Commit Graph

274 Commits

Author SHA1 Message Date
q792602257 eb33f534f5 前端页面调整 2026-06-10 14:18:40 +08:00
q792602257 9516adc810 前端页面调整 2026-06-10 14:04:14 +08:00
q792602257 a34566e6fa 修复启动问题 2026-06-10 13:47:25 +08:00
q792602257 051d609f3b 修复启动问题 2026-06-10 10:20:11 +08:00
q792602257 9853b6fc1b 修复启动问题 2026-06-10 10:01:12 +08:00
q792602257 aaac7e9d98 改动 2026-06-10 07:55:16 +08:00
q792602257 821eca9f0c compose 2026-06-09 23:44:43 +08:00
q792602257 01b3375395 原型阶段 2026-06-09 23:44:31 +08:00
q792602257 ea1d0fb3bd Merge remote-tracking branch 'origin/master' 2026-06-09 22:43:43 +08:00
q792602257 f4a7c770af 启动项目逻辑 2026-06-09 22:43:29 +08:00
q792602257 eeccf4c1b6 Dockerfile 更新 2026-06-09 22:01:20 +08:00
q792602257 d5a28b11a3 国内镜像 2026-06-09 21:53:24 +08:00
q792602257 fbf31183ae Jenkinsfile 2026-06-09 21:44:37 +08:00
q792602257 0484e79978 修改 2026-06-09 21:22:28 +08:00
q792602257 8b41ff9360 fix(acp): add IssueSystemTokenWithTx to fakeSupMCPTokens
Fixes interface compliance after I2 added IssueSystemTokenWithTx to
the TokenService interface.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-06-09 21:17:51 +08:00
q792602257 e4cb55dae2 test(mcp): K5 — prompts + resources integration scenarios
- PromptsList_FromTemplates: system template visible via prompts/list + prompts/get
- ResourceRead_NotFound: non-existent pm://projects/{uuid} returns error
- ResourceList_ScopeFilter: in-scope project resource readable; resources listed

All 14 spec §8.2 integration scenarios now complete.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 13:31:18 +08:00
q792602257 f708e102d8 test(mcp): K4 — rate limit + ACP lifecycle + startup reaper
- RateLimit_PerToken: 110 burst calls -> at least 1 rate-limit error
- ACPSession_TokenLifecycle: create session -> token appears; terminate -> revoked
- StartupReaper: crashed session + live token -> ReapStaleSystemTokens revokes

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 13:26:12 +08:00
q792602257 e0e9ae7bda test(mcp): K2 — transport + auth integration scenarios
- StreamableHTTP_FullFlow: initialize → tools/list → tools/call
- LegacySSE_FullFlow: same flow over /mcp/sse
- BearerVsQueryToken: header + ?token= both authenticate
- MCPSDKVersionNegotiation: unknown version -> graceful response

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 13:24:36 +08:00
q792602257 20b449bb37 test(mcp): K3 — scope + visibility + audit integration scenarios
- ScopeViolation_Tool: token without create_issue can't call it
- ScopeViolation_Project: token can't access projects outside scope.project_ids
- VisibilityRespect: service-layer visibility blocks private projects
- WriteToolAudit: audit_logs contains via_mcp:true + mcp_token_id

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 13:20:11 +08:00
q792602257 f2ed098f32 test(mcp): integration scaffold — 14 scenarios per spec §8.2
- Matrix dispatcher with 14 sub-test stubs
- Suite struct with setup/cleanup lifecycle
- All sub-tests start as t.Skip stubs; filled in K2-K5

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 13:11:04 +08:00
q792602257 0644fc9b3b feat(app): startup reaper for MCP system tokens (spec §6.4)
- Runs after ACP startup reaper marks stuck sessions as crashed
- mcpRepo.ReapStaleSystemTokens revokes tokens bound to crashed/exited sessions
- Single audit entry per batch: mcp.token.expire_on_restart with count + token_ids
- Errors logged but don't block boot

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 13:08:21 +08:00
q792602257 6917acb778 feat(jobs): wire mcp_tokens_purge runner into jobs.Module
- Config.MCPTokensPurge + scheduleEntry branch
- app.go constructs runner with mcpTokensPurgeAdapter
- Registered as 'mcp_tokens_purge' in RunnerFns map

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 13:05:12 +08:00
q792602257 18f6c8bd2e feat(acp): SessionService.Create issues system MCP token in tx
- InTx wraps InsertSession + IssueSystemTokenWithTx (spec §6.1 atomic guarantee)
- Tx failure -> releaseOnFailure (worktree rollback)
- Spawn called with extraEnv = ACW_MCP_TOKEN + ACW_MCP_URL
- Spawn failure -> RevokeBySession (idempotent) + releaseOnFailure
- app.go SessionService construction updated with mcpTokens + config
- Unit tests: token issuance happy path + rollback on token failure

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 13:01:16 +08:00
q792602257 146dca7738 feat(jobs): mcp_tokens_purge runner (spec §6.5)
- Periodic delete of mcp_tokens where (expired OR revoked) before retention
- 24h interval default, 7d retention default
- Mirrors acp_events_purge pattern: idempotent, error-tolerant

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 12:56:10 +08:00
q792602257 702daced7d feat(acp): Supervisor.onExit revokes system MCP token (spec §6.3)
- mcpTokens dep added to Supervisor; nil-safe (test fixtures may skip)
- RevokeBySession called after audit Record in onExit
- app.go wires mcpTokenSvc (was nil placeholder)
- Integration test: fakeSupMCPTokens verifies onExit calls RevokeBySession

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 12:52:25 +08:00
q792602257 d44ffc851f feat(acp): Supervisor.Spawn extraEnv parameter
- extraEnv overrides agent_kinds.encrypted_env same-name keys (spec §6.1 #11)
- Prevents admin from hard-coding ACW_MCP_TOKEN in agent_kinds
- SessionService passes nil for now; system token wiring lands in I4
- BuildSpawnEnv exported for testing the override priority
- Fix app.go NewSupervisor call to match updated signature (from I5)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 12:46:50 +08:00
q792602257 3a448cee5f feat(mcp): IssueSystemTokenWithTx for cross-module tx (spec §6.1)
- Extract issueSystemToken helper; pool-bound + tx-bound entries share impl
- IssueSystemTokenWithTx accepts pgx.Tx, uses repo.WithTx(tx) for DB writes
- Audit Record stays outside tx (audit failure doesn't roll back business path)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 12:44:37 +08:00
q792602257 33057e885f feat(config): add jobs.mcp_tokens_purge config (spec §6.6)
Default: enabled=true, interval=24h, retention=168h (7 days).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 12:43:40 +08:00
q792602257 be8d5e3a1b feat(mcp,acp): Repository.WithTx + acp.Repository.InTx
Cross-module transactional support for spec §6.1: ACP CreateSession must
atomically insert acp_sessions row + mcp_tokens row (FK NOT NULL).

- mcp.Repository.WithTx(tx) -> Repository (tx-bound, no pool)
- acp.Repository.InTx(ctx, fn) -> error (pgx.BeginFunc wrapper)
- acp.Repository.WithTx(tx) -> Repository (tx-bound)
- Update fakeRepos in test files to satisfy new interface methods

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 12:40:54 +08:00
q792602257 62d9a91ca5 test(mcp): 13 PM tool tests + fix jsonschema tags
Add tools_pm_test.go with 13 integration tests covering all 16 PM
tools via SDK in-memory transport with fake services.

Fix jsonschema tags in tools_pm.go and tools_chat.go — SDK's tag
parser rejects "required,min=1" and "required,description=X" syntax;
use plain description text instead (non-pointer fields are auto-required).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 11:52:24 +08:00
q792602257 7d9164d478 feat(mcp): 16 PM tools + chat tool + 6 resource URIs + admin token UI
Phase F: tools_pm.go — list/get/create/update/close/reopen/assign for
projects, workspaces, requirements, issues (16 tools total).

Phase G: tools_chat.go — list_recent_messages tool; resources.go — 6 PM
resource URI templates (projects, project-detail, requirements, issues,
workspaces, workspace-detail).

Phase H: frontend admin UI — mcpTokens API client, Pinia store,
MCPTokenAdminView with create/revoke/list, router entry, NavBar link.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 11:27:47 +08:00
q792602257 d0efe2bdd4 feat(mcp): admin token CRUD HTTP handler (POST/GET/DELETE) + TokenService.List/GetByID
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 11:04:37 +08:00
q792602257 2d6521e610 feat(mcp): prompts registration via RegisterSystemPrompts (system-scope only)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 10:52:54 +08:00
q792602257 5cccc97edd feat(app): wire MCP module — repo/service/ratelimiter/server + transport mount + AuditWrap
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 10:44:17 +08:00
q792602257 6ce21d178e feat(mcp): mount Streamable HTTP + legacy SSE transports with auth+ratelimit
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 10:37:48 +08:00
q792602257 5fd4eab7ca feat(mcp): audit recorder wrapper injecting via_mcp + mcp_token_id from ctx
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 10:35:44 +08:00
q792602257 d6279c6ee1 feat(mcp): scope check helpers (CheckToolFromCtx + CheckProjectFromCtx)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 10:34:54 +08:00
q792602257 59e0138e7c feat(mcp): CallerResolver (AuthSession -> project.Caller bridge)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 10:34:47 +08:00
q792602257 319b3a8baa feat(mcp): add MCP Go SDK v1.6.0 + NewMCPServer scaffold with register stubs
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 10:34:08 +08:00
q792602257 a00f5a9efd refactor(mcp): apply Part 1 review I1+I3+I4+I5
- Rename MCPToken -> Token (mcp.Token reads cleaner; zero external callers yet)
- IssueSystemToken: guard against nil ACPSessionID / UserID (early input validation)
- TokenService: inject now func for clock injection (parity with RateLimiter)
- Repository CHECK constraint tests: assert wrapped CodeInternal

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-08 10:28:49 +08:00
q792602257 980c6fcf0e models 2026-05-08 08:57:09 +08:00
q792602257 71a3a85b26 fix(mcp): code review I2 — admin expires_at must be future + Part 3 tx TODO + scope JSON round-trip tests
- IssueAdmin now rejects past/now ExpiresAt with CodeMcpTokenExpiresRequired
- TestIssueAdmin_ExpiresMustBeFuture covers the new path
- IssueSystemToken doc comment notes pgRepo currently ignores ctx tx; Part 3
  must add Repository.WithTx for true same-transaction guarantee with
  acp_sessions (spec §6.1)
- New scope_test.go (whitebox) verifies JSON round-trip preserves nil-vs-empty
  semantics on Tools / ProjectIDs and exercises AllowsTool / AllowsProject
  edges that Authenticate / future tool gating depend on
2026-05-08 08:30:26 +08:00
q792602257 c046d77a6e test(mcp): auth middleware + rate limiter tests 2026-05-08 08:11:02 +08:00
q792602257 e1e6508c4c feat(mcp): rate limit middleware (per-token + global token bucket, 1-min window) 2026-05-08 08:08:13 +08:00
q792602257 416a7d5023 feat(mcp): auth middleware (Bearer + ?token= fallback) 2026-05-08 08:06:41 +08:00
q792602257 8031579487 test(mcp): TokenService unit tests with fake repo 2026-05-08 08:04:54 +08:00
q792602257 7d9cd4bf6b feat(mcp): TokenService.Revoke + RevokeBySession (with audit) 2026-05-08 08:02:11 +08:00
q792602257 796e1e0d4c feat(mcp): TokenService.Authenticate (hash lookup + revoked/expired check + async last_used) 2026-05-08 08:00:35 +08:00
q792602257 0081ad6e49 feat(mcp): TokenService.IssueSystemToken (with default scope + 24h TTL) 2026-05-08 07:59:00 +08:00
q792602257 d1573bde09 feat(mcp): TokenService skeleton + IssueAdmin 2026-05-08 07:57:17 +08:00