From 009aa9275bd87c38da88e8ee99972e05ee127f5c Mon Sep 17 00:00:00 2001
From: Joel Verhagen <joel.verhagen@gmail.com>
Date: Mon, 17 Nov 2025 16:43:07 -0500
Subject: [PATCH] Add step for publishing to MCP Registry (#1197)

This adds a new step for the `release` event to publish to the Official
MCP Registry.

Summary of changes:
- Add `server.json` which is the MCP Server manifest
  - Used metadata from the GH MCP Registry
  - Used the name `com.microsoft/playwright-mcp`
- Add `publish-release-mcp-registry` job that runs manually
   - Install Microsoft Go for compliant Go crypto
   - Log in to Azure for Key Vault access
   - Publish to the MCP Registry in the `microsoft.com` namespace.
- Add `mcpName` to the `package.json` which the MCP Registry validates.

The publishing requires some secret variables:
- `AZURE_MCP_REGISTRY_CLIENT_ID` - service principal client ID (app ID)
with Get Key and Sign access to a Key Vault
- `AZURE_MCP_REGISTRY_TENANT_ID` - tenant ID for the service principal
(should be a production tenant)
- `AZURE_MCP_REGISTRY_SUBSCRIPTION_ID` - Azure subscription ID holding
the Key Vault
- `KV_NAME` - the Key Vault name, e.g. `mykeyvault`
- `KV_KEY_NAME` - the name of a Key in the Key Vault, needs to be ECDSA
P-384.

I can provide internal documentation for how to set up the service
principal (managed identity is easiest), vault, and key as well as
registering the key so it can be used for the `microsoft.com` namespace.

**Note:** after the new job is proven to work as expected, we can switch
it to automatically running after the `publish-release-npm` job on the
`release` event.
---
 .github/workflows/publish.yml | 46 +++++++++++++++++++++++++++++++++++
 .mcp/server.json              | 22 +++++++++++++++++
 package.json                  |  1 +
 3 files changed, 69 insertions(+)
 create mode 100644 .mcp/server.json

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 97d4c7f..7d360b9 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -147,3 +147,49 @@ jobs:
            GITHUB_TOKEN: ${{ github.token }}
         run: |
             gh release upload ${{github.event.release.tag_name}} ./extension/playwright-mcp-extension-${{ steps.get-version.outputs.version }}.zip
+
+  publish-release-mcp-registry:
+    if: github.event_name == 'workflow_dispatch'
+    runs-on: ubuntu-latest
+    environment: allow-mcp-registry-publishing
+    permissions:
+      contents: read
+      id-token: write # Needed for GitHub OIDC authentication
+    steps:
+      - uses: actions/checkout@v5
+      - name: Clone MCP Registry and build publisher tool
+        shell: pwsh
+        run: |
+          cd ${{ runner.temp }}
+
+          # Install Microsoft Go
+          go run github.com/microsoft/go-infra/goinstallscript@v1.1.0
+          ./go-install.ps1 -GitHubActionsPath
+
+          # Enable compliant crypto
+          $env:GOEXPERIMENT = "systemcrypto"
+
+          # Clone and build the publisher tool
+          git clone --branch "v1.3.7" https://github.com/modelcontextprotocol/registry
+          cd registry
+          go build -o ${{ runner.temp }}/mcp-publisher ./cmd/publisher
+
+          # show help for the tool to ensure it's working
+          ${{ runner.temp }}/mcp-publisher --help
+      - name: Azure Login via OIDC
+        uses: azure/login@v2
+        with:
+          client-id: ${{ secrets.AZURE_MCP_REGISTRY_CLIENT_ID }}
+          tenant-id: ${{ secrets.AZURE_MCP_REGISTRY_TENANT_ID }}
+          subscription-id: ${{ secrets.AZURE_MCP_REGISTRY_SUBSCRIPTION_ID }}
+      - name: Publish to the MCP Registry
+        shell: pwsh
+        run: |
+          # log in using Key Vault
+          ${{ runner.temp }}/mcp-publisher `
+              login dns azure-key-vault `
+              -vault "${{ secrets.KV_NAME }}" -key "${{ secrets.KV_KEY_NAME }}" `
+              -domain microsoft.com
+
+          # publish the server.json
+          ${{ runner.temp }}/mcp-publisher publish ./.mcp/server.json
diff --git a/.mcp/server.json b/.mcp/server.json
new file mode 100644
index 0000000..57401c2
--- /dev/null
+++ b/.mcp/server.json
@@ -0,0 +1,22 @@
+{
+  "$schema": "https://static.modelcontextprotocol.io/schemas/2025-10-17/server.schema.json",
+  "name": "com.microsoft/playwright-mcp",
+  "title": "Playwright",
+  "description": "Automate web browsers using accessibility trees for testing and data extraction.",
+  "repository": {
+    "url": "https://github.com/microsoft/playwright-mcp",
+    "source": "github"
+  },
+  "websiteUrl": "https://github.com/microsoft/playwright-mcp",
+  "version": "0.0.46",
+  "packages": [
+    {
+      "registryType": "npm",
+      "identifier": "@playwright/mcp",
+      "version": "0.0.46",
+      "transport": {
+        "type": "stdio"
+      }
+    }
+  ]
+}
\ No newline at end of file
diff --git a/package.json b/package.json
index 2e2a305..948cb80 100644
--- a/package.json
+++ b/package.json
@@ -2,6 +2,7 @@
   "name": "@playwright/mcp",
   "version": "0.0.47",
   "description": "Playwright Tools for MCP",
+  "mcpName": "com.microsoft/playwright-mcp",
   "repository": {
     "type": "git",
     "url": "git+https://github.com/microsoft/playwright-mcp.git"