new flow working?

Author: daquinteroflex

.github/workflows/tidy3d-python-client-deploy.yml

@@ -17,11 +17,6 @@ on:
         description: 'Deploy to production PyPI'
         type: boolean
         default: false
-      
-      deploy_aws:
-        description: 'Deploy to AWS CodeArtifact'
-        type: boolean
-        default: false
 
   workflow_call:
     inputs:
@@ -35,16 +30,10 @@ on:
       deploy_pypi:
         type: boolean
         default: false
-      deploy_aws:
-        type: boolean
-        default: false
 
 permissions:
   contents: read
 
-env:
-  AWS_REGION: "us-east-1"
-
 jobs:
   validate-inputs:
     name: validate-deployment-inputs
@@ -53,12 +42,10 @@ jobs:
       release_tag: ${{ env.RELEASE_TAG }}
       deploy_testpypi: ${{ env.DEPLOY_TESTPYPI }}
       deploy_pypi: ${{ env.DEPLOY_PYPI }}
-      deploy_aws: ${{ env.DEPLOY_AWS }}
     env:
       RELEASE_TAG: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.release_tag || inputs.release_tag }}
       DEPLOY_TESTPYPI: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.deploy_testpypi || inputs.deploy_testpypi }}
       DEPLOY_PYPI: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.deploy_pypi || inputs.deploy_pypi }}
-      DEPLOY_AWS: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.deploy_aws || inputs.deploy_aws }}
     steps:
       - name: validate-inputs
         run: |
@@ -67,11 +54,10 @@ jobs:
           echo "Release tag: $RELEASE_TAG"
           echo "Deploy to TestPyPI: $DEPLOY_TESTPYPI"
           echo "Deploy to PyPI: $DEPLOY_PYPI"
-          echo "Deploy to AWS CodeArtifact: $DEPLOY_AWS"
           echo ""
           
           # Validate at least one target is selected
-          if [[ "$DEPLOY_TESTPYPI" != "true" && "$DEPLOY_PYPI" != "true" && "$DEPLOY_AWS" != "true" ]]; then
+          if [[ "$DEPLOY_TESTPYPI" != "true" && "$DEPLOY_PYPI" != "true" ]]; then
             echo "Error: At least one deployment target must be selected"
             exit 1
           fi
@@ -203,80 +189,11 @@ jobs:
       #       dist/*
       #     echo ""
       #     echo "Successfully published to PyPI"
-      #     echo "   View at: https://pypi.org/project/tidy3d/"
-
-  deploy-aws-codeartifact:
-    name: deploy-to-aws-codeartifact
-    needs: [validate-inputs, build-package]
-    if: |
-      always() &&
-      needs.validate-inputs.outputs.deploy_aws == 'true' &&
-      needs.build-package.result == 'success'
-    runs-on: ubuntu-latest
-    steps:
-      - name: download-artifacts
-        uses: actions/download-artifact@v4
-        with:
-          name: dist-${{ needs.validate-inputs.outputs.release_tag }}
-          path: dist/
-      
-      - name: setup-python
-        uses: actions/setup-python@v5
-        with:
-          python-version: '3.10'
-      
-      - name: install-twine
-        run: |
-          python -m pip install --upgrade pip
-          python -m pip install twine
-      
-      - name: configure-aws-credentials
-        uses: aws-actions/configure-aws-credentials@v4
-        with:
-          aws-region: ${{ env.AWS_REGION }}
-          aws-access-key-id: ${{ secrets.AWS_CODEARTIFACT_ACCESS_KEY }}
-          aws-secret-access-key: ${{ secrets.AWS_CODEARTIFACT_ACCESS_SECRET }}
-      
-      - name: configure-codeartifact-package
-        run: |
-          echo "Configuring CodeArtifact package settings..."
-          aws codeartifact put-package-origin-configuration \
-            --domain flexcompute \
-            --repository pypi-releases \
-            --format pypi \
-            --package tidy3d \
-            --restrictions '{"publish":"ALLOW", "upstream":"BLOCK"}'
-      
-      - name: get-codeartifact-token
-        run: |
-          echo "Getting CodeArtifact authorization token..."
-          CODEARTIFACT_AUTH_TOKEN=$(aws codeartifact get-authorization-token \
-            --domain flexcompute \
-            --domain-owner 625554095313 \
-            --region us-east-1 \
-            --query authorizationToken \
-            --output text)
-          echo "CODEARTIFACT_AUTH_TOKEN=${CODEARTIFACT_AUTH_TOKEN}" >> $GITHUB_ENV
-      
-      
-      - name: publish-to-codeartifact
-        env:
-          TWINE_PASSWORD: ${{ env.CODEARTIFACT_AUTH_TOKEN }}
-        run: |
-          echo "Publishing to AWS CodeArtifact..."
-          # zizmor: ignore[use-trusted-publishing]
-          python -m twine upload \
-            --repository-url https://flexcompute-625554095313.d.codeartifact.us-east-1.amazonaws.com/pypi/pypi-releases/ \
-            --verbose \
-            -u aws \
-            -p "$TWINE_PASSWORD" \
-            dist/*
-          echo ""
-          echo "Successfully published to AWS CodeArtifact"
+      #               echo "   View at: https://pypi.org/project/tidy3d/"
 
