This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
Never mention Claude or Claude Code in your PRs, diffs, etc.
MCP Gateway (ContextForge) is a production-grade gateway, proxy, and registry for Model Context Protocol (MCP) servers and A2A Agents. It federates MCP and REST services, providing unified discovery, auth, rate-limiting, observability, virtual servers, multi-transport protocols, and an optional Admin UI.
cp .env.example .env && make venv install-dev check-env # Complete setup workflow
make venv # Create fresh virtual environment with uv
make install-dev # Install with development dependencies
make check-env # Verify .env against .env.examplemake dev # Start development server (port 8000) with autoreload
make serve # Production server (gunicorn, port 4444)# After writing code (auto-format & cleanup)
make autoflake isort black pre-commit
# Before committing (comprehensive quality checks)
make flake8 bandit interrogate pylint verify
# Web assets
make lint-web # HTML/CSS/JS linting# Complete testing workflow
make doctest test htmlcov smoketest lint-web flake8 bandit interrogate pylint verify
# Core testing
make doctest test htmlcov # Doctests + unit tests + coverage (→ docs/docs/coverage/index.html)
make smoketest # End-to-end container testing
# Testing individual files (using uv environment manager)
uv run pytest --cov-report=annotate tests/unit/mcpgateway/test_translate.py- FastAPI with Pydantic validation and SQLAlchemy ORM
- FastAPI is build on Starlette ASGI framework
- HTMX + Alpine.js for admin UI
- SQLite default, PostgreSQL support, Redis for caching/federation
- Alembic for database migrations
mcpgateway/
├── main.py # FastAPI application entry point
├── cli.py # Command-line interface
├── config.py # Environment variable settings
├── models.py # SQLAlchemy ORM models
├── schemas.py # Pydantic validation schemas
├── admin.py # Admin UI routes (HTMX)
├── services/ # Business logic layer
│ ├── gateway_service.py # Federation & peer management
│ ├── server_service.py # Virtual server composition
│ ├── tool_service.py # Tool registry & invocation
│ ├── a2a_service.py # Agent-to-Agent integration
│ └── export_service.py # Bulk operations
├── transports/ # Protocol implementations
│ ├── sse_transport.py # Server-Sent Events
│ ├── websocket_transport.py # WebSocket bidirectional
│ └── stdio_transport.py # Standard I/O wrapper
├── plugins/ # Plugin framework
│ ├── framework/ # Plugin loader & manager
│ └── [pii_filter, deny_filter, regex_filter, resource_filter]/
└── alembic/ # Database migrations
tests/
├── unit/ # Unit tests with pytest fixtures
├── integration/ # API endpoints & cross-service workflows
├── e2e/ # End-to-end workflows
├── playwright/ # UI automation with Playwright
├── security/ # Security validation
└── fuzz/ # Fuzzing & property-based testing
HOST=0.0.0.0
PORT=4444
DATABASE_URL=sqlite:///./mcp.db # or postgresql://...
REDIS_URL=redis://localhost:6379
RELOAD=true # Development hot-reloadJWT_SECRET_KEY=your-secret-key
BASIC_AUTH_USER=admin
BASIC_AUTH_PASSWORD=changeme
AUTH_REQUIRED=trueMCPGATEWAY_UI_ENABLED=true
MCPGATEWAY_ADMIN_API_ENABLED=true
MCPGATEWAY_BULK_IMPORT_ENABLED=true
MCPGATEWAY_BULK_IMPORT_MAX_TOOLS=200MCPGATEWAY_A2A_ENABLED=true # Master switch for A2A features
MCPGATEWAY_A2A_MAX_AGENTS=100 # Agent limit
MCPGATEWAY_A2A_DEFAULT_TIMEOUT=30 # HTTP timeout (seconds)
MCPGATEWAY_A2A_METRICS_ENABLED=true # Metrics collectionMCPGATEWAY_ENABLE_FEDERATION=true
MCPGATEWAY_ENABLE_MDNS_DISCOVERY=true # mDNS/Zeroconf discoveryLOG_LEVEL=INFO
LOG_TO_FILE=false # Enable file logging
LOG_ROTATION_ENABLED=false # Size-based rotation
LOG_FILE=mcpgateway.log
LOG_FOLDER=logs# Generate a support bundle for troubleshooting
mcpgateway --support-bundle --output-dir /tmp --log-lines 1000
# Customize what's included
mcpgateway --support-bundle --no-logs --log-lines 500
# Alternative: Use the service directly
python -c "from mcpgateway.services.support_bundle_service import create_support_bundle; print(create_support_bundle())"The support bundle includes:
- Version and system information
- Configuration (with secrets automatically redacted)
- Application logs (sanitized)
- Platform details
- Service status
- Database and cache information
Security: All sensitive data (passwords, tokens, API keys, secrets) are automatically sanitized before inclusion in the bundle.
