feat: add MCP Apps extension substrate #907
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Migration CI coverage decision | |
| # -------------------------------- | |
| # This workflow runs on every PR that touches migration files and covers: | |
| # • SQLite fresh install (HEAD schema from scratch) | |
| # • PostgreSQL fresh install | |
| # • SQLite upgrade roundtrip (base-image → HEAD → downgrade back to base) | |
| # • PostgreSQL upgrade roundtrip | |
| # | |
| # The full migration suite (rollback tests, performance benchmarks, and | |
| # cross-DB schema consistency) is NOT run on every PR because: | |
| # • Runtime cost: the full suite can exceed 30 minutes with cold Docker pulls | |
| # • Risk profile: rollback and perf tests rarely regress on a typical PR; | |
| # the upgrade/roundtrip harness here already catches broken migrations and | |
| # stranded Alembic heads — the most common PR-time failure modes | |
| # • Cross-DB consistency: requires two live engine containers and is better | |
| # suited to a controlled environment | |
| # | |
| # Those slower checks are available as: | |
| # make migration-test-rollback — downgrade/reverse pytest + roundtrip | |
| # make migration-test-cross-db — cross-DB schema consistency | |
| # make migration-test-all — full suite | |
| # Run them manually before release or via workflow_dispatch on this workflow. | |
| name: Alembic Upgrade Validation | |
| on: | |
| pull_request: | |
| types: [opened, synchronize, ready_for_review] | |
| branches: ["main"] | |
| paths: | |
| - "mcpgateway/alembic/**" | |
| - "scripts/ci/run_upgrade_validation.sh" | |
| - ".github/workflows/alembic-upgrade-validation.yml" | |
| workflow_dispatch: | |
| inputs: | |
| base_image: | |
| description: "Base release image used for upgrade checks" | |
| required: false | |
| default: "ghcr.io/ibm/mcp-context-forge:1.0.0-BETA-2" | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| actions: read | |
| jobs: | |
| upgrade-validation: | |
| if: github.event_name != 'pull_request' || !github.event.pull_request.draft | |
| name: SQLite + PostgreSQL Fresh/Upgrade | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 50 | |
| env: | |
| TARGET_IMAGE: mcpgateway/mcpgateway:upgrade-ci-${{ github.sha }} | |
| ARTIFACT_DIR: artifacts/upgrade-validation | |
| BASE_IMAGE: ${{ github.event.inputs.base_image || 'ghcr.io/ibm/mcp-context-forge:1.0.0-BETA-2' }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 | |
| with: | |
| persist-credentials: false | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3 | |
| - name: Build candidate image | |
| uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6 | |
| with: | |
| context: . | |
| file: Containerfile.lite | |
| platforms: linux/amd64 | |
| load: true | |
| push: false | |
| tags: ${{ env.TARGET_IMAGE }} | |
| cache-from: type=gha,scope=containerfile-lite-amd64 | |
| cache-to: type=gha,mode=max,scope=containerfile-lite-amd64 | |
| - name: Run upgrade validation | |
| run: | | |
| bash scripts/ci/run_upgrade_validation.sh | |
| - name: Upload upgrade validation logs | |
| if: always() | |
| uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 | |
| with: | |
| name: alembic-upgrade-validation-logs | |
| path: artifacts/upgrade-validation | |
| if-no-files-found: ignore | |
| retention-days: 14 |