This guide explains when and how to use each GitHub Actions workflow in the project.
| Workflow | Purpose | Trigger | Status | Use For |
|---|---|---|---|---|
| build-and-publish.yml | Development CI/CD | Automatic (push/PR) | ✅ Active | Daily development |
| release-publish.yml | Official ASF releases | Manual (after vote) | ✅ Active | Production releases |
| nightly-build.yml | Nightly builds | Scheduled (2 AM UTC) | ✅ Active | Latest unstable builds |
| atr-release-test.yml | ATR testing | Manual (safe mode) | ✅ Ready | Testing ATR workflow |
| atr-release.yml | ATR production | Manual (blocked) | ⚠️ Blocked | Future ATR releases |
┌─────────────────────────────────────────────────────────────┐
│ START: What do you need to do? │
└────────────────────┬────────────────────────────────────────┘
│
┌────────────────┼────────────────┐
│ │ │
▼ ▼ ▼
┌─────────┐ ┌──────────┐ ┌──────────┐
│ Develop │ │ Release │ │ Test │
│ Code │ │ Official │ │ ATR │
└────┬────┘ └─────┬────┘ └─────┬────┘
│ │ │
│ │ │
▼ ▼ ▼
┌─────────────┐ ┌───────────┐ ┌──────────┐
│build-and- │ │ release- │ │atr- │
│publish.yml │ │ publish │ │release- │
│ │ │ .yml │ │test.yml │
│✅ Automatic │ │ │ │ │
│ on push │ │✅ Manual │ │✅ Manual │
│ │ │after vote │ │safe mode │
└─────────────┘ └─────┬─────┘ └──────────┘
│
│ After ATR
│ onboarding?
│
▼
┌──────────┐
│atr- │
│release │
│ .yml │
│ │
│⚠️ Future │
│ (blocked)│
└──────────┘
Purpose: Continuous integration and deployment for development
mainrelease-publish.yml)on: push: branches: [main] tags: ['v*'] # ⚠️ Avoid using tags; prefer release-publish.yml pull_request: branches: [main] workflow_dispatch: # Manual trigger
ghcr.io/OWNER/solr-mcp:VERSION-SHADOCKERHUB_USERNAME/solr-mcp:VERSION-SHA (if secrets configured)VERSION-SNAPSHOT-SHA + latest1.0.0-SNAPSHOT-a1b2c3d, latestVERSION + latest1.0.0, latestDOCKERHUB_USERNAME (optional) - Your Docker Hub usernameDOCKERHUB_TOKEN (optional) - Docker Hub access tokenGITHUB_TOKEN (automatic) - For GHCR publishingAutomatic (Recommended):
# Just merge your PR - workflow runs automatically git checkout main git merge feature-branch git push origin main
Manual Trigger:
# Via GitHub UI: Actions → Build and Publish → Run workflow # Or via CLI: gh workflow run build-and-publish.yml
Purpose: Official Apache Software Foundation release publishing
apache/solr-mcp namespacebuild-and-publish.yml)atr-release-test.yml)on: workflow_dispatch: # ONLY manual trigger inputs: release_version: # e.g., 1.0.0 release_candidate: # e.g., rc1 vote_thread_url: # (optional) sign_with_asf_infra: # (future)
v1.0.0-rc1)apache/solr-mcp:1.0.0, apache/solr-mcp:1.0, apache/solr-mcp:1, apache/solr-mcp:latestghcr.io/apache/solr-mcp:1.0.0, latest1.0.01.01latestDOCKERHUB_APACHE_USERNAME - Apache PMC Docker Hub credentialsDOCKERHUB_APACHE_TOKEN - Apache PMC Docker Hub tokenGITHUB_TOKEN (automatic) - For GHCR and GitHub releasesStep-by-Step Process:
Create Release Candidate:
git tag v1.0.0-rc1 -m "Release candidate 1 for version 1.0.0" git push origin v1.0.0-rc1
Call ASF Vote (email to dev@solr.apache.org):
Subject: [VOTE] Release Apache Solr MCP 1.0.0 RC1 [Include vote email content per ASF guidelines]
Wait for Vote (minimum 72 hours, need 3+ binding +1 votes)
After Vote Passes, trigger workflow:
# Via GitHub UI: Actions → Release Publish → Run workflow # Fill in: # release_version: 1.0.0 # release_candidate: rc1 # vote_thread_url: https://lists.apache.org/... # Or via CLI: gh workflow run release-publish.yml \ -f release_version=1.0.0 \ -f release_candidate=rc1 \ -f vote_thread_url=https://lists.apache.org/thread/...
Verify Publication:
# Check Docker Hub docker pull apache/solr-mcp:1.0.0 # Check MCP Registry curl "https://registry.modelcontextprotocol.io/v0/servers?search=io.github.apache/solr-mcp" | jq .
Announce Release (email to announce@apache.org)
Purpose: Automated nightly builds for testing latest changes
on: schedule: - cron: '0 2 * * *' # 2 AM UTC daily workflow_dispatch: inputs: skip_docker: # Skip Docker publishing
main branchapache/solr-mcp-nightly:nightly-YYYYMMDD-SHAlatest-nightlynightly-20250112-a1b2c3dlatest-nightlyDOCKERHUB_APACHE_USERNAME - Apache PMC Docker Hub credentialsDOCKERHUB_APACHE_TOKEN - Apache PMC Docker Hub tokenAPACHE_NIGHTLIES_USER (optional) - For nightlies.apache.org uploadsAPACHE_NIGHTLIES_KEY (optional) - SSH key for nightliesAutomatic (Default):
# Runs automatically every night at 2 AM UTC # No action needed
Manual Trigger:
# Via GitHub UI: Actions → Nightly Build → Run workflow # Or via CLI: gh workflow run nightly-build.yml # Skip Docker publishing: gh workflow run nightly-build.yml -f skip_docker=true
Using Nightly Images:
# Pull today's nightly docker pull apache/solr-mcp-nightly:latest-nightly # Pull specific date docker pull apache/solr-mcp-nightly:nightly-20250112-a1b2c3d
Purpose: Test Apache Trusted Releases (ATR) workflow safely
dry_run=false)atr-release.yml when ready)on: workflow_dispatch: inputs: release_version: # Default: 0.0.1-test release_candidate: # Default: rc1 dry_run: # Default: true (SAFE MODE) skip_compose: # Skip if already done skip_vote: # Skip vote phase
dry_run=false):ASF_USERNAME - Your ASF ID (only needed if dry_run=false)Safe Testing (Recommended First):
# Via GitHub UI: Actions → ATR Release Process (TEST) → Run workflow # Leave all defaults (dry_run=true) # Or via CLI: gh workflow run atr-release-test.yml \ -f release_version=0.0.1-test \ -f release_candidate=rc1 \ -f dry_run=true
Real ATR Upload (After Onboarding):
# ONLY after ATR onboarding approved gh workflow run atr-release-test.yml \ -f release_version=0.0.1-test \ -f release_candidate=rc1 \ -f dry_run=false # ⚠️ Will actually upload to ATR
Testing Complete Flow:
# 1. Test compose phase gh workflow run atr-release-test.yml \ -f dry_run=false \ -f skip_vote=false # 2. (Manually send test vote email) # 3. Test finish phase gh workflow run atr-release-test.yml \ -f skip_compose=true \ -f skip_vote=true \ -f dry_run=false
Purpose: Apache Trusted Releases (ATR) automated release process
⚠️ BLOCKED - Cannot be used until prerequisites are met
Before this workflow can be used, you must complete:
Implement Automated Release Signing
Request ATR Onboarding
Configure Secrets
ASF_USERNAME secret with your ASF IDFor complete implementation guide, see: dev-docs/ATR_TESTING_GUIDE.md
Until ATR is ready, use release-publish.yml for official releases.
