CLAUDE.md

PostSharp.Engineering

Build orchestration SDK for PostSharp/Metalama repositories.

Important

Read this file entirely before doing any work or answering any question for this project, especially regarding loading skills.

Discovering Plugin Skills

The postsharp-engineering plugin provides skills and slash commands. To discover them:

Before any work in this repo, read these skills:

• $env:USERPROFILE\.claude\plugins\cache\postsharp-engineering\**\skills\*.md - Engineering workflows (git, builds, CI/CD)
• Never update DockerBuild.ps1, Dockerfile. Dockerfile.claude, eng/RunClaude.ps1. These files are generated by Build.ps1. Their source code is in the Resources directory.
• ALWAYS Read which plug-ins and skills are available to you before doing ANY work, and confirm to the users that you have read these skills before any session.

MCP Approval Server (Docker Environment)

When running inside a Docker container, you have access to the host-approval MCP server for executing privileged commands on the host machine. These commands require human approval before execution.

Security Model

The MCP server uses token-based authentication:

• DockerBuild.ps1 generates a random 128-bit secret when starting the MCP server
• The secret is passed to the container via the MCP_APPROVAL_SERVER_TOKEN environment variable
• All MCP requests include this secret as a URL parameter for authentication
• The MCP server validates the token before processing any commands

When to Use the MCP Server

Use the ExecuteCommand tool from the host-approval MCP server for:

GitHub Operations (requires host credentials)

• gh pr create - Creating pull requests
• gh pr merge - Merging pull requests
• gh pr view - Viewing PR details (private repos)
• gh release create - Creating releases
• gh issue create/close/comment - Issue management
• Any gh command that requires authentication

Git Push Operations

• git push - Pushing commits to remote
• git push --tags - Pushing tags
• git push --force - Force pushing (use with caution)

TeamCity Operations

• Any API calls to TeamCity
• Triggering builds
• Accessing build artifacts
• Managing build configurations

Package Publishing

• dotnet nuget push - Publishing NuGet packages
• Any operation that publishes artifacts externally

How to Use

Call the ExecuteCommand tool with:

• command: The command to execute
• workingDirectory: The working directory (use forward slashes: X:/src/RepoName)
• claimedPurpose: A clear explanation of why this command is needed

Example

To push a feature branch:

ExecuteCommand(
  command: "git push origin feature/my-feature",
  workingDirectory: "X:/src/PostSharp.Engineering",
  claimedPurpose: "Push the feature branch with MCP implementation to remote for PR creation"
)

What NOT to Use MCP For

Do NOT use the MCP server for:

• Local git operations (commit, branch, checkout, status, diff, log)
• Local builds (dotnet build, dotnet test)
• File operations within the container
• Reading files or exploring the codebase

These operations should be done directly in the container using standard tools.

Version Bumping

Before scheduling a TeamCity build or deploy, the version must be bumped. This is done via the VersionBump build configuration on TeamCity.

How to Bump Version

Use the MCP ExecuteCommand tool to trigger the VersionBump build via TeamCity API (requires TEAMCITY_CLOUD_TOKEN on host):

$headers = @{
    "Authorization" = "Bearer $env:TEAMCITY_CLOUD_TOKEN"
    "Content-Type" = "application/json"
    "Accept" = "application/json"
}
$body = @{
    buildType = @{ id = "<ProjectPrefix>_VersionBump" }
    branchName = "<branch>"
} | ConvertTo-Json
Invoke-RestMethod -Uri "https://postsharp.teamcity.com/app/rest/buildQueue" -Method Post -Headers $headers -Body $body

Finding the Build Type ID

1. Check .teamcity/settings.kts for the VCS root: AbsoluteId("...")
2. The build type ID is: <VcsRootId>_VersionBump
3. For this repo: Engineering_PostSharpEngineering_VersionBump