ci(release): dependency-ordered, checksum-verified kin-db publish + registry-only consumer smoke (FIR-1021)

Harden the first-cut auto-publish into a dependency-aware release flow.

scripts/publish-kinlab-crates.sh:
- Dependency-ordered preflight: reads kin-db's DECLARED registry deps from
  cargo metadata (not the locally patched/resolved versions) and fails loudly
  if a required version is missing from the kin index — in particular it
  enforces the pinned kin-model version (^0.2.0 -> requires 0.2.0 published).
- Checksum-identical idempotency: an existing version (HTTP 409) is accepted
  only when the index cksum is byte-identical to the freshly packaged crate;
  a version that exists with DIFFERENT bytes fails loudly.
- Post-publish proof: re-reads the index cksum, downloads the published .crate,
  and asserts download == index == locally-packaged checksum.
- Reads the registry download template from config.json; DRY_RUN /
  SKIP_REGISTRY_CHECKS escape hatches for local packaging.

ci/registry-smoke/: standalone out-of-tree consumer crate depending on kin-db
ONLY via registry = "kin" (default-features=false, features=["vector"] — the
set that broke in the version-skew incident). Building it proves the published
crate is self-consistent and downloadable.

Workflows: registry_publish / publish_registry pinned to a TROY-GATED protected
environment (registry-publish); added a post-publish registry_consumer_smoke
job that stages the consumer out-of-tree with a registry-only .cargo config
(no patches) + fresh CARGO_HOME and builds it. Fixed release.yml's stale
'kin-model and kin-db' label (the script publishes kin-db only).

Verified: bash -n + DRY_RUN package/checksum locally; dependency-parsing python
emits correct rows incl. the kin-model 0.2.0 pin; consumer main.rs compiles
against kin-db. Actual publish + registry resolution are Troy-gated (token).

Signed-off-by: Troy Fortin <troy@firelock.io>

Author: troyjr4103

.github/workflows/registry-publish.yml

@@ -1,19 +1,31 @@
 # SPDX-License-Identifier: Apache-2.0
 # Copyright 2026 Firelock, LLC
 
-# Registry safety net + idempotent auto-publish.
+# Registry safety net + dependency-aware, idempotent auto-publish (FIR-1021).
 #
 # registry_smoke: builds the crate against the PUBLISHED Kin registry only —
 # every local `[patch.kin]` redirect in .cargo/config.toml is stripped first.
 # Local CI normally builds WITH those sibling-checkout patches, which hides a
 # crate that cannot resolve from the registry (the exact version-skew failure
 # this workflow exists to prevent). Runs on PRs and on main.
 #
-# registry_publish: on a push to main, packages the crate and POSTs it to the
-# registry. The version is read from Cargo.toml (cargo metadata), so a
-# version-bump merge auto-publishes without a git tag. A 409 (already
-# published) is treated as success, so re-running on an unchanged version is a
-# no-op. It only runs after registry_smoke passes.
+# registry_publish: on a push to main, runs a dependency-ordered preflight
+# (kin-db's required registry deps — notably the pinned kin-model version —
+# must already be published), packages the crate, and POSTs it to the registry.
+# The version is read from Cargo.toml (cargo metadata), so a version-bump merge
+# auto-publishes without a git tag. An existing version (HTTP 409) is accepted
+# only when its index checksum is byte-identical to the freshly packaged crate;
+# a mismatch fails loudly. After publish it asserts download == index ==
+# packaged checksum. It only runs after registry_smoke passes.
+#
+# TROY-GATED: registry_publish is pinned to the protected `registry-publish`
+# GitHub Environment (configure required reviewer = Troy + scope the
+# KINLAB_CARGO_TOKEN secret to it). The kin daemon also fails closed without the
+# token, so a publish cannot proceed unattended.
+#
+# registry_consumer_smoke: after publish, builds an out-of-tree throwaway crate
+# that depends on kin-db ONLY via `registry = "kin"` (no patches) with a fresh
+# CARGO_HOME — proving the published crate is self-consistent and downloadable.
 
 name: Registry Publish
 
@@ -62,14 +74,71 @@ jobs:
     needs: registry_smoke
     if: github.event_name == 'push' && github.ref == 'refs/heads/main'
     runs-on: ubuntu-latest
+    # TROY-GATED: protected environment holds the publish token + required
+    # reviewer. Without it the kin daemon fails closed on publish anyway.
+    environment: registry-publish
     steps:
       - uses: actions/checkout@v6
 
       - name: Install Rust toolchain
         uses: dtolnay/rust-toolchain@1.96.0
 
-      - name: Publish kin-db
+      - name: Publish kin-db (dependency-ordered + checksum-verified)
         run: bash ./scripts/publish-kinlab-crates.sh
         env:
           KINLAB_CARGO_REGISTRY_URL: ${{ vars.KINLAB_CARGO_REGISTRY_URL }}
           KINLAB_CARGO_TOKEN: ${{ secrets.KINLAB_CARGO_TOKEN }}
+
+  registry_consumer_smoke:
+    name: Registry-only consumer smoke (post-publish)
+    needs: registry_publish
+    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+
+      - name: Install Rust toolchain
+        uses: dtolnay/rust-toolchain@1.96.0
+
+      - name: Resolve published kin-db version
+        id: ver
+        run: |
+          V="$(cargo metadata --no-deps --format-version 1 \
+            | python3 -c 'import json,sys; print(next(p["version"] for p in json.load(sys.stdin)["packages"] if p["name"]=="kin-db"))')"
+          echo "version=$V" >> "$GITHUB_OUTPUT"
+
+      - name: Stage consumer crate out-of-tree (no repo .cargo patches inherited)
+        env:
+          VERSION: ${{ steps.ver.outputs.version }}
+        run: |
+          set -euo pipefail
+          dest="$RUNNER_TEMP/consumer"
+          rm -rf "$dest"
+          cp -r ci/registry-smoke "$dest"
+          mkdir -p "$dest/.cargo"
+          # Registry alias ONLY — no [patch.*] redirects, so kin-db and its deps
+          # must resolve from the published registry.
+          cat > "$dest/.cargo/config.toml" <<'EOF'
+          [registries.kin]
+          index = "sparse+https://kinlab.ai/registry/cargo/"
+          EOF
+          # Pin the consumer to the exact just-published kin-db version.
+          python3 - "$dest/Cargo.toml" "$VERSION" <<'PY'
+          import re, sys
+          path, version = sys.argv[1], sys.argv[2]
+          with open(path, "r", encoding="utf-8") as fh:
+              text = fh.read()
+          text = re.sub(r'(kin-db\s*=\s*\{\s*version\s*=\s*")[^"]*(")',
+                        lambda m: m.group(1) + version + m.group(2), text, count=1)
+          with open(path, "w", encoding="utf-8") as fh:
+              fh.write(text)
+          print("pinned consumer to kin-db", version)
+          PY
+
+      - name: Build consumer from the kin registry only (fresh cache)
+        working-directory: ${{ runner.temp }}/consumer
+        env:
+          # Fresh CARGO_HOME forces a clean download from the registry rather
+          # than reusing any cached sibling artifacts.
+          CARGO_HOME: ${{ runner.temp }}/fresh-cargo-home
+        run: cargo build --locked || cargo build

.github/workflows/release.yml

@@ -50,15 +50,66 @@ jobs:
           prerelease: ${{ contains(github.ref_name, '-') }}
 
