From 61a58ef40895474d4dbdd4df3ae63dede8b0abe5 Mon Sep 17 00:00:00 2001
From: aniongithub <ani@anionline.me>
Date: Sat, 6 Jun 2026 00:06:01 -0700
Subject: [PATCH] Add MCP Registry publishing on release

- Create server.json with MCPB package entries for all 4 platforms
- Add publish-mcp-registry job to release workflow (OIDC auth)
- Move permissions from workflow-level to per-job
- Downloads release artifacts, computes SHA-256, patches server.json
- Uses platform-matching jq selects for robust patching
---
 .github/workflows/release.yml | 55 +++++++++++++++++++++++++++++++++--
 server.json                   | 37 +++++++++++++++++++++++
 2 files changed, 89 insertions(+), 3 deletions(-)
 create mode 100644 server.json

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index a4eea12..461d9f2 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -4,13 +4,12 @@ on:
   release:
     types: [created]
 
-permissions:
-  contents: write
-
 jobs:
   build:
     name: Build release binaries
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
     steps:
       - uses: actions/checkout@v5
 
@@ -49,6 +48,8 @@ jobs:
   build-macos:
     name: Build ${{ matrix.artifact }}
     runs-on: macos-latest
+    permissions:
+      contents: write
     strategy:
       matrix:
         include:
@@ -80,6 +81,8 @@ jobs:
   upload-install-script:
     name: Upload install scripts
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
     steps:
       - uses: actions/checkout@v5
       - name: Upload install.sh and install.ps1
@@ -88,3 +91,49 @@ jobs:
           files: |
             install.sh
             install.ps1
+
+  publish-mcp-registry:
+    name: Publish to MCP Registry
+    runs-on: ubuntu-latest
+    needs: [build, build-macos]
+    permissions:
+      id-token: write
+      contents: read
+    steps:
+      - uses: actions/checkout@v5
+
+      - name: Install mcp-publisher
+        run: |
+          curl -fsSL "https://github.com/modelcontextprotocol/registry/releases/latest/download/mcp-publisher_linux_amd64.tar.gz" \
+            | tar xz mcp-publisher
+
+      - name: Authenticate to MCP Registry (OIDC)
+        run: ./mcp-publisher login github-oidc
+
+      - name: Patch server.json with version, URLs, and SHA-256 hashes
+        env:
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          set -euo pipefail
+
+          TAG="${{ github.event.release.tag_name }}"
+          VERSION="${TAG#v}"
+          BASE="https://github.com/aniongithub/devcontainer-mcp/releases/download/${TAG}"
+
+          # Set top-level version
+          jq --arg v "$VERSION" '.version = $v' server.json > server.tmp && mv server.tmp server.json
+
+          # Download each platform artifact, compute SHA-256, patch identifier + hash
+          PLATFORMS=("linux-x64" "linux-arm64" "darwin-x64" "darwin-arm64")
+          for platform in "${PLATFORMS[@]}"; do
+            FILE="devcontainer-mcp-${platform}.tar.gz"
+            curl -fsSL --retry 5 --retry-delay 3 -o "$FILE" "${BASE}/${FILE}"
+            SHA="$(sha256sum "$FILE" | awk '{print $1}')"
+            URL="${BASE}/${FILE}"
+            jq --arg platform "$platform" --arg url "$URL" --arg sha "$SHA" \
+              '(.packages[] | select(.identifier | contains($platform))) |= (.identifier = $url | .fileSha256 = $sha)' \
+              server.json > server.tmp && mv server.tmp server.json
+          done
+
+      - name: Publish to MCP Registry
+        run: ./mcp-publisher publish
diff --git a/server.json b/server.json
new file mode 100644
index 0000000..6b09a4a
--- /dev/null
+++ b/server.json
@@ -0,0 +1,37 @@
+{
+  "$schema": "https://static.modelcontextprotocol.io/schemas/2025-12-11/server.schema.json",
+  "name": "io.github.aniongithub/devcontainer-mcp",
+  "title": "devcontainer-mcp",
+  "description": "MCP server that lets AI agents create, manage, and work inside dev containers across Docker, DevPod, and GitHub Codespaces.",
+  "repository": {
+    "url": "https://github.com/aniongithub/devcontainer-mcp",
+    "source": "github"
+  },
+  "version": "0.0.0",
+  "packages": [
+    {
+      "registryType": "mcpb",
+      "identifier": "https://github.com/aniongithub/devcontainer-mcp/releases/download/v0.0.0/devcontainer-mcp-linux-x64.tar.gz",
+      "fileSha256": "PLACEHOLDER",
+      "transport": { "type": "stdio" }
+    },
+    {
+      "registryType": "mcpb",
+      "identifier": "https://github.com/aniongithub/devcontainer-mcp/releases/download/v0.0.0/devcontainer-mcp-linux-arm64.tar.gz",
+      "fileSha256": "PLACEHOLDER",
+      "transport": { "type": "stdio" }
+    },
+    {
+      "registryType": "mcpb",
+      "identifier": "https://github.com/aniongithub/devcontainer-mcp/releases/download/v0.0.0/devcontainer-mcp-darwin-x64.tar.gz",
+      "fileSha256": "PLACEHOLDER",
+      "transport": { "type": "stdio" }
+    },
+    {
+      "registryType": "mcpb",
+      "identifier": "https://github.com/aniongithub/devcontainer-mcp/releases/download/v0.0.0/devcontainer-mcp-darwin-arm64.tar.gz",
+      "fileSha256": "PLACEHOLDER",
+      "transport": { "type": "stdio" }
+    }
+  ]
+}