Files
Gitea-Tools/docs/credential-isolation.md
T
sysadmin b402de83fe docs: fix trailing whitespace and add approved naming for #52
Address reviewer blockers on PR #8:
- Remove trailing whitespace in credential-isolation.md and release-workflows.md
- Add approved naming coverage (MCP Control Plane / mcp-control-plane project
  and repo names; common, gitea-mcp, jenkins-mcp, ops-mcp, release-mcp packages)
  to tool-boundaries.md

Documentation-only. No code, scaffolding, or config changes.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-07-01 04:17:30 -04:00

667 B

Credential Isolation

This document describes how credentials and sensitive environment variables are handled within the MCP tools monorepo.

Separate Credentials

Even though multiple MCP servers share the same monorepo, they must have separate credentials and runtimes.

  • No Shared Environments: Each MCP server (gitea-mcp, jenkins-mcp, ops-mcp, etc.) must be instantiated as an independent service with its own dedicated .env configuration file.
  • Strict Isolation: A server will only have access to the credentials required for its specific trust boundary. For instance, gitea-mcp has no access to Jenkins or Ops authentication tokens.