LCORE-1838: Wire MCP require approval

[asimurka]

Description

Wires configured MCP approval policy to MCP creation process. Distinguishes between simple (string) and complex policies.

Type of change

• Refactor
• New feature
• Bug fix
• CVE fix
• Optimization
• Documentation Update
• Configuration Update
• Bump-up service version
• Bump-up dependent library
• Bump-up library or tool used for development (does not change the final image)
• CI configuration change
• Konflux configuration change
• Unit tests improvement
• Integration tests improvement
• End to end tests improvement
• Benchmarks improvement

Tools used to create PR

Identify any AI code assistants used in this PR (for transparency and review context)

• Assisted-by: Cursor

Related Tickets & Documents

• Related Issue #
• Closes # LCORE-1838

Checklist before requesting a review

• I have performed a self-review of my code.
• PR has passed all pre-merge test jobs.
• If it is a core feature, I have added thorough tests.

Testing

• Please provide detailed steps to perform tests related to this code change.
• How were the fix/results from this change verified? Please provide relevant screenshots or results.

Summary by CodeRabbit

Release Notes

• Bug Fixes
  • Enhanced approval filter handling for tools to support flexible approval configurations, ensuring approval requirements from server settings are correctly applied to generated tools.

[asimurka]

Needs rebase on #1773

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 3f295f0d-831f-4aa6-805e-7adcde2b8f88

📥 Commits

Reviewing files that changed from the base of the PR and between 4dddbde and 542be8b.

📒 Files selected for processing (2)

• src/utils/responses.py
• tests/unit/utils/test_responses.py

📜 Recent review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (13)

• GitHub Check: radon
• GitHub Check: unit_tests (3.12)
• GitHub Check: build-pr
• GitHub Check: unit_tests (3.13)
• GitHub Check: Pylinter
• GitHub Check: bandit
• GitHub Check: E2E: library mode / ci / group 2
• GitHub Check: E2E Tests for Lightspeed Evaluation job
• GitHub Check: E2E: library mode / ci / group 1
• GitHub Check: E2E: server mode / ci / group 3
• GitHub Check: E2E: server mode / ci / group 1
• GitHub Check: E2E: server mode / ci / group 2
• GitHub Check: E2E: library mode / ci / group 3

🧰 Additional context used

📓 Path-based instructions (2)

tests/**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

tests/**/*.py: Use pytest for all unit and integration tests; do not use unittest
Use pytest.mark.asyncio marker for async tests

Files:

• tests/unit/utils/test_responses.py

src/**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

src/**/*.py: Use absolute imports for internal modules: from authentication import get_auth_dependency
Llama Stack imports: Use from llama_stack_client import AsyncLlamaStackClient
Check constants.py for shared constants before defining new ones
All modules must start with descriptive docstrings explaining purpose
Use logger = get_logger(__name__) from log.py for module logging
All functions must have complete type annotations for parameters and return types, use modern syntax (str | int), and include descriptive docstrings
Use snake_case with descriptive, action-oriented names for functions (get_, validate_, check_)
Avoid in-place parameter modification anti-patterns; return new data structures instead of modifying function parameters
Use async def for I/O operations and external API calls
Use standard log levels with clear purposes: debug() for diagnostic info, info() for program execution, warning() for unexpected events, error() for serious problems
All classes must have descriptive docstrings explaining purpose and use PascalCase with standard suffixes: Configuration, Error/Exception, Resolver, Interface
Abstract classes must use ABC with @abstractmethod decorators
Follow Google Python docstring conventions with required sections: Parameters, Returns, Raises, and Attributes for classes

Files:

• src/utils/responses.py

🧠 Learnings (1)

📚 Learning: 2026-02-23T14:56:59.186Z

Learnt from: asimurka
Repo: lightspeed-core/lightspeed-stack PR: 1198
File: src/utils/responses.py:184-192
Timestamp: 2026-02-23T14:56:59.186Z
Learning: In the lightspeed-stack codebase (lightspeed-core/lightspeed-stack), do not enforce de-duplication of duplicate client.models.list() calls in model selection flows (e.g., in src/utils/responses.py prepare_responses_params). These calls are considered relatively cheap and removing duplicates could add unnecessary complexity to the flow. Apply this guideline specifically to this file/context unless similar performance characteristics and design decisions are documented elsewhere.

Applied to files:

• src/utils/responses.py

🔇 Additional comments (6)

src/utils/responses.py (2)

11-11: LGTM!

---

745-753: LGTM!

tests/unit/utils/test_responses.py (4)

15-15: LGTM!

---

64-64: LGTM!

---

409-409: LGTM!

---

411-452: LGTM!

---

Walkthrough

The PR updates MCP tool construction in the Responses API to propagate require_approval configuration from ModelContextProtocolServer, replacing the previous hardcoded "never" value. The implementation handles both legacy string form and structured ApprovalFilter with explicit always/never lists, with comprehensive test coverage.

Changes

MCP Approval Filter Configuration Propagation

Layer / File(s)	Summary
Approval Filter Integration in MCP Tool Construction src/utils/responses.py	Import ApprovalFilter and change MCP tool construction to read require_approval from mcp_server config, supporting both string form ("always"/"never") and structured ApprovalFilter(always=..., never=...) form.
Test Coverage for Approval Filters tests/unit/utils/test_responses.py	Add imports for both Llama Stack and local ApprovalFilter types; extend TestGetMCPTools with assertions for default "never" behavior and new test cases validating propagation of string and filter-based require_approval configurations.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

• lightspeed-core/lightspeed-stack#1773: Introduces the require_approval and ApprovalFilter configuration models that this PR propagates into MCP tool definitions.

Suggested reviewers

• jrobertboos
• tisnik

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly summarizes the main change: wiring MCP approval configuration into the MCP tool creation process.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

✨ Simplify code

• Create PR with simplified code

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[asimurka]

Set up by the model automatically

[jrobertboos]

LGTM