MCP refactor + cryptography build prevention

Signed-off-by: GitHub <noreply@github.com>

Dockerfile

@@ -32,7 +32,8 @@ RUN apk add --no-cache bash shadow python3 python3-dev gcc musl-dev libffi-dev o
 # Create virtual environment owned by root, but readable by everyone else. This makes it easy to copy
 # into hardened stage without worrying about permissions and keeps image size small. Keeping the commands
 # together makes for a slightly smaller image size.
-RUN pip install --no-cache-dir -r /tmp/requirements.txt && \
+RUN python -m pip install --upgrade pip setuptools wheel && \
+    pip install --no-cache-dir -r /tmp/requirements.txt && \
     chmod -R u-rwx,g-rwx /opt
 
 # second stage is the main runtime stage with just the minimum required to run the application

server/api_server/api_server_start.py

@@ -3,7 +3,6 @@ import sys
 import os
 
 from flask import Flask, request, jsonify, Response
-import requests
 from models.device_instance import DeviceInstance  # noqa: E402
 from flask_cors import CORS
 
@@ -116,26 +115,10 @@ CORS(
 # MCP bridge variables + helpers (moved from mcp_routes)
 # -------------------------------------------------------------------------------
 
-mcp_openapi_spec_cache = None
-
 BACKEND_PORT = get_setting_value("GRAPHQL_PORT")
 API_BASE_URL = f"http://localhost:{BACKEND_PORT}"
 
 
-def get_openapi_spec_local():
-    global mcp_openapi_spec_cache
-    if mcp_openapi_spec_cache:
-        return mcp_openapi_spec_cache
-    try:
-        resp = requests.get(f"{API_BASE_URL}/mcp/openapi.json", timeout=10)
-        resp.raise_for_status()
-        mcp_openapi_spec_cache = resp.json()
-        return mcp_openapi_spec_cache
-    except Exception as e:
-        mylog('minimal', [f"Error fetching OpenAPI spec: {e}"])
-        return None
-
-
 @app.route('/mcp/sse', methods=['GET', 'POST'])
 def api_mcp_sse():
     if not is_authorized():