Skip to content

m1: AgentKeys MCP server — Phase 1 (closes #107) #132

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
hanwencheng merged 36 commits into from
May 26, 2026
Merged

m1: AgentKeys MCP server — Phase 1 (closes #107) #132

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
36 commits
Select commit Hold shift + click to select a range
7730ca7
m1: AgentKeys MCP server — Phase 1 (closes #107)
hanwencheng May 25, 2026
8d3590c
m1: MCP server dev-mode demo (--backend in-memory) + runbook
hanwencheng May 25, 2026
25d7298
m1: MCP server — verify Mode B protocol layer against real Anthropic …
hanwencheng May 25, 2026
f34abe7
m1: MCP server — Mode C verification (xiaozhi-server's own ServerMCPC…
hanwencheng May 25, 2026
110637b
m1: MCP server — Phase A hardened per Codex adversarial review
hanwencheng May 25, 2026
c06f352
m1: MCP server — xiaozhi MCP-endpoint transport + new §B runbook
hanwencheng May 25, 2026
c0b4ee5
m1: MCP server — runbook §A one-liner + §B.0 testing ladder + CI runs…
hanwencheng May 25, 2026
4ef93d6
m1: MCP server — clarify §B.4 chain targeting (verify hits PROD addre…
hanwencheng May 25, 2026
41e4ca9
m1: MCP server — apply rustfmt to satisfy global `cargo fmt --all -- …
hanwencheng May 25, 2026
53821b8
m1: MCP server — idempotent setup-mcp-host.sh (mcp.litentry.org + wss)
hanwencheng May 25, 2026
2838e70
m1: setup-mcp-host.sh — drop made-up ops@litentry.org, mirror broker …
hanwencheng May 25, 2026
8200c58
m1: setup-mcp-host.sh — install python3-venv + recover broken half-venv
hanwencheng May 25, 2026
acdf956
m1: setup-mcp-host.sh — fix nginx http2 syntax + two-phase certbot
hanwencheng May 25, 2026
2f784ba
scripts: setup-mcp-host.sh DNS pre-flight before certbot
hanwencheng May 25, 2026
925d56b
docs: add §B.6 fresh-laptop xiaozhi-server walkthrough to MCP runbook
hanwencheng May 25, 2026
8ed5d24
scripts: setup-mcp-host.sh auto-manages Route53 A record
hanwencheng May 25, 2026
f90eff0
scripts: provision mcp.litentry.org DNS via setup-cloud.sh (test-brok…
hanwencheng May 25, 2026
154d6c3
scripts: setup-mcp-host.sh — fix head() shadowing + remove DNS wait
hanwencheng May 25, 2026
8977990
scripts: setup-mcp-host.sh — better step 9 diagnostics + brief retry
hanwencheng May 25, 2026
e0d45da
scripts: setup-mcp-host.sh — verify venv deps actually import
hanwencheng May 25, 2026
52e0c99
scripts: setup-mcp-host.sh — make mcp.litentry.org implicit, add --test
hanwencheng May 25, 2026
277ec7b
scripts: setup-mcp-host.sh — add xiaozhi-hosted mode as default
hanwencheng May 25, 2026
3355f47
scripts: setup-mcp-host.sh — explicit skip messages for steps 7/8 in …
hanwencheng May 25, 2026
ff5c2c6
agentkeys-mcp-server: enable tokio-tungstenite TLS (rustls)
hanwencheng May 25, 2026
66e12dd
agentkeys-mcp-server: install rustls crypto provider + negotiate prot…
hanwencheng May 25, 2026
b462642
agentkeys-mcp-server: frame-level logging + scripts/run-mcp-local.sh
hanwencheng May 25, 2026
e7f37cf
agentkeys-mcp-server: make identity ambient + LLM-friendly tool schemas
hanwencheng May 25, 2026
5e0944a
agentkeys-mcp-server: bilingual tool descriptions + drop M4 stubs fro…
hanwencheng May 25, 2026
68fad00
mcp-server: redact bearer JWT in logs + run-mcp-local auto-load URL
hanwencheng May 25, 2026
612507b
CI fixes: cargo fmt + drop M4 stubs from demo-mode smoke expectations
hanwencheng May 25, 2026
f1077f5
mcp-server: fix stdio transport for Claude Desktop / Claude Code
hanwencheng May 25, 2026
3d40f35
ci+scripts: distribution pipeline for the MCP server (issue #133 prereq)
hanwencheng May 26, 2026
f48ca05
ci: functional e2e via stdio (mode E) + identity.whoami ambient default
hanwencheng May 26, 2026
b750e72
ci+scripts: cargo install --git as canonical path; fold MCP into setu…
hanwencheng May 26, 2026
c7b77c9
fmt: rustfmt-mandated line split in identity test (CI fix)
hanwencheng May 26, 2026
4959684
arch.md: add agentkeys-mcp-server crate to canonical inventory
hanwencheng May 26, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
102 changes: 102 additions & 0 deletions .github/workflows/mcp-server.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,102 @@
name: mcp-server

on:
push:
branches: [main]
paths:
- "crates/agentkeys-mcp-server/**"
- "scripts/mcp-demo-mode-a.sh"
- "scripts/mcp-demo-mode-b-protocol.sh"
- "scripts/mcp-demo-mode-c-xiaozhi-client.sh"
- "scripts/mcp-demo-mode-d-xiaozhi-endpoint.sh"
- "scripts/mcp-demo-mode-e-stdio.sh"
- "Cargo.toml"
- "Cargo.lock"
- ".github/workflows/mcp-server.yml"
pull_request:
paths:
- "crates/agentkeys-mcp-server/**"
- "scripts/mcp-demo-mode-a.sh"
- "scripts/mcp-demo-mode-b-protocol.sh"
- "scripts/mcp-demo-mode-c-xiaozhi-client.sh"
- "scripts/mcp-demo-mode-d-xiaozhi-endpoint.sh"
- "scripts/mcp-demo-mode-e-stdio.sh"
- "Cargo.toml"
- "Cargo.lock"
- ".github/workflows/mcp-server.yml"

permissions:
contents: read
packages: write

jobs:
test:
name: test + clippy
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
with:
components: clippy
- uses: Swatinem/rust-cache@v2
with:
workspaces: ". -> target"
- name: cargo test
run: cargo test -p agentkeys-mcp-server --all-features
- name: cargo clippy
run: cargo clippy -p agentkeys-mcp-server --all-targets -- -D warnings
# Phase A dev-mode demo smoke — boots the binary with --backend in-memory
# and walks the three-act storyboard end-to-end via curl. Catches drift
# between code and runbook §A in `docs/spec/plans/issue-107-mcp-demo-runbook.md`.
- name: mcp demo (mode A — dev smoke)
run: bash scripts/mcp-demo-mode-a.sh

# Phase B testing ladder (runbook §B.0). Modes B/C/D need `uv` to manage
# a Python venv on the fly so the official Anthropic mcp SDK + xiaozhi-
# server's own integration class can drive our server. These tiers catch
# bugs at the MCP wire layer, the xiaozhi integration layer, and the
# relay-topology layer respectively. No live broker or xiaozhi account.
- name: install uv (for modes B/C/D/E)
run: curl -LsSf https://astral.sh/uv/install.sh | sh
- name: mcp demo (mode B — Anthropic mcp SDK protocol smoke, HTTP)
run: bash scripts/mcp-demo-mode-b-protocol.sh
- name: mcp demo (mode C — xiaozhi ServerMCPClient integration, HTTP)
run: bash scripts/mcp-demo-mode-c-xiaozhi-client.sh
- name: mcp demo (mode D — xiaozhi MCP-endpoint relay topology, WS)
run: bash scripts/mcp-demo-mode-d-xiaozhi-endpoint.sh
# Mode E covers the stdio transport gap — the actual path Claude Code,
# Codex CLI, Claude Desktop, Cursor, Cline, Roo, Windsurf, Gemini CLI
# use. Modes B-D are all over HTTP/WS; without this we could ship a
# binary that initializes cleanly via curl but corrupts the stdout
# JSON-RPC stream with tracing logs (we already hit this once).
- name: build release binary (for mode E)
run: cargo build --release -p agentkeys-mcp-server
- name: mcp demo (mode E — stdio_client functional E2E)
run: |
AGENTKEYS_MCP_BIN="$(pwd)/target/release/agentkeys-mcp-server" \
bash scripts/mcp-demo-mode-e-stdio.sh

image:
name: build + publish image
needs: test
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: docker/setup-buildx-action@v3
- uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: build + push
uses: docker/build-push-action@v6
with:
context: .
file: crates/agentkeys-mcp-server/Dockerfile
push: true
tags: |
ghcr.io/${{ github.repository }}/agentkeys-mcp-server:latest
ghcr.io/${{ github.repository }}/agentkeys-mcp-server:${{ github.sha }}
cache-from: type=gha
cache-to: type=gha,mode=max
5 changes: 5 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,11 @@ AWSCLIV2.pkg
# Local developer secrets — template is checked in as .env.example.
agentkeys-secrets.env

# xiaozhi MCP-endpoint URL — contains a bearer JWT, never commit.
# Used by scripts/run-mcp-local.sh as an optional convenience cache so
# you don't have to paste the URL every time.
/mcp-xiaozhi-endpoint

# Operator-supplied mnemonic file(s) for the chain deployer (referenced
# by HEIMA_DEPLOYER_MNEMONIC_FILE in scripts/heima-bring-up.sh).
# Never committed — the mnemonic IS the key.
Expand Down
136 changes: 125 additions & 11 deletions Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ members = [
"crates/agentkeys-cli",
"crates/agentkeys-daemon",
"crates/agentkeys-mcp",
"crates/agentkeys-mcp-server",
"crates/agentkeys-provisioner",
"crates/agentkeys-broker-server",
"crates/agentkeys-worker-creds",
Expand Down
Loading
Loading