NVIDIA/TensorRT-LLM
12 workflows · maturity 33% · 2 patterns · GitHub ↗
Practices
○ Matrix✓ Permissions○ Security scan○ AI review○ Cache✓ Concurrency○ Reusable workflows
Detected patterns
Security dimensions
Workflows (12)
auto-assign .github/workflows/auto-assign.yml
View raw YAML
name: auto-assign
on:
issues:
types:
- labeled
jobs:
assign_issue:
# Only run on module label colors.
if: ${{ github.event.label.color == '00611d' }}
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v6
- name: Get assignee
uses: actions/github-script@v8
id: get-assignee
with:
github-token: ${{secrets.GITHUB_TOKEN}}
script: |
const fs = require('fs');
// Read configuration file
const config = JSON.parse(fs.readFileSync('.github/workflows/module-owners.json', 'utf8'));
// Find matching label in config
for (const [configLabel, users] of Object.entries(config)) {
if (configLabel == "${{ github.event.label.name}}") {
// Select Randomly
const index = Math.floor(Math.random() * users.length)
const assignee = users[index % users.length];
return assignee
}
}
// Returning empty string in case a valid assignee is not found.
return ""
result-encoding: string
- name: Assign
run: gh issue edit ${{ github.event.issue.number }} --add-label "triaged" --add-label "investigating" --add-assignee ${{ steps.get-assignee.outputs.result }}
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
auto-assign-author .github/workflows/auto-assign-author.yml
View raw YAML
name: Auto Assign PR to Author
on:
pull_request_target:
types: [opened]
jobs:
assign-author:
runs-on: ubuntu-latest
permissions:
pull-requests: write # Required to modify the PR
steps:
- name: Assign PR to Author
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PR_URL: ${{ github.event.pull_request.html_url }}
AUTHOR: ${{ github.actor }}
run: gh pr edit $PR_URL --add-assignee $AUTHOR || echo "Could not assign $AUTHOR (not a collaborator), skipping."
auto-close-inactive-issues .github/workflows/auto-close-inactive-issues.yml
View raw YAML
# Ref: https://docs.github.com/en/actions/managing-issues-and-pull-requests/closing-inactive-issues
name: Close inactive issues
on:
workflow_dispatch:
schedule:
- cron: "0 3 * * *"
jobs:
stale:
if: github.repository == 'NVIDIA/TensorRT-LLM'
runs-on: ubuntu-latest
permissions:
issues: write
pull-requests: write
steps:
- uses: actions/stale@v10
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
stale-issue-message: 'Issue has not received an update in over 14 days. Adding stale label.'
stale-pr-message: 'PR has not received an update in over 14 days. Adding stale label.'
close-issue-message: 'This issue was closed because it has been 14 days without activity since it has been marked as stale.'
close-pr-message: 'This PR was closed because it has been 14 days without activity since it has been marked as stale.'
days-before-issue-stale: 14
days-before-close: 14
only-labels: 'waiting for feedback'
labels-to-add-when-unstale: 'investigating'
labels-to-remove-when-unstale: 'stale,waiting for feedback'
stale-issue-label: 'stale'
stale-pr-label: 'stale'
operations-per-run: 1000
blossom-ci .github/workflows/blossom-ci.yml
View raw YAML
# SPDX-FileCopyrightText: Copyright (c) 2024 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
# SPDX-License-Identifier: Apache-2.0
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# A workflow to trigger ci on hybrid infra (github + self hosted runner)
name: Blossom-CI
on:
issue_comment:
types: [created]
workflow_dispatch:
inputs:
platform:
description: 'runs-on argument'
required: false
args:
description: 'argument'
required: false
jobs:
Authorization:
name: Authorization
runs-on: blossom
outputs:
args: ${{ env.args }}
# This job only runs for pull request comments
if: |
(startsWith(github.event.comment.body, '/bot run') ||
startsWith(github.event.comment.body, '/bot skip --comment') ||
startsWith(github.event.comment.body, '/bot reuse-pipeline') ||
startsWith(github.event.comment.body, '/bot kill')) && contains(
fromJson('[
"2ez4bz",
"a-mccarthy",
"aalanwyr",
"achartier",
"ajrasane",
"alexmsettle",
"ameynaik-hub",
"amirkl94",
"amitz-nv",
"amukkara",
"anish-shanbhag",
"arekay",
"arysef",
"atrifex",
"Autumn1998",
"baize97",
"barneuman",
"barry-delaney",
"bashimao",
"BatshevaBlack",
"benzh-2025",
"BestJuly",
"binghanc",
"biswapanda",
"bmarimuthu-nv",
"bo-nv",
"bobboli",
"Boreas618",
"brb-nv",
"byshiue",
"CarstyYou",
"cascade812",
"chang-l",
"chenfeiz0326",
"cherichy",
"cheshirekow",
"chienchunhung",
"ChristinaZ",
"chuangz0",
"chzblych",
"cjluo-nv",
"crazydemo",
"DanBlanaru",
"danielafrimi",
"davidclark-nv",
"davidmlw",
"dbari",
"dc3671",
"dcampora",
"dcaox",
"dhansen-nvidia",
"Dido0o0",
"djns99",
"DomBrown",
"dominicshanshan",
"dongfengy",
"dongjiyingdjy",
"dongxuy04",
"dpitman-nvda",
"DylanChen-NV",
"ebarilanM",
"ekou24",
"elvischenv",
"EmmaQiaoCh",
"eopXD",
"esha-nvidia",
"etz-lmn",
"evezhier",
"faradawn",
"farazkh80",
"flin3500",
"FrankD412",
"fredricz-20070104",
"Fridah-nv",
"fsaady",
"funatiq",
"fzmu727",
"galagam",
"GalSha",
"georgeliu95",
"govind-ramnarayan",
"greg-kwasniewski1",
"guangyunh-nv",
"h-guo18",
"hchings",
"hello-11",
"heyuhhh",
"hijkzzz",
"hlu1",
"hnover-nv",
"HuiGao-NV",
"hvagadia",
"hypdeb",
"hyukn",
"indrajit96",
"inocsin",
"ISEEKYAN",
"ixlmar",
"IzzyPutterman",
"Jackch-NV",
"JadoTu",
"jaedeok-nvidia",
"jdemouth-nvidia",
"janbernloehr",
"JennyLiu-nv",
"jershi425",
"jgangani",
"jhaotingc",
"jiaganc",
"jiahanc",
"Jie-Fang",
"jiefangz-nv",
"jieli-matrix",
"JintaoPengCS",
"jinyangyuan-nvidia",
"jinzh-nvidia",
"jmydurant",
"johncalesp",
"joyang-nv",
"jthomson04",
"juney-nvidia",
"JunyiXu-nv",
"JyChang012",
"kaiyux",
"kanghui0204",
"karljang",
"karthikvetrivel",
"katec846",
"Kefeng-Duan",
"KingsleyLiu-NV",
"KrishnanPrash",
"kris1025",
"kunlunl",
"kxdc",
"kyleliang-nv",
"laikhtewari",
"lancelly",
"LarryXFly",
"latency1024",
"leslie-fang25",
"lfr-0531",
"liji-nv",
"limin2021",
"linda-stadter",
"lingjiew",
"LinPoly",
"lirundong",
"litaotju",
"liyuhannnnn",
"lkomali",
"longcheng-nv",
"longlee0622",
"lowsfer",
"lucaslie",
"lucifer1004",
"luyiyun1021",
"marinayanov",
"MartinMarciniszyn",
"MatthiasKohl",
"mayani-nv",
"meenchen",
"mikeiovine",
"milesial",
"MinaHuai",
"ming-wei",
"mk-nvidia",
"mlefeb01",
"moraxu",
"MrGeva",
"mzweilz",
"Naveassaf",
"nekorobov",
"netanel-haber",
"niukuo",
"Njuapp",
"nv-ananjappa",
"nv-guomingz",
"nv-lschneider",
"nv-yilinf",
"nv-yna",
"nvamyt",
"nvbrantz",
"nvchenghaoz",
"NVGaryJi",
"nvjullin",
"nvpohanh",
"nvrohanv",
"NVShreyas",
"nvxuanyuc",
"nvyocox",
"nvzhihanj",
"nvzhou",
"nzmora-nvidia",
"o-stoner",
"omera-nv",
"pamelap-nvidia",
"pcastonguay",
"pcicotti",
"pdrake-nv",
"peaceh-nv",
"peihu-nv",
"pengbowang-nv",
"PerkzZheng",
"poweiw",
"qiangxu1996",
"qiaoxj07",
"QiJune",
"qixiang-99",
"qsang-nv",
"raayandhar",
"rabiel",
"rakib-hasan",
"RayenTian",
"raymochen",
"reasonsolo",
"richardhuo-nv",
"rmccorm4",
"RoeyAzran1992",
"roikoren755",
"rosenrodt",
"rosong11",
"ruodil",
"ruoqianguo",
"rzilberstein-nvidia",
"samuellees",
"schetlur-nv",
"shaharmor98",
"shangz-ai",
"sherry-1001",
"shifangx",
"Shixiaowei02",
"Shunkangz",
"shuyixiong",
"shyeh25",
"SimengLiu-nv",
"sklevtsov-nvidia",
"StanleySun639",
"stnie",
"StudyingShao",
"sugunav14",
"sunnyqgg",
"Superjomn",
"suyoggupta",
"sychen52",
"symphonylyh",
"syuoni",
"Tabrizian",
"talorabr",
"taylor-yb-lee",
"tburt-nv",
"tcherckez-nvidia",
"thorjohnsen",
"tianyuxbear",
"tianyuz-nv",
"tiffany940107",
"tijyojwad",
"timlee0212",
"timothygao8710",
"Tom-Zheng",
"tomeras91",
"tongyuantongyu",
"torotoki",
"Tracin",
"tshmilnvidia",
"ttyio",
"uchihatmtkinu",
"v-shobhit",
"vadiklyutiy",
"vallis-neria",
"vanshilshah97",
"vegaluisjose",
"venkywonka",
"viraatc",
"Wanli-Jiang",
"WeiHaocheng",
"weireweire",
"wenmingw",
"wili-65535",
"wm2012011492",
"Wong4j",
"wu6u3tw",
"wyw1267",
"xavier-nvidia",
"xd-nv",
"xiaoweiw-nv",
"xinhe-nv",
"xmchen1987",
"xrq-phys",
"xuantengh",
"xuanzic",
"xueweilnvidia",
"xupinjie",
"xuwchen",
"xwang233",
"xxi-nv",
"yali-arch",
"yechank-nvidia",
"yibinl-nvidia",
"yifeizhang-c",
"YihuiLu512",
"yihwang-nv",
"yijingl-nvidia",
"yilin-void",
"yingcanw",
"yingguo-trt",
"yiqingy0",
"yizhang-nv",
"yuanjings-nvda",
"yuanjingx87",
"yuantailing",
"Yuening-wa",
"yufeiwu-nv",
"yuhengxnv",
"yuhsuan-t",
"yuki-666",
"yumin066",
"yunruis",
"yuxianq",
"yweng0828",
"zackyoray",
"zbpatel",
"zeroepoch",
"zerollzeng",
"zhanga5",
"zhangcl",
"zhaoyangwang-nvidia",
"ZhanruiSunCh",
"zhengd-nv",
"zhenhuaw-me",
"zheyuf",
"zhhuang-nv",
"zhou-yuxin",
"zhuolingwang",
"zhuoyao1012",
"zihaok",
"ziqifan617",
"ziyixiong-nv",
"zongfeijing"
]'), github.actor)
steps:
- name: Check if comment is issued by authorized person
run: blossom-ci
env:
OPERATION: 'AUTH'
REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
REPO_KEY_DATA: ${{ secrets.BLOSSOM_KEY }}
Vulnerability-scan:
name: Vulnerability scan
needs: [Authorization]
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v6
with:
repository: ${{ fromJson(needs.Authorization.outputs.args).repo }}
ref: ${{ fromJson(needs.Authorization.outputs.args).ref }}
lfs: 'true'
- name: Run blossom action
uses: NVIDIA/blossom-action@main
env:
REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
REPO_KEY_DATA: ${{ secrets.BLOSSOM_KEY }}
with:
args1: ${{ fromJson(needs.Authorization.outputs.args).args1 }}
args2: ${{ fromJson(needs.Authorization.outputs.args).args2 }}
args3: ${{ fromJson(needs.Authorization.outputs.args).args3 }}
Job-trigger:
name: Start ci job
needs: [Vulnerability-scan]
runs-on: blossom
steps:
- name: Start ci job
run: blossom-ci
env:
OPERATION: 'START-CI-JOB'
CI_SERVER: ${{ secrets.CI_SERVER }}
REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Upload-Log:
name: Upload log
runs-on: blossom
if : github.event_name == 'workflow_dispatch'
steps:
- name: Jenkins log for pull request ${{ fromJson(github.event.inputs.args).pr }} (click here)
run: blossom-ci
env:
OPERATION: 'POST-PROCESSING'
CI_SERVER: ${{ secrets.CI_SERVER }}
REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
