farhoodlabs/devcontainer
8
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 39 Wiki Activity
Files
a83d79bc108dea134d65f5100bf0274c3e37d40a
devcontainer/memory/MEMORY.md
T
Developer a83d79bc10 feat: add Home Assistant MCP sidecar and fix K8s/Flux MCP deployment logic 
Added features:
- Home Assistant MCP server as optional sidecar (mcpSidecars.homeassistant)
- Requires homeassistant-url and homeassistant-token secrets
- Runs on port 8087 using SSE transport mode
- Disabled by default due to credential requirements

Fixed deployment logic:
- Kubernetes and Flux MCP sidecars now only deploy when:
  1. They are enabled in values (mcpSidecars.<name>.enabled: true)
  2. AND clusterAccess is not "none" (they need RBAC to function)
- Prevents unnecessary container failures when no permissions exist

Documentation updates:
- Complete Helm values reference for all MCP sidecars
- Deployment examples and troubleshooting guides
- Updated memory notes with current architecture

Breaking change:
- K8s/Flux MCP sidecars won't deploy with clusterAccess=none
- This is intentional as they cannot function without RBAC

Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)

Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>
2026-02-21 13:27:20 +00:00

1.7 KiB
Raw Blame History

Antigravity Dev Container - Session Notes

Key Architecture Facts

  • Image: ghcr.io/cpfarhood/devcontainer:latest (repo name is devcontainer, not antigravity)
  • Deployed via Helm chart (chart/), not kustomize anymore
  • Service must NOT be headless (clusterIP: None) — Cilium gateway can't route to headless services
  • SECURE_CONNECTION=0 — TLS is terminated at the gateway, not the app
  • Container user is user (UID 1000) — baseimage-gui runs startapp.sh as app user, sudo is not available

Deployment Method

  • Primary: Helm chart in chart/ directory
  • Makefile targets: helm-deploy, helm-delete, helm-logs, helm-shell, helm-port-forward
  • Old kustomize (k8s/ directory) has been removed — all deployments use Helm now
  • Chart published as OCI artifact to GHCR, reconciled by Flux

MCP Sidecars

  • Kubernetes MCP (port 8080): Only deployed when enabled AND clusterAccess != none
  • Flux MCP (port 8081): Only deployed when enabled AND clusterAccess != none
  • Home Assistant MCP (port 8087): Disabled by default, requires secrets:
    • homeassistant-url: Base URL like http://homeassistant.local:8123
    • homeassistant-token: Long-lived access token
  • Playwright MCP: External service, not a sidecar
  • Configure via mcpSidecars.<name>.enabled in values

Common Gotchas

  • baseimage-gui creates user dynamically — don't hardcode usernames in scripts, use numeric UID/GID
  • chown /home fails (PVC root not owned by container) — only chown subdirectories
  • sudo not available in startapp.sh — script already runs as correct user
  • MCP sidecars need appropriate secrets and RBAC permissions to function
Reference in New Issue View Git Blame Copy Permalink