After Prerequisites Met:
# 1. Compose and upload to ATR gh workflow run atr-release.yml \ -f release_version=1.0.0 \ -f release_candidate=rc1 # 2. Send vote email (manual) # 3. After vote passes, finalize gh workflow run atr-release.yml \ -f release_version=1.0.0 \ -f release_candidate=rc1 \ -f skip_compose=true \ -f skip_vote=true
| Feature | build-and-publish | release-publish | nightly-build | atr-release-test | atr-release |
|---|---|---|---|---|---|
| Status | ✅ Active | ✅ Active | ✅ Active | ✅ Ready | ⚠️ Blocked |
| Trigger | Automatic | Manual | Scheduled | Manual | Manual |
| Docker Namespace | Personal/GHCR | apache/* | apache/*-nightly | Test | apache/* |
| MCP Registry | ❌ No | ✅ Yes | ❌ No | ❌ No | ✅ Yes |
| ASF Vote | ❌ Not required | ✅ Required | ❌ Not required | ❌ Not required | ✅ Required |
| Signing | ❌ No | ⚠️ Manual | ❌ No | ⚠️ Simulated | ✅ Automated |
| Production Ready | ❌ No | ✅ Yes | ❌ No | ❌ No | ⚠️ Future |
| Can Test Now | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | ❌ No |
Use: build-and-publish.yml (automatic)
# Workflow runs automatically on merge to main # Find your images at: # - ghcr.io/apache/solr-mcp:1.0.0-SNAPSHOT-a1b2c3d
Use: release-publish.yml (manual after vote)
# 1. Create RC tag git tag v1.0.0-rc1 -m "Release candidate 1" git push origin v1.0.0-rc1 # 2. Call ASF vote (email to dev@solr.apache.org) # 3. Wait 72+ hours for vote to pass # 4. Trigger workflow gh workflow run release-publish.yml \ -f release_version=1.0.0 \ -f release_candidate=rc1
Use: nightly-build.yml (automatic daily)
# Pull the latest nightly docker pull apache/solr-mcp-nightly:latest-nightly
Use: atr-release-test.yml (manual testing)
# Test the workflow safely gh workflow run atr-release-test.yml \ -f dry_run=true # Safe mode - no uploads
Use: atr-release.yml (blocked - see prerequisites)
❌ Cannot use yet ✅ Complete prerequisites first: 1. Implement automated signing 2. Request ATR onboarding 3. See: dev-docs/ATR_TESTING_GUIDE.md
Solution: Add secrets to repository:
gh secret set DOCKERHUB_USERNAME --body "your-username" gh secret set DOCKERHUB_TOKEN --body "your-access-token"
Solution: Ensure you've created and pushed the tag:
git tag v1.0.0-rc1 -m "Release candidate 1" git push origin v1.0.0-rc1
Solution: Add ASF username secret (required for ATR):
gh secret set ASF_USERNAME --body "your-asf-id"
Solution: Check ATR status:
Solution: Wait for ASF vote to complete:
# Trigger workflows manually gh workflow run build-and-publish.yml gh workflow run release-publish.yml -f release_version=1.0.0 -f release_candidate=rc1 gh workflow run nightly-build.yml gh workflow run atr-release-test.yml -f dry_run=true # View workflow runs gh run list gh run view <run-id> gh run watch # Download workflow artifacts gh run download <run-id> # Manage secrets gh secret list gh secret set SECRET_NAME --body "value" gh secret delete SECRET_NAME # Tag management for releases git tag v1.0.0-rc1 -m "Release candidate 1" git push origin v1.0.0-rc1 git tag -d v1.0.0-rc1 # Delete local git push origin :refs/tags/v1.0.0-rc1 # Delete remote
Last Updated: 2025-01-12 Workflows Version: Compatible with all workflows as of this date