name: Concrete Python Release on: workflow_dispatch: inputs: instance_id: description: 'Instance ID' type: string instance_image_id: description: 'Instance AMI ID' type: string instance_type: description: 'Instance product type' type: string runner_name: description: 'Action runner name' type: string request_id: description: 'Slab request ID' type: string user_inputs: description: 'either "nightly" or "public" to specify the release type' required: true type: string env: DOCKER_IMAGE_TEST: ghcr.io/zama-ai/concrete-compiler GLIB_VER: 2_28 RELEASE_TYPE: ${{ inputs.user_inputs }} jobs: linux-x86: continue-on-error: true strategy: matrix: python-version: ["3.8", "3.9", "3.10"] runs-on: ${{ github.event.inputs.runner_name }} steps: - name: Log instance configuration run: | echo "IDs: ${{ inputs.instance_id }}" echo "AMI: ${{ inputs.instance_image_id }}" echo "Type: ${{ inputs.instance_type }}" echo "Request ID: ${{ inputs.request_id }}" echo "User Inputs: ${{ inputs.user_inputs }}" - name: Set up SSH agent uses: webfactory/ssh-agent@v0.7.0 with: ssh-private-key: ${{ secrets.CONCRETE_CI_SSH_PRIVATE }} - name: Set up GitHub environment run: | echo "HOME=/home/ubuntu" >> "${GITHUB_ENV}" #echo "SSH_AUTH_SOCK=$SSH_AUTH_SOCK)" >> "${GITHUB_ENV}" echo "SSH_AUTH_SOCK_DIR=$(dirname $SSH_AUTH_SOCK)" >> "${GITHUB_ENV}" - name: Checkout uses: actions/checkout@v3 with: submodules: recursive token: ${{ secrets.CONCRETE_ACTIONS_TOKEN }} - name: Set release version (nightly) if: ${{ env.RELEASE_TYPE == 'nightly' }} run: echo "__version__ = \"$(date +"%Y.%m.%d")\"" >| frontends/concrete-python/version.txt - name: Set release version (public) if: ${{ env.RELEASE_TYPE == 'public' }} run: echo "__version__ = \"`git describe --tags --abbrev=0 | grep -e '[0-9].*' -o`\"" >| frontends/concrete-python/version.txt - name: Create build directory run: mkdir build - name: Build wheel uses: addnab/docker-run-action@v3 id: build-compiler-bindings with: registry: ghcr.io image: ${{ env.DOCKER_IMAGE_TEST }} username: ${{ secrets.GHCR_LOGIN }} password: ${{ secrets.GHCR_PASSWORD }} options: >- -v ${{ github.workspace }}:/concrete -v ${{ github.workspace }}/build:/build -v ${{ env.SSH_AUTH_SOCK }}:/ssh.socket -e SSH_AUTH_SOCK=/ssh.socket ${{ env.DOCKER_GPU_OPTION }} shell: bash run: | set -e rm -rf /build/* export PYTHON=${{ format('python{0}', matrix.python-version) }} echo "Using $PYTHON" cd /concrete/frontends/concrete-python make PYTHON=$PYTHON venv source .venv/bin/activate cd /concrete/compilers/concrete-compiler/compiler make BUILD_DIR=/build CCACHE=ON DATAFLOW_EXECUTION_ENABLED=ON Python3_EXECUTABLE=$(which python) python-bindings echo "Debug: ccache statistics (after the build):" ccache -s cd /concrete/frontends/concrete-python export COMPILER_BUILD_DIRECTORY="/build" make whl deactivate - name: Upload wheel uses: actions/upload-artifact@v3 with: name: ${{ format('wheel-{0}-linux-x86', matrix.python-version) }} path: frontends/concrete-python/dist/*manylinux*.whl retention-days: 3 - name: Setup Python uses: actions/setup-python@v4 with: python-version: ${{ matrix.python-version }} - name: Test wheel run: | set -e export CONCRETE_PYTHON=$(pwd)/frontends/concrete-python cd $(mktemp -d) python -m venv .testenv source .testenv/bin/activate pip install $CONCRETE_PYTHON/dist/*manylinux*.whl pip install -r $CONCRETE_PYTHON/requirements.dev.txt cp -R $CONCRETE_PYTHON/tests . cp -R $CONCRETE_PYTHON/pytest.ini . pytest -svv -n auto tests deactivate macos: continue-on-error: true strategy: matrix: python-version: ["3.8", "3.9", "3.10"] runs-on: ["aws-mac1-metal", "aws-mac2-metal"] runs-on: ${{ matrix.runs-on }} steps: - name: Set up SSH agent uses: webfactory/ssh-agent@v0.7.0 with: ssh-private-key: ${{ secrets.CONCRETE_CI_SSH_PRIVATE }} - name: Checkout uses: actions/checkout@v3 with: submodules: recursive token: ${{ secrets.CONCRETE_ACTIONS_TOKEN }} - name: Install OS Dependencies run: | brew install ninja ccache - name: Install Rust uses: actions-rs/toolchain@v1 with: toolchain: nightly override: true - name: Set release version (nightly) if: ${{ env.RELEASE_TYPE == 'nightly' }} run: echo "__version__ = \"$(date +"%Y.%m.%d")\"" >| frontends/concrete-python/version.txt - name: Set release version (public) if: ${{ env.RELEASE_TYPE == 'public' }} run: echo "__version__ = \"`git describe --tags --abbrev=0 | grep -e '[0-9].*' -o`\"" >| frontends/concrete-python/version.txt - name: Create build directory run: mkdir build - name: Build wheel run: | set -e cd frontends/concrete-python # Setup pkg-config to find OpenBLAS (scipy need it) export PKG_CONFIG_PATH="/opt/homebrew/opt/openblas/lib/pkgconfig" rm -rf .venv ${{ format('python{0}', matrix.python-version) }} -m venv .venv . .venv/bin/activate pip install -r requirements.dev.txt pip install -r requirements.txt cd $GITHUB_WORKSPACE/compilers/concrete-compiler/compiler echo "Debug: ccache statistics (prior to the build):" ccache -s make Python3_EXECUTABLE=$(which python) python-bindings echo "Debug: ccache statistics (after the build):" ccache -s export COMPILER_BUILD_DIRECTORY=$(pwd)/build cd $GITHUB_WORKSPACE/frontends/concrete-python rm -rf dist mkdir -p dist pip wheel -v --no-deps -w dist . delocate-wheel -v dist/*macos*.whl deactivate - name: Upload wheel uses: actions/upload-artifact@v3 with: name: ${{ format('wheel-{0}-{1}', matrix.python-version, matrix.runs-on) }} path: frontends/concrete-python/dist/*macos*.whl retention-days: 3 - name: Test wheel run: | set -e export CONCRETE_PYTHON=$(pwd)/frontends/concrete-python export TEST_TMP_DIR=$(mktemp -d) cd $TEST_TMP_DIR export PYTHON_VERSION=${{ format('python{0}', matrix.python-version) }} $PYTHON_VERSION -m venv .testenv source .testenv/bin/activate pip install $CONCRETE_PYTHON/dist/*macos*.whl pip install -r $CONCRETE_PYTHON/requirements.dev.txt # MacOS x86 have conflict between our OpenMP library, and one from torch # we fix it by using a single one (from torch) # see discussion: https://discuss.python.org/t/conflicting-binary-extensions-in-different-packages/25332/8 export SITE_PACKAGES=$(pwd)/.testenv/lib/$PYTHON_VERSION/site-packages/ export CONCRETE_LIB_OMP=$SITE_PACKAGES/concrete/.dylibs/libomp.dylib # Where is libiomp? Possibilities ordered in increasing priorities export TORCH_LIB_IOMP="this shouldn't exist" ls $SITE_PACKAGES/torch/lib/libiomp5.dylib && export TORCH_LIB_IOMP=$SITE_PACKAGES/torch/lib/libiomp5.dylib ls $SITE_PACKAGES/torch/.dylibs/libiomp5.dylib && export TORCH_LIB_IOMP=$SITE_PACKAGES/torch/.dylibs/libiomp5.dylib ls $SITE_PACKAGES/functorch/.dylibs/libiomp5.dylib && export TORCH_LIB_IOMP=$SITE_PACKAGES/functorch/.dylibs/libiomp5.dylib ls $TORCH_LIB_IOMP \ && rm $CONCRETE_LIB_OMP \ && ln -s $TORCH_LIB_IOMP $CONCRETE_LIB_OMP cp -R $CONCRETE_PYTHON/tests . cp -R $CONCRETE_PYTHON/pytest.ini . pytest tests -svv -n auto -m "not dataflow" rm -rf $TEST_TMP_DIR push: needs: [linux-x86, macos] runs-on: ubuntu-latest steps: - uses: actions/download-artifact@v3 continue-on-error: ${{ env.RELEASE_TYPE == 'nightly' }} with: name: wheel-3.8-linux-x86 path: wheels - uses: actions/download-artifact@v3 continue-on-error: ${{ env.RELEASE_TYPE == 'nightly' }} with: name: wheel-3.9-linux-x86 path: wheels - uses: actions/download-artifact@v3 continue-on-error: ${{ env.RELEASE_TYPE == 'nightly' }} with: name: wheel-3.10-linux-x86 path: wheels - uses: actions/download-artifact@v3 continue-on-error: ${{ env.RELEASE_TYPE == 'nightly' }} with: name: wheel-3.8-aws-mac1-metal path: wheels - uses: actions/download-artifact@v3 continue-on-error: ${{ env.RELEASE_TYPE == 'nightly' }} with: name: wheel-3.9-aws-mac1-metal path: wheels - uses: actions/download-artifact@v3 continue-on-error: ${{ env.RELEASE_TYPE == 'nightly' }} with: name: wheel-3.10-aws-mac1-metal path: wheels - uses: actions/download-artifact@v3 continue-on-error: ${{ env.RELEASE_TYPE == 'nightly' }} with: name: wheel-3.8-aws-mac2-metal path: wheels - uses: actions/download-artifact@v3 continue-on-error: ${{ env.RELEASE_TYPE == 'nightly' }} with: name: wheel-3.9-aws-mac2-metal path: wheels - uses: actions/download-artifact@v3 continue-on-error: ${{ env.RELEASE_TYPE == 'nightly' }} with: name: wheel-3.10-aws-mac2-metal path: wheels - name: Push wheels to internal PyPI (nightly) if: ${{ env.RELEASE_TYPE == 'nightly' }} run: | pip install twine==4.0.2 twine upload wheels/*.whl \ -u "${{ secrets.INTERNAL_PYPI_USER }}" \ -p "${{ secrets.INTERNAL_PYPI_PASSWORD }}" \ --repository-url "${{ secrets.INTERNAL_PYPI_URL }}" - name: Push wheels to public PyPI (public) if: ${{ env.RELEASE_TYPE == 'public' }} run: | pip install twine==4.0.2 twine upload wheels/*.whl \ -u "${{ secrets.PUBLIC_PYPI_USER }}" \ -p "${{ secrets.PUBLIC_PYPI_PASSWORD }}" \ -r pypi