my-pal-mcp-server/.github/workflows/build_and_publish_docker.yml

name: Build and Publish Docker Image to GHCR

on:
  push:
    tags: [ 'v*' ]
  repository_dispatch:
    types: [docker-build]

env:
  REGISTRY: ghcr.io
  IMAGE_NAME: ${{ github.repository }}

jobs:
  build-and-push:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write
      id-token: write

    steps:
    - name: Checkout repository
      uses: actions/checkout@v4

    - name: Set up Docker Buildx
      uses: docker/setup-buildx-action@v3

    - name: Log in to GitHub Container Registry
      uses: docker/login-action@v3
      with:
        registry: ${{ env.REGISTRY }}
        username: ${{ github.actor }}
        password: ${{ secrets.GITHUB_TOKEN }}

    - name: Extract metadata (tags, labels) for Docker
      id: meta
      uses: docker/metadata-action@v5
      with:
        images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
        tags: |
          type=ref,event=tag
          type=raw,value=latest,enable={{is_default_branch}}
          type=sha,prefix=main-,enable=${{ github.event_name == 'repository_dispatch' }}
          type=raw,value=pr-${{ github.event.client_payload.pr_number }},enable=${{ github.event_name == 'repository_dispatch' && github.event.client_payload.pr_number != '' }}

    - name: Build and push Docker image
      id: build
      uses: docker/build-push-action@v5
      with:
        context: .
        push: true
        tags: ${{ steps.meta.outputs.tags }}
        labels: ${{ steps.meta.outputs.labels }}
        cache-from: type=gha
        cache-to: type=gha,mode=max

    - name: Generate artifact attestation
      uses: actions/attest-build-provenance@v1
      with:
        subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
        subject-digest: ${{ steps.build.outputs.digest }}
        push-to-registry: true

    - name: Generate usage instructions
      run: |
        echo "## 🐳 Docker Image Published Successfully!" >> $GITHUB_STEP_SUMMARY
        echo "" >> $GITHUB_STEP_SUMMARY
        echo "**Image Registry:** GitHub Container Registry (GHCR)" >> $GITHUB_STEP_SUMMARY
        echo "**Built Tags:** ${{ steps.meta.outputs.tags }}" >> $GITHUB_STEP_SUMMARY
        echo "" >> $GITHUB_STEP_SUMMARY
        
        # Extract the first tag for the main pull command
        MAIN_TAG=$(echo "${{ steps.meta.outputs.tags }}" | head -n1)
        
        echo "### 📥 Pull the Image" >> $GITHUB_STEP_SUMMARY
        echo "\`\`\`bash" >> $GITHUB_STEP_SUMMARY
        echo "docker pull $MAIN_TAG" >> $GITHUB_STEP_SUMMARY
        echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
        echo "" >> $GITHUB_STEP_SUMMARY
        
        echo "### ⚙️ Claude Desktop Configuration" >> $GITHUB_STEP_SUMMARY
        echo "\`\`\`json" >> $GITHUB_STEP_SUMMARY
        echo "{" >> $GITHUB_STEP_SUMMARY
        echo "  \"mcpServers\": {" >> $GITHUB_STEP_SUMMARY
        echo "    \"gemini\": {" >> $GITHUB_STEP_SUMMARY
        echo "      \"command\": \"docker\"," >> $GITHUB_STEP_SUMMARY
        echo "      \"args\": [" >> $GITHUB_STEP_SUMMARY
        echo "        \"run\", \"--rm\", \"-i\"," >> $GITHUB_STEP_SUMMARY
        echo "        \"-e\", \"GEMINI_API_KEY\"," >> $GITHUB_STEP_SUMMARY
        echo "        \"$MAIN_TAG\"" >> $GITHUB_STEP_SUMMARY
        echo "      ]," >> $GITHUB_STEP_SUMMARY
        echo "      \"env\": {" >> $GITHUB_STEP_SUMMARY
        echo "        \"GEMINI_API_KEY\": \"your-gemini-api-key-here\"" >> $GITHUB_STEP_SUMMARY
        echo "      }" >> $GITHUB_STEP_SUMMARY
        echo "    }" >> $GITHUB_STEP_SUMMARY
        echo "  }" >> $GITHUB_STEP_SUMMARY
        echo "}" >> $GITHUB_STEP_SUMMARY
        echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
        echo "" >> $GITHUB_STEP_SUMMARY
        
        echo "### 🏷️ All Available Tags" >> $GITHUB_STEP_SUMMARY
        echo "Built and pushed the following tags:" >> $GITHUB_STEP_SUMMARY
        echo "${{ steps.meta.outputs.tags }}" | sed 's/^/- `/' | sed 's/$/`/' >> $GITHUB_STEP_SUMMARY
        echo "" >> $GITHUB_STEP_SUMMARY
        
        if [[ "${{ github.event_name }}" == "repository_dispatch" ]]; then
          echo "**Note:** This is a development build triggered by PR #${{ github.event.client_payload.pr_number }}" >> $GITHUB_STEP_SUMMARY
          echo "Use this image for testing the changes from that PR." >> $GITHUB_STEP_SUMMARY
        elif [[ "${{ github.ref_type }}" == "tag" ]]; then
          echo "**Note:** This is a release build from tag ${{ github.ref_name }}" >> $GITHUB_STEP_SUMMARY
          echo "This image represents a stable release version." >> $GITHUB_STEP_SUMMARY
        fi
        
        echo "" >> $GITHUB_STEP_SUMMARY
        echo "### 📦 View in GitHub Container Registry" >> $GITHUB_STEP_SUMMARY
        echo "[View all versions and tags →](https://github.com/${{ github.repository }}/pkgs/container/gemini-mcp-server)" >> $GITHUB_STEP_SUMMARY