chore: bump chart version to 0.1.15

Triggers OCI artifact rebuild so Flux picks up the MCP sidecar changes.

Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)

Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>

.mcp.json

@@ -1,29 +1,17 @@
 {
   "mcpServers": {
-    "github": {
-      "command": "github-mcp-server",
-      "args": ["stdio"],
-      "env": {
-        "GITHUB_PERSONAL_ACCESS_TOKEN": "${CLAUDE_GITHUB_TOKEN}"
-      }
+    "kubernetes": {
+      "type": "sse",
+      "url": "http://localhost:8080/sse"
     },
-    "kubernetes (local)": {
-      "command": "npx",
-      "args": [
-        "-y",
-        "kubernetes-mcp-server@latest"
-      ]
-    },
-    "flux (local)":{
-      "command":"flux-operator-mcp",
-      "args":["serve"],
-      "env":{
-        "KUBECONFIG":"/Users/cpfarhood/.kube/config"
-      }
+    "flux": {
+      "type": "sse",
+      "url": "http://localhost:8081/sse"
     },
     "playwright": {
-      "command": "npx",
-      "args": ["-y", "@playwright/mcp@latest"]
-    }
+      "type": "sse",
+      "url": "http://playwright-mcp.playwright.svc.cluster.local:3000/sse"
+    } 
   }
 }
+

README.md

@@ -3,7 +3,8 @@
 ![Build and Push](https://github.com/cpfarhood/devcontainer/actions/workflows/build-and-push.yaml/badge.svg)
 
 A containerized cloud development environment with web-based GUI access, featuring:
-- **VSCode** via browser-based VNC (port 5800)
+- **VSCode or Google Antigravity** via browser-based VNC (port 5800)
+- **SSH access** option (OpenSSH on port 22, additive with any IDE)
 - **Happy Coder** AI assistant backed by Claude
 - **Automatic GitHub repo cloning** on startup
 - **Persistent home directory** via ReadWriteMany PVC
@@ -160,6 +161,7 @@ With any non-`none` value, a `ServiceAccount` named `devcontainer-{name}` is cre
 | `groupId` | `1000` | GID for the app user |
 | `storage.size` | `32Gi` | Home PVC size |
 | `storage.className` | `ceph-filesystem` | StorageClass (must be ReadWriteMany) |
+| `shm.sizeLimit` | `2Gi` | `/dev/shm` size (memory-backed; used by Electron apps) |
 | `resources.requests.memory` | `2Gi` | |
 | `resources.requests.cpu` | `1000m` | |
 | `resources.limits.memory` | `8Gi` | |
@@ -182,9 +184,9 @@ Container start
           → rm daemon.state.json.lock    — clear stale Happy lock
           → happy daemon start           — starts Happy Coder background daemon
       → IDE=vscode:      code --new-window --wait /workspace/{repo}
-        IDE=antigravity:  antigravity --new-window --wait /workspace/{repo}
+        IDE=antigravity:  antigravity --no-sandbox --user-data-dir ~/.config/antigravity ... /workspace/{repo}
         IDE=none:         sleep infinity
-      (SSH=true: sshd also running as root on port 22)
+      (SSH=true: sshd also running as root on port 22; host keys persisted on PVC)
 ```
 
 ### Storage
@@ -230,7 +232,15 @@ Then restart the pod to pick up the new env var.
 ```bash
 kubectl port-forward deployment/devcontainer-mydev 5800:5800
 kubectl logs deployment/devcontainer-mydev
-kubectl describe pod -l instance=mydev
+kubectl describe pod -l app.kubernetes.io/instance=mydev
+```
+
+### Pod not picking up new image after upgrade
+
+The chart uses `image.tag: latest`. Kubernetes won't restart the pod on a Helm upgrade unless the Deployment spec changes. Force a restart manually:
+
+```bash
+kubectl rollout restart deployment/devcontainer-mydev
 ```
 
 ### Repository not cloning

chart/Chart.yaml

@@ -2,5 +2,5 @@ apiVersion: v2
 name: devcontainer
 description: Antigravity Dev Container with Happy Coder AI assistant
 type: application
-version: 0.1.13
+version: 0.1.15
 appVersion: "latest"

chart/templates/deployment.yaml

@@ -98,6 +98,55 @@ spec:
             initialDelaySeconds: 5
             periodSeconds: 5
           {{- end }}
+        {{- if .Values.mcpSidecars.kubernetes.enabled }}
+        - name: kubernetes-mcp
+          image: "{{ .Values.mcpSidecars.kubernetes.image.repository }}:{{ .Values.mcpSidecars.kubernetes.image.tag }}"
+          args:
+            - --port
+            - {{ .Values.mcpSidecars.kubernetes.port | quote }}
+          ports:
+            - containerPort: {{ .Values.mcpSidecars.kubernetes.port }}
+              name: k8s-mcp
+              protocol: TCP
+          livenessProbe:
+            httpGet:
+              path: /healthz
+              port: {{ .Values.mcpSidecars.kubernetes.port }}
+            initialDelaySeconds: 10
+            periodSeconds: 10
+          readinessProbe:
+            httpGet:
+              path: /healthz
+              port: {{ .Values.mcpSidecars.kubernetes.port }}
+            initialDelaySeconds: 5
+            periodSeconds: 5
+          resources:
+            {{- toYaml .Values.mcpSidecars.kubernetes.resources | nindent 12 }}
+        {{- end }}
+        {{- if .Values.mcpSidecars.flux.enabled }}
+        - name: flux-mcp
+          image: "{{ .Values.mcpSidecars.flux.image.repository }}:{{ .Values.mcpSidecars.flux.image.tag }}"
+          args:
+            - serve
+            - --transport=sse
+            - --port={{ .Values.mcpSidecars.flux.port }}
+          ports:
+            - containerPort: {{ .Values.mcpSidecars.flux.port }}
+              name: flux-mcp
+              protocol: TCP
+          livenessProbe:
+            tcpSocket:
+              port: {{ .Values.mcpSidecars.flux.port }}
+            initialDelaySeconds: 10
+            periodSeconds: 10
+          readinessProbe:
+            tcpSocket:
+              port: {{ .Values.mcpSidecars.flux.port }}
+            initialDelaySeconds: 5
+            periodSeconds: 5
+          resources:
+            {{- toYaml .Values.mcpSidecars.flux.resources | nindent 12 }}
+        {{- end }}
       volumes:
         - name: workspace
           emptyDir: {}

chart/values.yaml

@@ -66,3 +66,32 @@ clusterAccess: none
 # Name of existing Secret containing env vars (GITHUB_TOKEN, VNC_PASSWORD, etc.)
 # Defaults to: devcontainer-{name}-secrets-env
 envSecretName: ""
+
+# MCP server sidecars — run alongside the devcontainer to inherit pod RBAC.
+mcpSidecars:
+  kubernetes:
+    enabled: true
+    image:
+      repository: quay.io/containers/kubernetes_mcp_server
+      tag: latest
+    port: 8080
+    resources:
+      requests:
+        memory: "64Mi"
+        cpu: "50m"
+      limits:
+        memory: "256Mi"
+        cpu: "500m"
+  flux:
+    enabled: true
+    image:
+      repository: ghcr.io/controlplaneio-fluxcd/flux-operator-mcp
+      tag: latest
+    port: 8081
+    resources:
+      requests:
+        memory: "64Mi"
+        cpu: "50m"
+      limits:
+        memory: "256Mi"
+        cpu: "500m"