GitHub Action
The mcpb-pack GitHub Action automates the entire publishing workflow.
Basic Usage
Section titled “Basic Usage”Add to .github/workflows/release.yml:
name: Releaseon: release: types: [published]
permissions: contents: write # Upload to releases id-token: write # OIDC authentication with registry
jobs: build: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: NimbleBrainInc/mcpb-pack@v2What It Does
Section titled “What It Does”When triggered by a GitHub release:
- Detects your server type from
manifest.json - Vendors all dependencies (pip/npm)
- Packages everything into a
.mcpbfile - Uploads the bundle to your GitHub release
- Announces to mpak.dev with OIDC authentication
Inputs
Section titled “Inputs”| Input | Default | Description |
|---|---|---|
directory | . | Directory containing manifest.json |
output | {name}-{version}.mcpb | Output filename |
python-version | 3.13 | Python version for vendoring |
build | true | Whether to build the bundle |
upload | true | Whether to upload to GitHub release |
announce | true | Whether to register with mpak.dev |
announce-url | https://registry.mpak.dev/v1/bundles/announce | Registry endpoint |
Outputs
Section titled “Outputs”| Output | Description |
|---|---|
bundle-path | Path to the generated .mcpb file |
bundle-size | Size in bytes |
bundle-sha256 | SHA256 hash |
announced | Whether registration succeeded |
Examples
Section titled “Examples”Build Only (No Publish)
Section titled “Build Only (No Publish)”For testing or private servers:
- uses: NimbleBrainInc/mcpb-pack@v2 with: upload: false announce: falseCustom Output Path
Section titled “Custom Output Path”- uses: NimbleBrainInc/mcpb-pack@v2 with: output: "my-server-{version}.mcpb"Subdirectory
Section titled “Subdirectory”If your manifest.json is in a subdirectory:
- uses: NimbleBrainInc/mcpb-pack@v2 with: directory: ./packages/my-serverManual Re-announce
Section titled “Manual Re-announce”To re-announce after a failed registration:
on: release: types: [published] workflow_dispatch: inputs: build: description: 'Build bundle' type: boolean default: true announce: description: 'Announce to registry' type: boolean default: true
jobs: build: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: NimbleBrainInc/mcpb-pack@v2 with: build: ${{ inputs.build }} announce: ${{ inputs.announce }}OIDC Authentication
Section titled “OIDC Authentication”The action uses GitHub OIDC tokens to authenticate with the registry.
This means:
- No API keys - Authentication is automatic
- Provenance - The registry knows exactly which repo published the bundle
- Scope enforcement - Your package scope must match your GitHub org/username
Required Permissions
Section titled “Required Permissions”permissions: contents: write # Upload to releases id-token: write # OIDC token for registrySupported Runtimes
Section titled “Supported Runtimes”| Runtime | Detection | Dependency Vendoring |
|---|---|---|
| Python | server.type: "python" | uv pip install --target deps/ |
| Node.js | server.type: "node" | npm install --omit=dev |
| Binary | server.type: "binary" | None (you build the binary) |
Next Steps
Section titled “Next Steps” Multi-Platform Builds Build for macOS, Linux, ARM, and x64