{"id":48908724,"url":"https://github.com/aojdevstudio/microsoft-mcp","last_synced_at":"2026-04-16T22:03:58.007Z","repository":{"id":305244220,"uuid":"1022300089","full_name":"AojdevStudio/microsoft-mcp","owner":"AojdevStudio","description":"A Microsoft Graph API integration MCP server that provides AI assistants with comprehensive access to Microsoft 365 services through the Model Context Protocol (MCP). It enables natural language automation of email, calendar, file management, and contact operations across multiple Microsoft accounts.","archived":false,"fork":false,"pushed_at":"2025-09-16T16:45:51.000Z","size":1306,"stargazers_count":0,"open_issues_count":3,"forks_count":0,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-09-16T19:28:48.608Z","etag":null,"topics":["claude-ai","claude-desktop","mcp","mcp-server","outlook-365"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/AojdevStudio.png","metadata":{"files":{"readme":".github/README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":"ROADMAP.md","authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-07-18T19:58:29.000Z","updated_at":"2025-09-16T16:45:37.000Z","dependencies_parsed_at":"2025-08-04T07:16:38.104Z","dependency_job_id":"dc119e42-70e9-4f74-9b69-c53f69513f07","html_url":"https://github.com/AojdevStudio/microsoft-mcp","commit_stats":null,"previous_names":["aojdevstudio/microsoft-mcp"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/AojdevStudio/microsoft-mcp","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AojdevStudio%2Fmicrosoft-mcp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AojdevStudio%2Fmicrosoft-mcp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AojdevStudio%2Fmicrosoft-mcp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AojdevStudio%2Fmicrosoft-mcp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/AojdevStudio","download_url":"https://codeload.github.com/AojdevStudio/microsoft-mcp/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AojdevStudio%2Fmicrosoft-mcp/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31905896,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-16T18:22:33.417Z","status":"ssl_error","status_checked_at":"2026-04-16T18:21:47.142Z","response_time":69,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["claude-ai","claude-desktop","mcp","mcp-server","outlook-365"],"created_at":"2026-04-16T22:03:40.943Z","updated_at":"2026-04-16T22:03:57.989Z","avatar_url":"https://github.com/AojdevStudio.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# GitHub Actions CI/CD Pipeline\n\nThis directory contains comprehensive GitHub Actions workflows for the Microsoft MCP project, providing automated testing, security scanning, releases, and maintenance.\n\n## 🚀 Workflow Overview\n\n### Core Workflows\n\n#### 1. **CI Pipeline** (`ci.yml`)\n**Triggers**: Push to main/develop/feature branches, Pull Requests\n**Duration**: ~15-20 minutes\n**Purpose**: Comprehensive testing and quality assurance\n\n**Jobs**:\n- **Code Quality \u0026 Security**: Linting (ruff), formatting, type checking (mypy), security audit\n- **Tests**: Multi-platform testing (Ubuntu, macOS, Windows) with Python 3.12/3.13\n- **Email Framework Tests**: Specialized testing for email template system\n- **Build**: Package building and validation\n- **Deployment Check**: Version bump validation for main branch\n\n**Key Features**:\n- ✅ Multi-OS and multi-Python version testing\n- ✅ Comprehensive caching strategy for dependencies\n- ✅ Security scanning with pip-audit\n- ✅ Code coverage reporting with Codecov integration\n- ✅ Artifact uploads for debugging and analysis\n\n#### 2. **Release Pipeline** (`release.yml`)\n**Triggers**: Git tags (`v*.*.*`), Manual dispatch\n**Duration**: ~20-30 minutes\n**Purpose**: Automated version releases and publishing\n\n**Jobs**:\n- **Validate Release**: Version format and conditions validation\n- **Pre-Release Tests**: Full CI pipeline execution before release\n- **Build Release**: Package building with changelog generation\n- **GitHub Release**: Automated GitHub release creation\n- **PyPI Publishing**: Automated package publishing to PyPI\n- **Post-Release**: Development version preparation and notifications\n\n**Key Features**:\n- ✅ Semantic version validation\n- ✅ Automated changelog generation\n- ✅ PyPI publishing with trusted publishing (OIDC)\n- ✅ Pre-release vs stable release handling\n- ✅ Automatic development version bumping\n\n#### 3. **Security Scanning** (`security.yml`)\n**Triggers**: Daily schedule, Push to main, Pull Requests, Manual\n**Duration**: ~15-25 minutes\n**Purpose**: Comprehensive security analysis\n\n**Jobs**:\n- **Dependency Scan**: pip-audit and Safety vulnerability checking\n- **SAST Analysis**: Bandit security linting and Semgrep analysis\n- **CodeQL Analysis**: GitHub's semantic code analysis\n- **Secret Scanning**: TruffleHog and gitleaks secret detection\n- **License Check**: License compatibility verification\n- **Security Summary**: Consolidated security status reporting\n\n**Key Features**:\n- ✅ Multiple security scanning tools integration\n- ✅ SARIF report uploads for GitHub Security tab\n- ✅ License compliance checking\n- ✅ Automated vulnerability reporting\n\n#### 4. **Maintenance \u0026 Updates** (`maintenance.yml`)\n**Triggers**: Weekly schedule (Sunday 3 AM UTC), Manual dispatch\n**Duration**: ~10-20 minutes\n**Purpose**: Automated repository maintenance\n\n**Jobs**:\n- **Dependency Updates**: Automated dependency version updates\n- **Actions Updates**: GitHub Actions version updates\n- **Cache Cleanup**: Old cache cleanup for storage optimization\n- **Health Check**: Repository health assessment and metrics\n\n**Key Features**:\n- ✅ Automated PR creation for updates\n- ✅ Compatibility testing before updates\n- ✅ Repository health monitoring\n- ✅ Maintenance recommendations\n\n### Specialized Workflows\n\n#### 5. **Pull Request Validation** (`pr-validation.yml`)\n**Triggers**: Pull Request events\n**Duration**: ~10-15 minutes\n**Purpose**: PR quality validation and automation\n\n**Features**:\n- ✅ PR structure validation (title format, description quality)\n- ✅ Changed files analysis and categorization\n- ✅ Automated labeling and size assessment\n- ✅ Code quality quick checks\n- ✅ Breaking changes detection\n- ✅ Security quick scan for potential secrets\n\n#### 6. **Notifications \u0026 Status** (`notifications.yml`)\n**Triggers**: Workflow completions, Issues, PRs, Releases\n**Duration**: ~2-5 minutes\n**Purpose**: Status tracking and notifications\n\n**Features**:\n- ✅ Workflow status notifications\n- ✅ PR lifecycle tracking\n- ✅ Issue auto-triaging and labeling\n- ✅ Release announcements\n- ✅ Daily status summaries\n\n## 🔧 Configuration Details\n\n### Environment Variables\n```yaml\nPYTHON_VERSION: \"3.12\"        # Primary Python version\nCACHE_VERSION: \"v1\"           # Cache invalidation control\n```\n\n### Required Secrets\n```yaml\n# GitHub (automatically provided)\nGITHUB_TOKEN: \u003cautomatic\u003e     # Repository access\n\n# PyPI Publishing (for releases)\n# Configure at: https://pypi.org/manage/account/publishing/\n# Uses OIDC trusted publishing - no manual token needed\n\n# Optional: External integrations\nSLACK_WEBHOOK_URL: \u003coptional\u003e # Slack notifications\nCODECOV_TOKEN: \u003coptional\u003e     # Enhanced Codecov integration\n```\n\n### Cache Strategy\nThe workflows implement a sophisticated caching strategy:\n\n- **UV Dependencies**: Cached by OS, Python version, and lock file hash\n- **Multi-level Cache Keys**: Primary + fallback restore keys\n- **Job-specific Caches**: Different cache keys for build, test, security jobs\n- **Automatic Cleanup**: Weekly cache cleanup to optimize storage\n\n### Security Measures\n- **Minimal Permissions**: Each workflow uses least-privilege permissions\n- **Token Security**: OIDC trusted publishing for PyPI (no long-lived tokens)\n- **Secret Scanning**: Multiple tools for detecting leaked credentials\n- **SARIF Integration**: Security results integrate with GitHub Security tab\n- **Dependency Auditing**: Regular vulnerability scanning\n\n## 📊 Monitoring \u0026 Insights\n\n### Status Badges\nAdd these badges to your README for visibility:\n\n```markdown\n[![CI Pipeline](https://github.com/elyxlz/microsoft-mcp/workflows/CI%20Pipeline/badge.svg)](https://github.com/elyxlz/microsoft-mcp/actions/workflows/ci.yml)\n[![Security Scanning](https://github.com/elyxlz/microsoft-mcp/workflows/Security%20Scanning/badge.svg)](https://github.com/elyxlz/microsoft-mcp/actions/workflows/security.yml)\n[![codecov](https://codecov.io/gh/elyxlz/microsoft-mcp/branch/main/graph/badge.svg)](https://codecov.io/gh/elyxlz/microsoft-mcp)\n```\n\n### Workflow