agentic-infrastructure-bootstrap/agent-library/.github/workflows/publish-capabilities.yaml at main · Sarony11/agentic-infrastructure-bootstrap · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
# Example: Publishing `.well-known` Capabilities
# -------------------------------------------------------------------------
# ⚠️ ARCHITECTURE EXAMPLE ONLY ⚠️
# This workflow is designed to demonstrate how a Polyrepo architecture would
# compile and publish its capabilities.
#
# It is INTENTIONALLY DISABLED (via the `workflow_dispatch` trigger only)
# so it does not accidentally run in this Monorepo bootstrap environment.
# -------------------------------------------------------------------------

name: Publish Agent Capabilities (.well-known)

on:
  workflow_dispatch: # Manual trigger only, to prevent accidental execution

env:
  PROJECT_ID: 'example-platform-prod'
  BUCKET_NAME: 'agent-capabilities-example-public'
  DOMAIN: 'api.example-domain.internal'

jobs:
  build-and-publish:
    runs-on: ubuntu-latest
    permissions:
      contents: 'read'
      id-token: 'write' # Required for Workload Identity Federation

    steps:
    - name: Checkout Repository
      uses: actions/checkout@v4

    - name: Setup Python
      uses: actions/setup-python@v5
      with:
        python-version: '3.11'

    - name: Compile library.yaml to agent-capabilities.json
      # In a real scenario, this would be a robust script (Python/Go) that parses
      # the YAML, filters out local-only skills, and structures the public ones
      # (e.g., MCP endpoints, API routes) into the RFC 8615 format.
      run: |
        cat << 'EOF' > compile.py
        import yaml
        import json
        import os

        with open('library.yaml', 'r') as file:
            library = yaml.safe_load(file)

        # Hypothetical mapping: extracting public tools
        capabilities = {
            "org_id": library.get('owner', 'unknown-domain'),
            "version": library.get('version', '1.0'),
            "mcp_servers": {},
            "supported_protocols": ["mcp-v1.2"],
            "contact": "platform-engineering@company.com"
        }

        # Mock extraction of public tools (e.g., from a 'tools' section in YAML)
        # capabilities["mcp_servers"]["terraform"] = { ... }

        # Output the required format
        os.makedirs('.well-known', exist_ok=True)
        with open('.well-known/agent-capabilities.json', 'w') as json_file:
            json.dump(capabilities, json_file, indent=2)
        print("Successfully compiled agent-capabilities.json")
        EOF

        pip install pyyaml
        python compile.py

    - name: Authenticate to Google Cloud
      id: auth
      uses: google-github-actions/auth@v2
      with:
        workload_identity_provider: 'projects/123456789/locations/global/workloadIdentityPools/github/providers/my-repo'
        service_account: 'agent-deployer@yourcompany-platform-prod.iam.gserviceaccount.com'

    - name: Setup Google Cloud SDK
      uses: google-github-actions/setup-gcloud@v2

    - name: Upload to GCP Cloud Storage
      # Upload the compiled JSON to a bucket that acts as the origin for a CDN/Load Balancer.
      # The Load Balancer maps `https://api.networking.yourcompany.internal/.well-known/*` to this bucket.
      run: |
        gsutil -h "Content-Type:application/json" \
               -h "Cache-Control:public, max-age=300" \
               cp .well-known/agent-capabilities.json gs://${{ env.BUCKET_NAME }}/.well-known/agent-capabilities.json

        echo "Successfully deployed to: https://${{ env.DOMAIN }}/.well-known/agent-capabilities.json"