Merge pull request #89 from LAA-Software-Engineering/feat/mcp-http-transport-77

feat(tools/mcp): MCP streamable HTTP transport (#77)

Author: leo-aa88

docs/DESIGN_DOC.md

@@ -625,6 +625,20 @@ spec:
     backoff: exponential
 ```
 
+### MCP HTTP tool (streamable HTTP)
+
+Remote MCP servers may expose a single JSON-RPC endpoint over HTTP(S). Set **`transport: http`**, **`url`** to that endpoint, and optional **`headers`** (including **`env:`** tokens). **`command`** / **`args`** must not be set together with **`url`** (see validator).
+
+```yaml
+spec:
+  type: mcp
+  mcp:
+    transport: http
+    url: https://mcp.example.com/v1/mcp
+    headers:
+      Authorization: env:MCP_TOKEN
+```
+
 ### Native HTTP tool
 
 ```yaml

docs/EXAMPLES.md

@@ -116,6 +116,32 @@ agentctl run    workflow/hello --project my-agent-system
 
 ---
 
+## 3b. MCP tool over HTTP (streamable HTTP)
+
+For MCP servers exposed over **HTTP** (streamable HTTP transport: one **POST** per JSON-RPC message), set **`spec.mcp.transport: http`** and **`spec.mcp.url`** to the MCP endpoint (must be **`http://`** or **`https://`**). Optional **`spec.mcp.headers`** use the same patterns as native HTTP tools (literal values or **`env:VAR_NAME`** for secrets).
+
+```yaml
+apiVersion: agentic.dev/v0
+kind: Tool
+metadata:
+  name: remote_mcp
+spec:
+  type: mcp
+  mcp:
+    transport: http
+    url: https://mcp.example.com/v1/mcp
+    headers:
+      Authorization: env:MCP_BEARER_TOKEN
+```
+
+**Security**
+
+- Prefer **HTTPS** in production. The default Go client performs **normal TLS certificate verification** against the system trust store; do not disable verification for MCP calls.
+- **`stdio`** and **`http`** are mutually exclusive in **`spec.mcp`**: set **`command`** only for stdio, **`url`** only for HTTP (validated at `agentctl validate`).
+- Workflow trace events for tool steps record **`uses`** and cost, not HTTP headers or resolved env values; keep custom logging of MCP traffic free of secrets.
+
+---
+
 ## 4. Real OpenAI example (`gpt-4o-mini`)
 
 This is a small but **end-to-end** project: a **native echo** step supplies fixed “policy” text, then **`gpt-4o-mini`** drafts a one-line customer reply. You need a valid **[OpenAI API key](https://platform.openai.com/api-keys)** and outbound **HTTPS** to `api.openai.com`.

internal/spec/kinds.go

@@ -86,9 +86,11 @@ type ToolSpec struct {
 }
 
 type ToolMCP struct {
-	Transport string   `yaml:"transport,omitempty" json:"transport,omitempty"`
-	Command   string   `yaml:"command,omitempty" json:"command,omitempty"`
-	Args      []string `yaml:"args,omitempty" json:"args,omitempty"`
+	Transport string            `yaml:"transport,omitempty" json:"transport,omitempty"`
+	Command   string            `yaml:"command,omitempty" json:"command,omitempty"`
+	Args      []string          `yaml:"args,omitempty" json:"args,omitempty"`
+	URL       string            `yaml:"url,omitempty" json:"url,omitempty"`
+	Headers   map[string]string `yaml:"headers,omitempty" json:"headers,omitempty"`
 }
 
 type ToolHTTP struct {

internal/spec/validator.go

@@ -147,6 +147,8 @@ func validateToolSpecs(g *ProjectGraph) []error {
 		case "mcp":
 			if tr.Spec.MCP == nil {
 				errs = append(errs, fmt.Errorf("Tool/%s: type mcp requires spec.mcp", name))
+			} else {
+				errs = append(errs, validateToolMCP(name, tr.Spec.MCP)...)
 			}
 		case "http":
 			if tr.Spec.HTTP == nil {
@@ -178,6 +180,34 @@ func validateToolSpecs(g *ProjectGraph) []error {
 	return errs
 }
 
+func validateToolMCP(name string, m *ToolMCP) []error {
+	var errs []error
+	trans := strings.ToLower(strings.TrimSpace(m.Transport))
+	if trans == "" {
+		errs = append(errs, fmt.Errorf("Tool/%s: spec.mcp.transport is required (stdio or http)", name))
+		return errs
+	}
+	switch trans {
+	case "stdio":
+		if strings.TrimSpace(m.URL) != "" {
+			errs = append(errs, fmt.Errorf("Tool/%s: mcp stdio transport must not set url", name))
+		}
+		if strings.TrimSpace(m.Command) == "" {
+			errs = append(errs, fmt.Errorf("Tool/%s: mcp stdio requires command", name))
+		}
+	case "http":
+		if strings.TrimSpace(m.Command) != "" || len(m.Args) > 0 {
+			errs = append(errs, fmt.Errorf("Tool/%s: mcp http transport must not set command or args", name))
+		}
+		if strings.TrimSpace(m.URL) == "" {
+			errs = append(errs, fmt.Errorf("Tool/%s: mcp http transport requires url", name))
+		}
+	default:
+		errs = append(errs, fmt.Errorf("Tool/%s: unsupported mcp.transport %q (stdio or http)", name, m.Transport))
+	}
+	return errs
+}
+
 func validatePolicySpecs(g *ProjectGraph) []error {
 	var errs []error
 	for name, pr := range g.Policies {

internal/spec/validator_test.go

@@ -221,6 +221,92 @@ func TestValidateProjectGraph_workflowRuntimeUnknown(t *testing.T) {
 	}
 }
 
+func TestValidateProjectGraph_mcpMissingTransport(t *testing.T) {
+	g := &ProjectGraph{
+		Tools: map[string]*ToolResource{
+			"x": {
+				Kind:     KindTool,
+				Metadata: Metadata{Name: "x"},
+				Spec: ToolSpec{
+					Type: "mcp",
+					MCP:  &ToolMCP{Command: "npx"},
+				},
+			},
+		},
+	}
+	err := ValidateProjectGraph(g, t.TempDir())
+	if err == nil || !strings.Contains(err.Error(), "spec.mcp.transport is required") {
+		t.Fatalf("expected mcp transport error, got %v", err)
+	}
+}
+
+func TestValidateProjectGraph_mcpStdioWithURL(t *testing.T) {
+	g := &ProjectGraph{
+		Tools: map[string]*ToolResource{
+			"x": {
+				Kind:     KindTool,
+				Metadata: Metadata{Name: "x"},
+				Spec: ToolSpec{
+					Type: "mcp",
+					MCP: &ToolMCP{
+						Transport: "stdio",
+						Command:   "npx",
+						URL:       "http://bad",
+					},
+				},
+			},
+		},
+	}
+	err := ValidateProjectGraph(g, t.TempDir())
+	if err == nil || !strings.Contains(err.Error(), "must not set url") {
+		t.Fatalf("expected stdio/url conflict, got %v", err)
+	}
+}
+
+func TestValidateProjectGraph_mcpHTTPWithCommand(t *testing.T) {
+	g := &ProjectGraph{
+		Tools: map[string]*ToolResource{
+			"x": {
+				Kind:     KindTool,
+				Metadata: Metadata{Name: "x"},
+				Spec: ToolSpec{
+					Type: "mcp",
+					MCP: &ToolMCP{
+						Transport: "http",
+						URL:       "https://example.com/mcp",
+						Command:   "npx",
+					},
+				},
+			},
+		},
+	}
+	err := ValidateProjectGraph(g, t.TempDir())
+	if err == nil || !strings.Contains(err.Error(), "must not set command") {
+		t.Fatalf("expected http/command conflict, got %v", err)
+	}
+}
+
+func TestValidateProjectGraph_mcpHTTPMissingURL(t *testing.T) {
+	g := &ProjectGraph{
+		Tools: map[string]*ToolResource{
+			"x": {
+				Kind:     KindTool,
+				Metadata: Metadata{Name: "x"},
+				Spec: ToolSpec{
+					Type: "mcp",
+					MCP: &ToolMCP{
+						Transport: "http",
+					},
+				},
+			},
+		},
+	}
+	err := ValidateProjectGraph(g, t.TempDir())
+	if err == nil || !strings.Contains(err.Error(), "http transport requires url") {
+		t.Fatalf("expected mcp http url error, got %v", err)
+	}
+}
+
 func TestValidateProjectGraph_runtimeLocalAccepted(t *testing.T) {
 	g := &ProjectGraph{
 		Spec: ProjectSpec{

internal/tools/mcp/call.go

@@ -3,6 +3,8 @@ package mcp
 import (
 	"context"
 	"errors"
+	"fmt"
+	"net/http"
 	"strings"
 	"time"
 
@@ -15,19 +17,27 @@ type ExecMeta struct {
 	CostUSD    float64
 }
 
-// CallStdio runs one MCP tools/call over a fresh stdio subprocess, with optional retries on transport errors (§13.4).
-func CallStdio(ctx context.Context, cfg *spec.ToolMCP, retry *spec.ToolRetry, toolName string, arguments map[string]any) (map[string]any, ExecMeta, error) {
+// Call runs one MCP tools/call: stdio subprocess or HTTP endpoint per spec.mcp.transport (issue #77).
+func Call(ctx context.Context, cfg *spec.ToolMCP, retry *spec.ToolRetry, toolName string, arguments map[string]any) (map[string]any, ExecMeta, error) {
 	if cfg == nil {
 		return nil, ExecMeta{}, errors.New("mcp: nil mcp config")
 	}
-	if strings.ToLower(strings.TrimSpace(cfg.Transport)) != "stdio" {
-		return nil, ExecMeta{}, errors.New("mcp: only transport stdio is supported in MVP")
+	trans := strings.ToLower(strings.TrimSpace(cfg.Transport))
+	switch trans {
+	case "stdio":
+		return callStdioLoop(ctx, cfg, retry, toolName, arguments)
+	case "http":
+		return callHTTPLoop(ctx, cfg, retry, toolName, arguments)
+	default:
+		return nil, ExecMeta{}, fmt.Errorf("mcp: unsupported transport %q (stdio or http)", cfg.Transport)
 	}
+}
+
+func callStdioLoop(ctx context.Context, cfg *spec.ToolMCP, retry *spec.ToolRetry, toolName string, arguments map[string]any) (map[string]any, ExecMeta, error) {
 	cmd := strings.TrimSpace(cfg.Command)
 	if cmd == "" {
-		return nil, ExecMeta{}, errors.New("mcp: empty command")
+		return nil, ExecMeta{}, errors.New("mcp: stdio transport requires command")
 	}
-
 	attempts := 1
 	if retry != nil && retry.MaxAttempts > 0 {
 		attempts = retry.MaxAttempts
@@ -36,7 +46,6 @@ func CallStdio(ctx context.Context, cfg *spec.ToolMCP, retry *spec.ToolRetry, to
 	if retry != nil {
 		backoff = retry.Backoff
 	}
-
 	startAll := time.Now()
 	var lastErr error
 	for attempt := 0; attempt < attempts; attempt++ {
@@ -62,10 +71,54 @@ func oneStdioAttempt(ctx context.Context, command string, args []string, toolNam
 	}
 	defer tr.Close()
 
-	if err := tr.Initialize(ctx); err != nil {
+	if err := Initialize(ctx, tr); err != nil {
+		return nil, err
+	}
+	return CallTool(ctx, tr, toolName, arguments)
+}
+
+func callHTTPLoop(ctx context.Context, cfg *spec.ToolMCP, retry *spec.ToolRetry, toolName string, arguments map[string]any) (map[string]any, ExecMeta, error) {
+	u := strings.TrimSpace(cfg.URL)
+	if u == "" {
+		return nil, ExecMeta{}, errors.New("mcp: http transport requires url")
+	}
+	attempts := 1
+	if retry != nil && retry.MaxAttempts > 0 {
+		attempts = retry.MaxAttempts
+	}
+	backoff := ""
+	if retry != nil {
+		backoff = retry.Backoff
+	}
+	startAll := time.Now()
+	var lastErr error
+	for attempt := 0; attempt < attempts; attempt++ {
+		if attempt > 0 {
+			sleepBackoff(ctx, attempt, backoff)
+		}
+		out, err := oneHTTPAttempt(ctx, cfg, nil, toolName, arguments)
+		if err == nil {
+			return out, ExecMeta{DurationMs: time.Since(startAll).Milliseconds(), CostUSD: 0}, nil
+		}
+		lastErr = err
+		if !retryableTransportErr(err) {
+			break
+		}
+	}
+	return nil, ExecMeta{DurationMs: time.Since(startAll).Milliseconds(), CostUSD: 0}, lastErr
+}
+
+func oneHTTPAttempt(ctx context.Context, cfg *spec.ToolMCP, client *http.Client, toolName string, arguments map[string]any) (map[string]any, error) {
+	tr, err := NewHTTPTransport(cfg.URL, cfg.Headers, client)
+	if err != nil {
+		return nil, err
+	}
+	defer tr.Close()
+
+	if err := Initialize(ctx, tr); err != nil {
 		return nil, err
 	}
-	return tr.CallTool(ctx, toolName, arguments)
+	return CallTool(ctx, tr, toolName, arguments)
 }
 
 func retryableTransportErr(err error) bool {

internal/tools/mcp/client.go

@@ -6,8 +6,14 @@ import (
 	"fmt"
 )
 
+// Connector is an MCP session that can exchange JSON-RPC over a transport (stdio or HTTP).
+type Connector interface {
+	RoundTrip(ctx context.Context, method string, params any) (json.RawMessage, error)
+	Notify(ctx context.Context, method string, params map[string]any) error
+}
+
 // Initialize performs the MCP initialize + notifications/initialized handshake.
-func (t *StdioTransport) Initialize(ctx context.Context) error {
+func Initialize(ctx context.Context, c Connector) error {
 	params := map[string]any{
 		"protocolVersion": "2024-11-05",
 		"capabilities":    map[string]any{},
@@ -16,25 +22,18 @@ func (t *StdioTransport) Initialize(ctx context.Context) error {
 			"version": "0",
 		},
 	}
-	if _, err := t.RoundTrip(ctx, "initialize", params); err != nil {
+	if _, err := c.RoundTrip(ctx, "initialize", params); err != nil {
 		return err
 	}
-	// Notification (no response).
-	t.mu.Lock()
-	defer t.mu.Unlock()
-	return t.writeMessage(map[string]any{
-		"jsonrpc": "2.0",
-		"method":  "notifications/initialized",
-		"params":  map[string]any{},
-	})
+	return c.Notify(ctx, "notifications/initialized", map[string]any{})
 }
 
 // CallTool invokes tools/call and maps the MCP result into a plain map for §13.2 output.
-func (t *StdioTransport) CallTool(ctx context.Context, name string, arguments map[string]any) (map[string]any, error) {
+func CallTool(ctx context.Context, c Connector, name string, arguments map[string]any) (map[string]any, error) {
 	if arguments == nil {
 		arguments = map[string]any{}
 	}
-	raw, err := t.RoundTrip(ctx, "tools/call", map[string]any{
+	raw, err := c.RoundTrip(ctx, "tools/call", map[string]any{
 		"name":      name,
 		"arguments": arguments,
 	})

internal/tools/mcp/doc.go

@@ -1,4 +1,6 @@
-// Package mcp implements MCP tool transport (MVP: stdio JSON-RPC) per design doc §7.3.
+// Package mcp implements MCP tool transport per design doc §7.3.
 //
-// [CallStdio] runs a subprocess, performs initialize / notifications/initialized, then tools/call.
+// Call runs tools/call over stdio (subprocess) or streamable HTTP per spec.mcp.transport (issue #77):
+// initialize + notifications/initialized, then tools/call. HTTPS uses the Go default HTTP transport
+// with standard TLS certificate verification.
 package mcp