Agnes Leroy
406425dca4
chore(gpu): add hardware types for gpu bench
2025-05-13 11:51:24 +02:00
David Testé
aa6dadfe69
chore(ci): ensure minimal permission for github default token
...
With recent enforcing of the least permissions for GITHUB_TOKEN, pull-request from external contributors would trigger systematic error (i.e. on repository checkout) in the continuous integration pipeline.
Allowing contents:read fixes this behavior.
2025-05-12 18:07:02 +02:00
David Testé
ca1c5659a1
chore(ci): avoid double-quote on dry-run variable
...
If the DRY_RUN variable is empty and double-quoted to perform a safe expansion, then `cargo publish` treat the environment variable as `""` and thus fail by handling an unrecognized argument.
2025-05-12 15:25:17 +02:00
David Testé
031efaa39f
chore(ci): remove misleading continue-on-error
...
These continue-on-error would lead to misleading report in Action tab since it would display a successful workflow on the global status page while a job may have failed inside.
2025-05-10 14:26:53 +02:00
Agnes Leroy
014d18aae9
chore(bench): update pbs count parsing in dex benchmark
2025-05-07 16:44:31 +02:00
David Testé
ce6454cbb1
chore(ci): ignore a shellcheck rule in actionlint analysis
2025-05-06 14:06:17 +02:00
David Testé
664311228f
chore(ci): pin dependencies that are directly downloaded
2025-05-06 14:06:17 +02:00
David Testé
1722d8e90e
chore(ci): use slab script to send benchmark results to database
2025-05-06 14:06:17 +02:00
David Testé
b570bcd568
chore(ci): add checksum on cuda-keyring download
2025-05-06 14:06:17 +02:00
David Testé
5321f759d7
chore(ci): remove dependencies install on gpu h100 tests
...
This is redundant with the use of gpu_setup.yml action.
2025-05-06 14:06:17 +02:00
David Testé
6237d2d7c3
chore(ci): upgrade actionlint to v1.7.7
...
Usage of bash script to download and extract the final binary has
been dropped.
Instead, the tarball is directly fetched according to the
ACTIONLINT_VERSION value and the integrity of the tarball is
checked with an hardcoded SHA256 sum.
2025-05-06 14:06:17 +02:00
David Testé
1ca14e6db0
chore(ci): add workflow security checks with zizmor
2025-05-06 14:06:17 +02:00
David Testé
eea36b1b3d
chore(ci): avoid sub workflow inheriting all available secrets
2025-05-06 14:06:17 +02:00
David Testé
76e76160ba
chore(ci): add missing persist-credentials arg on checkout
2025-05-06 14:06:17 +02:00
David Testé
3f3b4aef41
chore(ci): fix template-injection and token permissions issues
...
This is part of security issues remediation campaign after having
analyzed workflow using zizmor cargo tool.
2025-05-06 14:06:17 +02:00
Agnes Leroy
97690ab3bd
chore(gpu): write swap bench
2025-05-05 17:46:11 +02:00
David Testé
f5a52128e2
chore(ci): log action to perform on approval for external pr
...
External contributor don't have access to secrets so this workflow would fail when attempting to add/remove 'approved' label on pull-request from forks.
This simple log message is here to remind maintainers to handle 'approved' label manually to trigger the second CI pipeline.
2025-04-29 09:35:29 +02:00
dependabot[bot]
1196ea69c1
chore(deps): bump actions/download-artifact from 4.2.1 to 4.3.0
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 4.2.1 to 4.3.0.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](95815c38cf...d3f86a106asupport@github.com >
2025-04-28 16:14:39 +02:00
David Testé
319504137a
chore(ci): factorize usage of slack env variables
2025-04-23 15:13:37 +02:00
David Testé
5b57470652
chore(ci): fix slack notify in case of cancelled step
...
If a step is cancelled, it is not considered as failure by GitHub. So if a user cancelled a task or if a job timed out, then no Slack notification was sent and devs weren't able to track down these events.
2025-04-23 15:13:37 +02:00
dependabot[bot]
8a8fe6505b
chore(deps): bump codecov/codecov-action from 5.4.0 to 5.4.2
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 5.4.0 to 5.4.2.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](0565863a31...ad3126e916support@github.com >
2025-04-22 16:51:48 +02:00
dependabot[bot]
7410274126
chore(deps): bump rtCamp/action-slack-notify from 2.3.2 to 2.3.3
...
Bumps [rtCamp/action-slack-notify](https://github.com/rtcamp/action-slack-notify ) from 2.3.2 to 2.3.3.
- [Release notes](https://github.com/rtcamp/action-slack-notify/releases )
- [Commits](c33737706d...e31e87e03dsupport@github.com >
2025-04-15 13:33:54 +02:00
dependabot[bot]
d93238812b
chore(deps): bump tj-actions/changed-files from 46.0.3 to 46.0.5
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 46.0.3 to 46.0.5.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](823fcebdb3...ed68ef82c0support@github.com >
2025-04-15 13:33:46 +02:00
Agnes Leroy
21efad5fae
chore(gpu): add bench command for zk-pok in workflow
2025-04-11 09:16:42 +02:00
Agnes Leroy
da3b1cdbb0
chore(gpu): fix bench worflow
2025-04-03 11:54:15 +02:00
David Testé
f9202d524e
chore(ci): fix handling of instance setup failure
...
If an instance, that is not a single-h100, fails to start, the whole setup-instance job have to fail.
Only single-h100 profile can use a permanent remote instance.
2025-04-03 09:33:14 +02:00
Arthur Meyre
69438d40a8
chore(ci): fix data PR close workflow
2025-04-01 11:31:07 +02:00
Arthur Meyre
7354265c52
fix(ci): get head_ref to get a name for the backward compat branch
2025-04-01 11:03:27 +02:00
David Testé
bed95d26f6
chore(bench): implement throughput benchmarks on core_crypto layer
2025-03-31 16:05:41 +02:00
dependabot[bot]
9f2e8128e6
chore(deps): bump tj-actions/changed-files from 46.0.2 to 46.0.3
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 46.0.2 to 46.0.3.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](26a38635fc...823fcebdb3support@github.com >
2025-03-31 14:47:26 +02:00
dependabot[bot]
20602453ce
chore(deps): bump zgosalvez/github-actions-ensure-sha-pinned-actions
...
Bumps [zgosalvez/github-actions-ensure-sha-pinned-actions](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions ) from 3.0.22 to 3.0.23.
- [Release notes](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/releases )
- [Commits](25ed13d062...4830be28cesupport@github.com >
2025-03-31 13:28:04 +02:00
Agnes Leroy
3d1c25888c
chore(gpu): reduce test threads for multi-gpu tests
2025-03-28 10:43:35 +01:00
dependabot[bot]
84c12cca56
chore(deps): bump actions/download-artifact from 4.1.9 to 4.2.1
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 4.1.9 to 4.2.1.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](cc20338598...95815c38cfsupport@github.com >
2025-03-24 17:52:27 +01:00
dependabot[bot]
7d05a427a5
chore(deps): bump actions/upload-artifact from 4.6.1 to 4.6.2
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.6.1 to 4.6.2.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](4cec3d8aa0...ea165f8d65support@github.com >
2025-03-24 17:52:17 +01:00
dependabot[bot]
c7bc981f7f
chore(deps): bump tj-actions/changed-files from 46.0.1 to 46.0.2
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 46.0.1 to 46.0.2.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](2f7c5bfce2...26a38635fcsupport@github.com >
2025-03-24 17:52:04 +01:00
dependabot[bot]
f7210c80a9
chore(deps): bump actions/cache from 4.2.2 to 4.2.3
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4.2.2 to 4.2.3.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](d4323d4df1...5a3ec84effsupport@github.com >
2025-03-24 17:50:01 +01:00
David Testé
9282dc49bf
chore(ci): cache backward compatibility data
...
Git LFS transfers use a lot of bandwidth. Since data used to test
backward compatibility won't change every day, we can leverage
GitHub cache action.
2025-03-20 15:47:17 +01:00
Arthur Meyre
fd866d18fe
chore(ci): pin changed files action to a sha1 corresponding to a tag
2025-03-19 09:25:20 +01:00
dependabot[bot]
f3e14dc311
chore(deps): bump dtolnay/rust-toolchain
...
Bumps [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain ) from a54c7afa936fefeb4456b2dd8068152669aa8203 to 888c2e1ea69ab0d4330cbf0af1ecc7b68f368cc1.
- [Release notes](https://github.com/dtolnay/rust-toolchain/releases )
- [Commits](a54c7afa93...888c2e1ea6support@github.com >
2025-03-17 17:55:09 +01:00
David Testé
912af0e87e
chore(ci): install dependencies as standalone job
...
Installing dependencies several times, due to matrix strategy, lead to job failure.
Now, if the workflow uses the remote instance, the dependencies will be installed only once.
2025-03-14 17:51:47 +01:00
Agnes Leroy
5d3b4438d5
chore(gpu): fix cuda ks_pbs bench and rename workflow files
2025-03-13 14:11:51 +01:00
Agnes Leroy
e62710de12
chore(gpu): add benchmark for gpu pbs128
2025-03-13 14:11:51 +01:00
David Testé
8dadb626f2
chore(ci): add pull-request url to slack notification message
...
This adds context to Zama developers on slack to quickly go to pull-request if the run emitted from one.
2025-03-12 17:00:30 +01:00
David Testé
f8e56c104e
chore(ci): fix slack notification message
...
There was a leftover from first iteration of external contribution management.
2025-03-11 14:20:26 +01:00
Agnes Leroy
59bb7ba35c
chore(gpu): do not send slack message for external contributions for signed gpu tests
2025-03-06 13:38:54 +01:00
Agnes Leroy
80a1109260
chore(gpu): fix condition to trigger unsigned gpu test
2025-03-06 13:38:54 +01:00
David Testé
fcfb77a8c5
chore(ci): fix permanent instance selection condition
...
Due to 'continue-on-error' directive 'use-permanent-instance' step could not rely on failure() function.
2025-03-05 18:13:20 +01:00
David Testé
47589ea9a7
chore(bench): run core_crypto benchmarks on all parameters p-fail
...
This also add KS-PBS benchmarks.
2025-03-03 16:01:17 +01:00
dependabot[bot]
f457ac40e5
chore(deps): bump codecov/codecov-action from 5.3.1 to 5.4.0
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 5.3.1 to 5.4.0.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](13ce06bfc6...0565863a31support@github.com >
2025-03-03 11:53:07 +01:00
dependabot[bot]
d9feb57b92
chore(deps): bump slsa-framework/slsa-github-generator
...
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator ) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases )
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md )
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v2.0.0...v2.1.0 )
---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-03-03 11:52:56 +01:00
