Merge branch 'main' into feature/use-enum

Signed-off-by: Zhen Wang <[email protected]>

Author: zhen0427

.github/dependabot.yml

@@ -9,3 +9,7 @@ updates:
     directory: "/"
     schedule:
       interval: "weekly"
+  - package-ecosystem: "pip"
+    directory: "/"
+    schedule:
+      interval: "weekly"

.github/workflows/build-test-and-sonar.yml renamed to .github/workflows/build-test-release.yml

@@ -3,16 +3,9 @@
 # SPDX-License-Identifier: MPL-2.0
 
 
-name: Build, Test, Sonar and Publish
+name: Build and Test
 
 on:
-  push:
-    branches:
-      - main
-  # run pipeline on pull request
-  pull_request:
-  # run pipeline on merge queue
-  merge_group:
   # run pipeline from another workflow
   workflow_call:
     inputs:
@@ -45,15 +38,20 @@ jobs:
       - name: Checkout source code
         uses: actions/checkout@v4
 
-      - name: Setup Python 3.11
+      - name: Setup Python 3.13
         uses: actions/setup-python@v5
         with:
-          python-version: "3.11"
+          python-version: "3.13"
+
+      - name: Set PyPI version
+        uses: PowerGridModel/pgm-version-bump@main
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Build
         run: |
-          pip install requests build
-          python set_pypi_version.py
+          cat PYPI_VERSION
+          pip install build
           python -m build --outdir wheelhouse .
 
       - name: Save version
@@ -66,47 +64,12 @@ jobs:
           name: power-grid-model-io
           path: wheelhouse/
 
-  sonar-cloud:
-    permissions:
-      contents: write
-    runs-on: ubuntu-latest
-    steps:
-
-      - name: Checkout source code
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
-
-      - name: Setup Python 3.11
-        uses: actions/setup-python@v5
-        with:
-          python-version: "3.11"
-
-      - name: Install in develop mode
-        run: |
-          pip install -e .[dev]
-
-      - name: Test and Coverage
-        run: |
-          pytest --cov-report=xml:coverage.xml --cov-fail-under=0
-
-          # Fix relative paths in coverage file
-          # Known bug: https://community.sonarsource.com/t/sonar-on-github-actions-with-python-coverage-source-issue/36057
-          sed -i 's@/home/runner/work/power-grid-model-io/power-grid-model-io@/github/workspace@g' coverage.xml
-
-      - name: SonarCloud Scan
-        if: ${{ (github.event_name == 'push') || (github.event.pull_request.head.repo.owner.login == 'PowerGridModel') }}
-        uses: SonarSource/sonarqube-scan-action@master
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-
   unit-tests:
     needs: build-python
     strategy:
       matrix:
         os: [ubuntu-latest, macos-latest, windows-latest]
-        python: ["3.11", "3.12"]
+        python: ["3.11", "3.12", "3.13"]
       fail-fast: false
     runs-on: ${{ matrix.os }}
 
@@ -137,7 +100,7 @@ jobs:
     strategy:
       matrix:
         os: [ubuntu-latest, macos-latest, windows-latest]
-        python: ["3.11", "3.12"]
+        python: ["3.11", "3.12", "3.13"]
       fail-fast: false
     runs-on: ${{ matrix.os }}
 
@@ -163,44 +126,40 @@ jobs:
       - name: Validation tests
         run: pytest tests/validation --no-cov --verbose
 
-  publish:
+  github-release:
     needs:
       - build-python
       - unit-tests
       - validation-tests
-      - sonar-cloud
     permissions:
       contents: write
-    env:
-      TWINE_USERNAME: ${{ secrets.PYPI_USER }}
-      TWINE_PASSWORD: ${{ secrets.PYPI_PASS }}
     runs-on: ubuntu-latest
     steps:
-      - name: Setup Python 3.11
+      - name: Setup Python 3.13
         uses: actions/setup-python@v5
         with:
-          python-version: "3.11"
+          python-version: "3.13"
 
       - name: Load built wheel file
         uses: actions/download-artifact@v4
         with:
           name: power-grid-model-io
           path: wheelhouse/
 
-      - name: Upload wheels
-        if: (github.event_name == 'push') || ((github.event_name == 'workflow_dispatch') && (github.event.inputs.create_release == 'true'))
-        run: |
-          pip install twine
-          echo "Publish to PyPI..."
-          twine upload --verbose wheelhouse/*
+      - name: Get tag
+        id: tag
+        run: echo "tag=v${{ needs.build-python.outputs.version }}" >> $GITHUB_OUTPUT
+
+      - name: Display tag
+        run: echo "${{ steps.tag.outputs.tag }}"
 
-      - name: Release
-        if: (github.event_name == 'push') || ((github.event_name == 'workflow_dispatch') && (github.event.inputs.create_release == 'true'))
+      - name: Create GitHub release
+        if: (inputs.create_release)
         uses: softprops/action-gh-release@v2
         with:
           files: |
             ./wheelhouse/*
-          tag_name: v${{ needs.build-python.outputs.version }}
+          tag_name: "${{ steps.tag.outputs.tag }}"
           prerelease: ${{github.ref != 'refs/heads/main'}}
           generate_release_notes: true
           target_commitish: ${{ github.sha }}

.github/workflows/check-code-quality.yml

@@ -6,13 +6,6 @@
 name: Check Code Quality
 
 on:
-  push:
-    branches:
-      - main
-  # run pipeline on pull request
-  pull_request:
-  # run pipeline on merge queue
-  merge_group:
   # run pipeline from another workflow
   workflow_call:
 
@@ -36,25 +29,16 @@ jobs:
       - name: Upgrade pip
         run: pip install --upgrade pip
 
-      - name: Install and run isort
-        run: |
-          pip install isort
-          isort .
-
-      - name: Install and run black
-        run: |
-          pip install black[jupyter]
-          black .
-
       - name: Install and run mypy
         run: |
           pip install mypy
           mypy src
 
-      - name: Install and run pylint
+      - name: Install and run ruff
         run: |
-          pip install pylint .
-          pylint power_grid_model_io
+          pip install ruff .
+          ruff check .
+          ruff format .
 
       - name: If needed raise error
         run: |

.github/workflows/check-blocking-labels.yml renamed to .github/workflows/check-pr-labels.yml

@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: MPL-2.0
 
 
-name: Check Blocking Labels
+name: Check PR Labels
 
 on:
   # run pipeline on pull request
@@ -19,14 +19,22 @@ on:
   workflow_dispatch:
 
 concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}-blocking-labels
+  group: ${{ github.workflow }}-${{ github.ref }}-pr-labels
   cancel-in-progress: true
 
 jobs:
-  check-blocking-labels:
+  check-pr-labels:
     runs-on: ubuntu-latest
     steps:
-
+      
+      - name: fail-if-no-label
+        if: github.event_name == 'pull_request'
+        run: |
+          if [ "$(jq '.pull_request.labels | length' "$GITHUB_EVENT_PATH")" -eq 0 ]; then
+            echo "This pull request has no labels. Please add at least one label."
+            exit 1
+          fi
+      
       - name: do-not-merge
         if: contains(github.event.pull_request.labels.*.name, 'do-not-merge')
         run: |

.github/workflows/ci.yml

@@ -0,0 +1,106 @@
+# SPDX-FileCopyrightText: Contributors to the Power Grid Model project <[email protected]>
+#
+# SPDX-License-Identifier: MPL-2.0
+
+
+name: CI Build
+
+on:
+  push:
+    branches:
+      - main
+  # run pipeline on pull request
+  pull_request:
+  # run pipeline on merge queue
+  merge_group:
+  # run this workflow manually from the Actions tab
+  workflow_dispatch:
+    inputs:
+      create_release:
+        type: boolean
+        description: Create a (pre-)release when CI passes
+        default: false
+        required: true
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}-ci-build
+  cancel-in-progress: true
+
+jobs:
+  ci-started:
+    runs-on: ubuntu-latest
+    steps:
+      - run: echo "ci started"
+
+  build-test-release:
+    name: build-test-release
+    uses: "./.github/workflows/build-test-release.yml"
+    permissions:
+      contents: write
+    with:
+      # create_release becomes true if the event that triggered this workflow is "workflow_dispatch" and inputs.create_release is true
+      # create_release becomes true if the event that triggered this workflow is "push" on main
+      # otherwise create_release becomes false
+      create_release: ${{ (github.event_name == 'workflow_dispatch' && inputs.create_release) || github.event_name == 'push'}}
+
+  check-code-quality:
+    uses: "./.github/workflows/check-code-quality.yml"
+
+  reuse-compliance:
+    uses: "./.github/workflows/reuse-compliance.yml"
+
+  ci-passed:
+    runs-on: ubuntu-latest
+    needs: [ci-started, build-test-release, check-code-quality, reuse-compliance]
+    if: always()
+
+    steps:
+      # this explicit check is needed cfr. https://github.com/orgs/community/discussions/75568
+      - name: "Check whether all jobs passed"
+        run: echo '${{ toJSON(needs) }}' | jq -e 'to_entries | all(.value.result == "success")'
+      - run: echo "ci passed"
+      
+  publish:
+    name: Publish to PyPI
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      id-token: write  # Required for Trusted Publishing
+    needs: build-test-release
+    if: (github.event_name == 'workflow_dispatch' && inputs.create_release) || github.event_name == 'push'
+
+    steps:
+      - name: Download assets from GitHub release
+        uses: robinraju/release-downloader@v1
+        with:
+          repository: ${{ github.repository }}
+          # download the latest release
+          latest: true
+          # don't download pre-releases
+          preRelease: false
+          fileName: "*"
+          # don't download GitHub-generated source tar and zip files
+          tarBall: false
+          zipBall: false
+          # create a directory to store the downloaded assets
+          out-file-path: assets-to-publish
+          # don't extract downloaded files
+          extract: false
+
+      - name: List downloaded assets
+        run: ls -la assets-to-publish
+      
+      - name: Upload assets to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1
+        with:
+          # To test, use the TestPyPI:
+          # repository-url: https://test.pypi.org/legacy/
+          # You must also create an account and project on TestPyPI,
+          # as well as set the trusted-publisher in the project settings:
+          # https://docs.pypi.org/trusted-publishers/adding-a-publisher/
+          # To publish to the official PyPI repository, just keep
+          # repository-url commented out.
+          packages-dir: assets-to-publish
+          skip-existing: true
+          print-hash: true
+          verbose: true

.github/workflows/nightly.yml

@@ -15,8 +15,8 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-  main:
-    uses: "./.github/workflows/build-test-and-sonar.yml"
+  build-test-release:
+    uses: "./.github/workflows/build-test-release.yml"
     permissions:
       contents: write
     with:

.github/workflows/reuse-compliance.yml

@@ -6,13 +6,6 @@
 name: REUSE Compliance Check
 
 on:
-  push:
-    branches:
-      - main
-  # run pipeline on pull request
-  pull_request:
-  # run pipeline on merge queue
-  merge_group:
   # run pipeline from another workflow
   workflow_call:
   # run this workflow manually from the Actions tab