Releases: sysdiglabs/sysdig-mcp-server
v0.5.0
Sysdig MCP Server v0.5.0: Rewritten in Go & New Troubleshooting Tools
We are announcing the release of Sysdig MCP Server v0.5.0. This version introduces a complete architectural rewrite of the project from Python to Go, aiming to improve performance, type safety, and maintainability.
Alongside the core rewrite, this release significantly expands the server's capabilities with a new suite of Kubernetes troubleshooting tools, allowing LLMs to diagnose cluster issues, analyze resource usage, and inspect network health with greater precision.
⚡ Architecture: Migration to Go
The project has been fully re-implemented in Go (Golang). This change aligns the MCP server with the broader cloud-native ecosystem and provides:
- Improved Performance: Native concurrency and lower resource footprint.
- Type Safety: Strong static typing for more reliable code execution.
- Simplified Deployment: Single binary distribution and standardized build processes.
🔄 Migration Guide (Python → Go)
Since the codebase has moved from Python to Go, uvx and pip commands are no longer supported, and environment variable names have changed.
1. Environment Variables (⚠️ Breaking Change)
The environment variable for the API token has been renamed. You must update your .env files and deployment configurations.
- ❌ Old:
SYSDIG_MCP_API_SECURE_TOKEN - ✅ New:
SYSDIG_MCP_API_TOKEN
(Note: SYSDIG_MCP_API_HOST remains unchanged)
2. Running Locally (CLI)
If you were previously running the server using uvx:
❌ Old (Python/uvx):
uvx --from sysdig-mcp-server sysdig-mcp-server✅ New (Go):
# Requires Go 1.25+
go run github.com/sysdiglabs/sysdig-mcp-server/cmd/server@latest3. Local Agent Configuration
Update your local agent configuration. Replace the uvx command and update the environment variable name.
Docker (Recommended):
{
"mcpServers": {
"sysdig-mcp-server": {
"command": "docker",
"args": [
"run", "-i", "--rm",
"-e", "SYSDIG_MCP_API_HOST",
"-e", "SYSDIG_MCP_API_TOKEN",
"ghcr.io/sysdiglabs/sysdig-mcp-server:latest"
],
"env": {
"SYSDIG_MCP_API_HOST": "https://us2.app.sysdig.com",
"SYSDIG_MCP_API_TOKEN": "your-api-token"
}
}
}
}🛠️ New Kubernetes Troubleshooting Tools with Sysdig Monitor
We have added a comprehensive set of MCP tools designed to help Agents retrieve specific diagnostic data from Kubernetes clusters.
Pod Health & Status
troubleshoot_kubernetes_list_top_unavailable_pods: Lists pods with the highest number of unavailable or unready replicas.troubleshoot_kubernetes_list_top_restarted_pods: Identifies pods with the most container restarts (e.g., CrashLoopBackOff).troubleshoot_kubernetes_list_count_pods_per_cluster: Returns the total count of running pods grouped by cluster and namespace.
Network & Application Errors
troubleshoot_kubernetes_list_top_400_500_http_errors_in_pods: Reports pods with the highest rate of HTTP 4xx (client) and 5xx (server) errors.troubleshoot_kubernetes_list_top_network_errors_in_pods: Identifies pods experiencing the most network-level errors over a given interval.
Resource Usage & Optimization
troubleshoot_kubernetes_list_underutilized_pods_by_cpu_quota: Finds pods using less than 25% of their allocated CPU limit.troubleshoot_kubernetes_list_underutilized_pods_by_memory_quota: Finds pods using less than 25% of their allocated memory limit.troubleshoot_kubernetes_list_top_cpu_consumed_by_workload/..._by_container: Lists workloads or containers with the highest absolute CPU consumption.troubleshoot_kubernetes_list_top_memory_consumed_by_workload/..._by_container: Lists workloads or containers with the highest absolute memory consumption.
Infrastructure Inventory
kubernetes_list_clusters: Lists available clusters and their metadata.kubernetes_list_nodes: Retrieves information about nodes within a cluster.kubernetes_list_workloads: Lists workloads filtered by state (desired, ready, running, unavailable).kubernetes_list_pod_containers: Detailed information for specific pod containers.kubernetes_list_cronjobs: Lists cronjobs within a specific cluster and namespace.
❌ Removed Features
- Sysdig CLI Scanner Tool (
run_sysdig_cli_scanner): This tool, which wrapped the local execution of thesysdig-cli-scannerbinary, has been removed from the server. The server now focuses exclusively on remote API interactions with the Sysdig platform.- That tool didn't work when the MCP was executed with
dockerbecause the binary was not present in the image. Plus, for local executions it required the binary to be present in thePATH. - Since local LLM clients can execute commands through local execution, they can still benefit from the execution of the
sysdig-cli-scannerfor image scanning. - In the future we may implement this again, either through a tool or a prompt.
- That tool didn't work when the MCP was executed with
⚙️ Developer Experience & CI Improvements
- Nix Support: Added
flake.nixfor fully reproducible development environments. - Task Runner: Integrated
justfor standardized command execution (build, test, lint). - Agent Handbook: Added
AGENTS.mdto guide AI Agents on the repository structure and coding standards. - CI/CD: Enhanced GitHub Actions with
stale.ymlfor repo hygiene and pre-commit hooks for code quality.
v0.4.0
v0.3.1
v0.3.0
⚠️ Code Refactoring
The latest refactor removes the inventory and vulnerability management tools, as the APIs they relied on have been officially deprecated.
Compilation & Dependencies
Continuous Integration
v0.2.0
⚠️ Breaking change
The latest refactor implements breaking changes in the env vars. Please check the documentation to update your locally configured environment variables.
What's Changed
- chore: Update project dependencies and version by @alecron in #12
- refactor: Remove config file by @alecron in #13
Full Changelog: v0.1.4...v0.2.0
Contributors
Assets 2
v0.1.3
What's Changed
Full Changelog: v0.1.2...v0.1.3
