Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 32 additions & 1 deletion .github/workflows/chart-preview.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,11 @@ on:
required: false
default: false
type: boolean
plane-mcp-server:
description: "Plane MCP Server"
required: false
default: false
type: boolean

env:
PREVIEW_BUILD_FOLDER: helm-preview
Expand All @@ -28,6 +33,7 @@ env:
CHART_PREFIX: ${{ github.run_id }}
BUILD_PLANE_CE: ${{ github.event.inputs.plane-ce }}
BUILD_PLANE_EE: ${{ github.event.inputs.plane-enterprise }}
BUILD_PLANE_MCP_SERVER: ${{ github.event.inputs.plane-mcp-server }}

jobs:
build:
Expand Down Expand Up @@ -117,8 +123,28 @@ jobs:
cp charts/${{env.CHART_REPO}}/README.md ${{ env.EXPORT_DIR }}/${{env.CHART_REPO}}/${{env.CHART_REPO}}.md
helm repo index ${{ env.EXPORT_DIR }}/${{env.CHART_REPO}}

- id: build-plane-mcp-server
if: ${{ env.BUILD_PLANE_MCP_SERVER == 'true' }}
name: Build Plane-MCP-Server
working-directory: code
env:
EXPORT_DIR: ${{env.PREVIEW_BUILD_FOLDER}}
CHART_REPO: plane-mcp-server
CR_KEY: ${{ env.GPG_KEY_NAME }}
CR_PASSPHRASE_FILE: ${{env.GNUPGHOME}}/gpg-passphrase
CR_KEYRING: ${{env.GNUPGHOME}}/secring.gpg
run: |
flatBranchName=$(echo "${{ github.ref_name}}" | sed 's/\//\-/g')
sed -i "s/name: ${{env.CHART_REPO}}/name: ${{ env.CHART_PREFIX }}-${{env.CHART_REPO}}/" charts/${{env.CHART_REPO}}/Chart.yaml
sed -i "s/description: .*/description: ${flatBranchName}/g" charts/${{env.CHART_REPO}}/Chart.yaml
# sed -i "s/version: \(.*\)/version: \1-${flatBranchName}/" charts/${{env.CHART_REPO}}/Chart.yaml

helm package --sign --key "$CR_KEY" --keyring $CR_KEYRING --passphrase-file "$CR_PASSPHRASE_FILE" charts/$CHART_REPO -u -d ${{ env.EXPORT_DIR }}/${{env.CHART_REPO}}/charts
cp charts/${{env.CHART_REPO}}/README.md ${{ env.EXPORT_DIR }}/${{env.CHART_REPO}}/${{env.CHART_REPO}}.md
helm repo index ${{ env.EXPORT_DIR }}/${{env.CHART_REPO}}

Comment on lines +126 to +145

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

cat -n .github/workflows/chart-preview.yml | sed -n '120,150p'

Repository: makeplane/helm-charts

Length of output: 2178


🏁 Script executed:

grep -n "helm package" .github/workflows/chart-preview.yml

Repository: makeplane/helm-charts

Length of output: 622


🏁 Script executed:

cat -n .github/workflows/chart-preview.yml | sed -n '95,125p'

Repository: makeplane/helm-charts

Length of output: 2367


🏁 Script executed:

cat -n .github/workflows/chart-preview.yml | sed -n '75,105p'

Repository: makeplane/helm-charts

Length of output: 2053


🏁 Script executed:

cat -n .github/workflows/chart-preview.yml | head -90 | tail -20

Repository: makeplane/helm-charts

Length of output: 1196


🏁 Script executed:

cd .github/workflows && ls -la && head -30 chart-preview.yml

Repository: makeplane/helm-charts

Length of output: 1166


🏁 Script executed:

grep -n "shellcheck\|shfmt" .github/workflows/chart-preview.yml

Repository: makeplane/helm-charts

Length of output: 47


🏁 Script executed:

fd -type f "(actionlint|shellcheck|pre-commit)" -o "\.pre-commit.*" | head -20

Repository: makeplane/helm-charts

Length of output: 235


🏁 Script executed:

find . -maxdepth 2 -name ".pre-commit-config.yml" -o -name ".pre-commit-config.yaml" -o -name "actionlint.yaml" 2>/dev/null | head -10

Repository: makeplane/helm-charts

Length of output: 47


🏁 Script executed:

find . -name "*.yml" -o -name "*.yaml" | xargs grep -l "actionlint\|shellcheck" 2>/dev/null | head -10

Repository: makeplane/helm-charts

Length of output: 47


Quote unquoted variables in helm package commands to prevent word-splitting issues.

Unquoted expansions in the helm package commands cause SC2086 violations. This pattern appears in all three build steps (lines 102, 122, 142), not just the MCP step. The variables $CR_KEYRING, charts/$CHART_REPO, and ${{ env.EXPORT_DIR }}/${{env.CHART_REPO}}/charts need quoting.

🔧 Suggested patch for line 142
-          helm package --sign --key "$CR_KEY" --keyring $CR_KEYRING --passphrase-file "$CR_PASSPHRASE_FILE" charts/$CHART_REPO -u -d ${{ env.EXPORT_DIR }}/${{env.CHART_REPO}}/charts
+          helm package --sign --key "$CR_KEY" --keyring "$CR_KEYRING" --passphrase-file "$CR_PASSPHRASE_FILE" "charts/$CHART_REPO" -u -d "${{ env.EXPORT_DIR }}/${{env.CHART_REPO}}/charts"

Apply the same quoting pattern to lines 102 and 122 for consistency.

🧰 Tools
🪛 actionlint (1.7.11)

[error] 136-136: shellcheck reported issue in this script: SC2086:info:6:106: Double quote to prevent globbing and word splitting

(shellcheck)


[error] 136-136: shellcheck reported issue in this script: SC2086:info:6:47: Double quote to prevent globbing and word splitting

(shellcheck)

🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/chart-preview.yml around lines 126 - 145, The helm package
invocation in the Build Plane-MCP-Server step uses unquoted shell expansions
which can cause word-splitting (SC2086); update the helm package command (the
line invoking "helm package --sign --key \"$CR_KEY\" --keyring $CR_KEYRING
--passphrase-file \"$CR_PASSPHRASE_FILE\" charts/$CHART_REPO -u -d ${{
env.EXPORT_DIR }}/${{env.CHART_REPO}}/charts") to quote the $CR_KEYRING, the
charts path (charts/$CHART_REPO) and the destination path (${{ env.EXPORT_DIR
}}/${{env.CHART_REPO}}/charts), and apply the same quoting pattern to the other
two helm package lines in the file to prevent word-splitting.

- name: Publish
if: ${{ env.BUILD_PLANE_CE == 'true' || env.BUILD_PLANE_EE == 'true' }}
if: ${{ env.BUILD_PLANE_CE == 'true' || env.BUILD_PLANE_EE == 'true' || env.BUILD_PLANE_MCP_SERVER == 'true' }}
working-directory: code
run: |

Expand All @@ -139,6 +165,11 @@ jobs:
<li><a href='plane-enterprise/'>Plane-Enterprise</a></li>"
fi

if [ "${{ env.BUILD_PLANE_MCP_SERVER }}" == "true" ]; then
HTML_CONTENT="$HTML_CONTENT
<li><a href='plane-mcp-server/'>Plane-MCP-Server</a></li>"
fi

HTML_CONTENT="$HTML_CONTENT
</ul>"
echo $HTML_CONTENT >> ${{env.PREVIEW_BUILD_FOLDER}}/index.html
Expand Down
17 changes: 16 additions & 1 deletion .github/workflows/chart-releaser.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,10 @@ on:
description: 'Build Plane EE'
type: boolean
default: false
plane-mcp-server:
description: 'Build Plane MCP Server'
type: boolean
default: false

env:
CR_CONFIGFILE: "${{ github.workspace }}/cr.yaml"
Expand All @@ -23,13 +27,14 @@ env:
TARGET_BRANCH: "${{ github.ref_name }}"
CHART_NAME_CE: "plane-ce"
CHART_NAME_ENTERPRISE: "plane-enterprise"
CHART_NAME_MCP_SERVER: "plane-mcp-server"
MARK_AS_LATEST: true
MARK_AS_PRERELASE: false
PAGES_INDEX_PATH: ""

jobs:
setup:
if: ${{ github.event.inputs.plane-ce == 'true' || github.event.inputs.plane-ee == 'true' }}
if: ${{ github.event.inputs.plane-ce == 'true' || github.event.inputs.plane-ee == 'true' || github.event.inputs.plane-mcp-server == 'true' }}
runs-on: ubuntu-22.04
permissions:
contents: write
Expand Down Expand Up @@ -81,6 +86,9 @@ jobs:
if [ "${{ github.event.inputs.plane-ee }}" = "false" ]; then
rm -rf charts/${{ env.CHART_NAME_ENTERPRISE }}
fi
if [ "${{ github.event.inputs.plane-mcp-server }}" = "false" ]; then
rm -rf charts/${{ env.CHART_NAME_MCP_SERVER }}
fi

- name: Rename Chart
if: github.ref_name != 'master'
Expand All @@ -94,6 +102,10 @@ jobs:
sed -i "s/name: \(.*\)/name: \1-${flatBranchName}/" charts/${{ env.CHART_NAME_ENTERPRISE }}/Chart.yaml
fi

if [ "${{ github.event.inputs.plane-mcp-server }}" = "true" ]; then
sed -i "s/name: \(.*\)/name: \1-${flatBranchName}/" charts/${{ env.CHART_NAME_MCP_SERVER }}/Chart.yaml
fi

echo "MARK_AS_LATEST=false" >> $GITHUB_ENV
echo "MARK_AS_PRERELASE=true" >> $GITHUB_ENV
echo "PAGES_INDEX_PATH=${flatBranchName}" >> $GITHUB_ENV
Expand Down Expand Up @@ -149,6 +161,9 @@ jobs:
if [ "${{ github.event.inputs.plane-ee }}" = "true" ]; then
cp code/charts/plane-enterprise/README.md pages/content/plane-ee.md
fi
if [ "${{ github.event.inputs.plane-mcp-server }}" = "true" ]; then
cp code/charts/plane-mcp-server/README.md pages/content/plane-mcp-server.md
fi

- name: Publish pages
working-directory: pages
Expand Down
24 changes: 24 additions & 0 deletions charts/plane-mcp-server/.helmignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
test-*.yaml
14 changes: 14 additions & 0 deletions charts/plane-mcp-server/Chart.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
apiVersion: v2

name: plane-mcp-server
description: plane-mcp-server Setup

type: application

version: 1.0.0
appVersion: "v0.2.0"

home: https://plane.so
icon: https://plane.so/favicon/favicon-32x32.png
sources:
- https://github.com/makeplane/plane-mcp-server
113 changes: 113 additions & 0 deletions charts/plane-mcp-server/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,113 @@
# Plane MCP Server Helm Chart

## Pre-requisite

- A working Kubernetes cluster
- `kubectl` and `helm` on the client system that you will use to install our Helm charts

## Installing Plane MCP Server

1. Open Terminal or any other command-line app that has access to Kubernetes tools on your local system.

1. Set-up and customization

For more control over your set-up, extract the Helm chart to access the values file and edit using any editor like Vim or Nano.

```bash
# Extract the Helm chart to access the values file
helm show values plane-mcp-server --repo https://private-helm.plane.tools > custom-values.yaml
vi custom-values.yaml
```

> See `Configuration Settings` for more details.

After saving the `custom-values.yaml` file, continue to be on the same Terminal window as on the previous steps, copy the code below, and paste it on your Terminal screen.

```bash
helm upgrade plane-mcp-server-app plane-mcp-server \
--repo https://private-helm.plane.tools \
--install \
--create-namespace \
--namespace plane-mcp-server \
-f custom-values.yaml \
--timeout 10m \
--wait \
--wait-for-jobs
```

## Configuration Settings

### Docker Registry Configuration

| Setting | Default | Required | Description |
| ---------------------------- | :---------------------------: | :------: | --------------------------------------------------------------------------- |
| dockerRegistry.enabled | true | | Enable Docker registry authentication for pulling images |
| dockerRegistry.loginid | planeengineering | | Docker registry login ID/username |
| dockerRegistry.password | | | Docker registry password or token |
Comment on lines +44 to +46

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Default loginid value mismatch with values.yaml.

The README states the default dockerRegistry.loginid is planeengineering, but values.yaml sets it to makeplane. Documentation should match the actual defaults.

📝 Proposed fix
-| dockerRegistry.loginid       |     planeengineering          |          | Docker registry login ID/username                                           |
+| dockerRegistry.loginid       |        makeplane              |          | Docker registry login ID/username                                           |
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
| dockerRegistry.enabled | true | | Enable Docker registry authentication for pulling images |
| dockerRegistry.loginid | planeengineering | | Docker registry login ID/username |
| dockerRegistry.password | | | Docker registry password or token |
| dockerRegistry.enabled | true | | Enable Docker registry authentication for pulling images |
| dockerRegistry.loginid | makeplane | | Docker registry login ID/username |
| dockerRegistry.password | | | Docker registry password or token |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In `@charts/plane-mcp-server/README.md` around lines 44 - 46, The README's table
documents dockerRegistry.loginid default as "planeengineering" but the chart's
values.yaml sets dockerRegistry.loginid to "makeplane"; update the README entry
for dockerRegistry.loginid to match values.yaml (set the default to "makeplane")
or vice versa if you intend to change the actual default—ensure
dockerRegistry.loginid in the README and values.yaml are identical and reflect
the intended default value.

| dockerRegistry.default_tag | latest | | Default image tag for MCP server image |
| services.api.image | makeplane/plane-mcp-server | | MCP Server Docker image name (without tag) |

### MCP Server Setup

| Setting | Default | Required | Description |
| ---------------------------- | :--------------------: | :------: | --------------------------------------------------------------------------- |
| services.api.replicas | 1 | | Number of MCP Server replicas |
| services.api.memoryLimit | 1000Mi | | Memory limit for MCP Server pods |
| services.api.cpuLimit | 500m | | CPU limit for MCP Server pods |
| services.api.memoryRequest | 50Mi | | Memory request for MCP Server pods |
| services.api.cpuRequest | 50m | | CPU request for MCP Server pods |

### Plane OAuth Configuration

| Setting | Default | Required | Description |
| ------------------------------------- | :---------: | :------: | --------------------------------------------------------------------------- |
| services.api.plane_oauth.client_id | | Yes | Plane OAuth Client ID for authentication |
| services.api.plane_oauth.client_secret| | Yes | Plane OAuth Client Secret for authentication |
| services.api.plane_oauth.redirect_uri | | Yes | OAuth redirect URI for callback handling |
| services.api.plane_oauth.base_url | | Yes | Plane instance base URL for OAuth |

### Redis/Valkey Setup

| Setting | Default | Required | Description |
| -------------------------------- | :-------------------------------: | :------: | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| services.redis.local_setup | true | | Plane MCP Server uses `redis` to cache session data. This can be hosted within kubernetes as part of helm chart deployment or can be used as hosted service remotely. Set this to `true` when you choose to setup stateful deployment of `redis`. Mark it as `false` when using a remotely hosted database |
| services.redis.image | valkey/valkey:7.2.11-alpine | | Using this key, user must provide the docker image name to setup the stateful deployment of `redis`. (must be set when `services.redis.local_setup=true`) |
| services.redis.volume_size | 500Mi | | While setting up the stateful deployment, while creating the persistent volume, volume allocation size need to be provided. This key helps you set the volume allocation size. Unit of this value must be in Mi (megabyte) or Gi (gigabyte) |
| services.redis.external_redis_url| | | Users can also decide to use the remote hosted database and link to Plane MCP Server deployment. Ignoring all the above keys, set `services.redis.local_setup` to `false` and set this key with remote connection url |

### Ingress Configuration

| Setting | Default | Required | Description |
| -------------------------------- | :-----------------------------------------------------------: | :------: | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| ingress.enabled | true | | Enable ingress for Plane MCP Server |
| ingress.host | mcp.example.com | Yes | Main hostname for Plane MCP Server application |
| ingress.ingressClass | nginx | Yes | Kubernetes cluster setup comes with various options of `ingressClass`. Based on your setup, set this value to the right one (eg. nginx, traefik, etc). Leave it to default in case you are using external ingress provider |
| ingress.ingressAnnotations | { nginx.ingress.kubernetes.io/proxy-body-size: "10m" } | | Ingress controllers comes with various configuration options which can be passed as annotations. Setting this value lets you change the default value to user required |
| ingress.ssl.enabled | false | | Enable SSL/TLS for ingress |
| ingress.ssl.issuer | cloudflare | | CertManager configuration allows user to create issuers using `http` or any of the other DNS Providers like `cloudflare`, `digitalocean`, etc. As of now Plane MCP Server supports `http`, `cloudflare`, `digitalocean` |
| ingress.ssl.token | | | To create issuers using DNS challenge, set the issuer api token of dns provider like `cloudflare` or `digitalocean` (not required for http) |
| ingress.ssl.server | https://acme-v02.api.letsencrypt.org/directory | | Issuer creation configuration need the certificate generation authority server url. Default URL is the `Let's Encrypt` server |
| ingress.ssl.email | engineering@plane.so | | Certificate generation authority needs a valid email id before generating certificate. Required when `ingress.ssl.enabled=true` |

## Custom Ingress Routes

If you are planning to use 3rd party ingress providers, here is the available route configuration

| Host | Path | Service | Required |
| ----------------------- | :-----------: | ------------------------------------------ | :------: |
| mcp.example.com | / | <http://<release-name>-api:8000> | Yes |

## Verify

- After install, the MCP Server listens on Service `<release-name>-api` port 8000
Comment on lines +98 to +102

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Documentation port mismatch.

The README references port 8000 in the Custom Ingress Routes table (line 98) and Verify section (line 102), but the Ingress template (ingress.yaml) configures the backend service on port 8211. This inconsistency will confuse users attempting to set up custom ingress routes.

📝 Proposed fix to correct port references
 | Host                    |     Path      | Service                                    | Required |
 | ----------------------- | :-----------: | ------------------------------------------ | :------: |
-| mcp.example.com         |      /        | <http://<release-name>-api:8000>           |   Yes    |
+| mcp.example.com         |      /        | <http://<release-name>-api:8211>           |   Yes    |

 ## Verify

-- After install, the MCP Server listens on Service `<release-name>-api` port 8000
+- After install, the MCP Server listens on Service `<release-name>-api` port 8211
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
| mcp.example.com | / | <http://<release-name>-api:8000> | Yes |
## Verify
- After install, the MCP Server listens on Service `<release-name>-api` port 8000
| mcp.example.com | / | <http://<release-name>-api:8211> | Yes |
## Verify
- After install, the MCP Server listens on Service `<release-name>-api` port 8211
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In `@charts/plane-mcp-server/README.md` around lines 98 - 102, The README's Custom
Ingress Routes table and Verify section reference port 8000 but the ingress
backend is configured to use port 8211; update all occurrences in README (the
table row for mcp.example.com and the Verify bullet that mentions Service
`<release-name>-api` port 8000) to use port 8211 so the docs match the
ingress.yaml backend configuration.

- If ingress is enabled, access the application at `https://<host>/` via Ingress
- Check all pods are running: `kubectl get pods -n <namespace>`
- Check services: `kubectl get svc -n <namespace>`

## Troubleshooting

- Ensure `ingress.host` resolves to your ingress controller
- For TLS issues, check cert-manager events and Issuer/Certificate resources in the install namespace
- If using external Redis, verify `services.redis.external_redis_url` is reachable from the cluster
- Confirm Redis/Valkey pods are Ready; caching depends on it
- Ensure all Plane OAuth configuration values are correctly set (client_id, client_secret, redirect_uri, base_url)
Loading
Loading