Depends on #286
Description
Deprecate the global runtime.clientTlsConfig in favor of per-invocation TLS configuration on HttpInvocationConfig.
Once #286 is implemented, the global config becomes redundant and potentially confusing. Users should configure TLS at the invocation level for better security (principle of least privilege) and flexibility.
Requirements
- Add deprecation warning when
runtime.clientTlsConfig is used
- Log warning at server startup indicating the field is deprecated
- Update documentation to recommend per-invocation config
- Update examples to use per-invocation pattern
Deprecation Message
DEPRECATED: runtime.clientTlsConfig is deprecated and will be removed in a future release.
Please configure clientTlsConfig on individual HTTP invocations or invocationBases instead.
See https://github.com/genmcp/gen-mcp/blob/main/docs/mcpserver.md#custom-ca-certificates
Acceptance Criteria
Depends on #286
Description
Deprecate the global
runtime.clientTlsConfigin favor of per-invocation TLS configuration onHttpInvocationConfig.Once #286 is implemented, the global config becomes redundant and potentially confusing. Users should configure TLS at the invocation level for better security (principle of least privilege) and flexibility.
Requirements
runtime.clientTlsConfigis usedDeprecation Message
Acceptance Criteria
clientTlsConfigis configured