coulomb/kaizen-agentic
2
0
Fork 0
Code Issues 4 Pull Requests Actions Projects Releases Wiki Activity
Files
4daf8635d1f08e2305e9c8f8f912b9f696bab679
kaizen-agentic/docs/PACKAGE_RELEASE.md
tegwick 4daf8635d1
Some checks failed
ci / test (push) Failing after 6s
Details
fix: haskelseed-native Gitea Actions without GitHub marketplace 
Replace actions/checkout and setup-python with internal git clone and
system python3. Drops CI matrix to a single job on the self-hosted runner.
2026-06-16 03:25:41 +02:00

3.1 KiB
Raw Blame History

Python Package Release

kaizen-agentic publishes as the kaizen-agentic Python package on the Coulomb Gitea PyPI registry. Public pypi.org distribution is optional and not required for ecosystem use.

Install (consumers)

Dependencies such as pyyaml resolve from public PyPI. Use Gitea as an extra index:

export GITEA_PACKAGE_USER=<gitea-user>
export GITEA_PACKAGE_TOKEN=<package-token>

pip install kaizen-agentic \
  --extra-index-url "https://${GITEA_PACKAGE_USER}:${GITEA_PACKAGE_TOKEN}@gitea.coulomb.social/api/packages/coulomb/pypi/simple/"

Global CLI via pipx:

pipx install kaizen-agentic \
  --pip-args="--extra-index-url https://${GITEA_PACKAGE_USER}:${GITEA_PACKAGE_TOKEN}@gitea.coulomb.social/api/packages/coulomb/pypi/simple/"

Do not commit tokenized index URLs. Inject credentials via environment variables or CI secrets.

Local Release

Build and validate artifacts:

make package-check

Publish to the Coulomb organization registry:

TWINE_USERNAME=<gitea-user> \
TWINE_PASSWORD=<package-token> \
make publish-gitea

Package upload endpoint:

https://gitea.coulomb.social/api/packages/coulomb/pypi

Consumer simple index:

https://gitea.coulomb.social/api/packages/coulomb/pypi/simple/

Gitea repository secrets (one-time)

Configure in Gitea: Repository → Settings → Actions → Secrets.

Secret Value
PACKAGE_USER Gitea username with package upload permission (e.g. tegwick)
PACKAGE_TOKEN Gitea API token with write:package scope

Gitea rejects secret names prefixed with GITEA_ — use PACKAGE_USER / PACKAGE_TOKEN (not GITEA_PACKAGE_USER). Workflows use runs-on: haskelseed and native git clone (no GitHub Marketplace actions).

The publish workflow fails at the upload step when either secret is missing or invalid. Do not commit tokens to the repository.

Verify secrets without cutting a release:

  1. Open Actions → Publish Python package → Run workflow (workflow_dispatch)
  2. Confirm the run completes and twine upload succeeds
  3. Optional: pip install kaizen-agentic==<version> --extra-index-url ...

Pre-tag release checklist

Before git tag vX.Y.Z && git push origin vX.Y.Z:

  • make release-check passes (tests, flake8, version consistency, agent parity)
  • make package-check builds and validates dist/*
  • CHANGELOG.md has a dated [X.Y.Z] section matching pyproject.toml
  • PACKAGE_USER and PACKAGE_TOKEN secrets are set
  • Publish workflow smoke-tested via workflow_dispatch (or prior tag release)
  • make agents-sync-package run if agents/ changed since last release

Gitea Actions Release

The .gitea/workflows/publish-python-package.yml workflow publishes on tags matching v*.

Example:

git tag v1.2.0
git push origin v1.2.0

Public PyPI (optional)

When pypi.org credentials are configured (~/.pypirc or TWINE_PASSWORD API token with TWINE_USERNAME=__token__):

make release-publish
python -m twine upload dist/*
Reference in New Issue View Git Blame Copy Permalink