Skip to content

ci(mcp): auto-publish server.json to the MCP registry (+ Smithery)#399

Merged
rejifald merged 4 commits into
mainfrom
ci/mcp-registry-publish
Jul 1, 2026
Merged

ci(mcp): auto-publish server.json to the MCP registry (+ Smithery)#399
rejifald merged 4 commits into
mainfrom
ci/mcp-registry-publish

Conversation

@rejifald

@rejifald rejifald commented Jul 1, 2026

Copy link
Copy Markdown
Owner

What

Automates publishing the hosted docs MCP to the MCP registries.

  • server.json (repo root) — the registry manifest for dev.stitchapi/docs, a remote Streamable-HTTP server (tools search_docs + get_doc).
  • .github/workflows/publish-mcp.yml — on a server.json version bump merged to main (or a manual dispatch), publishes to the official MCP registry via domain auth, and to Smithery (idempotent upsert). The registry publish cascades to Glama + PulseMCP automatically, so those need no step.
  • docs/MCP-PUBLISHING.md — the one-time setup (key generation, the stitchapi.dev apex DNS-TXT record, the two secrets).

Behavior & safety

  • PRs touching server.json run mcp-publisher validate only — an invalid manifest is caught before merge; nothing is published. (This PR self-validates.)
  • The publish jobs never run on a PR and are green-and-inert until the secrets exist (MCP_PRIVATE_KEY for the registry, SMITHERY_API_KEY for Smithery). So merging this won't produce a red run or an accidental publish.
  • Each registry publish needs a unique version (the registry rejects duplicates); the workflow guards on that, and workflow_dispatch is the explicit "publish now" once your domain is verified.

To go live (one-time, yours — you said you can do the domain verification)

  1. Generate an Ed25519 key; add the public half as a TXT record on the apex stitchapi.devv=MCPv1; k=ed25519; p=… (apex, not a _mcp selector).
  2. Add MCP_PRIVATE_KEY (hex) as a repo secret.
  3. (optional) Mint a Smithery token → SMITHERY_API_KEY, confirm the -n owner/name.
  4. Run Actions → Publish MCP server → Run workflow.

Exact commands are in docs/MCP-PUBLISHING.md; the flow is verified against modelcontextprotocol/registry (mcp-publisher v1.7.9). Registry is officially in preview.

Merge is yours — publishing only starts once you add the secret + DNS record.

🤖 Generated with Claude Code

rejifald and others added 4 commits July 1, 2026 15:11
Adds server.json (dev.stitchapi/docs — remote Streamable-HTTP server, tools
search_docs + get_doc) at the repo root, plus a workflow that publishes it to
the official MCP registry via domain auth and to Smithery (idempotent upsert).
The registry publish cascades to Glama + PulseMCP automatically.

Safety: PRs run mcp-publisher validate only; the publish jobs never run on a PR
and stay green/inert until MCP_PRIVATE_KEY / SMITHERY_API_KEY are set, so merging
does not trigger an accidental publish or a red run. Each registry publish needs
a unique version; workflow_dispatch forces a publish. One-time domain setup is in
docs/MCP-PUBLISHING.md. Verified against modelcontextprotocol/registry (v1.7.9).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
System openssl on macOS is LibreSSL, which fails Ed25519 keygen with
'Algorithm Ed25519 not found'. Lead with openssl@3 via an arch-independent
`brew --prefix` path, and add an ECDSA P-384 no-install fallback.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
The MCP registry keygen in docs/MCP-PUBLISHING.md writes key.pem; ignoring
*.pem/*.key keeps a private key from being committed by accident. Keys live in
GitHub Actions secrets, not the repo.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@rejifald rejifald merged commit 9853a77 into main Jul 1, 2026
15 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant