Chore/add slsa framework #1774
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: AWS Signed Integer Tests on CPU | |
env: | |
CARGO_TERM_COLOR: always | |
ACTION_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} | |
RUSTFLAGS: "-C target-cpu=native" | |
RUST_BACKTRACE: "full" | |
RUST_MIN_STACK: "8388608" | |
SLACK_CHANNEL: ${{ secrets.SLACK_CHANNEL }} | |
SLACK_ICON: https://pbs.twimg.com/profile_images/1274014582265298945/OjBKP9kn_400x400.png | |
SLACK_USERNAME: ${{ secrets.BOT_USERNAME }} | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
# We clear the cache to reduce memory pressure because of the numerous processes of cargo | |
# nextest | |
TFHE_RS_CLEAR_IN_MEMORY_KEY_CACHE: "1" | |
NO_BIG_PARAMS: FALSE | |
on: | |
# Allows you to run this workflow manually from the Actions tab as an alternative. | |
workflow_dispatch: | |
pull_request: | |
types: [labeled] | |
push: | |
branches: | |
- main | |
jobs: | |
should-run: | |
runs-on: ubuntu-latest | |
permissions: | |
pull-requests: write | |
outputs: | |
integer_test: ${{ github.event_name == 'workflow_dispatch' || | |
steps.changed-files.outputs.integer_any_changed }} | |
steps: | |
- name: Checkout tfhe-rs | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 | |
with: | |
fetch-depth: 0 | |
persist-credentials: "false" | |
- name: Check for file changes | |
id: changed-files | |
uses: tj-actions/changed-files@40853de9f8ce2d6cfdc73c1b96f14e22ba44aec4 | |
with: | |
since_last_remote_commit: true | |
files_yaml: | | |
integer: | |
- tfhe/Cargo.toml | |
- concrete-csprng/** | |
- tfhe-zk-pok/** | |
- tfhe/src/core_crypto/** | |
- tfhe/src/shortint/** | |
- tfhe/src/integer/** | |
setup-instance: | |
name: Setup instance (unsigned-integer-tests) | |
needs: should-run | |
if: | |
(github.event_name == 'push' && github.repository == 'zama-ai/tfhe-rs' && needs.should-run.outputs.integer_test == 'true') || | |
(github.event_name == 'schedule' && github.repository == 'zama-ai/tfhe-rs') || | |
(github.event_name == 'pull_request' && contains(github.event.label.name, 'approved')) || | |
github.event_name == 'workflow_dispatch' | |
runs-on: ubuntu-latest | |
outputs: | |
runner-name: ${{ steps.start-instance.outputs.label }} | |
steps: | |
- name: Start instance | |
id: start-instance | |
uses: zama-ai/slab-github-runner@447a2d0fd2d1a9d647aa0d0723a6e9255372f261 | |
with: | |
mode: start | |
github-token: ${{ secrets.SLAB_ACTION_TOKEN }} | |
slab-url: ${{ secrets.SLAB_BASE_URL }} | |
job-secret: ${{ secrets.JOB_SECRET }} | |
backend: aws | |
profile: cpu-big | |
signed-integer-tests: | |
name: Signed integer tests | |
needs: setup-instance | |
concurrency: | |
group: ${{ github.workflow }}_${{ github.ref }}${{ github.ref == 'refs/heads/main' && github.sha || '' }} | |
cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} | |
runs-on: ${{ needs.setup-instance.outputs.runner-name }} | |
steps: | |
- name: Checkout tfhe-rs | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 | |
with: | |
persist-credentials: "false" | |
- name: Set up home | |
run: | | |
echo "HOME=/home/ubuntu" >> "${GITHUB_ENV}" | |
- name: Install latest stable | |
uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a | |
with: | |
toolchain: stable | |
- name: Should skip big parameters set | |
if: github.event_name == 'pull_request' | |
run: | | |
echo "NO_BIG_PARAMS=TRUE" >> "${GITHUB_ENV}" | |
- name: Gen Keys if required | |
run: | | |
make GEN_KEY_CACHE_MULTI_BIT_ONLY=TRUE gen_key_cache | |
- name: Run shortint multi-bit tests | |
run: | | |
make test_shortint_multi_bit_ci | |
- name: Run signed integer multi-bit tests | |
run: | | |
AVX512_SUPPORT=ON make test_signed_integer_multi_bit_ci | |
- name: Gen Keys if required | |
run: | | |
make gen_key_cache | |
- name: Run signed integer tests | |
run: | | |
AVX512_SUPPORT=ON NO_BIG_PARAMS=${{ env.NO_BIG_PARAMS }} BIG_TESTS_INSTANCE=TRUE make test_signed_integer_ci | |
- name: Slack Notification | |
if: ${{ always() }} | |
continue-on-error: true | |
uses: rtCamp/action-slack-notify@4e5fb42d249be6a45a298f3c9543b111b02f7907 | |
env: | |
SLACK_COLOR: ${{ job.status }} | |
SLACK_MESSAGE: "Signed Integer tests finished with status: ${{ job.status }}. (${{ env.ACTION_RUN_URL }})" | |
teardown-instance: | |
name: Teardown instance (signed-integer-tests) | |
if: ${{ always() && needs.setup-instance.result != 'skipped' }} | |
needs: [setup-instance, signed-integer-tests] | |
runs-on: ubuntu-latest | |
steps: | |
- name: Stop instance | |
id: stop-instance | |
uses: zama-ai/slab-github-runner@447a2d0fd2d1a9d647aa0d0723a6e9255372f261 | |
with: | |
mode: stop | |
github-token: ${{ secrets.SLAB_ACTION_TOKEN }} | |
slab-url: ${{ secrets.SLAB_BASE_URL }} | |
job-secret: ${{ secrets.JOB_SECRET }} | |
label: ${{ needs.setup-instance.outputs.runner-name }} | |
- name: Slack Notification | |
if: ${{ failure() }} | |
continue-on-error: true | |
uses: rtCamp/action-slack-notify@4e5fb42d249be6a45a298f3c9543b111b02f7907 | |
env: | |
SLACK_COLOR: ${{ job.status }} | |
SLACK_MESSAGE: "Instance teardown (signed-integer-tests) finished with status: ${{ job.status }}. (${{ env.ACTION_RUN_URL }})" |