gmanal - test change

[gmanal]

Description

closes

Checklist

• New or existing tests cover these changes.
• The documentation is up to date with these changes.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 407a3c17-7585-4058-aead-4ec1430d76f1

📥 Commits

Reviewing files that changed from the base of the PR and between f10932d and 2212b4c.

📒 Files selected for processing (1)

• .github/workflows/test-nvcr-pull.yml

🚧 Files skipped from review as they are similar to previous changes (1)

• .github/workflows/test-nvcr-pull.yml

---

📝 Walkthrough

Summary by CodeRabbit

• Chores
  • Added a new GitHub Actions workflow ("nvcr image pull + size") to perform a one-time anonymous pull of a fixed public NVCR image on PR mirror branches and via manual trigger, report the image’s on-disk size (bytes and formatted), always attempt cleanup (warning on removal failures), use concurrency with cancel-in-progress, and pick an appropriate runner.

Walkthrough

suggestion: New GitHub Actions workflow "nvcr image pull + size" triggers on push to pull-request/[0-9]+ and workflow_dispatch, conditionally selects runner, pulls a fixed NVCR_IMAGE, reports local image size (bytes/MiB/GiB), and always attempts image removal.

Changes

NVCR Image Pull Smoke Test

Layer / File(s)	Summary
Workflow metadata and triggers .github/workflows/test-nvcr-pull.yml	Workflow name nvcr image pull + size, run-name, triggers (push.branches: ["pull-request/[0-9]+"], workflow_dispatch), concurrency group with cancel-in-progress, and permissions: contents: read.
Job runs-on and environment .github/workflows/test-nvcr-pull.yml	Job pull-and-size with conditional `runs-on: ${{ github.repository == 'NVIDIA/cccl' && 'linux-amd64-cpu4'
Pull, inspect, and cleanup steps .github/workflows/test-nvcr-pull.yml	Steps: docker pull "${NVCR_IMAGE}", docker image inspect to emit byte and formatted MiB/GiB size, and an if: always() cleanup that removes the image if present (warnings on docker rmi failure).

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

.github/workflows/test-nvcr-pull.yml (1)

47-53: ⚡ Quick win

suggestion: Add timeout-minutes on the job to cap hangs in network/docker steps; without it, a stuck run can consume self-hosted capacity for hours and increase CI fanout cost.

As per coding guidelines, for .github/**/* reviews should focus on “avoiding unnecessary CI fanout”.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 4f5ca60d-9f7c-4bad-8228-f93e2aedd998

📥 Commits

Reviewing files that changed from the base of the PR and between 2b21bec and cea1a9f.

📒 Files selected for processing (1)

• .github/workflows/test-nvcr-pull.yml

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (1)

.github/workflows/test-nvcr-pull.yml (1)

31-31: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

important: Add timeout-minutes on the pull-and-size job to cap stuck pulls/registry hangs on self-hosted runners. Missing timeout can tie up runner capacity and delay required checks.

🧹 Nitpick comments (1)

.github/workflows/test-nvcr-pull.yml (1)

52-54: ⚡ Quick win

suggestion: Don’t fully suppress cleanup failures on Line 54. || true hides persistent cleanup problems on self-hosted runners; at minimum, emit a warning when removal fails so disk-growth issues are visible in logs.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: e968a478-50ea-4eb0-ab90-f2cd9b3e327e

📥 Commits

Reviewing files that changed from the base of the PR and between f67036a and f10932d.

📒 Files selected for processing (1)

• .github/workflows/test-nvcr-pull.yml

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail
FILE=".github/workflows/test-nvcr-pull.yml"
echo "=== file ==="
ls -l "$FILE"
echo
echo "=== snippet around line 37 ==="
nl -ba "$FILE" | sed -n '1,120p'

Repository: NVIDIA/cccl

Length of output: 247

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail
FILE=".github/workflows/test-nvcr-pull.yml"

echo "=== file ==="
ls -l "$FILE"
echo

echo "=== lines 1-120 with numbers (no nl) ==="
cat -n "$FILE" | sed -n '1,120p'
echo

echo "=== lines around NVCR_IMAGE ==="
rg -n "NVCR_IMAGE" "$FILE" || true
echo

echo "=== lines around job steps cleanup/docker rmi ==="
rg -n "docker rmi|cleanup" "$FILE" || true
echo

echo "=== search for timeout-minutes ==="
rg -n "timeout-minutes" "$FILE" || true

Repository: NVIDIA/cccl

Length of output: 2871

---

important: Pin NVCR_IMAGE to an immutable digest instead of the mutable :1.33 tag to keep the workflow reproducible and strengthen supply-chain trust (line 37).

• suggestion: Add timeout-minutes to jobs.pull-and-size and avoid masking cleanup failures (docker rmi ... || true) so self-hosted runner hygiene issues don’t get hidden (lines 31-37, 52-54).

[github-actions]

😬 CI Workflow Results

🟥 Finished in 1h 28m: Pass: 99%/501 | Total: 3d 07h | Max: 57m 11s | Hits: 99%/625845

See results here.