Commit graph

15 commits

Author SHA1 Message Date
Eric Gustin
4a937e73b4
Update .gitignore (#830) 2026-04-28 10:00:48 -07:00
Sankara R. Avula
78c8e6fb99
feat: Add TelemetryPassbackMiddleware for serverExecutionTelemetry capability (#797)
**Implements**: [SEP-2448: server execution telemetry]
(https://github.com/modelcontextprotocol/modelcontextprotocol/pull/2448)



**Description:**

**The Observability Gap (The Problem)**

MCP clients propagate trace context to servers, but server-side
execution remains a black box. The client sees a single tools/call or
resources/read span; everything the server does (auth checks, policy
evaluation, API calls, sub-tool invocations) is invisible. In
cross-organization deployments, clients and servers use separate
observability backends with no shared collector access, making
traditional span export useless.

<img width="1015" height="450" alt="Screenshot 2026-03-23 at 3 43 21 PM"
src="https://github.com/user-attachments/assets/58c817b5-fee6-46a3-9877-d523a25368ad"
/>


**Server Execution Telemetry (The Solution)**

Servers advertise serverExecutionTelemetry and return a curated slice of
their execution spans directly in _meta.otel of the response. Clients
ingest these verbatim OTLP spans into their own collector, stitching
server-side execution into their distributed trace; no shared
infrastructure required. The black box becomes transparent.

<img width="945" height="574" alt="Screenshot 2026-03-23 at 3 43 44 PM"
src="https://github.com/user-attachments/assets/38d97c94-aa73-4e62-9b4e-3264600e5ed0"
/>

.
**Summary:**

Implement MCP serverExecutionTelemetry capability that enables
cross-organization distributed tracing by returning server-side
OpenTelemetry spans to clients inline via _meta.otel.traces.

  Server-side (middleware):
  - TelemetryPassbackMiddleware intercepts tools/call and resources/read
- ContextVarSpanCollector isolates span collection per-request via
ContextVar
- Propagates traceparent from client request for distributed trace
stitching
- Serializes collected spans to verbatim OTLP JSON (resourceSpans
format), directly POSTable to /v1/traces
- Top-level span filtering by default; full span tree via detailed
opt-in
- Middleware advertises capabilities via get_capabilities() on the
Middleware base class
  - Provisional API: FutureWarning emitted until SEP-2448 is ratified

  Client-side (reference agent):
- LangChain ReAct agent connects to MCP server via
streamable_http_client with OAuth 2.1
  - Detects serverExecutionTelemetry capability at initialization
- Dynamically wraps discovered MCP tools with traceparent propagation
and _meta.otel span request
- Ingests returned server spans into Jaeger (OTLP JSON) and Galileo
(OTLP protobuf)
- Two-act demo: --no-passback (black box) vs default (full server-side
visibility)

  Dependencies:
  - opentelemetry-api and opentelemetry-sdk added to arcade-mcp-server

  Bump arcade-mcp-server version to 1.18.0.
2026-03-25 15:57:50 -07:00
jottakka
9c47f73602
[TOO-518] Enforce semver for MCPApp Versioning (#793)
Here's the PR summary:

---

## Enforce semver validation for `MCPApp` versioning

### Problem

`MCPApp.__init__` accepted any string as `version` with no validation.
Invalid versions like `"1.0.0dev"` or `"latest"` silently propagated to
the Engine, where `compareToolVersions` fell back to lexicographic
`strings.Compare` instead of `semver.Compare` — causing incorrect
ordering (e.g. `1.10.0 < 1.9.0`).

### Solution

Validate and normalize `version` at `MCPApp` instantiation time using
the same acceptance rules as Go's `golang.org/x/mod/semver v0.31.0` (the
exact version used by the Engine).

### Changes

**`arcade_mcp_server/_validation.py`** (new file)
- Shared regex constants: `SEMVER_PATTERN` (semver.org spec),
`SHORT_VERSION_PATTERN`, `MAJOR_ONLY_PATTERN`

**`arcade_mcp_server/mcp_app.py`**
- Added `_validate_version()` mirroring the existing `_validate_name()`
pattern
- Added `version` property + setter (validates on mutation too)
- `__init__` now stores `self._version` via `_validate_version()`

**`arcade_mcp_server/settings.py`**
- Added `@field_validator("version")` on `ServerSettings` — covers the
`MCP_SERVER_VERSION` env var path
- Fixed default from `"0.1.0dev"` → `"0.1.0"` (the old default was
itself invalid)

**`pyproject.toml`** — bumped `arcade-mcp-server` `1.17.4` → `1.17.5`

### Normalization pipeline

All inputs are normalized to canonical `MAJOR.MINOR.PATCH` before
storage:

| Input | Stored as |
|-------|-----------|
| `v1.0.0` | `1.0.0` |
| `1.0` / `v1.0` | `1.0.0` |
| `1` / `v1` | `1.0.0` |

### Verification

Validated against `golang.org/x/mod/semver v0.31.0` (Engine's exact
pinned version) — 40/40 accept/reject cases match. The Engine's own
`store_test.go` uses `"1.0"` and `"1.1"` as `ToolkitVersion` values,
confirming short forms are intentionally supported.

