dependabot[bot]
031c3fe34f
chore(deps): bump actions/checkout from 6.0.0 to 6.0.1
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](1af3b93b68...8e8c483db8support@github.com >
2025-12-18 11:05:47 +01:00
dependabot[bot]
52a22ea82a
chore(deps): bump actions/checkout from 5.0.0 to 6.0.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 5.0.0 to 6.0.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](08c6903cd8...1af3b93b68support@github.com >
2025-12-04 09:42:59 +01:00
David Testé
197443a1c0
chore(ci): update slab-github-runner action to v1.4.2
2025-11-28 16:50:40 +01:00
David Testé
25a8bbfd89
chore(ci): make slack notify fail in case of error on teardown
...
On instance teardown we want to be informed of any failure to
avoid having zombies running due to Slack notify action error
being silenced.
2025-11-21 17:15:58 +01:00
David Testé
a33c12d5a9
chore(ci): fix zizmor findings in workflows
2025-11-14 15:24:10 +01:00
dependabot[bot]
0ece9e684a
chore(deps): bump tj-actions/changed-files from 46.0.5 to 47.0.0
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 46.0.5 to 47.0.0.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](ed68ef82c0...24d32ffd49support@github.com >
2025-09-16 14:02:32 +02:00
David Testé
9918dacd6a
chore(ci): change workflow jobs naming convention
...
The term "bpr" means Branch Protection Rule. It helps one to
identify any job that must pass before being able to merge to the
base branch.
2025-09-10 15:36:45 +02:00
Andrei Stoian
c06b513182
chore(gpu): add valgrind and fix leaks
2025-08-28 14:21:57 +02:00
dependabot[bot]
167e96a30c
chore(deps): update dtolnay/rust-toolchain requirement to e97e2d8cc328f1b50210efc529dca0028893a2d9
...
Updates the requirements on [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain ) to permit the latest version.
- [Release notes](https://github.com/dtolnay/rust-toolchain/releases )
- [Commits](e97e2d8cc3support@github.com >
2025-08-26 16:05:48 +02:00
dependabot[bot]
ce9647d3a9
chore(deps): bump actions/checkout from 4.2.2 to 5.0.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.2.2 to 5.0.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](11bd71901b...08c6903cd8support@github.com >
2025-08-18 14:11:55 +02:00
Guillermo Oyarzun
ea200c3548
chore(gpu): enable nvidia mps in long run tests
2025-08-04 16:18:48 +02:00
Guillermo Oyarzun
b5a7199c15
chore(gpu): update cuda version in ci
2025-07-25 15:57:25 +02:00
dependabot[bot]
167329c52a
chore(deps): bump dtolnay/rust-toolchain
...
Bumps [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain ) from 888c2e1ea69ab0d4330cbf0af1ecc7b68f368cc1 to b3b07ba8b418998c39fb20f53e8b695cdcc8de1b.
- [Release notes](https://github.com/dtolnay/rust-toolchain/releases )
- [Commits](888c2e1ea6...b3b07ba8b4support@github.com >
2025-06-10 17:04:02 +02:00
David Testé
856fc1a709
chore(ci): ignore stale action refs on rust-toolchain action
...
This action doesn't create releases so the action refs doesn't point to a known tag.
If this zizmor findings is not ignored, then continuous integration pipeline is broken.
2025-06-04 11:48:01 +02:00
David Testé
11df6c69ee
chore(ci): fix workflow security warnings
...
Since Zizmor v1.9.0, new pedantic warnings are detected especially
regarding template-injection patterns.
2025-06-02 14:46:14 +02:00
David Testé
aa6dadfe69
chore(ci): ensure minimal permission for github default token
...
With recent enforcing of the least permissions for GITHUB_TOKEN, pull-request from external contributors would trigger systematic error (i.e. on repository checkout) in the continuous integration pipeline.
Allowing contents:read fixes this behavior.
2025-05-12 18:07:02 +02:00
David Testé
3f3b4aef41
chore(ci): fix template-injection and token permissions issues
...
This is part of security issues remediation campaign after having
analyzed workflow using zizmor cargo tool.
2025-05-06 14:06:17 +02:00
dependabot[bot]
7410274126
chore(deps): bump rtCamp/action-slack-notify from 2.3.2 to 2.3.3
...
Bumps [rtCamp/action-slack-notify](https://github.com/rtcamp/action-slack-notify ) from 2.3.2 to 2.3.3.
- [Release notes](https://github.com/rtcamp/action-slack-notify/releases )
- [Commits](c33737706d...e31e87e03dsupport@github.com >
2025-04-15 13:33:54 +02:00
dependabot[bot]
d93238812b
chore(deps): bump tj-actions/changed-files from 46.0.3 to 46.0.5
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 46.0.3 to 46.0.5.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](823fcebdb3...ed68ef82c0support@github.com >
2025-04-15 13:33:46 +02:00
dependabot[bot]
9f2e8128e6
chore(deps): bump tj-actions/changed-files from 46.0.2 to 46.0.3
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 46.0.2 to 46.0.3.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](26a38635fc...823fcebdb3support@github.com >
2025-03-31 14:47:26 +02:00
dependabot[bot]
c7bc981f7f
chore(deps): bump tj-actions/changed-files from 46.0.1 to 46.0.2
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 46.0.1 to 46.0.2.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](2f7c5bfce2...26a38635fcsupport@github.com >
2025-03-24 17:52:04 +01:00
Arthur Meyre
fd866d18fe
chore(ci): pin changed files action to a sha1 corresponding to a tag
2025-03-19 09:25:20 +01:00
dependabot[bot]
f3e14dc311
chore(deps): bump dtolnay/rust-toolchain
...
Bumps [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain ) from a54c7afa936fefeb4456b2dd8068152669aa8203 to 888c2e1ea69ab0d4330cbf0af1ecc7b68f368cc1.
- [Release notes](https://github.com/dtolnay/rust-toolchain/releases )
- [Commits](a54c7afa93...888c2e1ea6support@github.com >
2025-03-17 17:55:09 +01:00
David Testé
8dadb626f2
chore(ci): add pull-request url to slack notification message
...
This adds context to Zama developers on slack to quickly go to pull-request if the run emitted from one.
2025-03-12 17:00:30 +01:00
David Testé
f8e56c104e
chore(ci): fix slack notification message
...
There was a leftover from first iteration of external contribution management.
2025-03-11 14:20:26 +01:00
David Testé
9f48db2a90
chore(ci): fix workflow concurrency condition
...
Referencing current branch using github.head_ref is a leftover
from handling pull_request_target event. This event being removed,
there is no need to be specific and we can instead use
'github.workflow_ref' which is more robust.
2025-02-26 14:11:42 +01:00
David Testé
eeb6c8a71f
chore(ci): remove pull_request_target for external contributions
...
We use large GitHub hosted runners to run CI pipeline for external
contributions. This avoids possible secret exposition due to usage
of pull_request_target event. It also removes a layer a complexity
to ensure such secrets are not exposed.
The flow would be improved since tfhe-rs maintainers won't have to
relaunch failed jobs individually, thanks to the "approve and run"
button in GitHub user interface.
2025-02-13 08:45:02 +01:00
David Testé
3df08e9259
chore(ci): install github runner as ubuntu user for gpu workflows
2025-02-12 12:10:53 +01:00
dependabot[bot]
5da6a8de87
chore(deps): bump tj-actions/changed-files from 45.0.6 to 45.0.7
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 45.0.6 to 45.0.7.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](d6e91a2266...dcc7a0cba8support@github.com >
2025-02-11 14:36:08 +01:00
David Testé
01aa7d105c
chore(ci): always run should-run step against base commit
...
Running against last remote commit would induce undesired behavior,
especially on pull-request approval.
For example a change in integer layer could occur in the
pull-request commits list but the changes aren't contained in the
last remote commit. Then, on approval, aws_tfhe_integer_tests.yml
workflow would be skipped although it should run regarding the
base commit.
2025-02-10 09:06:54 +01:00
Agnes Leroy
9ced1e7b1d
chore(gpu): shorten workflow names
2025-01-29 10:59:45 +01:00
David Testé
1a3b2d71f5
chore(ci): extend external contribution to all pr workflows
...
User permission checking is done after the should-run, when there
is such step, rather than before it. This way, only workflows that
should run would fail id triggering actor is not allowed to launch
it. Thus a repository maintainer would have to re-run only a
handful of jobs that would effectively run afterward
(i.e relevant code has changed and setup-instance would be called).
2025-01-23 14:32:09 +01:00
David Testé
dbde7ada2d
chore(ci): use limited access token to checkout repositories
...
This approach allows checkout public and private repository, like
Slab, without to worry too much about secret leakage under certain
circumstances (e.g. under pull request from forks).
The token has just read access on selected repositories.
2025-01-23 14:32:09 +01:00
David Testé
a882262691
chore(ci): fix recursive search for changes in docs files
2025-01-17 10:04:46 +01:00
David Testé
0952dfa1ad
chore(ci): run teardown job only if setup is a success
2025-01-13 12:19:39 +01:00
dependabot[bot]
f998f00580
chore(deps): bump tj-actions/changed-files from 45.0.5 to 45.0.6
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 45.0.5 to 45.0.6.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](bab30c2299...d6e91a2266support@github.com >
2025-01-06 13:09:30 +01:00
David Testé
33d5091025
chore(deps): bump zama-ai/slab-github-runner
2024-12-20 10:56:22 +01:00
dependabot[bot]
950cece2a9
chore(deps): bump dtolnay/rust-toolchain
...
Bumps [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain ) from 315e265cd78dad1e1dcf3a5074f6d6c47029d5aa to a54c7afa936fefeb4456b2dd8068152669aa8203.
- [Release notes](https://github.com/dtolnay/rust-toolchain/releases )
- [Commits](315e265cd7...a54c7afa93support@github.com >
2024-12-18 11:39:47 +01:00
David Testé
c1f05cbf85
chore(ci): use composite action to setup hyperstack instance
2024-12-12 09:18:33 +01:00
dependabot[bot]
ef86669069
chore(deps): bump tj-actions/changed-files from 45.0.4 to 45.0.5
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 45.0.4 to 45.0.5.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](4edd678ac3...bab30c2299support@github.com >
2024-12-09 11:01:08 +01:00
Mayeul@Zama
8cfe540647
fix(ci): fix secret on CI checkout
2024-11-25 18:05:48 +01:00
dependabot[bot]
3ccfb9616a
chore(deps): bump zama-ai/slab-github-runner from 1.2.0 to 1.3.0
...
Bumps [zama-ai/slab-github-runner](https://github.com/zama-ai/slab-github-runner ) from 1.2.0 to 1.3.0.
- [Release notes](https://github.com/zama-ai/slab-github-runner/releases )
- [Commits](https://github.com/zama-ai/slab-github-runner/compare/v1.2.0...98f0788261a7323d5d695a883e20df36591a92b7 )
---
updated-dependencies:
- dependency-name: zama-ai/slab-github-runner
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-11-25 11:06:12 +01:00
dependabot[bot]
83dc9b9453
chore(deps): bump dtolnay/rust-toolchain
...
Bumps [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain ) from 7b1c307e0dcbda6122208f10795a713336a9b35a to 315e265cd78dad1e1dcf3a5074f6d6c47029d5aa.
- [Release notes](https://github.com/dtolnay/rust-toolchain/releases )
- [Commits](7b1c307e0d...315e265cd7support@github.com >
2024-11-25 11:06:04 +01:00
dependabot[bot]
aaba7e5916
chore(deps): bump tj-actions/changed-files from 45.0.3 to 45.0.4
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 45.0.3 to 45.0.4.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](c3a1bb2c99...4edd678ac3support@github.com >
2024-11-12 14:16:30 +01:00
Agnes Leroy
d29ed6b60c
chore(gpu): trigger GPU tests if tests are modified
2024-11-12 09:12:25 +01:00
Agnes Leroy
fc26f2abb7
chore(gpu): restrict should run
2024-10-31 11:14:03 +01:00
dependabot[bot]
69482dec9b
chore(deps): bump actions/checkout from 4.2.1 to 4.2.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.2.1 to 4.2.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](eef61447b9...11bd71901bsupport@github.com >
2024-10-28 15:01:14 +01:00
dependabot[bot]
2d341f8506
chore(deps): bump rtCamp/action-slack-notify from 2.3.1 to 2.3.2
...
Bumps [rtCamp/action-slack-notify](https://github.com/rtcamp/action-slack-notify ) from 2.3.1 to 2.3.2.
- [Release notes](https://github.com/rtcamp/action-slack-notify/releases )
- [Commits](65e6fc1ce6...c33737706dsupport@github.com >
2024-10-28 15:01:05 +01:00
dependabot[bot]
6628717077
chore(deps): update zama-ai/slab-github-runner requirement to 801df0b8db5ea2b06128b7476c652f5ed5f193a8
...
Updates the requirements on [zama-ai/slab-github-runner](https://github.com/zama-ai/slab-github-runner ) to permit the latest version.
- [Release notes](https://github.com/zama-ai/slab-github-runner/releases )
- [Commits](801df0b8dbsupport@github.com >
2024-10-25 16:31:23 +02:00
dependabot[bot]
9393e59e05
chore(deps): bump rtCamp/action-slack-notify from 2.3.0 to 2.3.1
...
Bumps [rtCamp/action-slack-notify](https://github.com/rtcamp/action-slack-notify ) from 2.3.0 to 2.3.1.
- [Release notes](https://github.com/rtcamp/action-slack-notify/releases )
- [Commits](4e5fb42d24...65e6fc1ce6support@github.com >
2024-10-21 15:40:32 +02:00
