docker mcp secret set fails when secret value contains =

[alanmatiasdev]

The docker mcp secret set command currently throws an error when the secret value includes the = character (which is common in base64-encoded tokens, API keys, and JWTs):

no key=value pair: atlassian.confluence.api_token=REDACTED...

This happens even when the command is correctly formatted, for example:

docker mcp secret set 'atlassian.confluence.api_token=REDACTED...=18D12A02'

Root Cause

The issue is caused by the ParseArg function in the secret package, which currently uses strings.Split(arg, "=") to separate the key and value. This splits the string on every =, resulting in more than two elements when the value itself contains =, which triggers the "no key=value pair" error.

Problematic code snippet:

mcp-gateway/cmd/docker-mcp/secret-management/secret/set.go

Lines 45 to 49 in f788f54

	parts := strings.Split(arg, "=")
	if len(parts) != 2 {
	return nil, fmt.Errorf("no key=value pair: %s", arg)
	}
	return &Secret{key: parts[0], val: parts[1]}, nil

Proposed Fix

Use strings.SplitN(arg, "=", 2) to only split on the first =, ensuring that the value can safely include additional = characters.

Proposed patch:

parts := strings.SplitN(arg, "=", 2)
if len(parts) != 2 {
    return nil, fmt.Errorf("no key=value pair: %s", arg)
}
return &Secret{key: parts[0], val: parts[1]}, nil

This fix allows secrets such as API tokens, base64 strings, and JWTs to be parsed and stored correctly.

If this makes sense, I can open a pull request to implement the fix.