Wardn Hub

argocd-mcp

io.github.matthisholleville/argocd-mcp

Overview

OpenAPI-driven MCP server exposing the Argo CD API to LLM clients through search or generated endpoint tools, with static-token or ArgoCD Dex OAuth authentication.

WebsiteRepository

Documentation

argocd-mcp

OpenAPI-driven MCP server for Argo CD. At startup it fetches Argo CD's Swagger spec and exposes the API through either the default search mode, with search_operations and execute_operation, or generated mode, with one typed tool per endpoint.

Install and launch

The documented local MCP launch uses Docker over stdio:

docker run --rm -i \
  -e ARGOCD_BASE_URL=https://argocd.example.com \
  -e ARGOCD_TOKEN=your-token \
  ghcr.io/matthisholleville/argocd-mcp:latest

For HTTP and OAuth via ArgoCD Dex, set MCP_TRANSPORT=http, AUTH_MODE=oauth, DEX_CLIENT_ID, and SERVER_BASE_URL, then expose /mcp on the configured address. Helm deployment is available at oci://ghcr.io/matthisholleville/charts/argocd-mcp.

Capabilities

  • Discovers 103+ Argo CD API endpoints from /swagger.json at startup.
  • Default search mode exposes two meta-tools for endpoint discovery and execution.
  • Generated mode exposes one typed MCP tool per Argo CD endpoint.
  • Supports static Argo CD API token authentication and OAuth via ArgoCD Dex for per-user RBAC.
  • Supports read-only mode, resource scoping, per-user rate limiting, prompt templates, audit logging, MCP annotations, and optional semantic search via Ollama embeddings.

Limitations and security notes

  • ARGOCD_BASE_URL is required. ARGOCD_TOKEN is required when AUTH_MODE=token.
  • OAuth mode requires MCP_TRANSPORT=http and correct ArgoCD Dex redirect URI configuration.
  • ARGOCD_TLS_INSECURE=true disables TLS verification and should be used only for trusted/self-signed environments.
  • Semantic search requires an Ollama service and embedding model.
  • Write operations are available unless DISABLE_WRITE=true or ALLOWED_RESOURCES restricts them.

Wardn Hub source review notes

  • Wardn import was called first but returned 404 with no usable imported serverJson; no imported transport fields were available to preserve.
  • Package identifier and version are split: Docker/GitHub package identifier matthisholleville/argocd-mcp, package version 1.6.0.
  • Secret and user-specific env values are empty.
  • Documented env vars from README, .env.example, config loader, Docker Compose, and Helm templates were merged without duplicates.