[WIP]: test pull_request_target event fix #6147
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Run a small subset of tests to ensure quick feedback. | |
name: Fast AWS Tests on CPU | |
env: | |
CARGO_TERM_COLOR: always | |
ACTION_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} | |
RUSTFLAGS: "-C target-cpu=native" | |
RUST_BACKTRACE: "full" | |
RUST_MIN_STACK: "8388608" | |
SLACK_CHANNEL: ${{ secrets.SLACK_CHANNEL }} | |
SLACK_ICON: https://pbs.twimg.com/profile_images/1274014582265298945/OjBKP9kn_400x400.png | |
SLACK_USERNAME: ${{ secrets.BOT_USERNAME }} | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
IS_PULL_REQUEST: ${{ github.event_name == 'pull_request' || github.event_name == 'pull_request_target' }} | |
REF: ${{ github.event.pull_request.head.sha || github.sha }} | |
on: | |
# Allows you to run this workflow manually from the Actions tab as an alternative. | |
workflow_dispatch: | |
# Trigger pull_request event on CI files to be able to test changes before merging to main branch. | |
# Workflow would fail if changes come from a forked repository since secrets are not available with this event. | |
pull_request: | |
paths: | |
- '.github/**' | |
- 'ci/**' | |
# General entry point for Zama's pull request as well as contribution from forks. | |
pull_request_target: | |
paths: | |
- '**' | |
- '!.github/**' | |
- '!ci/**' | |
jobs: | |
should-run: | |
runs-on: ubuntu-latest | |
permissions: | |
pull-requests: write | |
outputs: | |
csprng_test: ${{ env.IS_PULL_REQUEST == 'false' || steps.changed-files.outputs.csprng_any_changed }} | |
zk_pok_test: ${{ env.IS_PULL_REQUEST == 'false' || steps.changed-files.outputs.zk_pok_any_changed }} | |
versionable_test: ${{ env.IS_PULL_REQUEST == 'false' || steps.changed-files.outputs.versionable_any_changed }} | |
core_crypto_test: ${{ env.IS_PULL_REQUEST == 'false' || | |
steps.changed-files.outputs.core_crypto_any_changed || | |
steps.changed-files.outputs.dependencies_any_changed }} | |
boolean_test: ${{ env.IS_PULL_REQUEST == 'false' || | |
steps.changed-files.outputs.boolean_any_changed || | |
steps.changed-files.outputs.dependencies_any_changed }} | |
shortint_test: ${{ env.IS_PULL_REQUEST == 'false' || | |
steps.changed-files.outputs.shortint_any_changed || | |
steps.changed-files.outputs.dependencies_any_changed }} | |
integer_test: ${{ env.IS_PULL_REQUEST == 'false' || | |
steps.changed-files.outputs.integer_any_changed || | |
steps.changed-files.outputs.dependencies_any_changed }} | |
wasm_test: ${{ env.IS_PULL_REQUEST == 'false' || | |
steps.changed-files.outputs.wasm_any_changed || | |
steps.changed-files.outputs.dependencies_any_changed }} | |
high_level_api_test: ${{ env.IS_PULL_REQUEST == 'false' || | |
steps.changed-files.outputs.high_level_api_any_changed || | |
steps.changed-files.outputs.dependencies_any_changed }} | |
user_docs_test: ${{ env.IS_PULL_REQUEST == 'false' || | |
steps.changed-files.outputs.user_docs_any_changed || | |
steps.changed-files.outputs.dependencies_any_changed }} | |
any_file_changed: ${{ env.IS_PULL_REQUEST == 'false' || steps.aggregated-changes.outputs.any_changed }} | |
steps: | |
- name: Checkout tfhe-rs | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
with: | |
fetch-depth: 0 | |
token: ${{ secrets.REPO_CHECKOUT_TOKEN }} | |
ref: ${{ env.REF }} | |
- name: Debug step | |
run: | | |
echo "SPAM" | |
- name: Check for file changes | |
id: changed-files | |
uses: tj-actions/changed-files@d6e91a2266cdb9d62096cebf1e8546899c6aa18f | |
with: | |
since_last_remote_commit: true | |
files_yaml: | | |
dependencies: | |
- tfhe/Cargo.toml | |
- tfhe-csprng/** | |
- tfhe-fft/** | |
- tfhe-zk-pok/** | |
- utils/tfhe-versionable/** | |
- utils/tfhe-versionable-derive/** | |
csprng: | |
- tfhe-csprng/** | |
zk_pok: | |
- tfhe-zk-pok/** | |
versionable: | |
- utils/tfhe-versionable/** | |
- utils/tfhe-versionable-derive/** | |
core_crypto: | |
- tfhe/src/core_crypto/** | |
boolean: | |
- tfhe/src/core_crypto/** | |
- tfhe/src/boolean/** | |
shortint: | |
- tfhe/src/core_crypto/** | |
- tfhe/src/shortint/** | |
integer: | |
- tfhe/src/core_crypto/** | |
- tfhe/src/shortint/** | |
- tfhe/src/integer/** | |
wasm: | |
- tfhe/src/** | |
- tfhe/js_on_wasm_tests/** | |
- tfhe/web_wasm_parallel_tests/** | |
- '!tfhe/src/c_api/**' | |
- '!tfhe/src/boolean/**' | |
high_level_api: | |
- tfhe/src/** | |
- '!tfhe/src/c_api/**' | |
- '!tfhe/src/boolean/**' | |
- '!tfhe/src/c_api/**' | |
- '!tfhe/src/js_on_wasm_api/**' | |
user_docs: | |
- tfhe/src/** | |
- '!tfhe/src/c_api/**' | |
- 'tfhe/docs/**.md' | |
- README.md | |
- name: Aggregate file changes | |
id: aggregated-changes | |
if: ( steps.changed-files.outputs.dependencies_any_changed == 'true' || | |
steps.changed-files.outputs.csprng_any_changed == 'true' || | |
steps.changed-files.outputs.zk_pok_any_changed == 'true' || | |
steps.changed-files.outputs.versionable_any_changed == 'true' || | |
steps.changed-files.outputs.core_crypto_any_changed == 'true' || | |
steps.changed-files.outputs.boolean_any_changed == 'true' || | |
steps.changed-files.outputs.shortint_any_changed == 'true' || | |
steps.changed-files.outputs.integer_any_changed == 'true' || | |
steps.changed-files.outputs.wasm_any_changed == 'true' || | |
steps.changed-files.outputs.high_level_api_any_changed == 'true' || | |
steps.changed-files.outputs.user_docs_any_changed == 'true') | |
run: | | |
echo "any_changed=true" >> "$GITHUB_OUTPUT" | |
# Fail if the triggering actor is not part of Zama organization. | |
check-user-permission: | |
needs: should-run | |
uses: ./.github/workflows/check_triggering_actor.yml | |
secrets: | |
TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
setup-instance: | |
name: Setup instance (fast-tests) | |
if: github.event_name != 'pull_request_target' || | |
needs.should-run.outputs.any_file_changed == 'true' | |
needs: [ should-run, check-user-permission ] | |
runs-on: ubuntu-latest | |
outputs: | |
runner-name: ${{ steps.start-instance.outputs.label }} | |
steps: | |
- name: Start instance | |
id: start-instance | |
uses: zama-ai/slab-github-runner@79939325c3c429837c10d6041e4fd8589d328bac | |
with: | |
mode: start | |
github-token: ${{ secrets.SLAB_ACTION_TOKEN }} | |
slab-url: ${{ secrets.SLAB_BASE_URL }} | |
job-secret: ${{ secrets.JOB_SECRET }} | |
backend: aws | |
profile: cpu-big | |
fast-tests: | |
name: Fast CPU tests | |
if: github.event_name != 'pull_request_target' || | |
(github.event_name == 'pull_request_target' && needs.setup-instance.result != 'skipped') | |
needs: [ should-run, setup-instance ] | |
concurrency: | |
group: ${{ github.workflow }}_${{ github.head_ref || github.ref }} | |
cancel-in-progress: true | |
runs-on: ${{ needs.setup-instance.outputs.runner-name }} | |
steps: | |
- name: Checkout tfhe-rs | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
with: | |
persist-credentials: 'false' | |
token: ${{ secrets.REPO_CHECKOUT_TOKEN }} | |
ref: ${{ env.REF }} | |
- name: Install latest stable | |
uses: dtolnay/rust-toolchain@a54c7afa936fefeb4456b2dd8068152669aa8203 | |
with: | |
toolchain: stable | |
- name: Run tfhe-csprng tests | |
if: needs.should-run.outputs.csprng_test == 'true' | |
run: | | |
make test_tfhe_csprng | |
- name: Run tfhe-zk-pok tests | |
if: needs.should-run.outputs.zk_pok_test == 'true' | |
run: | | |
make test_zk_pok | |
- name: Run tfhe-versionable tests | |
if: needs.should-run.outputs.versionable_test == 'true' | |
run: | | |
make test_versionable | |
- name: Run core tests | |
if: needs.should-run.outputs.core_crypto_test == 'true' | |
run: | | |
AVX512_SUPPORT=ON make test_core_crypto | |
- name: Run boolean tests | |
if: needs.should-run.outputs.boolean_test == 'true' | |
run: | | |
make test_boolean | |
- name: Run user docs tests | |
if: needs.should-run.outputs.user_docs_test == 'true' | |
run: | | |
make test_user_doc | |
- name: Get Node version | |
run: | | |
echo "NODE_VERSION=$(make node_version)" >> "${GITHUB_ENV}" | |
- name: Node cache restoration | |
id: node-cache | |
uses: actions/cache/restore@1bd1e32a3bdc45362d1e726936510720a7c30a57 #v4.2.0 | |
with: | |
path: | | |
~/.nvm | |
~/.npm | |
key: node-${{ env.NODE_VERSION }} | |
- name: Install Node | |
if: steps.node-cache.outputs.cache-hit != 'true' | |
run: | | |
make install_node | |
- name: Node cache save | |
uses: actions/cache/save@1bd1e32a3bdc45362d1e726936510720a7c30a57 #v4.2.0 | |
if: steps.node-cache.outputs.cache-hit != 'true' | |
with: | |
path: | | |
~/.nvm | |
~/.npm | |
key: node-${{ env.NODE_VERSION }} | |
- name: Run js on wasm API tests | |
if: needs.should-run.outputs.wasm_test == 'true' | |
run: | | |
make test_nodejs_wasm_api_ci | |
- name: Gen Keys if required | |
if: needs.should-run.outputs.shortint_test == 'true' || | |
needs.should-run.outputs.integer_test == 'true' | |
run: | | |
make gen_key_cache | |
- name: Run shortint tests | |
if: needs.should-run.outputs.shortint_test == 'true' | |
run: | | |
BIG_TESTS_INSTANCE=TRUE FAST_TESTS=TRUE make test_shortint_ci | |
- name: Run integer tests | |
if: needs.should-run.outputs.integer_test == 'true' | |
run: | | |
BIG_TESTS_INSTANCE=TRUE FAST_TESTS=TRUE make test_integer_ci | |
- name: Run high-level API tests | |
if: needs.should-run.outputs.high_level_api_test == 'true' | |
run: | | |
make test_high_level_api | |
- name: Run safe serialization tests | |
run: | | |
make test_safe_serialization | |
- name: Run zk tests | |
run: | | |
make test_zk | |
- name: Slack Notification | |
if: ${{ failure() }} | |
continue-on-error: true | |
uses: rtCamp/action-slack-notify@c33737706dea87cd7784c687dadc9adf1be59990 | |
env: | |
SLACK_COLOR: ${{ job.status }} | |
SLACK_MESSAGE: "Fast AWS tests finished with status: ${{ job.status }}. (${{ env.ACTION_RUN_URL }})" | |
teardown-instance: | |
name: Teardown instance (fast-tests) | |
if: ${{ always() && needs.setup-instance.result == 'success' }} | |
needs: [ setup-instance, fast-tests ] | |
runs-on: ubuntu-latest | |
steps: | |
- name: Stop instance | |
id: stop-instance | |
uses: zama-ai/slab-github-runner@79939325c3c429837c10d6041e4fd8589d328bac | |
with: | |
mode: stop | |
github-token: ${{ secrets.SLAB_ACTION_TOKEN }} | |
slab-url: ${{ secrets.SLAB_BASE_URL }} | |
job-secret: ${{ secrets.JOB_SECRET }} | |
label: ${{ needs.setup-instance.outputs.runner-name }} | |
- name: Slack Notification | |
if: ${{ failure() }} | |
continue-on-error: true | |
uses: rtCamp/action-slack-notify@c33737706dea87cd7784c687dadc9adf1be59990 | |
env: | |
SLACK_COLOR: ${{ job.status }} | |
SLACK_MESSAGE: "Instance teardown (fast-tests) finished with status: ${{ job.status }}. (${{ env.ACTION_RUN_URL }})" |