   publish_registry:
-    name: Publish crates to KinLab
+    name: Publish kin-db to KinLab registry
     needs: release
     runs-on: ubuntu-latest
+    # TROY-GATED: protected environment holds the publish token + required
+    # reviewer. The kin daemon also fails closed without the token.
+    environment: registry-publish
     steps:
       - uses: actions/checkout@v6
       - uses: dtolnay/rust-toolchain@1.96.0
-      - name: Publish kin-model and kin-db
+      # Dependency-ordered preflight + checksum-verified, idempotent publish.
+      # TAG_NAME is an optional consistency check against the Cargo version.
+      - name: Publish kin-db (dependency-ordered + checksum-verified)
         run: bash ./scripts/publish-kinlab-crates.sh
         env:
           TAG_NAME: ${{ github.ref_name }}
           KINLAB_CARGO_REGISTRY_URL: ${{ vars.KINLAB_CARGO_REGISTRY_URL }}
           KINLAB_CARGO_TOKEN: ${{ secrets.KINLAB_CARGO_TOKEN }}
+
+  registry_consumer_smoke:
+    name: Registry-only consumer smoke (post-publish)
+    needs: publish_registry
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+      - uses: dtolnay/rust-toolchain@1.96.0
+
+      - name: Resolve published kin-db version
+        id: ver
+        run: |
+          V="$(cargo metadata --no-deps --format-version 1 \
+            | python3 -c 'import json,sys; print(next(p["version"] for p in json.load(sys.stdin)["packages"] if p["name"]=="kin-db"))')"
+          echo "version=$V" >> "$GITHUB_OUTPUT"
+
+      - name: Stage consumer crate out-of-tree (no repo .cargo patches inherited)
+        env:
+          VERSION: ${{ steps.ver.outputs.version }}
+        run: |
+          set -euo pipefail
+          dest="$RUNNER_TEMP/consumer"
+          rm -rf "$dest"
+          cp -r ci/registry-smoke "$dest"
+          mkdir -p "$dest/.cargo"
+          cat > "$dest/.cargo/config.toml" <<'EOF'
+          [registries.kin]
+          index = "sparse+https://kinlab.ai/registry/cargo/"
+          EOF
+          python3 - "$dest/Cargo.toml" "$VERSION" <<'PY'
+          import re, sys
+          path, version = sys.argv[1], sys.argv[2]
+          with open(path, "r", encoding="utf-8") as fh:
+              text = fh.read()
+          text = re.sub(r'(kin-db\s*=\s*\{\s*version\s*=\s*")[^"]*(")',
+                        lambda m: m.group(1) + version + m.group(2), text, count=1)
+          with open(path, "w", encoding="utf-8") as fh:
+              fh.write(text)
+          print("pinned consumer to kin-db", version)
+          PY
+
+      - name: Build consumer from the kin registry only (fresh cache)
+        working-directory: ${{ runner.temp }}/consumer
+        env:
+          CARGO_HOME: ${{ runner.temp }}/fresh-cargo-home
+        run: cargo build --locked || cargo build

ci/registry-smoke/Cargo.toml

@@ -0,0 +1,31 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright 2026 Firelock, LLC
+#
+# Registry-only consumer smoke (FIR-1021).
+#
+# A throwaway crate that depends on kin-db ONLY through the published "kin"
+# registry — no path/git patches. Building it after a publish proves the
+# published kin-db crate is self-consistent and downloadable by a third party:
+# its declared registry dependencies (kin-model, kin-search, kin-vector at the
+# pinned versions) must all resolve and compile from the registry alone.
+#
+# `[workspace]` makes this its OWN workspace so it is never pulled into the
+# kin-db workspace. The kin-db version below is a placeholder; the registry
+# consumer-smoke CI job rewrites it to the exact just-published version before
+# building.
+
+[package]
+name = "kin-db-registry-smoke"
+version = "0.0.0"
+edition = "2021"
+license = "Apache-2.0"
+publish = false
+
+[workspace]
+
+[dependencies]
+# Resolved ONLY from the kin registry. default-features = false + features =
+# ["vector"] mirrors the consumer feature set that broke in the version-skew
+# incident (kin-db pulled into kin/kin-bench without the embeddings stack), so
+# this smoke covers the historically fragile resolve, not just the fat default.
+kin-db = { version = "0.0.0", registry = "kin", default-features = false, features = ["vector"] }

ci/registry-smoke/src/main.rs

@@ -0,0 +1,18 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright 2026 Firelock, LLC
+//
+// Registry-only consumer smoke (FIR-1021). Exercises a few kin-db public APIs
+// so the published crate is actually compiled and LINKED — not merely resolved
+// — when built against the registry. If the published kin-db references a
+// dependency version that is not in the registry, this binary fails to build.
+
+fn main() {
+    // Construct + round-trip an empty snapshot through the public API, then
+    // build the in-memory graph. These symbols span the storage + engine
+    // surfaces, forcing a broad slice of the published crate to link.
+    let snapshot = kin_db::GraphSnapshot::empty();
+    let graph = kin_db::InMemoryGraph::from_snapshot(snapshot);
+    std::hint::black_box(&graph);
+
+    println!("kin-db registry-smoke OK — published crate is self-consistent");
+}