From a5e3711f157ad78c7f91611d2238b9502c9e9783 Mon Sep 17 00:00:00 2001
From: aasgaonkar <aasgaonkar@nvidia.com>
Date: Wed, 26 Feb 2025 04:33:51 +0000
Subject: [PATCH 01/10] Add blosson ci file
Initial onboarding for Blossom CI/CD infra
---
.github/workflows/blossom-ci.yml | 77 ++++++++++++++++++++++++++++++++
1 file changed, 77 insertions(+)
create mode 100644 .github/workflows/blossom-ci.yml
diff --git a/.github/workflows/blossom-ci.yml b/.github/workflows/blossom-ci.yml
new file mode 100644
index 0000000000..e9fcf18d41
--- /dev/null
+++ b/.github/workflows/blossom-ci.yml
@@ -0,0 +1,77 @@
+name: Blossom-CI
+on:
+ push:
+ branches: [master]
+ pull_request:
+ branches: [master]
+ issue_comment:
+ types: [created]
+ workflow_dispatch:
+ inputs:
+ platform:
+ description: 'runs-on argument'
+ required: false
+ args:
+ description: 'argument'
+ required: false
+jobs:
+ Authorization:
+ name: Authorization
+ runs-on: blossom
+ outputs:
+ args: ${{ env.args }}
+ steps:
+ - name: Check if comment is issued by authorized person
+ run: blossom-ci
+ env:
+ OPERATION: 'AUTH'
+ REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ REPO_KEY_DATA: ${{ secrets.BLOSSOM_KEY }}
+ - name: Run blossom action
+ uses: NVIDIA/blossom-action@main
+ env:
+ REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ REPO_KEY_DATA: ${{ secrets.BLOSSOM_KEY }}
+ with:
+ args1: ${{ fromJson(needs.Authorization.outputs.args).args1 }}
+ args2: ${{ fromJson(needs.Authorization.outputs.args).args2 }}
+ args3: ${{ fromJson(needs.Authorization.outputs.args).args3 }}
+ # repo specific steps
+ #- name: Setup java
+ # uses: actions/setup-java@v1
+ # with:
+ # java-version: 1.8
+
+ # add blackduck properties https://synopsys.atlassian.net/wiki/spaces/INTDOCS/pages/631308372/Methods+for+Configuring+Analysis#Using-a-configuration-file
+ #- name: Setup blackduck properties
+ # run: |
+ # PROJECTS=$(mvn -am dependency:tree | grep maven-dependency-plugin | awk '{ out="com.nvidia:"$(NF-1);print out }' | grep rapids | xargs | sed -e 's/ /,/g')
+ # echo detect.maven.build.command="-pl=$PROJECTS -am" >> application.properties
+ # echo detect.maven.included.scopes=compile >> application.properties
+
+
+
+ Job-trigger:
+ name: Start ci job
+ needs: [Authorization]
+ runs-on: blossom
+ steps:
+ - name: Start ci job
+ run: blossom-ci
+ env:
+ OPERATION: 'START-CI-JOB'
+ CI_SERVER: ${{ secrets.CI_SERVER }}
+ REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+ Upload-Log:
+ name: Upload log
+ runs-on: blossom
+ if : github.event_name == 'workflow_dispatch'
+ steps:
+ - name: Jenkins log for pull request ${{ fromJson(github.event.inputs.args).pr }} (click here)
+ run: blossom-ci
+ env:
+ OPERATION: 'POST-PROCESSING'
+ CI_SERVER: ${{ secrets.CI_SERVER }}
+ REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
From 8d4931093913da0ce4306ac425ae10bbfae1bfd1 Mon Sep 17 00:00:00 2001
From: aasgaonkar <160177341+aasgaonkar@users.noreply.github.com>
Date: Wed, 26 Feb 2025 20:00:31 -0800
Subject: [PATCH 02/10] Update blossom-ci.yml
---
.github/workflows/blossom-ci.yml | 9 ---------
1 file changed, 9 deletions(-)
diff --git a/.github/workflows/blossom-ci.yml b/.github/workflows/blossom-ci.yml
index e9fcf18d41..3aa20f9fb4 100644
--- a/.github/workflows/blossom-ci.yml
+++ b/.github/workflows/blossom-ci.yml
@@ -27,15 +27,6 @@ jobs:
OPERATION: 'AUTH'
REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
REPO_KEY_DATA: ${{ secrets.BLOSSOM_KEY }}
- - name: Run blossom action
- uses: NVIDIA/blossom-action@main
- env:
- REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- REPO_KEY_DATA: ${{ secrets.BLOSSOM_KEY }}
- with:
- args1: ${{ fromJson(needs.Authorization.outputs.args).args1 }}
- args2: ${{ fromJson(needs.Authorization.outputs.args).args2 }}
- args3: ${{ fromJson(needs.Authorization.outputs.args).args3 }}
# repo specific steps
#- name: Setup java
# uses: actions/setup-java@v1
From 71ee6fdf40bbf2fec8a0b1a8b9ffd9f25123a7f1 Mon Sep 17 00:00:00 2001
From: aasgaonkar <160177341+aasgaonkar@users.noreply.github.com>
Date: Thu, 27 Feb 2025 09:55:32 -0800
Subject: [PATCH 03/10] Update blossom-ci.yml
---
.github/workflows/blossom-ci.yml | 22 +++++++++++++++++++++-
1 file changed, 21 insertions(+), 1 deletion(-)
diff --git a/.github/workflows/blossom-ci.yml b/.github/workflows/blossom-ci.yml
index 3aa20f9fb4..484c92650f 100644
--- a/.github/workflows/blossom-ci.yml
+++ b/.github/workflows/blossom-ci.yml
@@ -27,6 +27,18 @@ jobs:
OPERATION: 'AUTH'
REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
REPO_KEY_DATA: ${{ secrets.BLOSSOM_KEY }}
+ Vulnerability-scan:
+ name: Vulnerability scan
+ needs: [Authorization]
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v2
+ with:
+ repository: ${{ fromJson(needs.Authorization.outputs.args).repo }}
+ ref: ${{ fromJson(needs.Authorization.outputs.args).ref }}
+ lfs: 'true'
+
# repo specific steps
#- name: Setup java
# uses: actions/setup-java@v1
@@ -40,7 +52,15 @@ jobs:
# echo detect.maven.build.command="-pl=$PROJECTS -am" >> application.properties
# echo detect.maven.included.scopes=compile >> application.properties
-
+ - name: Run blossom action
+ uses: NVIDIA/blossom-action@main
+ env:
+ REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ REPO_KEY_DATA: ${{ secrets.BLOSSOM_KEY }}
+ with:
+ args1: ${{ fromJson(needs.Authorization.outputs.args).args1 }}
+ args2: ${{ fromJson(needs.Authorization.outputs.args).args2 }}
+ args3: ${{ fromJson(needs.Authorization.outputs.args).args3 }}
Job-trigger:
name: Start ci job
From 3c90aa368d63ae0548dfa251daaee5aa8a95daeb Mon Sep 17 00:00:00 2001
From: aasgaonkar <160177341+aasgaonkar@users.noreply.github.com>
Date: Thu, 27 Feb 2025 10:06:38 -0800
Subject: [PATCH 04/10] add vuln scan back
---
.github/workflows/blossom-ci.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/blossom-ci.yml b/.github/workflows/blossom-ci.yml
index 484c92650f..f304ee88be 100644
--- a/.github/workflows/blossom-ci.yml
+++ b/.github/workflows/blossom-ci.yml
@@ -64,7 +64,7 @@ jobs:
Job-trigger:
name: Start ci job
- needs: [Authorization]
+ needs: [Vulnerability-scan]
runs-on: blossom
steps:
- name: Start ci job
From cab4da58f778fb304b4211757b2ae3656a334cc2 Mon Sep 17 00:00:00 2001
From: slangbot <ellieh+slangbot@nvidia.com>
Date: Fri, 28 Feb 2025 02:13:55 +0800
Subject: [PATCH 05/10] format code (#6485)
Co-authored-by: slangbot <186143334+slangbot@users.noreply.github.com>
---
.github/workflows/blossom-ci.yml | 39 ++++++++++++++++----------------
1 file changed, 19 insertions(+), 20 deletions(-)
diff --git a/.github/workflows/blossom-ci.yml b/.github/workflows/blossom-ci.yml
index f304ee88be..83ef89a5c3 100644
--- a/.github/workflows/blossom-ci.yml
+++ b/.github/workflows/blossom-ci.yml
@@ -7,24 +7,24 @@ on:
issue_comment:
types: [created]
workflow_dispatch:
- inputs:
- platform:
- description: 'runs-on argument'
- required: false
- args:
- description: 'argument'
- required: false
+ inputs:
+ platform:
+ description: "runs-on argument"
+ required: false
+ args:
+ description: "argument"
+ required: false
jobs:
Authorization:
name: Authorization
- runs-on: blossom
+ runs-on: blossom
outputs:
args: ${{ env.args }}
steps:
- name: Check if comment is issued by authorized person
run: blossom-ci
env:
- OPERATION: 'AUTH'
+ OPERATION: "AUTH"
REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
REPO_KEY_DATA: ${{ secrets.BLOSSOM_KEY }}
Vulnerability-scan:
@@ -37,21 +37,21 @@ jobs:
with:
repository: ${{ fromJson(needs.Authorization.outputs.args).repo }}
ref: ${{ fromJson(needs.Authorization.outputs.args).ref }}
- lfs: 'true'
-
- # repo specific steps
+ lfs: "true"
+
+ # repo specific steps
#- name: Setup java
# uses: actions/setup-java@v1
# with:
# java-version: 1.8
-
+
# add blackduck properties https://synopsys.atlassian.net/wiki/spaces/INTDOCS/pages/631308372/Methods+for+Configuring+Analysis#Using-a-configuration-file
#- name: Setup blackduck properties
# run: |
# PROJECTS=$(mvn -am dependency:tree | grep maven-dependency-plugin | awk '{ out="com.nvidia:"$(NF-1);print out }' | grep rapids | xargs | sed -e 's/ /,/g')
# echo detect.maven.build.command="-pl=$PROJECTS -am" >> application.properties
# echo detect.maven.included.scopes=compile >> application.properties
-
+
- name: Run blossom action
uses: NVIDIA/blossom-action@main
env:
@@ -61,7 +61,7 @@ jobs:
args1: ${{ fromJson(needs.Authorization.outputs.args).args1 }}
args2: ${{ fromJson(needs.Authorization.outputs.args).args2 }}
args3: ${{ fromJson(needs.Authorization.outputs.args).args3 }}
-
+
Job-trigger:
name: Start ci job
needs: [Vulnerability-scan]
@@ -70,19 +70,18 @@ jobs:
- name: Start ci job
run: blossom-ci
env:
- OPERATION: 'START-CI-JOB'
+ OPERATION: "START-CI-JOB"
CI_SERVER: ${{ secrets.CI_SERVER }}
REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
+
Upload-Log:
name: Upload log
runs-on: blossom
- if : github.event_name == 'workflow_dispatch'
+ if: github.event_name == 'workflow_dispatch'
steps:
- name: Jenkins log for pull request ${{ fromJson(github.event.inputs.args).pr }} (click here)
run: blossom-ci
env:
- OPERATION: 'POST-PROCESSING'
+ OPERATION: "POST-PROCESSING"
CI_SERVER: ${{ secrets.CI_SERVER }}
REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
From 4f5ea8c1ad2cb0a80f6f66d67383e7c1b70de86e Mon Sep 17 00:00:00 2001
From: amey asgaonkar <160177341+aasgaonkar@users.noreply.github.com>
Date: Thu, 27 Feb 2025 11:57:42 -0800
Subject: [PATCH 06/10] debug auth issues
---
.github/workflows/blossom-ci.yml | 2 ++
1 file changed, 2 insertions(+)
diff --git a/.github/workflows/blossom-ci.yml b/.github/workflows/blossom-ci.yml
index 83ef89a5c3..328998705a 100644
--- a/.github/workflows/blossom-ci.yml
+++ b/.github/workflows/blossom-ci.yml
@@ -20,6 +20,8 @@ jobs:
runs-on: blossom
outputs:
args: ${{ env.args }}
+ if: |
+ github.actor == "aasgaonkar"
steps:
- name: Check if comment is issued by authorized person
run: blossom-ci
From 2b893e68c3b9a68766e6ff72135b5ec87835fb9e Mon Sep 17 00:00:00 2001
From: amey asgaonkar <160177341+aasgaonkar@users.noreply.github.com>
Date: Thu, 27 Feb 2025 12:00:22 -0800
Subject: [PATCH 07/10] Update blossom-ci.yml
---
.github/workflows/blossom-ci.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/blossom-ci.yml b/.github/workflows/blossom-ci.yml
index 328998705a..31c7be8579 100644
--- a/.github/workflows/blossom-ci.yml
+++ b/.github/workflows/blossom-ci.yml
@@ -21,7 +21,7 @@ jobs:
