Rover

Queries Red Hat internal groups via a client-certificate authenticated MCP server.
  • python

0

GitHub Stars

python

Language

4 months ago

First Indexed

3 weeks ago

Catalog Refreshed

Documentation & install

Readme and setup notes from the catalogue, plus a client-ready config you can copy for your MCP host.

Installation

Add the following to your MCP client configuration file.

Configuration

View docs
{
  "mcpServers": {
    "redhat-community-ai-tools-rover-mcp": {
      "command": "podman",
      "args": [
        "run",
        "-i",
        "--rm",
        "-v",
        "./sa-cert.crt:/app/sa-cert.crt:ro",
        "-v",
        "./privkey.pem:/app/privkey.pem:ro",
        "-e",
        "CERT_FILE=/app/sa-cert.crt",
        "-e",
        "KEY_FILE=/app/privkey.pem",
        "-e",
        "MCP_TRANSPORT=stdio",
        "localhost/rover-mcp:latest"
      ],
      "env": {
        "KEY_FILE": "./privkey.pem",
        "CERT_FILE": "./sa-cert.crt",
        "MCP_TRANSPORT": "stdio"
      }
    }
  }
}

Rover MCP Server lets you query the Red Hat internal groups API using client certificate authentication. It provides a focused, secure way to retrieve group information by name, handling common errors gracefully and enforcing strong certificate-based access controls.

How to use

You interact with Rover MCP Server through an MCP client that communicates with the Rover service. The primary tool you’ll use is rover_group, which retrieves information about a Red Hat internal group by name. You’ll provide a group name, and Rover will return the corresponding group data in JSON when access is granted.

How to install

Prerequisites at a glance: you need a client certificate (sa-cert.crt) and a private key (privkey.pem), plus access to the Red Hat internal groups API.

Build the container image locally using Podman. Run this command from the project directory that contains the Rover MCP server sources:

podman build -t rover-mcp:latest .

Run Rover MCP Server with Podman or Docker using the configuration that enables stdio transport and mounts your certificate files into the container.

{
  "mcpServers": {
    "rover": {
      "command": "podman",
      "args": [
        "run",
        "-i",
        "--rm",
        "-v", "./sa-cert.crt:/app/sa-cert.crt:ro",
        "-v", "./privkey.pem:/app/privkey.pem:ro",
        "-e", "CERT_FILE=/app/sa-cert.crt",
        "-e", "KEY_FILE=/app/privkey.pem",
        "-e", "MCP_TRANSPORT=stdio",
        "localhost/rover-mcp:latest"
      ],
      "env": {
        "MCP_TRANSPORT": "stdio"
      }
    }
  }
}

Local development and running notes

Local development steps mirror the prerequisites and runtime options. Prepare the certificate files in your project directory, install Python dependencies, then run the server in a standard way if you prefer a direct Python run.

# Ensure you have the required certificate files in the project directory
# Install dependencies
pip install -r requirements.txt
# Run the server
python mcp_server.py

Security and best practices

Keep certificate and private key files secure and never commit them to version control. Use read-only volume mounts when running in containers to prevent unintended modifications. Only grant access to the MCP server to trusted clients and monitor access logs for anomalies.

Available tools

rover_group

Retrieve information about a Red Hat internal group by its name.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational