From 88a7bd18a3917bd9aef49d98aabfa8c4da0128e6 Mon Sep 17 00:00:00 2001
From: Andrei Tseitlin <andrei@privatix.io>
Date: Mon, 30 Mar 2026 12:31:46 +0000
Subject: [PATCH 1/2] Add Docker support with build and publish workflow

---
 .dockerignore                 | 10 +++++++++
 .github/workflows/release.yml | 38 +++++++++++++++++++++++++++++++++++
 CHANGELOG.md                  |  3 ++-
 Dockerfile                    | 33 ++++++++++++++++++++++++++++++
 4 files changed, 83 insertions(+), 1 deletion(-)
 create mode 100644 .dockerignore
 create mode 100644 Dockerfile

diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..1846d3c
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,10 @@
+node_modules
+dist
+.git
+.github
+docs
+*.md
+.env*
+.vscode
+.devcontainer
+.npmrc
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 7e0472f..aba5bd8 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -105,3 +105,41 @@ jobs:
           path: dist/
 
       - run: npm publish --provenance --access public
+
+  # ── 5. Build & push Docker image to GHCR ─────────────────────────────
+  docker-publish:
+    needs: build
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - uses: actions/checkout@v6
+        with:
+          ref: ${{ inputs.tag }}
+
+      - uses: docker/setup-buildx-action@v3
+
+      - uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ghcr.io/${{ github.repository }}
+          tags: |
+            type=semver,pattern={{version}},value=${{ inputs.tag }}
+            type=semver,pattern={{major}}.{{minor}},value=${{ inputs.tag }}
+            type=semver,pattern={{major}},value=${{ inputs.tag }}
+
+      - uses: docker/build-push-action@v6
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 68a157e..8b1c77d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -10,5 +10,6 @@ Initial public release.
 - Human-readable names accepted for countries and services
 - Idle HTTP session cleanup (30-minute TTL)
 - Set MCP server version from `package.json`
+- Docker image published to GHCR (`ghcr.io/platfone-com/mcp`)
 - Documentation for installation, development, and security policy
-- GitHub Actions for npm publish
+- GitHub Actions for npm publish and Docker image build
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..372b451
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,33 @@
+# ── Build stage ─────────────────────────────────────────────────────────
+FROM node:22-slim AS build
+
+WORKDIR /app
+
+COPY package.json package-lock.json ./
+RUN npm ci
+
+COPY tsconfig.json ./
+COPY src/ src/
+RUN npm run build
+
+# ── Production stage ───────────────────────────────────────────────────
+FROM node:22-slim
+
+LABEL org.opencontainers.image.source="https://github.com/platfone-com/mcp"
+LABEL org.opencontainers.image.description="Platfone MCP server for SMS Activation"
+LABEL org.opencontainers.image.licenses="MIT"
+
+WORKDIR /app
+
+COPY package.json package-lock.json ./
+RUN npm ci --omit=dev && npm cache clean --force
+
+COPY --from=build /app/dist/ dist/
+
+# Default: stdio transport. Override CMD for HTTP:
+#   docker run -p 3000:3000 -e PLATFONE_API_KEY=… <image> node dist/index.js --transport=http
+EXPOSE 3000
+
+USER node
+
+CMD ["node", "dist/index.js"]

From cd9f51520fcc6b28a5166d5a91834e31c9f4b8e4 Mon Sep 17 00:00:00 2001
From: Andrei Tseitlin <andrei@privatix.io>
Date: Mon, 30 Mar 2026 12:46:26 +0000
Subject: [PATCH 2/2] Remove caching options from Docker publish step and
 update npm install command in Dockerfile

- Address @copilot PR comments
---
 .github/workflows/release.yml | 2 --
 Dockerfile                    | 3 +--
 2 files changed, 1 insertion(+), 4 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index aba5bd8..ef96508 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -141,5 +141,3 @@ jobs:
           push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
diff --git a/Dockerfile b/Dockerfile
index 372b451..937f6a1 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -20,13 +20,12 @@ LABEL org.opencontainers.image.licenses="MIT"
 WORKDIR /app
 
 COPY package.json package-lock.json ./
-RUN npm ci --omit=dev && npm cache clean --force
+RUN npm ci --omit=dev --ignore-scripts && npm cache clean --force
 
 COPY --from=build /app/dist/ dist/
 
 # Default: stdio transport. Override CMD for HTTP:
 #   docker run -p 3000:3000 -e PLATFONE_API_KEY=… <image> node dist/index.js --transport=http
-EXPOSE 3000
 
 USER node