feat(kiloclaw): add Linear MCP* integration#1407
Merged
evanjacobson merged 31 commits intomainfrom Mar 27, 2026
Merged
Conversation
Install @schpet/linear-cli in the container image and wire up LINEAR_API_KEY through the secret catalog, bootstrap, and dashboard settings UI — following the same pattern used for GitHub.
…ntegration (Bootstrap)
Reorder Linear entry to order 5 (last in tools), add a proper LinearIcon component with the official logo SVG, and fix the icon map to use the 'linear' key instead of 'list-checks'.
evanjacobson
commented
Mar 26, 2026
| validationPattern: '^lin_api_[a-zA-Z0-9_-]{40}$', | ||
| validationMessage: | ||
| 'Linear API keys start with lin_api_ followed by 40 alphanumeric, underscore, or hyphen characters.', | ||
| maxLength: 100, |
Contributor
Author
There was a problem hiding this comment.
this can be shortened to 50 safely (or 48 exactly), however the other entries in this catalog also pad their keys substantially, and it arguably provides a better UX when matched with the regex (for example, if whitespace was copied in addition to the key)
evanjacobson
commented
Mar 26, 2026
kiloclaw/Dockerfile
Outdated
| RUN npm install -g @schpet/linear-cli@1.11.1 | ||
|
|
||
| # Clean up xz-utils now that Node.js and linear-cli are installed | ||
| RUN apt-get purge -y xz-utils \ |
Contributor
Author
There was a problem hiding this comment.
linear-cli requires node for install
evanjacobson
changed the title
evanjacobson
commented
Mar 26, 2026
kiloclaw/Dockerfile
Outdated
| RUN npm install -g @kilocode/cli@7.0.46 | ||
|
|
||
| # Install Linear CLI (issue tracker) | ||
| RUN npm install -g @schpet/linear-cli@1.11.1 |
Contributor
Author
There was a problem hiding this comment.
There are security vulnerabilities on a dependency of this package. I have posted a PR to fix them.
I will bump the version to the latest release after it merges.
Contributor
Author
There was a problem hiding this comment.
There are security vulnerabilities on a dependency of this package. I have posted a PR to fix them.
I will bump the version to the latest release after it merges.
I am still discussing the changes with the repo owner. This may need to be a follow-up. The vulnerabilities are not exposed in linear-cli regardless.
![kilo-code-bot[bot]](https://avatars.githubusercontent.com/in/2193792?s=60&v=4){kind=small}
Contributor
Code Review SummaryStatus: 2 Issues Found | Recommendation: Address before merge Overview
Fix these issues in Kilo Cloud Issue Details (click to expand)WARNING
Other Observations (not in diff)Issues found in unchanged code that cannot receive inline comments:
Files Reviewed (14 files)
Reviewed by gpt-5.4-20260305 · 2,668,867 tokens |
The /root volume persists across redeploys, so `linear auth login --plaintext` leaves credentials on disk that survive after LINEAR_API_KEY is removed from env. Now configureLinear() removes ~/.config/linear/ (credentials.toml + linear.toml) when no API key is set, matching the cleanup pattern used by configureGitHub().
These files store API secrets, so credential cleanup failures should not be silently swallowed. Split the two rm calls into independent try/catch blocks so both are always attempted, and surface the error message in warnings since rm -rf/-f already exit 0 for absent targets.
Cover the second rm failure, both rm calls failing simultaneously, and non-Error thrown values exercising the instanceof fallback.
evanjacobson
commented
Mar 26, 2026
kiloclaw/controller/src/bootstrap.ts
Outdated
| // Remove any previously stored credentials from the persistent volume. | ||
| // The CLI recreates ~/.config/linear/ via ensureDir on next auth login. | ||
| try { | ||
| deps.execFileSync('rm', ['-rf', '/root/.config/linear'], { stdio: 'pipe' }); |
Contributor
Author
There was a problem hiding this comment.
kiloclaw/controller/src/bootstrap.ts
Outdated
| // The CLI recreates ~/.config/linear/ via ensureDir on next auth login. | ||
| try { | ||
| deps.execFileSync('rm', ['-rf', '/root/.config/linear'], { stdio: 'pipe' }); | ||
| deps.execFileSync('rm', ['-f', '/root/.linear.toml'], { stdio: 'pipe' }); |
Contributor
Author
There was a problem hiding this comment.
kiloclaw/controller/src/bootstrap.ts
Outdated
| // The CLI recreates ~/.config/linear/ via ensureDir on next auth login. | ||
| // rm -rf/-f exit 0 when the target is absent, so errors here are | ||
| // genuine failures (permissions, I/O) worth surfacing. | ||
| try { |
Contributor
Author
There was a problem hiding this comment.
separately trying each file delete operation out of an abundance of caution — if one fails, the other one is still tried.
kiloclaw/controller/src/bootstrap.ts
Outdated
| deps.execFileSync('rm', ['-rf', '/root/.config/linear'], { stdio: 'pipe' }); | ||
| } catch (err) { | ||
| console.warn( | ||
| `WARNING: failed to remove /root/.config/linear: ${err instanceof Error ? err.message : err}` |
Contributor
Author
There was a problem hiding this comment.
Other warnings logged after a catch in this file do not contain the error, but these are intentionally included, as these files contain credentials and need to be deleted
Cc: line 364
jeanduplessis
approved these changes
Mar 26, 2026
- Simplify configureLinear(): remove CLI credential cleanup (rm -rf of ~/.config/linear and ~/.linear.toml) since the MCP integration leaves no on-disk artifacts - Remove deps parameter from configureLinear() — no longer executes shell commands - Update TOOLS.md Linear section JSDoc to reference MCP instead of CLI - Simplify configureLinear tests from 8 CLI-focused tests to 3 MCP tests - Fix updateToolsMdLinearSection test assertion to match actual mcporter content
- Add Linear MCP server entry to writeMcporterConfig(), following the
same add/remove pattern as AgentCard
- Use literal ${LINEAR_API_KEY} in Authorization header (resolved at
runtime by 1Password, not interpolated by JS)
- Add comprehensive tests for Linear MCP config lifecycle
evanjacobson
force-pushed
the
feature/kiloclaw-linear-cli
branch
from
e811161 to
b466318
Compare
4 tasks
## Summary A refactor targeting #1407: After exploring other options for the Linear integration, the official Linear MCP server turned out to be a better fit than the CLI. All OpenClaw instances are already deployed with the `mcporter` package and skill, which give KiloClaw MCP abilities anyways. Importantly, unlike the CLI, mcporter also allows us to avoid ever writing our actual API key to a file, which significantly reduces the overhead for managing this integration. This PR targets feature/kiloclaw-linear-cli with the scoped changes to switch-over to this MCP integration only, to simplify the reviewer's experience. ## Changes - Undo the changes to both `Dockerfile`s — the target branch will have no diff after this PR merges. - Strip all on-disk credential cleanup logic from `configureLinear()` — no new files to manage anymore, so the function no longer needs `BootstrapDeps` - Add Linear MCP server entry to `writeMcporterConfig()` when `LINEAR_API_KEY` is set; remove it when unset. Preserves existing user-configured servers. The key is stored in the file as `${LINEAR_API_KEY}` verbatim and read from the environment by mcporter. - Replace CLI usage documentation in the TOOLS.md agent section with a pointer to the Linear MCP server and mcporter skill - Simplify `configureLinear` tests (no more fs/exec mocking) and add `writeMcporterConfig` tests covering add, remove, preserve, and multi-server scenarios ## Verification - [x] `pnpm format:check` passes - [x] `pnpm lint` passes - [x] Tests pass (`vitest` in kiloclaw workspace) - [x] E2E tested on a fresh instance ## New Loom — Kilo Team only https://www.loom.com/share/5ca9897104e84a3baf560818b7a3bcf7 ## Action for reviewer Please let me know your preference for merge, whether it's into the feature/kiloclaw-cli branch, or into main directly.
evanjacobson
changed the title
evanjacobson
commented
Mar 27, 2026
| if (env.LINEAR_API_KEY) { | ||
| existingServers['linear'] = { | ||
| url: 'https://mcp.linear.app/mcp', | ||
| headers: { Authorization: 'Bearer ${LINEAR_API_KEY}' }, |
Contributor
Author
There was a problem hiding this comment.
Note that this is intentionally not interpolated. mcporter supports this behavior.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds Linear as an integrated developer tool in KiloClaw, backed by the official Linear MCP server via mcporter.
LINEAR_API_KEYfield withlin_api_validation pattern, icon, and help link to Linear security settingsconfigureLinearstep that wires up the env var;updateToolsMdLinearSectionappends/removes a bounded reference section in TOOLS.md pointing agents to the Linear MCP server and mcporter skillLINEAR_API_KEYis set,writeMcporterConfig()adds the Linear MCP server entry (key stored as${LINEAR_API_KEY}verbatim, read from env by mcporter); entry is removed when the key is unset. Preserves existing user-configured servers. No credentials are ever written to disk.SettingsTab, newLinearIconSVG component, andsecret-ui-adapterwiring (icon map + description)configureLinear,updateToolsMdLinearSection,writeMcporterConfig(add, remove, preserve, multi-server), and updated catalog/route assertionsVerification
pnpm format:checkpassespnpm lintpassesvitestin kiloclaw workspace)Visual Changes
Reviewer Notes
@schpet/linear-cliinstalled in the Docker image, but switched to the official Linear MCP server — it's a better fit since mcporter is already deployed on all instances and avoids writing API keys to disk<!-- BEGIN:linear -->/<!-- END:linear -->markers, same pattern as the other tool sections