   deployment-summary:
     name: deployment-summary
-    needs: [validate-inputs, build-package, deploy-testpypi, deploy-pypi, deploy-aws-codeartifact]
+    needs: [validate-inputs, build-package, deploy-testpypi, deploy-pypi]
     if: always()
     runs-on: ubuntu-latest
     steps:
@@ -286,18 +203,15 @@ jobs:
           BUILD_RESULT: ${{ needs.build-package.result }}
           TESTPYPI_RESULT: ${{ needs.deploy-testpypi.result }}
           PYPI_RESULT: ${{ needs.deploy-pypi.result }}
-          AWS_RESULT: ${{ needs.deploy-aws-codeartifact.result }}
           DEPLOY_TESTPYPI: ${{ needs.validate-inputs.outputs.deploy_testpypi }}
           DEPLOY_PYPI: ${{ needs.validate-inputs.outputs.deploy_pypi }}
-          DEPLOY_AWS: ${{ needs.validate-inputs.outputs.deploy_aws }}
         run: |
           echo "=== Deployment Summary ==="
           echo "Release Tag: ${RELEASE_TAG}"
           echo ""
           echo "Build Package: ${BUILD_RESULT}"
           echo "TestPyPI: ${TESTPYPI_RESULT}"
           echo "PyPI: ${PYPI_RESULT}"
-          echo "AWS CodeArtifact: ${AWS_RESULT}"
           echo ""
           
           # Check for failures
@@ -316,10 +230,6 @@ jobs:
             echo "PyPI deployment failed"
             failed=true
           fi
-          if [[ "${DEPLOY_AWS}" == "true" && "${AWS_RESULT}" == "failure" ]]; then
-            echo "AWS CodeArtifact deployment failed"
-            failed=true
-          fi
           
           if [[ "$failed" == "true" ]]; then
             exit 1

.github/workflows/tidy3d-python-client-release-tests.yml

@@ -0,0 +1,224 @@
+name: "public/tidy3d/python-client-release-tests"
+
+on:
+  workflow_dispatch:
+    inputs:
+      version_match_tests:
+        description: 'Run version consistency checks'
+        type: boolean
+        default: true
+      submodule_tests:
+        description: 'Run submodule tests'
+        type: boolean
+        default: true
+      release_tag:
+        description: 'Release Tag to validate (e.g., v2.10.0, v2.10.0rc1)'
+        required: false
+        type: string
+        default: ''
+  
+  workflow_call:
+    inputs:
+      version_match_tests:
+        description: 'Run version consistency checks'
+        type: boolean
+        default: true
+      submodule_tests:
+        description: 'Run submodule tests'
+        type: boolean
+        default: true
+      release_tag:
+        description: 'Release Tag to validate (e.g., v2.10.0, v2.10.0rc1)'
+        required: false
+        type: string
+        default: ''
+    outputs:
+      workflow_success:
+        description: 'Whether all release tests passed'
+        value: ${{ jobs.workflow-validation.result == 'success' }}
+
+permissions:
+  contents: read
+
+jobs:
+  verify-version-consistency:
+    name: verify-version-consistency
+    runs-on: ubuntu-latest
+    if: ${{ github.event.inputs.version_match_tests || inputs.version_match_tests }}
+    steps:
+      - name: checkout-code
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ inputs.release_tag || github.ref }}
+          persist-credentials: false
+      
+      - name: check-version-consistency
+        env:
+          RELEASE_TAG: ${{ inputs.release_tag }}
+        run: |
+          set -e
+          echo "=== Verifying Version Consistency ==="
+          echo ""
+          
+          # Extract version from pyproject.toml
+          PYPROJECT_VERSION=$(grep '^version = ' pyproject.toml | head -n 1 | sed 's/version = "\(.*\)"/\1/')
+          echo "pyproject.toml version: $PYPROJECT_VERSION"
+          
+          # Extract version from tidy3d/version.py
+          VERSION_PY=$(grep '__version__ = ' tidy3d/version.py | sed 's/__version__ = "\(.*\)"/\1/')
+          echo "tidy3d/version.py version: $VERSION_PY"
+          echo ""
+          
+          # Compare versions
+          if [[ "$PYPROJECT_VERSION" != "$VERSION_PY" ]]; then
+            echo "❌ ERROR: Version mismatch detected!"
+            echo "   pyproject.toml:    $PYPROJECT_VERSION"
+            echo "   tidy3d/version.py: $VERSION_PY"
+            echo ""
+            echo "These versions must match before release."
+            echo "Please update both files to the same version."
+            exit 1
+          fi
+          
+          echo "✅ Version consistency check passed: $PYPROJECT_VERSION"
+          echo ""
+          
+          # If release tag provided, validate it matches the version
+          if [[ -n "$RELEASE_TAG" ]]; then
+            echo "=== Validating Release Tag ==="
+            echo "Release tag: $RELEASE_TAG"
+            
+            # Strip 'v' prefix from tag if present
+            TAG_VERSION="${RELEASE_TAG#v}"
+            echo "Tag version (without 'v'): $TAG_VERSION"
+            
+            if [[ "$TAG_VERSION" != "$PYPROJECT_VERSION" ]]; then
+              echo "❌ ERROR: Release tag does not match package version!"
+              echo "   Release tag: $RELEASE_TAG (version: $TAG_VERSION)"
+              echo "   Package version: $PYPROJECT_VERSION"
+              echo ""
+              echo "The release tag should be 'v$PYPROJECT_VERSION'"
+              exit 1
+            fi
+            
+            echo "✅ Release tag matches package version"
+          fi
+          
+          echo ""
+          echo "=== Version Checks Passed ==="
+
+  test-submodules:
+    name: test-submodules
+    runs-on: ubuntu-latest
+    if: ${{ github.event.inputs.submodule_tests || inputs.submodule_tests }}
+    env:
+      RELEASE_TAG: ${{ inputs.release_tag }}
+    steps:
+      - name: checkout-head
