Skip to content
Publish

ci: add version-already-published check to prevent npm 403 #6

Sign in to view logs

ci: add version-already-published check to prevent npm 403

ci: add version-already-published check to prevent npm 403 #6

Workflow file for this run

.github/workflows/publish.yml at dd5a47a
name: Publish
on:
push:
tags:
- "v*"
jobs:
publish:
runs-on: ubuntu-latest
permissions:
id-token: write # MCP Registry OIDC auth
contents: write # Create GitHub Release
steps:
- name: Checkout
uses: actions/checkout@v5
- name: Setup Node.js
uses: actions/setup-node@v5
with:
node-version: "lts/*"
registry-url: "https://registry.npmjs.org"
- name: Install dependencies
run: |
if [ -f package-lock.json ]; then
npm ci --ignore-scripts
else
npm install --ignore-scripts
fi
- name: Build (if applicable)
run: npm run build --if-present
- name: Check if version already published
id: check
run: |
PKG_NAME=$(node -p "require('./package.json').name")
PKG_VER=$(node -p "require('./package.json').version")
PUBLISHED=$(npm view "$PKG_NAME@$PKG_VER" version 2>/dev/null || echo "")
if [ "$PUBLISHED" = "$PKG_VER" ]; then
echo "skip=true" >> $GITHUB_OUTPUT
else
echo "skip=false" >> $GITHUB_OUTPUT
fi
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Publish to npm
if: steps.check.outputs.skip != 'true'
run: npm publish --access public
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Create GitHub Release
uses: softprops/action-gh-release@v2
with:
generate_release_notes: true
- name: Install mcp-publisher
run: |
curl -L "https://github.com/modelcontextprotocol/registry/releases/latest/download/mcp-publisher_$(uname -s | tr '[:upper:]' '[:lower:]')_$(uname -m | sed 's/x86_64/amd64/;s/aarch64/arm64/').tar.gz" | tar xz mcp-publisher
- name: Authenticate to MCP Registry (OIDC)
run: ./mcp-publisher login github-oidc
- name: Publish to MCP Registry
run: ./mcp-publisher publish