### Breaking change

Any user currently passing a non-semver version string (e.g.
`"1.0.0dev"`, `"latest"`) will get a `ValueError` on upgrade. This is
intentional — those versions were silently causing incorrect tool
ordering in the Engine.

Closes TOO-518

<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> **Medium Risk**
> Introduces stricter version validation/normalization that will raise
errors for previously-accepted non-semver inputs (including via env
vars), which may break existing consumers depending on lax version
strings.
> 
> **Overview**
> **Enforces semver for server versioning** across both `MCPApp` and
`ServerSettings`, rejecting invalid strings and normalizing accepted
inputs (e.g., stripping leading `v`, expanding `1`/`1.2` to
`1.0.0`/`1.2.0`).
> 
> Adds shared `normalize_version` logic in
`arcade_mcp_server/_validation.py`, updates `MCPApp` to validate on init
and via a new `version` property/setter, and adds a Pydantic `version`
validator so `MCP_SERVER_VERSION` is checked. Defaults are updated from
`0.1.0dev` to `0.1.0`, tests are expanded to cover accept/reject cases,
and the package version is bumped to `1.17.5`.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
2ceabacb25372e67eef9720b901c1ee2b214868f. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

---------

Co-authored-by: Eric Gustin <34000337+EricGustin@users.noreply.github.com>
2026-03-16 16:06:25 -07:00
Eric Gustin
baa262ec00
Re-import arcade_core errors into arcade_mcp_server (#620) 2025-10-13 17:48:54 -07:00
Evan Tahler
9f339b7964
docs build commands for arcade-mcp (#587) 2025-09-26 15:30:52 -07:00
Eric Gustin
cdd90b4844
Remove toml (#210)
# PR Description
`arcade.toml` was deprecated in favor of `credentials.yaml` in PR #116 .
This PR completely removes any references to handling the deprecation &
any references to `arcade.toml`
2025-01-17 09:56:43 -08:00
Eric Gustin
8508a28f54
Config Refactor (#116)
# PR Description
1. Removes `arcade config` CLI command and it's helper function.
2. Upon `arcade login`, if the user does not have an `arcade.env` file,
then a templated environment file is created for the user.
3. Removed `EngineConfig` and all references to it. Since there is no
longer an `EngineConfig`, this PR refactors the CLI to compute the
engine URL based on the command-line flags that were provided.
4. Renamed `arcade.toml` to `credentials.yaml`. If a user is using
`arcade.toml`, then we will display a deprecation message and then
automatically migrate their `arcade.toml` to `credentials.yaml`. NOTE:
Eventually this auto-migration support should be removed.
5. `arcade.env` is now an optional file
6. Make `arcade show` default to `https://api.arcade-ai.com/v1` instead
of localhost.
-------




## Ensuring engine url is still computed correctly:
I used the following matrix to ensure that the behavior has not changed
after the refactor. This matrix is tested in `test_utils.py`

DEFAULT_HOST = "api.arcade-ai.com"  
DEFAULT_PORT = None  
DEFAULT_FORCE_TLS = False  
DEFAULT_FORCE_NO_TLS = False  


| Command Line Arguments | Host | Port | Force TLS | Force No TLS |
Main's URL | This PR's URL |

