Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR integrates the xtramcp server into the backend infrastructure by adding Kubernetes deployment configuration and updating all deployment scripts to pass the required credentials. The changes enable the paperdebugger-xtramcp-server to communicate with OpenAI and OpenReview APIs.
Key Changes:
- Added Kubernetes deployment manifests for the xtramcp server with ConfigMap-based configuration
- Updated backend configuration to point to the internal xtramcp service endpoint
- Integrated 4 new environment variables across all deployment scripts (dev, staging, production)
Reviewed Changes
Copilot reviewed 9 out of 9 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
helm-chart/templates/paperdebugger-xtramcp-server.yaml |
New Kubernetes deployment, service, and ConfigMap for xtramcp server |
helm-chart/values.yaml |
Added container image reference for xtramcp server |
internal/libs/cfg/cfg.go |
Updated xtraMCP URI to internal service endpoint |
hack/stg.sh |
Added xtragpt environment variables for staging deployment |
hack/prd.sh |
Added xtragpt environment variables for production deployment |
hack/dev-apply.sh |
Added xtragpt environment variables for development deployment |
.github/workflows/release.yml |
Added GitHub secrets mapping for production release workflow |
webapp/_webapp/src/index.css |
Minor padding adjustment for narrow tool cards |
webapp/_webapp/src/components/markdown.tsx |
Commented out paragraph component override |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| apiVersion: v1 | ||
| kind: ConfigMap | ||
| metadata: | ||
| name: paperdebugger-xtramcp-server | ||
| namespace: {{ .Values.namespace }} | ||
| data: | ||
| OPENAI_API_KEY: "{{ .Values.xtragpt_openai_api_key }}" | ||
| OPENREVIEW_BASE_URL: "{{ .Values.xtragpt_openreview_base_url }}" | ||
| OPENREVIEW_USERNAME: "{{ .Values.xtragpt_openreview_username }}" | ||
| OPENREVIEW_PASSWORD: "{{ .Values.xtragpt_openreview_password }}" |
There was a problem hiding this comment.
Sensitive credentials should be stored in a Kubernetes Secret, not a ConfigMap. ConfigMaps are designed for non-sensitive configuration data and their values are not encrypted at rest by default.
The following sensitive values should be moved to a Secret resource:
OPENAI_API_KEYOPENREVIEW_PASSWORD- Potentially
OPENREVIEW_USERNAME(depending on security requirements)
Change the ConfigMap to a Secret:
---
apiVersion: v1
kind: Secret
metadata:
name: paperdebugger-xtramcp-server
namespace: {{ .Values.namespace }}
type: Opaque
stringData:
OPENAI_API_KEY: "{{ .Values.xtragpt_openai_api_key }}"
OPENREVIEW_BASE_URL: "{{ .Values.xtragpt_openreview_base_url }}"
OPENREVIEW_USERNAME: "{{ .Values.xtragpt_openreview_username }}"
OPENREVIEW_PASSWORD: "{{ .Values.xtragpt_openreview_password }}"And update the deployment to reference the secret instead:
envFrom:
- secretRef:
name: paperdebugger-xtramcp-server
added four secretes:
XTRAGPT_OPENAI_API_KEY_PRD
XTRAGPT_OPENREVIEW_BASE_URL_PRD
XTRAGPT_OPENREVIEW_PASSWORD_PRD (random for now)
XTRAGPT_OPENREVIEW_USERNAME_PRD (random for now)