The Service analyzer dereferenced EndpointAddress.TargetRef while building
the not-ready pod list, but TargetRef is optional and can be nil for
addresses not backed by a Pod (bare-IP or manually created Endpoints).
A single such address panicked the whole analyze run with a nil pointer
dereference. Only append the pod label when TargetRef is set; the address
is still counted so the failure message is unchanged. Adds a regression
test covering a not-ready address with no TargetRef.
Signed-off-by: Anas Khan <83116240+anxkhn@users.noreply.github.com>
Co-authored-by: Alex Jones <1235925+AlexsJones@users.noreply.github.com>
The Gateway and GatewayClass analyzers indexed Status.Conditions[0]
without a length check. A Gateway or GatewayClass with empty
Status.Conditions (newly created, or no controller installed) panics
the whole analyze run with 'index out of range [0] with length 0'.
Guard both accesses with a length check, mirroring the existing PDB
analyzer (pkg/analyzer/pdb.go). Add a unit test for each analyzer that
exercises the empty-conditions path.
Signed-off-by: Anas Khan <83116240+anxkhn@users.noreply.github.com>
Co-authored-by: Alex Jones <1235925+AlexsJones@users.noreply.github.com>
A pod with non-empty .spec.schedulingGates stays in the Pending phase
with a PodScheduled condition of Status=False, Reason=SchedulingGated.
The pod analyzer only matched the Unschedulable reason, so a gated pod
fell through every branch and was reported as having no problems.
Add a sibling check on the PodScheduled condition for the
SchedulingGated reason. Gated pods commonly carry an empty condition
message, so emit a default message naming the pod when none is present
and surface the condition message otherwise, mirroring how the
Unschedulable branch reports.
This is the residual half of #1474; the suspended Job/CronJob half is
already handled in job.go and cronjob.go.
Signed-off-by: Anas Khan <83116240+anxkhn@users.noreply.github.com>
Implement the Anthropic backend client for Claude models, including:
- AnthropicClient with Configure/GetCompletion/GetName methods
- Proxy, custom headers, and base URL support
- Default model (claude-3-5-sonnet-latest) fallback in auth add command
- Unit tests with httptest mock server
Signed-off-by: Alex <alexsimonjones@gmail.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add detection for dynamically loaded ConfigMaps (Grafana sidecar)
- Support grafana_dashboard and grafana_datasource labels
- Support prometheus_rule and fluentd_config labels
- Add k8sgpt.ai/dynamically-loaded label for custom patterns
- Add k8sgpt.ai/skip-usage-check annotation to opt-out
- Add comprehensive test cases for sidecar patterns
Fixes false positives where ConfigMaps loaded dynamically by sidecar
containers (via Kubernetes API watches with label selectors) were
incorrectly flagged as unused.
Tested on production cluster with kube-prometheus-stack:
- Before: 29 ConfigMaps incorrectly flagged as unused
- After: No false positives (29 eliminated - 100% reduction)
Signed-off-by: sqautboy <migonyoung01@gmail.com>
Co-authored-by: Alex Jones <1235925+AlexsJones@users.noreply.github.com>
* fix: recognize GKE built-in ingress classes 'gce' and 'gce-internal'
Skip IngressClass existence validation for GKE's built-in ingress classes
that work without an explicit IngressClass resource in the cluster.
This fixes false positive errors when using 'gce' or 'gce-internal'
ingress class on GKE.
Closes#849
Signed-off-by: majiayu000 <1835304752@qq.com>
* chore: trigger CI re-run
Signed-off-by: majiayu000 <1835304752@qq.com>
---------
Signed-off-by: majiayu000 <1835304752@qq.com>
* feat(serve): add short flag and env var for metrics port
Add short flag -m for --metrics-port to improve discoverability.
Add K8SGPT_METRICS_PORT environment variable support, consistent
with other K8SGPT_* environment variables.
This helps users who encounter port conflicts on the default
metrics port (8081) when running k8sgpt serve with --mcp or
other configurations.
Signed-off-by: Three Foxes (in a Trenchcoat) <threefoxes53235@gmail.com>
Signed-off-by: Three Foxes (in a Trenchcoat) <threefoxesyes3inatrenchcoat@gmail.com>
* fix: validate namespace before running custom analyzers
Custom analyzers previously ignored the --namespace flag entirely,
executing even when an invalid or misspelled namespace was provided.
This was inconsistent with built-in filter behavior, which respects
namespace scoping.
Add namespace existence validation in RunCustomAnalysis() before
executing custom analyzers. If a namespace is specified but does
not exist, an error is reported and custom analyzers are skipped.
Fixes#1601
Signed-off-by: Three Foxes (in a Trenchcoat) <threefoxes53235@gmail.com>
Signed-off-by: Three Foxes (in a Trenchcoat) <threefoxesyes3inatrenchcoat@gmail.com>
---------
Signed-off-by: Three Foxes (in a Trenchcoat) <threefoxes53235@gmail.com>
Signed-off-by: Three Foxes (in a Trenchcoat) <threefoxesyes3inatrenchcoat@gmail.com>
Co-authored-by: Alex Jones <1235925+AlexsJones@users.noreply.github.com>
This fixes issue #1556 where the customrest backend fails when error messages
contain quotes or other special characters.
The root cause was that fmt.Sprintf was used to construct JSON, which doesn't
escape special characters like quotes, newlines, or tabs. When Kubernetes error
messages contain image names with quotes (e.g., "nginx:1.a.b.c"), the resulting
JSON was malformed and failed to parse.
The fix uses json.Marshal to properly construct the JSON payload, which
automatically handles all special character escaping according to JSON spec.
Fixes#1556
Signed-off-by: Three Foxes (in a Trenchcoat) <threefoxes53235@gmail.com>
Co-authored-by: Three Foxes (in a Trenchcoat) <threefoxes53235@gmail.com>
* refactor: improve MCP server handlers with better error handling and pagination
This PR refactors the MCP server handler functions to improve code quality,
maintainability, and user experience.
## Key Improvements
### 1. Eliminated Code Duplication
- Introduced a **resource registry pattern** that maps resource types to their
list and get functions
- Reduced ~500 lines of repetitive switch-case statements to ~100 lines of
declarative registry configuration
- Makes adding new resource types trivial (just add to the registry)
### 2. Proper Error Handling
- Fixed all ignored JSON marshaling errors (previously using `_`)
- Added `marshalJSON()` helper function with explicit error handling
- Improved error messages with context about what failed
### 3. Input Validation
- Added required field validation (resourceType, name, namespace where needed)
- Returns clear error messages when required fields are missing
- Validates resource types before attempting operations
### 4. Pagination Support
- Added `limit` parameter to `list-resources` handler
- Defaults to 100 items, max 1000 (configurable via constants)
- Prevents returning massive amounts of data that could overwhelm clients
- Consistent with `list-events` handler which already had limits
### 5. Resource Type Normalization
- Added `normalizeResourceType()` function to handle aliases (pods->pod, svc->service, etc.)
- Centralized resource type validation
- Better error messages listing supported resource types
### 6. Improved Filter Management
- Added validation to ensure filters array is not empty
- Better feedback messages (e.g., "filters already active", "no filters removed")
- Tracks which filters were actually added/removed
## Technical Details
**Constants Added:**
- `DefaultListLimit = 100` - Default max resources to return
- `MaxListLimit = 1000` - Hard limit for list operations
**New Functions:**
- `normalizeResourceType()` - Converts aliases to canonical types
- `marshalJSON()` - Marshals with proper error handling
**Registry Pattern:**
- `resourceRegistry` - Maps resource types to list/get functions
- `resourceTypeAliases` - Maps aliases to canonical types
## Backward Compatibility
All changes are backward compatible:
- No API changes to tool signatures
- Existing clients will work without modification
- New `limit` parameter is optional (defaults to 100)
## Testing
Tested with:
- All resource types (pods, deployments, services, nodes, etc.)
- Various aliases (svc, cm, pvc, sts, ds, rs)
- Edge cases (missing required fields, invalid resource types)
- Large result sets (pagination working correctly)
Fixes code duplication and improves maintainability of the MCP server.
Signed-off-by: Three Foxes (in a Trenchcoat) <threefoxes53235@gmail.com>
* fix: remove duplicate mcp_handlers_old.go file causing build failures
The old handlers file was accidentally left in place after refactoring,
causing 'redeclared' errors for all handler methods. This commit removes
the old file to resolve the build failures.
Signed-off-by: Three Foxes (in a Trenchcoat) <threefoxes53235@gmail.com>
---------
Signed-off-by: Three Foxes (in a Trenchcoat) <threefoxes53235@gmail.com>
Co-authored-by: Three Foxes (in a Trenchcoat) <threefoxes53235@gmail.com>
Co-authored-by: Alex Jones <1235925+AlexsJones@users.noreply.github.com>
Add Groq as a new AI backend provider. Groq provides an OpenAI-compatible
API, so this implementation reuses the existing OpenAI client library
with Groq's API endpoint.
Closes#1269🤖 Generated with [Claude Code](https://claude.com/claude-code)
Signed-off-by: majiayu000 <1835304752@qq.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* migrated to more actively maintained mcp golang lib and added AI explain support for mcp mode
Signed-off-by: Umesh Kaul <umeshkaul@gmail.com>
* added a makefile option to create local docker image for testing
Signed-off-by: Umesh Kaul <umeshkaul@gmail.com>
* fixed linter errors and made anonymize as an arg
Signed-off-by: Umesh Kaul <umeshkaul@gmail.com>
* added mcp support for helm chart and fixed google adk support issue
Signed-off-by: Umesh Kaul <umeshkaul@gmail.com>
---------
Signed-off-by: Umesh Kaul <umeshkaul@gmail.com>
Co-authored-by: Alex Jones <1235925+AlexsJones@users.noreply.github.com>
* migrated to more actively maintained mcp golang lib and added AI explain support for mcp mode
Signed-off-by: Umesh Kaul <umeshkaul@gmail.com>
* added a makefile option to create local docker image for testing
Signed-off-by: Umesh Kaul <umeshkaul@gmail.com>
* fixed linter errors and made anonymize as an arg
Signed-off-by: Umesh Kaul <umeshkaul@gmail.com>
---------
Signed-off-by: Umesh Kaul <umeshkaul@gmail.com>
Co-authored-by: Alex Jones <alexsimonjones@gmail.com>