ci: validate TAG_NAME and force the version used for pypi upload

[g-husam]

This change sets an explicit version to be used based on the TAG_NAME env var in cloudbuild.yaml, which is needed when the tag differs from the tip of main.

Also sets the fallback version to a local version to ensure it gets rejected by PyPi in case it ever accidentally is used for uploading. Also adds a validation check to cloudbuild.yaml to fail fast if it looks like it might be building the fallback version.

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the reliability and safety of the Python package release process within the CI/CD pipeline. By implementing strict tag validation, explicitly controlling the package version used during builds, and updating the fallback version, it prevents common pitfalls such as incorrect versioning or accidental publication of development artifacts to PyPI.

Highlights

• CI Tag Validation: Introduced a new CI step to rigorously validate release tag formats (vX.Y.Z) and prevent builds from proceeding with invalid or fallback versions.
• Forced Versioning for Builds: Implemented explicit version forcing during the sdist and wheel build processes, ensuring that the package version precisely matches the validated release tag and not a potentially different Git-derived version.
• Fallback Version Update: Modified the setuptools_scm fallback version to include a '+dev.local' suffix, which ensures that PyPI will reject any accidental uploads of development versions.
• Version Mismatch Detection: Added a validation check during wheel building to confirm that setuptools_scm is indeed using the intended forced version, providing an early warning for potential versioning issues.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Changelog

• cloudbuild.yaml
  • Added a new 'validate-tag' step to ensure release tags conform to the vX.Y.Z format and are not fallback versions.
  • Modified 'build-sdist' and manylinux wheel build steps to explicitly set the SETUPTOOLS_SCM_PRETEND_VERSION environment variable based on the validated tag.
  • Included a runtime check in the manylinux wheel build to verify that setuptools_scm is using the forced version.
• pyproject.toml
  • Updated the setuptools_scm fallback_version from '0.0.0' to '0.0.0+dev.local' to prevent accidental PyPI uploads.

Activity

• No specific activity has been recorded for this pull request yet, beyond its initial creation.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request significantly improves the robustness of the release process. By adding a dedicated tag validation step in cloudbuild.yaml and forcing setuptools-scm to use the version from the tag, it prevents accidental publications with incorrect versions. The added validation within the wheel-building step to confirm the version is correctly detected is a great safeguard. Additionally, updating the fallback_version in pyproject.toml to a local version identifier is a smart move to prevent accidental uploads to PyPI. The changes are well-structured and enhance the reliability of the CI/CD pipeline.

[github-actions]

Python Code Coverage Summary

Package	Line Rate	Branch Rate	Health
src.ml_flashpoint	100%	100%	✔
src.ml_flashpoint.adapter	100%	100%	✔
src.ml_flashpoint.adapter.megatron	97%	95%	✔
src.ml_flashpoint.adapter.nemo	98%	94%	✔
src.ml_flashpoint.adapter.pytorch	99%	92%	✔
src.ml_flashpoint.checkpoint_object_manager	93%	93%	➖
src.ml_flashpoint.core	95%	92%	✔
src.ml_flashpoint.replication	81%	81%	❌
Summary	95% (2331 / 2460)	91% (547 / 598)	➖

Minimum allowed line rate is 90%

[github-actions]

C++ Code Coverage Summary

Package	Line Rate	Branch Rate	Health
src.ml_flashpoint.checkpoint_object_manager.buffer_object	93%	54%	✔
src.ml_flashpoint.checkpoint_object_manager.object_manager	70%	37%	❌
src.ml_flashpoint.replication.transfer_service	79%	40%	❌
Summary	81% (916 / 1126)	43% (687 / 1604)	➖

Minimum allowed line rate is 80%