-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathContainerfile
More file actions
37 lines (28 loc) · 1.25 KB
/
Containerfile
File metadata and controls
37 lines (28 loc) · 1.25 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# SPDX-License-Identifier: MIT
# SPDX-FileCopyrightText: 2025 Jonathan D.A. Jewell
FROM cgr.dev/chainguard/wolfi-base:latest
LABEL org.opencontainers.image.title="poly-k8s-mcp"
LABEL org.opencontainers.image.description="Unified MCP server for Kubernetes orchestration: kubectl, helm, kustomize"
LABEL org.opencontainers.image.version="1.0.0"
LABEL org.opencontainers.image.authors="Jonathan D.A. Jewell"
LABEL org.opencontainers.image.source="https://github.com/hyperpolymath/poly-k8s-mcp"
LABEL org.opencontainers.image.licenses="MIT"
LABEL dev.mcp.server="true"
LABEL io.modelcontextprotocol.server.name="io.github.hyperpolymath/poly-k8s-mcp"
# Install Deno and kubectl
RUN apk add --no-cache deno ca-certificates kubectl helm
# Create non-root user
RUN adduser -D -u 1000 mcp
WORKDIR /app
# Copy application files
COPY --chown=mcp:mcp deno.json package.json ./
COPY --chown=mcp:mcp main.js ./
COPY --chown=mcp:mcp lib/ ./lib/
COPY --chown=mcp:mcp src/ ./src/ 2>/dev/null || true
# Cache dependencies
RUN deno cache main.js || true
# Switch to non-root user
USER mcp
# Kubernetes config via mount or environment
ENV KUBECONFIG=/home/mcp/.kube/config
ENTRYPOINT ["deno", "run", "--allow-run", "--allow-read", "--allow-write", "--allow-env", "--allow-net", "main.js"]