outputs:
args: ${{ env.args }}
if: |
- github.actor == "aasgaonkar"
+ github.event.comment.body == '/build' && (github.actor == 'aasgaonkar')
steps:
- name: Check if comment is issued by authorized person
run: blossom-ci
From 161c19a90d8219e9cc614082b9b7ff3601f55e4c Mon Sep 17 00:00:00 2001
From: amey asgaonkar <160177341+aasgaonkar@users.noreply.github.com>
Date: Thu, 27 Feb 2025 12:02:12 -0800
Subject: [PATCH 08/10] Update blossom-ci.yml
---
.github/workflows/blossom-ci.yml | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/.github/workflows/blossom-ci.yml b/.github/workflows/blossom-ci.yml
index 31c7be8579..859c67ea15 100644
--- a/.github/workflows/blossom-ci.yml
+++ b/.github/workflows/blossom-ci.yml
@@ -20,8 +20,7 @@ jobs:
runs-on: blossom
outputs:
args: ${{ env.args }}
- if: |
- github.event.comment.body == '/build' && (github.actor == 'aasgaonkar')
+ if: github.actor == 'aasgaonkar'
steps:
- name: Check if comment is issued by authorized person
run: blossom-ci
From c3c7cdaf38bb4c71852b19d37a88a991172d6dc1 Mon Sep 17 00:00:00 2001
From: amey asgaonkar <160177341+aasgaonkar@users.noreply.github.com>
Date: Thu, 27 Feb 2025 12:57:55 -0800
Subject: [PATCH 09/10] Update blossom-ci.yml
---
.github/workflows/blossom-ci.yml | 20 +-------------------
1 file changed, 1 insertion(+), 19 deletions(-)
diff --git a/.github/workflows/blossom-ci.yml b/.github/workflows/blossom-ci.yml
index 859c67ea15..184a55816b 100644
--- a/.github/workflows/blossom-ci.yml
+++ b/.github/workflows/blossom-ci.yml
@@ -1,9 +1,5 @@
name: Blossom-CI
on:
- push:
- branches: [master]
- pull_request:
- branches: [master]
issue_comment:
types: [created]
workflow_dispatch:
@@ -20,7 +16,7 @@ jobs:
runs-on: blossom
outputs:
args: ${{ env.args }}
- if: github.actor == 'aasgaonkar'
+ if: github.event.comment.body == '/build'&& (github.actor == 'aasgaonkar')
steps:
- name: Check if comment is issued by authorized person
run: blossom-ci
@@ -39,20 +35,6 @@ jobs:
repository: ${{ fromJson(needs.Authorization.outputs.args).repo }}
ref: ${{ fromJson(needs.Authorization.outputs.args).ref }}
lfs: "true"
-
- # repo specific steps
- #- name: Setup java
- # uses: actions/setup-java@v1
- # with:
- # java-version: 1.8
-
- # add blackduck properties https://synopsys.atlassian.net/wiki/spaces/INTDOCS/pages/631308372/Methods+for+Configuring+Analysis#Using-a-configuration-file
- #- name: Setup blackduck properties
- # run: |
- # PROJECTS=$(mvn -am dependency:tree | grep maven-dependency-plugin | awk '{ out="com.nvidia:"$(NF-1);print out }' | grep rapids | xargs | sed -e 's/ /,/g')
- # echo detect.maven.build.command="-pl=$PROJECTS -am" >> application.properties
- # echo detect.maven.included.scopes=compile >> application.properties
-
- name: Run blossom action
uses: NVIDIA/blossom-action@main
env:
From 6256c818a1a0187dbca027024c3923586e5f2704 Mon Sep 17 00:00:00 2001
From: amey asgaonkar <160177341+aasgaonkar@users.noreply.github.com>
Date: Thu, 27 Feb 2025 13:04:07 -0800
Subject: [PATCH 10/10] Update blossom-ci.yml
---
.github/workflows/blossom-ci.yml | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/.github/workflows/blossom-ci.yml b/.github/workflows/blossom-ci.yml
index 184a55816b..ff1e237ebe 100644
--- a/.github/workflows/blossom-ci.yml
+++ b/.github/workflows/blossom-ci.yml
@@ -1,5 +1,9 @@
name: Blossom-CI
on:
+ push:
+ branches: [master]
+ pull_request:
+ branches: [master]
issue_comment:
types: [created]
workflow_dispatch: