fix: use correct env var SMITHERY_API_KEY for Smithery CLI #92
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish Python Package | |
| on: | |
| push: | |
| branches: | |
| - main # Publish dev versions to TestPyPI on main commits | |
| tags: | |
| - 'v*.*.*' # Publish releases to PyPI on version tags | |
| workflow_dispatch: # Allow manual triggering | |
| permissions: | |
| contents: write # Required for creating releases | |
| id-token: write # Required for PyPI trusted publishing | |
| jobs: | |
| build: | |
| name: Build distribution | |
| runs-on: ubuntu-latest | |
| outputs: | |
| version: ${{ steps.version.outputs.version }} | |
| is_release: ${{ steps.version.outputs.is_release }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.11' | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v3 | |
| - name: Determine version | |
| id: version | |
| run: | | |
| if [[ "${{ github.ref }}" == refs/tags/* ]]; then | |
| # Release version from tag | |
| VERSION=${GITHUB_REF#refs/tags/v} | |
| echo "version=$VERSION" >> $GITHUB_OUTPUT | |
| echo "is_release=true" >> $GITHUB_OUTPUT | |
| echo "Building release version: $VERSION" | |
| else | |
| # Dev version from main commit | |
| BASE_VERSION=$(grep -E '^version = ' pyproject.toml | sed 's/version = "\(.*\)"/\1/') | |
| TIMESTAMP=$(date +%Y%m%d%H%M%S) | |
| SHORT_SHA=${GITHUB_SHA:0:7} | |
| # Use GitHub run number to ensure unique versions | |
| VERSION="${BASE_VERSION}.dev${TIMESTAMP}+${SHORT_SHA}.${GITHUB_RUN_NUMBER}" | |
| echo "version=$VERSION" >> $GITHUB_OUTPUT | |
| echo "is_release=false" >> $GITHUB_OUTPUT | |
| echo "Building dev version: $VERSION" | |
| fi | |
| - name: Update version in pyproject.toml | |
| run: | | |
| # Update version for build | |
| sed -i 's/version = ".*"/version = "${{ steps.version.outputs.version }}"/' pyproject.toml | |
| echo "Updated pyproject.toml version to: ${{ steps.version.outputs.version }}" | |
| grep "version =" pyproject.toml | |
| - name: Build package | |
| run: uv build | |
| - name: Store the distribution packages | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: python-package-distributions | |
| path: dist/ | |
| publish-to-testpypi: | |
| name: Publish to TestPyPI | |
| if: github.ref == 'refs/heads/main' # Only publish dev versions on main | |
| needs: | |
| - build | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: testpypi | |
| url: https://test.pypi.org/p/clio-kit | |
| permissions: | |
| id-token: write # IMPORTANT: mandatory for trusted publishing | |
| steps: | |
| - name: Download all the dists | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: python-package-distributions | |
| path: dist/ | |
| - name: Publish to TestPyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| continue-on-error: true # Don't fail the workflow if TestPyPI upload fails | |
| with: | |
| repository-url: https://test.pypi.org/legacy/ | |
| skip-existing: true | |
| verbose: true | |
| attestations: false # Disable attestations for TestPyPI to avoid issues | |
| publish-to-pypi: | |
| name: Publish to PyPI | |
| if: startsWith(github.ref, 'refs/tags/') # Only publish on tag pushes | |
| needs: | |
| - build | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: pypi | |
| url: https://pypi.org/p/clio-kit | |
| permissions: | |
| id-token: write # IMPORTANT: mandatory for trusted publishing | |
| steps: | |
| - name: Download all the dists | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: python-package-distributions | |
| path: dist/ | |
| - name: Publish to PyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| skip-existing: true | |
| verbose: true | |
| github-release: | |
| name: Create GitHub Release | |
| needs: | |
| - publish-to-pypi | |
| runs-on: ubuntu-latest | |
| if: startsWith(github.ref, 'refs/tags/') | |
| permissions: | |
| contents: write # IMPORTANT: mandatory for creating releases | |
| steps: | |
| - name: Download all the dists | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: python-package-distributions | |
| path: dist/ | |
| - name: Create GitHub Release | |
| env: | |
| GITHUB_TOKEN: ${{ github.token }} | |
| run: >- | |
| gh release create | |
| '${{ github.ref_name }}' | |
| --repo '${{ github.repository }}' | |
| --notes "Release ${{ github.ref_name }} of CLIO Kit" | |
| - name: Upload artifacts to GitHub Release | |
| env: | |
| GITHUB_TOKEN: ${{ github.token }} | |
| run: >- | |
| gh release upload | |
| '${{ github.ref_name }}' | |
| dist/** | |
| --repo '${{ github.repository }}' | |
| publish-to-mcp-registry: | |
| name: Publish to MCP Registry | |
| needs: | |
| - publish-to-pypi | |
| runs-on: ubuntu-latest | |
| if: startsWith(github.ref, 'refs/tags/') | |
| permissions: | |
| id-token: write # GitHub OIDC for registry authentication | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install mcp-publisher | |
| run: | | |
| curl -L "https://github.com/modelcontextprotocol/registry/releases/latest/download/mcp-publisher_$(uname -s | tr '[:upper:]' '[:lower:]')_$(uname -m | sed 's/x86_64/amd64/;s/aarch64/arm64/').tar.gz" | tar xz mcp-publisher | |
| ./mcp-publisher --version | |
| - name: Authenticate with GitHub OIDC | |
| run: ./mcp-publisher login github-oidc | |
| - name: Publish each server to MCP registry | |
| run: | | |
| FAILURES=0 | |
| for server_dir in clio-kit-mcp-servers/*/; do | |
| if [ ! -f "$server_dir/server.json" ]; then continue; fi | |
| server_name=$(basename "$server_dir") | |
| echo "Publishing $server_name to MCP registry..." | |
| if (cd "$server_dir" && ../../mcp-publisher publish); then | |
| echo "Published $server_name" | |
| else | |
| echo "::error::Failed to publish $server_name to MCP registry" | |
| FAILURES=$((FAILURES + 1)) | |
| fi | |
| done | |
| if [ $FAILURES -gt 0 ]; then | |
| echo "::error::$FAILURES server(s) failed to publish to MCP registry" | |
| exit 1 | |
| fi | |
| publish-to-smithery: | |
| name: Publish to Smithery | |
| needs: | |
| - publish-to-pypi | |
| runs-on: ubuntu-latest | |
| if: startsWith(github.ref, 'refs/tags/') | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20' | |
| - name: Install Smithery CLI | |
| run: npm install -g @smithery/cli | |
| - name: Verify Smithery token is set | |
| run: | | |
| if [ -z "${{ secrets.SMITHERY_TOKEN }}" ]; then | |
| echo "::error::SMITHERY_TOKEN secret is not set. Add it at https://github.com/iowarp/clio-kit/settings/secrets/actions" | |
| exit 1 | |
| fi | |
| - name: Publish each server to Smithery | |
| env: | |
| SMITHERY_API_KEY: ${{ secrets.SMITHERY_TOKEN }} | |
| run: | | |
| FAILURES=0 | |
| for server_dir in clio-kit-mcp-servers/*/; do | |
| if [ ! -f "$server_dir/server.json" ]; then continue; fi | |
| server_name=$(basename "$server_dir") | |
| echo "Publishing $server_name to Smithery..." | |
| if smithery mcp publish "https://github.com/${{ github.repository }}" \ | |
| -n "iowarp/${server_name}-mcp"; then | |
| echo "Published $server_name to Smithery" | |
| else | |
| echo "::error::Failed to publish $server_name to Smithery" | |
| FAILURES=$((FAILURES + 1)) | |
| fi | |
| done | |
| if [ $FAILURES -gt 0 ]; then | |
| echo "::error::$FAILURES server(s) failed to publish to Smithery" | |
| exit 1 | |
| fi |