This repository contains reusable GitHub Action workflows.
Reusable composite actions can be found in https://github.com/rapidsai/shared-actions.
See the articles below for a comparison between these two types of reusable GitHub Action components:
- https://wallis.dev/blog/composite-github-actions
- https://dev.to/n3wt0n/composite-actions-vs-reusable-workflows-what-is-the-difference-github-actions-11kd
Reusable workflows must be placed in the .github/workflows directory as mentioned in the community discussions below:
Several of the workflows in this project have matrices (combinations of workflow inputs) expressed in inline YAML/JSON.
Those workflows tend to offer an input, matrix_filter, for post-processing of that matrix.
For example, by default wheels-build has builds for all combinations of CPU architecture, Python version, CUDA major version, and operating system supported by RAPIDS.
Not all projects need that, so they sometimes invoke the workflow like this:
wheel-build-nx-cugraph:
secrets: inherit
uses: rapidsai/shared-workflows/.github/workflows/wheels-build.yaml@main
with:
build_type: pull-request
script: ci/build_wheel_nx-cugraph.sh
# This selects "ARCH=amd64 + the latest supported Python, 1 job per major CUDA version".
matrix_filter: map(select(.ARCH == "amd64")) | group_by(.CUDA_VER|split(".")|map(tonumber)|.[0]) | map(max_by([(.PY_VER|split(".")|map(tonumber)), (.CUDA_VER|split(".")|map(tonumber))]))
package-name: nx-cugraph
package-type: python
pure-wheel: trueSomething like the bash snippet below can be used to test those filters.
#!/bin/bash
export MATRIX_FILTER='map(select(.ARCH == "amd64")) | group_by(.CUDA_VER|split(".")|map(tonumber)|.[0]) | map(max_by([(.PY_VER|split(".")|map(tonumber)), (.CUDA_VER|split(".")|map(tonumber))]))'
export MATRIX="
# amd64
- { ARCH: 'amd64', PY_VER: '3.10', CUDA_VER: '12.9.1', LINUX_VER: 'rockylinux8' }
- { ARCH: 'amd64', PY_VER: '3.11', CUDA_VER: '12.9.1', LINUX_VER: 'rockylinux8' }
- { ARCH: 'amd64', PY_VER: '3.12', CUDA_VER: '12.9.1', LINUX_VER: 'rockylinux8' }
- { ARCH: 'amd64', PY_VER: '3.13', CUDA_VER: '12.9.1', LINUX_VER: 'rockylinux8' }
- { ARCH: 'amd64', PY_VER: '3.10', CUDA_VER: '13.0.2', LINUX_VER: 'rockylinux8' }
- { ARCH: 'amd64', PY_VER: '3.11', CUDA_VER: '13.0.2', LINUX_VER: 'rockylinux8' }
- { ARCH: 'amd64', PY_VER: '3.12', CUDA_VER: '13.0.2', LINUX_VER: 'rockylinux8' }
- { ARCH: 'amd64', PY_VER: '3.13', CUDA_VER: '13.0.2', LINUX_VER: 'rockylinux8' }
# arm64
- { ARCH: 'arm64', PY_VER: '3.10', CUDA_VER: '12.9.1', LINUX_VER: 'rockylinux8' }
- { ARCH: 'arm64', PY_VER: '3.11', CUDA_VER: '12.9.1', LINUX_VER: 'rockylinux8' }
- { ARCH: 'arm64', PY_VER: '3.12', CUDA_VER: '12.9.1', LINUX_VER: 'rockylinux8' }
- { ARCH: 'arm64', PY_VER: '3.13', CUDA_VER: '12.9.1', LINUX_VER: 'rockylinux8' }
- { ARCH: 'arm64', PY_VER: '3.10', CUDA_VER: '13.0.2', LINUX_VER: 'rockylinux8' }
- { ARCH: 'arm64', PY_VER: '3.11', CUDA_VER: '13.0.2', LINUX_VER: 'rockylinux8' }
- { ARCH: 'arm64', PY_VER: '3.12', CUDA_VER: '13.0.2', LINUX_VER: 'rockylinux8' }
- { ARCH: 'arm64', PY_VER: '3.13', CUDA_VER: '13.0.2', LINUX_VER: 'rockylinux8' }
"
MATRIX="$(
yq -n -o json 'env(MATRIX)' | \
jq -c "${MATRIX_FILTER} | if (. | length) > 0 then {include: .} else \"Error: Empty matrix\n\" | halt_error(1) end"
)"
echo "${MATRIX}" | jqSome workflows support passing in arbitrary secrets and making them available as environment variables for the script: input.
For example, if you had the following:
- a repo secret called
PENGUINS_AND_POLAR_BEARS_DATASET_URI - a testing script that downloads whatever it finds in environment variable
BENCHMARK_DATASET_URI
You could do something like the following:
wheel-tests:
uses: rapidsai/shared-workflows/.github/workflows/wheels-test.yaml@main
with:
script: ci/test_wheel.sh
secrets:
script-env-secret-1-key: BENCHMARK_DATASET_URI
script-env-secret-1-value: ${{ secrets.PENGUINS_AND_POLAR_BEARS_DATASET_URI }}Values passed through secrets: are redacted everywhere in the GitHub UI, including in logs, and in most cases are replaced with ***.