Skip to content

ci: run model-scoped pypto-serving accuracy guards#759

Merged
zhangqi-chen merged 1 commit into
hw-native-sys:mainfrom
ndleslx:dsv4-serving-ci
Jul 13, 2026
Merged

ci: run model-scoped pypto-serving accuracy guards#759
zhangqi-chen merged 1 commit into
hw-native-sys:mainfrom
ndleslx:dsv4-serving-ci

Conversation

@ndleslx

@ndleslx ndleslx commented Jul 13, 2026

Copy link
Copy Markdown
Contributor

Summary

  • generalize the pypto-serving test action with model-name and model-dir inputs
  • use one PR-only serving job with model-specific Qwen and DeepSeek change detection
  • run the merged pypto-serving DeepSeek V4 accuracy guard with automatic eight-device allocation and whitelist bypass
  • apply 20-minute allocation and 30-minute runtime limits to both Qwen and DeepSeek task submissions

Validation

  • parsed the composite action and workflow YAML locally
  • passed header, English-only, Ruff, and diff checks
  • verified Qwen-only, DeepSeek-only, combined, unrelated, and non-PR selection behavior
  • verified the DeepSeek PTO2 ring inputs and task-submit arguments are forwarded explicitly

Depends on the DeepSeek accuracy guard merged in hw-native-sys/pypto-serving#67.

Generalize the pypto-serving test action with model-name and model-dir inputs so the same integration path can execute Qwen3-14B or DeepSeek V4 coverage. The action checks out pypto-serving main, replaces its pypto-lib submodule with the PR checkout, installs the shared serving dependencies, and dispatches the selected model guard.

Use one PR-only serving job to share the NPU environment setup and PyPTO build. Detect Qwen and DeepSeek source changes independently, invoke only the affected model actions, run both sequentially when a PR touches both model trees, and retain one orphan-task and build-artifact cleanup path.

Bound both Qwen and DeepSeek task submissions with a 20-minute allocation wait and 30-minute runtime limit. Run the DeepSeek V4 HTTP accuracy guard with /data/l00955553/model/dsv4-flash-w8a8 using automatic eight-device allocation outside the configured whitelist, while preserving the existing Qwen device-selection behavior and the validated model-specific ring and runtime settings.
@coderabbitai

coderabbitai Bot commented Jul 13, 2026

Copy link
Copy Markdown

Review Change Stack

📝 Walkthrough

Walkthrough

Serving CI now selects Qwen3-14B or DeepSeek V4 tests based on changed model paths. The composite action adds model selection, model-specific environments, updated task submission settings, and fixed serving checkout behavior.

Changes

Serving test CI

Layer / File(s) Summary
Serving test action contract
.github/actions/pypto-serving-tests/action.yml
The action adds required model selection, updates model directory metadata, checks out main, and installs additional test dependencies.
Model-specific test execution
.github/actions/pypto-serving-tests/action.yml
Qwen3-14B and DeepSeek V4 accuracy tests run conditionally with distinct runtime environments and task submission parameters.
CI model routing and cleanup
.github/workflows/ci.yml
Change detection emits separate model flags, the shared serving job runs matching tests, and cleanup targets serving build output.

Estimated code review effort: 3 (Moderate) | ~20 minutes

Possibly related issues

Possibly related PRs

Poem

A rabbit hops where model tests run,
Qwen and DeepSeek beneath the sun.
Flags now guide each serving lane,
Timeouts keep the tasks on chain.
Build scraps tidy, paths align—
I thump my paws for greener CI! 🐇

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly summarizes the CI change to run model-scoped pypto-serving accuracy guards.
Description check ✅ Passed The description matches the workflow/action changes and validation described in the PR.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the GitHub Action pypto-serving-tests to support running different model tests dynamically based on a new model-name input, specifically adding support for DeepSeek-V4 accuracy tests alongside the existing Qwen3 tests. Feedback points out a copy-paste error in the newly added DeepSeek-V4 test step, where TASK_DEVICE is redundantly self-assigned instead of correctly setting DEVICE_ID to propagate the active device ID to the test execution.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

source "$GITHUB_WORKSPACE/$PYPTO_LIB_CHECKOUT/activate.sh"
run_cmd="source $GITHUB_WORKSPACE/$PYPTO_LIB_CHECKOUT/activate.sh"
run_cmd="$run_cmd && cd $GITHUB_WORKSPACE/$PYPTO_SERVING_CHECKOUT"
run_cmd="$run_cmd && TASK_DEVICE=\$TASK_DEVICE"

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

There is a copy-paste error here. In the Qwen test step, DEVICE_ID is set to $TASK_DEVICE (i.e., DEVICE_ID=\$TASK_DEVICE) so that the active Ascend device ID is correctly propagated to the pytest command. Here, TASK_DEVICE=\$TASK_DEVICE is a redundant self-assignment since TASK_DEVICE is already set by task-submit. It should be changed to DEVICE_ID=\$TASK_DEVICE to ensure the correct device ID environment variable is passed to the DeepSeek test run.

        run_cmd="$run_cmd && DEVICE_ID=\\$TASK_DEVICE"

@zhangqi-chen zhangqi-chen merged commit 6c9f072 into hw-native-sys:main Jul 13, 2026
7 of 8 checks passed

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
.github/workflows/ci.yml (1)

310-375: 🔒 Security & Privacy | 🔵 Trivial | ⚡ Quick win

Add a permissions block to the serving job.

zizmor flags excessive default permissions due to no permissions block. The serving job only runs tests and doesn't need write access. Adding an explicit least-privilege block prevents the job from inheriting overly broad repo-default token permissions.

🔒️ Proposed addition
   serving:
     needs: detect-changes
+    permissions:
+      contents: read
     # PR-only: run one shared setup, then the guards selected by model changes.
     if: >-
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/ci.yml around lines 310 - 375, Add an explicit
least-privilege permissions block to the serving job, alongside its existing
job-level settings, granting only the read access required by its
checkout/actions and leaving all write permissions disabled. Do not change the
serving job’s triggers, steps, or action inputs.

Source: Linters/SAST tools

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In @.github/workflows/ci.yml:
- Around line 310-375: Add an explicit least-privilege permissions block to the
serving job, alongside its existing job-level settings, granting only the read
access required by its checkout/actions and leaving all write permissions
disabled. Do not change the serving job’s triggers, steps, or action inputs.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 9538e0f1-c4db-4217-b8d8-c7a8b3c01070

📥 Commits

Reviewing files that changed from the base of the PR and between 3bbd72d and 0e5f6d9.

📒 Files selected for processing (2)
  • .github/actions/pypto-serving-tests/action.yml
  • .github/workflows/ci.yml

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants