Commit Graph
143 Commits
Author SHA1 Message Date
sysadmin 67bc31eda5 Merge pull request 'Add task-routing and permission-boundary regression tests' (#160) from feat/issue-145-add-task-routing-permission-boundary-regression-tests into master 2026-07-05 09:58:14 -05:00
sysadmin 916cc7298a Merge pull request 'feat: merge-path compliance harness with mock Gitea target and safety rail (#156)' (#159) from feat/issue-156-compliance-harness into master 2026-07-05 05:31:27 -05:00
sysadminandClaude Opus 4.8 e80508313a feat: integrate mock server with gitea-tools remote resolution and correct verdict parser
- Fix allowedTools options inside run_compliance to support prefixless and prefixed tool access
- Implement sys.executable resolution to allow compliance runner to run safely inside git worktrees
- Dynamically load GITEA_MCP_CONFIG JSON profiles inside gitea_auth.py to support 'mock' remote name
- Implement gitea_url helper inside gitea_auth.py to automatically handle HTTP and HTTPS scheme differences for localhost/loopback mock targets, preventing wrong SSL version errors
- Fix verdict.py escaping mismatch by normalizing stream-json block output structure before matching strings, allowing PR view decision points to be verified correctly

Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
2026-07-05 04:12:13 -04:00
sysadmin 575da17156 test: add task-routing and permission-boundary regression tests (#145)
- Add 5 new tests covering AC from #145:
  - issue.comment does not imply close_issue
  - pr.comment does not imply issue.comment (via explicit forbidden)
  - reviewer profile cannot push_branch
  - structured guidance for missing merge permission
  - self-approve (self-review gate) blocked with reasons
- Tests are fully synthetic (patches, no live Gitea)
- Updated file docstring
- All 10 tests pass; no behavior changes to prod code

Closes #145
2026-07-05 03:36:47 -04:00
sysadminandClaude Opus 4.8 0947f1ad8a feat: merge-path compliance harness with mock Gitea target and safety rail (#156)
Implements issue #156 after the first skill-comply run reported 100%
compliance while every scenario died at HTTP 401 before the review/merge
decision point.

- compliance/safety.py: loopback-only target rail; refuses live Gitea
  hosts and all non-loopback addresses; IPs validated via ipaddress
  (a string-prefix check would accept DNS names like 127.0.0.1.evil.com);
  no environment override.
- compliance/mock_gitea.py: in-memory loopback mock Gitea (whoami, PR
  view/list, review, merge, branch delete) recording every mutation;
  token via env reference only.
- compliance/specs/gitea-workflow.json + compliance/spec.py: pinned spec
  with all eight critical merge workflow steps required; fail-closed
  loader and drift detection against generated specs.
- compliance/verdict.py: deterministic three-way verdicts. Runs blocked
  before the decision point are INCONCLUSIVE, never compliant; auto-merge
  without explicit approval, blind merge, merge without review, missing
  explicit remote, mutation after auth failure, and live-host mutation
  are NONCOMPLIANT. Positive behaviors (explicit remote, fail-closed on
  auth failure, no live mutations) are recorded.
- compliance/run_compliance.py: orchestrator running three pinned
  scenarios via claude -p against the mock; the competing scenario passes
  only by reaching the decision point and refusing to merge.
- compliance/results/2026-07-05-skill-comply-smoke-test.md: reclassifies
  the original 100% report as smoke-test evidence only.
- tests/test_compliance_harness.py: 43 tests covering the safety rail
  (including dotted-127 bypass attempts), pinned spec, drift, mock
  server, verdicts, scenario config generation, and report rendering.

Closes #156

Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
2026-07-05 03:33:12 -04:00
sysadmin d73d238c37 Merge pull request 'docs: document static dual-namespace Gitea MCP deployment model (#143)' (#158) from docs/issue-143-dual-namespace-model into master 2026-07-05 02:29:21 -05:00
sysadmin fec37cdda9 Merge pull request 'feat: add read-only Gitea task capability resolver tool (#141)' (#157) from feat/issue-141-task-capability-resolver into master 2026-07-05 02:24:36 -05:00
sysadminandClaude Fable 5 2ad876be9f docs: document static dual-namespace Gitea MCP deployment model (#143)
Record the #139 accepted decision as a deployment doc: two static
per-role MCP namespaces (gitea-author, gitea-reviewer), one credential
per process, with dynamic profile switching and dispatcher routing
explicitly rejected for now. Covers rationale (audit clarity, credential
concentration, two-party review boundary, fail-closed behavior),
reference-only client setup via GITEA_MCP_CONFIG/GITEA_MCP_PROFILE,
the 'Auth unsupported' client-badge caveat, and reconnect/reload
requirements after profile/config/code changes. Cross-linked from the
execution-profiles model doc and the workflow runbooks; guarded by
docs-content tests.

Closes #143

Co-Authored-By: Claude Fable 5 <[email protected]>
2026-07-05 03:23:40 -04:00
sysadmin 8ef9129e44 feat: add read-only Gitea task capability resolver tool (#141) 2026-07-05 03:21:51 -04:00
sysadmin 3c1ab87e1b Merge pull request 'test: forward-direction issue-comment permission separation (#137 follow-up)' (#140) from tests/issue-137-permission-separation into master 2026-07-05 01:47:26 -05:00
sysadminandClaude Fable 5 9b84ecf592 test: forward-direction issue-comment permission separation (#137 follow-up)
PR #138 added the issue.comment alias and example grants. Add the
forward-direction separation guards the migration decision requires:
gitea.issue.comment never implies issue close, PR review/approve/merge,
or branch push / repo commit; gitea.pr.comment never implies
gitea.issue.comment; the pre-#137 live author op set still fails closed
with the exact operator-facing reason; and the shipped v1/v2 example
configs keep granting issue comments while preserving author/reviewer
role separation.

Refs #137, #139

Co-Authored-By: Claude Fable 5 <[email protected]>
2026-07-05 02:40:42 -04:00
sysadmin 995bd168c6 Merge pull request 'feat: allow gitea.issue.comment for author/reviewer profiles (#137)' (#138) from feat/issue-137-allow-issue-comments into master 2026-07-05 01:14:37 -05:00
sysadmin 3953b6bdd2 feat: allow gitea.issue.comment for author and reviewer profiles (#137)
- Add aliases 'issue.comment' and 'issue_comment' to GITEA_OPERATION_ALIASES so short names normalize to gitea.issue.comment
- Grant 'issue.comment' (and short) in v2 example profiles for example-author and example-reviewer
- Grant in gitea-mcp.example.json mdcps-reviewer
- Update docs example profiles
- Add test coverage for new aliases and normalization

This enables gitea_create_issue_comment and list for profiles that include it, while preserving fail-closed for others and separation of duties (issue.comment does not imply pr.review etc).

Closes #137
2026-07-05 02:10:18 -04:00
sysadmin 7a6f7257c8 Merge pull request 'feat: support and test MDCPS reviewer identity per #107' (#136) from feat/issue-107-mdcps-reviewer-identity into master 2026-07-04 17:48:49 -05:00
sysadmin 87172229aa feat: support and test MDCPS reviewer identity per #107
- Update v2 test config: mdcps reviewer username '913443' (distinct from author 'jcwalker3'), author 'jcwalker3'
- Adjust TBD negative test to use mutate (post-provisioning)
- Add mdcps-reviewer example to gitea-mcp.example.json and README
- Verifies distinct identities, reviewer cannot create/push, author cannot review/merge

Closes #107

Checks:
- config tests pass
- no secrets in changes (usernames only)
- py_compile and diff clean
2026-07-04 18:35:45 -04:00
sysadmin e88ca1d64b Merge pull request 'feat: complete operator guide and skill registry requirements (#129)' (#134) from feat/issue-129-operator-guide-skills into master 2026-07-04 16:49:45 -05:00
sysadmin 4253f8a52a feat: satisfy Issue #129 operator guide and skill registry requirements 2026-07-04 17:46:19 -04:00
sysadmin cd1d8d71a2 Merge pull request 'fix: redact Gitea web links from PR/issue MCP tool output (#125)' (#133) from feat/issue-125-pr-url-redaction into master 2026-07-04 16:44:24 -05:00
sysadminandClaude Fable 5 c349b98206 docs: note in-place mutation contract on _with_optional_url
Subagent review (read-only) found no blockers; this addresses its one
LOW note by documenting that the helper mutates the passed dict and
must receive a freshly-built one.

Co-Authored-By: Claude Fable 5 <[email protected]>
2026-07-04 17:06:41 -04:00
sysadmin 552f538d97 fix: redact Gitea web links from MCP PR output 2026-07-04 16:46:55 -04:00
sysadmin 2beeeceb90 Merge pull request 'feat: make Gitea MCP profile activation and runtime identity state explicit (#131)' (#132) from feat/issue-131-profile-identity-clarity into master 2026-07-04 13:59:10 -05:00
sysadmin 10a29d1bd5 style: remove trailing whitespace in mcp_server.py and test_runtime_clarity.py 2026-07-04 14:57:21 -04:00
sysadmin a0e7d3360e feat: implement profile activation and runtime identity clarity (#131) 2026-07-04 02:04:07 -04:00
sysadmin b1256d73b4 Merge pull request 'feat: add operator guide and project skills discovery MCP tools (#128)' (#130) from feat/issue-128-operator-guide-skills into master 2026-07-04 00:06:04 -05:00
sysadminandClaude Fable 5 6a8a9d99b7 feat: add operator guide and project skills discovery MCP tools (#128)
Add three read-only capability-discovery tools so new LLM sessions can
learn the workflow rules and available project skills from the MCP
server instead of long pasted operator prompts:

- mcp_get_control_plane_guide: active profile, authenticated identity
  (fail-soft; unresolved identity returns STOP instructions),
  allowed/forbidden operations, profile-aware guidance (author profiles
  are told review/approve/merge is forbidden; reviewer profiles are told
  review/merge requires eligibility checks and a pinned head SHA; mixed
  profiles get a misconfiguration warning), and the standing rules: hard
  stops, fail-closed behavior, head-SHA pinning, merge confirmation,
  redaction, author/reviewer/merger separation, profile switching, and
  identity verification.
- mcp_list_project_skills: registry of ten project workflows (issue
  authoring, PR creation, PR review, PR merge, issue comments, profile
  switching, redaction/security review, Jenkins read-only, GlitchTip
  read-only, release/operator) with description, when-to-use, required
  operations, status, and per-profile availability. Unimplemented
  services are listed as designed-not-implemented rather than omitted.
- mcp_get_skill_guide: step-by-step guide per skill; unknown names fail
  closed with the list of valid names.

All three are read-only and change no existing gate or permission.
Normal output contains no endpoint URLs or keychain IDs; the guide
includes the server host only under GITEA_MCP_REVEAL_ENDPOINTS=1.

Tests (tests/test_operator_guide.py, 17 new): profile-aware guidance
for author/reviewer, unresolved-identity STOP, read-only behavior,
redaction defaults and reveal opt-in, rules coverage, registry
completeness and profile awareness, unimplemented-service marking,
fail-closed unknown skill names.

Docs: llm-workflow-runbooks.md now tells new sessions to call the guide
tools first.

Closes #128

Co-Authored-By: Claude Fable 5 <[email protected]>
2026-07-03 19:49:11 -04:00
sysadmin 349bc06da7 Merge pull request 'feat: add Gitea issue comment list/create MCP tools (#126)' (#127) from feat/issue-126-issue-comment-tools into master 2026-07-03 18:40:38 -05:00
sysadminandClaude Fable 5 5aeb51f132 feat: add Gitea issue comment list/create MCP tools (#126)
Add gitea_list_issue_comments and gitea_create_issue_comment so
discussion/design workflows can read and post issue comments through
the MCP layer instead of direct API scripts.

- List requires gitea.read; create requires gitea.issue.comment —
  gated separately from the gitea.pr.* review/merge family, fail closed.
- Issue comments never touch PR review endpoints.
- LLM-safe output: comment id/author/timestamps/body only; web links
  appear solely under the GITEA_MCP_REVEAL_ENDPOINTS admin opt-in.
- Create operations are audit-logged (create_issue_comment) and errors
  are redacted before being raised.
- Tests cover list/create success, permission blocks (including PR
  review permissions not granting issue comments), forbidden-overrides,
  empty body, missing issue with redacted error, endpoint separation,
  and reveal opt-in.
- Document issue comments versus PR reviews in
  docs/gitea-execution-profiles.md.

Closes #126

Co-Authored-By: Claude Fable 5 <[email protected]>
2026-07-03 19:07:36 -04:00
sysadmin 9c44fd6b27 Merge pull request 'feat: extend whoami and profile metadata for environments (#104)' (#124) from feat/issue-104-whoami-metadata into master 2026-07-03 17:15:33 -05:00
sysadmin e880a210ec feat: extend whoami and profile metadata for environments (#104)
Closes #104
2026-07-03 18:11:35 -04:00
sysadmin 79450b57f5 Merge pull request 'feat(config): add v1-to-v2 profiles.json migration helper (#105)' (#123) from feat/issue-105-profiles-migration into master 2026-07-03 17:05:05 -05:00
sysadmin 23aa2fb192 fix: harden profiles migration helper 2026-07-03 17:53:07 -04:00
sysadmin 9f75e28094 Merge pull request 'docs: re-land release version SOP with v1.1.0 audit lessons (#111)' (#119) from docs/issue-111-release-version-sop into master 2026-07-03 16:09:40 -05:00
sysadmin c063842b2e Merge pull request 'feat: operation-name normalization table with fail-closed enforcement (#106)' (#122) from feat/issue-106-op-normalization into master 2026-07-03 15:24:34 -05:00
sysadmin cd633e2c2b feat(config): add v1-to-v2 profiles.json migration helper (#105) 2026-07-03 04:24:45 -04:00
sysadminandClaude Fable 5 e0861bcb03 feat: operation-name normalization table with fail-closed enforcement (#106)
Promote the #103 minimal alias map to the documented public table
GITEA_OPERATION_ALIASES and add the #106 enforcement layer:

- normalize_operation(op, service): canonical namespaced names; legacy
  spellings accepted only via the explicit table; unknown, ambiguous,
  and cross-service names fail closed.
- check_operation(op, allowed, forbidden, service): normalizes BOTH the
  requested operation and the profile lists before any membership
  check; forbidden always overrides allowed; unnormalizable allowed
  entries grant nothing and unnormalizable forbidden entries deny the
  request, so normalization can never silently widen permissions;
  empty/missing allowed list denies everything.
- gitea_check_pr_eligibility now routes its capability check through
  check_operation, fixing the mismatch where canonical namespaced
  profile ops (gitea.pr.merge) never matched the raw action (merge)
  and namespaced forbidden entries were never enforced.
- Document the normalization table and enforcement rules in
  docs/gitea-execution-profiles.md, replacing the stale 'enforcement
  out of scope' caveat.
- tests/test_op_normalization.py: full #106 matrix (27 tests) —
  qualified/legacy allowed and forbidden, unknown, ambiguous, service
  mismatch, forbidden-overrides-allowed, empty/missing allowed,
  duplicates after normalization, no permission widening, and
  eligibility integration proving normalization happens before
  enforcement. Existing v1/env unqualified behaviour stays compatible.

Closes #106

Co-Authored-By: Claude Fable 5 <[email protected]>
2026-07-03 03:35:03 -04:00
sysadmin 9d6a2e0a5f docs: re-land release version SOP with v1.1.0 audit lessons (#111) 2026-07-03 03:24:26 -04:00
sysadmin 205f089c44 Merge pull request 'feat: profiles.json v2 contexts shape with enabled enforcement and LLM-safe output (#120)' (#121) from feat/issue-120-profiles-v2-contexts into master 2026-07-03 01:36:21 -05:00
sysadminandClaude Fable 5 ff920a6496 feat: load profiles.json v2 contexts shape with enabled enforcement and LLM-safe output (#120)
Support the canonical contexts-shape version 2 config (contexts / profiles /
projects / rules) alongside the existing environments shape and v1:

- Require a boolean 'enabled' on every context, profile, service, and
  project. Disabled entries are surfaced in audits but fail closed at
  selection/resolution — never a silent fallback to another profile,
  service, or credential source.
- Resolve the active identity from GITEA_MCP_PROFILE via the existing
  select_profile path; profile base_url falls back to the context's enabled
  gitea block.
- Add resolve_service() and project_for_path() for context service and
  project-to-context resolution (internal use; fail closed on disabled).
- get_auth_header now propagates ConfigError when GITEA_MCP_CONFIG is set
  instead of silently degrading to Basic auth.
- Hide endpoint URLs and keychain ids from normal LLM-facing output:
  gitea_whoami / gitea_get_profile report logical names and auth status
  only; new gitea_audit_config tool reports enabled/disabled state and safe
  one-line service summaries. The GITEA_MCP_REVEAL_ENDPOINTS opt-in (and
  'python3 gitea_config.py audit --reveal-endpoints' locally) restores
  endpoints and auth source names for admin diagnostics; token values are
  never printed on any path.
- Ship gitea-mcp.v2-contexts.example.json (synthetic values) and validate
  it in tests.

Implements #120

Co-Authored-By: Claude Fable 5 <[email protected]>
2026-07-03 02:19:39 -04:00
sysadmin fbf1bc5f5c Merge pull request 'docs: add post-merge file-presence verification to merge workflow (#112)' (#118) from fix/issue-112-post-merge-file-presence into master 2026-07-02 19:41:55 -05:00
sysadmin 255cfc87dd docs: add post-merge file-presence verification to merge workflow (#112) 2026-07-02 20:21:07 -04:00
sysadmin 8d2eb23237 Merge pull request 'fix: close implements tracker gap and clarify closing keywords (#110)' (#116) from fix/issue-110-implements-tracker-gap into master 2026-07-02 18:51:05 -05:00
sysadmin 7fa1bb9cfb Merge pull request 'docs: compact Controller Handoff as default format (#108)' (#115) from docs/issue-108-compact-controller-handoff into master 2026-07-02 18:48:34 -05:00
sysadmin ed3cc106aa Merge pull request 'feat: profiles.json v2 parser with validation invariants (#103)' (#114) from feat/issue-103-profiles-v2-parser into master 2026-07-02 18:47:26 -05:00
sysadmin 472e6850fe fix: close implements tracker gap and clarify closing keywords (#110) 2026-07-02 19:46:21 -04:00
sysadmin e63cf5b5eb Merge master (post-#113 identity checklist) into docs/issue-108-compact-controller-handoff 2026-07-02 19:22:22 -04:00
sysadmin 6dbd51b2a4 Merge master (post-#113) into feat/issue-103-profiles-v2-parser 2026-07-02 19:22:07 -04:00
sysadminandjcwalker3 2e2da05eab docs: document dual-profile MCP launcher pattern and add identity checklist (#109) (#113)
Co-authored-by: Jason Walker <[email protected]>
Co-committed-by: Jason Walker <[email protected]>
2026-07-02 18:18:43 -05:00
sysadminandClaude Fable 5 e9c67e7292 docs: compact Controller Handoff as default format (#108)
Make the nine-line compact Controller Handoff the default end-of-task
format; reserve the long Controller Handoff Summary for high-risk/complex
tasks (merge/tag/release, failed validation, blocked gates, secrets/prod,
complicated owner decisions, cross-repo state, or explicit owner request).
Compact form is for controller-LLM readability, safety confirmations are
never omitted, and PR bodies still carry full review detail.

Updates SKILL.md §K, llm-workflow-runbooks.md, and the start-issue /
review-pr templates. Documentation only.

Refs #101. Closes #108.

Co-Authored-By: Claude Fable 5 <[email protected]>
2026-07-02 18:59:23 -04:00
sysadminandClaude Fable 5 65ea7514d2 feat: profiles.json v2 parser with validation invariants (#103)
Add version-2 support to gitea_config: environment -> service -> identity
hierarchy flattened at load into v1-shaped profiles keyed by the canonical
dotted address {env}.{service}.{identity}, with aliases for legacy names
(mdcps, prgs-author, prgs-reviewer) and service-level defaults inherited by
identities.

Fail-closed validation: missing required version (v1 files must now declare
version: 1), unknown versions, malformed environment/service/identity
structure, dotted segment names, missing base_url, missing auth reference,
inline secrets in identities or auth entries, alias/address selector
conflicts, aliases to unknown targets, and unqualified operations that
cannot be normalized safely. TBD-* usernames fail closed at selection
without blocking other identities in the file.

Reviewer-identity deadlock rule enforced at load: any identity allowed
gitea.pr.approve or gitea.pr.merge must forbid gitea.pr.create and
gitea.branch.push (prevents the PR #102-style self-authored-PR deadlock).

Selector resolution is strict: exact alias -> exact dotted address -> fail
closed; no fuzzy matching. Minimal operation normalization only (the known
v1 unqualified Gitea ops and single-word non-Gitea ops); the full table and
enforcement matrix remain issue #106.

Tests: new tests/test_config_v2.py (29 cases) covering the acceptance
criteria; test_config.py missing-version case flipped to fail-closed per
the issue. resolve_token/auth_source_name proven against flattened v2
profiles.

Refs #100. Closes #103.

Co-Authored-By: Claude Fable 5 <[email protected]>
2026-07-02 18:49:30 -04:00
sysadmin 790c2c80b1 docs: require Controller Handoff Summary + codify LLM workflow rules (#101) (#102)
Co-authored-by: Jason Walker <[email protected]>
Co-committed-by: Jason Walker <[email protected]>
2026-07-02 17:25:26 -05:00