From 88e884c1f662dc836fe8e2e8820dc92cb1b9d91c Mon Sep 17 00:00:00 2001 From: AlexDuchDev Date: Mon, 1 Jun 2026 20:23:30 +0300 Subject: [PATCH] ci: publish to MCP Registry on version tag via GitHub OIDC MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Adds .github/workflows/publish-mcp.yml — on a v*.*.* tag it installs mcp-publisher, authenticates with GitHub OIDC (no secrets), syncs server.json version to the tag, and publishes to registry.modelcontextprotocol.io. --- .github/workflows/publish-mcp.yml | 35 +++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 .github/workflows/publish-mcp.yml diff --git a/.github/workflows/publish-mcp.yml b/.github/workflows/publish-mcp.yml new file mode 100644 index 0000000..0e4ef2a --- /dev/null +++ b/.github/workflows/publish-mcp.yml @@ -0,0 +1,35 @@ +name: Publish to MCP Registry + +# Publishes server.json to registry.modelcontextprotocol.io on a version tag, +# authenticating with GitHub OIDC (no secrets, no interactive login). The repo +# lives under the Moai-Team-LLC org, which authorizes the io.github.* namespace. + +on: + push: + tags: ["v*"] + workflow_dispatch: + +jobs: + publish: + runs-on: ubuntu-latest + permissions: + id-token: write # OIDC auth to the MCP Registry + contents: read + steps: + - uses: actions/checkout@v4 + + - name: Install mcp-publisher + run: | + curl -L "https://github.com/modelcontextprotocol/registry/releases/latest/download/mcp-publisher_$(uname -s | tr '[:upper:]' '[:lower:]')_$(uname -m | sed 's/x86_64/amd64/;s/aarch64/arm64/').tar.gz" | tar xz mcp-publisher + + - name: Sync server.json version to the tag + if: startsWith(github.ref, 'refs/tags/v') + run: | + VERSION="${GITHUB_REF#refs/tags/v}" + jq --arg v "$VERSION" '.version = $v' server.json > server.tmp && mv server.tmp server.json + + - name: Authenticate (GitHub OIDC) + run: ./mcp-publisher login github-oidc + + - name: Publish to MCP Registry + run: ./mcp-publisher publish