API Endpoint: GET /admin/support-bundle/generate?log_lines=1000
Admin UI: Available in the Diagnostics tab with a "Download Support Bundle" button
# Generate JWT bearer token
python3 -m mcpgateway.utils.create_jwt_token --username admin@example.com --exp 10080 --secret my-test-key
# Export for API calls
export MCPGATEWAY_BEARER_TOKEN=$(python3 -m mcpgateway.utils.create_jwt_token --username admin@example.com --exp 0 --secret my-test-key)# Expose stdio servers via HTTP/SSE
python3 -m mcpgateway.translate --stdio "uvx mcp-server-git" --port 9000- Start server:
python3 -m mcpgateway.translate --stdio "server-command" --port 9000 - Register as gateway peer:
POST /gateways - Create virtual server:
POST /servers - Access via SSE/WebSocket endpoints
make container-build # Build using auto-detected runtime (Docker/Podman)
make container-run-ssl-host # Run with TLS on port 4444 and host networking
make container-stop # Stop & remove container
make container-logs # Show container logs
### Security & Quality Assurance
```bash
make security-scan # Trivy + Grype vulnerability scans- Create directory:
plugins/your_plugin/ - Add manifest:
plugin-manifest.yaml - Register in:
plugins/config.yaml - Implement hooks: pre/post request/response
- Test:
pytest tests/unit/mcpgateway/plugins/
- Always sign commits: Use
git commit -s(DCO requirement) - Conventional Commits:
feat:,fix:,docs:,refactor:,chore: - Link Issues: Include
Closes #123in commit messages - No Claude mentions: Never mention Claude or Claude Code in PRs/diffs
- DO NOT include test plans in pull requests
- No estimates: Don't include effort estimates or "phases"
- Python >= 3.11 with type hints (strict mypy settings)
- Formatting: Black (line length 200), isort (profile=black)
- Linting: Ruff (F,E,W,B,ASYNC), Pylint per
pyproject.toml - Naming:
snake_casefunctions,PascalCaseclasses,UPPER_CASEconstants - Imports: Group per isort sections (stdlib, third-party, first-party, local)
- NEVER create files unless absolutely necessary for the goal
- ALWAYS prefer editing existing files over creating new ones
- NEVER proactively create documentation files (*.md) or README files
- Only create documentation if explicitly requested by the user
ghfor GitHub operations:gh issue view 586,gh pr createmakefor all build/test operations- uv for managing virtual environments
- Standard development tools: pytest, black, isort, etc.
mcpgateway/main.py- FastAPI application entry pointmcpgateway/config.py- Environment variable configurationmcpgateway/models.py- SQLAlchemy ORM modelsmcpgateway/schemas.py- Pydantic validation schemaspyproject.toml- Project configuration and dependenciesMakefile- Comprehensive build and development automation.env.example- Environment variable template
# Development cycle
make autoflake isort black pre-commit
# Complete quality pipeline
make doctest test htmlcov smoketest lint-web flake8 bandit interrogate pylint verify- Developer Onboarding - Complete setup guide for new contributors
- Building & Testing - Build system, testing workflows, coverage
- Configuration Reference - Environment variables and settings
- REST API Usage - Comprehensive REST API guide with curl examples
- MCP JSON-RPC Guide - Low-level MCP protocol implementation
- OpenAPI Interactive Docs - Swagger UI (requires running server)
- OpenAPI Schema - Machine-readable API specification
- A2A Agent Integration - Agent-to-Agent setup, authentication, monitoring
- Plugin Development - Plugin framework, hooks, creating custom plugins
- Virtual Servers - Creating and managing composite MCP servers
- Export/Import Reference - Bulk operations and configuration migration
- Architecture Overview - System design, components, data flow
- ADR Index - Architecture Decision Records
- Security Architecture - Authentication, authorization, security features
- Multi-Transport Design - HTTP, WebSocket, SSE, STDIO
- Logging & Monitoring - Log configuration, rotation, analysis
- Performance Tuning - Benchmarks, optimization, profiling
- Scaling & High Availability - Horizontal scaling, load balancing, federation
- Well-Known URIs - Standard endpoints (robots.txt, security.txt)
- Container Deployment - Docker/Podman setup and configuration
- Kubernetes Deployment - K8s manifests and Helm charts
- Cloud Deployments - AWS, Azure, GCP, Fly.io guides
- Testing Guide - Unit, integration, E2E, security testing
- Fuzzing & Property Testing - Advanced testing techniques
- Documentation Standards - Writing and maintaining docs
- Agent Frameworks - LangChain, CrewAI, LangGraph, AutoGen
- MCP Clients - Claude Desktop, Continue, Zed, OpenWebUI
- MCP Servers - Example server integrations