Polymarket MCP Server

name: Build and Publish Docker Image on: push: branches: - main - develop tags: - 'v*.*.*' pull_request: branches: - main release: types: [published] env: REGISTRY: docker.io IMAGE_NAME: ${{ github.repository }} jobs: build-and-push: runs-on: ubuntu-latest permissions: contents: read packages: write steps: - name: Checkout repository uses: actions/checkout@v4 - name: Set up QEMU uses: docker/setup-qemu-action@v3 with: platforms: linux/amd64,linux/arm64 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Log in to Docker Hub if: github.event_name != 'pull_request' uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: Extract metadata id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | type=ref,event=branch type=ref,event=pr type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} type=semver,pattern={{major}} type=sha,prefix={{branch}}- type=raw,value=latest,enable={{is_default_branch}} - name: Build and push Docker image uses: docker/build-push-action@v5 with: context: . file: ./Dockerfile platforms: linux/amd64,linux/arm64 push: ${{ github.event_name != 'pull_request' }} tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache,mode=max build-args: | VERSION=${{ steps.meta.outputs.version }} BUILD_DATE=${{ github.event.repository.updated_at }} VCS_REF=${{ github.sha }} - name: Scan image for vulnerabilities if: github.event_name != 'pull_request' uses: aquasecurity/trivy-action@master with: image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.version }} format: 'sarif' output: 'trivy-results.sarif' severity: 'CRITICAL,HIGH' - name: Upload Trivy scan results if: github.event_name != 'pull_request' uses: github/codeql-action/upload-sarif@v3 with: sarif_file: 'trivy-results.sarif' - name: Test Docker image if: github.event_name != 'pull_request' run: | docker run --rm \ -e POLYGON_PRIVATE_KEY=test \ -e POLYGON_ADDRESS=0x0000000000000000000000000000000000000000 \ -e DEMO_MODE=true \ ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.version }} \ python -c "from polymarket_mcp.config import load_config; print('Config loaded successfully')" - name: Generate SBOM if: github.event_name != 'pull_request' uses: anchore/sbom-action@v0 with: image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.version }} format: spdx-json output-file: sbom.spdx.json - name: Publish SBOM as artifact if: github.event_name != 'pull_request' uses: actions/upload-artifact@v4 with: name: sbom path: sbom.spdx.json update-docker-hub-description: needs: build-and-push runs-on: ubuntu-latest if: github.event_name == 'release' steps: - name: Checkout repository uses: actions/checkout@v4 - name: Update Docker Hub description uses: peter-evans/dockerhub-description@v4 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: ${{ env.IMAGE_NAME }} short-description: ${{ github.event.repository.description }} readme-filepath: ./DOCKER.md