feat(http): support custom listen address#2655
Open
pyama86 wants to merge 1 commit into
Open
Conversation
Add --listen-address flag (env: GITHUB_LISTEN_ADDRESS) so the HTTP server can bind to a specific host:port instead of always listening on all interfaces. When unset the server keeps the existing :PORT behavior.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
--listen-addressflag (env:GITHUB_LISTEN_ADDRESS) to thehttpcommand so the MCP HTTP server can bind to an explicithost:portinstead of always listening on every interface (:<port>).--portflag is preserved. When--listen-addressis set it takes precedence; otherwise behavior is unchanged.resolveListenAddresshelper with unit tests covering empty, host:port,:port, and IPv6 forms.Motivation
Today the HTTP server hard-codes
addr := fmt.Sprintf(":%d", cfg.Port), which binds to0.0.0.0on every interface. When this server runs inside Kubernetes (or any shared network), the Pod IP is reachable from anywhere that can route to the cluster network: if an attacker (or just another workload) discovers the Pod IP, they can hit the MCP HTTP server directly and bypass any Service / Ingress / NetworkPolicy that was supposed to gate it. This is especially risky because the MCP server proxies authenticated GitHub API calls.Allowing operators to bind to
127.0.0.1:8082(sidecar / loopback-only consumers) or to a specific interface address closes that gap and lets the standard "only the localhost / sidecar can talk to it" deployment pattern work without extra network plumbing.Test plan
go build ./...go test ./pkg/http/...(newTestResolveListenAddress+ existing tests pass)github-mcp-server http --listen-address 127.0.0.1:8082and confirm the server only accepts connections on loopbackgithub-mcp-server http --port 9090(no--listen-address) and confirm existing:9090behavior is unchanged