Remove wait_for_testpypi_release script and simplify TestPyPI propagation handling; bump version to 0.8.33

Author: Denis Jelovina

.github/scripts/inspect_installed_pyalp.py

@@ -0,0 +1,23 @@
+#!/usr/bin/env python3
+"""Print basic information about the installed `pyalp` package.
+
+This script is intended to be invoked from CI after installing the package
+from TestPyPI. It prints the package file, available binary modules, and
+the runtime build metadata exposed by the package.
+"""
+import pkgutil
+import sys
+
+try:
+    import pyalp
+except Exception:
+    print('ERROR: failed to import pyalp', file=sys.stderr)
+    raise
+
+print('pyalp package:', getattr(pyalp, '__file__', None))
+print('available modules in package:', [m.name for m in pkgutil.iter_modules(pyalp.__path__)])
+try:
+    print('build metadata:', pyalp.get_build_metadata())
+except Exception as e:
+    print('metadata error:', e)
+print('listed backends via helper:', pyalp.list_backends())

.github/scripts/run_backend_smoke_installed.py

@@ -0,0 +1,36 @@
+#!/usr/bin/env python3
+"""Run the repo's backend smoke runner against an installed pyalp package.
+
+This script is intended to be invoked from CI after installing pyalp from
+TestPyPI. It accepts a single argument (backend name) and will skip if that
+backend is not present in the installed package.
+"""
+import sys
+import subprocess
+
+try:
+    import pyalp
+except Exception:
+    print('ERROR: failed to import pyalp', file=sys.stderr)
+    raise
+
+
+def main(argv):
+    if len(argv) < 2:
+        print('Usage: run_backend_smoke_installed.py <backend_name>', file=sys.stderr)
+        return 2
+    backend = argv[1]
+    backends = pyalp.list_backends()
+    print('discovered backends:', backends)
+    if backend not in backends:
+        print(f'backend {backend} not present in installed package, skipping')
+        return 0
+
+    rc = subprocess.call([sys.executable, 'tests/python/backend_smoke_runner.py', backend])
+    if rc != 0:
+        print(f'backend {backend} smoke runner failed with exit {rc}', file=sys.stderr)
+    return rc
+
+
+if __name__ == '__main__':
+    sys.exit(main(sys.argv))

.github/workflows/promote-to-pypi.yml

@@ -0,0 +1,73 @@
+name: Promote release to PyPI
+
+on:
+  workflow_dispatch:
+    inputs:
+      tag:
+        description: 'Git tag / release to promote (e.g. pyalp.v0.8.14)'
+        required: true
+  push:
+    tags:
+      - 'pyalp.v*'
+
+# Request OIDC id-token permissions at workflow level so actions can use
+# the GitHub Actions OIDC provider. The pypa publish action requires this
+# for trusted publisher flow when using repository-provided credentials.
+permissions:
+  id-token: write
+  contents: read
+
+jobs:
+  promote:
+    runs-on: ubuntu-latest
+    # Require approval from the `production` environment before the job can
+    # access environment-scoped secrets (e.g. the PyPI API token). Create the
+    # environment in the repository settings and add the secret `PYPI_API_TOKEN`.
+    environment: production
+    # Also explicitly request id-token at the job level to be extra clear.
+    permissions:
+      id-token: write
+      contents: read
+    steps:
+      - name: Checkout (for local scripts)
+        uses: actions/checkout@v4
+
+      - name: Download release assets (via GitHub API)
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          REPO: ${{ github.repository }}
+          TAG: ${{ github.event.inputs.tag || github.ref_name }}
+        run: |
+          set -euo pipefail
+          echo "Downloading release assets for ${REPO} tag ${TAG}"
+          mkdir -p release_assets
+          # Fetch release metadata for the tag
+          release_json=$(curl -sSf -H "Authorization: Bearer ${GITHUB_TOKEN}" "https://api.github.com/repos/${REPO}/releases/tags/${TAG}")
+          if [ -z "${release_json}" ]; then
+            echo "No release metadata found for tag ${TAG}" >&2
+            exit 1
+          fi
+
+          # Iterate assets and download each one using the assets API (requires Accept header)
+          echo "$release_json" | jq -r '.assets[] | [.id, .name] | @tsv' | while IFS=$'\t' read -r id name; do
+            echo "Downloading asset: ${name} (id ${id})"
+            curl -sSfL -H "Authorization: Bearer ${GITHUB_TOKEN}" -H "Accept: application/octet-stream" "https://api.github.com/repos/${REPO}/releases/assets/${id}" -o "release_assets/${name}"
+          done
+          echo "Downloaded files:" && ls -la release_assets || true
+
+      - name: List downloaded assets
+        run: |
+          echo "Assets in release_assets:"
+          ls -la release_assets || true
+      
+      - name: Show package name and version (diagnostic)
+        run: |
+          python -c "import importlib,importlib.util,sys,pathlib; spec=importlib.util.find_spec('tomllib') or importlib.util.find_spec('tomli'); name=spec.name if spec else sys.exit(print('No TOML parser available (tomllib/tomli), skipping')); toml=importlib.import_module(name); p=pathlib.Path('pyalp/pyproject.toml'); (sys.exit(print('pyalp/pyproject.toml not found at', p)) if not p.exists() else None); data=toml.loads(p.read_text()); proj=data.get('project',{}); print('project.name =', proj.get('name')); print('project.version =', proj.get('version'))"
+
+      - name: Publish to PyPI (alp-graphblas)
+        uses: pypa/gh-action-pypi-publish@release/v1
+        with:
+          packages-dir: release_assets/
+        env:
+          TWINE_USERNAME: __token__
+          TWINE_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}

.github/workflows/pyalp-publish.yml renamed to .github/workflows/publish-to-testpypi.yml

@@ -1,4 +1,4 @@
-name: pyalp wheels (cibuildwheel)
+name: alp-graphblas wheels (cibuildwheel)
 
 on:
   push:
@@ -82,6 +82,22 @@ jobs:
             printf '%s\n' "import os, runpy; ROOT=os.path.dirname(os.path.abspath(__file__)); PKG=os.path.join(ROOT, 'pyalp'); os.chdir(PKG); runpy.run_path(os.path.join(PKG, 'setup.py'), run_name='__main__')" > setup.py
             # Configure from repository root; enable pyalp and choose NUMA setting per-platform
             PYEXEC=$(python -c 'import sys; print(sys.executable)')
+            # Gather Git metadata and package version to pass into CMake so the
+            # generated runtime metadata contains accurate values even in CI.
+            # Prefer environment-provided values when available (GITHUB_SHA/REF_NAME)
+            ALP_GIT_COMMIT="${GITHUB_SHA:-$(git rev-parse --short HEAD)}"
+            # GITHUB_REF_NAME is available in Actions; fallback to git branch
+            ALP_GIT_BRANCH="${GITHUB_REF_NAME:-$(git rev-parse --abbrev-ref HEAD)}"
+            # Try to pick a semantic/alp version from tags (prefer nearest tag)
+            ALP_VERSION=$(git describe --tags --match "v*" --abbrev=0 2>/dev/null || true)
+            if [ -z "${ALP_VERSION}" ]; then
+              # Fall back to a describe-style value
+              ALP_VERSION=$(git describe --tags --match "v*" --always 2>/dev/null || echo "unknown")
+            fi
+            # Read the pyalp package version from pyalp/pyproject.toml (simple grep)
+            PYALP_VERSION=$(grep -E '^version\s*=\s*"' pyalp/pyproject.toml | head -n1 | sed -E 's/^version\s*=\s*"([^"]+)".*/\1/')
+            PYALP_VERSION=${PYALP_VERSION:-0.0.0}
+            echo "[cibw] Derived ALP_VERSION=${ALP_VERSION}, ALP_GIT_COMMIT=${ALP_GIT_COMMIT}, ALP_GIT_BRANCH=${ALP_GIT_BRANCH}, PYALP_VERSION=${PYALP_VERSION}"
             # Use a per-ABI build directory to avoid cross-ABI contamination
             ABI_TAG=$(python -c 'import sys; print(f"cp{sys.version_info[0]}{sys.version_info[1]}")')
             BUILD_DIR="build/${ABI_TAG}"
@@ -152,8 +168,19 @@ jobs:
             # interprocedural optimization (LTO) to improve portability of the produced wheels.
             PORTABLE_FLAG="-DALP_PORTABLE_BUILD=ON"
             LTO_FLAG="-DCMAKE_INTERPROCEDURAL_OPTIMIZATION=OFF"
-            cmake -S . -B "${BUILD_DIR}" -G Ninja -DCMAKE_BUILD_TYPE=Release -DENABLE_PYALP=ON -DCMAKE_POSITION_INDEPENDENT_CODE=ON -DCMAKE_FIND_FRAMEWORK=NEVER ${MACOS_FLAGS} ${NUMA_FLAG} ${CMAKE_PREFIX_HINT:-} ${OSX_DEPLOY_FLAG:-} ${PORTABLE_FLAG} ${LTO_FLAG} -DPython3_EXECUTABLE="${PYEXEC}"
-            cmake --build "${BUILD_DIR}" --target pyalp_ref --parallel
+            # Only enable OMP and nonblocking backends on Linux runners where libomp
+            # and required build support are available. macOS wheels will build the
+            # stable reference backend only to avoid SDK/ABI compile issues.
+            if [ "$(uname -s)" = "Linux" ]; then
+              BACKEND_FLAGS="-DWITH_OMP_BACKEND=ON -DWITH_NONBLOCKING_BACKEND=ON"
+              BUILD_TARGETS="pyalp_ref pyalp_omp pyalp_nonblocking"
+            else
+              BACKEND_FLAGS="-DWITH_OMP_BACKEND=OFF -DWITH_NONBLOCKING_BACKEND=OFF"
+              BUILD_TARGETS="pyalp_ref"
+            fi
+
+            cmake -S . -B "${BUILD_DIR}" -G Ninja -DCMAKE_BUILD_TYPE=Release -DENABLE_PYALP=ON -DCMAKE_POSITION_INDEPENDENT_CODE=ON -DCMAKE_FIND_FRAMEWORK=NEVER ${MACOS_FLAGS} ${NUMA_FLAG} ${CMAKE_PREFIX_HINT:-} ${OSX_DEPLOY_FLAG:-} ${PORTABLE_FLAG} ${LTO_FLAG} ${BACKEND_FLAGS} -DPython3_EXECUTABLE="${PYEXEC}" -DALP_VERSION="${ALP_VERSION}" -DALP_GIT_COMMIT_SHA="${ALP_GIT_COMMIT}" -DALP_GIT_BRANCH="${ALP_GIT_BRANCH}" -Dpyalp_VERSION="${PYALP_VERSION}"
+            cmake --build "${BUILD_DIR}" --target ${BUILD_TARGETS} --parallel
             # Debug: show the generated metadata file (if present) to the CI logs
             echo "[cibw] Checking for generated metadata file: ${CMAKE_BUILD_DIR}/pyalp_metadata.py"
             if [ -f "${CMAKE_BUILD_DIR}/pyalp_metadata.py" ]; then
@@ -169,21 +196,130 @@ jobs:
       - name: Upload wheels
         uses: actions/upload-artifact@v4
         with:
-          name: pyalp-wheels-${{ matrix.os }}
+          name: alp-graphblas-wheels-${{ matrix.os }}
           path: wheelhouse/*.whl
 
-  # Placeholder for publish job; enable when versioning is PEP 440 compliant
-  # publish:
-  #   needs: build-wheels
-  #   runs-on: ubuntu-latest
-  #   permissions:
-  #     id-token: write
-  #   steps:
-  #     - name: Download wheels
-  #       uses: actions/download-artifact@v4
-  #       with:
-  #         path: dist
-  #     - name: Publish to PyPI
-  #       uses: pypa/gh-action-pypi-publish@release/v1
-  #       with:
-  #         packages-dir: dist
+  publish:
+    needs: build-wheels
+    runs-on: ubuntu-latest
+    environment:
+      name: testpypi
+      url: https://test.pypi.org/p/alp-graphblas
+    permissions:
+      id-token: write
+      contents: write
+    steps:
+      - name: Checkout repository (for tests)
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Download all wheels
+        uses: actions/download-artifact@v4
+        with:
+          path: dist
+          pattern: alp-graphblas-wheels-*
+          merge-multiple: true
+      - name: Publish to TestPyPI
+        uses: pypa/gh-action-pypi-publish@release/v1
+        with:
+          repository-url: https://test.pypi.org/legacy/
+          packages-dir: dist/
+          verbose: true
+
+      - name: Create GitHub Release and upload wheels
+        uses: softprops/action-gh-release@v1
+        with:
+          tag_name: ${{ github.ref_name }}
+          name: ${{ github.ref_name }}
+          files: dist/*.whl
+
+      - name: Skip in-publish verification
+        shell: bash
+        run: |
+          echo "Installation verification moved to 'verify-installed' job"
+
+  verify-installed:
+    needs: publish
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        backend: [pyalp_ref, pyalp_omp, pyalp_nonblocking, _pyalp]
+    steps:
+      - name: Checkout repository (for tests)
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.11'
+
+      - name: Verify installed backend
+        shell: bash
+        env:
+          BACKEND: ${{ matrix.backend }}
+        run: |
+          set -euo pipefail
+          # Determine package version from pyalp/pyproject.toml
+          PYALP_VERSION=$(grep -E '^version\s*=\s*"' pyalp/pyproject.toml | head -n1 | sed -E 's/^version\s*=\s*"([^\"]+)".*/\1/')
+          echo "Testing alp-graphblas version: ${PYALP_VERSION}"
+
+          PY=$(which python3 || which python)
+          echo "Using python: ${PY}"
+          VENV_DIR="./.venv_test"
+          rm -rf "${VENV_DIR}"
+          ${PY} -m venv "${VENV_DIR}"
+          source "${VENV_DIR}/bin/activate"
+          python -m pip install --upgrade pip setuptools wheel numpy
+
+          # Short sleep to allow TestPyPI to propagate the newly uploaded files
+          # before attempting the install. Keep logic minimal to reduce workflow
+          # complexity (the previous retry loop was removed per request).
+          echo "Sleeping 60s to allow TestPyPI propagation before install..."
+          sleep 60
+          echo "Installing alp-graphblas==${PYALP_VERSION} from TestPyPI"
+          python -m pip install --index-url https://test.pypi.org/simple/ --extra-index-url https://pypi.org/simple alp-graphblas==${PYALP_VERSION} --no-deps -v
+
+          # Inspect installed package using the script moved out of the workflow
+          echo "Inspecting installed package"
+          python .github/scripts/inspect_installed_pyalp.py
+
+          # Run the smoke runner script for the backend for this matrix job
+          echo "Running backend smoke runner for ${BACKEND}"
+          python .github/scripts/run_backend_smoke_installed.py "${BACKEND}"
+
+  publish-to-pypi:
+    # Disabled by default to avoid triggering PyPI uploads from this workflow.
+    # PyPI publisher was configured to accept uploads from `promote-to-pypi.yml`.
+    # Keep the job present for maintainers, but skip execution unless intentionally enabled.
+    if: false
+    needs: verify-installed
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: read
+    # This job publishes the already-built artifacts to the real PyPI index.
+    # It requires a PyPI API token stored in the repository secrets as PYPI_API_TOKEN.
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Download built wheels
+        uses: actions/download-artifact@v4
+        with:
+          path: dist
+          pattern: alp-graphblas-wheels-*
+          merge-multiple: true
+
+      - name: Publish to PyPI (alp-graphblas)
+        uses: pypa/gh-action-pypi-publish@release/v1
+        with:
+          packages-dir: dist/
+        env:
+          TWINE_USERNAME: __token__
+          TWINE_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}

