Introduce a GatewayToolset

Signed-off-by: David Gageot <david.gageot@docker.com>

Author: dgageot

pkg/agent/agent.go

@@ -98,7 +98,7 @@ func (a *Agent) Tools(ctx context.Context) ([]tools.Tool, error) {
 	for _, toolSet := range a.toolsets {
 		ta, err := toolSet.Tools(ctx)
 		if err != nil {
-			return nil, fmt.Errorf("failed to get tools: %w", err)
+			return nil, err
 		}
 		agentTools = append(agentTools, ta...)
 	}

pkg/environment/1password.go

@@ -11,7 +11,7 @@ import (
 )
 
 type OnePasswordProvider struct {
-	secrets onepassword.SecretsAPI
+	opToken string
 }
 
 func NewOnePasswordProvider(ctx context.Context) (*OnePasswordProvider, error) {
@@ -20,7 +20,7 @@ func NewOnePasswordProvider(ctx context.Context) (*OnePasswordProvider, error) {
 		return nil, errors.New("OP_SERVICE_ACCOUNT_TOKEN environment variable is required for 1Password integration")
 	}
 
-	client, err := onepassword.NewClient(ctx,
+	_, err := onepassword.NewClient(ctx,
 		onepassword.WithServiceAccountToken(opToken),
 		onepassword.WithIntegrationInfo("cagent 1Password Integration", "v1.0.0"),
 	)
@@ -29,17 +29,22 @@ func NewOnePasswordProvider(ctx context.Context) (*OnePasswordProvider, error) {
 	}
 
 	return &OnePasswordProvider{
-		secrets: client.Secrets(),
+		opToken: opToken,
 	}, nil
 }
 
 func (p *OnePasswordProvider) Get(ctx context.Context, name string) string {
-	path := "op://cagent/" + name + "/password"
-	slog.Debug("Looking for environment variable in 1Password", "path", path)
+	// This thing is not thread-safe, so we create a new client each time (for now)
+	// even though it's probably too slow.
+	client, _ := onepassword.NewClient(ctx,
+		onepassword.WithServiceAccountToken(p.opToken),
+		onepassword.WithIntegrationInfo("cagent 1Password Integration", "v1.0.0"),
+	)
 
-	secret, err := p.secrets.Resolve(ctx, "op://cagent/"+name+"/password")
+	secret, err := client.Secrets().Resolve(ctx, "op://cagent/"+name+"/password")
 	if err != nil {
 		// Ignore error
+		slog.Error("Failed to find secret in 1Password", "error", err)
 		return ""
 	}
 

pkg/environment/keychain.go

@@ -45,6 +45,7 @@ func (p *KeychainProvider) Get(ctx context.Context, name string) string {
 	err := cmd.Run()
 	if err != nil {
 		// Ignore error
+		slog.Error("Failed to find secret in keychain", "error", err)
 		return ""
 	}
 

pkg/environment/pass.go

@@ -44,6 +44,7 @@ func (p *PassProvider) Get(ctx context.Context, name string) string {
 	err := cmd.Run()
 	if err != nil {
 		// Ignore error
+		slog.Error("Failed to find secret in pass", "error", err)
 		return ""
 	}
 

pkg/gateway/catalog.go

@@ -11,7 +11,7 @@ import (
 
 const DockerCatalogURL = "https://desktop.docker.com/mcp/catalog/v2/catalog.yaml"
 
-func RequiredEnvVars(ctx context.Context, serverName, catalogURL string) ([]string, error) {
+func RequiredEnvVars(ctx context.Context, serverName, catalogURL string) ([]Secret, error) {
 	catalog, err := readCatalog(ctx, catalogURL)
 	if err != nil {
 		return nil, err
@@ -22,12 +22,7 @@ func RequiredEnvVars(ctx context.Context, serverName, catalogURL string) ([]stri
 		return nil, fmt.Errorf("MCP server %q not found in catalog %q", serverName, catalogURL)
 	}
 
-	var secrets []string
-	for _, secret := range server.Secrets {
-		secrets = append(secrets, secret.Env)
-	}
-
-	return secrets, nil
+	return server.Secrets, nil
 }
 
 func readCatalog(ctx context.Context, url string) (Catalog, error) {

pkg/teamloader/teamloader.go

@@ -13,7 +13,6 @@ import (
 	"github.com/docker/cagent/pkg/config"
 	latest "github.com/docker/cagent/pkg/config/v2"
 	"github.com/docker/cagent/pkg/environment"
-	"github.com/docker/cagent/pkg/gateway"
 	"github.com/docker/cagent/pkg/memory"
 	"github.com/docker/cagent/pkg/memory/database/sqlite"
 	"github.com/docker/cagent/pkg/model/provider"
@@ -22,7 +21,6 @@ import (
 	"github.com/docker/cagent/pkg/tools"
 	"github.com/docker/cagent/pkg/tools/builtin"
 	"github.com/docker/cagent/pkg/tools/mcp"
-	"gopkg.in/yaml.v3"
 )
 
