feat: add GitHub MCP sidecar and fix Home Assistant MCP command (fixes #26)

- Fixed Home Assistant MCP command flags from --sse-server-host/port to --host/port
- Added GitHub MCP server as new sidecar (enabled by default)
- Uses existing GITHUB_TOKEN from environment
- Updated documentation and .mcp.json configuration

The GitHub MCP sidecar provides AI assistants with ability to interact with
GitHub repositories, issues, PRs, and more using the same token used for
repository cloning.

Fixes #26

Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)

Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>

.mcp.json

@@ -12,6 +12,10 @@
       "type": "sse",
       "url": "http://localhost:8087/sse"
     },
+    "github": {
+      "type": "sse",
+      "url": "http://localhost:8088/sse"
+    },
     "playwright": {
       "type": "sse",
       "url": "http://playwright-mcp.playwright.svc.cluster.local:3000/sse"

CLAUDE.md

@@ -77,7 +77,7 @@ Container start
 | `chart/templates/pvc.yaml` | PersistentVolumeClaim for user home |
 | `chart/templates/service.yaml` | ClusterIP Service (VNC + optional SSH) |
 | `chart/values.yaml` | Default Helm values |
-| `.mcp.json` | MCP server connection config (Kubernetes, Flux, Playwright) |
+| `.mcp.json` | MCP server connection config (Kubernetes, Flux, GitHub, Home Assistant, Playwright) |
 | `Makefile` | Build/deploy automation |
 
 ### MCP Sidecars
@@ -88,11 +88,13 @@ MCP (Model Context Protocol) servers run as sidecar containers in the pod, enabl
 |---------|-------|---------|------|----------|---------|
 | `kubernetes-mcp` | `quay.io/containers/kubernetes_mcp_server` | v0.0.57 | 8080 | `http://localhost:8080/sse` | Enabled |
 | `flux-mcp` | `ghcr.io/controlplaneio-fluxcd/flux-operator-mcp` | v0.41.1 | 8081 | `http://localhost:8081/sse` | Enabled |
+| `github-mcp` | `ghcr.io/modelcontextprotocol/servers/github` | latest | 8088 | `http://localhost:8088/sse` | Enabled |
 | `homeassistant-mcp` | `ghcr.io/homeassistant-ai/ha-mcp` | 6.7.1 | 8087 | `http://localhost:8087/sse` | Disabled |
 
 **Note:**
 - Kubernetes and Flux sidecars require `clusterAccess` != `none` to be deployed (they need RBAC permissions)
 - Kubernetes and Flux sidecars inherit the pod's ServiceAccount RBAC permissions
+- GitHub sidecar uses `GITHUB_TOKEN` from the env secret (same token used for repo cloning)
 - Home Assistant sidecar requires `HOMEASSISTANT_URL` and `HOMEASSISTANT_TOKEN` in the env secret
 - Playwright MCP remains an external service
 
@@ -107,6 +109,8 @@ mcpSidecars:
     enabled: false
   flux:
     enabled: false
+  github:
+    enabled: false
   homeassistant:
     enabled: false
 
@@ -116,6 +120,8 @@ mcpSidecars:
     enabled: true  # Keep Kubernetes MCP enabled
   flux:
     enabled: false # Disable Flux MCP
+  github:
+    enabled: true  # Keep GitHub MCP enabled (uses GITHUB_TOKEN)
   homeassistant:
     enabled: true  # Enable Home Assistant MCP (requires secrets)
 ```

chart/templates/deployment.yaml

@@ -151,7 +151,7 @@ spec:
         - name: homeassistant-mcp
           image: "{{ .Values.mcpSidecars.homeassistant.image.repository }}:{{ .Values.mcpSidecars.homeassistant.image.tag }}"
           imagePullPolicy: Always
-          command: ["fastmcp", "run", "ha_mcp.main:app", "--transport", "sse", "--sse-server-host", "0.0.0.0", "--sse-server-port", "{{ .Values.mcpSidecars.homeassistant.port }}"]
+          command: ["fastmcp", "run", "ha_mcp.main:app", "--transport", "sse", "--host", "0.0.0.0", "--port", "{{ .Values.mcpSidecars.homeassistant.port }}"]
           ports:
             - name: homeassistant
               containerPort: {{ .Values.mcpSidecars.homeassistant.port }}
@@ -181,6 +181,38 @@ spec:
           resources:
             {{- toYaml .Values.mcpSidecars.homeassistant.resources | nindent 12 }}
         {{- end }}
+        {{- if .Values.mcpSidecars.github.enabled }}
+        - name: github-mcp
+          image: "{{ .Values.mcpSidecars.github.image.repository }}:{{ .Values.mcpSidecars.github.image.tag }}"
+          imagePullPolicy: Always
+          args:
+            - --sse
+            - --port={{ .Values.mcpSidecars.github.port }}
+          ports:
+            - name: github
+              containerPort: {{ .Values.mcpSidecars.github.port }}
+          env:
+            - name: GITHUB_PERSONAL_ACCESS_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "antigravity.envSecretName" . }}
+                  key: github-token
+                  optional: true
+          livenessProbe:
+            httpGet:
+              path: /health
+              port: {{ .Values.mcpSidecars.github.port }}
+            initialDelaySeconds: 10
+            periodSeconds: 10
+          readinessProbe:
+            httpGet:
+              path: /health
+              port: {{ .Values.mcpSidecars.github.port }}
+            initialDelaySeconds: 5
+            periodSeconds: 5
+          resources:
+            {{- toYaml .Values.mcpSidecars.github.resources | nindent 12 }}
+        {{- end }}
       volumes:
         - name: workspace
           emptyDir: {}

chart/values.yaml

@@ -108,3 +108,16 @@ mcpSidecars:
       limits:
         memory: "256Mi"
         cpu: "500m"
+  github:
+    enabled: true  # Enabled by default, uses GITHUB_TOKEN from env
+    image:
+      repository: ghcr.io/modelcontextprotocol/servers/github
+      tag: latest  # Update to specific version once available
+    port: 8088
+    resources:
+      requests:
+        memory: "64Mi"
+        cpu: "50m"
+      limits:
+        memory: "256Mi"
+        cpu: "500m"