zhengchen.tao/gitea-mcp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c7fa6aeb7ff0f5baba26cd19f841b657b726d98a
gitea-mcp/gitea-mcp.Tests/GiteaRepoFilterTests.cs
T
zhengchen.tao c7fa6aeb7f
Build Docker Image / build (push) Failing after 5m41s
Details
Build Docker Image / deploy (push) Has been skipped
Details
gitea-mcp: 初次落地 Gitea MCP Server (.NET 10, V1 only-read) 
把 Gitea (git.zhengchentao.win) 通过 MCP 暴露给 Claude.ai:列 repo、读代码、看 commits / issues / PR / orgs / packages / actions。
设计文档见 vault Coding/gitea-mcp/gitea-mcp 设计.md。
代码模板复用 obsidian-mcp(.NET 10 + ModelContextProtocol SDK + JwtBearer)。

19 个只读 Tool(全部 scope=read:gitea):

Repo / 文件:
- list_repos / read_repo
- list_tree(max_entries=500 防爆)
- read_file(max_bytes=1MB,超出 truncated=true)
- search_code(走 /repos/search-code,indexer 未启用时返回结构化错误说明)

分支 / 提交:
- list_branches / list_commits / read_commit(diff 文件数限 50)

Issue / PR:
- list_issues / read_issue(含评论)
- list_pulls / read_pull(含评论 + 改动文件列表)

Org / Package(用户额外授权 read:organization + read:package):
- list_orgs / read_org
- list_packages / read_package

Gitea Actions(运维友好):
- list_workflow_runs / read_run_log

技术栈:
- .NET 10 + ModelContextProtocol SDK 1.0
- HttpClientFactory + Microsoft.Extensions.Http.Resilience(指数 backoff,5xx/429/网络错误重试)
- JwtBearer (HS256, Current+Previous fallback, MapInboundClaims=false)
- aud=gitea, scope=read:gitea, iss=https://auth.zhengchentao.win

Gitea API client:
- Authorization: token <PAT> (admin PAT,仅 read scope)
- BaseUrl=https://git.zhengchentao.win
- 错误映射:401/403 → UnauthorizedAccessException,404 → KeyNotFoundException,5xx → InvalidOperationException
- RepoBlacklist 黑名单(owner/repo 精确匹配,默认空)

部署:
- Dockerfile multi-stage,COPY --chown,non-root user
- .gitea/workflows/build-image.yml:build + deploy 双 job,buildkit v0.13.2
- 容器内 :8080,宿主端口 9092
- 子域名 git-mcp.zhengchentao.win(区别于 Gitea 本体 git.zhengchentao.win)

测试:6/6 单测过(GiteaRepoFilter 黑名单匹配)

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-06 01:32:42 +08:00

112 lines
3.0 KiB
C#
Raw Blame History

using GiteaMcp.Config;
using GiteaMcp.Services;
using GiteaMcp.Services.Models;
using Microsoft.Extensions.Options;
using Xunit;
namespace GiteaMcp.Tests;
/// <summary>
/// GiteaRepoFilter 单元测试。
/// 验证黑名单过滤的核心行为:精确匹配、大小写不敏感、空黑名单全通过。
/// </summary>
public class GiteaRepoFilterTests
{
private static GiteaRepoFilter CreateFilter(string blacklist) =>
new(Options.Create(new GiteaOptions { RepoBlacklist = blacklist }));
private static GiteaRepo MakeRepo(string owner, string name) => new()
{
Name = name,
FullName = $"{owner}/{name}",
Owner = new GiteaUser { Login = owner },
};
[Fact]
public void EmptyBlacklist_AllowsEverything()
{
var filter = CreateFilter("");
var repos = new List<GiteaRepo>
{
MakeRepo("alice", "repo-a"),
MakeRepo("org", "private-repo"),
};
var result = filter.Filter(repos);
Assert.Equal(2, result.Count);
Assert.Equal(0, filter.BlacklistCount);
}
[Fact]
public void SingleEntry_BlocksExactMatch()
{
var filter = CreateFilter("alice/secret-repo");
var repos = new List<GiteaRepo>
{
MakeRepo("alice", "secret-repo"),
MakeRepo("alice", "public-repo"),
};
var result = filter.Filter(repos);
Assert.Single(result);
Assert.Equal("public-repo", result[0].Name);
}
[Fact]
public void MultipleEntries_CommaSeparated()
{
var filter = CreateFilter("alice/repo-a, org/internal , bob/secret");
var repos = new List<GiteaRepo>
{
MakeRepo("alice", "repo-a"),
MakeRepo("org", "internal"),
MakeRepo("bob", "secret"),
MakeRepo("bob", "public"),
};
var result = filter.Filter(repos);
Assert.Single(result);
Assert.Equal("public", result[0].Name);
}
[Fact]
public void IsBlocked_CaseInsensitive()
{
var filter = CreateFilter("Alice/Secret-Repo");
// 大写 owner / 混合大小写 repo 都应该被屏蔽
Assert.True(filter.IsBlocked("alice/secret-repo"));
Assert.True(filter.IsBlocked("ALICE/SECRET-REPO"));
Assert.False(filter.IsBlocked("alice/other-repo"));
}
[Fact]
public void Filter_DoesNotMutateOriginalList()
{
var filter = CreateFilter("alice/repo-a");
var original = new List<GiteaRepo>
{
MakeRepo("alice", "repo-a"),
MakeRepo("alice", "repo-b"),
};
var originalCount = original.Count;
var filtered = filter.Filter(original);
// 原列表不应被修改
Assert.Equal(originalCount, original.Count);
Assert.Single(filtered);
}
[Fact]
public void IsBlocked_ReturnsFalse_ForNonBlockedRepo()
{
var filter = CreateFilter("alice/secret");
Assert.False(filter.IsBlocked("alice/public"));
Assert.False(filter.IsBlocked("bob/anything"));
}
}
Reference in New Issue View Git Blame Copy Permalink