Jump to content

Connect SuperML | Leeroopedia MCP: Equip your AI agents with best practices, code verification, and debugging knowledge. Powered by Leeroo — building Organizational Superintelligence. Contact us at founders@leeroo.com.

Principle:Langchain ai Langchain Production Publishing

From Leeroopedia

Template:Metadata

Overview

Production Publishing is the final stage of a release pipeline that uploads validated distribution artifacts to the production package index and creates a corresponding version-tagged release in the source repository.

Description

After all validation gates pass (unit tests, minimum-version tests, integration tests, compatibility tests), the pipeline proceeds to two final actions:

  1. Package publication: The built wheel and source distribution are uploaded to the production Python Package Index (PyPI) using OIDC trusted publishing. This makes the package available to all users via pip install.
  2. GitHub Release creation: A Git tag is created in the format <pkg-name>==<version> and a GitHub Release is published with the auto-generated release notes and the distribution artifacts attached. This provides a permanent, linkable reference point for the release.

The publish and release-tag steps are separate jobs to maintain the principle of least privilege: the publish job needs id-token: write for OIDC authentication to PyPI, while the release-tag job needs contents: write to create Git tags and releases.

This stage only runs if all preceding jobs either succeeded or were skipped (using the !cancelled() && !failure() condition), ensuring that packages are never published if any validation step failed.

Usage

Use production publishing when:

  • All pre-release validation steps have passed and the package is ready for public consumption.
  • A GitHub Release is needed for changelog tracking and asset distribution.

Practical Guide

1. Download the built artifacts from the CI artifact store.
2. Authenticate to production PyPI via OIDC trusted publishing.
3. Upload the .whl and .tar.gz to https://pypi.org/.
4. Create a Git tag: "<pkg-name>==<version>".
5. Create a GitHub Release with:
   - The tag from step 4.
   - The auto-generated release notes body.
   - The distribution artifacts attached.
   - The commit SHA pinned to the triggering commit.

Pseudocode: 

# Publish to production PyPI
artifacts = download("dist")
oidc_token = request_id_token(audience="pypi")
upload(artifacts, repository_url="https://upload.pypi.org/legacy/", auth=oidc_token)

# Create GitHub Release
tag = pkg_name + "==" + version
create_release(
    tag=tag,
    body=release_notes,
    artifacts=artifacts,
    commit=github.sha,
    make_latest=(pkg_name == "langchain-core")
)

Related Pages

Page Connections

Double-click a node to navigate. Hold to expand connections.
Principle
Implementation
Heuristic
Environment
Retrieved from "https://leeroopedia.com/index.php?title=Principle:Langchain_ai_Langchain_Production_Publishing&oldid=25076"