 // LoadTeams loads all agent teams from the given directory or file path
@@ -265,56 +263,10 @@ func getToolsForAgent(ctx context.Context, a *latest.AgentConfig, parentDir stri
 			t = append(t, builtin.NewFilesystemTool([]string{wd}, builtin.WithAllowedTools(toolset.Tools)))
 
 		case toolset.Type == "mcp" && toolset.Ref != "":
-			serverName := strings.TrimPrefix(toolset.Ref, "docker:")
-			args := []string{"mcp", "gateway", "run", "--servers=" + serverName}
-
-			var cleanUp func() error
-			if toolset.Config != nil {
-				file, err := os.CreateTemp("", "mcp-config-*.yaml")
-				if err != nil {
-					return nil, fmt.Errorf("failed to create temp file: %w", err)
-				}
-				cleanUp = func() error { return os.Remove(file.Name()) }
-
-				serverConfig := map[string]any{
-					serverName: toolset.Config,
-				}
-				if err := yaml.NewEncoder(file).Encode(serverConfig); err != nil {
-					return nil, fmt.Errorf("failed to write config to temp file: %w", err)
-				}
-
-				args = append(args, "--config="+file.Name())
-			}
-
-			// Isolate ourselves from the MCP Toolkit config by always using the Docker MCP catalog.
-			// This improves shareability of agents.
-			args = append(args, "--catalog="+gateway.DockerCatalogURL)
-
-			// Check which env vars are required to configure the MCP server secrets.
-			requiredEnvs, err := gateway.RequiredEnvVars(ctx, serverName, gateway.DockerCatalogURL)
-			if err != nil {
-				return nil, fmt.Errorf("reading which secrets the MCP server needs: %w", err)
-			}
-
-			// Check that we have all required env vars set.
-			for _, requiredEnv := range requiredEnvs {
-				v := envProvider.Get(ctx, requiredEnv)
-				if v == "" {
-					// TODO(dga): The secret might be configured in the MCP Toolkit.
-					// so don't fail for now...
-					// return nil, fmt.Errorf("MCP server %q requires environment variable %q to be set. Either set it before running cagent or run cagent with --env-from-file", serverName, requiredEnv)
-				}
-			}
-
-			// We have all the secrets, let's create a file with all of them for the MCP Gateway
-			// ...
-
-			// TODO: `docker mcp` doesn't know how to read secrets from env variables.
-			// TODO(dga): If the server's docker image had the right annotations, we could run it directly with `docker run` or with the MCP gateway as a go library.
-			t = append(t, mcp.NewToolsetCommand("docker", args, env, toolset.Tools, cleanUp))
+			t = append(t, mcp.NewGatewayToolset(toolset.Ref, toolset.Config, toolset.Tools, envProvider))
 
 		case toolset.Type == "mcp" && toolset.Command != "":
-			t = append(t, mcp.NewToolsetCommand(toolset.Command, toolset.Args, env, toolset.Tools, nil))
+			t = append(t, mcp.NewToolsetCommand(toolset.Command, toolset.Args, env, toolset.Tools))
 
 		case toolset.Type == "mcp" && toolset.Remote.URL != "":
 			// TODO: the tool's config can set env variables that could be used in headers.

