promote: dev -> staging (bug fixes v0.2.1)

[mabry1985]

Summary

Promoting 4 bug fixes from v0.2.0 smoke testing:

• Agent card does not advertise bearer scheme when A2A_AUTH_TOKEN is set #14 Agent card does not advertise bearer scheme when A2A_AUTH_TOKEN is set
• MemoryMiddleware.on_session_end is never invoked - memory persistence dead on arrival #15 MemoryMiddleware.on_session_end never invoked (persistence dead on arrival)
• Fix pytest collection errors #17 pytest collection errors on test_memory_persistence and test_skill_index
• fix(memory): decouple MemoryMiddleware from knowledge_store #18 MemoryMiddleware never activated unless knowledge_middleware also enabled

Post-merge prepare-release.yml will auto-bump to v0.2.1.

Merge strategy

Use merge commit (not squash) per branch-strategy.md.

Summary by CodeRabbit

• New Features

  • MemoryMiddleware now operates without requiring a knowledge store, enabling more flexible configurations.
  • Bearer authentication is now dynamically configured based on environment settings.
  • Sessions persist at terminal conversation turns for improved continuity.

• Tests

  • Added memory persistence validation tests.
  • Added security scheme configuration tests.
  • Enhanced test discovery and module resolution.

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 16cd5e78-5742-4122-bed1-25980d393297

📥 Commits

Reviewing files that changed from the base of the PR and between 8447093 and 665fc46.

📒 Files selected for processing (9)

• .github/workflows/docker-publish.yml
• graph/agent.py
• graph/middleware/memory.py
• pyproject.toml
• requirements.txt
• server.py
• tests/conftest.py
• tests/test_a2a_integration.py
• tests/test_memory_persistence.py

---

Walkthrough

This PR extends the middleware stack to support optional knowledge stores, implements session-based memory persistence with prior session injection into prompts, adds conditional security scheme generation based on environment configuration, and enhances test infrastructure with import path resolution and new integration/unit tests.

Changes

Cohort / File(s)	Summary
Memory Middleware & Configuration graph/middleware/memory.py, graph/agent.py	Made knowledge_store optional in MemoryMiddleware initialization; added lazy-loaded session summary injection via new before_model and abefore_model hooks; extended after_agent to detect terminal turns (final AIMessage with no pending tool_calls) and persist sessions; early-return when store is absent to skip async knowledge extraction.
Server Security server.py	Extracted security scheme construction into _build_security_schemes() helper that unconditionally includes apiKey and conditionally appends bearer HTTP scheme when A2A_AUTH_TOKEN environment variable is set.
Dependencies & Configuration requirements.txt, pyproject.toml	Added explicit langchain-core>=0.3.0 dependency; configured pytest with pythonpath = ["."] to include project root in module resolution.
CI & Test Infrastructure .github/workflows/docker-publish.yml, tests/conftest.py, tests/test_a2a_integration.py, tests/test_memory_persistence.py	Added CI step to verify test discoverability in published Docker image; introduced pytest_configure hook in conftest.py to manage sys.path site-packages ordering; added integration tests validating environment-dependent security scheme generation; added unit tests verifying session persistence logic on terminal turns.

Sequence Diagram(s)

sequenceDiagram
    participant Agent as Agent Execution
    participant MM as MemoryMiddleware
    participant State as state/messages
    participant FS as Session Storage
    
    Agent->>MM: before_model(state, runtime)
    MM->>FS: _load_prior_sessions()
    FS-->>MM: prior_sessions XML
    MM->>State: Inject SystemMessage with<br/>prior_sessions block
    State-->>Agent: Updated messages
    
    Agent->>Agent: Process with model
    
    Agent->>MM: after_agent(state, runtime)
    MM->>MM: Detect terminal turn<br/>(last msg = AIMessage,<br/>no tool_calls)
    MM->>FS: _persist_session(state, trace_id)
    FS-->>MM: Session stored

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~28 minutes

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dev

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}