NIST CSF 2.0 Assessment Platform

Overview Schema Related Servers Score Discussions

docker-publish.yml•11 kB

name: Build and Publish Docker Images on: push: branches: [ main, develop ] tags: [ 'v*' ] pull_request: branches: [ main ] release: types: [published] env: REGISTRY: ghcr.io IMAGE_NAME: ${{ github.repository }} jobs: build-and-test: runs-on: ubuntu-latest permissions: contents: read issues: write steps: - name: Checkout repository uses: actions/checkout@v4 - name: Set up Node.js uses: actions/setup-node@v4 with: node-version: '20' cache: 'npm' - name: Install dependencies run: npm ci - name: Run tests run: npm test - name: Run security audit run: npm audit --audit-level high - name: Notify on build failure if: failure() continue-on-error: true uses: actions/github-script@v7 with: script: | const workflow = '${{ github.workflow }}'; const repo = '${{ github.repository }}'; const sha = '${{ github.sha }}'; const runId = '${{ github.run_id }}'; const actor = '${{ github.actor }}'; const branch = '${{ github.ref_name }}'; const title = `❌ Build Failed: ${workflow}`; const body = ` **Repository:** ${repo} **Branch:** ${branch} **Commit:** ${sha.substring(0, 7)} **Actor:** ${actor} **Workflow:** ${workflow} **Run ID:** ${runId} **Actions Link:** https://github.com/${repo}/actions/runs/${runId} The build has failed. Please check the logs and fix the issues. `; // Create an issue to notify about the failure await github.rest.issues.create({ owner: context.repo.owner, repo: context.repo.repo, title: title, body: body, labels: ['ci/cd', 'build-failure', 'bug'] }); - name: Notify on build success if: success() continue-on-error: true uses: actions/github-script@v7 with: script: | const workflow = '${{ github.workflow }}'; const repo = '${{ github.repository }}'; const sha = '${{ github.sha }}'; const runId = '${{ github.run_id }}'; const actor = '${{ github.actor }}'; const branch = '${{ github.ref_name }}'; const title = `✅ Build Successful: ${workflow}`; const body = ` **Repository:** ${repo} **Branch:** ${branch} **Commit:** ${sha.substring(0, 7)} **Actor:** ${actor} **Workflow:** ${workflow} **Run ID:** ${runId} **Actions Link:** https://github.com/${repo}/actions/runs/${runId} The build and test process completed successfully. All tests passed and code quality checks were successful. `; // Create an issue to notify about the success await github.rest.issues.create({ owner: context.repo.owner, repo: context.repo.repo, title: title, body: body, labels: ['ci/cd', 'build-success'] }); build-and-push: needs: build-and-test runs-on: ubuntu-latest permissions: contents: read packages: write issues: write steps: - name: Checkout repository uses: actions/checkout@v4 - name: Log in to Container Registry uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Log in to Docker Hub if: github.event_name != 'pull_request' uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Extract metadata id: meta uses: docker/metadata-action@v5 with: images: | ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} ${{ secrets.DOCKERHUB_USERNAME }}/nist-csf-mcp-server tags: | type=ref,event=branch type=ref,event=pr type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} type=semver,pattern={{major}} type=raw,value=latest,enable={{is_default_branch}} - name: Set up QEMU for multi-platform builds uses: docker/setup-qemu-action@v3 - name: Build and push Docker images uses: docker/build-push-action@v5 with: context: . # Use amd64-only for branch pushes and PRs to avoid QEMU arm64 emulation issues # Full multi-platform only for release tags (v*) which have more time/resources platforms: ${{ startsWith(github.ref, 'refs/tags/v') && 'linux/amd64,linux/arm64' || 'linux/amd64' }} push: ${{ github.event_name != 'pull_request' }} tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} cache-from: type=gha cache-to: type=gha,mode=max build-args: | BUILDTIME=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} VERSION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }} - name: Test Docker image if: github.event_name != 'pull_request' run: | echo "Testing Docker image startup and framework loading..." echo '{"jsonrpc":"2.0","method":"tools/list","params":{},"id":1}' | timeout 30s docker run -i --rm ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest node dist/index.js 2>/dev/null | grep -q '"tools"' && echo "✅ Published image MCP test passed" || echo "❌ Published