feat: initialize MCP server development project #1

Workflow file for this run

	name: Deploy MCP Web Interface

	on:
	push:
	branches: [main]
	tags: ['v*']
	pull_request:
	branches: [main]

	env:
	NODE_VERSION: '18'
	REGISTRY: ghcr.io
	IMAGE_NAME: ${{ github.repository }}

	jobs:
	test:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4

	- name: Setup Node.js
	uses: actions/setup-node@v4
	with:
	node-version: ${{ env.NODE_VERSION }}
	cache: 'npm'
	cache-dependency-path: web/package-lock.json

	- name: Install dependencies
	run: \|
	cd web
	npm ci

	- name: Run type check
	run: \|
	cd web
	npm run type-check

	- name: Run linting
	run: \|
	cd web
	npm run lint

	- name: Run tests
	run: \|
	cd web
	npm run test:all

	build:
	needs: test
	runs-on: ubuntu-latest
	outputs:
	image: ${{ steps.image.outputs.image }}
	digest: ${{ steps.build.outputs.digest }}
	steps:
	- uses: actions/checkout@v4

	- name: Setup Node.js
	uses: actions/setup-node@v4
	with:
	node-version: ${{ env.NODE_VERSION }}
	cache: 'npm'
	cache-dependency-path: web/package-lock.json

	- name: Install dependencies
	run: \|
	cd web
	npm ci

	- name: Build application
	run: \|
	cd web
	npm run build:production
	env:
	NODE_ENV: production

	- name: Upload build artifacts
	uses: actions/upload-artifact@v4
	with:
	name: build-files
	path: web/dist/
	retention-days: 7

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Log in to Container Registry
	uses: docker/login-action@v3
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Extract metadata
	id: meta
	uses: docker/metadata-action@v5
	with:
	images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
	tags: \|
	type=ref,event=branch
	type=ref,event=pr
	type=semver,pattern={{version}}
	type=semver,pattern={{major}}.{{minor}}
	type=sha

	- name: Build and push Docker image
	id: build
	uses: docker/build-push-action@v5
	with:
	context: ./web
	push: true
	tags: ${{ steps.meta.outputs.tags }}
	labels: ${{ steps.meta.outputs.labels }}
	cache-from: type=gha
	cache-to: type=gha,mode=max
	platforms: linux/amd64,linux/arm64

	- name: Output image
	id: image
	run: \|
	echo "image=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.version }}" >> $GITHUB_OUTPUT

	deploy-vercel:
	needs: build
	runs-on: ubuntu-latest
	if: github.ref == 'refs/heads/main'
	steps:
	- uses: actions/checkout@v4

	- name: Download build artifacts
	uses: actions/download-artifact@v4
	with:
	name: build-files
	path: web/dist/

	- name: Deploy to Vercel
	uses: amondnet/vercel-action@v25
	with:
	vercel-token: ${{ secrets.VERCEL_TOKEN }}
	vercel-org-id: ${{ secrets.VERCEL_ORG_ID }}
	vercel-project-id: ${{ secrets.VERCEL_PROJECT_ID }}
	working-directory: ./web
	vercel-args: '--prod'

	deploy-netlify:
	needs: build
	runs-on: ubuntu-latest
	if: github.ref == 'refs/heads/main'
	steps:
	- uses: actions/checkout@v4

	- name: Download build artifacts
	uses: actions/download-artifact@v4
	with:
	name: build-files
	path: web/dist/

	- name: Deploy to Netlify
	uses: nwtgck/[email protected]
	with:
	publish-dir: './web/dist'
	production-branch: main
	github-token: ${{ secrets.GITHUB_TOKEN }}
	deploy-message: "Deploy from GitHub Actions"
	enable-pull-request-comment: false
	enable-commit-comment: true
	overwrites-pull-request-comment: true
	env:
	NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }}
	NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }}

	deploy-aws:
	needs: build
	runs-on: ubuntu-latest
	if: github.ref == 'refs/heads/main'
	steps:
	- uses: actions/checkout@v4

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: us-east-1

	- name: Download build artifacts
	uses: actions/download-artifact@v4
	with:
	name: build-files
	path: web/dist/

	- name: Deploy to S3
	run: \|
	aws s3 sync web/dist/ s3://${{ secrets.AWS_S3_BUCKET }} --delete

	- name: Invalidate CloudFront
	run: \|
	aws cloudfront create-invalidation --distribution-id ${{ secrets.AWS_CLOUDFRONT_DISTRIBUTION_ID }} --paths "/*"

	deploy-docker:
	needs: build
	runs-on: ubuntu-latest
	if: github.ref == 'refs/heads/main'
	steps:
	- name: Deploy to production server
	uses: appleboy/[email protected]
	with:
	host: ${{ secrets.PRODUCTION_HOST }}
	username: ${{ secrets.PRODUCTION_USER }}
	key: ${{ secrets.PRODUCTION_SSH_KEY }}
	script: \|
	docker pull ${{ needs.build.outputs.image }}
	docker stop mcp-web-interface \|\| true
	docker rm mcp-web-interface \|\| true
	docker run -d \
	--name mcp-web-interface \
	--restart unless-stopped \
	-p 3000:3000 \
	-e NODE_ENV=production \
	${{ needs.build.outputs.image }}

	security-scan:
	needs: build
	runs-on: ubuntu-latest
	steps:
	- name: Run Trivy vulnerability scanner
	uses: aquasecurity/trivy-action@master
	with:
	image-ref: ${{ needs.build.outputs.image }}
	format: 'sarif'
	output: 'trivy-results.sarif'

	- name: Upload Trivy scan results to GitHub Security tab
	uses: github/codeql-action/upload-sarif@v3
	with:
	sarif_file: 'trivy-results.sarif'

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

feat: initialize MCP server development project #1

Workflow file

feat: initialize MCP server development project #1

Uh oh!

Jobs

Run details

Workflow file for this run