CMakeLists.txt

@@ -31,12 +31,43 @@ set( MINORVERSION 7 )
 set( BUGVERSION 0 )
 set( VERSION "${MAJORVERSION}.${MINORVERSION}.${BUGVERSION}" )
 
+# Export a canonical ALP version string for subprojects and packaging. This
+# defaults to the VERSION defined above but can be overridden by -DALP_VERSION
+# on the cmake command line (CI may pass this explicitly).
+if(NOT DEFINED ALP_VERSION)
+	set(ALP_VERSION "${VERSION}" CACHE STRING "ALP project version (for packaging)")
+else()
+	# Keep user-provided ALP_VERSION in cache so subprojects see it
+	set(ALP_VERSION "${ALP_VERSION}" CACHE STRING "ALP project version (for packaging)" FORCE)
+endif()
+
 # set the project name
 project( GraphBLAS
 	VERSION ${VERSION}
 	DESCRIPTION "The ultimate engine for sparse computation"
 	LANGUAGES CXX C
 )
+
+# Find Git and get repository information for metadata
+find_package(Git QUIET)
+if(GIT_FOUND)
+    execute_process(
+        COMMAND ${GIT_EXECUTABLE} rev-parse --short HEAD
+        WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
+        OUTPUT_VARIABLE ALP_GIT_COMMIT
+        OUTPUT_STRIP_TRAILING_WHITESPACE
+    )
+    execute_process(
+        COMMAND ${GIT_EXECUTABLE} rev-parse --abbrev-ref HEAD
+        WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
+        OUTPUT_VARIABLE ALP_GIT_BRANCH
+        OUTPUT_STRIP_TRAILING_WHITESPACE
+    )
+else()
+    set(ALP_GIT_COMMIT "unknown")
+    set(ALP_GIT_BRANCH "unknown")
+endif()
+
 set( CMAKE_CXX_STANDARD 11 )
 set( CMAKE_CXX_STANDARD_REQUIRED ON )