whitecapdata-dev 0.1.0__tar.gz

whitecapdata_dev-0.1.0/.github/workflows/ci.yml

@@ -0,0 +1,31 @@
+name: CI
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        python-version: ["3.11", "3.12"]
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v5
+
+      - name: Create venv (Python ${{ matrix.python-version }})
+        run: uv venv -p ${{ matrix.python-version }}
+
+      - name: Install project (with dev deps)
+        run: uv pip install -e ".[dev]"
+
+      - name: Lint
+        run: uv run ruff check .
+
+      - name: Test
+        run: uv run pytest --cov=homelab_mcp --cov-report=term-missing

whitecapdata_dev-0.1.0/.github/workflows/release.yml

@@ -0,0 +1,36 @@
+name: Release
+
+on:
+  push:
+    tags: ["v*"]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Install uv
+        uses: astral-sh/setup-uv@v5
+      - name: Build sdist and wheel
+        run: uv build
+      - name: Upload dist artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: dist
+          path: dist/
+
+  publish:
+    needs: build
+    runs-on: ubuntu-latest
+    # Trusted Publishing (OIDC) — no API token stored in the repo.
+    environment: pypi
+    permissions:
+      id-token: write
+    steps:
+      - name: Download dist artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: dist
+          path: dist/
+      - name: Publish to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1

whitecapdata_dev-0.1.0/.gitignore

@@ -0,0 +1,21 @@
+# Python
+__pycache__/
+*.py[cod]
+*.egg-info/
+.eggs/
+build/
+dist/
+.venv/
+venv/
+
+# Tooling
+.pytest_cache/
+.ruff_cache/
+.coverage
+htmlcov/
+.mypy_cache/
+
+# Editors / OS
+.idea/
+.vscode/
+.DS_Store

whitecapdata_dev-0.1.0/CHANGELOG.md

@@ -0,0 +1,21 @@
+# Changelog
+
+All notable changes to this project are documented here. The format is based on
+[Keep a Changelog](https://keepachangelog.com/), and this project adheres to
+[Semantic Versioning](https://semver.org/).
+
+## [0.1.0] - 2026-06-20
+
+### Added
+- Read tools: `cluster_summary`, `list_pods`, `list_deployments`, `list_events`,
+  `pod_logs`, `node_health`, `server_info`.
+- Guarded mutating tools: `restart_deployment`, `scale_deployment`, `delete_pod`.
+- Safe-by-default model: read-only switch (`HOMELAB_MCP_READONLY`), namespace
+  allowlist (`HOMELAB_MCP_MUTABLE_NAMESPACES`, `*` for all), bounded scale
+  (`HOMELAB_MCP_MAX_REPLICAS`).
+- kubeconfig/in-cluster auth with optional context (`HOMELAB_MCP_CONTEXT`).
+- Unit tests for config, mappers, guard logic, and the tool layer (no cluster
+  required). GitHub Actions CI on Python 3.11 and 3.12.
+- MCP registry manifest (`server.json`) and PyPI Trusted Publishing workflow.
+
+[0.1.0]: https://github.com/Michael-WhiteCapData/homelab-mcp/releases/tag/v0.1.0

whitecapdata_dev-0.1.0/CONTRIBUTING.md

@@ -0,0 +1,33 @@
+# Contributing to homelab-mcp
+
+Thanks for your interest! This server stays small, focused, and **safe by default** — contributions that preserve those properties merge easiest.
+
+## Getting set up
+
+```bash
+git clone https://github.com/Michael-WhiteCapData/homelab-mcp
+cd homelab-mcp
+uv pip install -e ".[dev]"
+```
+
+## Before opening a PR
+
+- `ruff check .` passes (`ruff check --fix .` to autofix).
+- `pytest` passes. The suite uses fakes/mocks for the Kubernetes API — **no cluster required**.
+- New behavior comes with a test.
+- Any new **mutating** tool must go through `KubeClient._guard()` (read-only + namespace allowlist) and have a test proving it's blocked when it should be.
+
+## Architecture
+
+- `config.py` — env-driven config + the namespace allowlist logic.
+- `format.py` — pure mappers from Kubernetes objects to JSON-able dicts (easy to test).
+- `kube.py` — the API facade; reads call mappers, mutations are guarded.
+- `server.py` — the MCP tool layer (thin; delegates to `KubeClient`).
+
+## Reporting bugs
+
+Open an issue with what you ran, expected vs. actual, and your `server_info` output.
+
+## Code of conduct
+
+Be decent, assume good faith, keep it constructive.

whitecapdata_dev-0.1.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Michael Tierney
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

whitecapdata_dev-0.1.0/PKG-INFO

@@ -0,0 +1,136 @@
+Metadata-Version: 2.4
+Name: whitecapdata-dev
+Version: 0.1.0
+Summary: WhiteCapData-Dev — an MCP server to operate a k3s / Kubernetes cluster (health, logs, and guarded restart/scale/delete) straight from your AI agent.
+Project-URL: Homepage, https://github.com/Michael-WhiteCapData/WhiteCapData-Dev
+Project-URL: Repository, https://github.com/Michael-WhiteCapData/WhiteCapData-Dev
+Project-URL: Issues, https://github.com/Michael-WhiteCapData/WhiteCapData-Dev/issues
+Author: Michael Tierney
+License: MIT
+License-File: LICENSE
+Keywords: claude,devops,homelab,k3s,k8s,kubernetes,mcp,model-context-protocol
+Classifier: Development Status :: 4 - Beta
+Classifier: Intended Audience :: Developers
+Classifier: Intended Audience :: System Administrators
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: System :: Systems Administration
+Requires-Python: >=3.11
+Requires-Dist: kubernetes>=29
+Requires-Dist: mcp>=1.2
+Provides-Extra: dev
+Requires-Dist: pytest-cov>=5; extra == 'dev'
+Requires-Dist: pytest>=8; extra == 'dev'
+Requires-Dist: ruff>=0.6; extra == 'dev'
+Description-Content-Type: text/markdown
+
+# WhiteCapData-Dev
+
+**Operate a k3s / Kubernetes cluster straight from your AI agent — safe by default.**
+
+[![CI](https://github.com/Michael-WhiteCapData/WhiteCapData-Dev/actions/workflows/ci.yml/badge.svg)](https://github.com/Michael-WhiteCapData/WhiteCapData-Dev/actions/workflows/ci.yml)
+[![PyPI](https://img.shields.io/pypi/v/whitecapdata-dev?color=3775A9&logo=pypi&logoColor=white)](https://pypi.org/project/whitecapdata-dev/)
+[![Python](https://img.shields.io/badge/python-3.11%2B-3776AB?logo=python&logoColor=white)](https://www.python.org/)
+[![MCP](https://img.shields.io/badge/MCP-server-D97757)](https://modelcontextprotocol.io/)
+[![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)](LICENSE)
+
+An [MCP](https://modelcontextprotocol.io/) server that lets an agent (Claude Code, Claude Desktop, Cursor, …) inspect and operate a **Kubernetes / k3s** cluster — your homelab box, a dev cluster, whatever your kubeconfig points at — **without shelling out to `kubectl`**. It talks to the Kubernetes API directly using your existing kubeconfig (or an in-cluster service account).
+
+The design goal is **safe by default**: reads are always on; every mutating action (restart / scale / delete) is gated *before the API call* by a read-only switch and a namespace allowlist, so an over-eager agent can't touch `kube-system` or nuke a deployment you didn't sandbox.
+
+> **Name note:** the PyPI package is `whitecapdata-dev` (the `homelab-k8s`-style name was taken); the import package and tools are k8s/homelab-focused as described here.
+
+---
+
+## Why you'd want this
+
+- 🩺 **One-call health.** `cluster_summary` gives node + pod totals and the unhealthy pods, so the agent starts triage with real data.
+- 🔒 **Safe by default.** Mutations are blocked unless the namespace is on your allowlist; flip `HOMELAB_MCP_READONLY=1` to make the whole server read-only.
+- 🧰 **The operations you actually do.** Pods, deployments, events, logs, node health, rollout-restart, scale, delete-pod.
+- 🪶 **No bespoke backend.** Uses the standard Kubernetes API + your kubeconfig — nothing to deploy server-side.
+- ✅ **Tested.** Pure logic is unit-tested with fakes; guard logic is tested against a mocked API. No cluster needed to run the suite.
+
+## Requirements
+
+- A reachable cluster and a working **kubeconfig** (the same one `kubectl` uses), or run it in-cluster with a service account.
+- Python 3.11+ (or just `uvx`).
+
+## Install
+
+```bash
+uvx whitecapdata-dev          # run directly
+# or
+pip install whitecapdata-dev  # then run: whitecapdata-dev
+```
+
+### Claude Code
+
+```bash
+claude mcp add homelab -- uvx whitecapdata-dev
+```
+
+### Claude Desktop / Cursor
+
+```jsonc
+{
+  "mcpServers": {
+    "homelab": {
+      "command": "uvx",
+      "args": ["whitecapdata-dev"],
+      "env": {
+        "HOMELAB_MCP_MUTABLE_NAMESPACES": "default,apps,monitoring",
+        "HOMELAB_MCP_READONLY": "0"
+      }
+    }
+  }
+}
+```
+
+## Tools
+
+| Tool | Kind | Description |
+| --- | --- | --- |
+| `cluster_summary` | read | Node/pod health totals + unhealthy pods |
+| `list_pods` | read | Pods (optionally one namespace), unhealthy first |
+| `list_deployments` | read | Deployments with ready/desired replicas |
+| `list_events` | read | Recent events, Warnings first |
+| `pod_logs` | read | Tail a pod's logs |
+| `node_health` | read | Per-node readiness, kubelet, capacity, pressure |
+| `restart_deployment` | **write** | Rollout-restart (allowlisted namespaces) |
+| `scale_deployment` | **write** | Scale to N replicas (0..max, allowlisted) |
+| `delete_pod` | **write** | Delete a pod; its controller recreates it (allowlisted) |
+| `server_info` | read | Effective config (context, read-only, allowlist) |
+
+## Configuration
+
+| Variable | Default | Description |
+| --- | --- | --- |
+| `HOMELAB_MCP_CONTEXT` | current-context | kubeconfig context to use |
+| `HOMELAB_MCP_READONLY` | `0` | `1`/`true` disables all mutating tools |
+| `HOMELAB_MCP_MUTABLE_NAMESPACES` | `default,apps,monitoring,ci` | Namespaces mutations may touch; `*` = all |
+| `HOMELAB_MCP_MAX_REPLICAS` | `10` | Upper bound for `scale_deployment` |
+
+## Safety model
+
+1. **Read-only switch** — `HOMELAB_MCP_READONLY=1` rejects every mutating tool up front.
+2. **Namespace allowlist** — mutating tools refuse any namespace not in `HOMELAB_MCP_MUTABLE_NAMESPACES` (default a homelab-friendly set; `*` opts into all).
+3. **Bounded scale** — `scale_deployment` clamps to `0..HOMELAB_MCP_MAX_REPLICAS`.
+
+The cluster's own RBAC still applies on top — this server can only do what the kubeconfig identity is permitted to do.
+
+## Development
+
+```bash
+git clone https://github.com/Michael-WhiteCapData/WhiteCapData-Dev
+cd WhiteCapData-Dev
+uv pip install -e ".[dev]"
+ruff check .
+pytest          # no cluster required — APIs are faked/mocked
+```
+
+See [CONTRIBUTING.md](CONTRIBUTING.md).
+
+## License
+
+[MIT](LICENSE) © Michael Tierney

whitecapdata_dev-0.1.0/README.md

@@ -0,0 +1,109 @@
+# WhiteCapData-Dev
+
+**Operate a k3s / Kubernetes cluster straight from your AI agent — safe by default.**
+
+[![CI](https://github.com/Michael-WhiteCapData/WhiteCapData-Dev/actions/workflows/ci.yml/badge.svg)](https://github.com/Michael-WhiteCapData/WhiteCapData-Dev/actions/workflows/ci.yml)
+[![PyPI](https://img.shields.io/pypi/v/whitecapdata-dev?color=3775A9&logo=pypi&logoColor=white)](https://pypi.org/project/whitecapdata-dev/)
+[![Python](https://img.shields.io/badge/python-3.11%2B-3776AB?logo=python&logoColor=white)](https://www.python.org/)
+[![MCP](https://img.shields.io/badge/MCP-server-D97757)](https://modelcontextprotocol.io/)
+[![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)](LICENSE)
+
+An [MCP](https://modelcontextprotocol.io/) server that lets an agent (Claude Code, Claude Desktop, Cursor, …) inspect and operate a **Kubernetes / k3s** cluster — your homelab box, a dev cluster, whatever your kubeconfig points at — **without shelling out to `kubectl`**. It talks to the Kubernetes API directly using your existing kubeconfig (or an in-cluster service account).
+
+The design goal is **safe by default**: reads are always on; every mutating action (restart / scale / delete) is gated *before the API call* by a read-only switch and a namespace allowlist, so an over-eager agent can't touch `kube-system` or nuke a deployment you didn't sandbox.
+
+> **Name note:** the PyPI package is `whitecapdata-dev` (the `homelab-k8s`-style name was taken); the import package and tools are k8s/homelab-focused as described here.
+
+---
+
+## Why you'd want this
+
+- 🩺 **One-call health.** `cluster_summary` gives node + pod totals and the unhealthy pods, so the agent starts triage with real data.
+- 🔒 **Safe by default.** Mutations are blocked unless the namespace is on your allowlist; flip `HOMELAB_MCP_READONLY=1` to make the whole server read-only.
+- 🧰 **The operations you actually do.** Pods, deployments, events, logs, node health, rollout-restart, scale, delete-pod.
+- 🪶 **No bespoke backend.** Uses the standard Kubernetes API + your kubeconfig — nothing to deploy server-side.
+- ✅ **Tested.** Pure logic is unit-tested with fakes; guard logic is tested against a mocked API. No cluster needed to run the suite.
+
+## Requirements
+
+- A reachable cluster and a working **kubeconfig** (the same one `kubectl` uses), or run it in-cluster with a service account.
+- Python 3.11+ (or just `uvx`).
+
+## Install
+
+```bash
+uvx whitecapdata-dev          # run directly
+# or
+pip install whitecapdata-dev  # then run: whitecapdata-dev
+```
+
+### Claude Code
+
+```bash
+claude mcp add homelab -- uvx whitecapdata-dev
+```
+
+### Claude Desktop / Cursor
+
+```jsonc
+{
+  "mcpServers": {
+    "homelab": {
+      "command": "uvx",
+      "args": ["whitecapdata-dev"],
+      "env": {
+        "HOMELAB_MCP_MUTABLE_NAMESPACES": "default,apps,monitoring",
+        "HOMELAB_MCP_READONLY": "0"
+      }
+    }
+  }
+}
+```
+
+## Tools
+
+| Tool | Kind | Description |
+| --- | --- | --- |
+| `cluster_summary` | read | Node/pod health totals + unhealthy pods |
+| `list_pods` | read | Pods (optionally one namespace), unhealthy first |
+| `list_deployments` | read | Deployments with ready/desired replicas |
+| `list_events` | read | Recent events, Warnings first |
+| `pod_logs` | read | Tail a pod's logs |
+| `node_health` | read | Per-node readiness, kubelet, capacity, pressure |
+| `restart_deployment` | **write** | Rollout-restart (allowlisted namespaces) |
+| `scale_deployment` | **write** | Scale to N replicas (0..max, allowlisted) |
+| `delete_pod` | **write** | Delete a pod; its controller recreates it (allowlisted) |
+| `server_info` | read | Effective config (context, read-only, allowlist) |
+
+## Configuration
+
+| Variable | Default | Description |
+| --- | --- | --- |
+| `HOMELAB_MCP_CONTEXT` | current-context | kubeconfig context to use |
+| `HOMELAB_MCP_READONLY` | `0` | `1`/`true` disables all mutating tools |
+| `HOMELAB_MCP_MUTABLE_NAMESPACES` | `default,apps,monitoring,ci` | Namespaces mutations may touch; `*` = all |
+| `HOMELAB_MCP_MAX_REPLICAS` | `10` | Upper bound for `scale_deployment` |
+
+## Safety model
+
+1. **Read-only switch** — `HOMELAB_MCP_READONLY=1` rejects every mutating tool up front.
+2. **Namespace allowlist** — mutating tools refuse any namespace not in `HOMELAB_MCP_MUTABLE_NAMESPACES` (default a homelab-friendly set; `*` opts into all).
+3. **Bounded scale** — `scale_deployment` clamps to `0..HOMELAB_MCP_MAX_REPLICAS`.
+
+The cluster's own RBAC still applies on top — this server can only do what the kubeconfig identity is permitted to do.
+
+## Development
+
+```bash
+git clone https://github.com/Michael-WhiteCapData/WhiteCapData-Dev
+cd WhiteCapData-Dev
+uv pip install -e ".[dev]"
+ruff check .
+pytest          # no cluster required — APIs are faked/mocked
+```
+
+See [CONTRIBUTING.md](CONTRIBUTING.md).
+
+## License
+
+[MIT](LICENSE) © Michael Tierney

whitecapdata_dev-0.1.0/pyproject.toml

@@ -0,0 +1,51 @@
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[project]
+name = "whitecapdata-dev"
+version = "0.1.0"
+description = "WhiteCapData-Dev — an MCP server to operate a k3s / Kubernetes cluster (health, logs, and guarded restart/scale/delete) straight from your AI agent."
+readme = "README.md"
+license = { text = "MIT" }
+requires-python = ">=3.11"
+authors = [{ name = "Michael Tierney" }]
+keywords = ["mcp", "model-context-protocol", "kubernetes", "k3s", "k8s", "homelab", "devops", "claude"]
+classifiers = [
+    "Development Status :: 4 - Beta",
+    "Intended Audience :: Developers",
+    "Intended Audience :: System Administrators",
+    "License :: OSI Approved :: MIT License",
+    "Programming Language :: Python :: 3.11",
+    "Programming Language :: Python :: 3.12",
+    "Topic :: System :: Systems Administration",
+]
+dependencies = [
+    "mcp>=1.2",
+    "kubernetes>=29",
+]
+
+[project.urls]
+Homepage = "https://github.com/Michael-WhiteCapData/WhiteCapData-Dev"
+Repository = "https://github.com/Michael-WhiteCapData/WhiteCapData-Dev"
+Issues = "https://github.com/Michael-WhiteCapData/WhiteCapData-Dev/issues"
+
+[project.scripts]
+whitecapdata-dev = "homelab_mcp.server:main"
+
+[project.optional-dependencies]
+dev = ["pytest>=8", "pytest-cov>=5", "ruff>=0.6"]
+
+[tool.hatch.build.targets.wheel]
+packages = ["src/homelab_mcp"]
+
+[tool.pytest.ini_options]
+addopts = "-q"
+testpaths = ["tests"]
+
+[tool.ruff]
+line-length = 110
+target-version = "py311"
+
+[tool.ruff.lint]
+select = ["E", "F", "I", "UP", "B", "SIM", "PLC"]

whitecapdata_dev-0.1.0/server.json

@@ -0,0 +1,43 @@
+{
+  "$schema": "https://static.modelcontextprotocol.io/schemas/2025-09-29/server.schema.json",
+  "name": "io.github.Michael-WhiteCapData/WhiteCapData-Dev",
+  "description": "Operate a k3s / Kubernetes cluster from an MCP client — health, logs, and guarded restart/scale/delete, safe by default.",
+  "repository": {
+    "url": "https://github.com/Michael-WhiteCapData/WhiteCapData-Dev",
+    "source": "github"
+  },
+  "version": "0.1.0",
+  "packages": [
+    {
+      "registryType": "pypi",
+      "identifier": "whitecapdata-dev",
+      "version": "0.1.0",
+      "transport": { "type": "stdio" },
+      "environmentVariables": [
+        {
+          "name": "HOMELAB_MCP_CONTEXT",
+          "description": "kubeconfig context to use (defaults to current-context).",
+          "isRequired": false
+        },
+        {
+          "name": "HOMELAB_MCP_READONLY",
+          "description": "Set to 1/true to disable all mutating tools.",
+          "default": "0",
+          "isRequired": false
+        },
+        {
+          "name": "HOMELAB_MCP_MUTABLE_NAMESPACES",
+          "description": "Comma-separated namespaces mutations may touch; '*' allows all.",
+          "default": "default,apps,monitoring,ci",
+          "isRequired": false
+        },
+        {
+          "name": "HOMELAB_MCP_MAX_REPLICAS",
+          "description": "Upper bound accepted by scale_deployment.",
+          "default": "10",
+          "isRequired": false
+        }
+      ]
+    }
+  ]
+}

whitecapdata_dev-0.1.0/src/homelab_mcp/__init__.py

@@ -0,0 +1,12 @@
+"""homelab-mcp — operate a k3s / Kubernetes cluster from an MCP client.
+
+Exposes read and (guarded) write tools over the Kubernetes API so an agent
+(Claude Code, Claude Desktop, Cursor, …) can inspect cluster health and perform
+safe, allowlisted operations — without shelling out to kubectl.
+"""
+
+from .config import Config
+from .kube import HomelabMCPError, KubeClient
+
+__all__ = ["Config", "KubeClient", "HomelabMCPError", "__version__"]
+__version__ = "0.1.0"

whitecapdata_dev-0.1.0/src/homelab_mcp/config.py

@@ -0,0 +1,54 @@
+"""Environment-driven configuration for the homelab-mcp server."""
+
+from __future__ import annotations
+
+import os
+from dataclasses import dataclass
+
+# Sensible homelab default: only let mutating tools touch these namespaces.
+# Override with HOMELAB_MCP_MUTABLE_NAMESPACES; set it to "*" to allow all.
+DEFAULT_MUTABLE_NAMESPACES = ("default", "apps", "monitoring", "ci")
+DEFAULT_MAX_REPLICAS = 10
+_TRUE = {"1", "true", "yes", "on"}
+
+
+@dataclass(frozen=True)
+class Config:
+    """Effective server configuration, sourced from the environment."""
+
+    context: str | None = None
+    read_only: bool = False
+    mutable_namespaces: tuple[str, ...] = DEFAULT_MUTABLE_NAMESPACES
+    max_replicas: int = DEFAULT_MAX_REPLICAS
+
+    @classmethod
+    def from_env(cls, env: dict[str, str] | None = None) -> Config:
+        src = os.environ if env is None else env
+        raw_ns = src.get("HOMELAB_MCP_MUTABLE_NAMESPACES")
+        if raw_ns is None:
+            namespaces = DEFAULT_MUTABLE_NAMESPACES
+        elif raw_ns.strip() == "*":
+            namespaces = ()  # empty tuple == every namespace allowed
+        else:
+            namespaces = tuple(n.strip() for n in raw_ns.split(",") if n.strip())
+        return cls(
+            context=src.get("HOMELAB_MCP_CONTEXT") or None,
+            read_only=src.get("HOMELAB_MCP_READONLY", "").lower() in _TRUE,
+            mutable_namespaces=namespaces,
+            max_replicas=int(src.get("HOMELAB_MCP_MAX_REPLICAS", str(DEFAULT_MAX_REPLICAS))),
+        )
+
+    def namespace_allowed(self, namespace: str) -> bool:
+        """True if mutating tools may act on ``namespace``.
+
+        An empty allowlist means "all namespaces" (the operator opted in via ``*``).
+        """
+        return not self.mutable_namespaces or namespace in self.mutable_namespaces
+
+    def as_dict(self) -> dict[str, object]:
+        return {
+            "context": self.context or "(current-context)",
+            "read_only": self.read_only,
+            "mutable_namespaces": list(self.mutable_namespaces) or ["*"],
+            "max_replicas": self.max_replicas,
+        }

whitecapdata_dev-0.1.0/src/homelab_mcp/format.py

@@ -0,0 +1,125 @@
+"""Pure mappers from Kubernetes API objects to plain JSON-able structures.
+
+These take any object that exposes the same attributes as the official
+``kubernetes`` client models, so they're unit-testable with lightweight fakes
+(e.g. ``types.SimpleNamespace``) — no cluster required.
+"""
+
+from __future__ import annotations
+
+from typing import Any
+
+
+def _attr(obj: Any, *path: str, default: Any = None) -> Any:
+    """Safely walk a chain of attributes, returning ``default`` on any miss."""
+    cur = obj
+    for name in path:
+        if cur is None:
+            return default
+        cur = getattr(cur, name, None)
+    return cur if cur is not None else default
+
+
+def pod_is_healthy(pod: Any) -> bool:
+    """A pod is healthy if it's Running/Succeeded and all containers are ready."""
+    phase = _attr(pod, "status", "phase", default="")
+    if phase == "Succeeded":
+        return True
+    if phase != "Running":
+        return False
+    statuses = _attr(pod, "status", "container_statuses", default=[]) or []
+    return all(getattr(cs, "ready", False) for cs in statuses)
+
+
+def pod_row(pod: Any) -> dict[str, Any]:
+    statuses = _attr(pod, "status", "container_statuses", default=[]) or []
+    restarts = sum(getattr(cs, "restart_count", 0) or 0 for cs in statuses)
+    return {
+        "namespace": _attr(pod, "metadata", "namespace", default=""),
+        "name": _attr(pod, "metadata", "name", default=""),
+        "phase": _attr(pod, "status", "phase", default=""),
+        "ready": pod_is_healthy(pod),
+        "restarts": restarts,
+        "node": _attr(pod, "spec", "node_name", default=""),
+    }
+
+
+def pod_rows(pods: list[Any]) -> list[dict[str, Any]]:
+    """Rows for a pod list, unhealthy first then by namespace/name."""
+    rows = [pod_row(p) for p in pods]
+    rows.sort(key=lambda r: (r["ready"], r["namespace"], r["name"]))
+    return rows
+
+
+def deployment_row(dep: Any) -> dict[str, Any]:
+    desired = _attr(dep, "spec", "replicas", default=0) or 0
+    ready = _attr(dep, "status", "ready_replicas", default=0) or 0
+    return {
+        "namespace": _attr(dep, "metadata", "namespace", default=""),
+        "name": _attr(dep, "metadata", "name", default=""),
+        "ready_replicas": ready,
+        "desired_replicas": desired,
+        "available": ready >= desired and desired > 0,
+    }
+
+
+def deployment_rows(deps: list[Any]) -> list[dict[str, Any]]:
+    rows = [deployment_row(d) for d in deps]
+    rows.sort(key=lambda r: (r["available"], r["namespace"], r["name"]))
+    return rows
+
+
+def node_row(node: Any) -> dict[str, Any]:
+    conditions = _attr(node, "status", "conditions", default=[]) or []
+    ready = any(getattr(c, "type", "") == "Ready" and getattr(c, "status", "") == "True" for c in conditions)
+    # Pressure conditions are healthy when "False".
+    pressures = {
+        getattr(c, "type", ""): getattr(c, "status", "")
+        for c in conditions
+        if getattr(c, "type", "").endswith("Pressure")
+    }
+    cap = _attr(node, "status", "capacity", default={}) or {}
+    return {
+        "name": _attr(node, "metadata", "name", default=""),
+        "ready": ready,
+        "kubelet": _attr(node, "status", "node_info", "kubelet_version", default=""),
+        "cpu": cap.get("cpu", ""),
+        "memory": cap.get("memory", ""),
+        "pressure": [k for k, v in pressures.items() if v == "True"],
+    }
+
+
+def node_rows(nodes: list[Any]) -> list[dict[str, Any]]:
+    return [node_row(n) for n in nodes]
+
+
+def cluster_summary(nodes: list[Any], pods: list[Any]) -> dict[str, Any]:
+    node_data = node_rows(nodes)
+    pod_data = pod_rows(pods)
+    unhealthy = [p for p in pod_data if not p["ready"]]
+    phases: dict[str, int] = {}
+    for p in pod_data:
+        phases[p["phase"]] = phases.get(p["phase"], 0) + 1
+    return {
+        "nodes": {"total": len(node_data), "ready": sum(1 for n in node_data if n["ready"])},
+        "pods": {"total": len(pod_data), "by_phase": phases, "unhealthy": len(unhealthy)},
+        "unhealthy_pods": unhealthy,
+    }
+
+
+def event_row(ev: Any) -> dict[str, Any]:
+    return {
+        "type": _attr(ev, "type", default=""),
+        "reason": _attr(ev, "reason", default=""),
+        "object": f"{_attr(ev, 'involved_object', 'kind', default='')}/"
+        f"{_attr(ev, 'involved_object', 'name', default='')}",
+        "namespace": _attr(ev, "metadata", "namespace", default=""),
+        "message": _attr(ev, "message", default=""),
+    }
+
+
+def event_rows(events: list[Any], limit: int) -> list[dict[str, Any]]:
+    rows = [event_row(e) for e in events]
+    # Warnings first so problems surface at the top.
+    rows.sort(key=lambda r: r["type"] != "Warning")
+    return rows[:limit]

whitecapdata_dev-0.1.0/src/homelab_mcp/kube.py

@@ -0,0 +1,118 @@
+"""Kubernetes API wrapper used by the MCP tools.
+
+Reads happen through the CoreV1/AppsV1 APIs and are shaped by :mod:`format`.
+Mutations are gated on the operator's config (read-only switch + namespace
+allowlist) *before* any API call, so a misbehaving agent can't scale or delete
+outside the sandbox the operator allowed.
+
+The official ``kubernetes`` client is imported lazily so the pure logic (and
+its tests) don't require it to be installed or a cluster to be reachable.
+"""
+
+from __future__ import annotations
+
+from datetime import UTC, datetime
+from typing import Any
+
+from . import format as fmt
+from .config import Config
+
+RESTART_ANNOTATION = "kubectl.kubernetes.io/restartedAt"
+
+
+class HomelabMCPError(RuntimeError):
+    """A user-facing error (bad config, blocked mutation, or API failure)."""
+
+
+def _load_apis(config: Config) -> tuple[Any, Any]:
+    """Load kube config (in-cluster, else kubeconfig) and return (core, apps)."""
+    try:
+        from kubernetes import client  # noqa: PLC0415
+        from kubernetes import config as kube_config  # noqa: PLC0415
+    except ImportError as exc:  # pragma: no cover - import guard
+        raise HomelabMCPError(
+            "The 'kubernetes' package is required. Install with: pip install homelab-mcp"
+        ) from exc
+    try:
+        kube_config.load_incluster_config()
+    except kube_config.ConfigException:
+        kube_config.load_kube_config(context=config.context)
+    return client.CoreV1Api(), client.AppsV1Api()
+
+
+class KubeClient:
+    """Thin, testable facade over the parts of the Kubernetes API we expose."""
+
+    def __init__(self, config: Config, core_v1: Any = None, apps_v1: Any = None) -> None:
+        self._config = config
+        if core_v1 is None or apps_v1 is None:
+            core_v1, apps_v1 = _load_apis(config)
+        self._core = core_v1
+        self._apps = apps_v1
+
+    @property
+    def config(self) -> Config:
+        return self._config
+
+    # -- reads ---------------------------------------------------------------
+
+    def _pods(self, namespace: str = "") -> list[Any]:
+        if namespace:
+            return self._core.list_namespaced_pod(namespace).items
+        return self._core.list_pod_for_all_namespaces().items
+
+    def cluster_summary(self) -> dict[str, Any]:
+        nodes = self._core.list_node().items
+        return fmt.cluster_summary(nodes, self._pods())
+
+    def list_pods(self, namespace: str = "") -> list[dict[str, Any]]:
+        return fmt.pod_rows(self._pods(namespace))
+
+    def list_deployments(self, namespace: str = "") -> list[dict[str, Any]]:
+        if namespace:
+            deps = self._apps.list_namespaced_deployment(namespace).items
+        else:
+            deps = self._apps.list_deployment_for_all_namespaces().items
+        return fmt.deployment_rows(deps)
+
+    def list_events(self, limit: int = 30) -> list[dict[str, Any]]:
+        events = self._core.list_event_for_all_namespaces().items
+        return fmt.event_rows(events, limit)
+
+    def pod_logs(self, namespace: str, pod: str, tail: int = 200) -> str:
+        return self._core.read_namespaced_pod_log(name=pod, namespace=namespace, tail_lines=tail)
+
+    def node_health(self) -> list[dict[str, Any]]:
+        return fmt.node_rows(self._core.list_node().items)
+
+    # -- mutations (guarded) -------------------------------------------------
+
+    def _guard(self, namespace: str) -> None:
+        if self._config.read_only:
+            raise HomelabMCPError("Server is in read-only mode; mutations are disabled.")
+        if not self._config.namespace_allowed(namespace):
+            allowed = ", ".join(self._config.mutable_namespaces) or "*"
+            raise HomelabMCPError(
+                f"Namespace '{namespace}' is not in the mutable allowlist ({allowed})."
+            )
+
+    def restart_deployment(self, namespace: str, name: str) -> str:
+        self._guard(namespace)
+        stamp = datetime.now(UTC).isoformat()
+        body = {"spec": {"template": {"metadata": {"annotations": {RESTART_ANNOTATION: stamp}}}}}
+        self._apps.patch_namespaced_deployment(name=name, namespace=namespace, body=body)
+        return f"restarted deployment {namespace}/{name} at {stamp}"
+
+    def scale_deployment(self, namespace: str, name: str, replicas: int) -> str:
+        self._guard(namespace)
+        if not 0 <= replicas <= self._config.max_replicas:
+            raise HomelabMCPError(f"replicas must be between 0 and {self._config.max_replicas}.")
+        self._apps.patch_namespaced_deployment_scale(
+            name=name, namespace=namespace, body={"spec": {"replicas": replicas}}
+        )
+        return f"scaled deployment {namespace}/{name} to {replicas} replicas"
+
+    def delete_pod(self, namespace: str, name: str) -> str:
+        self._guard(namespace)
+        self._core.delete_namespaced_pod(name=name, namespace=namespace)
+        return f"deleted pod {namespace}/{name} (its controller will recreate it)"

whitecapdata_dev-0.1.0/src/homelab_mcp/server.py

@@ -0,0 +1,113 @@
+"""The homelab-mcp MCP server.
+
+Tools return JSON strings so the calling agent gets structured, compact data.
+Reads are always available; mutations are gated by the operator's config
+(read-only switch + namespace allowlist) enforced in :class:`KubeClient`.
+"""
+
+from __future__ import annotations
+
+import json
+from typing import Any
+
+from mcp.server.fastmcp import FastMCP
+
+from .config import Config
+from .kube import KubeClient
+
+mcp = FastMCP("homelab")
+
+_client: KubeClient | None = None
+
+
+def get_client() -> KubeClient:
+    """Lazily build the cluster client (so import never touches a cluster)."""
+    global _client
+    if _client is None:
+        _client = KubeClient(Config.from_env())
+    return _client
+
+
+def set_client(client: KubeClient) -> None:
+    """Replace the module-level client (used by tests)."""
+    global _client
+    _client = client
+
+
+def _json(data: Any) -> str:
+    return json.dumps(data, indent=2, default=str)
+
+
+# -- reads -------------------------------------------------------------------
+
+
+@mcp.tool()
+def cluster_summary() -> str:
+    """Node and pod health totals plus the list of unhealthy pods. Start here."""
+    return _json(get_client().cluster_summary())
+
+
+@mcp.tool()
+def list_pods(namespace: str = "") -> str:
+    """List pods (optionally one namespace). Unhealthy pods sort first."""
+    return _json(get_client().list_pods(namespace))
+
+
+@mcp.tool()
+def list_deployments(namespace: str = "") -> str:
+    """List deployments with ready/desired replica counts."""
+    return _json(get_client().list_deployments(namespace))
+
+
+@mcp.tool()
+def list_events(limit: int = 30) -> str:
+    """Recent cluster events; Warning-type events sort first."""
+    return _json(get_client().list_events(limit))
+
+
+@mcp.tool()
+def pod_logs(namespace: str, pod: str, tail: int = 200) -> str:
+    """Tail a pod's logs."""
+    return get_client().pod_logs(namespace, pod, tail)
+
+
+@mcp.tool()
+def node_health() -> str:
+    """Per-node readiness, kubelet version, capacity, and pressure conditions."""
+    return _json(get_client().node_health())
+
+
+# -- mutations (guarded by read-only + namespace allowlist) ------------------
+
+
+@mcp.tool()
+def restart_deployment(namespace: str, name: str) -> str:
+    """Rollout-restart a deployment (subject to the mutable-namespace allowlist)."""
+    return get_client().restart_deployment(namespace, name)
+
+
+@mcp.tool()
+def scale_deployment(namespace: str, name: str, replicas: int) -> str:
+    """Scale a deployment to N replicas (0..max), subject to the allowlist."""
+    return get_client().scale_deployment(namespace, name, replicas)
+
+
+@mcp.tool()
+def delete_pod(namespace: str, name: str) -> str:
+    """Delete a pod so its controller recreates it (subject to the allowlist)."""
+    return get_client().delete_pod(namespace, name)
+
+
+@mcp.tool()
+def server_info() -> str:
+    """Report the effective configuration (context, read-only, allowlist)."""
+    return _json(get_client().config.as_dict())
+
+
+def main() -> None:
+    """Console-script entry point: run the server over stdio."""
+    mcp.run()
+
+
+if __name__ == "__main__":
+    main()

whitecapdata_dev-0.1.0/tests/conftest.py

@@ -0,0 +1,46 @@
+"""Lightweight fakes that mimic the kubernetes client model attributes."""
+
+from __future__ import annotations
+
+from types import SimpleNamespace as NS
+
+
+def make_pod(name, namespace="default", phase="Running", ready=True, restarts=0, node="n1"):
+    cs = NS(ready=ready, restart_count=restarts)
+    return NS(
+        metadata=NS(name=name, namespace=namespace),
+        status=NS(phase=phase, container_statuses=[cs]),
+        spec=NS(node_name=node),
+    )
+
+
+def make_node(name, ready=True, kubelet="v1.30.0", cpu="4", memory="8Gi", pressures=None):
+    conditions = [NS(type="Ready", status="True" if ready else "False")]
+    for p, status in (pressures or {}).items():
+        conditions.append(NS(type=p, status=status))
+    return NS(
+        metadata=NS(name=name),
+        status=NS(
+            conditions=conditions,
+            node_info=NS(kubelet_version=kubelet),
+            capacity={"cpu": cpu, "memory": memory},
+        ),
+    )
+
+
+def make_deployment(name, namespace="default", replicas=3, ready=3):
+    return NS(
+        metadata=NS(name=name, namespace=namespace),
+        spec=NS(replicas=replicas),
+        status=NS(ready_replicas=ready),
+    )
+
+
+def make_event(reason, type_="Warning", kind="Pod", name="p", namespace="default", message="msg"):
+    return NS(
+        type=type_,
+        reason=reason,
+        involved_object=NS(kind=kind, name=name),
+        metadata=NS(namespace=namespace),
+        message=message,
+    )

whitecapdata_dev-0.1.0/tests/test_config.py

@@ -0,0 +1,35 @@
+from homelab_mcp.config import DEFAULT_MUTABLE_NAMESPACES, Config
+
+
+def test_defaults():
+    cfg = Config.from_env(env={})
+    assert cfg.read_only is False
+    assert cfg.context is None
+    assert cfg.mutable_namespaces == DEFAULT_MUTABLE_NAMESPACES
+    assert cfg.max_replicas == 10
+
+
+def test_read_only_parsing():
+    assert Config.from_env(env={"HOMELAB_MCP_READONLY": "true"}).read_only is True
+    assert Config.from_env(env={"HOMELAB_MCP_READONLY": "1"}).read_only is True
+    assert Config.from_env(env={"HOMELAB_MCP_READONLY": "no"}).read_only is False
+
+
+def test_namespace_allowlist_explicit():
+    cfg = Config.from_env(env={"HOMELAB_MCP_MUTABLE_NAMESPACES": "apps, ci"})
+    assert cfg.mutable_namespaces == ("apps", "ci")
+    assert cfg.namespace_allowed("apps") is True
+    assert cfg.namespace_allowed("kube-system") is False
+
+
+def test_namespace_wildcard_allows_all():
+    cfg = Config.from_env(env={"HOMELAB_MCP_MUTABLE_NAMESPACES": "*"})
+    assert cfg.mutable_namespaces == ()
+    assert cfg.namespace_allowed("anything") is True
+
+
+def test_as_dict_shows_star_for_empty():
+    cfg = Config.from_env(env={"HOMELAB_MCP_MUTABLE_NAMESPACES": "*", "HOMELAB_MCP_CONTEXT": "homelab"})
+    d = cfg.as_dict()
+    assert d["mutable_namespaces"] == ["*"]
+    assert d["context"] == "homelab"

whitecapdata_dev-0.1.0/tests/test_format.py

@@ -0,0 +1,56 @@
+from conftest import make_deployment, make_event, make_node, make_pod
+
+from homelab_mcp import format as fmt
+
+
+def test_pod_health():
+    assert fmt.pod_is_healthy(make_pod("a")) is True
+    assert fmt.pod_is_healthy(make_pod("b", phase="Pending")) is False
+    assert fmt.pod_is_healthy(make_pod("c", ready=False)) is False
+    assert fmt.pod_is_healthy(make_pod("d", phase="Succeeded", ready=False)) is True
+
+
+def test_pod_rows_sort_unhealthy_first():
+    pods = [make_pod("ok"), make_pod("bad", phase="CrashLoopBackOff", ready=False)]
+    rows = fmt.pod_rows(pods)
+    assert rows[0]["name"] == "bad" and rows[0]["ready"] is False
+    assert rows[1]["name"] == "ok"
+
+
+def test_pod_row_aggregates_restarts():
+    assert fmt.pod_row(make_pod("x", restarts=5))["restarts"] == 5
+
+
+def test_cluster_summary_counts():
+    nodes = [make_node("n1"), make_node("n2", ready=False)]
+    pods = [make_pod("a"), make_pod("b", phase="Pending", ready=False)]
+    s = fmt.cluster_summary(nodes, pods)
+    assert s["nodes"] == {"total": 2, "ready": 1}
+    assert s["pods"]["total"] == 2
+    assert s["pods"]["unhealthy"] == 1
+    assert len(s["unhealthy_pods"]) == 1
+
+
+def test_deployment_rows():
+    rows = fmt.deployment_rows([make_deployment("web", ready=2, replicas=3)])
+    assert rows[0]["ready_replicas"] == 2
+    assert rows[0]["desired_replicas"] == 3
+    assert rows[0]["available"] is False
+
+
+def test_node_row_reports_pressure():
+    node = make_node("n1", pressures={"MemoryPressure": "True", "DiskPressure": "False"})
+    row = fmt.node_row(node)
+    assert row["pressure"] == ["MemoryPressure"]
+    assert row["ready"] is True
+
+
+def test_event_rows_warning_first_and_limited():
+    events = [
+        make_event("Scheduled", type_="Normal"),
+        make_event("BackOff", type_="Warning"),
+        make_event("Pulled", type_="Normal"),
+    ]
+    rows = fmt.event_rows(events, limit=2)
+    assert len(rows) == 2
+    assert rows[0]["type"] == "Warning"

whitecapdata_dev-0.1.0/tests/test_kube.py

@@ -0,0 +1,70 @@
+from unittest.mock import MagicMock
+
+import pytest
+from conftest import make_node, make_pod
+
+from homelab_mcp.config import Config
+from homelab_mcp.kube import HomelabMCPError, KubeClient
+
+
+def _client(config=None, core=None, apps=None):
+    return KubeClient(config or Config(), core_v1=core or MagicMock(), apps_v1=apps or MagicMock())
+
+
+def test_cluster_summary_calls_apis_and_shapes():
+    core = MagicMock()
+    core.list_node.return_value.items = [make_node("n1")]
+    core.list_pod_for_all_namespaces.return_value.items = [make_pod("a")]
+    summary = _client(core=core).cluster_summary()
+    assert summary["nodes"]["ready"] == 1
+    core.list_node.assert_called_once()
+
+
+def test_list_pods_uses_namespaced_call_when_given():
+    core = MagicMock()
+    core.list_namespaced_pod.return_value.items = [make_pod("a", namespace="apps")]
+    _client(core=core).list_pods("apps")
+    core.list_namespaced_pod.assert_called_once_with("apps")
+    core.list_pod_for_all_namespaces.assert_not_called()
+
+
+def test_read_only_blocks_mutations_before_api_call():
+    apps = MagicMock()
+    client = _client(Config(read_only=True), apps=apps)
+    with pytest.raises(HomelabMCPError, match="read-only"):
+        client.scale_deployment("apps", "web", 2)
+    apps.patch_namespaced_deployment_scale.assert_not_called()
+
+
+def test_namespace_not_in_allowlist_is_blocked():
+    apps = MagicMock()
+    client = _client(Config(mutable_namespaces=("apps",)), apps=apps)
+    with pytest.raises(HomelabMCPError, match="not in the mutable allowlist"):
+        client.delete_pod("kube-system", "coredns-x")
+    # delete_pod is on core, but the guard runs first — ensure no apps call either
+    apps.assert_not_called()
+
+
+def test_scale_rejects_out_of_range():
+    client = _client(Config(mutable_namespaces=("apps",), max_replicas=10))
+    with pytest.raises(HomelabMCPError, match="between 0 and 10"):
+        client.scale_deployment("apps", "web", 99)
+
+
+def test_allowed_scale_calls_api():
+    apps = MagicMock()
+    client = _client(Config(mutable_namespaces=("apps",)), apps=apps)
+    msg = client.scale_deployment("apps", "web", 3)
+    apps.patch_namespaced_deployment_scale.assert_called_once()
+    assert "3 replicas" in msg
+
+
+def test_restart_sets_annotation_and_returns_message():
+    apps = MagicMock()
+    client = _client(Config(mutable_namespaces=("apps",)), apps=apps)
+    msg = client.restart_deployment("apps", "web")
+    args, kwargs = apps.patch_namespaced_deployment.call_args
+    body = kwargs["body"]
+    ann = body["spec"]["template"]["metadata"]["annotations"]
+    assert "kubectl.kubernetes.io/restartedAt" in ann
+    assert "restarted deployment apps/web" in msg

whitecapdata_dev-0.1.0/tests/test_server_tools.py

@@ -0,0 +1,49 @@
+"""Tool layer delegates to the client and serializes JSON; client is stubbed."""
+
+import json
+
+from homelab_mcp import server
+from homelab_mcp.config import Config
+
+
+class StubClient:
+    def __init__(self):
+        self.config = Config()
+        self.calls = []
+
+    def cluster_summary(self):
+        return {"nodes": {"total": 1, "ready": 1}, "pods": {"total": 0}, "unhealthy_pods": []}
+
+    def list_pods(self, namespace=""):
+        self.calls.append(("list_pods", namespace))
+        return [{"name": "a", "ready": True}]
+
+    def restart_deployment(self, namespace, name):
+        self.calls.append(("restart", namespace, name))
+        return f"restarted {namespace}/{name}"
+
+
+def test_cluster_summary_tool_returns_json():
+    server.set_client(StubClient())
+    out = json.loads(server.cluster_summary())
+    assert out["nodes"]["ready"] == 1
+
+
+def test_list_pods_tool_delegates_namespace():
+    stub = StubClient()
+    server.set_client(stub)
+    json.loads(server.list_pods("apps"))
+    assert ("list_pods", "apps") in stub.calls
+
+
+def test_restart_tool_delegates():
+    stub = StubClient()
+    server.set_client(stub)
+    assert server.restart_deployment("apps", "web") == "restarted apps/web"
+    assert ("restart", "apps", "web") in stub.calls
+
+
+def test_server_info_tool_serializes_config():
+    server.set_client(StubClient())
+    info = json.loads(server.server_info())
+    assert "mutable_namespaces" in info and "read_only" in info