Enable collation of all license files into pre-built binaries #1679

robertmaynard · 2026-01-07T15:59:08Z

No description provided.

copy-pr-bot · 2026-01-07T15:59:12Z

Auto-sync is disabled for draft pull requests in this repository. Workflows must be run manually.

Contributors can view more details about this message here.

robertmaynard · 2026-01-07T15:59:24Z

/okay to test

robertmaynard · 2026-01-07T19:03:55Z

/okay to test

robertmaynard · 2026-01-07T20:10:07Z

/okay to test

robertmaynard · 2026-01-07T20:11:34Z

/okay to test

robertmaynard · 2026-01-07T21:18:09Z

Waiting on rapidsai/shared-workflows#488 before we can merge

ci/build_standalone_c.sh

msarahan · 2026-01-21T21:09:04Z

CI should be re-run when rapidsai/spdx-license-builder#3 is merged

copy-pr-bot · 2026-01-21T22:10:12Z

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

msarahan · 2026-01-21T22:10:40Z

/okay to test

copy-pr-bot · 2026-01-21T22:10:45Z

/okay to test

@msarahan, there was an error processing your request: E1

See the following link for more information: https://docs.gha-runners.nvidia.com/cpr/e/1/

msarahan · 2026-01-21T22:12:02Z

/ok to test 1642778

msarahan · 2026-01-22T15:14:56Z

@robertmaynard how do you want to treat situations where licenses don't get bundled?

Fetching license NCSA from SPDX API...
Warning: Error fetching license NCSA from SPDX API: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1017)>
Fetching license BSL-1.0 from SPDX API...
Warning: Error fetching license BSL-1.0 from SPDX API: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1017)>
Fetching license BSD-2-Clause from SPDX API...
Warning: Error fetching license BSD-2-Clause from SPDX API: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1017)>
============================================================
Machine-friendly JSON output written to: c/build/install/licenses.json
Fetching license Apache-2.0 from SPDX API...
Warning: Error fetching license Apache-2.0 from SPDX API: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1017)>
User-friendly text output written to: c/build/install/LICENSE

My inclination is to fail this build, because leaving the license out could/would mean that we are not in compliance with the license?

To be clear, I am working on fixing the network issues here, but just wanted to check with you for future error handling.

robertmaynard · 2026-01-22T16:29:12Z

@robertmaynard how do you want to treat situations where licenses don't get bundled?

Fetching license NCSA from SPDX API...
Warning: Error fetching license NCSA from SPDX API: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1017)>
Fetching license BSL-1.0 from SPDX API...
Warning: Error fetching license BSL-1.0 from SPDX API: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1017)>
Fetching license BSD-2-Clause from SPDX API...
Warning: Error fetching license BSD-2-Clause from SPDX API: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1017)>
============================================================
Machine-friendly JSON output written to: c/build/install/licenses.json
Fetching license Apache-2.0 from SPDX API...
Warning: Error fetching license Apache-2.0 from SPDX API: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1017)>
User-friendly text output written to: c/build/install/LICENSE

My inclination is to fail this build, because leaving the license out could/would mean that we are not in compliance with the license?

To be clear, I am working on fixing the network issues here, but just wanted to check with you for future error handling.

I agree we should have license packaging issues fail the build.

If this becomes a frequent occurance on PRs we can make just the 'nighly' builds ( build.yaml ) require success for license while the PR.yaml could allow failures since those binaries shouldn't be distributed.

msarahan · 2026-01-22T16:37:44Z

/ok to test 1642778

msarahan · 2026-01-22T16:39:56Z

/ok to test 1642778

msarahan · 2026-01-22T17:27:09Z

looks happy:

Looking in indexes: https://pypi.org/simple, https://pypi.anaconda.org/rapidsai-wheels-nightly/simple, https://pypi.nvidia.com/
Collecting git+https://github.com/rapidsai/spdx-license-builder.git
  Cloning https://github.com/rapidsai/spdx-license-builder.git to /tmp/pip-req-build-kqbfyyvi
  Running command git clone --filter=blob:none --quiet https://github.com/rapidsai/spdx-license-builder.git /tmp/pip-req-build-kqbfyyvi
  Resolved https://github.com/rapidsai/spdx-license-builder.git to commit 5cf9fa29a2a75c1ce842329716a78157cbf1b85a
  Installing build dependencies: started
  Installing build dependencies: finished with status 'done'
  Getting requirements to build wheel: started
  Getting requirements to build wheel: finished with status 'done'
  Preparing metadata (pyproject.toml): started
  Preparing metadata (pyproject.toml): finished with status 'done'
Requirement already satisfied: certifi>=2023.0.0 in /pyenv/versions/3.10.19/lib/python3.10/site-packages (from spdx-license-builder==26.4.0) (2026.1.4)
Building wheels for collected packages: spdx-license-builder
  Building wheel for spdx-license-builder (pyproject.toml): started
  Building wheel for spdx-license-builder (pyproject.toml): finished with status 'done'
  Created wheel for spdx-license-builder: filename=spdx_license_builder-26.4.0-py3-none-any.whl size=70915 sha256=54aa7bd1e89d672f2f6940a3961a8b603cb118d76fbaf503e36d39f4c6818246
  Stored in directory: /tmp/pip-ephem-wheel-cache-skr43vsy/wheels/0f/26/d7/e51c8676ba92887a9d9b3ba3045560c75b6c7253cb0c8aac81
Successfully built spdx-license-builder
Installing collected packages: spdx-license-builder
Successfully installed spdx-license-builder-26.4.0
WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager, possibly rendering your system unusable. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv. Use the --root-user-action option if you know what you are doing and want to suppress this warning.
Project path(s): .
============================================================
============================================================
Project path(s): .
============================================================

Checking for project LICENSE file in: .
  Found 1 license(s) in LICENSE: Apache-2.0
Extracting SPDX copyright entries from source files...
  Scanning directory: /__w/cuvs/cuvs
  Scanned 8535 files
  Found 3042 copyright entries
  In 1914 unique files with third-party licenses

Cache Statistics:
  Hits: 33
  Misses: 8502
  Invalidated: 0
  Hit Rate: 0.4%
  Cached Files: 8500
Extracting LICENSE files from dependencies...
  Scanning project: /__w/cuvs/cuvs
  Found 34 license file(s)
  Found 34 total LICENSE files
  Found 23 unique LICENSE contents
============================================================
Machine-friendly JSON output written to: c/build/install/licenses.json
Fetching license Apache-2.0 from SPDX API...
Cached license Apache-2.0 to /__w/cuvs/cuvs/infrequent_licenses/Apache-2.0.txt
User-friendly text output written to: c/build/install/LICENSE

ci/build_standalone_c.sh

msarahan · 2026-01-23T15:50:25Z

/ok to test 91e8c19

robertmaynard · 2026-01-23T21:03:49Z

/merge

robertmaynard added the feature request New feature or request label Jan 7, 2026

github-project-automation bot added this to Vector Search, ML, & Data Mining Release Board Jan 7, 2026

robertmaynard added the non-breaking Introduces a non-breaking change label Jan 7, 2026

github-project-automation bot moved this to Todo in Vector Search, ML, & Data Mining Release Board Jan 7, 2026

robertmaynard force-pushed the fea/add_spdx_license_builder_to_ci_jobs branch from 6e69111 to c64c622 Compare January 7, 2026 19:03

robertmaynard force-pushed the fea/add_spdx_license_builder_to_ci_jobs branch from c64c622 to 77b4bd8 Compare January 7, 2026 20:10

robertmaynard force-pushed the fea/add_spdx_license_builder_to_ci_jobs branch from 77b4bd8 to 9484455 Compare January 7, 2026 20:11

robertmaynard marked this pull request as ready for review January 7, 2026 21:14

robertmaynard requested a review from a team as a code owner January 7, 2026 21:14

robertmaynard requested a review from msarahan January 7, 2026 21:14

robertmaynard mentioned this pull request Jan 7, 2026

Offer ability for custom_jobs to get license builder scripts rapidsai/shared-workflows#488

Merged

robertmaynard force-pushed the fea/add_spdx_license_builder_to_ci_jobs branch 2 times, most recently from a143845 to 4a0897b Compare January 8, 2026 17:28

msarahan reviewed Jan 8, 2026

View reviewed changes

ci/build_standalone_c.sh Outdated Show resolved Hide resolved

robertmaynard requested a review from msarahan January 14, 2026 13:43

robertmaynard changed the base branch from main to release/26.02 January 16, 2026 18:48

robertmaynard and others added 2 commits January 21, 2026 16:10

Enable collation of license files into pre-built binaries

69ad429

update license builder call

1642778

msarahan force-pushed the fea/add_spdx_license_builder_to_ci_jobs branch from 7606fc7 to 1642778 Compare January 21, 2026 22:10

msarahan mentioned this pull request Jan 22, 2026

Add missing common licenses to avoid SSL certificate errors rapidsai/spdx-license-builder#4

Merged

msarahan closed this Jan 22, 2026

github-project-automation bot moved this from Todo to Done in Vector Search, ML, & Data Mining Release Board Jan 22, 2026

msarahan reopened this Jan 22, 2026

msarahan approved these changes Jan 22, 2026

View reviewed changes

robertmaynard commented Jan 23, 2026

View reviewed changes

ci/build_standalone_c.sh Outdated Show resolved Hide resolved

msarahan reviewed Jan 23, 2026

View reviewed changes

ci/build_standalone_c.sh Outdated Show resolved Hide resolved

use rapids-pip-retry instead of raw pip

91e8c19

Enable collation of all license files into pre-built binaries #1679

Are you sure you want to change the base?

Enable collation of all license files into pre-built binaries #1679

Conversation

robertmaynard commented Jan 7, 2026

Uh oh!

copy-pr-bot bot commented Jan 7, 2026

Uh oh!

robertmaynard commented Jan 7, 2026

Uh oh!

robertmaynard commented Jan 7, 2026

Uh oh!

robertmaynard commented Jan 7, 2026

Uh oh!

robertmaynard commented Jan 7, 2026

Uh oh!

robertmaynard commented Jan 7, 2026

Uh oh!

Uh oh!

msarahan commented Jan 21, 2026

Uh oh!

copy-pr-bot bot commented Jan 21, 2026

Uh oh!

msarahan commented Jan 21, 2026

Uh oh!

copy-pr-bot bot commented Jan 21, 2026

Uh oh!

msarahan commented Jan 21, 2026

Uh oh!

msarahan commented Jan 22, 2026

Uh oh!

robertmaynard commented Jan 22, 2026

Uh oh!

msarahan commented Jan 22, 2026

Uh oh!

msarahan commented Jan 22, 2026

Uh oh!

msarahan commented Jan 22, 2026

Uh oh!

Uh oh!

Uh oh!

msarahan commented Jan 23, 2026

Uh oh!

robertmaynard commented Jan 23, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants