Chore/add slsa framework #2692
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Compile and test tfhe-cuda-backend signed integer on an AWS instance | |
name: TFHE Cuda Backend - Signed integer tests | |
env: | |
CARGO_TERM_COLOR: always | |
ACTION_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} | |
RUSTFLAGS: "-C target-cpu=native" | |
RUST_BACKTRACE: "full" | |
RUST_MIN_STACK: "8388608" | |
SLACK_CHANNEL: ${{ secrets.SLACK_CHANNEL }} | |
SLACK_ICON: https://pbs.twimg.com/profile_images/1274014582265298945/OjBKP9kn_400x400.png | |
SLACK_USERNAME: ${{ secrets.BOT_USERNAME }} | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
FAST_TESTS: TRUE | |
NIGHTLY_TESTS: FALSE | |
IS_PULL_REQUEST: ${{ github.event_name == 'pull_request' }} | |
on: | |
# Allows you to run this workflow manually from the Actions tab as an alternative. | |
workflow_dispatch: | |
pull_request: | |
types: | |
- opened | |
- synchronize | |
schedule: | |
# Nightly tests @ 1AM after each work day | |
- cron: "0 1 * * MON-FRI" | |
jobs: | |
should-run: | |
runs-on: ubuntu-latest | |
permissions: | |
pull-requests: write | |
outputs: | |
gpu_test: ${{ env.IS_PULL_REQUEST == 'false' || steps.changed-files.outputs.gpu_any_changed }} | |
steps: | |
- name: Checkout tfhe-rs | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
with: | |
fetch-depth: 0 | |
token: ${{ secrets.FHE_ACTIONS_TOKEN }} | |
- name: Check for file changes | |
id: changed-files | |
uses: tj-actions/changed-files@d6e91a2266cdb9d62096cebf1e8546899c6aa18f | |
with: | |
since_last_remote_commit: true | |
files_yaml: | | |
gpu: | |
- tfhe/Cargo.toml | |
- tfhe/build.rs | |
- backends/tfhe-cuda-backend/** | |
- tfhe/src/core_crypto/gpu/** | |
- tfhe/src/integer/server_key/radix_parallel/tests_unsigned/** | |
- tfhe/src/integer/server_key/radix_parallel/tests_signed/** | |
- tfhe/src/integer/server_key/radix_parallel/tests_cases_unsigned.rs | |
- tfhe/src/integer/gpu/** | |
- tfhe/src/shortint/parameters/** | |
- tfhe/src/high_level_api/** | |
- tfhe/src/c_api/** | |
- 'tfhe/docs/**.md' | |
- '.github/workflows/gpu_signed_integer_tests.yml' | |
- scripts/integer-tests.sh | |
- ci/slab.toml | |
setup-instance: | |
name: Setup instance (cuda-signed-integer-tests) | |
runs-on: ubuntu-latest | |
needs: should-run | |
if: (github.event_name == 'schedule' && github.repository == 'zama-ai/tfhe-rs') || | |
github.event_name == 'workflow_dispatch' || | |
needs.should-run.outputs.gpu_test == 'true' | |
outputs: | |
runner-name: ${{ steps.start-instance.outputs.label }} | |
steps: | |
- name: Start instance | |
id: start-instance | |
uses: zama-ai/slab-github-runner@79939325c3c429837c10d6041e4fd8589d328bac | |
with: | |
mode: start | |
github-token: ${{ secrets.SLAB_ACTION_TOKEN }} | |
slab-url: ${{ secrets.SLAB_BASE_URL }} | |
job-secret: ${{ secrets.JOB_SECRET }} | |
backend: hyperstack | |
profile: gpu-test | |
cuda-signed-integer-tests: | |
name: CUDA signed integer tests | |
needs: [ should-run, setup-instance ] | |
if: github.event_name != 'pull_request' || | |
(github.event_name == 'pull_request' && needs.setup-instance.result != 'skipped') | |
concurrency: | |
group: ${{ github.workflow }}_${{ github.ref }} | |
cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} | |
runs-on: ${{ needs.setup-instance.outputs.runner-name }} | |
strategy: | |
fail-fast: false | |
# explicit include-based build matrix, of known valid options | |
matrix: | |
include: | |
- os: ubuntu-22.04 | |
cuda: "12.2" | |
gcc: 11 | |
steps: | |
- name: Checkout tfhe-rs | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
with: | |
persist-credentials: 'false' | |
token: ${{ secrets.FHE_ACTIONS_TOKEN }} | |
- name: Setup Hyperstack dependencies | |
uses: ./.github/actions/hyperstack_setup | |
with: | |
cuda-version: ${{ matrix.cuda }} | |
gcc-version: ${{ matrix.gcc }} | |
- name: Set up home | |
run: | | |
echo "HOME=/home/ubuntu" >> "${GITHUB_ENV}" | |
- name: Install latest stable | |
uses: dtolnay/rust-toolchain@a54c7afa936fefeb4456b2dd8068152669aa8203 | |
with: | |
toolchain: stable | |
- name: Should run nightly tests | |
if: github.event_name == 'schedule' | |
run: | | |
{ | |
echo "FAST_TESTS=FALSE"; | |
echo "NIGHTLY_TESTS=TRUE"; | |
} >> "${GITHUB_ENV}" | |
- name: Run signed integer multi-bit tests | |
run: | | |
make test_signed_integer_multi_bit_gpu_ci | |
slack-notify: | |
name: Slack Notification | |
needs: [ setup-instance, cuda-signed-integer-tests ] | |
runs-on: ubuntu-latest | |
if: ${{ always() && needs.cuda-signed-integer-tests.result != 'skipped' && failure() }} | |
continue-on-error: true | |
steps: | |
- name: Send message | |
uses: rtCamp/action-slack-notify@c33737706dea87cd7784c687dadc9adf1be59990 | |
env: | |
SLACK_COLOR: ${{ needs.cuda-signed-integer-tests.result }} | |
SLACK_MESSAGE: "Base GPU tests finished with status: ${{ needs.cuda-signed-integer-tests.result }}. (${{ env.ACTION_RUN_URL }})" | |
teardown-instance: | |
name: Teardown instance (cuda-tests) | |
if: ${{ always() && needs.setup-instance.result == 'success' }} | |
needs: [ setup-instance, cuda-signed-integer-tests ] | |
runs-on: ubuntu-latest | |
steps: | |
- name: Stop instance | |
id: stop-instance | |
uses: zama-ai/slab-github-runner@79939325c3c429837c10d6041e4fd8589d328bac | |
with: | |
mode: stop | |
github-token: ${{ secrets.SLAB_ACTION_TOKEN }} | |
slab-url: ${{ secrets.SLAB_BASE_URL }} | |
job-secret: ${{ secrets.JOB_SECRET }} | |
label: ${{ needs.setup-instance.outputs.runner-name }} | |
- name: Slack Notification | |
if: ${{ failure() }} | |
continue-on-error: true | |
uses: rtCamp/action-slack-notify@c33737706dea87cd7784c687dadc9adf1be59990 | |
env: | |
SLACK_COLOR: ${{ job.status }} | |
SLACK_MESSAGE: "Instance teardown (cuda-signed-integer-tests) finished with status: ${{ job.status }}. (${{ env.ACTION_RUN_URL }})" |