Analytics\n- **Actions Usage**: Monitor workflow run times and costs\n- **Success Rates**: Track workflow reliability\n- **Security Alerts**: Review security tab regularly\n- **Artifact Storage**: Monitor artifact storage usage\n\n## 🚦 Workflow Triggers Summary\n\n| Workflow | Push | PR | Schedule | Manual | Tags |\n|----------|------|----|---------|---------|----- |\n| CI Pipeline | ✅ | ✅ | ❌ | ✅ | ❌ |\n| Release | ❌ | ❌ | ❌ | ✅ | ✅ |\n| Security | Main only | ✅ | Daily | ✅ | ❌ |\n| Maintenance | ❌ | ❌ | Weekly | ✅ | ❌ |\n| PR Validation | ❌ | ✅ | ❌ | ❌ | ❌ |\n| Notifications | Via workflow_run | ✅ | ❌ | ❌ | ❌ |\n\n## 🔄 Release Process\n\n### Automated Release (Recommended)\n1. **Merge to main**: All changes go through PR validation\n2. **Version bump**: Update version in `pyproject.toml`\n3. **Create tag**: `git tag v1.2.3 \u0026\u0026 git push origin v1.2.3`\n4. **Automated pipeline**: Release workflow handles the rest\n\n### Manual Release\n1. Go to **Actions** → **Release Pipeline**\n2. Click **Run workflow**\n3. Enter version number (e.g., `1.2.3`)\n4. Choose if it's a pre-release\n5. Click **Run workflow**\n\n### Release Artifacts\n- **GitHub Release**: Changelog and source archives\n- **PyPI Package**: Installable wheel and source distribution\n- **Artifacts**: Build artifacts for debugging\n\n## 🛠️ Development Workflow\n\n### For Contributors\n1. **Fork \u0026 Branch**: Create feature branch\n2. **Local Testing**: Run `uv run pytest` locally\n3. **Create PR**: Automated validation runs\n4. **Address Feedback**: Respond to reviews and checks\n5. **Merge**: Maintainer merges after approval\n\n### For Maintainers\n1. **Review PRs**: Use automated validation insights\n2. **Security Review**: Check security scan results weekly\n3. **Dependencies**: Review automated dependency update PRs\n4. **Releases**: Tag releases when ready\n5. **Monitoring**: Review workflow analytics monthly\n\n## 🔧 Customization\n\n### Adding New Workflows\n1. Create new `.yml` file in `.github/workflows/`\n2. Follow existing patterns for structure\n3. Add appropriate permissions and timeouts\n4. Test thoroughly on feature branch\n\n### Modifying Existing Workflows\n1. **Test Changes**: Always test on feature branch first\n2. **Documentation**: Update this README if needed\n3. **Permissions**: Review security implications\n4. **Notifications**: Consider impact on team notifications\n\n### Environment-Specific Configuration\n- **Development**: Use feature branch testing\n- **Staging**: Main branch represents staging environment\n- **Production**: Tags trigger production releases\n\n## 📚 Additional Resources\n\n- [GitHub Actions Documentation](https://docs.github.com/en/actions)\n- [UV Package Manager](https://docs.astral.sh/uv/)\n- [Ruff Linter Configuration](https://docs.astral.sh/ruff/)\n- [PyPI Trusted Publishing](https://docs.pypi.org/trusted-publishers/)\n- [Codecov Integration](https://docs.codecov.com/docs)\n\n## 🆘 Troubleshooting\n\n### Common Issues\n\n**Workflow fails on dependency installation**\n- Check UV cache configuration\n- Verify `pyproject.toml` syntax\n- Review dependency conflicts\n\n**Security scans reporting false positives**\n- Review `.github/workflows/security.yml` configuration\n- Add exceptions to Bandit configuration in `pyproject.toml`\n- Update security tool versions\n\n**Release workflow fails**\n- Verify version format (must be semantic versioning)\n- Check PyPI trusted publishing configuration\n- Review release permissions\n\n**Tests fail in CI but pass locally**\n- Check environment variable configuration\n- Review OS-specific test conditions\n- Verify test isolation\n\n### Getting Help\n1. **Check workflow logs**: Detailed error information\n2. **Review this documentation**: Common solutions\n3. **Search existing issues**: Similar problems may be documented\n4. **Create new issue**: Use issue templates for bug reports\n\n---\n\n*This CI/CD pipeline is designed to be robust, secure, and maintainable. Regular reviews and updates ensure it continues to serve the project's needs effectively.*","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faojdevstudio%2Fmicrosoft-mcp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Faojdevstudio%2Fmicrosoft-mcp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faojdevstudio%2Fmicrosoft-mcp/lists"}