bot-command perms .github/workflows/bot-command.yml
View raw YAML
# SPDX-FileCopyrightText: Copyright (c) 2024 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
# SPDX-License-Identifier: Apache-2.0
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# A workflow to display bot command help information
name: Bot-Command
on:
issue_comment:
types: [created]
permissions:
pull-requests: write
issues: write
contents: read
jobs:
Bot-command-check:
name: Bot command check
if: |
startsWith(github.event.comment.body, '/bot') &&
!(startsWith(github.event.comment.body, '/bot run') ||
startsWith(github.event.comment.body, '/bot skip --comment') ||
startsWith(github.event.comment.body, '/bot reuse-pipeline') ||
startsWith(github.event.comment.body, '/bot kill'))
runs-on: ubuntu-latest
steps:
- name: Add bot help comment
uses: actions/github-script@v8
with:
script: |
const helpMessage = "" +
"## GitHub Bot Help\n\n" +
"`/bot [-h] ['run', 'kill', 'skip', 'reuse-pipeline'] ...`\n\n" +
"Provide a user friendly way for developers to interact with a Jenkins server.\n\n" +
"Run `/bot [-h|--help]` to print this help message.\n\n" +
"See details below for each supported subcommand.\n\n" +
"<details>\n\n" +
"`run [--reuse-test (optional)pipeline-id --disable-fail-fast --skip-test --stage-list \"A10-PyTorch-1, xxx\" --gpu-type \"A30, H100_PCIe\" --test-backend \"pytorch, cpp\" --add-multi-gpu-test --only-multi-gpu-test --disable-multi-gpu-test --post-merge --extra-stage \"H100_PCIe-TensorRT-Post-Merge-1, xxx\" --detailed-log --debug(experimental) --high-priority]`\n\n" +
"Launch build/test pipelines. All previously running jobs will be killed.\n\n" +
"`--reuse-test (optional)pipeline-id ` *(OPTIONAL)* : Allow the new pipeline to reuse build artifacts and skip successful test stages from a specified pipeline or the last pipeline if no pipeline-id is indicated. If the Git commit ID has changed, this option will be always ignored. The DEFAULT behavior of the bot is to reuse build artifacts and successful test results from the last pipeline.\n\n" +
"`--disable-reuse-test ` *(OPTIONAL)* : Explicitly prevent the pipeline from reusing build artifacts and skipping successful test stages from a previous pipeline. Ensure that all builds and tests are run regardless of previous successes.\n\n" +
"`--disable-fail-fast ` *(OPTIONAL)* : Disable fail fast on build/tests/infra failures.\n\n" +
"`--skip-test ` *(OPTIONAL)* : Skip all test stages, but still run build stages, package stages and sanity check stages. Note: Does **NOT** update GitHub check status.\n\n" +
"`--stage-list \"A10-PyTorch-1, xxx\"` *(OPTIONAL)* : Only run the specified test stages. Examples: \"A10-PyTorch-1, xxx\". Note: Does **NOT** update GitHub check status.\n\n" +
"`--gpu-type \"A30, H100_PCIe\"` *(OPTIONAL)* : Only run the test stages on the specified GPU types. Examples: \"A30, H100_PCIe\". Note: Does **NOT** update GitHub check status.\n\n" +
"`--test-backend \"pytorch, cpp\"` *(OPTIONAL)* : Skip test stages which don't match the specified backends. Only support [pytorch, cpp, tensorrt, triton]. Examples: \"pytorch, cpp\" (does not run test stages with tensorrt or triton backend). Note: Does **NOT** update GitHub pipeline status.\n\n" +
"`--only-multi-gpu-test ` *(OPTIONAL)* : Only run the multi-GPU tests. Note: Does **NOT** update GitHub check status.\n\n" +
"`--disable-multi-gpu-test ` *(OPTIONAL)* : Disable the multi-GPU tests. Note: Does **NOT** update GitHub check status.\n\n" +
"`--add-multi-gpu-test ` *(OPTIONAL)* : Force run the multi-GPU tests in addition to running L0 pre-merge pipeline.\n\n" +
"`--post-merge ` *(OPTIONAL)* : Run the L0 post-merge pipeline instead of the ordinary L0 pre-merge pipeline.\n\n" +
"`--extra-stage \"H100_PCIe-TensorRT-Post-Merge-1, xxx\"` *(OPTIONAL)* : Run the ordinary L0 pre-merge pipeline and specified test stages. Examples: --extra-stage \"H100_PCIe-TensorRT-Post-Merge-1, xxx\".\n\n" +
"`--detailed-log ` *(OPTIONAL)* : Enable flushing out all logs to the Jenkins console. This will significantly increase the log volume and may slow down the job.\n\n" +
"`--debug ` *(OPTIONAL)* : **Experimental feature**. Enable access to the CI container for debugging purpose. Note: Specify exactly one stage in the `stage-list` parameter to access the appropriate container environment. Note: Does **NOT** update GitHub check status.\n\n" +
"`--high-priority ` *(OPTIONAL)* : Run the pipeline with high priority. This option is restricted to authorized users only and will route the job to a high-priority queue.\n\n" +
"### kill\n\n" +
"`kill `\n\n" +
"Kill all running builds associated with pull request.\n\n" +
"### skip\n\n" +
"`skip --comment COMMENT `\n\n" +
"Skip testing for latest commit on pull request. `--comment \"Reason for skipping build/test\"` is required. IMPORTANT NOTE: This is dangerous since lack of user care and validation can cause top of tree to break.\n\n" +
"### reuse-pipeline\n\n" +
"`reuse-pipeline `\n\n" +
"Reuse a previous pipeline to validate current commit. This action will also kill all currently running builds associated with the pull request. IMPORTANT NOTE: This is dangerous since lack of user care and validation can cause top of tree to break.\n\n" +
"</details>";
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: helpMessage
});
l0-test .github/workflows/l0-test.yml
View raw YAML
# SPDX-FileCopyrightText: Copyright (c) 2024 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
# SPDX-License-Identifier: Apache-2.0
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# A workflow to trigger ci on hybrid infra (github + self hosted runner)
name: L0-Test
on:
workflow_dispatch:
inputs:
sha:
description: 'commit sha'
required: true
test_result:
description: 'test result'
required: false
test_results_url:
description: 'test results url'
required: true
jobs:
Upload-Test:
name: Upload test results
runs-on: linux-amd64-cpu4
if: github.event_name == 'workflow_dispatch'
steps:
- name: Update commit status
uses: actions/github-script@v8
with:
script: |
state = 'pending'
description = 'collecting test results'
if ('${{ github.event.inputs.test_result }}' == 'success') {
state = 'success'
description = 'test passed, collecting test results'
}
github.rest.repos.createCommitStatus({
owner: context.repo.owner,
repo: context.repo.repo,
context: 'blossom-ci',
sha: '${{ github.event.inputs.sha }}',
target_url: 'https://github.com/NVIDIA/TensorRT-LLM/actions/runs/' + context.runId,
state: state,
description: description,
})
- name: Collect test result
run: rm -rf results && mkdir results && cd results && curl --user svc_tensorrt:${{ secrets.ARTIFACTORY_TOKEN }} -L ${{ github.event.inputs.test_results_url }} | tar -xz
- name: Create test summary
id: test_summary
uses: test-summary/action@dist
with:
paths: results/**/results*.xml
- name: Update commit status
uses: actions/github-script@v8
with:
script: |
github.rest.repos.createCommitStatus({
owner: context.repo.owner,
repo: context.repo.repo,
context: 'blossom-ci',
sha: '${{ github.event.inputs.sha }}',
target_url: 'https://github.com/NVIDIA/TensorRT-LLM/actions/runs/' + context.runId,
state: '${{ steps.test_summary.outputs.failed > 0 && 'failure' || github.event.inputs.test_result || 'success' }}',
description: '${{ steps.test_summary.outputs.passed }} passed, ${{ steps.test_summary.outputs.failed }} failed, ${{ steps.test_summary.outputs.skipped }} skipped',
})
label_community_pr .github/workflows/label_community_pr.yml
View raw YAML
name: Label Community PR
on:
schedule:
- cron: '0 * * * *' # every hour at minute 0
workflow_dispatch: # manual trigger option
inputs:
time_window_minutes:
description: 'Time window in minutes to look back for PRs'
required: false
default: 65
type: number
jobs:
label_pr:
runs-on: ubuntu-latest
if: github.repository == 'NVIDIA/TensorRT-LLM'
steps:
- name: Checkout repository
uses: actions/checkout@v6
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: '3.x'
- name: Install dependencies
run: pip install requests
- name: Run labeling script
env:
AUTO_LABEL_COMMUNITY_TOKEN: ${{ secrets.AUTO_LABEL_COMMUNITY_TOKEN }}
REPO_OWNER: ${{ github.repository_owner }}
REPO_NAME: ${{ github.event.repository.name }}
COMMUNITY_LABEL: "Community want to contribute"
TIME_WINDOW_MINUTES: ${{ inputs.time_window_minutes || 65 }}
run: python .github/scripts/label_community_user.py
label_issue perms .github/workflows/label_issue.yml
View raw YAML
name: Label New Issues
on:
issues:
types: [opened]
permissions:
issues: write
contents: read
jobs:
label-issue:
runs-on: ubuntu-latest
steps:
- name: Checkout private action repository
uses: actions/checkout@v6
with:
repository: NVIDIA/goggles_action
path: ./.github/actions/goggles_action # local path to store the action
ref: v1.3.0
- name: AI Label Issue
uses: ./.github/actions/goggles_action/actions/llm_label
with:
ACTION_TOKEN: ${{ secrets.GITHUB_TOKEN }}
LLM_MODEL_NAME: ${{ secrets.GOGGLES_LLM_MODEL_NAME }}
LLM_TOKEN_SERVER_URL: ${{ secrets.GOGGLES_LLM_TOKEN_SERVER_URL }}
LLM_TOKEN_CLIENT_ID: ${{ secrets.GOGGLES_LLM_TOKEN_CLIENT_ID }}
LLM_TOKEN_CLIENT_SECRET: ${{ secrets.GOGGLES_LLM_TOKEN_CLIENT_SECRET }}
LLM_GENERATE_URL: ${{ secrets.GOGGLES_LLM_GENERATE_URL }}
LLM_TOKEN_SCOPE: ${{ secrets.GOGGLES_LLM_TOKEN_SCOPE }}
REPO_OWNER: ${{ github.repository_owner }}
REPO_NAME: ${{ github.event.repository.name }}
ISSUE_NUMBER: ${{ github.event.issue.number }}
ISSUE_TITLE: ${{ github.event.issue.title }}
ISSUE_BODY: ${{ github.event.issue.body }}
GITHUB_API_URL: ${{ github.api_url }}
ACTIONS_STEP_VERBOSE: false
EXCLUDED_LABELS: "bug,Community want to contribute,Community Engagement,duplicate,help wanted,Investigating,need more info,question,roadmap,stale,waiting for feedback,wontfix"
LLM_SYSTEM_PROMPT: |
You are an expert GitHub issue labeler. Your task is to analyze the provided issue title, issue body, and a list of available labels with their descriptions.
Based on this information, select the single most appropriate label from the list that best captures the primary issue or request.
Prefer selecting only one label that represents the main topic or problem. Only suggest multiple labels if the issue genuinely spans multiple distinct areas that are equally important.
Respond with ONLY the chosen label name (e.g., 'bug', 'feature-request') or comma-separated names if multiple are truly needed.
If no labels seem appropriate, respond with 'NONE'.
If the issue is a bug (the 'bug' label may be applied separately and is excluded here), output ONLY the applicable secondary labels from this exact allowlist: Customized kernels, Decoding, Disaggregated serving, Doc, Frontend, General perf, Inference runtime, Infra, LLM API, Model customization, Model optimization, OOTB, Pytorch, Scale-out, Speculative Decoding, Testing, Triton backend, Windows. Use exact casing; if none apply, respond with 'NONE'. Do not output 'bug'.
Do not add any other text, explanation, or markdown formatting.
model-registry-check .github/workflows/model-registry-check.yml
View raw YAML
# SPDX-FileCopyrightText: Copyright (c) 2026 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
# SPDX-License-Identifier: Apache-2.0
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: Model Registry Check
on:
pull_request:
types: [opened, edited, synchronize, reopened]
paths:
- examples/auto_deploy/model_registry/models.yaml
jobs:
validate-model-registry:
name: Validate AutoDeploy Model Registry
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: actions/setup-python@v6
with:
python-version: "3.12"
cache: "pip"
- name: Install validator dependency
run: python3 -m pip install PyYAML
- name: Validate model registry
run: python3 scripts/check_model_registry.py
pr-check .github/workflows/pr-check.yml
View raw YAML
# SPDX-FileCopyrightText: Copyright (c) 2025 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
# SPDX-License-Identifier: Apache-2.0
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: PR Checks
on:
pull_request:
types: [opened, edited, synchronize, reopened]
jobs:
check-pr-title:
name: Check PR Title Format
runs-on: ubuntu-latest
steps:
- name: Validate PR Title Format
id: check-pr-title
uses: agenthunt/conventional-commit-checker-action@v2.0.0
continue-on-error: true
with:
pr-title-regex: "^(\\[(None|[A-Z0-9]+-[0-9]+|#[0-9]+|https:\\/\\/nvbugs\\/[0-9]+)\\]) *(\\[[a-z0-9]+\\]) (([^ ].*)?[^ ])$"
pr-body-regex: ""
- name: PR Title Format Guide
if: steps.check-pr-title.outcome == 'failure'
run: |
echo "::error::PR title format check failed."
echo "Expected PR title format:"
echo " [JIRA ticket/NVBugs ID/GitHub issue/None][type] Summary"
echo ""
echo "Valid ticket formats:"
echo " - JIRA ticket: [TRTLLM-1234] or [FOOBAR-123] for other FOOBAR project"
echo " - NVBugs ID: [https://nvbugs/1234567]"
echo " - GitHub issue: [#1234]"
echo " - No ticket: [None]"
echo ""
echo "Valid types (lowercase): [fix], [feat], [doc], [infra], [chore], etc."
echo ""
echo "Examples:"
echo " - [TRTLLM-1234][feat] Add new feature"
echo " - [https://nvbugs/1234567][fix] Fix some bugs"
echo " - [#1234][doc] Update documentation"
echo " - [None][chore] Minor clean-up"
exit 1
check-pr-body-checklist:
name: Check PR Checklist Resolution
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v6
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: '3.10'
- name: Validate PR Checklist
env:
PR_BODY: ${{ github.event.pull_request.body }}
ENFORCE_PR_HAS_CHECKLIST: false
run: python .github/scripts/pr_checklist_check.py
precommit-check .github/workflows/precommit-check.yml
View raw YAML
# SPDX-FileCopyrightText: Copyright (c) 2025 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
# SPDX-License-Identifier: Apache-2.0
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: Release Checks
on:
pull_request:
workflow_dispatch:
inputs:
ref:
description: 'commit sha to check'
required: true
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
precommit-check:
name: Pre-commit Check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
with:
ref: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.ref || github.ref }}
- uses: actions/setup-python@v6
with:
python-version: '3.12'
cache: 'pip'
- name: Get changed files
id: changed-files
if: github.event_name == 'pull_request'
env:
GH_TOKEN: ${{ github.token }}
run: |
files=$(gh api "repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/files" \
--paginate --jq '.[].filename' | paste -sd ' ' -)
echo "files=$files" >> $GITHUB_OUTPUT
- name: Run pre-commit checks
run: |
if [ "${{ github.event_name }}" = "pull_request" ]; then
echo "${{ steps.changed-files.outputs.files }}" | tr ' ' '\n' | sed '/^$/d' > changed_files.txt
python3 -u scripts/release_check.py --files-from changed_files.txt
else
python3 -u scripts/release_check.py
fi
waiting_for_feedback perms .github/workflows/waiting_for_feedback.yml
View raw YAML
name: Manage Waiting for Feedback Label
on:
issue_comment:
types: [created]
pull_request_review_comment:
types: [created]
permissions:
issues: write
pull-requests: write
jobs:
manage-waiting-for-feedback:
runs-on: ubuntu-latest
if: github.repository == 'NVIDIA/TensorRT-LLM'
steps:
- name: Check membership and manage label
uses: actions/github-script@v8
with:
script: |
const commenter = context.payload.comment.user.login;
const commenterType = context.payload.comment.user.type;
const label = 'waiting for feedback';
// Ignore bots and CI accounts
const ignoredAccounts = ['tensorrt-cicd'];
if (commenterType === 'Bot' || ignoredAccounts.includes(commenter)) {
console.log(`Ignoring comment from ${commenter} (type: ${commenterType}). Skipping.`);
return;
}
// Handle both issue_comment and pull_request_review_comment events
// context.issue.number is only available for issue_comment events
const issueNumber = context.issue?.number || context.payload.pull_request?.number;
const issue = context.payload.issue || context.payload.pull_request;
const author = issue?.user?.login;
const isAuthor = (commenter === author);
if (!issueNumber) {
console.log('Could not determine issue/PR number. Skipping.');
return;
}
console.log(`Comment by ${commenter} on #${issueNumber} (author: ${author})`);
const owner = context.repo.owner;
const repo = context.repo.repo;
// Check if commenter is repository member
let isMember = false;
try {
await github.rest.repos.checkCollaborator({
owner,
repo,
username: commenter
});
isMember = true;
} catch (error) {
if (error.status === 404) {
isMember = false;
} else if (error.status === 302) {
console.log(`Cannot determine membership for ${commenter} (insufficient token permissions)`);
return;
} else {
console.error(`Error checking membership: ${error.message}`);
throw error;
}
}
// Logic:
// - Author responds → remove label (feedback provided)
// - NVIDIA non-author comments → add label (team is waiting for response)
// - External non-author comments → remove label (someone provided feedback)
if (isAuthor) {
// Author responded - remove 'waiting for feedback' label
console.log(`${commenter} is the author. Removing '${label}' label if present.`);
try {
await github.rest.issues.removeLabel({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: issueNumber,
name: label
});
console.log(`Successfully removed '${label}' label from #${issueNumber}`);
} catch (error) {
if (error.status === 404) {
console.log(`Label '${label}' was not present on #${issueNumber}. No action needed.`);
} else {
throw error;
}
}
} else if (isMember) {
// NVIDIA non-author commented - add 'waiting for feedback' label
console.log(`${commenter} is an NVIDIA member (not author). Adding '${label}' label.`);
await github.rest.issues.addLabels({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: issueNumber,
labels: [label]
});
console.log(`Successfully added '${label}' label to #${issueNumber}`);
} else {
// External non-author commented - remove 'waiting for feedback' label
console.log(`${commenter} is external (not author). Removing '${label}' label if present.`);
try {
await github.rest.issues.removeLabel({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: issueNumber,
name: label
});
console.log(`Successfully removed '${label}' label from #${issueNumber}`);
} catch (error) {
if (error.status === 404) {
console.log(`Label '${label}' was not present on #${issueNumber}. No action needed.`);
} else {
throw error;
}
}
}