[ci] Add CI for MI355x machines #22475
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| runs-on: linux-mi35x-1gpu-ossci-iree-org | ||
| env: | ||
| PACKAGE_DOWNLOAD_DIR: ${{ github.workspace }}/.packages | ||
| BUILD_DIR: build-tests | ||
| VENV_DIR: ${{ github.workspace }}/.venv | ||
| GH_TOKEN: ${{ github.token }} | ||
| IREE_CPU_DISABLE: 1 | ||
| IREE_VULKAN_DISABLE: 1 | ||
| IREE_CUDA_ENABLE: 0 | ||
| IREE_HIP_ENABLE: 1 | ||
| IREE_HIP_TEST_TARGET_CHIP: "gfx950" | ||
| steps: | ||
| - name: Run rocminfo | ||
| run: rocminfo | ||
| - name: Check out repository | ||
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | ||
| with: | ||
| submodules: false | ||
| - name: Check out runtime submodules | ||
| run: ./build_tools/scripts/git/update_runtime_submodules.sh | ||
| - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 | ||
| with: | ||
| # Must match the subset of versions built in pkgci_build_packages. | ||
| python-version: "3.11" | ||
| - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 | ||
| if: ${{ inputs.artifact_run_id == '' }} | ||
| with: | ||
| name: linux_x86_64_release_packages | ||
| path: ${{ env.PACKAGE_DOWNLOAD_DIR }} | ||
| - name: Setup base venv | ||
| run: | | ||
| ./build_tools/pkgci/setup_venv.py ${VENV_DIR} \ | ||
| --artifact-path=${PACKAGE_DOWNLOAD_DIR} \ | ||
| --fetch-gh-workflow=${{ inputs.artifact_run_id }} | ||
| env: | ||
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
|
|
||
| - name: Build tests | ||
| run: ./build_tools/pkgci/build_tests_using_package.sh ${VENV_DIR}/bin | ||
| - name: Run GPU tests | ||
| env: | ||
| CTEST_PARALLEL_LEVEL: 2 | ||
| IREE_CTEST_LABEL_REGEX: ^requires-gpu|^driver=hip$ | ||
| IREE_AMD_RDNA3_TESTS_DISABLE: 1 | ||
| IREE_NVIDIA_GPU_TESTS_DISABLE: 0 | ||
| IREE_NVIDIA_SM80_TESTS_DISABLE: 1 | ||
| IREE_MULTI_DEVICE_TESTS_DISABLE: 0 | ||
| run: ./build_tools/cmake/ctest_all.sh ${BUILD_DIR} |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI about 10 hours ago
To fix this issue, we should add a top-level permissions: block to the workflow file .github/workflows/pkgci_test_amd_mi355x.yml specifying the minimum required permissions. From the steps shown, the workflow only needs to read repository contents (for checkout and submodules) and does not require write-access to any resources, nor any special access to issues or pull requests. Therefore, the best fix is to add permissions: contents: read at the root level (before the jobs: block). This ensures the workflow does not have unnecessary write permissions. No other code changes or imports are needed.
| @@ -17,6 +17,8 @@ | ||
| type: string | ||
| default: "" | ||
|
|
||
| permissions: | ||
| contents: read | ||
| jobs: | ||
| test_mi355x: | ||
| runs-on: linux-mi35x-1gpu-ossci-iree-org |
|
Something is off with this runner -- the gpu doesn't show up it seems |
It's with all OSSCI runners I think. |
No description provided.