+        if: ${{ !env.RELEASE_TAG }}
+        uses: actions/checkout@v4
+        with:
+          submodules: 'recursive'
+          fetch-depth: 0
+          persist-credentials: true
+
+      - name: checkout-tag
+        if: ${{ env.RELEASE_TAG }}
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ env.RELEASE_TAG }}
+          submodules: 'recursive'
+          fetch-depth: 0
+          persist-credentials: true
+
+      - name: initialize-submodules
+        run: |
+          git submodule update --init --recursive
+
+      - name: check-submodules-for-multiple-branches
+        shell: bash
+        run: |
+          BRANCHES=("develop" $LATEST_BRANCH) # Add your branches here
+          
+          for BRANCH in "${BRANCHES[@]}"; do
+            echo "Analyzing branch: $BRANCH"
+          
+            # Fetch all branches and tags
+            git fetch --all --verbose
+          
+            # Checkout the branch
+            git checkout $BRANCH
+          
+            NOTEBOOKS_PATH=docs/notebooks
+            FAQ_PATH=docs/faq
+          
+            # Checking Notebooks submodule
+            echo "Checking $NOTEBOOKS_PATH for updates..."
+            cd $NOTEBOOKS_PATH
+            NOTEBOOKS_CURRENT_COMMIT=$(git rev-parse HEAD)
+            echo $(git fetch --all --verbose)
+            echo $(git remote get-url origin)
+            if git show-ref --verify refs/remotes/origin/$BRANCH; then
+              echo "Branch $BRANCH exists."
+            else
+              echo "::error::Branch $BRANCH does not exist on remote."
+              exit 1
+            fi
+            NOTEBOOKS_LATEST_COMMIT=$(git rev-parse refs/remotes/origin/${BRANCH})
+            echo "NOTEBOOKS_LATEST_COMMIT: $NOTEBOOKS_LATEST_COMMIT"
+            echo "NOTEBOOKS_CURRENT_COMMIT: $NOTEBOOKS_CURRENT_COMMIT"
+          
+            cd ../..
+            if [ "$NOTEBOOKS_LATEST_COMMIT" != "$NOTEBOOKS_CURRENT_COMMIT" ]; then
+              echo "::error::Submodule $NOTEBOOKS_PATH is not up to date with the $BRANCH branch. Please update it."
+              exit 1
+            else
+              echo "Submodule $NOTEBOOKS_PATH is up to date with the $BRANCH branch."
+            fi
+          
+            # Checking FAQs only on the develop branch
+            if [[ "$BRANCH" == "develop" ]]; then
+              echo "Checking $FAQ_PATH for updates..."
+              cd $FAQ_PATH
+              FAQ_CURRENT_COMMIT=$(git rev-parse HEAD)
+              echo $(git fetch --all --verbose)
+              echo $(git remote get-url origin)
+              FAQ_LATEST_COMMIT=$(git rev-parse refs/remotes/origin/develop)
+              echo "FAQ_LATEST_COMMIT: $FAQ_LATEST_COMMIT"
+              echo "FAQ_CURRENT_COMMIT: $FAQ_CURRENT_COMMIT"
+              cd ../..
+              if [ "$FAQ_LATEST_COMMIT" != "$FAQ_CURRENT_COMMIT" ]; then
+                echo "::error::Submodule $FAQ_PATH is not up to date. Please update it."
+                exit 1
+              else
+                echo "Submodule $FAQ_PATH is up to date."
+              fi
+            fi
+          done
+          
+          echo ""
+          echo "=== Submodule Checks Passed ==="
+
+  workflow-validation:
+    name: workflow-validation
+    runs-on: ubuntu-latest
+    if: always()
+    needs:
+      - verify-version-consistency
+      - test-submodules
+    steps:
+      - name: check-version-consistency-result
+        if: ${{ (github.event.inputs.version_match_tests || inputs.version_match_tests) && needs.verify-version-consistency.result != 'success' && needs.verify-version-consistency.result != 'skipped' }}
+        run: |
+          echo "❌ Version consistency check failed."
+          exit 1
+      
+      - name: check-submodule-tests-result
+        if: ${{ (github.event.inputs.submodule_tests || inputs.submodule_tests) && needs.test-submodules.result != 'success' && needs.test-submodules.result != 'skipped' }}
+        run: |
+          echo "❌ Submodule tests failed."
+          exit 1
+      
+      - name: all-checks-passed
+        if: ${{ success() }}
+        run: echo "✅ All release tests passed!"