Skip to content

Commit

Permalink
Workflow changes to facilitate maintenance (#2269)
Browse files Browse the repository at this point in the history
* repo variable to configure image for integration testing

Signed-off-by: Bettina Heim <[email protected]>

* no need for a separate cudaq_nvqc_deploy_image setting

Signed-off-by: Bettina Heim <[email protected]>

* use bot credentials to delete branches

Signed-off-by: Bettina Heim <[email protected]>

* Revert "no need for a separate cudaq_nvqc_deploy_image setting"

This reverts commit 59ff2a9.

* allow to override deploy image specifically

Signed-off-by: Bettina Heim <[email protected]>

* DCO Remediation Commit for Bettina Heim <[email protected]>

I, Bettina Heim <[email protected]>, hereby add my Signed-off-by to this commit: 8a907da

Signed-off-by: Bettina Heim <[email protected]>

* dummy commit to test CI

Signed-off-by: Bettina Heim <[email protected]>

* dummy commit to test CI

Signed-off-by: Bettina Heim <[email protected]>

* dummy commit to test CI

Signed-off-by: Bettina Heim <[email protected]>

* making it more fork friendly

* Update integration_tests.yml

DCO Remediation Commit for Bettina Heim <[email protected]>

I, Bettina Heim <[email protected]>, hereby add my Signed-off-by to this commit: 2661a11

Signed-off-by: Bettina Heim <[email protected]>

* adding codeql workflow for advanced configuratino

Signed-off-by: Bettina Heim <[email protected]>

* adding some permissions

Signed-off-by: Bettina Heim <[email protected]>

* changes needed for merge queue

Signed-off-by: Bettina Heim <[email protected]>

* exclude sphinx templates from spellcheck

Signed-off-by: Bettina Heim <[email protected]>

* fix wildcard pattern

Signed-off-by: Bettina Heim <[email protected]>

* workflow update to exclude templates from spellcheck

Signed-off-by: Bettina Heim <[email protected]>

---------

Signed-off-by: Bettina Heim <[email protected]>
  • Loading branch information
bettinaheim authored Oct 16, 2024
1 parent 7bdab51 commit 4aaf0db
Show file tree
Hide file tree
Showing 10 changed files with 120 additions and 21 deletions.
5 changes: 4 additions & 1 deletion .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,10 @@ on:
push:
branches:
- "pull-request/[0-9]+"

merge_group:
types:
- checks_requested

name: CI # do not change name without updating workflow_run triggers

concurrency:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/clean_up.yml
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ jobs:
/repos/nvidia/cuda-quantum/git/refs/heads/$branch
done
env:
GH_TOKEN: ${{ github.token }}
GH_TOKEN: ${{ secrets.REPO_BOT_ACCESS_TOKEN || github.token }}
draft_releases:
name: Delete draft release
Expand Down
81 changes: 81 additions & 0 deletions .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
# This workflow is used to override the set of languages analyzed,
# and to provide custom queries or build logic.

name: "CodeQL Advanced"

on:
push:
branches:
- 'main'
- 'releases/*'
- 'experimental/*'
- 'features/*'
pull_request:
branches:
- 'main'
- 'releases/*'
- 'experimental/*'
- 'features/*'
schedule:
- cron: '37 9 * * 2'

jobs:
analyze:
name: Analyze (${{ matrix.language }})
# Runner size impacts CodeQL analysis time. To learn more, please see:
# - https://gh.io/recommended-hardware-resources-for-running-codeql
# - https://gh.io/supported-runners-and-hardware-resources
# - https://gh.io/using-larger-runners (GitHub.com only)
# Consider using larger runners or machines with greater resources for possible analysis time improvements.
runs-on: 'ubuntu-latest'
permissions:
security-events: write
# read permissions below are only required for workflows in private repositories
actions: read
contents: read

strategy:
fail-fast: false
matrix:
include:
# To learn more about changing the languages that are analyzed or customizing the build mode for your analysis,
# see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.
# For analyzing a compiled language, you can modify the 'build-mode' for that language to customize how
# your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
- language: c-cpp
build-mode: none # Consider setting this to manual and providing a build command to get more accurate scanning
- language: python
build-mode: none

steps:
- name: Checkout repository
uses: actions/checkout@v4

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
build-mode: ${{ matrix.build-mode }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
# queries: security-extended,security-and-quality

# If the analyze step fails for one of the languages you are analyzing with
# "We were unable to automatically build your code", modify the matrix above
# to set the build mode to "manual" for that language. Then modify this step
# to build your code.
- if: matrix.build-mode == 'manual'
shell: bash
run: |
echo 'If you are using a "manual" build mode for one or more of the' \
'languages you are analyzing, replace this with the commands to build' \
'your code, for example:'
exit 1
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:${{matrix.language}}"
3 changes: 2 additions & 1 deletion .github/workflows/config/spellcheck_config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,8 @@ matrix:

- name: rst
sources:
- '**/*.rst'
- '**/*.rst|!docs/sphinx/_templates/**/*.rst'
glob_flags: N|G|B
expect_match: false
aspell:
lang: en
Expand Down
17 changes: 17 additions & 0 deletions .github/workflows/dco_merge_queue.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
on:
# Do not add any triggers here!
merge_group:
types:
- checks_requested

name: DCO (merge queue)

permissions: {} # no permissions needed.

jobs:
DCO:
runs-on: ubuntu-latest
steps:
- run:
echo "Enable merge_queue check to pass."
echo "No checks were performed; these checks were already performed during PR workflows."
1 change: 0 additions & 1 deletion .github/workflows/gh_registry.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,6 @@ name: Update GHCR
jobs:
ghcr_config:
name: Read GHCR config
if: github.event_name == 'workflow_dispatch' || vars.enabled_workflows == 'all'
runs-on: ubuntu-latest
permissions:
contents: read
Expand Down
17 changes: 7 additions & 10 deletions .github/workflows/integration_tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ on:
cudaq_test_image:
type: string
required: false
default: 'nvcr.io/nvidia/nightly/cuda-quantum:latest' # If changed, update env defaults, too
default: '' # picked up from repo variable if not provided
description: 'CUDA Quantum image to run the tests in. Default to the latest CUDA Quantum nightly image'
commit_sha:
type: string
Expand All @@ -43,7 +43,7 @@ on:
cudaq_nvqc_deploy_image:
type: string
required: false
default: 'nvcr.io/nvidia/nightly/cuda-quantum:latest' # If changed, update env defaults, too
default: '' # same as cudaq_test_image if not provided
description: 'CUDA Quantum image to use for NVQC deployment to NVCF. Default to the latest CUDA Quantum nightly image'
workflow_id:
type: string
Expand All @@ -52,7 +52,6 @@ on:
python_version:
type: choice
required: true
default: '3.10' # If changed, update env defaults, too
description: 'Python version to run wheel test'
options:
- '3.8'
Expand All @@ -70,10 +69,6 @@ env:
NVQC_FUNCTION_ID: 3bfa0342-7d2a-4f1b-8e81-b6608d28ca7d
# <Backend>:<GPU Type>:<Instance Type>:<Min Instances>:<Max Instances>
NGC_NVQC_DEPLOYMENT_SPEC: GFN:L40S:gl40s_1.br25_2xlarge:1:1
# If vars below are changed, it is recommended to also update the
# workflow_dispatch defaults above so they stay in sync.
cudaq_test_image: nvcr.io/nvidia/nightly/cuda-quantum:latest
cudaq_nvqc_deploy_image: nvcr.io/nvidia/nightly/cuda-quantum:latest
python_version: '3.10'

jobs:
Expand All @@ -84,11 +79,13 @@ jobs:
runs-on: ubuntu-latest
outputs:
cudaq_test_image: ${{ steps.vars.outputs.cudaq_test_image }}
cudaq_nvqc_deploy_image: ${{ steps.vars.outputs.cudaq_nvqc_deploy_image }}
steps:
- name: Set variables
id: vars
run: |
echo "cudaq_test_image=${{ inputs.cudaq_test_image || env.cudaq_test_image }}" >> $GITHUB_OUTPUT
echo "cudaq_test_image=${{ inputs.cudaq_test_image || vars.cudaq_test_image }}" >> $GITHUB_OUTPUT
echo "cudaq_nvqc_deploy_image=${{ inputs.cudaq_nvqc_deploy_image || vars.cudaq_test_image }}" >> $GITHUB_OUTPUT
metadata:
name: Retrieve commit info
Expand All @@ -112,7 +109,7 @@ jobs:
build_nvqc_image:
name: Build NVQC deployment image
runs-on: ubuntu-latest
needs: metadata
needs: [setup, metadata]
environment: ghcr-deployment
if: (inputs.target == 'nvqc' || github.event_name == 'schedule' || inputs.target == 'nightly')
steps:
Expand Down Expand Up @@ -153,7 +150,7 @@ jobs:
context: .
file: ./docker/release/cudaq.nvqc.Dockerfile
build-args: |
base_image=${{ inputs.cudaq_nvqc_deploy_image || env.cudaq_nvqc_deploy_image }}
base_image=${{ needs.setup.outputs.cudaq_nvqc_deploy_image }}
tags: nvcr.io/${{ env.NGC_QUANTUM_ORG }}/${{ env.NGC_QUANTUM_TEAM }}/cuda-quantum:nightly
platforms: linux/amd64
provenance: false
Expand Down
8 changes: 2 additions & 6 deletions .github/workflows/nvqc_regression_tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ on:
cudaq_test_image:
type: string
required: false
default: 'nvcr.io/nvidia/nightly/cuda-quantum:latest' # If changed, update env defaults, too
default: '' # picked up from repo variable if not provided
description: 'CUDA Quantum image to run the tests in. Default to the latest CUDA Quantum nightly image'
commit_sha:
type: string
Expand All @@ -25,7 +25,6 @@ on:
python_version:
type: choice
required: true
default: '3.10' # If changed, update env defaults, too
description: 'Python version to run wheel test'
options:
- '3.8'
Expand All @@ -37,9 +36,6 @@ on:
- cron: 0 3 * * *

env:
# If vars below are changed, it is recommended to also update the
# workflow_dispatch defaults above so they stay in sync.
cudaq_test_image: nvcr.io/nvidia/nightly/cuda-quantum:latest
python_version: '3.10'

jobs:
Expand All @@ -54,7 +50,7 @@ jobs:
- name: Set variables
id: vars
run: |
echo "cudaq_test_image=${{ inputs.cudaq_test_image || env.cudaq_test_image }}" >> $GITHUB_OUTPUT
echo "cudaq_test_image=${{ inputs.cudaq_test_image || vars.cudaq_test_image }}" >> $GITHUB_OUTPUT
metadata:
name: Retrieve commit info
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/publishing.yml
Original file line number Diff line number Diff line change
Expand Up @@ -235,6 +235,8 @@ jobs:
for info_file in ${{ join(fromJson(steps.artifacts.outputs.installers).info_files, ' ') }}; do
delete_staging_branch $info_file '${{ steps.artifacts.outputs.installers }}'
done
env:
GH_TOKEN: ${{ secrets.REPO_BOT_ACCESS_TOKEN }}

- name: Retrieve
id: assets_retrieval
Expand Down
5 changes: 4 additions & 1 deletion .github/workflows/repo_checks.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,9 @@
on:
workflow_dispatch:
pull_request:
merge_group:
types:
- checks_requested

name: "Basic content checks"

Expand Down Expand Up @@ -85,7 +88,7 @@ jobs:
create_output cxx_examples 'docs/sphinx/examples/**/*.cpp'
create_output python '*.py :!:python/tests :!:test :!:targettests :!:tpls :!:docs/sphinx/conf.py'
create_output markdown '*.md :!:tpls'
create_output rst '*.rst :!:tpls'
create_output rst '*.rst :!:tpls :!:docs/sphinx/_templates/**/*.rst'
echo "json=$(echo $json)" >> $GITHUB_OUTPUT
formatting:
Expand Down

0 comments on commit 4aaf0db

Please sign in to comment.