sandialabs
diff --git a/‎.coveragerc‎
Lines changed: 5 additions & 1 deletion b/‎.coveragerc‎
Lines changed: 5 additions & 1 deletion
diff --git a/‎.github/workflows/_dep_publish.txt‎
Lines changed: 103 additions & 0 deletions b/‎.github/workflows/_dep_publish.txt‎
Lines changed: 103 additions & 0 deletions
diff --git a/‎.github/workflows/release.yml‎
Lines changed: 76 additions & 0 deletions b/‎.github/workflows/release.yml‎
Lines changed: 76 additions & 0 deletions
diff --git a/‎.github/workflows/test.yml‎
Lines changed: 32 additions & 0 deletions b/‎.github/workflows/test.yml‎
Lines changed: 32 additions & 0 deletions
diff --git a/‎CITATION.cff‎
Lines changed: 38 additions & 0 deletions b/‎CITATION.cff‎
Lines changed: 38 additions & 0 deletions
diff --git a/‎CONTRIBUTING.md‎
Lines changed: 108 additions & 0 deletions b/‎CONTRIBUTING.md‎
Lines changed: 108 additions & 0 deletions
@@ -5,6 +5,10 @@ omit =
 
 [paths]
     source = 
-        src/
+        # running from pytribeam root on an offline machine
+        src
+        # full path to 'pytribeam/src' on a laser system
         C:/Users/User/Desktop/Polonsky/____SOFTWARE/pytribeam/src
+        # full path to `pytribeam/src` on a different laser system
         C:/Users/User/Documents/pytribeam/src
+        C:/Users/apolon/Codebases/pytribeam/src
@@ -0,0 +1,103 @@
+<<<<<<< HEAD
+name: Package
+on:
+  pull_request:
+    branches: main
+  release:
+    types: published
+jobs:
+  Source:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: 3.12
+      - name: Requirements
+        run: pip install --upgrade build pip twine
+      - name: Build
+        run: python -m build .
+      - name: Check
+        run: twine check dist/*
+      - uses: actions/upload-artifact@v4
+        with:
+          name: dist
+          path: dist
+  #Wheel:
+  #  strategy:
+  #    fail-fast: false
+  #    matrix:
+  #      os: [macos-latest, ubuntu-latest, windows-latest]
+  #  runs-on: ${{ matrix.os }}
+  #  steps:
+  #    - name: Checkout
+  #      uses: actions/checkout@v4
+  #    - name: Python
+  #      uses: actions/setup-python@v5
+  #      with:
+  #        python-version: 3.12
+  #    - name: Requirements
+  #      run: pip install --upgrade build pip twine
+  #    - name: Wheel
+  #      run: python -m build . --wheel
+  #    - name: Check
+  #      run: twine check dist/*
+  #    - uses: actions/upload-artifact@v4
+  #      with:
+  #        name: ${{ matrix.os }}-dist
+  #        path: dist
+  Twine:
+    # needs: [Source, Wheel]
+    needs: Source
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/download-artifact@v4
+      - uses: actions/setup-python@v5
+        with:
+          check-latest: true
+          python-version: 3.12
+      - name: Requirements
+        run: pip install --upgrade pip twine
+      - name: Upload
+        if: github.event_name == 'release'
+        run: twine upload -u __token__ -p ${{ secrets.PYPI_TOKEN }} dist/*
+=======
+name: Publish to PyPI
+
+on:
+  push:
+    branches:
+      - main # Triggers when push/merge to the 'main' branch
+    tags:
+      - 'v*' # Triggers whenever you push a tag starting with 'v' (e.g., v0.0.2)
+
+jobs:
+  build-and-publish:
+    name: Build and publish Python distribution
+    runs-on: ubuntu-latest
+    permissions:
+      # This permission is REQUIRED for Trusted Publishing
+      id-token: write
+      contents: read
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set up Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: "3.12"
+
+    - name: Install dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install build
+
+    - name: Build binary wheel and source tarball
+      run: python -m build
+
+    - name: Publish to PyPI
+      uses: pypa/gh-action-pypi-publish@release/v1
+>>>>>>> 8e30c8a94f451d004fdfc990f5ddf8019266eb2f
@@ -0,0 +1,76 @@
+name: Release
+
+on:
+  push:
+    tags:
+      - 'v*' # Trigger only on version tags (e.g., v1.0.0)
+  workflow_dispatch:  # allows manual triggering of the workflow from the GitHub Actions tab
+
+jobs:
+  # 1. TEST JOB: Runs Pytest
+  test:
+    uses: ./.github/workflows/test.yml  # Reuse the test workflow defined in test.yml
+
+  # 2. BUILD: Only runs if 'test' passes
+  build:
+    needs: test
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0 # Required for versioning tools to see tags
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.8.12' # to match pyproject.toml exactly
+
+      - name: Build
+        run: |
+          pip install build
+          python -m build .
+
+      - name: Upload build artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: dist
+          path: dist/
+
+  # 3. GITHUB RELEASE: Creates the release on GitHub and attaches the build files
+  github-release:
+    needs: build
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write # Needed to create releases and upload assets
+    steps:
+      - name: Download build artifacts
+        uses: actions/download-artifact@v4
+        with:
+          name: dist
+          path: dist/
+
+      - name: Create GitHub Release
+        uses: softprops/action-gh-release@v2
+        with:
+          files: dist/*
+          generate_release_notes: true # Automatically generate release notes based on commits since the last release
+          draft: false # Set to true if you want to create a draft release instead of publishing immediately
+          prerelease: false # Set to true if this is a pre-release (e.g., alpha, beta)
+
+  # 4. PUBLISH: Only runs if 'build' passes
+  publish:
+    needs: [build, github-release] # Ensure both build and GitHub release steps succeed before publishing
+    runs-on: ubuntu-latest
+    # Optional: Use environment protection rule for manual approval before publishing
+    environment: pypi
+    permissions:
+      id-token: write # Needed for authentication with PyPI using GitHub Actions
+    steps:
+      - name: Download build artifacts
+        uses: actions/download-artifact@v4
+        with:
+          name: dist
+          path: dist/
+
+      - name: Publish to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1
@@ -0,0 +1,32 @@
+# This workflow will not run without Autoscript.
+name: Test
+
+on:
+  push:
+    branches:
+      - '**' # Trigger on any branch push
+  pull_request:
+    branches:
+      - '**' # Trigger on any pull request
+  workflow_call: # CRITICAL: Allows this workflow to be called by others
+
+jobs:
+  test:
+    name: Run Subset of Tests
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.8.12'
+
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install -e ".[dev]"
+
+      - name: Run Pytest
+        run: pytest tests/test_example.py
@@ -0,0 +1,38 @@
+# This CITATION.cff file was generated with cffinit.
+# Visit https://bit.ly/cffinit to generate yours today!
+
+cff-version: 1.2.0
+title: pyTriBeam
+message: >-
+  If you use this software, please cite it using these
+  metadata.
+type: software
+authors:
+  - given-names: Andrew
+    family-names: Polonsky
+    email: apolon@sandia.gov
+    affiliation: Sandia National Laboratories
+    orcid: 'https://orcid.org/0000-0003-4515-9827'
+  - given-names: James
+    family-names: Lamb
+    email: jdlamb@sandia.gov
+    affiliation: Sandia National Laboratories
+    orcid: 'https://orcid.org/0000-0002-1409-9799'
+  - given-names: Chad
+    family-names: Hovey
+    affiliation: Sandia National Laboratories
+    email: chovey@sandia.gov
+    orcid: 'https://orcid.org/0000-0003-0915-5765'
+identifiers:
+  - type: doi
+    value: 10.1007/s40192-026-00449-2
+    description: Paper on software development and use
+repository-code: 'https://github.com/sandialabs/pytribeam'
+url: 'https://sandialabs.github.io/pytribeam/'
+abstract: Automated data collection for the TriBeam microscope
+keywords:
+  - 3D materials science
+  - serial sectioning
+  - tomography
+  - automation
+license: MIT
@@ -0,0 +1,108 @@
+# Contributing
+
+## Repository Download
+
+```sh
+git clone git@github.com:sandialabs/pytribeam.git
+```
+
+## Virtual Environment
+
+From within the `pytribeam` directory, create a virtual environment.  A virtual environment is a self-contained directory that contains a specific Python installation, along with additional packages. It allows users to create isolated environments for different projects. This ensures that dependencies and libraries do not interfere with each other.
+
+Create a virtual environment with either `pip` or `uv`.  `pip` is already included with Python.  `uv` must be [installed](https://docs.astral.sh/uv/getting-started/installation/).  `uv` is 10 to 100 times faster than `pip`.
+
+```sh
+cd pytribeam
+
+# (a) pip method, or
+python -m venv .venv
+
+# (b) uv method
+uv venv
+
+# for both methods (a) and (b)
+source .venv/bin/activate       # bash
+source .venv/bin/activate.fish  # fish shell
+```
+
+Install the code in editable form,
+
+```sh
+# (a) pip method, or
+pip install -e .[dev]
+
+# (b) uv method
+uv pip install -e .[dev]
+```
+
+## CI/CD
+
+We separate the concerns of test, build, release, and publish throughout the `.github/workflows/` files:
+
+* [`test.yml`](/.github/workflows/test.yml)
+* [`release.yml`](/.github/workflows/release.yml)
+
+These YAML files cover:
+
+* **Test (Verification)**
+  * **Purpose:** To ensure that the code is functional and hasn't introduced regressions (broken existing features).
+  * **What happens:** Automated tools like `pytest` run your unit and integration tests. It often includes "linting" (checking code style) and type-checking.
+  * **Key Outcome:** Confidence. If this stage fails, the process stops immediately, preventing broken code from ever reaching a user.
+* **Build (Packaging)**
+  * **Purpose:** To transform your "human-readable" source code into "machine-installable" artifacts.
+  * **What happens:** Tools (like `python -m build`) bundle your code into standard formats, such as a Wheel (`.whl`) or a Source Distribution (`.tar.gz`).
+   * **Key Outcome:** Portability. You now have a single file (an "artifact") that contains everything needed to install your library on any compatible system.
+* **Release (Documentation & Tagging)**
+   * **Purpose:** To create an official "point-in-time" snapshot of the project for project management and users.
+   * **What happens:** A permanent Git tag (like v1.0.0) is assigned to a specific commit. A GitHub Release page is generated with a Changelog (i.e., What's New?) and the build artifacts are attached to it as "Release Assets."
+  * **Key Outcome:** Traceability. It provides a clear history of the project's evolution and a stable place for users to download specific versions.
+* **Publish (Distribution)**
+   * **Purpose:** To make the software easily available to the global ecosystem.
+   * **What happens:** The built artifacts are uploaded to a package registry, such as PyPI (the Python Package Index).
+   * **Key Outcome:** Accessibility. Once published, anyone in the world can install your software using a simple command like `pip install pytribeam`.
+
+Implementation details:
+
+* The reuse of `test.yml` via a `workflow_call` ensures that test logic is not duplicated.
+* **Dependency Chain:** `build` waits for `test`, and publish waits for both `build` and `github-release`.
+* **Artifact Integrity:** By building once and downing the artifacts in subsequent jobs, we ensure the exact same files go to GitHub and PyPI.
+* **Security:** We use `id-token: write` for PyPI's Trusted Publishing, which is a modern and secure way to handle authentication.
+
+In `release.yml` we have removed the manual `-p ${{ secrets.PYPI_TOKEN }}`.  The industry standard is now [**Trusted Publishing**](https://docs.pypi.org/trusted-publishers/).  You configure this in your PyPI project settings once, and GitHub Actions authenticates securely without you needing to store and rotate secrets.
+
+To configure Trusted Publishing, you tell PyPI, "Trust any code from this specific GitHub repository and workflow."  This removes the need to mange long-lived API tokens or passwords in your secrets.
+
+Step:
+
+* Log into your [PyPI](https://pypi.org) account
+* Go your project's **Manage** page (or your accounts **Publishing** settings if you are setting it up for the first time.)
+* Look for the **Publishing**tab
+* Click **Add new publisher**
+* Select **GitHub** as the source
+* Enter the following details:
+  * Owner: sandialabs
+  * Repository name: pytribeam
+  * Workflow name: `release.yml` (This must match your filename in your `.github/workflows/` directory))
+  * Environment name: You can leave this blank or name it `pypi` (if you use it in your YAML).  We used `pypi`.
+  * Click the **Add** button
+
+To create a release:
+
+* Merge the `dev` branch into the `main` branch.
+* On the `main` branch, `git tag` and push to `main`, e.g., 
+
+```sh
+# Ensure you are on the main branch
+git checkout main
+git pull
+
+# View existing tags, if any
+git tag
+
+# Create the new tag, e.g.,
+git tag -a v1.0.0 -m "Release version 1.0.0"
+
+# On the main branch, push the tag to GitHub
+git push origin v1.0.0
+```