From ef72c0c8985eb1f505c2cec70f7d24380eeca999 Mon Sep 17 00:00:00 2001 From: Scott Roy Date: Fri, 26 Jun 2026 09:55:13 -0700 Subject: [PATCH 1/4] test fix --- .github/workflows/_test_backend.yml | 7 ++++- .github/workflows/test-backend-coreml.yml | 31 +++++++++++++++++------ 2 files changed, 29 insertions(+), 9 deletions(-) diff --git a/.github/workflows/_test_backend.yml b/.github/workflows/_test_backend.yml index 6323c007f4a..2a0be0048b0 100644 --- a/.github/workflows/_test_backend.yml +++ b/.github/workflows/_test_backend.yml @@ -36,6 +36,11 @@ on: required: false type: string default: linux.4xlarge.memory + runner-macos: + description: 'Runner type for macOS jobs' + required: false + type: string + default: macos-m1-stable docker-image: description: 'Docker image for Linux jobs' required: false @@ -131,7 +136,7 @@ jobs: with: default-packages: "" ref: ${{ inputs.ref }} - runner: macos-m1-stable + runner: ${{ inputs.runner-macos }} python-version: "3.12" submodules: recursive timeout: ${{ inputs.timeout }} diff --git a/.github/workflows/test-backend-coreml.yml b/.github/workflows/test-backend-coreml.yml index 19f77acad29..ad33a6ce423 100644 --- a/.github/workflows/test-backend-coreml.yml +++ b/.github/workflows/test-backend-coreml.yml @@ -25,16 +25,30 @@ jobs: name: Get changed files uses: ./.github/workflows/_get-changed-files.yml + # Emits is-full-run='true' for workflow_dispatch / ciflow tag / + # sampled-push commits (every 4th main/release commit by depth). + # Returns 'false' for pull_request events — PR jobs use the + # changed-files path filter below for gating instead. + run-decision: + name: CI run decision + uses: ./.github/workflows/_ci-run-decision.yml + test-coreml: - needs: changed-files + needs: [changed-files, run-decision] + # PRs: path-gated. Pushes to main/release: sampled (every 4th commit) + # via run-decision. schedule (nightly) / workflow_dispatch / ciflow + # tags: always full. if: | - github.event_name != 'pull_request' || - contains(needs.changed-files.outputs.changed-files, 'backends/apple/coreml') || - contains(needs.changed-files.outputs.changed-files, 'backends/test/suite') || - contains(needs.changed-files.outputs.changed-files, '.ci/scripts/test_backend.sh') || - contains(needs.changed-files.outputs.changed-files, '.ci/scripts/setup-macos.sh') || - contains(needs.changed-files.outputs.changed-files, '.github/workflows/test-backend-coreml.yml') || - contains(needs.changed-files.outputs.changed-files, '.github/workflows/_test_backend.yml') + github.event_name == 'schedule' || + (github.event_name == 'pull_request' && ( + contains(needs.changed-files.outputs.changed-files, 'backends/apple/coreml') || + contains(needs.changed-files.outputs.changed-files, 'backends/test/suite') || + contains(needs.changed-files.outputs.changed-files, '.ci/scripts/test_backend.sh') || + contains(needs.changed-files.outputs.changed-files, '.ci/scripts/setup-macos.sh') || + contains(needs.changed-files.outputs.changed-files, '.github/workflows/test-backend-coreml.yml') || + contains(needs.changed-files.outputs.changed-files, '.github/workflows/_test_backend.yml') + )) || + (github.event_name != 'pull_request' && needs.run-decision.outputs.is-full-run == 'true') uses: ./.github/workflows/_test_backend.yml with: backend: coreml @@ -45,3 +59,4 @@ jobs: ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }} timeout: 180 run-macos: true + runner-macos: macos-15-xlarge From 7ee42c81d65df821017d36ca2dca9bf9f6e4502d Mon Sep 17 00:00:00 2001 From: Scott Roy Date: Fri, 26 Jun 2026 11:47:08 -0700 Subject: [PATCH 2/4] up --- .github/workflows/test-backend-coreml.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test-backend-coreml.yml b/.github/workflows/test-backend-coreml.yml index ad33a6ce423..d78cef78107 100644 --- a/.github/workflows/test-backend-coreml.yml +++ b/.github/workflows/test-backend-coreml.yml @@ -59,4 +59,4 @@ jobs: ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }} timeout: 180 run-macos: true - runner-macos: macos-15-xlarge + runner-macos: macos-14-xlarge From 3559221e41c730b6055ce9368e8eb3432f9bbd36 Mon Sep 17 00:00:00 2001 From: Scott Roy Date: Fri, 26 Jun 2026 12:47:00 -0700 Subject: [PATCH 3/4] up --- .github/workflows/test-backend-coreml.yml | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/.github/workflows/test-backend-coreml.yml b/.github/workflows/test-backend-coreml.yml index d78cef78107..adead272eab 100644 --- a/.github/workflows/test-backend-coreml.yml +++ b/.github/workflows/test-backend-coreml.yml @@ -16,6 +16,11 @@ concurrency: group: ${{ github.workflow }}--${{ github.event.pull_request.number || github.sha }}-${{ github.event_name == 'workflow_dispatch' }} cancel-in-progress: true +# Restrict the default GITHUB_TOKEN to read-only; jobs that need more +# (e.g. OIDC for AWS/S3) opt in explicitly at the job level below. +permissions: + contents: read + jobs: # Emits PR diff file list; non-PR events emit '*' so the per-job # `if:` short-circuits via `event_name != 'pull_request'`. This @@ -35,6 +40,15 @@ jobs: test-coreml: needs: [changed-files, run-decision] + # OIDC token needed so the ephemeral macOS runner (macos-*-xlarge) can + # assume the AWS role for S3 access — both the test-report artifact + # upload in macos_job.yml and the cached-wheel upload in + # setup-macos.sh. Self-hosted *-stable runners have an instance role + # and don't need this, but ephemeral runners get creds only via OIDC. + # Granted on the caller job and inherited by _test_backend.yml's jobs. + permissions: + id-token: write + contents: read # PRs: path-gated. Pushes to main/release: sampled (every 4th commit) # via run-decision. schedule (nightly) / workflow_dispatch / ciflow # tags: always full. @@ -59,4 +73,4 @@ jobs: ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }} timeout: 180 run-macos: true - runner-macos: macos-14-xlarge + runner-macos: macos-15-xlarge From d02f17df940daf5405171a75c75e3cac3f8559c9 Mon Sep 17 00:00:00 2001 From: Scott Roy Date: Fri, 26 Jun 2026 14:29:44 -0700 Subject: [PATCH 4/4] up --- .github/workflows/_test_backend.yml | 14 ++++--- .github/workflows/test-backend-coreml.yml | 48 ++++++----------------- 2 files changed, 19 insertions(+), 43 deletions(-) diff --git a/.github/workflows/_test_backend.yml b/.github/workflows/_test_backend.yml index 2a0be0048b0..11a34bfa4fb 100644 --- a/.github/workflows/_test_backend.yml +++ b/.github/workflows/_test_backend.yml @@ -11,6 +11,11 @@ on: description: 'JSON array of flows to test' required: true type: string + matrix-exclude: + description: 'JSON array of {flow, suite} combos to exclude from the matrix' + required: false + type: string + default: '[]' ref: description: 'Git ref to checkout' required: false @@ -36,11 +41,6 @@ on: required: false type: string default: linux.4xlarge.memory - runner-macos: - description: 'Runner type for macOS jobs' - required: false - type: string - default: macos-m1-stable docker-image: description: 'Docker image for Linux jobs' required: false @@ -55,6 +55,7 @@ jobs: matrix: flow: ${{ fromJSON(inputs.flows) }} suite: [models, operators] + exclude: ${{ fromJSON(inputs.matrix-exclude) }} uses: pytorch/test-infra/.github/workflows/linux_job_v2.yml@main with: @@ -131,12 +132,13 @@ jobs: matrix: flow: ${{ fromJSON(inputs.flows) }} suite: [models, operators] + exclude: ${{ fromJSON(inputs.matrix-exclude) }} uses: pytorch/test-infra/.github/workflows/macos_job.yml@main with: default-packages: "" ref: ${{ inputs.ref }} - runner: ${{ inputs.runner-macos }} + runner: macos-m1-stable python-version: "3.12" submodules: recursive timeout: ${{ inputs.timeout }} diff --git a/.github/workflows/test-backend-coreml.yml b/.github/workflows/test-backend-coreml.yml index adead272eab..31396fd5140 100644 --- a/.github/workflows/test-backend-coreml.yml +++ b/.github/workflows/test-backend-coreml.yml @@ -16,11 +16,6 @@ concurrency: group: ${{ github.workflow }}--${{ github.event.pull_request.number || github.sha }}-${{ github.event_name == 'workflow_dispatch' }} cancel-in-progress: true -# Restrict the default GITHUB_TOKEN to read-only; jobs that need more -# (e.g. OIDC for AWS/S3) opt in explicitly at the job level below. -permissions: - contents: read - jobs: # Emits PR diff file list; non-PR events emit '*' so the per-job # `if:` short-circuits via `event_name != 'pull_request'`. This @@ -30,39 +25,16 @@ jobs: name: Get changed files uses: ./.github/workflows/_get-changed-files.yml - # Emits is-full-run='true' for workflow_dispatch / ciflow tag / - # sampled-push commits (every 4th main/release commit by depth). - # Returns 'false' for pull_request events — PR jobs use the - # changed-files path filter below for gating instead. - run-decision: - name: CI run decision - uses: ./.github/workflows/_ci-run-decision.yml - test-coreml: - needs: [changed-files, run-decision] - # OIDC token needed so the ephemeral macOS runner (macos-*-xlarge) can - # assume the AWS role for S3 access — both the test-report artifact - # upload in macos_job.yml and the cached-wheel upload in - # setup-macos.sh. Self-hosted *-stable runners have an instance role - # and don't need this, but ephemeral runners get creds only via OIDC. - # Granted on the caller job and inherited by _test_backend.yml's jobs. - permissions: - id-token: write - contents: read - # PRs: path-gated. Pushes to main/release: sampled (every 4th commit) - # via run-decision. schedule (nightly) / workflow_dispatch / ciflow - # tags: always full. + needs: changed-files if: | - github.event_name == 'schedule' || - (github.event_name == 'pull_request' && ( - contains(needs.changed-files.outputs.changed-files, 'backends/apple/coreml') || - contains(needs.changed-files.outputs.changed-files, 'backends/test/suite') || - contains(needs.changed-files.outputs.changed-files, '.ci/scripts/test_backend.sh') || - contains(needs.changed-files.outputs.changed-files, '.ci/scripts/setup-macos.sh') || - contains(needs.changed-files.outputs.changed-files, '.github/workflows/test-backend-coreml.yml') || - contains(needs.changed-files.outputs.changed-files, '.github/workflows/_test_backend.yml') - )) || - (github.event_name != 'pull_request' && needs.run-decision.outputs.is-full-run == 'true') + github.event_name != 'pull_request' || + contains(needs.changed-files.outputs.changed-files, 'backends/apple/coreml') || + contains(needs.changed-files.outputs.changed-files, 'backends/test/suite') || + contains(needs.changed-files.outputs.changed-files, '.ci/scripts/test_backend.sh') || + contains(needs.changed-files.outputs.changed-files, '.ci/scripts/setup-macos.sh') || + contains(needs.changed-files.outputs.changed-files, '.github/workflows/test-backend-coreml.yml') || + contains(needs.changed-files.outputs.changed-files, '.github/workflows/_test_backend.yml') uses: ./.github/workflows/_test_backend.yml with: backend: coreml @@ -70,7 +42,9 @@ jobs: ${{ github.event_name == 'pull_request' && '["coreml"]' || '["coreml", "coreml_static_int8"]' }} + # Run coreml_static_int8 for the operators suite only; skip it for + # the models suite (still covered by the coreml flow). + matrix-exclude: '[{"flow": "coreml_static_int8", "suite": "models"}]' ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }} timeout: 180 run-macos: true - runner-macos: macos-15-xlarge