feat: add ssh-stateless bundled extension#8301
Conversation
Signed-off-by: fre <anonwurcod@proton.me> Co-Authored-By: Oz <oz-agent@warp.dev>
|
working on this if it is of interest @DOsinga if not i will keep for myself |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 7738a80169
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| #!/bin/busybox sh | ||
| set -eu | ||
|
|
||
| SCRIPT_DIR=$(/bin/busybox dirname "$0") |
There was a problem hiding this comment.
The shim hardcodes /bin/busybox both as the interpreter and for dirname; on systems where that exact path is missing (common on macOS and many Linux setups), the command fails before any extension logic runs with a "No such file or directory" startup error. That makes ssh-stateless-mcp unusable in those environments even though the extension is enabled by default.
Useful? React with 👍 / 👎.
| PROJECT_DIR="${REPO_ROOT}/extensions/ssh-stateless" | ||
| SERVER_SCRIPT="${PROJECT_DIR}/ssh_stateless.py" |
There was a problem hiding this comment.
This path resolution assumes a source-tree layout (.../extensions/ssh-stateless) by walking up from the shim location, which works in dev but not in packaged desktop builds. I checked ui/desktop/forge.config.ts and only src/bin/src/images are packaged as extra resources, so the Python project directory is not present there and the shim exits with "missing server script", breaking the bundled extension in production installs.
Useful? React with 👍 / 👎.
| _, stdout, stderr = client.exec_command(command) | ||
| parts = [_read_stream(stdout).strip(), _read_stream(stderr).strip()] | ||
| return "\n".join(part for part in parts if part).strip() |
There was a problem hiding this comment.
The tool currently returns combined stdout/stderr without checking the command exit status, so a failing command with no stderr output (for example false) is returned as an empty successful response. This can make the agent treat failed remote operations as success and continue with incorrect state; the exit code from the SSH channel should be validated and surfaced as an error.
Useful? React with 👍 / 👎.
|
hi @fresh3nough - not sure this should be bundled like this - could be a separate mcp, but as a bundled bit of python doesn't seem to fit. Is there a better place for this? |
|
@michaelneale gotcha, yes i agree -> Extract the SSH logic into a standalone MCP server package is the way to go, i will get started on this today |
Add a stateless SSH MCP extension that runs one-shot SSH commands over fresh connections with no persisted session state. This follows the idiomatic MCP extension pattern: - Proper Python package structure (src layout) with pyproject.toml - Entry point for uvx: mcp-ssh-stateless - Bundled as a stdio extension using uvx mcp-ssh-stateless@latest - Disabled by default (opt-in for users who need SSH) The extension provides a single ssh_exec tool that accepts host, username, command, and either password or key_path authentication. Closes aaif-goose#8293 Supersedes aaif-goose#8301 (which bundled a raw Python script + busybox shim) Co-Authored-By: Oz <oz-agent@warp.dev> Signed-off-by: Oz <oz-agent@warp.dev>
2 participants
Summary
a la warp mode