Add Nuke build system and migrate build scripts#34
Conversation
… seeding Integrate Duende IdentityServer 7.4.7 into the MCP Server process so it can act as its own OIDC authority without requiring an external Keycloak instance. When Mcp:IdentityServer:Enabled is true, the server hosts identity endpoints (/connect/token, /connect/deviceauthorization, /.well-known/openid-configuration), seeds default users (admin, plbyrd), and the auth proxy controller forwards to local endpoints instead of proxying to Keycloak. Also fixes a duplicate --version option crash in the REPL host. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…s ingestion - Add LoginHandler with file-based token caching (~/.mcpserver/tokens.json shared with Director), auto device flow on startup, refresh token support, and fallback to manual login menu - Add DeviceFlowController for embedded IdentityServer browser-based device authorization UI with code entry, login, and consent pages - Switch Identity DB from SQLite to SQL Server LocalDB for reliable schema creation - Enable password grant on mcp-director client alongside device flow - Add List TODOs command with filtering (all/done/not done/priority/keyword) - Add Update TODO command with field selection (toggle done, priority, title, etc.) - Add Ingest Requirements command with workspace file discovery, multi-file select, and support for From Files, From Workspace Defaults, and Paste Markdown modes - Fix AuthConfigClient to bypass auth for public /auth/config endpoint - Fix Spectre.Console markup injection in requirements display tables - Fix SessionId/RequestId formats to match server validation rules - Fix default MCP_SERVER_URL port from 5000 to 7147 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Migrate deterministic build/test/package/validation scripts to Nuke targets: Compile, Test, Publish, PackNuGet, PackReplTool, PackageMsix, InstallReplTool, StartServer, BumpVersion, ValidateConfig, ValidateTraceability, TestMultiInstance, TestGraphRagSmoke, and Clean. Extract testable helpers (ConfigValidator, TraceabilityValidator, GitVersionBumper, MsixHelper) with 43 unit tests. Update Azure Pipelines to use Nuke targets and add GitHub Actions workflow. Update all user-facing documentation with Nuke build commands. Also includes McpAgent REPL integration and REPL migration guide. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: fa54266bd1
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| var settingsPath = SourceDirectory / "McpServer.Support.Mcp" / $"appsettings.{Configuration}.json"; | ||
| if (!File.Exists(settingsPath)) | ||
| throw new InvalidOperationException($"Settings file not found: {settingsPath}"); |
There was a problem hiding this comment.
TestMultiInstance hardcodes appsettings.{Configuration}.json, but this repo only ships YAML instance configs (appsettings.yaml / appsettings.Staging.yaml), so the target throws Settings file not found before it can launch either server. In the default repository setup this makes the multi-instance smoke test unusable.
Useful? React with 👍 / 👎.
| while (DateTime.UtcNow < deadline) | ||
| { | ||
| if (process.HasExited) | ||
| throw new InvalidOperationException($"Process {process.Id} exited before becoming healthy."); | ||
|
|
There was a problem hiding this comment.
WaitForHealthy never performs an HTTP health check and never returns a port when the process is alive; the loop only checks process.HasExited and sleeps until timeout. As written, successful startup can never satisfy this method, so the smoke test deterministically times out even when instances are healthy.
Useful? React with 👍 / 👎.
|
|
||
| private void ApplyTokenResponse(TokenResponse tokenResponse) | ||
| { | ||
| _client.BearerToken = tokenResponse.AccessToken!; |
There was a problem hiding this comment.
ApplyTokenResponse writes _client.BearerToken directly, but McpClientBase.BearerToken is set-once and ignores subsequent assignments once non-empty. During refresh, this means the old expired token remains active even though _tokenExpiresAt is updated, so later API calls continue using stale credentials while the REPL reports a refreshed session.
Useful? React with 👍 / 👎.
1 participant
Summary
Test plan
dotnet build build/_build.csproj— 0 errorsdotnet test tests/Build.Tests/— 43/43 passed./build.ps1 Compile— succeeded./build.ps1 ValidateConfig— passed (2 instances)🤖 Generated with Claude Code