55
66permissions :
77 contents : write # allow Claude to write test artifacts
8- pull-requests : write # allow PR comments if needed
8+ pull-requests : write # allow annotations / comments
99 issues : write
10- checks : write # REQUIRED for dorny/test-reporter to publish annotations
1110
1211concurrency :
1312 group : ${{ github.workflow }}-${{ github.ref }}
7372name : Ensure artifact dirs exist
7473 run : mkdir -p reports
7574
75+ # Seed Claude settings on-disk so CI never prompts for permissions.
76+ # (We include both the legacy and current keys; the action will pick up what it understands.)
77+ - name : Seed Claude settings (auto-approve MCP + filesystem tools)
78+ run : |
79+ set -eux
80+ mkdir -p "$HOME/.claude"
81+ cat > "$HOME/.claude/settings.json" <<'JSON'
82+ {
83+ "enableAllProjectMcpServers": true,
84+
85+ /* Legacy keys used by some builds */
86+ "permissionMode": "allow",
87+ "autoApprove": ["Bash","Write","Edit","MultiEdit","mcp__unity__*","ListMcpResourcesTool","ReadMcpResourceTool","Read","LS","Glob","Grep"],
88+
89+ /* Current keys used by newer builds */
90+ "defaultMode": "bypassPermissions",
91+ "permissionStorage": "none",
92+ "permissions": {
93+ "allow": [
94+ "Read", "Write", "LS", "Glob", "Grep",
95+ "Bash(git:*)",
96+ "mcp__unity__*",
97+ "ListMcpResourcesTool",
98+ "ReadMcpResourceTool"
99+ ]
100+ }
101+ }
102+ JSON
103+ echo "Seeded settings:"
104+ cat "$HOME/.claude/settings.json"
105+
76106name : Log MCP server location (diagnostic)
77107 run : |
78- set -ux # do not -e; we want logs even if missing
108+ set -ux
79109 SRV_DIR="UnityMcpBridge/UnityMcpServer~/src"
80110 echo "MCP server dir := ${SRV_DIR}"
81111 python - <<'PY'
95125 uses : anthropics/claude-code-base-action@beta
96126 with :
97127 prompt_file : .claude/prompts/nl-startuptest.md
98- allowed_tools : " Bash(git:*),Read,Write,LS,Glob,Grep,mcp__unity__*"
128+ allowed_tools : " Bash(git:*),Read,Write,LS,Glob,Grep,ListMcpResourcesTool,ReadMcpResourceTool, mcp__unity__*"
99129 mcp_config : |
100130 {
101131 "mcpServers": {
@@ -114,12 +144,28 @@ jobs:
114144 }
115145 }
116146 }
117- # Auto-approve in CI (no interactive prompts )
147+ # Force auto-approval in the runner (both legacy and current schema )
118148 settings : |
119149 {
120150 "permissionMode": "allow",
121- "autoApprove": ["Bash","Read","Write","Edit","MultiEdit","LS","Glob","Grep","mcp__unity__*"]
151+ "autoApprove": ["Bash","Write","Edit","MultiEdit","mcp__unity__*","ListMcpResourcesTool","ReadMcpResourceTool","Read","LS","Glob","Grep"],
152+ "defaultMode": "bypassPermissions",
153+ "permissionStorage": "none",
154+ "permissions": {
155+ "allow": [
156+ "Read", "Write", "LS", "Glob", "Grep",
157+ "Bash(git:*)",
158+ "mcp__unity__*",
159+ "ListMcpResourcesTool",
160+ "ReadMcpResourceTool"
161+ ]
162+ }
122163 }
164+ # Nudge the agent to use the correct base dir for this repo (no Assets/)
165+ append_system_prompt : |
166+ IMPORTANT: This repository root does not contain an Assets/ folder.
167+ When using mcp__unity__list_resources or read_resource, use under: "." or under: "ClaudeTests".
168+ Do NOT rely on ListMcpResourcesTool; prefer the Unity-specific tools.
123169model : " claude-3-7-sonnet-20250219"
124170 max_turns : " 12"
125171 timeout_minutes : " 10"
@@ -130,13 +176,8 @@ jobs:
130176 id : claude
131177 uses : anthropics/claude-code-base-action@beta
132178 with :
133- # Test instructions live here
134179 prompt_file : .claude/prompts/nl-unity-suite.md
135-
136- # Restrict which tools the agent may attempt (prefer server tools over generic aggregators)
137- allowed_tools : " Bash(git:*),Read,Write,LS,Glob,Grep,mcp__unity__*"
138-
139- # MCP server path (use active venv)
180+ allowed_tools : " Bash(git:*),Read,Write,LS,Glob,Grep,ListMcpResourcesTool,ReadMcpResourceTool,mcp__unity__*"
140181 mcp_config : |
141182 {
142183 "mcpServers": {
@@ -151,22 +192,29 @@ jobs:
151192 "server.py"
152193 ],
153194 "transport": { "type": "stdio" },
154- "env": {
155- "PYTHONUNBUFFERED": "1",
156- "MCP_LOG_LEVEL": "debug"
157- }
195+ "env": { "PYTHONUNBUFFERED": "1", "MCP_LOG_LEVEL": "debug" }
158196 }
159197 }
160198 }
161-
162- # Auto-approve in CI (bypass prompts)
163199settings : |
164200 {
165201 "permissionMode": "allow",
166- "autoApprove": ["Bash","Read","Write","Edit","MultiEdit","LS","Glob","Grep","mcp__unity__*"]
202+ "autoApprove": ["Bash","Write","Edit","MultiEdit","mcp__unity__*","ListMcpResourcesTool","ReadMcpResourceTool","Read","LS","Glob","Grep"],
203+ "defaultMode": "bypassPermissions",
204+ "permissionStorage": "none",
205+ "permissions": {
206+ "allow": [
207+ "Read", "Write", "LS", "Glob", "Grep",
208+ "Bash(git:*)",
209+ "mcp__unity__*",
210+ "ListMcpResourcesTool",
211+ "ReadMcpResourceTool"
212+ ]
213+ }
167214 }
168-
169- # Guardrails
215+ append_system_prompt : |
216+ IMPORTANT: The workspace is not a Unity project; there is no Assets/ directory.
217+ Use mcp__unity__list_resources with under: "." (or "ClaudeTests") and pattern: "*" to discover files.
170218model : " claude-3-7-sonnet-20250219"
171219 max_turns : " 20"
172220 timeout_minutes : " 20"
@@ -175,12 +223,7 @@ jobs:
175223 - name : Mark permission issues as skipped in JUnit
176224 if : always()
177225 run : |
178- set -eux
179- if [ -f .github/scripts/mark_skipped.py ]; then
180- python .github/scripts/mark_skipped.py reports/claude-nl-tests.xml || true
181- else
182- echo "mark_skipped.py not present; skipping"
183- fi
226+ python .github/scripts/mark_skipped.py reports/claude-nl-tests.xml
184227
185228name : Ensure JUnit exists (fallback)
186229 if : always()
@@ -250,7 +293,7 @@ jobs:
250293 UNITY_PASSWORD : ${{ secrets.UNITY_PASSWORD }}
251294 with :
252295 packageMode : true
253- unityVersion : 2022.3.45f1 # set your exact version
296+ unityVersion : 2022.3.45f1
254297 projectPath : .
255298 githubToken : ${{ secrets.GITHUB_TOKEN }}
256299
0 commit comments