Skip to content

(feat) MCP Server#1365

Open
bclermont wants to merge 2 commits into
nextlevelbuilder:devfrom
bclermont:feat/mcp-crud-server
Open

(feat) MCP Server#1365
bclermont wants to merge 2 commits into
nextlevelbuilder:devfrom
bclermont:feat/mcp-crud-server

Conversation

@bclermont

@bclermont bclermont commented Jul 5, 2026

Copy link
Copy Markdown
Contributor

Adds a new MCP (Model Context Protocol) server, mounted at /mcp/, exposing goclaw's resource-management surface as MCP tools for external MCP clients. Modeled on the reference implementation at third-party/goclaw-mcp, reusing goclaw's existing
stores/subsystems rather than duplicating business logic.

What's included

  • ~115 MCP tools across: agents, sessions, skills, cron, config, agent_links, api_keys, config_permissions, bitrix_portals, run_timeline, teams, teams_tasks, teams_workspace, channels, channel_instances, hooks, heartbeat, pairing, exec_approval, usage,
    quota, chat, llm_complete, logs_tail, send, voices.
  • Auth: new gateway.mcp_server_token config field / GOCLAW_MCP_SERVER_TOKEN env var. Requests must present a matching Bearer token (constant-time compare). If the token isn't configured, the /mcp/ server is not mounted at all (404), not just gated at
    request time.
  • Security logging: auth failures logged via slog.Warn("security.mcp_auth_failed", ...); other new security-relevant paths (workspace path traversal, unknown update fields, invalid sender IDs) follow the same security.* convention.
  • Degrade-gracefully design: NewCRUDServer only registers a tool family when its backing dependency is non-nil, so partial wiring (e.g. no Bitrix store configured) doesn't break the whole server.

Known limitations (documented in code, not silently missing)

A few tools mirror stub behavior already present in their WS/RPC twins rather than fabricating new capability:

  • goclaw_channels_toggle — channel restart not yet implemented server-side.
  • goclaw_hooks_test — needs a live dispatcher test-runner not available to this stateless surface.
  • goclaw_hooks_history — WS twin itself is a stub (no paginated execution reads yet).
  • goclaw_heartbeat_test — needs a live heartbeat-ticker wake closure not available here.
  • goclaw_bitrix_portals_get_install_url — needs the gateway's live public-URL callback; not available to the store-only CRUD layer.
  • goclaw_logs_tail is adapted from a live WebSocket push subscription to a one-shot aggregate snapshot (LogTee.AggregateRuntimeLogs), since MCP tool calls are stateless request/response.
  • goclaw_chat_send is always synchronous/non-streaming; TTS auto-apply and debounce-based mid-run injection (WS-connection-lifetime features) don't apply to a single stateless call.

Tests

19 new test files (internal/mcp/crud_*_test.go, internal/gateway/chat_runner_test.go, internal/gateway/mcp_server_token_auth_test.go):

  • NewCRUDServer's degrade-gracefully contract (nil-dependency gating per family).
  • Shared resolver helpers (resolveAgentUUID/resolveAgentInfo).
  • Representative happy-path + error-path coverage for Phase 1 (agents, sessions, skills, cron, config), Phase 2 (teams, channels, hooks, heartbeat, pairing), and Phase 3 (chat, llm, voices) families.
  • Regression guards on the documented stub tools, so future changes can't silently "fix" or break them without a visible test change.
  • Bearer-token auth middleware (valid/invalid/missing/non-Bearer token cases), independent from the existing gateway token check.

Deliberately left untested (same thin-handler-over-store pattern already validated elsewhere, low marginal risk): agent_links, api_keys, config_permissions, exec_approval, logs, run_timeline, send, teams_tasks, teams_workspace, usage.

Verification

  • go build ./... — pass
  • go build -tags sqliteonly ./... — pass
  • go vet ./... — pass
  • go test ./internal/mcp/... ./internal/gateway/... ./cmd/... — pass

Files changed

New: internal/mcp/crud_{agents,sessions,skills,cron,config,helpers,server,agent_links,api_keys,config_permissions,bitrix,run_timeline,teams,teams_tasks,teams_workspace,channels,hooks,heartbeat,pairing,exec_approval,usage,chat,llm,logs,send,voices}.go +
matching _test.go files, internal/gateway/chat_runner.go + test.

Modified: internal/config/config_channels.go, config_load.go, config_secrets.go, internal/gateway/server.go, cmd/gateway.go, cmd/gateway_methods.go, cmd/gateway_http_wiring.go.

Surface parity

  • Backend/gateway: done (this PR).
  • Web UI (ui/web): N/A for this PR — a config field to set gateway.mcp_server_token would be a natural follow-up, not implemented here.
  • CLI/runtime package: N/A — no external CLI/runtime repo touched.

@bclermont bclermont mentioned this pull request Jul 5, 2026
@bclermont

Copy link
Copy Markdown
Contributor Author

with that I manage goclaw using one of it's agent even better than using the CLI

@bclermont bclermont force-pushed the feat/mcp-crud-server branch 4 times, most recently from cca1bf2 to 599696b Compare July 5, 2026 21:10
Bruno Clermont and others added 2 commits July 6, 2026 12:19
… with Bearer token auth

and X-GoClaw-Tenant-Id header, default to master tenant
The CRUD MCP server's goclaw_skills_update only touched skill DB metadata,
with no way to edit a skill's SKILL.md/file content on the filesystem. Extract
the versioned write logic from the web UI's skill file editor
(SkillsHandler.handleWriteFile) into skills.WriteVersionedFile so both
surfaces share identical validation and versioning, and expose it as a new
MCP tool.

Co-Authored-By: Claude Sonnet 5 <noreply@anthropic.com>
@bclermont bclermont force-pushed the feat/mcp-crud-server branch from f36b7af to f57c337 Compare July 6, 2026 16:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant