fix: fix ci action (#51)

Author: kkkwjx07

.github/workflows/_build.yml

@@ -1,29 +1,44 @@
-name: _Build
+name: 15. _Build Distribution
 
 on:
   workflow_call:
+    inputs:
+      os_json:
+        description: 'JSON string of OS to build on'
+        required: false
+        type: string
+        default: '["ubuntu-latest", "macos-latest", "macos-15-intel", "windows-latest"]'
+      python_json:
+        description: 'JSON string of Python versions'
+        required: false
+        type: string
+        default: '["3.9", "3.10", "3.11", "3.12"]'
   workflow_dispatch:
+    inputs:
+      os_json:
+        description: 'JSON string of OS to build on'
+        required: false
+        default: '["ubuntu-latest", "macos-latest", "macos-15-intel", "windows-latest"]'
+      python_json:
+        description: 'JSON string of Python versions'
+        required: false
+        default: '["3.9", "3.10", "3.11", "3.12"]'
 
 jobs:
   build-linux:
     name: Build distribution on Linux (glibc 2.31) py${{ matrix.python-version }}
+    # Only run if inputs.os_json contains 'ubuntu' or 'linux'
+    if: contains(inputs.os_json, 'ubuntu') || contains(inputs.os_json, 'linux')
     runs-on: ubuntu-latest
     container: ubuntu:20.04
     env:
       DEBIAN_FRONTEND: noninteractive
       TZ: Etc/UTC
     strategy:
+      fail-fast: false
       matrix:
-        include:
-          - python-version: '3.9'
-            python-full: '3.9.18'
-          - python-version: '3.10'
-            python-full: '3.10.13'
-          - python-version: '3.11'
-            python-full: '3.11.8'
-          - python-version: '3.12'
-            python-full: '3.12.2'
-
+        python-version: ${{ fromJson(inputs.python_json) }}
+    
     steps:
     - name: Install system dependencies (Linux)
       run: |
@@ -39,10 +54,25 @@ jobs:
     - uses: actions/checkout@v4
       with:
         submodules: recursive
+        fetch-depth: 0  # Required for setuptools_scm to detect version from git tags
 
-    - name: Build CPython ${{ matrix.python-full }} (Linux)
+    - name: Build CPython (Dynamic Selection)
       run: |
-        PYTHON_FULL="${{ matrix.python-full }}"
+        # Map short version to full version for our specific build environment
+        declare -A PYTHON_MAP
+        PYTHON_MAP["3.9"]="3.9.18"
+        PYTHON_MAP["3.10"]="3.10.13"
+        PYTHON_MAP["3.11"]="3.11.8"
+        PYTHON_MAP["3.12"]="3.12.2"
+        
+        PYTHON_VERSION="${{ matrix.python-version }}"
+        PYTHON_FULL="${PYTHON_MAP[$PYTHON_VERSION]}"
+        
+        if [ -z "$PYTHON_FULL" ]; then
+          echo "Error: Unknown python version $PYTHON_VERSION"
+          exit 1
+        fi
+        
         PYTHON_PREFIX="/opt/python/${PYTHON_FULL}"
         PYTHON_BIN="${PYTHON_PREFIX}/bin/python${{ matrix.python-version }}"
         if [ ! -x "$PYTHON_BIN" ]; then
@@ -80,7 +110,7 @@ jobs:
       run: uv sync
 
     - name: Install build dependencies
-      run: uv pip install setuptools pybind11 cmake wheel build
+      run: uv pip install setuptools setuptools_scm pybind11 cmake wheel build
 
     - name: Build package
       run: uv run python -m build
@@ -116,16 +146,23 @@ jobs:
 
   build-other:
     name: Build distribution on ${{ matrix.os }}
+    # Filter out ubuntu-latest from this job since it's handled by build-linux
+    if: ${{ matrix.os != 'ubuntu-latest' }}
     runs-on: ${{ matrix.os }}
     strategy:
+      fail-fast: false
       matrix:
-        os: [macos-latest, macos-15-intel, windows-latest]
-        python-version: ['3.9', '3.10', '3.11', '3.12']
+        os: ${{ fromJson(inputs.os_json) }}
+        python-version: ${{ fromJson(inputs.python_json) }}
+        # Exclude ubuntu-latest from this matrix if it was passed in inputs
+        exclude:
+          - os: ubuntu-latest
 
     steps:
     - uses: actions/checkout@v4
       with:
         submodules: recursive
+        fetch-depth: 0  # Required for setuptools_scm to detect version from git tags
 
     - name: Set up Python
       uses: actions/setup-python@v6
@@ -156,7 +193,7 @@ jobs:
       run: uv sync
 
     - name: Install build dependencies
-      run: uv pip install setuptools pybind11 cmake wheel build
+      run: uv pip install setuptools setuptools_scm pybind11 cmake wheel build
 
     - name: Build package
       run: uv run python -m build

.github/workflows/_codeql.yml

@@ -1,4 +1,4 @@
-name: _CodeQL
+name: 14. _CodeQL Scan
 
 on:
   workflow_call:

.github/workflows/_lint.yml

@@ -1,4 +1,4 @@
-name: _Lint
+name: 11. _Lint Checks
 
 on:
   workflow_call:

