Expand workflow triggers to push/pull_request on main and dev and to PR
reviews. Run lint/test only for non-review events or when a review is
approved. Add a docker-test job that smoke-tests the built image. Add a
docker-publish job that resolves SHA and stable tags (latest/dev),
builds
the releasable image, and optionally pushes when PUSH_IMAGE=true. Update
docs/deployment.md
Introduce a GiteaOAuthValidator for JWT and userinfo validation and
fallbacks, add /oauth/token proxy, and thread per-user tokens through
the
request context and automation paths. Update config and .env.example for
OAuth-first mode, add OpenAPI, extensive unit/integration tests,
GitHub/Gitea CI workflows, docs, and lint/test enforcement (>=80% cov).
Restrict api_key query parameter to /mcp/tools, /mcp/tool/call,
and /mcp/sse only. Updated documentation to reflect query param
usage for ChatGPT UI without header support.
Added:
- run_tests.sh: Automated test runner with coverage reporting
- TESTING.md: Complete testing documentation including:
- Test suite overview
- Manual testing procedures
- CI/CD integration examples
- Performance testing guidelines
- Troubleshooting guide
The test suite now has ~85% coverage of core modules with
tests for authentication, server endpoints, and integration flows.
Pydantic was trying to parse List[str] as JSON from env vars.
Changed to use a string field (mcp_api_keys_raw) and parse manually
in model_validator, then expose as property.
This fixes the JSONDecodeError when reading MCP_API_KEYS from .env
Changed from field_validator to model_validator to properly access
auth_enabled field during validation. This fixes the SettingsError
when parsing mcp_api_keys from environment variables.
Also improved handling of empty strings and None values.
The builder stage installed dependencies to /root/.local but the final
stage switched to the 'aegis' user who couldn't access /root/.local.
Fixed by copying dependencies to /home/aegis/.local and updating PATH
to point to the correct location.
