Fix Helm chart environment variable merging for groupFiltering.allowedGroups

helm/mcp-optimizer/Chart.yaml

@@ -2,8 +2,8 @@ apiVersion: v2
 name: mcp-optimizer
 description: A Helm chart for deploying MCP Optimizer MCP Server in Kubernetes
 type: application
-version: 0.1.0
-appVersion: "0.1.1"
+version: 0.1.1
+appVersion: "0.2.0"
 keywords:
   - mcp
   - mcp-optimizer
@@ -15,3 +15,6 @@ sources:
 maintainers:
   - name: MCP Optimizer Team
 
+# Changelog:
+# 0.1.1 - Fix groupFiltering.allowedGroups feature with automatic env var merging in podTemplateSpec
+# 0.1.0 - Initial release

helm/mcp-optimizer/README.md

@@ -100,14 +100,44 @@ The following table lists the configurable parameters of the MCP Optimizer chart
 
 | Parameter | Description | Default |
 |-----------|-------------|---------|
-| `mcpserver.env` | Environment variables array | See values.yaml |
+| `mcpserver.env` | Additional environment variables to merge with defaults | `[]` (empty) |
+| `mcpserver.podTemplateSpec` | Full pod template specification | See values.yaml |
 
-Key environment variables set by default:
+Default environment variables (defined in `podTemplateSpec`):
 
+- `SQLITE_TMPDIR=/tmp` - Temporary directory for SQLite
 - `RUNTIME_MODE=k8s` - Run in Kubernetes mode
 - `K8S_ALL_NAMESPACES=true` - Query all namespaces
-- `MCP_PORT=9900` - MCP server port
 - `LOG_LEVEL=INFO` - Logging level
+- `WORKLOAD_POLLING_INTERVAL=60` - Polling interval in seconds
+- `REGISTRY_POLLING_INTERVAL=300` - Registry polling interval in seconds
+- `MAX_TOOLS_TO_RETURN=8` - Maximum tools in search results
+- `MAX_SERVERS_TO_RETURN=5` - Maximum servers in search results
+- `HYBRID_SEARCH_SEMANTIC_RATIO=0.5` - Semantic search ratio
+
+**Automatically Added:**
+- `ASYNC_DB_URL` - Generated from `database` configuration
+- `DB_URL` - Generated from `database` configuration
+- `ALLOWED_GROUPS` - Set from `groupFiltering.allowedGroups` if configured
+- `MCP_PORT` - Set by the ToolHive operator from `spec.port`
+
+**Adding Custom Environment Variables:**
+Use `mcpserver.env` to add additional env vars that will be merged with the defaults:
+
+```yaml
+mcpserver:
+  env:
+    - name: CUSTOM_VAR
+      value: "custom-value"
+```
+
+**Environment Variable Precedence:**
+Environment variables are merged with deduplication (last value wins) in this order:
+1. Base env vars from `podTemplateSpec.spec.containers[0].env` (lowest priority)
+2. Template-generated env vars (`ASYNC_DB_URL`, `DB_URL`, `ALLOWED_GROUPS`) (middle priority)
+3. Custom env vars from `mcpserver.env` (highest priority)
+
+If the same variable name appears multiple times, the last occurrence takes precedence. This allows you to override defaults using `mcpserver.env`.
 
 ## Examples
 
@@ -133,10 +163,11 @@ kind load docker-image mcp-optimizer:local
 helm install mcp-optimizer ./helm/mcp-optimizer \
   --set mcpserver.image.repository=mcp-optimizer \
   --set mcpserver.image.tag=local \
-  --set mcpserver.podTemplateSpec.spec.containers[0].imagePullPolicy=Never \
   -n toolhive-system
 ```
 
+Note: For advanced pod customization (like setting `imagePullPolicy`), use `podTemplateSpec` - see the "Advanced Pod Customization" section below.
+
 ### Installation with Custom Registry
 
 ```bash
@@ -193,17 +224,74 @@ helm install mcp-optimizer ./helm/mcp-optimizer -f custom-values.yaml -n toolhiv
 
 ### Installation with Single Namespace Scope
 
-To limit mcp-optimizer to query only a specific namespace:
+To limit mcp-optimizer to query only a specific namespace, you can override the default environment variables:
+
+```yaml
+# custom-values.yaml
+mcpserver:
+  env:
+    - name: K8S_ALL_NAMESPACES
+      value: "false"
+    - name: K8S_NAMESPACE
+      value: "my-namespace"
+```
 
 ```bash
-helm install mcp-optimizer ./helm/mcp-optimizer \
-  --set mcpserver.env[0].name=K8S_ALL_NAMESPACES \
-  --set mcpserver.env[0].value=false \
-  --set mcpserver.env[1].name=K8S_NAMESPACE \
-  --set mcpserver.env[1].value=my-namespace \
-  -n toolhive-system
+helm install mcp-optimizer ./helm/mcp-optimizer -f custom-values.yaml -n toolhive-system
+```
+
+Note: Custom env vars in `mcpserver.env` have the highest precedence and will override any defaults with the same name. To override a default env var (like `K8S_ALL_NAMESPACES`), simply add it to `mcpserver.env` with your desired value.
+
+### Advanced Pod Customization with podTemplateSpec
+
+The default configuration uses `podTemplateSpec` with emptyDir volumes for `/data` and `/tmp`. The helm chart automatically:
+- Adds `ASYNC_DB_URL` and `DB_URL` based on database configuration
+- Adds `ALLOWED_GROUPS` if `groupFiltering.allowedGroups` is set
+- Appends custom env vars from `mcpserver.env`
+
+You can customize `podTemplateSpec` for advanced use cases (different volumes, security contexts, init containers, etc.):
+
+```yaml
+# custom-values.yaml
+mcpserver:
+  podTemplateSpec:
+    spec:
+      securityContext:
+        fsGroup: 2000  # Custom security context
+      volumes:
+        - name: data
+          persistentVolumeClaim:  # Use PVC instead of emptyDir
+            claimName: mcp-data
+        - name: tmp
+          emptyDir: {}
+      containers:
+        - name: mcp
+          imagePullPolicy: Always
+          volumeMounts:
+            - name: data
+              mountPath: /data
+            - name: tmp
+              mountPath: /tmp
+          env:
+            # Define your base env vars
+            - name: LOG_LEVEL
+              value: "DEBUG"
+            - name: RUNTIME_MODE
+              value: "k8s"
+            # ... other env vars ...
+            # NOTE: ASYNC_DB_URL, DB_URL, and ALLOWED_GROUPS will be automatically added
 ```
 
+```bash
+helm install mcp-optimizer ./helm/mcp-optimizer -f custom-values.yaml -n toolhive-system
+```
+
+**Note:** When customizing `podTemplateSpec`:
+- Database URLs (`ASYNC_DB_URL`, `DB_URL`) are automatically added by the template
+- `ALLOWED_GROUPS` is automatically added if you set `groupFiltering.allowedGroups`
+- Additional env vars from `mcpserver.env` are automatically appended
+- See `examples/mcp-servers/mcpserver_mcp-optimizer.yaml` for a complete working example
+
 ## Verifying the Installation
 
 After installation, verify that the MCPServer resource was created:

helm/mcp-optimizer/templates/_helpers.tpl

@@ -95,3 +95,38 @@ Database URL for sync operations
 {{- end }}
 {{- end }}
 
+{{/*
+Merge environment variables into podTemplateSpec
+This adds database URLs, ALLOWED_GROUPS, and custom env vars to the podTemplateSpec
+*/}}
+{{- define "mcp-optimizer.podTemplateSpec" -}}
+{{- $podSpec := deepCopy .Values.mcpserver.podTemplateSpec }}
+{{- $container := index $podSpec.spec.containers 0 }}
+{{- if not $container.env }}
+{{- $_ := set $container "env" list }}
+{{- end }}
+{{- /* Build final env list by appending all additional vars */ -}}
+{{- $additionalEnvs := list }}
+{{- /* Add database URLs */ -}}
+{{- $asyncDbUrl := dict "name" "ASYNC_DB_URL" "value" (include "mcp-optimizer.asyncDbUrl" .) }}
+{{- $dbUrl := dict "name" "DB_URL" "value" (include "mcp-optimizer.dbUrl" .) }}
+{{- $additionalEnvs = append $additionalEnvs $asyncDbUrl }}
+{{- $additionalEnvs = append $additionalEnvs $dbUrl }}
+{{- /* Add ALLOWED_GROUPS if configured */ -}}
+{{- if and .Values.groupFiltering .Values.groupFiltering.allowedGroups }}
+{{- $allowedGroups := dict "name" "ALLOWED_GROUPS" "value" (join "," .Values.groupFiltering.allowedGroups) }}
+{{- $additionalEnvs = append $additionalEnvs $allowedGroups }}
+{{- end }}
+{{- /* Merge all env vars with deduplication (last value wins) */ -}}
+{{- $envMap := dict }}
+{{- range concat $container.env $additionalEnvs .Values.mcpserver.env }}
+{{- $_ := set $envMap .name . }}
+{{- end }}
+{{- $finalEnv := list }}
+{{- range $key, $val := $envMap }}
+{{- $finalEnv = append $finalEnv $val }}
+{{- end }}
+{{- $_ := set $container "env" $finalEnv }}
+{{- toYaml $podSpec }}
+{{- end }}
+

helm/mcp-optimizer/templates/mcpserver.yaml

@@ -30,34 +30,8 @@ spec:
 
   # Service account for Kubernetes API access
   serviceAccount: {{ include "mcp-optimizer.serviceAccountName" . }}
-
-  {{- if not .Values.mcpserver.podTemplateSpec }}
-  # Environment variables (only used when not using podTemplateSpec)
-  env:
-    {{- range .Values.mcpserver.env }}
-    - name: {{ .name }}
-      value: {{ .value | quote }}
-    {{- end }}
-    # Add database URLs
-    - name: ASYNC_DB_URL
-      value: {{ include "mcp-optimizer.asyncDbUrl" . | quote }}
-    - name: DB_URL
-      value: {{ include "mcp-optimizer.dbUrl" . | quote }}
-    {{- if .Values.groupFiltering }}
-    {{- if .Values.groupFiltering.allowedGroups }}
-    - name: ALLOWED_GROUPS
-      value: {{ join "," .Values.groupFiltering.allowedGroups | quote }}
-    {{- end }}
-    {{- end }}
-
-  # Resource limits and requests (only used when not using podTemplateSpec)
-  resources:
-    {{- toYaml .Values.mcpserver.resources | nindent 4 }}
-  {{- end }}
-
-  # Pod template spec for advanced customization
-  {{- with .Values.mcpserver.podTemplateSpec }}
+
+  # Pod template spec with merged environment variables
   podTemplateSpec:
-    {{- toYaml . | nindent 4 }}
-  {{- end }}
+    {{- include "mcp-optimizer.podTemplateSpec" . | nindent 4 }}
 

helm/mcp-optimizer/values.yaml

@@ -35,13 +35,13 @@ mcpserver:
       cpu: "250m"
       memory: "256Mi"
 
-  # Environment variables for mcp-optimizer
-  # NOTE: When using podTemplateSpec, define env vars there instead of here
-  # to avoid duplicates
+  # Environment variables for mcp-optimizer (used for overrides when using podTemplateSpec)
+  # These will be merged with podTemplateSpec env vars if both are defined
+  # NOTE: ASYNC_DB_URL and DB_URL are automatically added by the template
   env: []
-  
-  # Pod template spec (optional) - use this for advanced pod customization
-  # When set, this takes precedence over env and resources fields above
+
+  # Pod template spec - default configuration with volumes and env vars
+  # Values from groupFiltering.allowedGroups and mcpserver.env will be merged into this
   podTemplateSpec:
     spec:
       securityContext:
@@ -61,7 +61,7 @@ mcpserver:
               mountPath: /tmp
           env:
             - name: SQLITE_TMPDIR
-              value: "/tmp"
+              value: "/data"
             - name: RUNTIME_MODE
               value: "k8s"
             - name: K8S_ALL_NAMESPACES
@@ -79,10 +79,8 @@ mcpserver:
               value: "5"
             - name: HYBRID_SEARCH_SEMANTIC_RATIO
               value: "0.5"
-            - name: ASYNC_DB_URL
-              value: "sqlite+aiosqlite:///data/mcp_optimizer.db"
-            - name: DB_URL
-              value: "sqlite:///data/mcp_optimizer.db"
+            # ASYNC_DB_URL and DB_URL are added by the template
+            # ALLOWED_GROUPS is added by the template if groupFiltering is configured
 
   # Labels to apply to the MCPServer resource
   labels: {}
@@ -134,8 +132,8 @@ database:
   # SQLite configuration (default)
   sqlite:
     # Path to SQLite database file (inside the container)
-    # Using /tmp for ephemeral storage (no persistent volume needed)
-    path: /tmp/mcp_optimizer.db
+    # Using /data for ephemeral storage with emptyDir (no persistent volume needed)
+    path: /data/mcp_optimizer.db
 
   # PostgreSQL configuration (optional)
   # postgresql: