vstockwell/wraith
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 67 Wiki Activity

fix: MCP bridge built, signed, and shipped in CI releases
Some checks failed
Build & Sign Wraith / Build Windows + Sign (push) Failing after 3m39s
Details

Browse Source 
- Removed useless CLAUDE_MCP_SERVERS env var injection (doesn't work)
- CI builds wraith-mcp-bridge.exe as a separate cargo --bin step
- Bridge binary signed with EV cert alongside the installer
- Uploaded to Gitea packages per version
- Attached to Gitea release as a downloadable asset
- Users add to PATH then: claude mcp add wraith -- wraith-mcp-bridge

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Vantz Stockwell 2026-03-25 12:55:17 -04:00
parent 0c6a4b8109
commit d98600a319
3 changed files with 33 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
.gitea/workflows/build-release.yml
View File

@ -71,6 +71,15 @@ jobs:
Write-Host "=== Build output ===" Write-Host "=== Build output ==="
Get-ChildItem -Recurse src-tauri\target\release\bundle\nsis\* Get-ChildItem -Recurse src-tauri\target\release\bundle\nsis\*
- name: Build and package MCP bridge binary
shell: powershell
run: |
$env:Path = "$env:EXTRA_PATH;$env:Path"
cd src-tauri
cargo build --release --bin wraith-mcp-bridge
Write-Host "Bridge binary built:"
Get-ChildItem target\release\wraith-mcp-bridge.exe
- name: Download jsign - name: Download jsign
shell: powershell shell: powershell
run: | run: |
@ -95,7 +104,10 @@ jobs:
run: | run: |
$env:Path = "$env:EXTRA_PATH;$env:Path" $env:Path = "$env:EXTRA_PATH;$env:Path"
$token = [System.IO.File]::ReadAllText("$env:TEMP\aztoken.txt") $token = [System.IO.File]::ReadAllText("$env:TEMP\aztoken.txt")
$binaries = Get-ChildItem -Recurse src-tauri\target\release\bundle\nsis\*.exe # Sign NSIS installers + MCP bridge binary
$binaries = @()
$binaries += Get-ChildItem -Recurse src-tauri\target\release\bundle\nsis\*.exe
$binaries += Get-Item src-tauri\target\release\wraith-mcp-bridge.exe -ErrorAction SilentlyContinue
foreach ($binary in $binaries) { foreach ($binary in $binaries) {
Write-Host "Signing: $($binary.FullName)" Write-Host "Signing: $($binary.FullName)"
java -jar jsign.jar --storetype AZUREKEYVAULT --keystore "${{ secrets.AZURE_KEY_VAULT_URL }}" --storepass $token --alias "${{ secrets.AZURE_CERT_NAME }}" --tsaurl http://timestamp.digicert.com --tsmode RFC3161 $binary.FullName java -jar jsign.jar --storetype AZUREKEYVAULT --keystore "${{ secrets.AZURE_KEY_VAULT_URL }}" --storepass $token --alias "${{ secrets.AZURE_CERT_NAME }}" --tsaurl http://timestamp.digicert.com --tsmode RFC3161 $binary.FullName
@ -110,6 +122,13 @@ jobs:
$giteaUrl = "https://git.command.vigilcyber.com" $giteaUrl = "https://git.command.vigilcyber.com"
$headers = @{ Authorization = "token ${{ secrets.GIT_TOKEN }}" } $headers = @{ Authorization = "token ${{ secrets.GIT_TOKEN }}" }
# Upload MCP bridge binary
$bridge = "src-tauri\target\release\wraith-mcp-bridge.exe"
if (Test-Path $bridge) {
Write-Host "Uploading: wraith-mcp-bridge.exe"
Invoke-RestMethod -Uri "$giteaUrl/api/packages/vstockwell/generic/wraith/$ver/wraith-mcp-bridge.exe" -Method PUT -Headers $headers -ContentType "application/octet-stream" -InFile $bridge
}
$installers = Get-ChildItem -Recurse src-tauri\target\release\bundle\nsis\*.exe $installers = Get-ChildItem -Recurse src-tauri\target\release\bundle\nsis\*.exe
foreach ($file in $installers) { foreach ($file in $installers) {
$hash = (Get-FileHash $file.FullName -Algorithm SHA256).Hash.ToLower() $hash = (Get-FileHash $file.FullName -Algorithm SHA256).Hash.ToLower()
@ -184,10 +203,20 @@ jobs:
$releaseId = $release.id $releaseId = $release.id
Write-Host "Release v$ver created (id: $releaseId)" Write-Host "Release v$ver created (id: $releaseId)"
$installers = Get-ChildItem -Recurse src-tauri\target\release\bundle\nsis\*.exe
$uploadHeaders = @{ Authorization = "token ${{ secrets.GIT_TOKEN }}" } $uploadHeaders = @{ Authorization = "token ${{ secrets.GIT_TOKEN }}" }
# Attach installer(s)
$installers = Get-ChildItem -Recurse src-tauri\target\release\bundle\nsis\*.exe
foreach ($file in $installers) { foreach ($file in $installers) {
Write-Host "Attaching $($file.Name) to release..." Write-Host "Attaching $($file.Name) to release..."
Invoke-RestMethod -Uri "$giteaUrl/api/v1/repos/vstockwell/wraith/releases/$releaseId/assets?name=$($file.Name)" -Method POST -Headers $uploadHeaders -ContentType "application/octet-stream" -InFile $file.FullName Invoke-RestMethod -Uri "$giteaUrl/api/v1/repos/vstockwell/wraith/releases/$releaseId/assets?name=$($file.Name)" -Method POST -Headers $uploadHeaders -ContentType "application/octet-stream" -InFile $file.FullName
Write-Host "Attached: $($file.Name)" Write-Host "Attached: $($file.Name)"
} }
# Attach MCP bridge binary
$bridge = "src-tauri\target\release\wraith-mcp-bridge.exe"
if (Test-Path $bridge) {
Write-Host "Attaching wraith-mcp-bridge.exe to release..."
Invoke-RestMethod -Uri "$giteaUrl/api/v1/repos/vstockwell/wraith/releases/$releaseId/assets?name=wraith-mcp-bridge.exe" -Method POST -Headers $uploadHeaders -ContentType "application/octet-stream" -InFile $bridge
Write-Host "Attached: wraith-mcp-bridge.exe"
}

1
.gitignore vendored
View File

@ -1,5 +1,6 @@
node_modules/ node_modules/
dist/ dist/
src-tauri/target/ src-tauri/target/
src-tauri/binaries/
*.log *.log
.DS_Store .DS_Store

7
src-tauri/src/pty/mod.rs
View File

@ -96,12 +96,7 @@ impl PtyService {
.openpty(PtySize { rows, cols, pixel_width: 0, pixel_height: 0 }) .openpty(PtySize { rows, cols, pixel_width: 0, pixel_height: 0 })
.map_err(|e| format!("Failed to open PTY: {}", e))?; .map_err(|e| format!("Failed to open PTY: {}", e))?;
let mut cmd = CommandBuilder::new(shell_path); let cmd = CommandBuilder::new(shell_path);
// Auto-inject MCP server config so AI CLIs discover the bridge.
// Claude Code reads CLAUDE_MCP_SERVERS env var for server config.
let mcp_config = r#"{"wraith":{"command":"wraith-mcp-bridge","args":[]}}"#;
cmd.env("CLAUDE_MCP_SERVERS", mcp_config);
let child = pair.slave let child = pair.slave
.spawn_command(cmd) .spawn_command(cmd)