Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit32f93b1

Browse files
atalmanpytorchmergebot
authored andcommitted
[Security] Use github environment for update-commit-hash workflow (#107060)
Similar to:#101718https://github.com/pytorch/pytorch/actions/runs/5856611801/job/15876722301Please note since we can't specify environment for a composite workflow. It was needed to move update-commit-hash as action rather then workflow.Still todo: Move docs and binary buildsPull Requestresolved:#107060Approved by:https://github.com/seemethere
1 parent5bbfb96 commit32f93b1

File tree

4 files changed

+99
-91
lines changed

4 files changed

+99
-91
lines changed
Lines changed: 59 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,59 @@
1+
name:Update commit hash
2+
3+
inputs:
4+
repo-owner:
5+
required:false
6+
type:string
7+
description:Name of repository's owner.
8+
default:pytorch
9+
repo-name:
10+
required:true
11+
type:string
12+
description:Name of the repository we're updating commit hash for.
13+
branch:
14+
required:true
15+
type:string
16+
description:Branch to fetch commit of
17+
pin-folder:
18+
type:string
19+
description:Path to folder with commit pin
20+
required:false
21+
default:.github/ci_commit_pins
22+
updatebot-token:
23+
required:true
24+
type:string
25+
description:update bot token
26+
pytorchbot-token:
27+
required:true
28+
type:string
29+
description:update bot token
30+
31+
description:update commit hash
32+
33+
runs:
34+
using:composite
35+
steps:
36+
-name:Checkout repo
37+
uses:actions/checkout@v3
38+
with:
39+
fetch-depth:1
40+
submodules:false
41+
token:${{ inputs.updatebot-token }}
42+
-name:Checkout
43+
shell:bash
44+
run:|
45+
git clone https://github.com/${{ inputs.repo-owner }}/${{ inputs.repo-name }}.git --quiet
46+
-name:Check if there already exists a PR
47+
shell:bash
48+
env:
49+
REPO_NAME:${{ inputs.repo-name }}
50+
BRANCH:${{ inputs.branch }}
51+
PIN_FOLDER:${{ inputs.pin-folder }}
52+
UPDATEBOT_TOKEN:${{ inputs.updatebot-token }}
53+
PYTORCHBOT_TOKEN:${{ inputs.pytorchbot-token }}
54+
NEW_BRANCH_NAME:update-${{ inputs.repo-name }}-commit-hash/${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}
55+
run:|
56+
# put this here instead of the script to prevent accidentally changing the config when running the script locally
57+
git config --global user.name "PyTorch UpdateBot"
58+
git config --global user.email "pytorchupdatebot@users.noreply.github.com"
59+
python .github/scripts/update_commit_hashes.py --repo-name "${REPO_NAME}" --branch "${BRANCH}" --pin-folder "${PIN_FOLDER}"

‎.github/workflows/_update-commit-hash.yml‎

Lines changed: 0 additions & 64 deletions
This file was deleted.

‎.github/workflows/nightly.yml‎

Lines changed: 15 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -37,11 +37,18 @@ jobs:
3737
GH_PYTORCHBOT_TOKEN:${{ secrets.GH_PYTORCHBOT_TOKEN }}
3838

3939
update-vision-commit-hash:
40-
uses:./.github/workflows/_update-commit-hash.yml
41-
if:${{ github.event_name == 'schedule' }}
42-
with:
43-
repo-name:vision
44-
branch:main
45-
secrets:
46-
UPDATEBOT_TOKEN:${{ secrets.UPDATEBOT_TOKEN }}
47-
PYTORCHBOT_TOKEN:${{ secrets.GH_PYTORCHBOT_TOKEN }}
40+
runs-on:ubuntu-latest
41+
environment:update-commit-hash
42+
steps:
43+
-name:Checkout repo
44+
uses:actions/checkout@v3
45+
with:
46+
fetch-depth:0
47+
-name:update-vision-commit-hash
48+
uses:./.github/actions/update-commit-hash
49+
if:${{ github.event_name == 'schedule' }}
50+
with:
51+
repo-name:vision
52+
branch:main
53+
updatebot-token:${{ secrets.UPDATEBOT_TOKEN }}
54+
pytorchbot-token:${{ secrets.GH_PYTORCHBOT_TOKEN }}

‎.github/workflows/weekly.yml‎

Lines changed: 25 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -9,22 +9,28 @@ on:
99
workflow_dispatch:
1010

1111
jobs:
12-
update-xla-commit-hash:
13-
uses:./.github/workflows/_update-commit-hash.yml
14-
with:
15-
repo-name:xla
16-
branch:master
17-
secrets:
18-
UPDATEBOT_TOKEN:${{ secrets.UPDATEBOT_TOKEN }}
19-
PYTORCHBOT_TOKEN:${{ secrets.GH_PYTORCHBOT_TOKEN }}
20-
21-
update-triton-commit-hash:
22-
uses:./.github/workflows/_update-commit-hash.yml
23-
with:
24-
repo-owner:openai
25-
repo-name:triton
26-
branch:main
27-
pin-folder:.ci/docker/ci_commit_pins
28-
secrets:
29-
UPDATEBOT_TOKEN:${{ secrets.UPDATEBOT_TOKEN }}
30-
PYTORCHBOT_TOKEN:${{ secrets.GH_PYTORCHBOT_TOKEN }}
12+
update-commit-hash:
13+
runs-on:ubuntu-latest
14+
environment:update-commit-hash
15+
steps:
16+
-name:Checkout repo
17+
uses:actions/checkout@v3
18+
with:
19+
fetch-depth:0
20+
-name:update-xla-commit-hash
21+
continue-on-error:true
22+
uses:./.github/actions/update-commit-hash
23+
with:
24+
repo-name:xla
25+
branch:master
26+
updatebot-token:${{ secrets.UPDATEBOT_TOKEN }}
27+
pytorchbot-token:${{ secrets.GH_PYTORCHBOT_TOKEN }}
28+
-name:update-triton-commit-hash
29+
uses:./.github/actions/update-commit-hash
30+
with:
31+
repo-owner:openai
32+
repo-name:triton
33+
branch:main
34+
pin-folder:.ci/docker/ci_commit_pins
35+
updatebot-token:${{ secrets.UPDATEBOT_TOKEN }}
36+
pytorchbot-token:${{ secrets.GH_PYTORCHBOT_TOKEN }}

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp