📋 Prerequisites
📝 Feature Summary
Add support for extraContainers in SharedDeploymentSpec to allow injecting sidecar containers alongside the main kagent agent container.
❓ Problem Statement / Motivation
SharedDeploymentSpec currently supports volumes, volumeMounts, and env for customizing agent pods, but there is no way to inject additional containers alongside the primary kagent container.- Platform teams running kagent in multi-tenant Kubernetes environments need to inject sidecar containers (e.g. token-injecting proxies, log shippers, security agents) into agent pods without forking kagent or using a MutatingAdmissionWebhook.
- A MutatingWebhook adds operational complexity and a new component to manage. The cleanest solution is a first-class field in the Agent CRD that passes through to the generated Deployment.
💡 Proposed Solution
Add an extraContainers field to SharedDeploymentSpec:
// ExtraContainers is a list of additional containers to run alongside the main agent container.
// +optional
ExtraContainers []corev1.Container `json:"extraContainers,omitempty"`
The translator (adk_api_translator.go) appends them after the primary container:
Containers: append([]corev1.Container{{ /* kagent container */ }}, dep.ExtraContainers...),The change is minimal (~20 lines across agent_types.go, deployments.go, and adk_api_translator.go), fully backward-compatible (optional field, defaults to empty), and follows the exact same pattern as the existing volumes and volumeMounts fields.
🔄 Alternatives Considered
- MutatingAdmissionWebhook — works but adds a separate webhook component with TLS management overhead.
- Extending
proxy.url — kagent's proxy mechanism handles MCP/A2A traffic but cannot inject sidecars or cover all outbound call paths.
🎯 Affected Service(s)
Controller Service
📚 Additional Context
A reference implementation is available at renato0307/kagent@feat/extra-containers, including the CRD change, translator update, codegen output, and a golden test case.
🙋 Are you willing to contribute?
📋 Prerequisites
📝 Feature Summary
Add support for
extraContainersinSharedDeploymentSpecto allow injecting sidecar containers alongside the mainkagentagent container.❓ Problem Statement / Motivation
SharedDeploymentSpeccurrently supportsvolumes,volumeMounts, andenvfor customizing agent pods, but there is no way to inject additional containers alongside the primarykagentcontainer.💡 Proposed Solution
Add an
extraContainersfield toSharedDeploymentSpec:The translator (
adk_api_translator.go) appends them after the primary container:The change is minimal (~20 lines across
agent_types.go,deployments.go, andadk_api_translator.go), fully backward-compatible (optional field, defaults to empty), and follows the exact same pattern as the existingvolumesandvolumeMountsfields.🔄 Alternatives Considered
proxy.url— kagent's proxy mechanism handles MCP/A2A traffic but cannot inject sidecars or cover all outbound call paths.🎯 Affected Service(s)
Controller Service
📚 Additional Context
A reference implementation is available at renato0307/kagent@feat/extra-containers, including the CRD change, translator update, codegen output, and a golden test case.
🙋 Are you willing to contribute?