ADR-0020: Multi-Format Packaging StrategyΒΆ
- Status: Accepted
- Date: 2025-10-27
- Deciders: Core Engineering Team
ContextΒΆ
ContextForge supports diverse deployment scenarios with different packaging requirements:
- Developers need easy installation for local development (pip install)
- Serverless platforms (Lambda, Cloud Run) need container images or deployment packages
- Kubernetes/OpenShift operators need Helm charts with configurable values
- Edge deployments need lightweight static binaries
- CI/CD pipelines need multi-arch container images
- Enterprise users need signed releases with SBOM and provenance
Each deployment target has different constraints:
- PyPI packages work for Python environments
- Container images work for Kubernetes, serverless containers
- Helm charts simplify Kubernetes deployments
- Static binaries work for edge devices without Python runtime
- Multi-arch support needed for amd64 (x86_64) and arm64 (Apple Silicon, AWS Graviton)
DecisionΒΆ
We will package ContextForge in multiple formats to support all deployment scenarios:
1. PyPI Packages (Python Distribution)ΒΆ
Core packages:
mcp-contextforge-gateway- Core gateway applicationmcp-contextforge-gateway-ui- Admin UI (installs as plugin)mcp-contextforge-translate- Protocol bridge utilitymcp-contextforge-wrapper- MCP client wrappermcp-contextforge-reverse-proxy- NAT traversal proxy
Plugin packages:
mcp-contextforge-plugin-framework- Plugin framework- Individual plugins:
mcp-contextforge-plugin-{name}(40+ packages) - Meta package:
mcp-contextforge-plugins-all(installs all plugins)
MCP Server packages:
- Individual servers:
mcp-server-{name}(Python servers) - Rust plugin wheels with PyO3 (cross-compiled for amd64/arm64)
Installation:
# Core gateway
pip install mcp-contextforge-gateway
# With all plugins
pip install mcp-contextforge-gateway mcp-contextforge-plugins-all
# Standalone utility
pip install mcp-contextforge-translate
2. Container Images (Docker/Podman)ΒΆ
Images hosted on GitHub Container Registry (ghcr.io):
ghcr.io/contextforge-org/mcp-gateway:latest- Core gatewayghcr.io/contextforge-org/mcp-gateway-ui:latest- Gateway + UIghcr.io/contextforge-org/translate:latest- Translate utilityghcr.io/contextforge-org/wrapper:latest- Wrapper utilityghcr.io/contextforge-org/reverse-proxy:latest- Reverse proxy- Per-server images:
ghcr.io/contextforge-org/mcp-server-{name}:latest
Multi-arch support:
linux/amd64(x86_64) - Standard Intel/AMD serverslinux/arm64(aarch64) - Apple Silicon, AWS Graviton, Raspberry Pi
Image features:
- Minimal base images (Alpine Linux where possible)
- Non-root user for security
- Health check endpoints configured
- Multi-stage builds for smaller images
- Signed with cosign (keyless OIDC)
- SBOM included (Syft, SPDX format)
Usage:
# Run core gateway
docker run -p 4444:4444 ghcr.io/contextforge-org/mcp-gateway:latest
# Run on ARM64 (Apple Silicon)
docker run --platform linux/arm64 ghcr.io/contextforge-org/mcp-gateway:latest
3. Helm Charts (Kubernetes Deployment)ΒΆ
Chart repository:
- OCI registry:
oci://ghcr.io/contextforge-org/helm-charts/mcp-stack - Artifact Hub: Public listing for discoverability
Chart features:
- Configurable resource limits and requests
- Horizontal Pod Autoscaler (HPA) support
- PostgreSQL and Redis dependencies (optional)
- Ingress configuration (nginx, Traefik, Istio)
- ConfigMap for environment variables
- Secrets management integration
- Pod disruption budgets
- Network policies
- Service mesh compatibility (Istio, Linkerd)
Installation:
# Add Helm repo
helm repo add contextforge oci://ghcr.io/contextforge-org/helm-charts
# Install with default values
helm install mcp-stack contextforge/mcp-stack
# Install with custom values (production)
helm install mcp-stack contextforge/mcp-stack \
-f production-values.yaml \
--set replicaCount=5 \
--set hpa.enabled=true
4. Static Binaries (Go/Rust Servers)ΒΆ
Binary targets:
- Go servers: Cross-compiled Go executables (5-15 MB)
