Developer SDK + CLI for building, packaging, and deploying A2A agents.
Project description
a2a-pack
Developer SDK + CLI for building, packaging, and deploying A2A agents.
One Python class becomes a sandboxed, discoverable, MCP-compatible AI agent on the a2a cloud platform. Other agents reach yours via HMAC-signed grants. The platform owns deployment, execution, permissions, and (when you're ready) billing.
pip install a2a-pack
a2a signup --email you@example.com --password ...
a2a init research-agent
cd research-agent
a2a dev
a2a test --invoke
a2a deploy
# → https://research-agent.a2acloud.io (TLS, MCP, OpenAPI, all wired)
What an agent looks like
from pydantic import BaseModel
from a2a_pack import (
A2AAgent, LLMProvisioning, NoAuth, Pricing, RunContext, skill,
)
class GreeterConfig(BaseModel):
suffix: str = "!"
class Greeter(A2AAgent[GreeterConfig, NoAuth]):
name = "greeter"
description = "Say hi."
version = "0.1.0"
config_model = GreeterConfig
auth_model = NoAuth
# Use the caller's own LLM key (forwarded by the platform) — the
# author's price stays small; the LLM bill goes to the caller's
# provider directly.
llm_provisioning = LLMProvisioning.CALLER_PROVIDED
pricing = Pricing(price_per_call_usd=0.01, caller_pays_llm=True)
@skill(description="Greet someone.")
async def greet(self, ctx: RunContext[NoAuth], who: str) -> str:
await ctx.emit_progress(f"greeting {who}")
return f"hello {who}{self.config.suffix}"
That's it. a2a deploy packages the source, the control plane builds
the image, ArgoCD reconciles, you get a public URL.
Local development
Use the same agent card, invoke path, secret names, and workspace contract before uploading anything:
a2a dev
That starts the agent at http://127.0.0.1:8000, loads .env.local, creates
.a2a/workspace/{inputs,outputs}, and enables hot reload. Skills are callable at
POST /invoke/{skill} and the card is visible at
/.well-known/agent-card.
Run preflight checks before deploy:
a2a test
a2a test --invoke --skill summarize --args-json '{"text":"hello"}'
Secrets stay local in .env.local. Workspace-backed framework tools, including
DeepAgents via ctx.workspace_backend(), write durable local outputs under
.a2a/workspace/outputs so you can inspect what will become downloadable files
in A2A Cloud.
Bring your own auth
Agents can make caller identity explicit by declaring an auth_model and an
auth_resolver. The resolver receives the inbound bearer token, validates it
against your auth system, and returns the typed principal skills read from
ctx.auth.
from a2a_pack import A2AAgent, JWTAuth, OIDCUserInfoAuthResolver, RunContext, skill
class CustomerAgent(A2AAgent):
name = "customer-agent"
description = "Uses the caller's app login"
auth_model = JWTAuth
auth_resolver = OIDCUserInfoAuthResolver(
"https://auth.example.com/oauth2/userinfo",
auth_model=JWTAuth,
)
@skill(scopes=["profile:read"])
async def profile(self, ctx: RunContext[JWTAuth]) -> dict[str, str | None]:
return {"sub": ctx.auth.sub, "email": ctx.auth.email}
For custom APIs, subclass AuthResolver and call your own /me,
/introspect, or session-exchange endpoint. SAML-backed apps use the same
contract by exposing a bearer-token bridge endpoint that returns JSON.
Public surface
| Concept | Where |
|---|---|
A2AAgent base class + @skill decorator |
a2a_pack.agent |
RunContext, ctx.llm, ctx.ask, ctx.request_scope |
a2a_pack.context |
| Grant mint/verify (HMAC, audience-bound, glob-filtered, time-limited) | a2a_pack.grants |
| Workspace negotiation surface | a2a_pack.workspace |
| Sandbox client (microVM via libkrun) | a2a_pack.sandbox |
| Agent-to-agent client (HTTP, in-memory, custom) | a2a_pack.a2a_client |
| MCP server (skills → tools, mountable into your FastAPI app) | a2a_pack.mcp |
| Lifecycle / Resources / Pricing / LLMProvisioning declarations | a2a_pack.runtime |
| Card schema (auto-derived from your class) | a2a_pack.card |
Full reference + auto-generated docs at https://docs.a2acloud.io.
Self-hosting
The platform pieces (control plane, sandbox runtime, gitea, ArgoCD, MinIO, LiteLLM) live at gitea.a2acloud.io — the SDK is the only piece you need on PyPI. If you want to run the whole stack locally or in your own cluster, the bootstrap recipe is in the platform README.
License
MIT — see LICENSE.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file a2a_pack-0.1.5.tar.gz.
File metadata
- Download URL: a2a_pack-0.1.5.tar.gz
- Upload date:
- Size: 66.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.15
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e36c2224f10dfa2647704faa4020001bdc62e511d67263da7bdbc830133f6fa7
|
|
| MD5 |
919dd71ae6b1f84348c754f1ca32d0de
|
|
| BLAKE2b-256 |
04b8c608c78407cae25e1119b55d207fdc102bade4c907efca63a7ea85035e73
|
File details
Details for the file a2a_pack-0.1.5-py3-none-any.whl.
File metadata
- Download URL: a2a_pack-0.1.5-py3-none-any.whl
- Upload date:
- Size: 90.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.15
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
4b9ea313ec2e2b6a057ff1ba44ca065d0c2de78717d1ba98b4f3e73271dffcb7
|
|
| MD5 |
c0df9ef04b4fdf6c659851f837f14f52
|
|
| BLAKE2b-256 |
112399a5d876eca2d1ed0d4e89ffaee11aa064874b7b67c430b3cbd7674df54f
|