|----------------------------------------|-----------------|---------------|-----------|--------------|-----------------------------------|-----------------------------------|
| | DEFAULT_HOST | DEFAULT_PORT | False | False |
https://api.arcade-ai.com/v1 | https://api.arcade-ai.com/v1 |
| --host localhost | localhost | DEFAULT_PORT | False | False |
http://localhost:9099/v1 | http://localhost:9099/v1 |
| -p 9099 | DEFAULT_HOST | 9099 | False | False |
https://api.arcade-ai.com:9099/v1 | https://api.arcade-ai.com:9099/v1 |
| --host localhost -p 9099 | localhost | 9099 | False | False |
http://localhost:9099/v1 | http://localhost:9099/v1 |
| --tls | DEFAULT_HOST | DEFAULT_PORT | True | False |
https://api.arcade-ai.com/v1 | https://api.arcade-ai.com/v1 |
| --host localhost --tls | localhost | DEFAULT_PORT | True | False |
https://localhost:9099/v1 | https://localhost:9099/v1 |
| -p 9099 --tls | DEFAULT_HOST | 9099 | True | False |
https://api.arcade-ai.com:9099/v1 | https://api.arcade-ai.com:9099/v1 |
| --host localhost -p 9099 --tls | localhost | 9099 | True | False |
https://localhost:9099/v1 | https://localhost:9099/v1 |
| --no-tls | DEFAULT_HOST | DEFAULT_PORT | False | True |
http://api.arcade-ai.com/v1 | http://api.arcade-ai.com/v1 |
| --host localhost --no-tls | localhost | DEFAULT_PORT | False | True |
http://localhost:9099/v1 | http://localhost:9099/v1 |
| -p 9099 --no-tls | DEFAULT_HOST | 9099 | False | True |
http://api.arcade-ai.com:9099/v1 | http://api.arcade-ai.com:9099/v1 |
| --host localhost -p 9099 --no-tls | localhost | 9099 | False | True |
http://localhost:9099/v1 | http://localhost:9099/v1 |
| --tls --no-tls | DEFAULT_HOST | DEFAULT_PORT | True | True |
http://api.arcade-ai.com/v1 | http://api.arcade-ai.com/v1 |
| --host localhost --tls --no-tls | localhost | DEFAULT_PORT | True |
True | http://localhost:9099/v1 | http://localhost:9099/v1 |
| -p 9099 --tls --no-tls | DEFAULT_HOST | 9099 | True | True |
http://api.arcade-ai.com:9099/v1 | http://api.arcade-ai.com:9099/v1 |
| --host localhost -p 9099 --tls --no-tls| localhost | 9099 | True |
True | http://localhost:9099/v1 | http://localhost:9099/v1 |
| --host arandomhost.com | arandomhost.com | DEFAULT_PORT | False |
False | https://arandomhost.com/v1 | https://arandomhost.com/v1 |
2024-10-24 11:34:33 -07:00
Nate Barbettini
894fa878f1
Fix ruff (#64)
On the last few PRs I have noticed two problems:
1. `ruff format` fails even though it seems OK on our local machines
(sometimes, not always)
2. Nate's and Sam's machines kept flip-flopping a specific piece of
formatting back and forth, indicating a subtle difference of config
hiding somewhere
3. This was reproducible by running `ruff format` in the terminal,
followed by `make check`. The former would edit files, and then `make
check` would edit them back!

This PR addresses both issues, and further standardizes our editor &
linter configs to be super stable.
Specifically:
1. The main fix for the above, the pre-commit hook was pinned to a super
old version of ruff.
This resulted in subtle differences in behavior between our machines,
and on CI.

2. Moved ruff settings from `pyproject.toml` to `.ruff.toml`
pyproject files in subdirectories (e.g. `toolkits/**`) were overriding
the main pyproject file and erasing the custom ruff config we set at the
root. This meant that our ruff config was applied to `arcade` but not to
any of the other packages.
By moving the config to `.ruff.toml` at the root, all projects will
inherit the same ruff linting & formatting config.

4. Un-ignored the `.vscode/` directory so that we can share
vscode/cursor workspace settings.
This is valuable for standardizing settings like the default formatter
(ruff) and default test framework (pytest).
However, it's important that going forward we _only_ commit things here
that should apply across all of our machines.

5. To avoid any conflict between prettier and ruff, prettier now
explicitly ignores *.py files

6. Finally, `ruff format` and `make check` agree. A number of files are
newly auto-formatted.
2024-09-25 09:47:30 -07:00
Eric Gustin
ce4a9b28a9
Add minor changes found during onboarding (#37)
* Add new tool to the arithmetic toolkit for summation of a range.
* Add ability to attach debugger to cli. Use `.vscode/launch.json`'s
"Debug arcade dev" to do so.
* Fix issue in cli's main that used the incorrect url.
2024-09-12 16:52:36 -07:00
Sam Partee
aee706e118
Developer Makefile and Docker steps (#26)
Simpler docker build for the Actor and makefile
2024-08-29 21:24:46 -07:00
Nate Barbettini
554f47cfd7
Spike FlaskActor and cleanup of BaseActor (#12)
Cleanup and refactor of actor abstraction and
related classes/methods


[ committed by @Spartee ]
[ Authored by @nbarbettini ]
2024-08-05 13:26:56 -07:00
Sam Partee
8964111023
Refactor into library approach (#7)
This PR makes a few sweeping changes to the actor, cli, and overall
structure of the project.

- CLI commands skeleton 
- ``arcade run``, ``arcade show``, and ``arcade new``
- Working package mangement solution (``arcade_`` packages)
- Actor approach for using frameworks other than FastAPI
- Client for calling Engine within ``arcade/core``
- beginning of the config interface.

---------

Co-authored-by: Nate Barbettini <nate@arcade-ai.com>
2024-07-23 16:26:54 -07:00
Sam Partee
7f3abfd1f9
Tool SDK, Schemas (#2)
Co-authored-by: Nate Barbettini <nathanaelb@gmail.com>
2024-07-14 23:37:46 -07:00
Sam Partee
a5decd4483 Minor Cleanup 2024-06-04 09:05:18 -07:00
Sam Partee
56531cbd18 initial commit 2024-04-22 14:13:09 -07:00