[TRTLLM-9208][infra] Document the process for C++ deps #9016
Conversation
This change simply adds a new markdown document 3rdparty/README.md that describes the process developers should follow when adding dependencies to the C++ build. The process described here attempts to strike a balance between: 1. A streamlined experience for developers adding new dependencies 2. Clear visibility for reviewers into the fact that new dependencies are being added, along with the ability to verify the compliance and security processes are followed. 3. Enabling future machine-automation of process elements that will consume information about third party dependencies. A separate change will convert existing third party dependencies to follow this documented process. Signed-off-by: Josh Bialkowski <[email protected]>
📝 WalkthroughWalkthroughA new comprehensive documentation file is added at Changes
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~5 minutes
Pre-merge checks and finishing touches✅ Passed checks (3 passed)
✨ Finishing touches
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 6
🧹 Nitpick comments (1)
3rdparty/README.md (1)
62-62: Minor wordiness improvements (optional)LanguageTool flagged several phrases that could be more concise. Consider these optional refinements for clarity:
- Line 62: "prior to" → "before"
- Line 118: "absolutely required" → "required"
- Line 131: "outside of CMake" → "outside CMake"
Also applies to: 118-118, 131-131
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
3rdparty/README.md(1 hunks)
🧰 Additional context used
🧠 Learnings (5)
📓 Common learnings
Learnt from: venkywonka
Repo: NVIDIA/TensorRT-LLM PR: 6029
File: .github/pull_request_template.md:45-53
Timestamp: 2025-08-27T17:50:13.264Z
Learning: For PR templates in TensorRT-LLM, avoid suggesting changes that would increase developer overhead, such as converting plain bullets to mandatory checkboxes. The team prefers guidance-style bullets that don't require explicit interaction to reduce friction in the PR creation process.
📚 Learning: 2025-09-09T18:31:44.336Z
Learnt from: venkywonka
Repo: NVIDIA/TensorRT-LLM PR: 7658
File: .github/CODEOWNERS:160-164
Timestamp: 2025-09-09T18:31:44.336Z
Learning: The teams NVIDIA/trt-llm-release-nim-branch-approval and NVIDIA/trt-llm-release-branch-approval exist in the NVIDIA organization and are valid for use in .github/CODEOWNERS files, even if they may not be accessible via external API queries due to permissions.
Applied to files:
3rdparty/README.md
📚 Learning: 2025-08-18T09:08:07.687Z
Learnt from: tongyuantongyu
Repo: NVIDIA/TensorRT-LLM PR: 6984
File: cpp/tensorrt_llm/CMakeLists.txt:297-299
Timestamp: 2025-08-18T09:08:07.687Z
Learning: In the TensorRT-LLM project, artifacts are manually copied rather than installed via `cmake --install`, so INSTALL_RPATH properties are not needed - only BUILD_RPATH affects the final artifacts.
Applied to files:
3rdparty/README.md
📚 Learning: 2025-08-01T15:14:45.673Z
Learnt from: yibinl-nvidia
Repo: NVIDIA/TensorRT-LLM PR: 6506
File: examples/models/core/mixtral/requirements.txt:3-3
Timestamp: 2025-08-01T15:14:45.673Z
Learning: In TensorRT-LLM, examples directory can have different dependency versions than the root requirements.txt file. Version conflicts between root and examples dependencies are acceptable because examples are designed to be standalone and self-contained.
Applied to files:
3rdparty/README.md
📚 Learning: 2025-09-16T09:30:09.716Z
Learnt from: tongyuantongyu
Repo: NVIDIA/TensorRT-LLM PR: 7763
File: cpp/tensorrt_llm/CMakeLists.txt:297-301
Timestamp: 2025-09-16T09:30:09.716Z
Learning: In the TensorRT-LLM project, NCCL libraries are loaded earlier by PyTorch libraries or the bindings library, so the main shared library doesn't need NCCL paths in its RPATH - the libraries will already be available in the process address space when needed.
Applied to files:
3rdparty/README.md
🪛 LanguageTool
3rdparty/README.md
[grammar] ~20-~20: Ensure spelling is correct
Context: ... the name of your package there. NOTE: nspect tooling will automatically detect the i...
(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)
[style] ~62-~62: ‘prior to’ might be wordy. Consider a shorter alternative.
Context: ...ring virtual environment initialization prior to configuring the build with cmake. Inclu...
(EN_WORDINESS_PREMIUM_PRIOR_TO)
[style] ~118-~118: ‘absolutely required’ might be wordy. Consider a shorter alternative.
Context: ...d below don't work and git-submodule is absolutely required, please add the submodule under the 3rd...
(EN_WORDINESS_PREMIUM_ABSOLUTELY_REQUIRED)
[style] ~131-~131: This phrase is redundant. Consider using “outside”.
Context: ...equiring an additional step managed outside of CMake. 2. The fetch, patch, and build...
(OUTSIDE_OF)
[style] ~175-~175: This phrase is redundant. Consider using “outside”.
Context: ...dd_library/find_file/find_path` outside of a find module the pckage. Please add i...
(OUTSIDE_OF)
🪛 markdownlint-cli2 (0.18.1)
3rdparty/README.md
72-72: Fenced code blocks should have a language specified
(MD040, fenced-code-language)
86-86: Link and image reference definitions should be needed
Unused link or image reference definition: "7"
(MD053, link-image-reference-definitions)
155-155: Fenced code blocks should have a language specified
(MD040, fenced-code-language)
205-205: Hard tabs
Column: 2
(MD010, no-hard-tabs)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
- GitHub Check: Pre-commit Check
| under [docker/common/][1] Find the location where the package manager is | ||
| invoked, and add the name of your package there. | ||
|
|
||
| NOTE: nspect tooling will automatically detect the installation of this |
There was a problem hiding this comment.
Fix typo: "nspect" → "inspect"
Line 20 has a spelling error that will confuse readers.
-NOTE: nspect tooling will automatically detect the installation of this
+NOTE: inspect tooling will automatically detect the installation of this📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| NOTE: nspect tooling will automatically detect the installation of this | |
| NOTE: inspect tooling will automatically detect the installation of this |
🧰 Tools
🪛 LanguageTool
[grammar] ~20-~20: Ensure spelling is correct
Context: ... the name of your package there. NOTE: nspect tooling will automatically detect the i...
(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)
🤖 Prompt for AI Agents
In 3rdparty/README.md around line 20, the word "nspect" is a typo; replace
"nspect" with "inspect" so the note reads "NOTE: inspect tooling will
automatically detect the installation of this" (ensure spacing and
capitalization match surrounding text).
| package and fetch sources using the source-fetching facilities of the OS | ||
| package manager. | ||
|
|
||
| [1]: https://gitlab-master.nvidia.com/ftp/tekit/-/tree/main/docker/common. |
There was a problem hiding this comment.
🧩 Analysis chain
Verify repository references point to correct locations
Multiple links reference gitlab-master.nvidia.com/ftp/tekit (lines 24, 38, 51, 65, 85, 180, 244), but these appear to be internal references or incorrect paths for the TensorRT-LLM repository. Verify that these URLs are correct and accessible, or update them to reference the actual repository locations (e.g., github.com/NVIDIA/TensorRT-LLM paths or appropriate gitlab.com locations).
Run the following verification to confirm the repository references are correct:
Also applies to: 38-38, 51-51, 65-65, 85-85, 180-180, 244-244
🏁 Script executed:
#!/bin/bash
# Extract and validate repository references from the markdown file
echo "=== Checking repository references ==="
# Extract gitlab-master references
rg 'gitlab-master\.nvidia\.com' 3rdparty/README.md -n
# Extract path references to verify they exist in the repository
echo -e "\n=== Verifying path existence in repository ==="
fd -t f docker/common 2>/dev/null && echo "✓ docker/common directory found" || echo "✗ docker/common not found"
fd -t f cpp/conandata.yml && echo "✓ cpp/conandata.yml found" || echo "✗ Not found"
fd -t f cpp/conanfile.py && echo "✓ cpp/conanfile.py found" || echo "✗ Not found"
fd -t f cpp/cmake/modules 2>/dev/null && echo "✓ cpp/cmake/modules directory found" || echo "✗ Not found"
fd -t f 3rdparty/CMakeLists.txt && echo "✓ 3rdparty/CMakeLists.txt found" || echo "✗ Not found"
fd -t f cpp/CMakeLists.txt && echo "✓ cpp/CMakeLists.txt found" || echo "✗ Not found"
fd -t f requirements-dev.txt && echo "✓ requirements-dev.txt found" || echo "✗ Not found"
fd -t f requirements-dev-windows.txt && echo "✓ requirements-dev-windows.txt found" || echo "✗ Not found"Length of output: 1176
🏁 Script executed:
#!/bin/bash
# Verify repository identity and git configuration
echo "=== Repository Identity ==="
head -20 README.md 2>/dev/null || echo "No README.md at root"
echo -e "\n=== Git Remote Origin ==="
git remote get-url origin 2>/dev/null || echo "Not a git repo or no origin"
echo -e "\n=== Check for docker/common path variations ==="
fd docker 2>/dev/null | head -20
fd common 2>/dev/null | grep -i docker | head -10
echo -e "\n=== Check for cpp/cmake/modules path variations ==="
fd cmake 2>/dev/null | grep -i modules | head -10
fd modules 2>/dev/null | head -10
echo -e "\n=== Contents of 3rdparty/README.md (first 100 lines) ==="
head -100 3rdparty/README.mdLength of output: 6122
Update repository references to public GitHub URLs instead of internal GitLab
This repository is the public GitHub project (https://github.com/NVIDIA/TensorRT-LLM.git), but the 3rdparty/README.md contains 14 references to an internal NVIDIA GitLab instance (gitlab-master.nvidia.com/ftp/tekit). External users and contributors cannot access these internal links. Update all references at lines 24, 38, 51, 65, 66, 85, 86, 180, 244, 245 to point to the correct GitHub repository paths instead.
For example:
https://gitlab-master.nvidia.com/ftp/tekit/-/tree/main/docker/common→https://github.com/NVIDIA/TensorRT-LLM/tree/main/docker/commonhttps://gitlab-master.nvidia.com/ftp/tekit/-/blob/main/cpp/conandata.yml→https://github.com/NVIDIA/TensorRT-LLM/blob/main/cpp/conandata.yml
🤖 Prompt for AI Agents
3rdparty/README.md around lines 24, 38, 51, 65, 66, 85, 86, 180, 244, 245:
replace all references to the internal GitLab host
"https://gitlab-master.nvidia.com/ftp/tekit/-/..." with the corresponding public
GitHub paths under "https://github.com/NVIDIA/TensorRT-LLM/..." (e.g., change
".../-/tree/main/docker/common" → ".../tree/main/docker/common" and
".../-/blob/main/..." → ".../blob/main/..."); perform a targeted search for the
internal gitlab-master.nvidia.com URLs, update each to the correct GitHub URL
preserving the path and fragment (tree/blob and subsequent path), and verify the
links resolve to the intended GitHub pages.
|
|
||
| `requirements-dev.txt`: | ||
|
|
||
| ``` |
There was a problem hiding this comment.
Add language specifiers to fenced code blocks
Markdown fenced code blocks should specify the language for proper syntax highlighting. Line 72 should specify yml and line 155 should specify cmake.
-```
+```yml
# my-package is needed by <feature> where it is used for <reason>
my-package==1.2.24
-```
+```
...
-```
+```cmake
git submodule add https://github.com/some-organization/some-project.git 3rdparty/some-project
-```
+```Also applies to: 155-155
🧰 Tools
🪛 markdownlint-cli2 (0.18.1)
72-72: Fenced code blocks should have a language specified
(MD040, fenced-code-language)
🤖 Prompt for AI Agents
In 3rdparty/README.md around lines 72 and 155, the fenced code blocks lack
language specifiers; update the opening fence at line 72 to use ```yml and the
opening fence at line 155 to use ```cmake so the YAML and CMake blocks get
proper syntax highlighting, leaving the block contents and closing fences
unchanged.
| For any packages which do not have provided find modules (either built-in, or | ||
| available from conan), please implement one in [cpp/cmake/modules][11]. Please | ||
| do not add "direct" invocations of `find_library` / `add_library` / `find_file` | ||
| / `find_path` outside of a find module the pckage. |
There was a problem hiding this comment.
Fix typo: "pckage" → "package"
Line 175 has a spelling error that will confuse readers.
-/ `find_path` outside of a find module the pckage.
+/ `find_path` outside of a find module the package.📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| / `find_path` outside of a find module the pckage. | |
| / `find_path` outside of a find module the package. |
🧰 Tools
🪛 LanguageTool
[style] ~175-~175: This phrase is redundant. Consider using “outside”.
Context: ...dd_library/find_file/find_path` outside of a find module the pckage. Please add i...
(OUTSIDE_OF)
🤖 Prompt for AI Agents
In 3rdparty/README.md around line 175, there's a spelling mistake: "pckage"
should be corrected to "package"; update that word in the sentence (and re-run a
quick read to ensure the sentence still reads correctly after the fix).
| PROPERTIES | ||
| INTERFACE_INCLUDE_DIRECTORIES ${NIXL_INCLUDE_DIR} | ||
| IMPORTED_LOCATION ${NIXL_LIBRARY} | ||
| ${NIXL_BUILD_LIBRARY} |
There was a problem hiding this comment.
Replace hard tabs with spaces
Line 205 in the code example uses hard tabs instead of spaces. Convert to spaces for consistency.
🧰 Tools
🪛 markdownlint-cli2 (0.18.1)
205-205: Hard tabs
Column: 2
(MD010, no-hard-tabs)
🤖 Prompt for AI Agents
In 3rdparty/README.md around line 205, the code example contains a hard tab
character before "${NIXL_BUILD_LIBRARY}"; replace the hard tab with the
repository's standard number of spaces (e.g., 2 or 4 spaces) so the line uses
spaces for indentation consistently with surrounding lines.
|
|
||
|
|
||
| [19]: https://jirasw.nvidia.com/browse/TRTLLM-8383 | ||
| [20]: mailto://[email protected] |
There was a problem hiding this comment.
🧩 Analysis chain
Update placeholder email address
Line 341 contains a placeholder email address with "tbd-not-yet-created" that needs to be replaced with the actual Security Team contact.
Update this line with the correct security team email address before merging.
🏁 Script executed:
#!/bin/bash
# Examine the file at the specified line with context
echo "=== Content around line 341 ==="
sed -n '335,350p' 3rdparty/README.md
echo -e "\n=== Full line 341 ==="
sed -n '341p' 3rdparty/README.md
echo -e "\n=== Searching for 'tbd' or 'placeholder' patterns in file ==="
grep -n -i "tbd\|placeholder" 3rdparty/README.md || echo "No matches found"
echo -e "\n=== Searching for security team references ==="
grep -n -i "security.*team\|security.*contact" 3rdparty/README.md || echo "No matches found"
echo -e "\n=== Searching entire codebase for similar placeholder email patterns ==="
rg -n "tbd-not-yet-created" --type=md --type=txt || echo "No matches found"Length of output: 966
🏁 Script executed:
#!/bin/bash
# Search for any legitimate security contact email patterns in the codebase
echo "=== Searching for other security email patterns ==="
rg -n "@nvidia\.com" 3rdparty/README.md || echo "No other @nvidia.com emails found"
echo -e "\n=== Checking full README.md for any actual security contact ==="
grep -n -i "security\|contact\|email" 3rdparty/README.md | head -20
echo -e "\n=== Checking if there are any related files with security contacts ==="
fd -e md -e txt | xargs grep -l "security.*@\|contact.*@" 2>/dev/null | head -10 || echo "No related files found"Length of output: 876
Replace placeholder email with actual Security Team contact
Line 341 contains an active placeholder email address mailto://[email protected] that is referenced in the security review workflow (lines 328-334). The "tbd-not-yet-created" marker confirms this requires replacement with the actual Security Team email before merge.
🤖 Prompt for AI Agents
In 3rdparty/README.md at line 341, replace the placeholder email
"mailto://[email protected]" with the actual
Security Team contact email used by our security review workflow (and correct
the URI to a proper mailto: scheme if needed); ensure the updated address is
accurate and consistent with the references in the security workflow (lines
328-334).
1 participant
Description
This change simply adds a new markdown document 3rdparty/README.md that describes the process developers should follow when adding dependencies to the C++ build.
The process described here attempts to strike a balance between:
A separate change will convert existing third party dependencies to follow this documented process.
Summary by CodeRabbit
Test Coverage
This changes simply adds a new markdown file and there is no relevant testing to be done.
PR Checklist
Please review the following before submitting your PR:
PR description clearly explains what and why. If using CodeRabbit's summary, please make sure it makes sense.
PR Follows TRT-LLM CODING GUIDELINES to the best of your knowledge.
Test cases are provided for new code paths (see test instructions)
Any new dependencies have been scanned for license and vulnerabilities
CODEOWNERS updated if ownership changes
Documentation updated as needed
Update tava architecture diagram if there is a significant design change in PR.
The reviewers assigned automatically/manually are appropriate for the PR.
Please check this after reviewing the above items as appropriate for this PR.
GitHub Bot Help
/bot [-h] ['run', 'kill', 'skip', 'reuse-pipeline'] ...Provide a user friendly way for developers to interact with a Jenkins server.
Run
/bot [-h|--help]to print this help message.See details below for each supported subcommand.
run [--reuse-test (optional)pipeline-id --disable-fail-fast --skip-test --stage-list "A10-PyTorch-1, xxx" --gpu-type "A30, H100_PCIe" --test-backend "pytorch, cpp" --add-multi-gpu-test --only-multi-gpu-test --disable-multi-gpu-test --post-merge --extra-stage "H100_PCIe-TensorRT-Post-Merge-1, xxx" --detailed-log --debug(experimental)]Launch build/test pipelines. All previously running jobs will be killed.
--reuse-test (optional)pipeline-id(OPTIONAL) : Allow the new pipeline to reuse build artifacts and skip successful test stages from a specified pipeline or the last pipeline if no pipeline-id is indicated. If the Git commit ID has changed, this option will be always ignored. The DEFAULT behavior of the bot is to reuse build artifacts and successful test results from the last pipeline.--disable-reuse-test(OPTIONAL) : Explicitly prevent the pipeline from reusing build artifacts and skipping successful test stages from a previous pipeline. Ensure that all builds and tests are run regardless of previous successes.--disable-fail-fast(OPTIONAL) : Disable fail fast on build/tests/infra failures.--skip-test(OPTIONAL) : Skip all test stages, but still run build stages, package stages and sanity check stages. Note: Does NOT update GitHub check status.--stage-list "A10-PyTorch-1, xxx"(OPTIONAL) : Only run the specified test stages. Examples: "A10-PyTorch-1, xxx". Note: Does NOT update GitHub check status.--gpu-type "A30, H100_PCIe"(OPTIONAL) : Only run the test stages on the specified GPU types. Examples: "A30, H100_PCIe". Note: Does NOT update GitHub check status.--test-backend "pytorch, cpp"(OPTIONAL) : Skip test stages which don't match the specified backends. Only support [pytorch, cpp, tensorrt, triton]. Examples: "pytorch, cpp" (does not run test stages with tensorrt or triton backend). Note: Does NOT update GitHub pipeline status.--only-multi-gpu-test(OPTIONAL) : Only run the multi-GPU tests. Note: Does NOT update GitHub check status.--disable-multi-gpu-test(OPTIONAL) : Disable the multi-GPU tests. Note: Does NOT update GitHub check status.--add-multi-gpu-test(OPTIONAL) : Force run the multi-GPU tests in addition to running L0 pre-merge pipeline.--post-merge(OPTIONAL) : Run the L0 post-merge pipeline instead of the ordinary L0 pre-merge pipeline.--extra-stage "H100_PCIe-TensorRT-Post-Merge-1, xxx"(OPTIONAL) : Run the ordinary L0 pre-merge pipeline and specified test stages. Examples: --extra-stage "H100_PCIe-TensorRT-Post-Merge-1, xxx".--detailed-log(OPTIONAL) : Enable flushing out all logs to the Jenkins console. This will significantly increase the log volume and may slow down the job.--debug(OPTIONAL) : Experimental feature. Enable access to the CI container for debugging purpose. Note: Specify exactly one stage in thestage-listparameter to access the appropriate container environment. Note: Does NOT update GitHub check status.For guidance on mapping tests to stage names, see
docs/source/reference/ci-overview.mdand the
scripts/test_to_stage_mapping.pyhelper.kill
killKill all running builds associated with pull request.
skip
skip --comment COMMENTSkip testing for latest commit on pull request.
--comment "Reason for skipping build/test"is required. IMPORTANT NOTE: This is dangerous since lack of user care and validation can cause top of tree to break.reuse-pipeline
reuse-pipelineReuse a previous pipeline to validate current commit. This action will also kill all currently running builds associated with the pull request. IMPORTANT NOTE: This is dangerous since lack of user care and validation can cause top of tree to break.