From 4856038621c6fc046959b0deee80192e3b610351 Mon Sep 17 00:00:00 2001 From: MattBabbbage Date: Fri, 3 Oct 2025 11:34:00 +0100 Subject: [PATCH 1/4] Improve registry release reliablilty --- .github/workflows/docker-publish.yml | 16 ++++++++++++ .github/workflows/registry-releaser.yml | 34 ++++++++++++++++++++++--- 2 files changed, 46 insertions(+), 4 deletions(-) diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 35bb30edd..29b1d5eff 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -127,3 +127,19 @@ jobs: # This step uses the identity token to provision an ephemeral certificate # against the sigstore community Fulcio instance. run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST} + + - name: Trigger registry publication + if: ${{ github.event_name != 'pull_request' && github.ref_type == 'tag' && startsWith(github.ref, 'refs/tags/v') }} + uses: actions/github-script@v7 + with: + script: | + await github.rest.repos.createDispatchEvent({ + owner: context.repo.owner, + repo: context.repo.repo, + event_type: 'docker-published', + client_payload: { + tag: context.ref.replace('refs/tags/', ''), + sha: context.sha, + image_digest: '${{ steps.build-and-push.outputs.digest }}' + } + }); diff --git a/.github/workflows/registry-releaser.yml b/.github/workflows/registry-releaser.yml index bc517dc97..c03a48d2b 100644 --- a/.github/workflows/registry-releaser.yml +++ b/.github/workflows/registry-releaser.yml @@ -1,8 +1,8 @@ name: Publish to MCP Registry on: - push: - tags: ["v*"] # Triggers on version tags like v1.0.0 + repository_dispatch: + types: [docker-published] # Triggered after Docker image is published workflow_dispatch: # Allow manual triggering jobs: @@ -23,12 +23,35 @@ jobs: - name: Fetch tags run: | - if [[ "${{ github.ref_type }}" != "tag" ]]; then + if [[ "${{ github.event_name }}" == "repository_dispatch" ]]; then + echo "Triggered by docker-published event for tag: ${{ github.event.client_payload.tag }}" + elif [[ "${{ github.ref_type }}" != "tag" ]]; then git fetch --tags else echo "Skipping tag fetch - already on tag ${{ github.ref_name }}" fi + - name: Wait for Docker image + run: | + if [[ "${{ github.event_name }}" == "repository_dispatch" ]]; then + TAG="${{ github.event.client_payload.tag }}" + elif [[ "${{ github.ref_type }}" == "tag" ]]; then + TAG="${{ github.ref_name }}" + else + TAG=$(git tag --sort=-version:refname | grep -E '^v[0-9]+\.[0-9]+\.[0-9]+' | head -n1) + fi + IMAGE="ghcr.io/github/github-mcp-server:$TAG" + + for i in {1..6}; do + if docker manifest inspect "$IMAGE" &>/dev/null; then + echo "✅ Docker image ready: $TAG" + break + fi + [ $i -eq 6 ] && { echo "❌ Timeout waiting for $TAG after 3 minutes"; exit 1; } + echo "⏳ Waiting for Docker image ($i/6)..." + sleep 30 + done + - name: Install MCP Publisher run: | git clone --quiet https://github.com/modelcontextprotocol/registry publisher-repo @@ -37,7 +60,10 @@ jobs: - name: Update server.json version run: | - if [[ "${{ github.ref_type }}" == "tag" ]]; then + if [[ "${{ github.event_name }}" == "repository_dispatch" ]]; then + TAG_VERSION=$(echo "${{ github.event.client_payload.tag }}" | sed 's/^v//') + echo "Using tag from dispatch: ${{ github.event.client_payload.tag }}" + elif [[ "${{ github.ref_type }}" == "tag" ]]; then TAG_VERSION=$(echo "${{ github.ref_name }}" | sed 's/^v//') else LATEST_TAG=$(git tag --sort=-version:refname | grep -E '^v[0-9]+\.[0-9]+\.[0-9]+(-.*)?$' | head -n 1) From 0ba5a556ce333aab5494ba4ec740b0e3f2cb0cd4 Mon Sep 17 00:00:00 2001 From: MattBabbbage Date: Fri, 10 Oct 2025 10:15:40 +0100 Subject: [PATCH 2/4] Remove trigger from docker build pipeline --- .github/workflows/docker-publish.yml | 17 +---------------- .github/workflows/registry-releaser.yml | 23 ++++++++--------------- 2 files changed, 9 insertions(+), 31 deletions(-) diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 29b1d5eff..6505d8c04 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -127,19 +127,4 @@ jobs: # This step uses the identity token to provision an ephemeral certificate # against the sigstore community Fulcio instance. run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST} - - - name: Trigger registry publication - if: ${{ github.event_name != 'pull_request' && github.ref_type == 'tag' && startsWith(github.ref, 'refs/tags/v') }} - uses: actions/github-script@v7 - with: - script: | - await github.rest.repos.createDispatchEvent({ - owner: context.repo.owner, - repo: context.repo.repo, - event_type: 'docker-published', - client_payload: { - tag: context.ref.replace('refs/tags/', ''), - sha: context.sha, - image_digest: '${{ steps.build-and-push.outputs.digest }}' - } - }); + \ No newline at end of file diff --git a/.github/workflows/registry-releaser.yml b/.github/workflows/registry-releaser.yml index c03a48d2b..90e0650c1 100644 --- a/.github/workflows/registry-releaser.yml +++ b/.github/workflows/registry-releaser.yml @@ -1,8 +1,8 @@ name: Publish to MCP Registry on: - repository_dispatch: - types: [docker-published] # Triggered after Docker image is published + push: + tags: ["v*"] # Triggers on version tags like v1.0.0 workflow_dispatch: # Allow manual triggering jobs: @@ -23,9 +23,7 @@ jobs: - name: Fetch tags run: | - if [[ "${{ github.event_name }}" == "repository_dispatch" ]]; then - echo "Triggered by docker-published event for tag: ${{ github.event.client_payload.tag }}" - elif [[ "${{ github.ref_type }}" != "tag" ]]; then + if [[ "${{ github.ref_type }}" != "tag" ]]; then git fetch --tags else echo "Skipping tag fetch - already on tag ${{ github.ref_name }}" @@ -33,22 +31,20 @@ jobs: - name: Wait for Docker image run: | - if [[ "${{ github.event_name }}" == "repository_dispatch" ]]; then - TAG="${{ github.event.client_payload.tag }}" - elif [[ "${{ github.ref_type }}" == "tag" ]]; then + if [[ "${{ github.ref_type }}" == "tag" ]]; then TAG="${{ github.ref_name }}" else TAG=$(git tag --sort=-version:refname | grep -E '^v[0-9]+\.[0-9]+\.[0-9]+' | head -n1) fi IMAGE="ghcr.io/github/github-mcp-server:$TAG" - for i in {1..6}; do + for i in {1..10}; do if docker manifest inspect "$IMAGE" &>/dev/null; then echo "✅ Docker image ready: $TAG" break fi - [ $i -eq 6 ] && { echo "❌ Timeout waiting for $TAG after 3 minutes"; exit 1; } - echo "⏳ Waiting for Docker image ($i/6)..." + [ $i -eq 10 ] && { echo "❌ Timeout waiting for $TAG after 5 minutes"; exit 1; } + echo "⏳ Waiting for Docker image ($i/10)..." sleep 30 done @@ -60,10 +56,7 @@ jobs: - name: Update server.json version run: | - if [[ "${{ github.event_name }}" == "repository_dispatch" ]]; then - TAG_VERSION=$(echo "${{ github.event.client_payload.tag }}" | sed 's/^v//') - echo "Using tag from dispatch: ${{ github.event.client_payload.tag }}" - elif [[ "${{ github.ref_type }}" == "tag" ]]; then + if [[ "${{ github.ref_type }}" == "tag" ]]; then TAG_VERSION=$(echo "${{ github.ref_name }}" | sed 's/^v//') else LATEST_TAG=$(git tag --sort=-version:refname | grep -E '^v[0-9]+\.[0-9]+\.[0-9]+(-.*)?$' | head -n 1) From a25ea572b49f68e2f30694ef98db87e97f54c508 Mon Sep 17 00:00:00 2001 From: MattBabbbage Date: Fri, 10 Oct 2025 10:21:19 +0100 Subject: [PATCH 3/4] Remove whitespace and publish from version release --- .github/workflows/docker-publish.yml | 3 +-- .github/workflows/registry-releaser.yml | 13 ++++--------- 2 files changed, 5 insertions(+), 11 deletions(-) diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 333081edc..58d02930b 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -126,5 +126,4 @@ jobs: DIGEST: ${{ steps.build-and-push.outputs.digest }} # This step uses the identity token to provision an ephemeral certificate # against the sigstore community Fulcio instance. - run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST} - + run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST} \ No newline at end of file diff --git a/.github/workflows/registry-releaser.yml b/.github/workflows/registry-releaser.yml index ccb0760a3..90e0650c1 100644 --- a/.github/workflows/registry-releaser.yml +++ b/.github/workflows/registry-releaser.yml @@ -1,8 +1,8 @@ name: Publish to MCP Registry on: - repository_dispatch: - types: [docker-published] # Triggered after Docker image is published + push: + tags: ["v*"] # Triggers on version tags like v1.0.0 workflow_dispatch: # Allow manual triggering jobs: @@ -23,9 +23,7 @@ jobs: - name: Fetch tags run: | - if [[ "${{ github.event_name }}" == "repository_dispatch" ]]; then - echo "Triggered by docker-published event for tag: ${{ github.event.client_payload.tag }}" - elif [[ "${{ github.ref_type }}" != "tag" ]]; then + if [[ "${{ github.ref_type }}" != "tag" ]]; then git fetch --tags else echo "Skipping tag fetch - already on tag ${{ github.ref_name }}" @@ -58,10 +56,7 @@ jobs: - name: Update server.json version run: | - if [[ "${{ github.event_name }}" == "repository_dispatch" ]]; then - TAG_VERSION=$(echo "${{ github.event.client_payload.tag }}" | sed 's/^v//') - echo "Using tag from dispatch: ${{ github.event.client_payload.tag }}" - elif [[ "${{ github.ref_type }}" == "tag" ]]; then + if [[ "${{ github.ref_type }}" == "tag" ]]; then TAG_VERSION=$(echo "${{ github.ref_name }}" | sed 's/^v//') else LATEST_TAG=$(git tag --sort=-version:refname | grep -E '^v[0-9]+\.[0-9]+\.[0-9]+(-.*)?$' | head -n 1) From 1b4a49c3f1c17849632c650ccdabef5f8e7e573f Mon Sep 17 00:00:00 2001 From: MattBabbbage Date: Fri, 10 Oct 2025 10:34:37 +0100 Subject: [PATCH 4/4] Add whitespave for neater pr --- .github/workflows/docker-publish.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 58d02930b..6505d8c04 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -126,4 +126,5 @@ jobs: DIGEST: ${{ steps.build-and-push.outputs.digest }} # This step uses the identity token to provision an ephemeral certificate # against the sigstore community Fulcio instance. - run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST} \ No newline at end of file + run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST} + \ No newline at end of file