github.com/docker/cagent/pkg/model/provider"
@@ -302,15 +303,16 @@ func getToolsForAgent(ctx context.Context, a *latest.AgentConfig, parentDir stri
 			t = append(t, builtin.NewFilesystemTool([]string{wd}, opts...))
 
 		case toolset.Type == "mcp" && toolset.Ref != "":
-			if mcpGatewayURL := os.Getenv(mcp.DOCKER_MCP_GATEWAY_URL_ENV); mcpGatewayURL != "" {
-				// TODO(dga): we might connect multiple times to the same MCP Gateway and end up with duplicate toolsets.
-				toolset, err := mcp.NewToolsetRemote(mcpGatewayURL, "streaming", nil, toolset.Tools, "")
+			mcpServerName := gateway.ParseServerRef(toolset.Ref)
+			if mcpServerURL := os.Getenv(mcp.ENV_DOCKER_MCP_URL_PREFIX + mcpServerName); mcpServerURL != "" {
+				// This MCP server is configured at runtime to be remote. We connect to it directly over http.
+				toolset, err := mcp.NewToolsetRemote(mcpServerURL, "streaming", nil, toolset.Tools, "")
 				if err != nil {
-					return nil, fmt.Errorf("connecting to remote MCP Gateway: %w", err)
+					return nil, fmt.Errorf("connecting to remote MCP Server: %w", err)
 				}
 				t = append(t, toolset)
 			} else {
-				t = append(t, mcp.NewGatewayToolset(toolset.Ref, toolset.Config, toolset.Tools, envProvider))
+				t = append(t, mcp.NewGatewayToolset(mcpServerName, toolset.Config, toolset.Tools, envProvider))
 			}
 
 		case toolset.Type == "mcp" && toolset.Command != "":

pkg/tools/mcp/gateway.go

@@ -15,13 +15,13 @@ import (
 	"gopkg.in/yaml.v3"
 )
 
-const DOCKER_MCP_GATEWAY_URL_ENV = "DOCKER_MCP_GATEWAY_URL"
+const ENV_DOCKER_MCP_URL_PREFIX = "DOCKER_MCP_URL_"
 
 type GatewayToolset struct {
-	ref         string
-	config      any
-	toolFilter  []string
-	envProvider environment.Provider
+	mcpServerName string
+	config        any
+	toolFilter    []string
+	envProvider   environment.Provider
 
 	once           sync.Once
 	initErr        error
@@ -32,11 +32,11 @@ type GatewayToolset struct {
 
 var _ tools.ToolSet = (*GatewayToolset)(nil)
 
-func NewGatewayToolset(ref string, config any, toolFilter []string, envProvider environment.Provider) *GatewayToolset {
-	slog.Debug("Creating MCP Gateway toolset", "ref", ref, "toolFilter", toolFilter)
+func NewGatewayToolset(mcpServerName string, config any, toolFilter []string, envProvider environment.Provider) *GatewayToolset {
+	slog.Debug("Creating MCP Gateway toolset", "name", mcpServerName, "toolFilter", toolFilter)
 
 	return &GatewayToolset{
-		ref:            ref,
+		mcpServerName:  mcpServerName,
 		config:         config,
 		toolFilter:     toolFilter,
 		envProvider:    envProvider,
@@ -50,23 +50,21 @@ func (t *GatewayToolset) Instructions() string {
 }
 
 func (t *GatewayToolset) configureOnce(ctx context.Context) error {
-	mcpServerName := gateway.ParseServerRef(t.ref)
-
 	// Check which secrets (env vars) are required by the MCP server.
-	secrets, err := gateway.RequiredEnvVars(ctx, mcpServerName, gateway.DockerCatalogURL)
+	secrets, err := gateway.RequiredEnvVars(ctx, t.mcpServerName, gateway.DockerCatalogURL)
 	if err != nil {
 		return fmt.Errorf("reading which secrets the MCP server needs: %w", err)
 	}
 
 	// Make sure all the required secrets are available in the environment.
 	// TODO(dga): Ideally, the MCP gateway would use the same provider that we have.
-	fileSecrets, err := writeSecretsToFile(ctx, mcpServerName, secrets, t.envProvider)
+	fileSecrets, err := writeSecretsToFile(ctx, t.mcpServerName, secrets, t.envProvider)
 	if err != nil {
 		return fmt.Errorf("writing secrets to file: %w", err)
 	}
 	t.cleanUpSecrets = func() error { return os.Remove(fileSecrets) }
 
-	fileConfig, err := writeConfigToFile(ctx, mcpServerName, t.config)
+	fileConfig, err := writeConfigToFile(ctx, t.mcpServerName, t.config)
 	if err != nil {
 		return fmt.Errorf("writing config to file: %w", err)
 	}
@@ -76,7 +74,7 @@ func (t *GatewayToolset) configureOnce(ctx context.Context) error {
 	// This improves shareability of agents.
 	args := []string{
 		"mcp", "gateway", "run",
-		"--servers", mcpServerName,
+		"--servers", t.mcpServerName,
 		"--catalog", gateway.DockerCatalogURL,
 		"--secrets", fileSecrets,
 		"--config", fileConfig,