Loading...
Loading...
A cluster of recent projects shows Google Cloud tooling maturing around multi-agent AI: developers are moving prototypes to production by deploying MCP-based agents on Cloud Run, using Terraform for infra, Artifact Registry, least-privilege service accounts, and Secret Manager. The Google ADK, new MCP server implementations, and Gemini CLI accelerate building agents that combine Vertex AI memory, tool protocol integrations, and observability via Agent Traces. Complementary guides cover repo-agnostic MCP file tools, OAuth 2.1 protections for remote MCP servers, and LLM-driven CLIs that simplify Cloud Run deployments—together highlighting patterns for secure, auditable, and scalable AI agent ops.
These developments show Google Cloud tooling enabling production-grade multi-agent AI with repeatable infrastructure, security, and observability patterns. Tech professionals should know how MCP, Cloud Run, Vertex AI, and related tooling fit together for scalable, least-privilege agent deployments.
Dossier last updated: 2026-05-10 21:43:18
Google Cloud’s Dev Signal project releases guidance for moving a multi-agent system from local prototype to production by deploying an agent on Cloud Run using Terraform and the Agent Starter Pack. The article covers packaging the agent with Docker, building a FastAPI application server that connects to Vertex AI memory for long-term state, and enabling telemetry with Agent Traces for observability. It explains using Terraform to provision Artifact Registry, least-privilege service accounts, and Secret Manager to protect API keys, and points to a GitHub repo with code. This roadmap matters because it shows concrete infrastructure, security, and monitoring patterns for operating multi-agent AI services at scale on Google Cloud.
Google Cloud engineer built Dev Signal, a multi-agent system using the Google Agent Development Kit (ADK) and the new Developer Knowledge MCP server to scout Reddit for technical questions, research answers from official docs, draft blog posts, and generate custom visuals with Nano Banana Pro. The system uses Model Context Protocol (MCP) for standardized tools, integrates Gemini CLI as a coding assistant, and adds Vertex AI memory bank for long-term memory and personalized behavior. The project was developed and deployed to Cloud Run with Terraform in two days; a four-part series details tooling, multi-agent architecture, local testing, and production deployment. Source code is available on GitHub.
A developer built a local MCP (Model Context Protocol) server in Python to give AI assistants precise, repo-agnostic file search and editing capabilities. The single-file server (server.py) exposes seven tools—search (uses ripgrep), scan (git-based change detection), read_file, write_file (atomic), patch_file (find-and-replace), list_files, and file_stats—via the FastMCP framework so Claude Code, Cursor, or any MCP-compatible client can query and modify a target directory without repo-specific config. It supports ripgrep with fallbacks to grep or Python, enforces path safety within a specified LOCAL_FILES_ROOT, and persists scan state. This matters because it replaces heuristic, guess-prone LLM file lookups with exact, auditable file operations, improving developer workflows and safety when using AI assistants on codebases.
A developer used Google’s Gemini CLI to orchestrate a full Cloud Run deployment of a LINE Bot file-backup service that stores chat files to Google Drive, handling OAuth, Firestore, and environment configuration by conversational prompts. Gemini CLI inspected the repo, enabled required Google APIs, created a Firestore database (after correcting a region/command pitfall), and deployed a Cloud Run service with placeholder env vars so the app URL could be used to complete Google OAuth settings. After obtaining the OAuth client ID/secret, the CLI updated the service’s environment variables. The article highlights using an LLM-driven CLI as a DevOps assistant to simplify multi-step cloud deployments and surfaces real-world pitfalls and fixes. This matters because AI-driven tooling can lower cloud ops complexity for developers and accelerate secure app deployments.
A practical guide demonstrates adding OAuth 2.1 with PKCE and related RFCs to an MCP server in TypeScript, using the author’s KavachOS library (kavachos) and Hono. The tutorial covers exposing /.well-known/oauth-protected-resource (RFC 9728), dynamic client registration (RFC 7591), authorization code flow with PKCE, issuing resource-scoped access tokens (RFC 8707), and validating bearer tokens in MCP endpoints. Code samples show installing kavachos and hono, configuring an issuer and resource, wiring an /auth route, and protecting /mcp with requireToken middleware that enforces scopes like mcp:tools and injects agent identity. The post explains why each RFC is needed for secure, interoperable remote MCP servers. This matters because basic API-key approaches are unsafe when exposing MCP services to real users.