pkg/tools/mcp/gateway.go

@@ -0,0 +1,159 @@
+package mcp
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"log/slog"
+	"os"
+	"strings"
+	"sync"
+
+	"github.com/docker/cagent/pkg/environment"
+	"github.com/docker/cagent/pkg/gateway"
+	"github.com/docker/cagent/pkg/tools"
+	"gopkg.in/yaml.v3"
+)
+
+type GatewayToolset struct {
+	ref         string
+	config      any
+	toolFilter  []string
+	envProvider environment.Provider
+
+	once           sync.Once
+	initErr        error
+	cmdToolset     *Toolset
+	cleanUpConfig  func() error
+	cleanUpSecrets func() error
+}
+
+var _ tools.ToolSet = (*GatewayToolset)(nil)
+
+func NewGatewayToolset(ref string, config any, toolFilter []string, envProvider environment.Provider) *GatewayToolset {
+	slog.Debug("Creating MCP Gateway toolset", "ref", ref, "toolFilter", toolFilter)
+
+	return &GatewayToolset{
+		ref:            ref,
+		config:         config,
+		toolFilter:     toolFilter,
+		envProvider:    envProvider,
+		cleanUpConfig:  func() error { return nil },
+		cleanUpSecrets: func() error { return nil },
+	}
+}
+
+func (t *GatewayToolset) Instructions() string {
+	return ""
+}
+
+func (t *GatewayToolset) configureOnce(ctx context.Context) error {
+	mcpServerName := parseServerRef(t.ref)
+
+	// Check which secrets (env vars) are required by the MCP server.
+	secrets, err := gateway.RequiredEnvVars(ctx, mcpServerName, gateway.DockerCatalogURL)
+	if err != nil {
+		return fmt.Errorf("reading which secrets the MCP server needs: %w", err)
+	}
+
+	// Make sure all the required secrets are available in the environment.
+	// TODO(dga): Ideally, the MCP gateway would use the same provider that we have.
+	fileSecrets, err := writeSecretsToFile(ctx, mcpServerName, secrets, t.envProvider)
+	if err != nil {
+		return fmt.Errorf("writing secrets to file: %w", err)
+	}
+	t.cleanUpSecrets = func() error { return os.Remove(fileSecrets) }
+
+	fileConfig, err := writeConfigToFile(ctx, mcpServerName, t.config)
+	if err != nil {
+		return fmt.Errorf("writing config to file: %w", err)
+	}
+	t.cleanUpConfig = func() error { return os.Remove(fileConfig) }
+
+	// Isolate ourselves from the MCP Toolkit config by always using the Docker MCP catalog and custom config and secrets.
+	// This improves shareability of agents.
+	args := []string{
+		"mcp", "gateway", "run",
+		"--servers", mcpServerName,
+		"--catalog", gateway.DockerCatalogURL,
+		"--secrets", fileSecrets,
+		"--config", fileConfig,
+	}
+	t.cmdToolset = NewToolsetCommand("docker", args, nil, t.toolFilter)
+
+	return nil
+}
+
+func (t *GatewayToolset) ensureConfigured(ctx context.Context) error {
+	t.once.Do(func() {
+		t.initErr = t.configureOnce(ctx)
+	})
+	return t.initErr
+}
+
+func (t *GatewayToolset) Tools(ctx context.Context) ([]tools.Tool, error) {
+	if err := t.ensureConfigured(ctx); err != nil {
+		return nil, err
+	}
+	return t.cmdToolset.Tools(ctx)
+}
+
+func (t *GatewayToolset) Start(ctx context.Context) error {
+	if err := t.ensureConfigured(ctx); err != nil {
+		return err
+	}
+	return t.cmdToolset.Start(ctx)
+}
+
+func (t *GatewayToolset) Stop() error {
+	stopErr := t.cmdToolset.Stop()
+	cleanUpSecretsErr := t.cleanUpSecrets()
+	cleanUpConfigErr := t.cleanUpConfig()
+
+	return errors.Join(stopErr, cleanUpSecretsErr, cleanUpConfigErr)
+}
+
+func parseServerRef(ref string) string {
+	return strings.TrimPrefix(ref, "docker:")
+}
+
+func writeSecretsToFile(ctx context.Context, mcpServerName string, secrets []gateway.Secret, envProvider environment.Provider) (string, error) {
+	var secretValues []string
+	for _, secret := range secrets {
+		v := envProvider.Get(ctx, secret.Env)
+		if v == "" {
+			// TODO(dga): Add a link to some doc that explains the different ways to provide secrets.
+			return "", fmt.Errorf("MCP server %q requires environment variable %q to be set. Either set it before running cagent or run cagent with --env-from-file", mcpServerName, secret.Env)
+		}
+
+		secretValues = append(secretValues, fmt.Sprintf("%s=%s", secret.Name, v))
+	}
+
+	// We have all the secrets, let's create a file with all of them for the MCP Gateway
+	return writeTempFile("mcp-secrets-*", []byte(strings.Join(secretValues, "\n")))
+}
+
+func writeConfigToFile(_ context.Context, mcpServerName string, config any) (string, error) {
+	buf, err := yaml.Marshal(map[string]any{
+		mcpServerName: config,
+	})
+	if err != nil {
+		return "", err
+	}
+
+	return writeTempFile("mcp-config-*", buf)
+}
+
+func writeTempFile(nameTemplate string, content []byte) (string, error) {
+	f, err := os.CreateTemp("", nameTemplate)
+	if err != nil {
+		return "", fmt.Errorf("creating temp file: %w", err)
+	}
+	defer f.Close()
+
+	if _, err := f.Write(content); err != nil {
+		return "", err
+	}
+
+	return f.Name(), nil
+}

pkg/tools/mcp/toolset.go

@@ -13,20 +13,18 @@ import (
 type Toolset struct {
 	c          *Client
 	toolFilter []string
-	cleanup    func() error
 }
 
 // Make sure the MCP Toolset always implements _our_ ToolSet interface
 var _ tools.ToolSet = (*Toolset)(nil)
 
 // NewToolsetCommand creates a new MCP toolset from a command.
-func NewToolsetCommand(command string, args, env, toolFilter []string, cleanup func() error) *Toolset {
+func NewToolsetCommand(command string, args, env, toolFilter []string) *Toolset {
 	slog.Debug("Creating MCP toolset", "command", command, "args", args, "toolFilter", toolFilter)
 
 	return &Toolset{
 		c:          NewStdioClient(command, args, env),
 		toolFilter: toolFilter,
-		cleanup:    cleanup,
 	}
 }
 
@@ -88,12 +86,6 @@ func (t *Toolset) Stop() error {
 		slog.Error("Failed to stop MCP toolset", "error", err)
 		return err
 	}
-	if t.cleanup != nil {
-		if err := t.cleanup(); err != nil {
-			slog.Error("Failed to cleanup MCP toolset", "error", err)
-			return err
-		}
-	}
 	slog.Debug("Stopped MCP toolset successfully")
 	return nil
 }