Update operator architecture docs for authServerRef#4780
Open
tgrunnagle wants to merge 2 commits intomainfrom
Open
Update operator architecture docs for authServerRef#4780tgrunnagle wants to merge 2 commits intomainfrom
tgrunnagle wants to merge 2 commits intomainfrom
Conversation
tgrunnagle
requested review from
ChrisJBurns,
JAORMX,
amirejaz,
jhrozek,
rdimitrov and
yrobla
as code owners
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #4780 +/- ##
==========================================
+ Coverage 69.20% 69.27% +0.06%
==========================================
Files 533 533
Lines 55258 55258
==========================================
+ Hits 38244 38278 +34
+ Misses 14069 14038 -31
+ Partials 2945 2942 -3 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
![claude[bot]](https://avatars.githubusercontent.com/in/1236702?s=60&v=4){kind=small}
jhrozek
previously approved these changes
Apr 13, 2026
Contributor
jhrozek
left a comment
jhrozek
left a comment
There was a problem hiding this comment.
Documentation changes verified against CRD type definitions and controller code. All claims are factually accurate — authServerRef fields, status hashes, conflict validation, Mermaid diagrams, and the YAML example all match the implementation.
tgrunnagle
force-pushed
the
issue_4642_authServerRef-docs
branch
from
e2a20a5 to
1ada628
Compare
github-actions
bot
added
size/XS
jhrozek
previously approved these changes
Apr 14, 2026
Contributor
jhrozek
left a comment
jhrozek
left a comment
There was a problem hiding this comment.
the CI failures are unrelated
tgrunnagle
force-pushed
the
issue_4642_authServerRef-docs
branch
from
1ada628 to
8139ff2
Compare
github-actions
bot
added
size/XS
jhrozek
previously approved these changes
Apr 15, 2026
Document the new authServerRef field on MCPServer and MCPRemoteProxy in docs/arch/09-operator-architecture.md: - Add authServerRef to CRD relationships Mermaid diagram - Document authServerRef as the dedicated incoming auth reference - Explain dual-reference paths on MCPExternalAuthConfig - Add combined auth pattern YAML example on MCPRemoteProxy - Document conflict detection and backward compatibility - Verify CRD API reference docs are up to date Implements #4642 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Fix issues found during code review of #4642 documentation: - HIGH: Fix remoteURL to remoteUrl in MCPRemoteProxy YAML example to match actual JSON tag (per camelCase rename in 992f2e4) - MEDIUM: Replace non-standard Mermaid -..-> arrow syntax with standard -.-> for authServerRef edges - MEDIUM: Add missing telemetryConfigRef to MCPRemoteProxy key fields list, Mermaid diagram, and Referenced by section Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
tgrunnagle
force-pushed
the
issue_4642_authServerRef-docs
branch
from
8139ff2 to
65ae124
Compare
github-actions
bot
added
size/XS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
RFC-0050 introduced
authServerRefas a dedicated field for configuring the embedded OAuth 2.0/OIDC authorization server (incoming auth), separating it fromexternalAuthConfigRef(outgoing auth). After the CRD types and controller logic landed in #4640, the operator architecture documentation needed to reflect this new field, its relationship to existing auth references, and the combined configuration pattern. This PR updatesdocs/arch/09-operator-architecture.mdto document these changes.Closes #4642
Type of change
Test plan
Verified that the Mermaid diagram renders correctly with the new
authServerRefedges. Confirmed all cross-references and links remain intact. No code changes, so no automated tests apply.Changes
docs/arch/09-operator-architecture.mdauthServerRefacross all relevant CRD sectionsDoes this introduce a user-facing change?
No. This is a documentation-only change that describes existing functionality added in #4640.
Special notes for reviewers
authServerRefedges from both MCPServer and MCPRemoteProxy to MCPExternalAuthConfig, alongside the existingexternalAuthConfigRefedges.telemetryConfigRefedge for MCPRemoteProxy was also added to the Mermaid diagram and key fields list, keeping the documentation consistent with the CRD types.task crdref-gen) is not included in this PR as it depends on changes from Add authServerRef CRD types, controller logic, and unit tests #4640 being present in the operator directory; it can be regenerated separately once the full dependency chain is merged.Generated with Claude Code