|
| 1 | +# TODO / Feature requests — rethunk-github MCP |
| 2 | + |
| 3 | +Feature asks driven by real pain points from agent sessions. Each item lists the motivating scenario and the expected tool shape. |
| 4 | + |
| 5 | +## High value |
| 6 | + |
| 7 | +### `release_create` MCP tool |
| 8 | + |
| 9 | +**Pain:** fedbuild workflow produces image + RPM + SBOM (CycloneDX + SPDX) + SLSA provenance + SHA256SUMS + signatures (.sig + .pem). Publishing a release today is `gh release create` in Bash with ~10 `--attach` flags — verbose, error-prone, hits sandbox edge cases. |
| 10 | + |
| 11 | +**Ask:** |
| 12 | + |
| 13 | +```ts |
| 14 | +release_create({ |
| 15 | + repo: "Rethunk-AI/fedbuild", // optional; defaults to current |
| 16 | + tag: "v0.6.0", |
| 17 | + name?: "Release 0.6.0", |
| 18 | + notes?: string, // body; if omitted, pulls latest CHANGELOG.md section |
| 19 | + notesFromChangelog?: boolean, // true → grabs [version] section from CHANGELOG.md |
| 20 | + artifacts: Array<{ |
| 21 | + path: string, // local path |
| 22 | + label?: string, // display name |
| 23 | + contentType?: string |
| 24 | + }>, |
| 25 | + draft?: boolean, |
| 26 | + prerelease?: boolean, |
| 27 | + // Signing metadata — if provided, surfaces in release body as a verification block: |
| 28 | + signatures?: Array<{ |
| 29 | + artifact: string, // path or label |
| 30 | + sigFile: string, |
| 31 | + certFile?: string, |
| 32 | + type: "cosign-keyless" | "gpg" | "slsa-provenance" |
| 33 | + }> |
| 34 | +}) |
| 35 | +// Returns: { url, uploadedArtifacts: [{ path, downloadUrl, size }] } |
| 36 | +``` |
| 37 | + |
| 38 | +Optional nicety: `verificationBlock: "auto"` auto-injects a block like `cosign verify-blob --cert ...` template into the notes. |
| 39 | + |
| 40 | +### `pr_preflight` — extend with commit-granularity check |
| 41 | + |
| 42 | +**Pain:** Parallel subagents sometimes bundle commits (sandbox blocks splitting). Current `pr_preflight` doesn't flag "this PR has a 500-line commit that should have been 3 commits". |
| 43 | + |
| 44 | +**Ask:** Add a `commitGranularity` check: |
| 45 | +- Flags commits where diff spans 3+ distinct files with unrelated Conventional Commit types |
| 46 | +- Flags commits whose subject mentions multiple concerns (e.g. both "feat" and "fix") |
| 47 | + |
| 48 | +Output: advisory, not blocking. |
| 49 | + |
| 50 | +### `workflow_dispatch` MCP tool |
| 51 | + |
| 52 | +**Pain:** Some build steps need a beefier runner than Claude's sandbox (e.g. fedbuild's `make image` needs 20 min + sudo + KVM). Users want to kick off a `workflow_dispatch` on a self-hosted runner and stream status. Today: Bash `gh workflow run ... --ref main -F ...`. |
| 53 | + |
| 54 | +**Ask:** |
| 55 | + |
| 56 | +```ts |
| 57 | +workflow_dispatch({ |
| 58 | + repo?: string, |
| 59 | + workflow: "release.yml", // filename or workflow_id |
| 60 | + ref: "main", |
| 61 | + inputs?: Record<string, string>, |
| 62 | + watch?: boolean, // if true, polls until completion; returns final conclusion |
| 63 | + timeoutSec?: 3600 |
| 64 | +}) |
| 65 | +// Returns: { runId, url, conclusion?: "success" | "failure" | "cancelled", logs?: string } |
| 66 | +``` |
| 67 | + |
| 68 | +### `pr_comment_batch` MCP tool |
| 69 | + |
| 70 | +**Pain:** Line-by-line PR review comments today require multiple `gh api` Bash calls. Agents reviewing PRs waste tokens on the REST shape. |
| 71 | + |
| 72 | +**Ask:** |
| 73 | + |
| 74 | +```ts |
| 75 | +pr_comment_batch({ |
| 76 | + repo?: string, |
| 77 | + pr: number, |
| 78 | + reviewBody?: string, |
| 79 | + event: "COMMENT" | "APPROVE" | "REQUEST_CHANGES", |
| 80 | + comments: Array<{ |
| 81 | + path: string, |
| 82 | + line: number, |
| 83 | + body: string, |
| 84 | + side?: "LEFT" | "RIGHT" |
| 85 | + }> |
| 86 | +}) |
| 87 | +``` |
| 88 | + |
| 89 | +One round-trip, submits as a single review. |
| 90 | + |
| 91 | +## Medium value |
| 92 | + |
| 93 | +### `pr_create_from_commits` MCP tool |
| 94 | + |
| 95 | +**Pain:** After a parallel-subagent batch merges to main, sometimes user wants to open a PR for review instead of pushing. Today: `git push -u origin feature`, `gh pr create --title "..." --body "..."`. Want one call. |
| 96 | + |
| 97 | +**Ask:** |
| 98 | + |
| 99 | +```ts |
| 100 | +pr_create({ |
| 101 | + repo?: string, |
| 102 | + branch: string, // local branch to push and open PR from |
| 103 | + base: "main", |
| 104 | + title: string, |
| 105 | + body?: string, |
| 106 | + bodyFromCommits?: boolean, // generates body from Conventional Commit messages |
| 107 | + draft?: boolean, |
| 108 | + labels?: string[], |
| 109 | + reviewers?: string[], |
| 110 | + autoMerge?: "merge" | "squash" | "rebase" |
| 111 | +}) |
| 112 | +``` |
| 113 | + |
| 114 | +### `release_readiness` — extend with artifact integrity check |
| 115 | + |
| 116 | +**Pain:** User runs `release_readiness` today, gets "yes ready". Then discovers the uploaded SBOM is from a prior build. Want tool to verify: does SHA256SUMS cover all artifacts in the release? |
| 117 | + |
| 118 | +**Ask:** Add `artifactIntegrity: "verify"` option: pulls attached release artifacts, recomputes sha256, diffs against the signed SHA256SUMS manifest, reports mismatches. |
| 119 | + |
| 120 | +### `issue_from_template` MCP tool |
| 121 | + |
| 122 | +**Pain:** Filing a drift or incident report means composing the body by hand. Repo has issue templates; tool should use them. |
| 123 | + |
| 124 | +**Ask:** |
| 125 | + |
| 126 | +```ts |
| 127 | +issue_create({ |
| 128 | + repo?: string, |
| 129 | + template?: "bug.yml" | "drift.yml" | "incident.yml", |
| 130 | + title: string, |
| 131 | + fields: Record<string, string>, // mapped to template fields |
| 132 | + labels?: string[] |
| 133 | +}) |
| 134 | +``` |
| 135 | + |
| 136 | +### `check_run_create` MCP tool |
| 137 | + |
| 138 | +For CI systems that want to post synthetic check runs (e.g. a subagent that runs security review and posts pass/fail as a GH check). |
| 139 | + |
| 140 | +## Low value — nice to have |
| 141 | + |
| 142 | +### `gh_auth_status` MCP tool |
| 143 | + |
| 144 | +Wrap `gh auth status` + token scope inspection. Useful for pre-flight before release/push operations. |
| 145 | + |
| 146 | +### `actions_workflow_list` / `actions_runs_filter` |
| 147 | + |
| 148 | +Structured query: `runs_filter({ repo, workflow, status: "failure", since: "24h", branch?: "main" })`. Avoids multiple `gh run list` invocations. |
| 149 | + |
| 150 | +### `labels_sync` MCP tool |
| 151 | + |
| 152 | +Sync a repo's labels to a declared set (idempotent). Useful for org-wide label hygiene. |
| 153 | + |
| 154 | +## Non-tool asks |
| 155 | + |
| 156 | +### Batch endpoints use server-side parallelism |
| 157 | + |
| 158 | +When a tool takes an array (e.g. `pr_comment_batch`), execute requests in parallel server-side. Agents already think of batch calls as atomic; network fan-out should happen once, not per-comment. |
0 commit comments