feat: add read-only query model tool #6
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish to PyPI | |
| # Trigger the workflow when: | |
| # 1. A version tag is pushed (e.g., v0.1.0, v1.2.3) | |
| # 2. Manually triggered from GitHub Actions UI | |
| on: | |
| push: | |
| tags: | |
| - v* | |
| workflow_dispatch: | |
| jobs: | |
| # Job 1: Build the package distributions (wheel and sdist) | |
| build: | |
| name: Build distribution | |
| runs-on: ubuntu-latest | |
| steps: | |
| # Check out the repository code | |
| - name: Check out repository | |
| uses: actions/checkout@v4 | |
| # Set up Python 3.12 (matches your project requirement) | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| # Install the modern Python build tool | |
| - name: Install build tool | |
| run: pip install build | |
| # Build both wheel (.whl) and source distribution (.tar.gz) | |
| # This is equivalent to npm's build step | |
| - name: Build package | |
| run: python -m build | |
| # Upload the built distributions as artifacts | |
| # Other jobs will download these artifacts to publish | |
| - name: Upload distributions | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: python-package-distributions | |
| path: dist/ | |
| # Job 2: Publish to TestPyPI (staging environment) | |
| # This is like publishing to a test registry - always runs to validate the package | |
| publish-to-testpypi: | |
| name: Publish to TestPyPI | |
| needs: [build] | |
| runs-on: ubuntu-latest | |
| # Required permission for OIDC (Trusted Publisher authentication) | |
| # This allows GitHub to prove its identity to PyPI without API tokens | |
| permissions: | |
| id-token: write | |
| steps: | |
| # Download the built distributions from the build job | |
| - name: Download distributions | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: python-package-distributions | |
| path: dist/ | |
| # Publish to TestPyPI using Trusted Publisher (OIDC) | |
| # No username/password needed - authentication happens via OIDC | |
| - name: Publish to TestPyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| repository-url: https://test.pypi.org/legacy/ | |
| # Job 3: Publish to production PyPI | |
| # Only runs when TestPyPI publish succeeds | |
| publish-to-pypi: | |
| name: Publish to PyPI | |
| needs: [publish-to-testpypi] | |
| runs-on: ubuntu-latest | |
| # Use a GitHub environment for additional protection | |
| # You can configure this environment in GitHub to require manual approval | |
| environment: | |
| name: pypi | |
| url: https://pypi.org/p/django-ai-boost | |
| # Required permission for OIDC (Trusted Publisher authentication) | |
| permissions: | |
| id-token: write | |
| steps: | |
| # Download the built distributions from the build job | |
| - name: Download distributions | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: python-package-distributions | |
| path: dist/ | |
| # Publish to production PyPI using Trusted Publisher (OIDC) | |
| # Automatically generates PEP 740 attestations (like npm provenance) | |
| - name: Publish to PyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| # Job 4: Publish to MCP Registry | |
| # Runs after successful PyPI publication | |
| # publish-to-mcp-registry: | |
| # name: Publish to MCP Registry | |
| # needs: [publish-to-pypi] | |
| # runs-on: ubuntu-latest | |
| # # Required permission for OIDC authentication with MCP Registry | |
| # permissions: | |
| # id-token: write | |
| # contents: read | |
| # steps: | |
| # # Check out the repository to access server.json | |
| # - name: Check out repository | |
| # uses: actions/checkout@v4 | |
| # # Extract version from git tag (removes 'v' prefix) | |
| # # e.g., v0.1.1 -> 0.1.1 | |
| # - name: Extract version from tag | |
| # id: version | |
| # run: | | |
| # VERSION=${GITHUB_REF#refs/tags/v} | |
| # echo "version=$VERSION" >> $GITHUB_OUTPUT | |
| # echo "Publishing version: $VERSION" | |
| # # Update server.json with the current version | |
| # # This ensures the MCP registry knows which PyPI version to use | |
| # - name: Update server.json version | |
| # run: | | |
| # VERSION="${{ steps.version.outputs.version }}" | |
| # # Update both top-level version and package version | |
| # sed -i "s/\"version\": \"[^\"]*\"/\"version\": \"$VERSION\"/g" server.json | |
| # echo "Updated server.json:" | |
| # cat server.json | |
| # # Install MCP Publisher CLI | |
| # # Downloads the latest release from GitHub | |
| # - name: Install MCP Publisher | |
| # run: | | |
| # curl -fsSL https://github.com/modelcontextprotocol/publisher/releases/latest/download/mcp-publisher-linux-amd64 -o mcp-publisher | |
| # chmod +x mcp-publisher | |
| # ./mcp-publisher --version | |
| # # Authenticate with GitHub using OIDC | |
| # # No secrets needed - uses GitHub's identity token | |
| # - name: Login to MCP Registry | |
| # run: ./mcp-publisher login github-oidc | |
| # # Publish the server to the MCP Registry | |
| # # This makes it discoverable at registry.modelcontextprotocol.io | |
| # - name: Publish to MCP Registry | |
| # run: ./mcp-publisher publish |