docs: rewrite old CI docs

.github/workflows/ci.yml

@@ -84,14 +84,6 @@ jobs:
           pip install packaging
           pip install twine==3.8.0
 
-      # - name: Upload to TestPyPi
-      #   run: |
-      #     twine check dist/*
-      #     twine upload --repository-url https://test.pypi.org/legacy/ dist/*
-      #   env:
-      #     TWINE_USERNAME: ${{ secrets.TEST_PYPI_USERNAME }}
-      #     TWINE_PASSWORD: ${{ secrets.TEST_PYPI_PASSWORD }}
-
       - name: Upload wheels to PyPI
         run: |
           twine check dist/*

README.md

@@ -101,18 +101,14 @@ To run tests with real Yubikey:
    WARNING: This command will import targets private key to signature slot of your Yubikey, as well as new self-signed x509 certificate!
 3. Run `REAL_YK=True pytest` or `set REAL_YK=True pytest` depending on platform.
 
-## Platform-specific Wheels
 
-1. Open https://dev.azure.com/openlawlibrary/TAF/_build
-2. Click on latest build
-3. Open _Summary_ tab
-4. Under _Build artifacts published_, click on \*wheels to download zip
+## Installing Wheels on Windows and MacOS
 
-More info in [devops document](./docs/devops.md).
+The newer versions of TAF do not require additional setup, and there are no platform-specific wheels needed. However, older versions required certain platform-specific DLLs, which the CI would copy to `taf/libs` before building a wheel. Therefore, it's important to install the appropriate platform-specific wheel if you're using an older version.
 
-## Building Wheels on Ubuntu 16.04 and 18.04
 
-**Binary wheels exists only for macOS, windows-32bit and windows-64bit platforms for python 3.10!**
+## Installing Wheels on Ubuntu
+
 
 - Install dependencies
 

docs/devops/devops.md

@@ -1,56 +1,62 @@
-# Building Wheels
+# CI
 
-TAF has an option to sign files with external token (Yubikey) which can be enabled by installing an extra dependency `[yubikey]`.
-We use official library `yubikey-manager` to communicate with Yubikey, which relies on system dependent libraries (DLLs, dylibs, so).
-In order for signing to work without any additional installations, we are building platform specific wheels which contain all needed platform dependent libraries.
+Our CI is implemented using GitHub Actions, with the configuration file located in the `.github/workflows` directory. This workflow covers testing, building, and deploying wheels and executables following a release.
 
-Important files:
+## run_tests
 
-- [setup.py](../setup.py) is extended with `cmdclass={"bdist_wheel": bdist_wheel},` which ensures that platform specific wheels will be built
-- [libs](../taf/libs) directory contains all DLLs/dylibs/so files
+The first job, `run_tests`, runs the test suite across multiple Python versions on an Ubuntu environment. The critical steps include:
 
-  - libykpers
-  - libyubikey
-  - libusb
-  - libjson-c
+1. **Installing System Libraries:** On Linux, the following libraries need to be installed: `libhdf5-serial-dev`, `zlib1g-dev`, `libatlas-base-dev`, `lcov`, `swig3.0`, and `libpcsclite-dev`. They are required by the YubiKey manager dependency, which provides the ability to sign using YubiKeys (hardware keys).
 
-- [\_\_init\_\_.py](../taf/__init__.py) adds all files from `libs` to a specific environment variable
+2. **Creating Symlink for SWIG:** A symbolic link is created for `swig3.0` to ensure it is accessible as `swig`, allowing the system to find the required SWIG version easily.
 
-## azure-pipelines.yml
+3. **Installing Project Dependencies:** The project dependencies, including those needed for YubiKey integration, are installed.
 
-This script contains all the logic for downloading and packaging platform specific files when building wheels.
+4. **Configuring GitHub User:** Git is configured with a username and email to ensure any Git operations during the workflow do not fail.
 
-### Platforms
+5. **Running Pre-Commit Hooks and Tests:** The pre-commit hooks are executed to enforce code quality checks before running the test suite with `pytest`, ensuring all tests pass across the supported Python versions. If pre-commit hooks reformat any file or if flake8 or mypy issues are detected, the build will fail.
 
-Section `strategy` defines for which platform/architecture and python version TAF wheels are built.
+### Building and Uploading Wheels
 
-To add a new python version you can extend `matrix` section with the following template:
+The `build_and_upload_wheel` job builds and uploads the Python wheel to PyPI upon a release event. Key steps include:
 
-```txt
-linux-ubuntu-16-04-{PYTHON_VERSION_JOB_NAME}:
-  imageName: "ubuntu-16.04"
-  pythonVersion: {PYTHON_VERSION}
-macOS-{PYTHON_VERSION_JOB_NAME}:
-  imageName: "macOS-10.14"
-  pythonVersion: {PYTHON_VERSION}
-windows-64bit-{PYTHON_VERSION_JOB_NAME}:
-  imageName: "vs2017-win2016"
-  pythonVersion: {PYTHON_VERSION}
-  platform: x64
-  winArch: "win64"
-windows-32bit-{PYTHON_VERSION_JOB_NAME}:
-  imageName: "vs2017-win2016"
-  pythonVersion: {PYTHON_VERSION}
-  platform: x86
-  winArch: "win32"
+1. **Installing System Libraries:** The same essential libraries as in the test job are installed, ensuring a consistent build environment.
+
+2. **Installing Project and Building Wheel:** The `TAF` package and its dependencies are installed, and the package is built into a source distribution (`sdist`) and a wheel (`bdist_wheel`).
+
+3. **Installing Publishing Dependencies:** `twine` is installed to handle the verification and upload of the built wheels.
+
+4. **Uploading to PyPI:** The built wheels are verified with `twine check` and then uploaded to PyPI using `twine upload`. This step ensures the package is available for users to install via PyPI.
+
+It can be noted that in the past, we used to download platform-specific DLLs required by the YubiKey manager and package them into wheels. Therefore, we were building platform-specific wheels. The DLLs are no longer required. On Linux, it is still necessary to install certain system libraries: `libhdf5-serial-dev`, `zlib1g-dev`, `libatlas-base-dev`, `lcov`, `swig3.0`, and `libpcsclite-dev`.
+
+When testing the CI, wheels can be uploaded to TestPyPi. Replace the upload step with the following one:
+
+
+
+```
+
+  - name: Upload to TestPyPi
+    run: |
+      twine check dist/*
+      twine upload --repository-url https://test.pypi.org/legacy/ dist/*
+    env:
+      TWINE_USERNAME: ${{ secrets.TEST_PYPI_USERNAME }}
+      TWINE_PASSWORD: ${{ secrets.TEST_PYPI_PASSWORD }}
 ```
 
-with replaced values of `{PYTHON_VERSION_JOB_NAME}` (e.g. py310) and `{PYTHON_VERSION}` (e.g. '3.10').
 
-### Steps explained
+### Building and Testing Standalone Executables
+
+The `build-and-test-executables` job creates standalone executables for Linux, Windows, and macOS. Each platform has specific steps:
+
+1. **Setting Up System Dependencies:**
+    - **Linux:** Installs libraries like `libhdf5-serial-dev`, `zlib1g-dev`, `libatlas-base-dev`, `lcov`, `swig3.0`, and `libpcsclite-dev`. A symlink for `swig3.0` is created.
+    - **Windows:** Installs `swig` using `choco`.
+    - **macOS:** Installs `swig` using `brew`.
+
+2. **Installing Project Dependencies:** Installs the `TAF` package with YubiKey support and `pyinstaller` to facilitate the creation of standalone executables.
+
+3. **Building Executables:** One executable is built for each platform - Windows, Linux, and macOS.
 
-- `UsePythonVersion@0` - set python version
-- `Linus/masOS/Windows Setup` - downloads "libykpers, libyubikey, libusb, libjson-c" and copies files inside "taf/libs" directory
-- `Build TAF` - build wheels
-- `PublishBuildArtifacts` - uploads [artifacts](https://dev.azure.com/openlawlibrary/TAF/_build/results?buildId=476&view=artifacts) to the azure job
-- `Upload wheels` - when new tag is pushed, uploads wheels to `pypi`
+4. **Uploading Executables:** The built executables are uploaded as release assets to GitHub. The `upload-release-asset` action is used to handle this process.