Build environment policy
Use this directive to inject environment variables into every MCP server container managed by ToolHive. Common uses include configuring HTTP proxies so containers can reach the internet through your corporate proxy, pointing containers at internal endpoints, or setting org-wide values that every server needs.
You'll need the Enterprise Manager already deployed and reachable by clients.
Configure the build environment directive
Add the build_env directive to your enterprise configuration. The value is a
flat map of environment variable names to string values. Pick an
enforcement level to match your use case.
enterpriseConfig:
build_env:
value:
HTTP_PROXY: 'http://proxy.example.com:3128'
HTTPS_PROXY: 'http://proxy.example.com:3128'
NO_PROXY: 'localhost,127.0.0.1,.internal.example.com'
enforcement: 'enforced'
Use enforced when the variables must be present for containers to function,
for example when all outbound traffic must go through a corporate proxy. Use
default when you want to provide org-wide defaults that individual developers
or teams can override locally.
After updating your configuration, apply the change.
Variations
Advisory defaults
Provide org-wide environment defaults while allowing local overrides:
enterpriseConfig:
build_env:
value:
MY_INTERNAL_API: 'https://api.internal.example.com'
enforcement: 'default'
Next steps
- CA certificate policy to inject a custom CA certificate into MCP containers
- Registry policy to enforce a specific registry URL
- Non-registry servers policy to block servers outside the registry
- Degraded mode to define client behavior when the Enterprise Manager is unreachable