.github/workflows/_publish.yml

@@ -1,4 +1,4 @@
-name: _Publish
+name: 16. _Publish Distribution
 
 on:
   workflow_call:
@@ -77,11 +77,19 @@ jobs:
       actions: read  # Required for downloading artifacts from other runs
 
     steps:
-    - name: Download all the dists
+    - name: Download all the dists (Same Run)
+      if: inputs.build_run_id == ''
       uses: actions/download-artifact@v4
       with:
-        # Use provided build_run_id, or fallback to current github.run_id (for same-workflow execution)
-        run-id: ${{ inputs.build_run_id || github.run_id }}
+        pattern: python-package-distributions-*
+        path: dist/
+        merge-multiple: true
+
+    - name: Download all the dists (Cross Run)
+      if: inputs.build_run_id != ''
+      uses: actions/download-artifact@v4
+      with:
+        run-id: ${{ inputs.build_run_id }}
         github-token: ${{ secrets.GITHUB_TOKEN }}
         pattern: python-package-distributions-*
         path: dist/
@@ -107,11 +115,19 @@ jobs:
       actions: read  # Required for downloading artifacts from other runs
 
     steps:
-    - name: Download all the dists
+    - name: Download all the dists (Same Run)
+      if: inputs.build_run_id == ''
+      uses: actions/download-artifact@v4
+      with:
+        pattern: python-package-distributions-*
+        path: dist/
+        merge-multiple: true
+
+    - name: Download all the dists (Cross Run)
+      if: inputs.build_run_id != ''
       uses: actions/download-artifact@v4
       with:
-        # Use provided build_run_id, or fallback to current github.run_id (for same-workflow execution)
-        run-id: ${{ inputs.build_run_id || github.run_id }}
+        run-id: ${{ inputs.build_run_id }}
         github-token: ${{ secrets.GITHUB_TOKEN }}
         pattern: python-package-distributions-*
         path: dist/

.github/workflows/_test_full.yml

@@ -1,4 +1,4 @@
-name: _Test Full
+name: 13. _Test Suite (Full)
 
 on:
   workflow_call:

.github/workflows/_test_lite.yml

@@ -1,4 +1,4 @@
-name: _Test Lite
+name: 12. _Test Suite (Lite)
 
 on:
   workflow_call:

.github/workflows/ci.yml

@@ -1,4 +1,4 @@
-name: CI (Main Branch)
+name: 02. Main Branch Checks
 
 on:
   push:

.github/workflows/pr.yml

@@ -1,4 +1,4 @@
-name: Pull Request Checks
+name: 01. Pull Request Checks
 
 on:
   pull_request:

.github/workflows/release.yml

@@ -1,4 +1,4 @@
-name: Publish to PyPI
+name: 03. Release
 
 on:
   release:
@@ -15,59 +15,23 @@ on:
         - testpypi
         - pypi
         - both
+      os_json:
+        description: 'JSON string of OS to build on (Manual only)'
+        required: false
+        type: string
+        default: '["ubuntu-latest", "macos-latest", "macos-15-intel", "windows-latest"]'
+      python_json:
+        description: 'JSON string of Python versions (Manual only)'
+        required: false
+        type: string
+        default: '["3.9", "3.10", "3.11", "3.12"]'
 
 jobs:
-  check-version:
-    name: Verify Version
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v4
-    
-    - name: Set up Python
-      uses: actions/setup-python@v6
-      with:
-        python-version: '3.11'
-
-    - name: Verify Tag matches pyproject.toml
-      run: |
-        python -c "
-        import tomllib
-        import os
-        import sys
-
-        with open('pyproject.toml', 'rb') as f:
-            data = tomllib.load(f)
-        
-        proj_version = data['project']['version']
-        ref = os.environ.get('GITHUB_REF', '')
-        event_name = os.environ.get('GITHUB_EVENT_NAME', '')
-        
-        print(f'Project version: {proj_version}')
-        print(f'GitHub Ref: {ref}')
-        print(f'Event Name: {event_name}')
-
-        # Strict check only for Release events or when a Tag is pushed
-        if event_name == 'release' or ref.startswith('refs/tags/'):
-            if ref.startswith('refs/tags/'):
-                tag = ref.split('/')[-1]
-                clean_tag = tag[1:] if tag.startswith('v') else tag
-                
-                if clean_tag != proj_version:
-                    print(f'::error::Git Tag ({tag}) does not match pyproject.toml version ({proj_version})')
-                    sys.exit(1)
-                
-                print(f'✅ Verification Successful: Tag {tag} matches project version {proj_version}')
-            else:
-                print('⚠️ Release event triggered but REF is not a tag? This is unexpected.')
-        else:
-            print(f'ℹ️ Manual trigger ({event_name}) on branch/commit. Skipping strict Tag vs Version check.')
-            print(f'   Current pyproject.toml version is: {proj_version}')
-            print('   Make sure this is the version you intend to build/publish.')
-        "
-
   build:
-    needs: [check-version]
     uses: ./.github/workflows/_build.yml
+    with:
+      os_json: ${{ inputs.os_json || '["ubuntu-latest", "macos-latest", "macos-15-intel", "windows-latest"]' }}
+      python_json: ${{ inputs.python_json || '["3.9", "3.10", "3.11", "3.12"]' }}
 
   publish:
     needs: [build]

.github/workflows/schedule.yml

@@ -1,4 +1,4 @@
-name: Weekly Security Scan
+name: 04. Weekly Security Scan
 
 on:
   schedule: