Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 28 additions & 0 deletions jenkins/BuildDockerImage.groovy
Original file line number Diff line number Diff line change
Expand Up @@ -484,6 +484,19 @@ def launchBuildJobs(pipeline, globalVars, imageKeyToTag) {
dockerfileStage: "release",
],
]
def enabledStages = []
if (params.buildInternalRelease) {
enabledStages += ["Build Internal release (x86_64 trtllm)", "Build Internal release (SBSA trtllm)"]
}
if (params.buildCiImage) {
enabledStages += ["Build CI Image (x86_64 tritondevel)", "Build CI Image (SBSA tritondevel)", "Build CI Image (RockyLinux8 Python310)", "Build CI Image (RockyLinux8 Python312)", "Build CI Image (SBSA Ubuntu24.04 Python312)"]
}
if (params.buildNgcRelease) {
enabledStages += ["Build NGC devel And release (x86_64)", "Build NGC devel And release (SBSA)"]
}
buildConfigs = buildConfigs.findAll { key, config -> key in enabledStages }
echo "Running stages: ${buildConfigs.keySet()}"

Comment thread
yuanjingx87 marked this conversation as resolved.
// Override all fields in build config with default values
buildConfigs.each { key, config ->
defaultBuildConfig.each { defaultKey, defaultValue ->
Expand Down Expand Up @@ -552,6 +565,21 @@ pipeline {
choices: ["build", "push"],
description: "Docker image generation action. build: only perform image build step; push: build docker image and push it to artifacts"
)
booleanParam(
name: "buildInternalRelease",
defaultValue: true,
description: "Build internal release images (x86_64 and SBSA trtllm)"
)
booleanParam(
name: "buildCiImage",
defaultValue: true,
description: "Build CI images (tritondevel and OS variant images)"
)
booleanParam(
name: "buildNgcRelease",
defaultValue: true,
description: "Build NGC devel and release images (x86_64 and SBSA)"
)
}
options {
// Check the valid options at: https://www.jenkins.io/doc/book/pipeline/syntax/
Expand Down
91 changes: 91 additions & 0 deletions jenkins/L0_MergeRequest.groovy
Original file line number Diff line number Diff line change
Expand Up @@ -1458,6 +1458,10 @@ def launchStages(pipeline, reuseBuild, testFilter, enableFailFast, globalVars)
echo "Skipping x86_64 tests (GenPostMergeBuilds mode: builds only)"
return
}
if (testFilter[(TEST_STAGE_LIST)]?.contains("NGC-Container-Scaning")) {
echo "Skipping x86_64 tests (PLC container scanning)"
return
}

testStageName = "[Test-x86_64-Single-GPU] Remote Run"
def singleGpuTestFailed = false
Expand Down Expand Up @@ -1571,6 +1575,11 @@ def launchStages(pipeline, reuseBuild, testFilter, enableFailFast, globalVars)
return
}

if (testFilter[(TEST_STAGE_LIST)]?.contains("NGC-Container-Scaning")) {
echo "Skipping SBSA tests (PLC container scanning)"
return
}

testStageName = "[Test-SBSA-Single-GPU] Remote Run"
def singleGpuTestFailed = false
stage(testStageName) {
Expand Down Expand Up @@ -1717,6 +1726,88 @@ def launchStages(pipeline, reuseBuild, testFilter, enableFailFast, globalVars)
echo "Build-Docker-Images job is set explicitly. Both x86_64-Linux and SBSA-Linux sub-pipelines will be disabled."
}

def plcContainerScanningJob = [
"PLC Container Scanning": {
script {
stage("[Build-Release-Docker-Images] Remote Run") {
try {
def branch = env.gitlabBranch ? env.gitlabBranch : "main"
if (globalVars[GITHUB_PR_API_URL]) {
branch = "github-pr-" + globalVars[GITHUB_PR_API_URL].split('/').last()
}

// Force the image tag suffix to be this L0_MergeRequest BUILD_NUMBER
// instead of the BuildDockerImages helper job's own counter.
def shortCommit = env.gitlabCommit ? env.gitlabCommit.substring(0, 7) : "undefined"
def branchTag = branch.replaceAll('/', '_')
def defaultTag = "${shortCommit}-${branchTag}-${env.BUILD_NUMBER}"

def additionalParameters = [
'branch': branch,
'action': "push",
'triggerType': "post-merge",
'runSanityCheck': false,
'defaultTag': defaultTag,
'buildInternalRelease': false,
'buildCiImage': false,
'artifactPath': ARTIFACT_PATH,
'nspect_id': "",
'uploadPath': UPLOAD_PATH
]
launchJob(pipeline, "/LLM/helpers/BuildDockerImages", false, enableFailFast, globalVars, "x86_64", additionalParameters)
} catch (InterruptedException e) {
throw e
} catch (Exception e) {
if (BUILD_CHECK_CHOICE == STAGE_CHOICE_IGNORE) {
catchError(
buildResult: 'SUCCESS',
stageResult: 'FAILURE') {
error "Build-Docker-Images job failed but ignored due to Jenkins configuration"
}
} else {
throw e
}
}
}
stage("[NGC-Container-Compliance-Check] Run") {
echo "Triggering OSS Compliance (PLC) container scan for ref: "
try {
def params = [
string(name: 'postMergePipelineName', value: env.JOB_NAME),
string(name: 'postMergeBuildNumber', value: env.BUILD_NUMBER),
string(name: 'scanMode', value: 'pre_merge'),
string(name: 'runSourceCodeScanning', value: 'false'),
string(name: 'runContainerScanning', value: 'true'),
string(name: 'runSonarQube', value: 'false'),
]
def logger = new Logger(pipeline)
def handle = build(
job: "/LLM/helpers/PLCScanningSetup",
parameters: params,
propagate: false
)
if (handle.result != "SUCCESS") {
catchError(buildResult: currentBuild.result ?: 'SUCCESS', stageResult: 'UNSTABLE') {
error "Risks detected on NGC Containers"
}
}
} catch (InterruptedException e) {
throw e
} catch (Exception e) {
catchError(buildResult: 'UNSTABLE', stageResult: 'UNSTABLE') {
error "OSS Compliance Check failed: ${e.getMessage()}"
}
}
}
}
}
]
if (testFilter[(TEST_STAGE_LIST)]?.contains("NGC-Container-Scaning")) {
stages += plcContainerScanningJob
testFilter[(TEST_STAGE_LIST)]?.remove("NGC-Container-Scanning")
echo "Will run job to build ngc containers and running in-pipeline scanning for them"
}

parallelJobs = stages.collectEntries{key, value -> [key, {
script {
stage(key) {
Expand Down
Loading