From 020119c9704eb6298e0e5da022721c291f225cbc Mon Sep 17 00:00:00 2001 From: Ramakrishna Prabhu Date: Tue, 19 May 2026 10:56:23 -0500 Subject: [PATCH 1/5] ci: add NVSkills CI request workflow Adds the NVSkills CI request workflow from the upstream template (NVIDIA/nvskills-ci) to enable signature validation on PRs touching skills/. Excludes the new workflow from pr.yaml change-filters and allows NVIDIA/nvskills-ci references in zizmor (matching the existing rapidsai exemption). Onboarding still requires manual steps: NVCARPS team to add the repo to the policy, install the nv-nvskill-ci GitHub App, and provide the NVSKILLS_CI_DISPATCH_TOKEN secret. Co-Authored-By: Claude Opus 4.7 (1M context) Signed-off-by: Ramakrishna Prabhu --- .github/workflows/pr.yaml | 4 ++++ .github/workflows/request-nvskills-ci.yml | 22 ++++++++++++++++++++++ .github/zizmor.yml | 1 + 3 files changed, 27 insertions(+) create mode 100644 .github/workflows/request-nvskills-ci.yml diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml index b5573cd79f..f9f4e8113a 100644 --- a/.github/workflows/pr.yaml +++ b/.github/workflows/pr.yaml @@ -152,6 +152,7 @@ jobs: - '!.github/workflows/inactivity_reminder.yaml' - '!.github/workflows/issue_automation.yaml' - '!.github/workflows/nightly.yaml' + - '!.github/workflows/request-nvskills-ci.yml' - '!.github/workflows/test.yaml' - '!.github/workflows/test_images.yaml' - '!.github/workflows/trigger-breaking-change-alert.yaml' @@ -208,6 +209,7 @@ jobs: - '!.github/workflows/inactivity_reminder.yaml' - '!.github/workflows/issue_automation.yaml' - '!.github/workflows/nightly.yaml' + - '!.github/workflows/request-nvskills-ci.yml' - '!.github/workflows/test.yaml' - '!.github/workflows/test_images.yaml' - '!.github/workflows/trigger-breaking-change-alert.yaml' @@ -272,6 +274,7 @@ jobs: - '!.github/workflows/inactivity_reminder.yaml' - '!.github/workflows/issue_automation.yaml' - '!.github/workflows/nightly.yaml' + - '!.github/workflows/request-nvskills-ci.yml' - '!.github/workflows/test.yaml' - '!.github/workflows/test_images.yaml' - '!.github/workflows/trigger-breaking-change-alert.yaml' @@ -333,6 +336,7 @@ jobs: - '!.github/workflows/inactivity_reminder.yaml' - '!.github/workflows/issue_automation.yaml' - '!.github/workflows/nightly.yaml' + - '!.github/workflows/request-nvskills-ci.yml' - '!.github/workflows/test.yaml' - '!.github/workflows/test_images.yaml' - '!.github/workflows/trigger-breaking-change-alert.yaml' diff --git a/.github/workflows/request-nvskills-ci.yml b/.github/workflows/request-nvskills-ci.yml new file mode 100644 index 0000000000..67eee3525d --- /dev/null +++ b/.github/workflows/request-nvskills-ci.yml @@ -0,0 +1,22 @@ +name: Request NVSkills CI + +on: + issue_comment: + types: [created] + push: + +jobs: + request: + if: > + (github.event_name == 'issue_comment' && + github.event.issue.pull_request && + startsWith(github.event.comment.body, '/nvskills-ci')) || + (github.event_name == 'push' && + github.actor == (vars.NVSKILLS_SIGNATURE_PUSH_ACTOR || 'nv-nvskill-ci[bot]') && + startsWith(github.event.head_commit.message, vars.NVSKILLS_SIGNATURE_COMMIT_TITLE || 'Attach NVSkills validation signatures')) + permissions: + contents: read + pull-requests: read + uses: NVIDIA/nvskills-ci/.github/workflows/team-request.yml@main + secrets: + NVSKILLS_CI_DISPATCH_TOKEN: ${{ secrets.NVSKILLS_CI_DISPATCH_TOKEN }} diff --git a/.github/zizmor.yml b/.github/zizmor.yml index 1b6ea1e53f..d8daac4df0 100644 --- a/.github/zizmor.yml +++ b/.github/zizmor.yml @@ -6,4 +6,5 @@ rules: # rapidsai/shared-workflows and rapidsai/shared-actions "rapidsai/shared-workflows/*": any "rapidsai/shared-actions/*": any + "NVIDIA/nvskills-ci/*": any "*": hash-pin From 8c9f714fe0bfa5f35b313d4e0fbbc8373ca8d23f Mon Sep 17 00:00:00 2001 From: Ramakrishna Prabhu Date: Tue, 19 May 2026 11:05:31 -0500 Subject: [PATCH 2/5] ci: document /nvskills-ci trigger Adds a brief CONTRIBUTING.md note and a header comment on the workflow file describing how to trigger NVSkills CI on PRs touching skills/. Co-Authored-By: Claude Opus 4.7 (1M context) Signed-off-by: Ramakrishna Prabhu --- .github/workflows/request-nvskills-ci.yml | 7 +++++++ CONTRIBUTING.md | 6 ++++++ 2 files changed, 13 insertions(+) diff --git a/.github/workflows/request-nvskills-ci.yml b/.github/workflows/request-nvskills-ci.yml index 67eee3525d..4c2a306b9d 100644 --- a/.github/workflows/request-nvskills-ci.yml +++ b/.github/workflows/request-nvskills-ci.yml @@ -1,3 +1,10 @@ +# SPDX-FileCopyrightText: Copyright (c) 2026, NVIDIA CORPORATION & AFFILIATES. All rights reserved. +# SPDX-License-Identifier: Apache-2.0 + +# Triggered when a maintainer/admin comments `/nvskills-ci` on a PR +# touching skills/. The bot pushes a signature commit that must remain +# in the PR before merge. Fork-based PRs are not supported. + name: Request NVSkills CI on: diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 675cddf9a6..8612c6c1b5 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -103,6 +103,12 @@ contributing to. Start with _Step 3_ from above, commenting on the issue to let others know you are working on it. If you have any questions related to the implementation of the issue, ask them in the issue instead of the PR. +### NVSkills CI for skill changes + +PRs that change content under `skills/` must be validated by NVSkills CI before merge. A maintainer or admin comments `/nvskills-ci` on the PR; the `nv-nvskill-ci[bot]` pushes a signature commit (`Attach NVSkills validation signatures`) that must remain in the PR. Re-comment `/nvskills-ci` after any further pushes to re-sign. + +NVSkills CI requires the PR to originate from a branch in `NVIDIA/cuopt`; fork-based PRs are not supported. + ## Setting up your build environment The following instructions are for developers and contributors to NVIDIA cuOpt development. These From da38fb2b949373812e26718a823c0993261c8613 Mon Sep 17 00:00:00 2001 From: Ramakrishnap <42624703+rgsl888prabhu@users.noreply.github.com> Date: Wed, 20 May 2026 00:49:19 +0530 Subject: [PATCH 3/5] Update request-nvskills-ci.yml --- .github/workflows/request-nvskills-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/request-nvskills-ci.yml b/.github/workflows/request-nvskills-ci.yml index 4c2a306b9d..917d3ce2b1 100644 --- a/.github/workflows/request-nvskills-ci.yml +++ b/.github/workflows/request-nvskills-ci.yml @@ -24,6 +24,6 @@ jobs: permissions: contents: read pull-requests: read - uses: NVIDIA/nvskills-ci/.github/workflows/team-request.yml@main + uses: NVIDIA/skills/.github/workflows/team-request.yml@main secrets: NVSKILLS_CI_DISPATCH_TOKEN: ${{ secrets.NVSKILLS_CI_DISPATCH_TOKEN }} From 0039e703a3e49ee0c602887f6595bf305aef4e95 Mon Sep 17 00:00:00 2001 From: Ramakrishna Prabhu Date: Tue, 19 May 2026 14:30:42 -0500 Subject: [PATCH 4/5] ci: realign zizmor allowlist with NVIDIA/skills reusable workflow Replaces the NVIDIA/nvskills-ci allowlist entry with NVIDIA/skills to match the reusable workflow path used by request-nvskills-ci.yml. Co-Authored-By: Claude Opus 4.7 (1M context) Signed-off-by: Ramakrishna Prabhu --- .github/zizmor.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/zizmor.yml b/.github/zizmor.yml index d8daac4df0..16c9bcadee 100644 --- a/.github/zizmor.yml +++ b/.github/zizmor.yml @@ -6,5 +6,5 @@ rules: # rapidsai/shared-workflows and rapidsai/shared-actions "rapidsai/shared-workflows/*": any "rapidsai/shared-actions/*": any - "NVIDIA/nvskills-ci/*": any + "NVIDIA/skills/*": any "*": hash-pin From c97e6dca72e21804b5ce9efae5b8894a4c4c2cbc Mon Sep 17 00:00:00 2001 From: Ramakrishna Prabhu Date: Tue, 19 May 2026 14:37:03 -0500 Subject: [PATCH 5/5] skill: add SPDX license header to cuopt-developer Co-Authored-By: Claude Opus 4.7 (1M context) Signed-off-by: Ramakrishna Prabhu --- skills/cuopt-developer/SKILL.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/skills/cuopt-developer/SKILL.md b/skills/cuopt-developer/SKILL.md index 34a2cf0502..2c2aa8a587 100644 --- a/skills/cuopt-developer/SKILL.md +++ b/skills/cuopt-developer/SKILL.md @@ -6,6 +6,11 @@ description: Modify, build, test, debug, and contribute to NVIDIA cuOpt (C++/CUD # cuOpt Developer Skill + + Contribute to the NVIDIA cuOpt codebase. This skill is for modifying cuOpt itself, not for using it. **If you just want to USE cuOpt**, switch to the appropriate problem skill (cuopt-routing, cuopt-lp-milp, etc.)