Skip to content

ci: publish slurm-smd-* releases to forge.together.xyz (R2)#19

Open
markballew wants to merge 2 commits into
mainfrom
mballew/sre-5009-publish-to-forge-r2
Open

ci: publish slurm-smd-* releases to forge.together.xyz (R2)#19
markballew wants to merge 2 commits into
mainfrom
mballew/sre-5009-publish-to-forge-r2

Conversation

@markballew

Copy link
Copy Markdown

Summary

Adds a workflow_dispatch GitHub Actions workflow that republishes the slurm-smd-* (and Pyxis) .deb GitHub Release artifacts built by this repo into the R2-backed apt repo served at forge.together.xyz, so the bare-metal Forge ansible (togethercomputer/infra) can apt install them.

This is the producer side of slurm25 bare-metal enablement (consumer-side ansible: togethercomputer/infra#32341). forge.together.xyz/slurm25 returns 404 today; this fills that gap.

How it works

  • Layout: forge.together.xyz/slurm<major>/dists/<suite>/... — an aptly publish at bucket prefix slurm<major>/ in the Cloudflare R2 bucket together-forge. ubuntu24.04 -> noble, ubuntu22.04 -> jammy. Mirrors the existing (manually published) slurm24/jammy repo.
  • Inputs: slurm_major (e.g. 25), distribution (ubuntu24.04/ubuntu22.04), include_pyxis.
  • Idempotent: each run gathers all releases for the chosen major + distribution and republishes from scratch (-force-overwrite), so re-running after a new minor (25.11.3/.4/.5 already exist) refreshes slurm25 with every 25.x build.
  • Published unsigned, matching the existing slurm24 repo (the infra slurm-node role adds the apt source with trusted: true).

Required secrets (must be added before first run)

A Cloudflare R2 API token (S3 access key/secret) scoped to write together-forge, as repo or org secrets:

  • R2_ACCESS_KEY_ID
  • R2_SECRET_ACCESS_KEY

Validation

  • actionlint clean except the ubuntu-22.04-4core runner-label warning (org custom runner; same label the existing slurm_packages.yml uses).
  • Embedded run: scripts pass shellcheck (via actionlint); YAML parses.

Test plan

  • Add R2_ACCESS_KEY_ID / R2_SECRET_ACCESS_KEY secrets
  • Dispatch with slurm_major=25, distribution=ubuntu24.04
  • Confirm https://forge.together.xyz/slurm25/dists/noble/Release -> 200 (workflow verify step)
  • On a noble node, apt install slurm-smd slurm-smd-slurmd slurm-smd-dev from the repo

Refs: SRE-5009, ENG-39279

markballew and others added 2 commits June 17, 2026 18:44
Add a workflow_dispatch workflow that republishes the slurm-smd-* (and Pyxis)
GitHub Release artifacts into the R2-backed apt repo at forge.together.xyz via
aptly, so the bare-metal Forge ansible (togethercomputer/infra) can apt-install
them.

- Publishes forge.together.xyz/slurm<major>/dists/<suite> (aptly publish at R2
  bucket prefix slurm<major>/, bucket together-forge); ubuntu24.04 -> noble,
  ubuntu22.04 -> jammy.
- Gathers all releases for the chosen major + distribution and republishes the
  repo from scratch (idempotent); unsigned to match the existing slurm24 repo.
- Requires Cloudflare R2 API token secrets R2_ACCESS_KEY_ID / R2_SECRET_ACCESS_KEY.

Refs: SRE-5009
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant