vMCP: Implement CLI serve command and session management (#2406)

* Implement CLI serve command and session management for Virtual MCP Server

This completes the MCP protocol server implementation by adding CLI
integration, session management, and health endpoints. The Virtual MCP
Server can now aggregate multiple backend MCP servers from a ToolHive
group and serve them through a unified MCP endpoint.

Changes:
- Implement 'vmcp serve' command with full component wiring
- Integrate MCP session management using ToolHive's session.Manager
- Add /health and /ping endpoints with minimal security-conscious responses
- Create session adapter exposing session.Manager via SDK interface
- Add comprehensive test coverage for session lifecycle and health endpoints
- Provide example configuration file with documentation

Session Management Architecture:
Sessions are ENTIRELY managed by ToolHive's session.Manager (the same
component used in pkg/transport/proxy/streamable for MCP sessions).
The mark3labs SDK does NOT manage sessions - it only calls our
sessionIDAdapter interface during MCP protocol flows:
  - Generate(): Called on MCP initialize to create session IDs
  - Validate(): Called on every request to check session validity
  - Terminate(): Called on HTTP DELETE to end sessions

All session storage, TTL-based cleanup, and lifecycle management is
handled by ToolHive infrastructure. The adapter is purely glue code
following DDD principles (infrastructure in server bounded context).

Security:
- Health endpoint intentionally minimal to prevent information disclosure
- No version, session counts, or capability metrics exposed
- Cryptographically secure session IDs per MCP specification
- Session termination properly handled with 404 semantics

Testing:
- Added 381 lines of test coverage for new functionality
- Session adapter: 9 test cases covering full lifecycle
- Health endpoints: 3 test cases including security validation

The Virtual MCP Server is now functionally complete for basic operation,
pending authentication implementation in separate issues.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

* Address PR review feedback and fix test failures

Improve error handling and add timeouts:
- Return empty session ID when storage fails, allowing graceful degradation
- Add 30-second timeout for capability aggregation to prevent hangs

Fix parallel test execution:
- Support port 0 for dynamic port allocation in tests
- Add listener tracking to return actual bound port
- Protect listener access with RWMutex to prevent data races

All tests pass with race detection enabled.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

---------

Co-authored-by: Claude <noreply@anthropic.com>

Author: JAORMX

cmd/vmcp/README.md

@@ -6,16 +6,25 @@ The Virtual MCP Server (vmcp) is a standalone binary that aggregates multiple MC
 
 ## Features
 
-- **Group-Based Backend Management**: References an existing ToolHive group for automatic workload discovery
-- **Tool Aggregation**: Combines tools from multiple MCP servers with conflict resolution (prefix, priority, or manual)
-- **Resource & Prompt Aggregation**: Unified access to resources and prompts from all backends
-- **Two Authentication Boundaries**:
-  - **Incoming Auth** (Client → Virtual MCP): OIDC, local, or anonymous authentication
-  - **Outgoing Auth** (Virtual MCP → Backend APIs): RFC 8693 token exchange for backend API access
-- **Per-Backend Token Exchange**: Different authentication strategies per backend (pass_through, token_exchange, service_account)
-- **Authorization**: Cedar policy-based access control
-- **Operational Features**: Circuit breakers, health checks, timeout management, failure handling
-- **Future**: Composite tools with elicitation support for multi-step workflows
+### Implemented (Phase 1)
+- ✅ **Group-Based Backend Management**: Automatic workload discovery from ToolHive groups
+- ✅ **Tool Aggregation**: Combines tools from multiple MCP servers with conflict resolution (prefix, priority, manual)
+- ✅ **Resource & Prompt Aggregation**: Unified access to resources and prompts from all backends
+- ✅ **Request Routing**: Intelligent routing of tool/resource/prompt requests to correct backends
+- ✅ **Session Management**: MCP protocol session tracking with TTL-based cleanup
+- ✅ **Health Endpoints**: `/health` and `/ping` for service monitoring
+- ✅ **Configuration Validation**: `vmcp validate` command for config verification
+
+### In Progress
+- 🚧 **Incoming Authentication** (Issue #165): OIDC, local, anonymous authentication
+- 🚧 **Outgoing Authentication** (Issue #160): RFC 8693 token exchange for backend API access
+- 🚧 **Token Caching**: Memory and Redis cache providers
+- 🚧 **Health Monitoring** (Issue #166): Circuit breakers, backend health checks
+
+### Future (Phase 2+)
+- 📋 **Authorization**: Cedar policy-based access control
+- 📋 **Composite Tools**: Multi-step workflows with elicitation support
+- 📋 **Advanced Routing**: Load balancing, failover strategies
 
 ## Installation
 
@@ -39,6 +48,48 @@ task build-vmcp-image
 docker pull ghcr.io/stacklok/toolhive/vmcp:latest
 ```
 
+## Quick Start
+
+```bash
+# 1. Create a ToolHive group
+thv group create my-team
+
+# 2. Run some MCP servers in the group
+thv run github --name github-mcp --group my-team
+thv run fetch --name fetch-mcp --group my-team
+
+# 3. Create a vmcp configuration file (see example-config.yaml)
+cat > vmcp-config.yaml <<EOF
+name: "my-vmcp"
+group: "my-team"
+incoming_auth:
+  type: anonymous
+outgoing_auth:
+  source: inline
+  default:
+    type: pass_through
+aggregation:
+  conflict_resolution: prefix
+  conflict_resolution_config:
+    prefix_format: "{workload}_"
+EOF
+
+# 4. Validate the configuration
+vmcp validate --config vmcp-config.yaml
+
+# 5. Start the Virtual MCP Server
+vmcp serve --config vmcp-config.yaml
+
+# 6. Test the health endpoint
+curl http://127.0.0.1:4483/health
+# {"status":"ok"}
+
+# 7. Connect your MCP client to http://127.0.0.1:4483/mcp
+# The client will see aggregated tools from all backends:
+#   - github-mcp_create_issue, github-mcp_list_repos, ...
+#   - fetch-mcp_fetch, ...
+```
+
 ## Usage
 
 ### CLI Commands

cmd/vmcp/app/commands.go

@@ -2,13 +2,21 @@
 package app
 
 import (
+	"context"
 	"fmt"
+	"time"
 
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 
+	"github.com/stacklok/toolhive/pkg/groups"
 	"github.com/stacklok/toolhive/pkg/logger"
+	"github.com/stacklok/toolhive/pkg/vmcp/aggregator"
+	vmcpclient "github.com/stacklok/toolhive/pkg/vmcp/client"
 	"github.com/stacklok/toolhive/pkg/vmcp/config"
+	vmcprouter "github.com/stacklok/toolhive/pkg/vmcp/router"
+	vmcpserver "github.com/stacklok/toolhive/pkg/vmcp/server"
+	"github.com/stacklok/toolhive/pkg/workloads"
 )
 
 var rootCmd = &cobra.Command{
@@ -74,18 +82,7 @@ func newServeCmd() *cobra.Command {
 The server will read the configuration file specified by --config flag and start
 listening for MCP client connections. It will aggregate tools, resources, and prompts
 from all configured backend MCP servers.`,
-		RunE: func(_ *cobra.Command, _ []string) error {
-			configPath := viper.GetString("config")
-			if configPath == "" {
-				return fmt.Errorf("no configuration file specified, use --config flag")
-			}
-
-			logger.Infof("Loading configuration from: %s", configPath)
-			// TODO: Load configuration and start server
-			// This will be implemented in a future PR when pkg/vmcp is added
-
-			return fmt.Errorf("serve command not yet implemented")
-		},
+		RunE: runServe,
 	}
 }
 
@@ -171,3 +168,116 @@ func getVersion() string {
 	// This will be replaced with actual version info using ldflags
 	return "dev"
 }
+
+// runServe implements the serve command logic
+func runServe(cmd *cobra.Command, _ []string) error {
+	ctx := cmd.Context()
+	configPath := viper.GetString("config")
+
+	if configPath == "" {
+		return fmt.Errorf("no configuration file specified, use --config flag")
+	}
+
+	logger.Infof("Loading configuration from: %s", configPath)
+
+	// Load configuration from YAML
+	loader := config.NewYAMLLoader(configPath)
+	cfg, err := loader.Load()
+	if err != nil {
+		logger.Errorf("Failed to load configuration: %v", err)
+		return fmt.Errorf("configuration loading failed: %w", err)
+	}
+
+	// Validate configuration
+	validator := config.NewValidator()
+	if err := validator.Validate(cfg); err != nil {
+		logger.Errorf("Configuration validation failed: %v", err)
+		return fmt.Errorf("validation failed: %w", err)
+	}
+
+	logger.Infof("Configuration loaded and validated successfully")
+	logger.Infof("  Name: %s", cfg.Name)
+	logger.Infof("  Group: %s", cfg.GroupRef)
+	logger.Infof("  Conflict Resolution: %s", cfg.Aggregation.ConflictResolution)
+
+	// Initialize managers for backend discovery
+	logger.Info("Initializing workload and group managers")
+	workloadsManager, err := workloads.NewManager(ctx)
+	if err != nil {
+		return fmt.Errorf("failed to create workloads manager: %w", err)
+	}
+
+	groupsManager, err := groups.NewManager()
+	if err != nil {
+		return fmt.Errorf("failed to create groups manager: %w", err)
+	}
+
+	// Create backend discoverer
+	discoverer := aggregator.NewCLIBackendDiscoverer(workloadsManager, groupsManager)
+
+	// Discover backends from the configured group
+	logger.Infof("Discovering backends in group: %s", cfg.GroupRef)
+	backends, err := discoverer.Discover(ctx, cfg.GroupRef)
+	if err != nil {
+		return fmt.Errorf("failed to discover backends: %w", err)
+	}
+
+	if len(backends) == 0 {
+		return fmt.Errorf("no backends found in group %s", cfg.GroupRef)
+	}
+
+	logger.Infof("Discovered %d backends", len(backends))
+
+	// Create backend client
+	backendClient := vmcpclient.NewHTTPBackendClient()
+
+	// Create conflict resolver based on configuration
+	// Use the factory method that handles all strategies
+	conflictResolver, err := aggregator.NewConflictResolver(cfg.Aggregation)
+	if err != nil {
+		return fmt.Errorf("failed to create conflict resolver: %w", err)
+	}
+
+	// Create aggregator
+	agg := aggregator.NewDefaultAggregator(backendClient, conflictResolver, cfg.Aggregation.Tools)
+
+	// Aggregate capabilities from all backends with timeout
+	logger.Info("Aggregating capabilities from backends")
+	aggCtx, cancel := context.WithTimeout(ctx, 30*time.Second)
+	defer cancel()
+
+	capabilities, err := agg.AggregateCapabilities(aggCtx, backends)
+	if err != nil {
+		return fmt.Errorf("failed to aggregate capabilities: %w", err)
+	}
+
+	logger.Infof("Aggregated %d tools, %d resources, %d prompts from %d backends",
+		capabilities.Metadata.ToolCount,
+		capabilities.Metadata.ResourceCount,
+		capabilities.Metadata.PromptCount,
+		capabilities.Metadata.BackendCount)
+
+	// Create router
+	rtr := vmcprouter.NewDefaultRouter()
+
+	// Create server configuration
+	serverCfg := &vmcpserver.Config{
+		Name:    cfg.Name,
+		Version: getVersion(),
+		Host:    "127.0.0.1", // TODO: Make configurable
+		Port:    4483,        // TODO: Make configurable
+	}
+
+	// Create server
+	srv := vmcpserver.New(serverCfg, rtr, backendClient)
+
+	// Register capabilities
+	logger.Info("Registering capabilities with server")
+	if err := srv.RegisterCapabilities(ctx, capabilities); err != nil {
+		return fmt.Errorf("failed to register capabilities: %w", err)
+	}
+
+	// Start server (blocks until shutdown signal)
+	logger.Infof("Starting Virtual MCP Server at %s", srv.Address())
+	return srv.Start(ctx)
+}

cmd/vmcp/example-config.yaml

@@ -0,0 +1,118 @@
+# Virtual MCP Server Example Configuration
+#
+# This is a minimal example configuration for the Virtual MCP Server.
+# The Virtual MCP Server aggregates multiple MCP server workloads from a
+# ToolHive group into a single unified MCP endpoint.
+#
+# Usage:
+#   vmcp serve --config example-config.yaml
+#
+# Prerequisites:
+#   1. Create a ToolHive group: thv group create engineering-team
+#   2. Run backend MCP servers: thv run github --group engineering-team
+#   3. Start Virtual MCP: vmcp serve --config this-file.yaml
+
+# Virtual MCP Server name
+name: "engineering-vmcp"
+
+# Reference to ToolHive group containing backend MCP servers
+# This group should contain one or more running MCP server workloads
+group: "engineering-team"
+
+# ===== INCOMING AUTHENTICATION (Client → Virtual MCP) =====
+# Currently not implemented - this configuration is a placeholder for
+# future implementation (Issue #165)
+incoming_auth:
+  type: anonymous  # Options: oidc | anonymous | local
+  # OIDC configuration (when type=oidc, not yet implemented):
+  # oidc:
+  #   issuer: "https://keycloak.example.com/realms/myrealm"
+  #   client_id: "vmcp-client"
+  #   client_secret_env: "VMCP_CLIENT_SECRET"
+  #   audience: "vmcp"
+  #   scopes: ["openid", "profile", "email"]
+
+# ===== OUTGOING AUTHENTICATION (Virtual MCP → Backends) =====
+# Currently not implemented - this configuration is a placeholder for
+# future implementation (Issue #160)
+outgoing_auth:
+  source: inline  # Options: inline | discovered
+
+  # Default behavior for backends without explicit config
+  default:
+    type: pass_through  # Options: pass_through | token_exchange | service_account
+
+  # Per-backend authentication (not yet implemented)
+  # backends:
+  #   github:
+  #     type: token_exchange
+  #     token_exchange:
+  #       token_url: "https://keycloak.example.com/realms/myrealm/protocol/openid-connect/token"
+  #       client_id: "vmcp-github-exchange"
+  #       client_secret_env: "GITHUB_EXCHANGE_SECRET"
+  #       audience: "github-api"
+  #       scopes: ["repo", "read:org"]
+
+# ===== TOOL AGGREGATION =====
+aggregation:
+  # Conflict resolution strategy when multiple backends have tools with the same name
+  # Options: prefix | priority | manual
+  conflict_resolution: prefix
+
+  # Configuration for the chosen strategy
+  conflict_resolution_config:
+    # For prefix strategy: format for prefixing tool names
+    # Options: {workload}_ | {workload}. | custom-prefix-
+    prefix_format: "{workload}_"
+
+    # For priority strategy: explicit backend ordering (first wins)
+    # priority_order: ["github", "jira", "slack"]
+
+  # Per-workload tool filtering and overrides (optional)
+  # tools:
+  #   - workload: "github"
+  #     # Include only specific tools (omit to include all)
+  #     filter: ["create_pr", "merge_pr", "list_issues"]
+  #     # Rename tools to avoid conflicts
+  #     overrides:
+  #       create_pr:
+  #         name: "gh_create_pr"
+  #         description: "Create a GitHub pull request"
+
+# ===== TOKEN CACHING =====
+# Token cache configuration (not yet implemented)
+# This will be used when outgoing authentication is implemented
+# token_cache:
+#   provider: memory  # Options: memory | redis
+#   config:
+#     max_entries: 1000
+#     ttl_offset: "5m"  # Refresh tokens 5 minutes before expiry
+
+# ===== OPERATIONAL SETTINGS =====
+# Operational configuration (partially implemented)
+# operational:
+#   timeouts:
+#     default: 30s
+#     per_workload:
+#       github: 45s
+#
+#   failure_handling:
+#     health_check_interval: 30s
+#     unhealthy_threshold: 3
+#     partial_failure_mode: fail  # Options: fail | best_effort
+#     circuit_breaker:
+#       enabled: true
+#       failure_threshold: 5
+#       timeout: 60s
+
+# ===== COMPOSITE TOOLS (Phase 2) =====
+# Composite tools for multi-step workflows (not yet implemented)
+# composite_tools:
+#   - name: "deploy_and_notify"
+#     description: "Deploy PR and notify team"
+#     parameters:
+#       pr_number: {type: "integer"}
+#     steps:
+#       - id: "merge"
+#         tool: "github.merge_pr"
+#         arguments: {pr: "{{.params.pr_number}}"}