fix(controller): add timeout to RemoteMCPServer registration

[AnantKumar17]

What

Fixes a bug where a single hung RemoteMCPServer registration blocks all subsequent RemoteMCPServer reconciliations for the lifetime of the controller process.

Closes #1785

Why

newHTTPClient() was returning http.DefaultClient (no timeout) when there were no custom headers, and listTools() was passing the context directly to client.Connect() and session.ListTools() with no deadline. A hung or unreachable endpoint — for example, an IPv6 address resolved in an IPv4-only cluster — would block the goroutine indefinitely, preventing any subsequent RemoteMCPServer from registering until the controller pod was restarted.

Changes

Single file changed: go/core/internal/controller/reconciler/reconciler.go

• newHTTPClient(): always returns a *http.Client with Timeout: mcpRegistrationTimeout set, in both the no-headers and with-headers branches. Removes the use of http.DefaultClient.
• upsertToolServerForRemoteMCPServer(): wraps the transport creation and tool listing in context.WithTimeout(ctx, mcpRegistrationTimeout) so the entire registration sequence is bounded. The database call (RefreshToolsForServer) intentionally uses the original ctx.
• ReconcileKagentRemoteMCPServer(): logs registration start (url, protocol), success (url, tool count, duration), and failure (error, duration) using structured logr key-value pairs, matching existing codebase conventions.
• mcpRegistrationTimeout: new unexported constant set to 30 * time.Second, matching DefaultTimeout used in discoverer.go.

Testing

go test -race -skip 'TestE2E.*' ./...

All 26 test packages pass. go vet clean. go build clean.

[Copilot]

Pull request overview

This PR fixes a controller reliability bug where a hung RemoteMCPServer registration could block all subsequent RemoteMCPServer reconciliations by ensuring the registration workflow is time-bounded and observable via structured logs.

Changes:

• Adds a 30s registration timeout and applies it to MCP transport creation + tool listing.
• Ensures newHTTPClient() always returns an *http.Client with a timeout (no longer returns http.DefaultClient).
• Adds structured logr entries for registration start, success, and failure with duration.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[AnantKumar17]

added a remoteMCPRegistrationTimeout() helper that returns spec.timeout when set and falls back to the 30s default when the field is nil. The constant is now just the fallback value.

[AnantKumar17]

Fixed - upsertToolServerForRemoteMCPServer now calls context.WithTimeout(ctx, remoteMCPRegistrationTimeout(remoteMcpServer)) so operators can tune the deadline per resource via .spec.timeout without any code changes.

[AnantKumar17]

Updated newHTTPClient to accept an explicit timeout time.Duration parameter. createMcpTransport derives it from remoteMCPRegistrationTimeout(s) and passes it in, so the HTTP client timeout matches the CRD configuration in both branches.

[AnantKumar17]

Added TestRemoteMCPRegistrationTimeout (covers nil server, nil spec.timeout, and a custom value) and TestNewHTTPClient (covers nil/empty/with-headers - all assert the correct timeout and transport type). These are in reconciler_test.go in the same package.

[jmhbh]

Changes LGTM overall, just have on enit

[jmhbh]

nit: I almost prefer setting this as a default value in remotemcpserver_types.go instead in the spec.Timeout field so its more explicit.

[AnantKumar17]

Done - added // +kubebuilder:default="30s" on Timeout in remotemcpserver_types.go and regenerated both the base CRD and the Helm CRD template.
The Go fallback in remoteMCPRegistrationTimeout() is kept for existing resources that were created before this default takes effect (nil Timeout at admission time).