- Rust servers: Static Rust binaries (3-10 MB)
- Platforms: linux-amd64, linux-arm64, darwin-amd64, darwin-arm64, windows-amd64
Distribution:
- GitHub Releases with checksums
- Signed with GPG and cosign
- SLSA Build Level 3 provenance
Usage:
# Download and run Go server
curl -LO https://github.com/contextforge-org/mcp-servers-go/releases/download/v1.0.0/mcp-server-time-linux-amd64
chmod +x mcp-server-time-linux-amd64
./mcp-server-time-linux-amd64 --port 9000
ConsequencesΒΆ
PositiveΒΆ
- π― Right tool for the job - Each deployment gets optimal packaging format
- π Easy development - pip install for local development
- π³ Cloud-native - Container images for Kubernetes, serverless
- βΈοΈ Simplified K8s - Helm charts with best practices and HPA
- π Edge deployments - Static binaries for minimal environments
- π Multi-arch support - Works on x86_64 and ARM64 (Apple Silicon, Graviton)
- π Supply chain security - Signed releases, SBOM, provenance
NegativeΒΆ
- π§ Maintenance overhead - Multiple build pipelines and release processes
- π¦ Storage costs - Container images and binaries consume registry space
- π Version synchronization - Must keep package versions aligned
- π Documentation - Need installation guides for each format
NeutralΒΆ
- ποΈ CI/CD complexity - GitHub Actions workflows per format
- π Metrics - Track downloads per format to understand usage
Package MatrixΒΆ
| Format | Core Gateway | Utilities | Plugins | MCP Servers | Helm | Use Case |
|---|---|---|---|---|---|---|
| PyPI | β Yes | β Yes | β Yes | β Python only | β No | Local dev, pip install |
| Containers | β Yes | β Yes | β Bundled | β All languages | β No | K8s, serverless, Docker |
| Helm | β Yes | β Optional | β Optional | β Optional | β Yes | Kubernetes production |
| Binaries | β No | β οΈ Future | β No | β Go/Rust only | β No | Edge, embedded systems |
Multi-Arch Build StrategyΒΆ
Container images:
# Build multi-arch image with BuildKit
docker buildx build --platform linux/amd64,linux/arm64 \
-t ghcr.io/contextforge-org/mcp-gateway:latest \
--push .
Python wheels (Rust plugins):
# Cross-compile Rust plugin for multiple architectures
cargo build --release --target x86_64-unknown-linux-gnu
cargo build --release --target aarch64-unknown-linux-gnu
maturin build --release --target x86_64-unknown-linux-gnu
maturin build --release --target aarch64-unknown-linux-gnu
Go binaries:
# Cross-compile Go server
GOOS=linux GOARCH=amd64 go build -o mcp-server-time-linux-amd64
GOOS=linux GOARCH=arm64 go build -o mcp-server-time-linux-arm64
GOOS=darwin GOARCH=arm64 go build -o mcp-server-time-darwin-arm64
Supply Chain SecurityΒΆ
All releases include:
- Digital signatures - GPG signed tags and releases
- Container signing - cosign with keyless OIDC (Sigstore)
- SBOM - Software Bill of Materials (Syft, SPDX format)
- Provenance - SLSA Build Level 3 attestation
- Vulnerability scanning - Trivy and Grype in CI/CD
- Checksums - SHA256 for all binary artifacts
Verification:
# Verify container signature
cosign verify ghcr.io/contextforge-org/mcp-gateway:latest
# Verify binary checksum
sha256sum -c checksums.txt
Alternatives ConsideredΒΆ
| Option | Why Not |
|---|---|
| PyPI only | Doesn't work for Go/Rust servers, inconvenient for Kubernetes |
| Containers only | Poor developer experience, overkill for pip install |
| Single monolithic package | Too large, includes unnecessary dependencies |
| OS-specific packages (deb, rpm) | Narrow distribution, doesn't work for all platforms |
| Snap/Flatpak | Limited adoption, primarily for desktop apps |
StatusΒΆ
This decision is implemented. All formats are available through respective registries.
ReferencesΒΆ
- PyPI: https://pypi.org/project/mcp-contextforge-gateway/
- Container Registry: https://github.com/orgs/contextforge-org/packages
- Helm Charts:
oci://ghcr.io/contextforge-org/helm-charts/mcp-stack - GitHub Releases: @contextforge-org*/releases
- CI/CD: .github/workflows/