diff --git a/.github/workflows/mcp-pypi-release.yml b/.github/workflows/mcp-pypi-release.yml new file mode 100644 index 0000000000..7a3e5f5daa --- /dev/null +++ b/.github/workflows/mcp-pypi-release.yml @@ -0,0 +1,81 @@ +name: "MCP: PyPI Release" + +on: + release: + types: + - "published" + +concurrency: + group: ${{ github.workflow }}-${{ github.event.release.tag_name }} + cancel-in-progress: false + +env: + RELEASE_TAG: ${{ github.event.release.tag_name }} + PYTHON_VERSION: "3.12" + WORKING_DIRECTORY: ./mcp_server + +jobs: + validate-release: + if: github.repository == 'prowler-cloud/prowler' + runs-on: ubuntu-latest + timeout-minutes: 5 + permissions: + contents: read + outputs: + prowler_version: ${{ steps.parse-version.outputs.version }} + major_version: ${{ steps.parse-version.outputs.major }} + + steps: + - name: Parse and validate version + id: parse-version + run: | + PROWLER_VERSION="${{ env.RELEASE_TAG }}" + echo "version=${PROWLER_VERSION}" >> "${GITHUB_OUTPUT}" + + # Extract major version + MAJOR_VERSION="${PROWLER_VERSION%%.*}" + echo "major=${MAJOR_VERSION}" >> "${GITHUB_OUTPUT}" + + # Validate major version (only Prowler 3, 4, 5 supported) + case ${MAJOR_VERSION} in + 3|4|5) + echo "✓ Releasing Prowler MCP for tag ${PROWLER_VERSION}" + ;; + *) + echo "::error::Unsupported Prowler major version: ${MAJOR_VERSION}" + exit 1 + ;; + esac + + publish-prowler-mcp: + needs: validate-release + runs-on: ubuntu-latest + timeout-minutes: 15 + permissions: + contents: read + id-token: write + environment: + name: pypi-prowler-mcp + url: https://pypi.org/project/prowler-mcp/ + + steps: + - name: Checkout repository + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + + - name: Install uv + uses: astral-sh/setup-uv@v7 + + - name: Set up Python ${{ env.PYTHON_VERSION }} + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 + with: + python-version: ${{ env.PYTHON_VERSION }} + + - name: Build prowler-mcp package + working-directory: ${{ env.WORKING_DIRECTORY }} + run: uv build + + - name: Publish prowler-mcp package to PyPI + uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 + with: + packages-dir: ${{ env.WORKING_DIRECTORY }}/dist/ + print-hash: true diff --git a/mcp_server/prowler_mcp_server/__init__.py b/mcp_server/prowler_mcp_server/__init__.py index 91963cdca1..dbf792d89c 100644 --- a/mcp_server/prowler_mcp_server/__init__.py +++ b/mcp_server/prowler_mcp_server/__init__.py @@ -5,8 +5,8 @@ This package provides MCP tools for accessing: - Prowler Hub: All security artifacts (detections, remediations and frameworks) supported by Prowler """ -__version__ = "0.1.0" +__version__ = "0.3.0" __author__ = "Prowler Team" __email__ = "engineering@prowler.com" -__all__ = ["__version__", "prowler_mcp_server"] +__all__ = ["__version__", "__author__", "__email__"] diff --git a/mcp_server/pyproject.toml b/mcp_server/pyproject.toml index c269bbe18c..cd6e674e1b 100644 --- a/mcp_server/pyproject.toml +++ b/mcp_server/pyproject.toml @@ -14,7 +14,6 @@ requires-python = ">=3.12" version = "0.3.0" [project.scripts] -generate-prowler-app-mcp-server = "prowler_mcp_server.prowler_app.utils.server_generator:generate_server_file" prowler-mcp = "prowler_mcp_server.main:main" [tool.uv]