Skip to content

chore(ci): make isolated package builds optional#2987

Merged
poroh merged 1 commit into
NVIDIA:mainfrom
poroh:make-isolated-package-builds-optional
Jun 29, 2026
Merged

chore(ci): make isolated package builds optional#2987
poroh merged 1 commit into
NVIDIA:mainfrom
poroh:make-isolated-package-builds-optional

Conversation

@poroh

@poroh poroh commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Move isolated package build checks out of required CI/pre-build checks and document them as an optional maintenance workflow.

Related issues

Closes #2984

Type of Change

  • Add - New feature or capability
  • Change - Changes in existing functionality
  • Fix - Bug fixes
  • Remove - Removed features or deprecated functionality
  • Internal - Internal changes (refactoring, tests, docs, etc.)

Breaking Changes

  • This PR contains breaking changes

Testing

  • Unit tests added/updated
  • Integration tests added/updated
  • Manual testing performed
  • No testing required (docs, internal refactor, etc.)

Additional Notes

Move isolated package build checks out of required CI/pre-build checks
and document them as an optional maintenance workflow.

Refs NVIDIA#2984

Signed-off-by: Dmitry Porokh <dporokh@nvidia.com>
@poroh poroh requested review from a team as code owners June 29, 2026 20:03
@coderabbitai

coderabbitai Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

Walkthrough

check-isolated-package-builds is removed from the pre-commit-verify-workspace dependency list in Makefile.toml and from the lint-police CI job in .github/workflows/ci.yaml. It is re-exposed as an optional core/check-isolated-package-builds Make target in the root Makefile, with AGENTS.md updated to reflect its voluntary, non-gating status.

Changes

Demote isolated-package-builds check to optional

Layer / File(s) Summary
Remove from required pre-commit and CI gates
Makefile.toml, .github/workflows/ci.yaml
check-isolated-package-builds is dropped from the pre-commit-verify-workspace dependencies and from the lint-police job step sequence.
Expose as optional Make target
Makefile
Header comment broadened from rest-api-only; help output extended with a Core (Rust) section; new .PHONY target core/check-isolated-package-builds delegates to cargo make --no-workspace check-isolated-package-builds.
Update AGENTS.md documentation
AGENTS.md
Documents the check as an optional maintenance command, rewrites the Top-level Makefile entrypoints section, and removes the outdated note that Core tasks are absent from the root Makefile.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

Possibly related PRs

  • NVIDIA/infra-controller#2971: Modifies .github/workflows/ci.yaml around the same lint-police job, specifically adjusting which downstream jobs depend on it.
🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly matches the main change: moving isolated package build checks out of required CI.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Description check ✅ Passed The description accurately matches the changes: isolated build checks move out of required CI and are documented as optional maintenance.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Comment @coderabbitai help to get the list of available commands.

@github-actions

Copy link
Copy Markdown

🔍 Container Scan Summary

Service Total Critical High Medium Low Other
boot-artifacts-aarch64 3 0 0 3 0 0
boot-artifacts-x86_64 3 0 0 3 0 0
forge-admin-cli-x86_64 288 6 26 105 7 144
machine-validation-runner 751 30 190 274 36 221
machine_validation 751 30 190 274 36 221
machine_validation-aarch64 751 30 190 274 36 221
nvmetal-carbide 751 30 190 274 36 221
TOTAL 3298 126 786 1207 151 1028

Per-CVE detail lives in the per-service grype-* artifacts (JSON + SARIF). Severity counts only — no CVE IDs published here.

@poroh poroh merged commit f097c36 into NVIDIA:main Jun 29, 2026
59 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

ci: Remove isolated package build from CI lint-police

3 participants