image test failed" echo "✅ Docker image test completed - MCP server starts successfully" - name: Notify on Docker build and push success if: success() && github.event_name != 'pull_request' continue-on-error: true uses: actions/github-script@v7 with: script: | const workflow = '${{ github.workflow }}'; const repo = '${{ github.repository }}'; const sha = '${{ github.sha }}'; const runId = '${{ github.run_id }}'; const actor = '${{ github.actor }}'; const branch = '${{ github.ref_name }}'; const title = `📦 Docker Images Published: ${workflow}`; const body = ` **Repository:** ${repo} **Branch:** ${branch} **Commit:** ${sha.substring(0, 7)} **Actor:** ${actor} **Workflow:** ${workflow} **Run ID:** ${runId} **Actions Link:** https://github.com/${repo}/actions/runs/${runId} Docker images have been successfully built, tested, and published to container registries. **Published Images:** - \`ghcr.io/${repo.toLowerCase()}:latest\` - \`ghcr.io/${repo.toLowerCase()}:${sha.substring(0, 7)}\` - \`dockerhub/nist-csf-mcp-server:latest\` (if configured) **Supported Architectures:** linux/amd64, linux/arm64 `; // Create an issue to notify about the success await github.rest.issues.create({ owner: context.repo.owner, repo: context.repo.repo, title: title, body: body, labels: ['ci/cd', 'docker-publish-success', 'deployment'] }); security-scan: needs: build-and-push runs-on: ubuntu-latest if: github.event_name != 'pull_request' permissions: contents: read issues: write security-events: write steps: - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@master with: image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest format: sarif output: trivy-results.sarif - name: Upload Trivy scan results uses: github/codeql-action/upload-sarif@v2 with: sarif_file: trivy-results.sarif - name: Notify on Docker build failure if: failure() continue-on-error: true uses: actions/github-script@v7 with: script: | const workflow = '${{ github.workflow }}'; const repo = '${{ github.repository }}'; const sha = '${{ github.sha }}'; const runId = '${{ github.run_id }}'; const actor = '${{ github.actor }}'; const branch = '${{ github.ref_name }}'; const title = `❌ Docker Build Failed: ${workflow}`; const body = ` **Repository:** ${repo} **Branch:** ${branch} **Commit:** ${sha.substring(0, 7)} **Actor:** ${actor} **Workflow:** ${workflow} **Run ID:** ${runId} **Actions Link:** https://github.com/${repo}/actions/runs/${runId} The Docker build and publish process has failed. Please check the logs and fix the issues. `; // Create an issue to notify about the failure await github.rest.issues.create({ owner: context.repo.owner, repo: context.repo.repo, title: title, body: body, labels: ['ci/cd', 'docker-failure', 'bug'] }); - name: Notify on Docker build success if: success() continue-on-error: true uses: actions/github-script@v7 with: script: | const workflow = '${{ github.workflow }}'; const repo = '${{ github.repository }}'; const sha = '${{ github.sha }}'; const runId = '${{ github.run_id }}'; const actor = '${{ github.actor }}'; const branch = '${{ github.ref_name }}'; const title = `🐳 Docker Build Successful: ${workflow}`; const body = ` **Repository:** ${repo} **Branch:** ${branch} **Commit:** ${sha.substring(0, 7)} **Actor:** ${actor} **Workflow:** ${workflow} **Run ID:** ${runId} **Actions Link:** https://github.com/${repo}/actions/runs/${runId} The Docker build, push, and security scan completed successfully. Images are available in the container registry and have passed security validation. **Container Images:** - \`ghcr.io/${repo.toLowerCase()}:latest\` - \`ghcr.io/${repo.toLowerCase()}:${sha.substring(0, 7)}\` `; // Create an issue to notify about the success await github.rest.issues.create({ owner: context.repo.owner, repo: context.repo.repo, title: title, body: body, labels: ['ci/cd', 'docker-success', 'deployment'] });

Loading blob content...

Latest Blog Posts

What Is Context Bloat in MCP?
By Om-Shree-0709 on December 16, 2025.
mcp
Context Bloat
MCP Moves to the Linux Foundation: Neutral Stewardship for Agentic Infrastructure
By Om-Shree-0709 on December 15, 2025.
mcp
anthropic
Linux Foundation
Code Execution with MCP: Architecting Agentic Efficiency
By Om-Shree-0709 on December 14, 2025.
mcp
Token bloat

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/rocklambros/nist-csf-2-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

docker-publish.yml•11 kB