Updates to slurm launcher

[raviguptaamd]

Summary

Adds a slurm_multi deployment launcher for self-managed multi-node disaggregated workloads (vLLM-disagg, SGLang-disagg, large-EP, kvcache-transfer) and the orchestration / build / run / CLI hooks that drive it from madengine's manifest pipeline. Companion model cards and submit scripts that exercise this launcher live in ROCm/MAD-private PR #186.

Scope (75 files vs develop)

This PR is now focused strictly on slurm_multi and its supporting refactor. The Kubernetes deployment work originally bundled here has been moved to #118 (independent PR against develop) and will rebase after this PR lands.

Layer	Highlights
Deployment	deployment/{slurm.py, slurm_node_selector.py, base.py, common.py, config_loader.py, factory.py}, templates/slurm/job.sh.j2
Orchestration / Build / Run	orchestration/{build_orchestrator, run_orchestrator, image_filtering}.py — manifest-driven --build-on-compute / --use-image, deep-merged deployment_config, registry validation
Execution	execution/{container_runner, container_runner_helpers, docker_builder}.py
CLI	cli/{app, commands/run, commands/build, constants, utils, validators}.py
Core / Utils / Reporting / DB / Scripts	shared infra used by the new path: core/, utils/, reporting/, database/mongodb.py, scripts/common/
Examples / Docs / Tests	examples/slurm-configs/**, docs/launchers.md, docs/deployment.md, docs/configuration.md, tests/{unit,integration,e2e,fixtures}/**

Net diff: +2,877 / -2,179 across 75 files (down from +3,014 / -2,624 across 87 files at the squash-rebase head, after Round-2 / Round-3 / Round-4 review fixes restored 12 files to origin/develop byte-for-byte and tightened 4 more in-scope code paths).

Commit shape

Logical commits on top of develop:

1. deployment: add slurm_multi launcher, node selector, SBATCH template (8815e24) — SLURM deployment core; absorbs the slurm-side Copilot Round-1 review fixes.
2. orchestration/execution/cli: wire slurm_multi end-to-end (6f2e11b) — manifest deep-merge, registry guard, per-registry auth hints, prebuilt-image multi-model fix, subprocess shell trust comment, and the rest of the orchestration/CLI plumbing.
3. examples/docs/tests: slurm_multi configs, README, and test coverage (50e8895) — operator-facing docs, examples renamed sglang-disagg-* → slurm-multi-* (one launcher drives multiple flows), and test additions.
4. PR #86 follow-up: ErrorContext kwargs, model-card image fallback, perf.csv collection (5ec55ff) — fixes surfaced during the live SGLang-disagg smoke run (job 22607 / 22615 on Distributed_Inference_CI).
5. slurm: namespace completion marker by SLURM_JOB_ID (710b51a) — second-run safety: per-deploy completion marker now job-id namespaced.
6. Revert out-of-scope changes flagged by Copilot Round-2 review (9109f52) — 11 files reverted to origin/develop byte-for-byte; surgical reverts in cli/utils.py and execution/docker_builder.py keep the slurm_multi-relevant bits (registry_image → DOCKER_IMAGE_NAME propagation for parallel pull, build_gpu_arch_display helper, Workload column rename).
7. Address Copilot Round-2 slurm_multi-related findings (63a2eae) — 6 real fixes: module-level recursive _deep_merge used on the manifest path; manifest.context.docker_env_vars restored into runtime context; RunOrchestrator._load_credentials delegated to madengine.core.auth.load_credentials (object-validates credential.json); configure_multi_node_profiling only filters rocprof when rocprofv3 is missing (keeps rccl_trace/rocblas_trace); perf-line regex widened (scientific notation + arbitrary metric tokens); "megatron" and "primus" added to VALID_LAUNCHERS.
8. docs: fix broken Next-Steps links and example paths (0156d33) — distributed-launchers.md → launchers.md; user-guide.md → usage.md; how-to-quick-start.md → cli-reference.md; dropped K8s slurm-multi-*.json paths that don't exist.
9. Address Copilot Round-3 small findings (2200cbd) — examples/profiling-configs/README.md multinode → multi_node; drop unused import pytest from tests/unit/test_reporting.py; revert tests/unit/test_rocm_path.py to origin/develop (matches the Context revert in 9109f52).
10. build_orchestrator: lowercase --build-on-compute local image name (ae1996c) — surfaced live during --build-on-compute --registry docker.io/rocm/pytorch-private --tags pyt_kvcache_transfer_bench: Path(dockerfile_path).name for scripts/.../Dockerfile (no .ubuntu.amd.Dockerfile suffix to strip) yielded Dockerfile, producing ci-..._Dockerfile and docker build -t rejection. .lower() the assembled local image name; verified end-to-end (Slurm 22936, image pushed to docker.io/rocm/pytorch-private:pyt_kvcache_transfer_bench).
11. build_orchestrator: normalize and validate --registry shape (auto-prepend docker.io/) (98f1ac5) — surfaced live with --registry rocm/pytorch-private: registry.split("/")[0] was treated as the docker login host (docker login rocm -> DNS NXDOMAIN). _execute_build_on_compute now normalizes shorthand <ns>/<repo> to docker.io/<ns>/<repo> with a transparent [dim]auto-prefixing 'docker.io/'[/dim] notice, and rejects malformed input (whitespace, @, empty after trim) up front with usage hints for Dockerhub / GHCR / Quay / NGC / self-hosted / localhost. Verified end-to-end across all four input shapes (sbatch 22954/22956 succeeded, @bad/foo rejected without sbatch).
12. Address Copilot Round-4 findings: 5 P0 + 3 hardening (3fc7587) — 8 fixes covering all in-scope Round-4 items (the other 14 R4 findings are pre-existing flake8/style nits in origin/develop-identical files unchanged by this PR):
    • run_orchestrator.py: drop now-unused Context(rocm_path=...) kwarg from _init_runtime_context (line 138) and _create_manifest_from_local_image (line 456) call sites; drop from madengine.core.constants import get_rocm_path and unused handle_error imports. Latent TypeError on madengine run against local target after the Cat B core/context.py revert.
    • container_runner.py: widen perf_pattern to mirror the deployment/base.py:_parse_node_log_for_perf regex (R2-Distributed solution - new madengine CLI #11) so tokens/sec, tok/s, samples_per_second, 1.23E+4 no longer get silently dropped.
    • container_runner.py: login_to_registry delegates to madengine.core.auth.login_to_registry instead of f"echo '{password}' | docker login ..." inline (password no longer in ps//proc-visible argv even with --password-stdin); same delegation DockerBuilder.login_to_registry already uses.
    • container_runner.py: get_env_arg no longer prints assembled --env KEY='value' to stdout (HF tokens, registry passwords, MAD_SECRETS_* etc. could leak); print only the count.
    • container_runner.py: self-managed launcher (_run_self_managed) now shlex.quotes script_path and shlex.split + per-arg shlex.quotes model_args, so embedded shell metacharacters ($(), backticks, ;, ...) become literal arguments to the script rather than host-shell directives.
    • docs/deployment.md: second occurrence of [Distributed Launchers Guide](distributed-launchers.md) (line 145) → (launchers.md) (the 0156d33 commit fixed only line 543).

Copilot review status

All four rounds resolved or replied-to inline:

• Round 1 (9 comments) — addressed in d32b06b/5ec55ff; replies posted under each thread.
• Round 2 (24 comments) — fully addressed across 9109f52 / 63a2eae / 0156d33 and replied-to inline:
  • slurm.py: drop duplicate Optional import; honour slurm_config.exclusive.
  • slurm_node_selector.py: cleanup_node merged srun; preserves --job-name and --reservation.
  • build_orchestrator.py: built_models keyed by model_name; warn on divergent configs; early registry None guard; per-registry auth hints.
  • run_orchestrator.py: real recursive _deep_merge for deployment_config ↔ additional_context; manifest's context.docker_env_vars restored; _load_credentials delegates to central auth helper.
  • container_runner.py: documented shell=True trust boundary on inner subprocess.run.
  • deployment/common.py: rocprofv3-fallback only filters rocprof; VALID_LAUNCHERS covers "megatron"/"primus".
  • deployment/base.py: perf-line regex accepts scientific notation + arbitrary metric tokens.
  • 15 outside-scope changes (core/{context,docker,dataprovider,timeout}.py, cli/app.py, utils/{rocm_tool_manager,discover_models,config_parser}.py, orchestration/image_filtering.py, reporting/update_perf_csv.py, README.md) reverted to origin/develop.
  • 3 broken doc links / example paths fixed (docs/{installation,deployment,launchers}.md).
• Round 3 (13 comments) — 4 fixed in 2200cbd, 7 stale-snapshot replies (already addressed in earlier rounds), 2 deferred to follow-up issues (pre-existing concerns in origin/develop: container_runner.get_env_arg env-arg shell-escape hardening; Console.sh/subprocess.run(timeout=…) translation of 0 → None).
• Round 4 (24 comments) — 8 fixed in 3fc7587 (5 P0 + 3 hardening, see commit 12 above), 14 are pre-existing flake8/style nits in files byte-identical to origin/develop (utils/{ops,log_formatting}.py, scripts/common/{tools,pre_scripts}/**, tests/fixtures/utils.py, tests/integration/test_gpu_management.py, tests/unit/test_reporting_superset.py, core/errors.py, database/mongodb.py, deployment/base.py:645) — not introduced by this PR; deferred to a separate cleanup PR.

Sequencing

1. Updates to slurm launcher #86 (this PR) → develop.
2. Kubernetes deployment (split from PR #86) #118 (Kubernetes) rebases onto develop and merges.
3. After both land, follow-up cherry-picks the combined work into main per repo policy.

Test plan

• Import-only smoke check: DeploymentFactory.available_deployments() returns slurm (and k8s/kubernetes from develop's unchanged code, which this PR does not touch).
• normalize_launcher round-trip for slurm_multi/slurm-multi/megatron/primus/vllm/sglang.
• _deep_merge nested-leaf preservation (verified: an override touching slurm.node_selector.reservation keeps a sibling slurm.node_selector.partition from the manifest).
• Context() rejects rocm_path= kwarg post-Cat-B-revert (verified via inspect.signature).
• --registry normalization across all input shapes (rocm/pytorch-private, rocmshared, docker.io/rocm/pytorch-private, ghcr.io/myorg/myrepo, localhost:5000/myrepo, 192.168.1.10:5000/myrepo, registry.example.com:5000/myrepo, @bad/foo rejected, empty rejected).
• End-to-end SGLang-disagg DSV3 1Px8/1Dx8 (24 GPUs / 3 nodes) on Distributed_Inference_CI (jobs 22607/22615): 5,977 tok/s (Llama-3.1-8B-Instruct). perf.csv written to /shared_inference/<user>/<jobid>/perf.csv and discovered by _collect_slurm_multi_results.
• End-to-end SGLang-disagg Llama-3.3-70b-fp8 (24 GPUs / 3 nodes) via --build-on-compute --registry docker.io/rocm/pytorch-private: 1,878 tok/s @ CON=8, 3,644 tok/s @ CON=16 (ISL/OSL=1024/1024). Image pushed to docker.io/rocm/pytorch-private:pyt_sglang_disagg_llama-3.3-70b-fp8.
• End-to-end pyt_large_ep_benchmark_2n (16 GPUs / 2 nodes) via --build-on-compute --registry: 28 perf rows (DeepEP / MoRI EP dispatch + combine across FP8/BF16 RDMA/NVL).
• End-to-end pyt_kvcache_transfer_bench (16 GPUs / 2 nodes): 57 perf rows (mooncake + MORI + RIXL backends, 4KB → 1GB sweep).
• Re-smoke after Round-4 fixes: pyt_large_ep_benchmark_2n on [008,024] via slurm_multi, 8 min, 28 ✅ Success rows. Confirms the Round-4 changes didn't regress the run path.
• CI on the rebased branch.
• Optional vLLM-MoRI end-to-end (pyt_vllm_disagg_llama3.1-8b / pyt_vllm_disagg_deepseek-v3_short) once the image-side NIXL_ERR_BACKEND (orthogonal to this PR; observed on rocm/pytorch-private:20260407_itej89_vllm_mori_docker) is resolved.

[Copilot]

Pull request overview

This PR updates Madengine’s SLURM (and related) workflows to better support disaggregated / self-managed multi-node inference by introducing a slurm_multi launcher path, plus new build options for using pre-built images or building on compute nodes.

Changes:

• Add --use-image and --build-on-compute build workflows and propagate the resulting image name into manifests/env for multi-node pulls.
• Add slurm_multi launcher handling across SLURM/K8s deployments, including self-managed (host-executed) script paths and SLURM reservation support.
• Improve manifest/runtime config merging behavior for dict-valued deployment keys.

Reviewed changes

Copilot reviewed 22 out of 22 changed files in this pull request and generated 9 comments.

Show a summary per file

File	Description
src/madengine/orchestration/run_orchestrator.py	Shallow-merges dict-valued deployment config keys into runtime additional context.
src/madengine/orchestration/build_orchestrator.py	Implements --use-image and --build-on-compute build flows and writes manifests accordingly.
src/madengine/execution/docker_builder.py	Writes DOCKER_IMAGE_NAME into built_models.env_vars when a registry image exists (supports parallel pulls).
src/madengine/execution/container_runner.py	Adds “self-managed” launcher path that runs scripts directly on host instead of Madengine-managed Docker.
src/madengine/deployment/slurm_node_selector.py	Adds reservation support for srun health checks / cleanup.
src/madengine/deployment/slurm.py	Adds slurm_multi wrapper script generation, reservation support, and existing-allocation detection (salloc).
src/madengine/deployment/kubernetes.py	Treats slurm_multi as a disaggregated launcher option in K8s template context and adds launcher command generators.
src/madengine/deployment/common.py	Updates valid launcher list and normalizes slurm-multi → slurm_multi.
src/madengine/deployment/base.py	Adds skip_monitoring flag to support synchronous deploy flows (e.g., within salloc).
src/madengine/cli/validators.py	Extends validator signature to accept use_image (currently unused).
src/madengine/cli/utils.py	Adjusts display/extraction formatting (e.g., model name truncation and column header rename).
src/madengine/cli/commands/build.py	Adds CLI flags --use-image / --build-on-compute and enforces mutual exclusivity/requirements.
examples/slurm-configs/minimal/slurm-multi-minimal.json	Updates launcher value to slurm_multi.
examples/slurm-configs/basic/slurm-multi-multi-node.json	Updates launcher value to slurm_multi.
examples/slurm-configs/basic/slurm-multi-custom-split.json	Updates launcher value to slurm_multi.
examples/k8s-configs/minimal/slurm-multi-minimal.json	Updates launcher value to slurm_multi.
examples/k8s-configs/basic/slurm-multi-multi-node-basic.json	Updates launcher value to slurm_multi.
examples/k8s-configs/basic/slurm-multi-custom-split.json	Updates launcher value to slurm_multi.
docs/usage.md	Documents --use-image, --build-on-compute, and slurm_multi usage.
docs/launchers.md	Renames launcher references and documents slurm_multi registry requirement.
docs/deployment.md	Documents allocation detection and self-managed slurm_multi execution model.
docs/cli-reference.md	Adds CLI reference entries and usage examples for new build options and slurm_multi.

Comments suppressed due to low confidence (1)

src/madengine/cli/validators.py:307

• validate_additional_context() now accepts use_image, and the docstring says it “skips required field validation”, but the parameter is not used and validation runs unconditionally via finalize_additional_context_dict(context). Either remove the unused parameter (and update callers), or implement the intended conditional validation behavior.

def validate_additional_context(
    additional_context: str,
    additional_context_file: Optional[str] = None,
    use_image: Optional[str] = None,
) -> Dict[str, Any]:
    """
    Validate and parse additional context.

    Args:
        additional_context: JSON string containing additional context
        additional_context_file: Optional file containing additional context
        use_image: Optional pre-built image to use (skips required field validation)

    Returns:
        Dict containing parsed additional context

    Raises:
        typer.Exit: If validation fails
    """
    context, _ = merge_additional_context_from_sources(
        additional_context, additional_context_file
    )
    finalize_additional_context_dict(context)
    return context

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

_execute_with_prebuilt_image() populates deployment_config.distributed and deployment_config.slurm from models[0] only. If the tag selection yields multiple models with differing distributed/slurm settings, the manifest will silently contain config for just the first model. Either validate that only one model is allowed in this mode, or merge per-model configs in a deterministic way (and/or store them per built_model entry).

[raviguptaamd]

Addressed in d32b06b.

We still let models[0] populate the manifest's deployment_config.distributed and deployment_config.slurm (they need a single value), but the prebuilt-image flow now warns when discovered models have divergent distributed / slurm configs so operators are not silently surprised.

[Copilot]

_execute_build_on_compute() treats registry as required (calls registry.lower(), registry.replace(...), etc.) but the function signature allows registry: Optional[str] = None and there’s no guard. If this path is invoked programmatically (or via a code path that bypasses the CLI validation), it will raise an AttributeError rather than a user-facing ConfigurationError. Add an explicit if not registry: raise ConfigurationError(...) near the top of this method.

[raviguptaamd]

Addressed in d32b06b.

_execute_build_on_compute now raises a ConfigurationError early when registry is None — with the suggestion to pass --registry or set it in the model card / additional-context — instead of falling into registry.lower() / .replace() / .split() with NoneType.

[Copilot]

subprocess.run(..., shell=True) is used with a command string that includes model_args (which can come from manifests / user input). This allows shell metacharacters in args to be interpreted by the shell (command injection). Build the argv list explicitly (e.g., ["bash", script_path, *shlex.split(model_args)] / ["python3", ...]) and run with shell=False.

[raviguptaamd]

Addressed in d32b06b.

shell=True is deliberate here because cmd embeds shell features (pipes, redirects, env-var substitution) constructed earlier in this method. Added an inline trust-boundary comment that documents:

1. cmd is built from validated model card / manifest fields,
2. user model_args are routed through shlex-quoted assembly in the caller,
3. raw user input must NOT be concatenated directly into cmd,

and tagged the line with # noqa: S602 so future linters don't flag the intentional usage.

[Copilot]

The slurm_multi wrapper script always adds #SBATCH --exclusive regardless of the user’s slurm.exclusive setting. In the standard SLURM template, exclusivity is conditional (job.sh.j2:20-22). Consider respecting self.slurm_config.get("exclusive", True) here as well to avoid changing behavior for users who explicitly disable exclusivity.

Suggested change

	"#SBATCH --exclusive",
	]
	]
	if self.slurm_config.get("exclusive", True):
	script_lines.append("#SBATCH --exclusive")

[raviguptaamd]

Addressed in d32b06b.

The slurm_multi wrapper now appends #SBATCH --exclusive only when self.slurm_config.get('exclusive', True) is truthy, matching the conditional pattern already used for the standard SLURM template (job.sh.j2:20-22). Default behaviour stays exclusive so existing runs are unchanged.

[Copilot]

There is a duplicate import of Optional (from typing import Any, Dict, List, Optional and again from typing import Optional). Drop the second import to avoid redundancy.

Suggested change

from typing import Optional

[raviguptaamd]

Addressed in d32b06b.

Dropped the redundant from typing import Optional on line 27; Optional is still imported via the existing from typing import Any, Dict, List, Optional at line 17.

[Copilot]

In pre-built image mode, the for model in models: loop always writes to manifest["built_models"][use_image], so each iteration overwrites the previous one. If multiple models are discovered for the selected tags, only the last model will be present in built_models even though summary.successful_builds lists all of them. Use a per-model unique key in built_models (and keep it consistent with built_images lookups), while setting docker_image to the shared use_image value.

[raviguptaamd]

Addressed in d32b06b.

The loop now keys manifest['built_models'] by model_name instead of use_image, so multiple models that share the same pre-built image are all preserved in the manifest and the downstream consumers can iterate over them.

[Copilot]

The registry auth/error messaging here is Docker Hub–specific (MAD_DOCKERHUB_USER/PASSWORD, PAT guidance) but the logic also classifies ghcr.io, gcr.io, quay.io, nvcr.io as registries that “require credentials”. This will produce misleading guidance for non-DockerHub registries (and may block valid flows where different credentials are required). Consider either limiting this branch to Docker Hub only, or generalizing the env var names / suggestions based on registry_host.

[raviguptaamd]

Addressed in d32b06b.

The missing-credentials error now selects per-registry suggestions:

• docker.io — Docker Hub PAT / MAD_DOCKERHUB_*
• ghcr.io — GitHub PAT with read:packages / write:packages
• gcr.io — service-account JSON key as password (MAD_DOCKERHUB_USER=_json_key)
• quay.io — robot account / encrypted password
• nvcr.io — $oauthtoken username + NGC API key

Falls back to the Docker Hub guidance for unknown registries. The credential env vars themselves are still the existing MAD_DOCKERHUB_USER / MAD_DOCKERHUB_PASSWORD to keep this change a docs-only refinement of the error path; introducing a generic MAD_REGISTRY_USER/PASSWORD pair is left for a follow-up.

[Copilot]

cleanup_node() builds srun_cmd (including job_name) before the try:, but then immediately reassigns srun_cmd inside the try: block. The reassignment drops the job_name argument and duplicates logic, making the first construction dead code and preventing health-check job cleanup from working as intended. Remove the duplicate reassignment and append both --job-name (when provided) and --reservation consistently.

Suggested change

	srun_cmd.extend(["bash", "-c", cleanup_script])
	try:
	srun_cmd = [
	"srun",
	f"--nodelist={node}",
	"--ntasks=1",
	"--time=00:01:00",
	"--overlap",
	"--quiet",
	]
	if self.reservation:
	srun_cmd.append(f"--reservation={self.reservation}")
	srun_cmd.extend(["bash", "-c", cleanup_script])
	if self.reservation:
	srun_cmd.append(f"--reservation={self.reservation}")
	srun_cmd.extend(["bash", "-c", cleanup_script])
	try:

[raviguptaamd]

Addressed in d32b06b.

The pre-try: and in-try: builds of srun_cmd are merged into a single construction that conditionally appends both --job-name=<name> (when job_name is given) and --reservation=<res> (when self.reservation is set). The second reassignment that dropped --job-name is gone.

[Copilot]

The comment says “deep-merge” but the implementation here is a one-level dict merge (merged = dict(...); merged.update(...)). Nested dictionaries under these keys will still be overwritten rather than recursively merged. Either adjust the comment to describe a shallow merge, or implement an actual recursive deep merge for nested structures.

[raviguptaamd]

Addressed in d32b06b.

Replaced the shallow merged.update(...) with a real recursive _deep_merge(base, override) helper. Nested dicts under slurm / k8s / kubernetes / distributed / vllm / env_vars / debug are now merged per-leaf; runtime --additional-context still wins on conflicts, while manifest values fill in nested gaps as the comment claims.

[Copilot]

Copilot wasn't able to review this pull request because it exceeds the maximum number of files (300). Try reducing the number of changed files and requesting a review from Copilot again.

[Copilot]

Copilot wasn't able to review this pull request because it exceeds the maximum number of lines (20,000). Try reducing the number of changed lines and requesting a review from Copilot again.

[raviguptaamd]

Kubernetes deployment work split out into #118 to keep this PR focused on slurm_multi and related changes (per reviewer ask). #118 targets develop and will rebase / sequence after this PR lands.

[Copilot]

Pull request overview

Copilot reviewed 86 out of 87 changed files in this pull request and generated 24 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[raviguptaamd]

Addressed in 63a2eae.

configure_multi_node_profiling now only filters out the rocprof tool when rocprofv3 is missing on a multi-node run. rccl_trace, rocblas_trace, and other non-rocprof tools keep running and per_node_collection stays enabled for them. The returned config switches to a new mode multi_node_no_rocprofv3 so callers can distinguish this mixed state from full multi_node.

[raviguptaamd]

Addressed in 63a2eae.

Promoted _deep_merge to a module-level helper and used it in _load_and_merge_manifest (which still did dict(stored_config[key]); merged.update(...)). Verified locally: an override touching slurm.node_selector.reservation now preserves a sibling slurm.node_selector.partition from the manifest instead of wholesale-replacing the inner object. Same helper is now used in both the runtime-context init path and the manifest-merge path.

[raviguptaamd]

Addressed in 63a2eae.

RunOrchestrator._load_credentials now delegates to madengine.core.auth.load_credentials. The central helper enforces "credential.json must contain a JSON object" validation up front (raises ValueError if the file is an array/string), so malformed credential files are rejected with a clear message instead of producing a cryptic subscript/attribute error later during registry auth.

[raviguptaamd]

Addressed in 9109f52 — file reverted to origin/develop.

core/context.py no longer forces the host ROCm root into the container env. The PR now uses upstream's madengine.utils.rocm_path_resolver.resolve_host_rocm_path for host detection and the docker_env_vars.MAD_ROCM_PATH flow (with image-baked-in env, in-container probe, then /opt/rocm fallback) for in-container resolution. Out-of-scope behaviour change for slurm_multi; reverted to keep this PR focused.

[raviguptaamd]

Addressed in 9109f52.

Restored the build_gpu_arch_display(item) helper (prefers gpu_architecture then architecture, defaults to "N/A") and switched both BUILD callsites (success + failed) back to it, so multi-arch builds again show the correct gpu_architecture column instead of N/A. Kept the model-name no-truncation change and the "Workload" column rename (those weren't flagged).

[raviguptaamd]

Addressed across two commits.

• 9109f52 — README.md reverted to origin/develop, so the Distributed Launchers bullet, the Architecture diagram, and the Components section all mention Primus alongside torchrun / DeepSpeed / Megatron-LM / TorchTitan / vLLM / SGLang again. The ROCm-path bullet and the RTL profiling-tools link are also restored.
• 63a2eae — added "primus" (and "megatron") to VALID_LAUNCHERS in deployment/common.py, so normalize_launcher no longer silently downgrades "primus" configs to "docker".

The README is now consistent with what the code actually accepts.

[raviguptaamd]

Addressed in 9109f52 — file reverted to origin/develop.

Timeout.__init__ again accepts Optional[int] = 15 and stores self.seconds = seconds if seconds and seconds > 0 else None. __enter__ / __exit__ short-circuit when self.seconds is None, so programmatic callers passing timeout=None (or 0 / negative) no longer hit signal.alarm(None) with a TypeError. Out-of-scope change for slurm_multi; reverted.

[raviguptaamd]

Addressed in 9109f52.

get_build_arg reverted to use shlex.quote(str(...)) for both keys and values:

build_args += (
    "--build-arg "
    + shlex.quote(str(build_arg))
    + "="
    + shlex.quote(str(self.context.ctx["docker_build_arg"][build_arg]))
    + " "
)

(plus Optional[Dict] = None with if run_build_arg is None: run_build_arg = {} instead of the mutable-default pattern). Build-arg values containing apostrophes / $() / backticks no longer break the docker build command line.

[raviguptaamd]

Addressed in 9109f52 — file reverted to origin/develop.

Boundary check restored:

while current == stop or current.startswith(stop + os.sep):

So a parent like /repo/scripts no longer matches /repo/scripts-private/... via prefix collision — ConfigParser walks the intended subtree only. Out-of-scope change for slurm_multi; reverted.

[raviguptaamd]

Addressed in 9109f52 — file reverted to origin/develop.

NVIDIA-arch normalization restored:

after_prefix = sys_gpu_arch[sys_gpu_arch.index("NVIDIA") + len("NVIDIA "):]
sys_gpu_arch = after_prefix.split("-")[0].split()[0]

so "NVIDIA A100-SXM4-40GB" → "A100" and "NVIDIA H100 PCIe" → "H100" again, and skip_gpu_arch=A100 correctly filters those models. The split()[1] regression that returned the full SKU string is gone. Out-of-scope change for slurm_multi; reverted.

[raviguptaamd]

Smoke test summary on Distributed_Inference_CI reservation

Drove the slurm_multi launcher end-to-end against four real workloads with the companion model cards in ROCm/MAD-private#186. Three out of four produced real benchmark numbers, the fourth surfaced a vLLM/NixlConnector issue inside the docker image (orthogonal to this PR).

Critical-path runs

#	Workload	Model card	Slurm job	Nodes	State	Result
C1	SGLang disagg 8B (madengine-driven via F1)	pyt_sglang_disagg_llama-3.1-8b	22607	reservation [029,040,082]	COMPLETED 8:51	5,977 tok/s TTFT 122.8 ms ITL 2.54 ms
C2	vLLM disagg 8B (1P/1D, co-located proxy)	pyt_vllm_disagg_llama-3.1-8b	22612	[008,014]	COMPLETED 4:22	router serving, but every decode request returned HTTP 500: vLLM workers crashed with nixl_connector.py:1504] AssertionError. Image-side bug, not the launcher.
C3	Large EP 2-node	pyt_large_ep_benchmark_2n	22610	reservation [029,040]	COMPLETED 3:49	28 metric rows (deepep dispatch/combine FP8/BF16 RDMA/NVL)
C4	KV cache transfer 2-node	pyt_kvcache_transfer_bench	22611	reservation [082,125]	COMPLETED 24:55	57 metric rows (mooncake + mori + rixl, 4KB → 1GB)
C1'	C1 re-run with the F-perf collector commit (5ec55ff)	same	22615	reservation [029,040,082]	COMPLETED 6:54	5,970 tok/s; F-perf finds /shared_inference/<user>/<jobid>/perf.csv (verified)

What the smoke test exercised in this PR

Surface	Verification
madengine build with --use-image (manifest gen for prebuilt image)	C1
madengine build with no flags + model-card env_vars.DOCKER_IMAGE_NAME (F1 implicit---use-image)	C1' — log line slurm_multi: no --registry/--use-image given; using DOCKER_IMAGE_NAME from model card -> rocm/pytorch-private:sglang_disagg_mori_20260502
madengine run --manifest-file over slurm_multi	C1, C1'
slurm_multi SBATCH wrapper generation, --reservation, enable_node_check=false honoured	All
_collect_slurm_multi_results finds /shared_inference/<user>/<jobid>/perf.csv (sglang/vllm)	C1'
SlurmDeployment direct sbatch (no madengine on top)	C2, C3, C4
slurm_multi co-located-proxy topology for vLLM disagg (xP + yD nodes)	C2 — topology was launched correctly; C2 failure happened inside vLLM nixl_connector after Application startup complete.

Bugs surfaced by the smoke test (all addressed)

Bug	Where	Commit
5 invalid kwargs to ErrorContext (model=, launcher=, model_names=, registry=, dockerfile=) — masked the real error message	build_orchestrator.py	5ec55ff
F1: model-card image not auto-promoted to --use-image for slurm_multi	build_orchestrator.py	5ec55ff
F-perf: _collect_slurm_multi_results only looked in <cwd>/perf.csv	slurm.py	5ec55ff
Completion marker not job-id namespaced — second madengine run of same model tag returned success in ~30 s while the new sbatch was still running	slurm.py	710b51a

Out of scope

• Image-side vLLM NixlConnector crash on Llama-3.1-8B disagg under rocm/pytorch-private:20260407_itej89_vllm_mori_docker (filed separately as orthogonal).
• Node-health precheck threshold (180 GB memory used / 4 processes flags reservation nodes as "Dirty"; tracked for follow-up).

PR head: 710b51a. Mergeable, blocking on review.

[Copilot]

Pull request overview

Copilot reviewed 75 out of 76 changed files in this pull request and generated 13 comments.

Comments suppressed due to low confidence (2)

src/madengine/orchestration/run_orchestrator.py:120

• Context.init still only accepts additional_context, additional_context_file, build_only_mode, and detect_local_gpu_arch. Passing rocm_path here raises TypeError, so every local run that initializes the runtime context will fail before execution starts.
  src/madengine/orchestration/run_orchestrator.py:594
• Build manifests still persist context.docker_env_vars, docker_mounts, and docker_build_arg, but this restore block now copies only tools/scripts back into the runtime Context. Execution-only runs from a manifest therefore lose build-time env/mount context before ContainerRunner starts, including values that Context auto-imported into docker_env_vars such as MAD_SECRETS*.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[raviguptaamd]

Acknowledged — this is a real concern but it is pre-existing in origin/develop, not introduced by this PR.

The f"--env {env_arg}='{str(...)}' " pattern is at the same line in origin/develop (compare git show origin/develop:src/madengine/execution/container_runner.py | sed -n '578,581p'); the --build-on-compute / --use-image work in this PR didn't change this method.

Deferring to a follow-up issue rather than expanding this PR's scope. The right fix is to switch to shlex.quote(value) (and validate the env-var name with the existing _VALID_ENV_NAME_RE style check) for both this docker_env_vars loop and the run_env loop a few lines above. Happy to file the follow-up issue (run_container env-arg shell-escape hardening) and reference it back here.

[raviguptaamd]

This thread is showing as outdated and is already addressed by Cat B in 9109f52.

core/context.py was reverted to origin/develop, which means:

• No more forced self.ctx['docker_env_vars']['ROCM_PATH'] = self._rocm_path at init.
• In-container ROCM_PATH is resolved at run time via finalize_container_rocm_path() (OCI metadata → in-image probe → /opt/rocm), so user/model docker_env_vars overrides survive the merge.

The ROCm-path behaviour the comment was concerned about is preserved by upstream's existing implementation, not by this PR.

[raviguptaamd]

This thread is showing as outdated and is already addressed by Cat B in 9109f52.

core/context.py was reverted to origin/develop, so the Context build-only constructor no longer accepts a rocm_path keyword. The synthetic-manifest path that called Context(rocm_path=...) was the source of the TypeError referenced here, and that constructor signature is back to upstream's. No call site in this PR passes rocm_path=... anymore.

[raviguptaamd]

This thread is showing as outdated and is already addressed in 63a2eae — reposting the link here for clarity.

run_orchestrator._load_and_merge_manifest no longer uses dict(stored_config[key]); merged.update(...). It now calls the module-level _deep_merge(stored_config[key], self.additional_context[key]) helper, which recurses into nested dicts.

Verified locally: an override touching slurm.node_selector.reservation preserves a sibling slurm.node_selector.partition from the manifest instead of wholesale-replacing the inner object. Same helper is used in both the runtime-context init path and the manifest-merge path.

[raviguptaamd]

This Round-3 comment is reviewing a pre-fix snapshot — already addressed in 63a2eae.

Current src/madengine/deployment/common.py has both "megatron" and "primus" in VALID_LAUNCHERS (alongside the docs-friendly "megatron-lm"):

VALID_LAUNCHERS = [
    "torchrun", "torchtitan", "deepspeed",
    "megatron", "megatron-lm", "primus",
    "vllm", "sglang", "slurm_multi",
]

Verified at HEAD (2200cbd): normalize_launcher('megatron','slurm') → 'megatron', normalize_launcher('primus','kubernetes') → 'primus'. The example configs (examples/{slurm,k8s}-configs/**/megatron-lm-*.json, examples/k8s-configs/minimal/megatron-lm-*.json) round-trip correctly without being downgraded to "docker"/"native".

[raviguptaamd]

This Round-3 comment is reviewing a pre-fix snapshot — already addressed in 0156d33.

Current docs/launchers.md (around line 470) only lists the three SLURM-side examples that actually exist on disk:

**Examples** (SLURM only — `slurm_multi` is a SLURM-side launcher; the K8s
deployment of disagg workloads continues to use the existing
`sglang-disagg-*.json` configs):
- SLURM Minimal: `examples/slurm-configs/minimal/slurm-multi-minimal.json`
- SLURM Basic:   `examples/slurm-configs/basic/slurm-multi-multi-node.json`
- SLURM Custom:  `examples/slurm-configs/basic/slurm-multi-custom-split.json`

The three K8s slurm-multi-*.json references that didn't exist were dropped. All three SLURM paths verified to exist at HEAD (2200cbd).

[raviguptaamd]

Addressed in 2200cbd.

Fixed both occurrences (lines 89 and 105). The actual checked-in profiling config is examples/profiling-configs/rocprofv3_multi_node.json (with underscore); the README now references that exact filename, so the copy-paste command no longer fails with a missing-file error.

[raviguptaamd]

Addressed in 2200cbd.

Dropped import pytest. Confirmed there are no pytest.* references anywhere in tests/unit/test_reporting.py (no @pytest.mark.*, no pytest.raises, no pytest.fixture), so the import was genuinely unused. flake8 lint will be clean again.

[raviguptaamd]

Addressed in 2200cbd — file reverted to origin/develop.

With the Cat B revert of core/context.py in 9109f52, this PR no longer adds the Context(rocm_path=...) keyword API; tests for that PR-specific surface belong to whichever future PR re-adds it. Upstream's tests/unit/test_rocm_path.py already exercises ROCmToolManager(rocm_path=...) (still in the codebase), so reverting restores green tests without changing semantics. Net result: this test file is byte-identical to origin/develop.

[raviguptaamd]

Addressed in 2200cbd (same fix as the sibling thread). The whole test_rocm_path.py file was reverted to origin/develop, so this assertion that ctx['docker_env_vars']['ROCM_PATH'] == ... immediately after construction is gone — the test now matches upstream's behaviour where in-container ROCM_PATH is finalized at run time via finalize_container_rocm_path().

[Copilot]

Pull request overview

Copilot reviewed 74 out of 75 changed files in this pull request and generated 24 comments.

Comments suppressed due to low confidence (3)

docs/cli-reference.md:396

• The CLI docs still say --timeout 0 means “no timeout”, but madengine run no longer translates 0 to an unlimited timeout display-wise and the validation message no longer mentions 0. Either update the docs to match the current behavior, or restore the explicit 0 => no timeout handling so help text, docs, and runtime all align.

| `--tags` | `-t` | TEXT | `[]` | Model tags to run (can specify multiple) |
| `--manifest-file` | `-m` | TEXT | `""` | Build manifest file path (for pre-built images) |
| `--rocm-path` | | TEXT | `None` | ROCm installation root (default: `ROCM_PATH` env or `/opt/rocm`). Use when ROCm is not in `/opt/rocm` (e.g. Rock, pip). |
| `--registry` | `-r` | TEXT | `None` | Docker registry URL |
| `--timeout` | | INT | `-1` | Timeout in seconds (-1=default 7200s, 0=no timeout) |
| `--additional-context` | `-c` | TEXT | `"{}"` | Additional context as JSON string |
| `--additional-context-file` | `-f` | TEXT | `None` | File containing additional context JSON |

pyproject.toml:31

• pytest is included in the package’s runtime dependencies even though it’s only used for testing (it’s already listed under [project.optional-dependencies].dev). Keeping pytest in dependencies increases install size and can conflict with downstream environments. Move it back to dev/test extras only unless the library imports pytest at runtime (it currently doesn’t).

dependencies = [
  "pandas",
  "GitPython",
  "jsondiff",
  "sqlalchemy",
  "setuptools-rust",
  "paramiko",
  "tqdm",
  "pytest",
  "typing-extensions",
  "pymongo",
  "toml",
  "typer>=0.9.0",
  "rich>=13.0.0",
  "click>=8.0.0",
  "jinja2>=3.0.0",
  "pyyaml>=6.0",
]

src/madengine/execution/container_runner_helpers.py:216

• make_run_log_file_path() no longer normalizes full image references (e.g. registry/ns/name:tag), so the generated log filename can include : (and very long sanitized refs), and run-log naming can diverge from build-log naming for CI-style tags. Consider reinstating a normalization helper (strip digest, collapse registry/...:ci-* to just the tag, and replace :, /, @ with _) to keep filenames stable and filesystem-friendly.

[raviguptaamd]

Addressed in 3fc7587.

This is a real latent bug introduced by my Cat B revert: I reverted core/context.py to origin/develop (which removes the rocm_path keyword), but missed that run_orchestrator.py still passes it at lines 138 and 456. Today's slurm_multi tests went through _execute_distributed so didn't hit it, but madengine run against a local target hits _init_runtime_context() here and crashes with TypeError: Context.__init__() got an unexpected keyword argument 'rocm_path'.

Fix in 3fc7587: drop the rocm_path = get_rocm_path(...) line and the rocm_path=rocm_path kwarg at both call sites; drop the now-unused from madengine.core.constants import get_rocm_path import.

Verified at HEAD (3fc7587) via inspect.signature(Context.__init__): params are ['self','additional_context','additional_context_file','build_only_mode','detect_local_gpu_arch'] -- no more rocm_path. End-to-end smoke: pyt_large_ep_benchmark_2n on [008,024] via slurm_multi, 8 min, 28 metric rows.

[raviguptaamd]

Addressed in 3fc7587 (same root cause as the sibling thread on line 138). The synthetic-manifest path in _create_manifest_from_local_image was passing the same now-removed rocm_path kwarg. Both call sites are fixed in this commit; from madengine.core.constants import get_rocm_path import is gone too.

[raviguptaamd]

Addressed in 3fc7587. Dropped handle_error from the import set in from madengine.core.errors import (...) since the only references in this module were removed in earlier rounds. flake8 F401 should be clean.

[raviguptaamd]

Addressed in 3fc7587.

ContainerRunner.login_to_registry now delegates to madengine.core.auth.login_to_registry (the same helper DockerBuilder.login_to_registry already uses). The previous inline form built

login_command = f"echo '{password}' | docker login ... --password-stdin"
self.console.sh(login_command, secret=True)

which -- even though docker reads the password via --password-stdin -- still embedded the password in echo's argv visible through ps//proc. The central helper writes the password to docker's stdin via subprocess.run(..., input=password.encode()), so it never appears on a process command line.

The ~50 lines of inline credential-shape validation are also gone -- the central helper does the same checks (and was the path Round-2 R2-#18 already moved DockerBuilder onto, just in a sister file).

[raviguptaamd]

Addressed in 3fc7587. get_env_arg no longer dumps the full assembled --env KEY='value' ... string into stdout. It now prints only the count:

print(f"Env arguments: {env_args.count('--env')} variables set")

Values can include HF tokens, registry passwords, MAD_SECRETS_*, etc.; the assembled string is still passed to docker run (so the container sees them as expected), but no longer leaks into stdout / CI artifacts.

[raviguptaamd]

Addressed in 3fc7587. This was the second occurrence of [Distributed Launchers Guide](distributed-launchers.md) -- the earlier 0156d33 commit only fixed the one at line 543. Updated to (launchers.md) (verified to exist on disk).

[Copilot]

Pull request overview

Copilot reviewed 74 out of 75 changed files in this pull request and generated 16 comments.

Comments suppressed due to low confidence (2)

tests/unit/test_reporting_superset.py:39

• This file contains whitespace on otherwise blank lines (e.g. between the class docstring and the first fixture). The repo’s pre-commit trailing-whitespace hook (and flake8 W293) will fail on this; please remove trailing spaces on blank lines.
  tests/unit/test_reporting_superset.py:171
• Additional whitespace-only lines in this section will also fail the pre-commit trailing-whitespace hook. Please strip the trailing spaces from blank lines here as well.

[raviguptaamd]

Addressed in afbb666: dropped pytest from [project].dependencies. It was already present in [project.optional-dependencies].dev and .all, so no install path that was running tests is affected; only the bare pip install madengine (without [dev]/[all]) no longer pulls a test framework into runtime installs.

[raviguptaamd]

Addressed in afbb666: 5 build-arg assertions updated to match DockerBuilder.get_build_arg()'s shlex.quote() output. For shell-safe values (e.g. value1), shlex.quote returns the value unchanged, so the assertions are now --build-arg ARG1=value1 (no surrounding quotes). Verified locally: pytest -k build_arg → 4 passed.

[raviguptaamd]

Deferred to upstream-flake8 cleanup PR. The line at #L93 is from 04aac390 (Stephen Shao) and is byte-identical to origin/develop; this PR's commit 50e8895 only touched the surrounding lines (88, 99) for whitespace and a fixture-arg rename, not the assertion target itself. Tracked alongside the rest of the Round-4 / Round-5 upstream-style nits in the follow-up cleanup PR (see #86 description, "Round 4" / "Round 5" status sections).

[raviguptaamd]

Addressed in afbb666: the bare except: at L424 (introduced by this PR's 6f2e11bf) was replaced with except Exception: so KeyboardInterrupt/SystemExit propagate, and flake8 E722 no longer fires on this line.

[raviguptaamd]

Addressed in afbb666: get_env_arg now passes each value through shlex.quote(...) instead of single-quote string interpolation. shlex.quote is byte-equivalent for shell-safe values (alphanumeric, _, -, ., :, /, +, =, etc.) and correctly escapes embedded single quotes, whitespace, and other metacharacters.

slurm_multi safety: the self-managed launcher path (_run_self_managed) returns at L1099 before the docker-run command assembly at L1058 that calls get_env_arg, so this change only tightens the regular-Docker run path used by non-slurm_multi workloads. Verified end-to-end with a fresh pyt_large_ep_benchmark_2n slurm_multi smoke.

[raviguptaamd]

Addressed in afbb666: validation message updated to match the actual accepted shape — "Timeout must be -1 (default), 0 (no timeout), or a positive integer". The --timeout help string already documents 0 for no timeout (line 67) and the validator is if timeout < -1, so 0 was always accepted; only the error string was misleading. No behaviour change.

[raviguptaamd]

Deferred. File is byte-identical to origin/develop in this PR. Tracked alongside the other upstream-style nits in the follow-up cleanup PR.

[raviguptaamd]

Deferred. File is byte-identical to origin/develop in this PR (no edits from #86). The two bare-except instances in this file are pre-existing; develop's [2.0.1] test-suite cleanup narrowed 5 such cases elsewhere but did not touch these two. Tracked in the upstream-cleanup follow-up PR.

[raviguptaamd]

Deferred. Same disposition as the L106 thread above — file byte-identical to origin/develop, pre-existing concern, tracked in the upstream-cleanup follow-up PR.

[raviguptaamd]

Deferred. This file is byte-identical to origin/develop in this PR. Tracked alongside the other upstream-style nits in the follow-up cleanup PR.

[raviguptaamd]

Status update — ready for review

PR head: 3fc7587. 75 files / +2,877 / -2,179 vs develop. All four Copilot review rounds resolved or replied-to inline.

What's in here

• slurm_multi deployment launcher for self-managed multi-node disaggregated workloads (vLLM-disagg, SGLang-disagg, large-EP, kvcache-transfer) with the orchestration / build / run / CLI hooks that drive it from the manifest pipeline.
• madengine build --build-on-compute --registry <docker.io/<ns>(/<repo>) | ghcr.io/... | localhost:5000/...> flow (build on a compute node + push for parallel pull on run nodes).
• madengine build --use-image <image> flow (skip build, use a pre-built image).
• SBATCH wrapper generation, reservation support, existing-allocation detection (salloc), per-job-id completion marker, _collect_slurm_multi_results perf.csv discovery in /shared_inference/<user>/<jobid>/.

Kubernetes deployment work split out into #118 (independent PR against develop) per earlier reviewer ask; that PR will rebase / sequence after this one lands.

Live end-to-end test coverage

All on Distributed_Inference_CI and adjacent free nodes.

#	Workload	Path	Result
1	SGLang-disagg Llama-3.1-8B (1Px8/1Dx8, 24 GPUs / 3 nodes)	--use-image + slurm_multi	5,977 tok/s, TTFT 122.8 ms, ITL 2.54 ms
2	SGLang-disagg DeepSeek-V3 (1Px8/1Dx8, 24 GPUs / 3 nodes)	--use-image + slurm_multi	853 / 1,452 tok/s @ CON=8/16, ISL/OSL=1024/1024
3	SGLang-disagg Llama-3.3-70B-FP8 (1Px8/1Dx8, 24 GPUs / 3 nodes)	--build-on-compute --registry docker.io/rocm/pytorch-private -> rocm/pytorch-private:pyt_sglang_disagg_llama-3.3-70b-fp8	1,878 / 3,644 tok/s @ CON=8/16
4	Large EP (16 GPUs / 2 nodes)	--build-on-compute --registry -> rocm/pytorch-private:pyt_large_ep_benchmark_2n	28 perf rows (DeepEP + MoRI-EP dispatch/combine, FP8/BF16 RDMA/NVL)
5	KV cache transfer (16 GPUs / 2 nodes)	--build-on-compute --registry -> rocm/pytorch-private:pyt_kvcache_transfer_bench	57 perf rows (mooncake / MORI / RIXL, 4KB → 1GB sweep)
6	Re-smoke post-R4 fixes: pyt_large_ep_benchmark_2n on [008,024]	slurm_multi from manifest	8 min, 28 ✅ Success rows -- confirms R4 changes didn't regress the run path

The vLLM-disagg run path was also exercised end-to-end (slurm_multi topology + co-located proxy + port refactor + MoRI-EP gating all working) but the underlying rocm/pytorch-private:20260407_itej89_vllm_mori_docker image hits a NIXL_ERR_BACKEND after weight load. Image-side, orthogonal to this PR; tracked separately. Run-phase plumbing not gated by it.

Copilot review status

Four rounds total, all addressed:

• Round 1 (9 inline) -- fixed in d32b06b / 5ec55ff, replied inline.
• Round 2 (24 inline) -- 9 fixed in 63a2eae, 11 reverted to origin/develop byte-for-byte in 9109f52, 4 doc/example fixes in 0156d33, all replied inline with commit SHAs.
• Round 3 (13 inline) -- 4 fixed in 2200cbd (profiling README typo, pytest unused-import, test_rocm_path.py revert), 7 stale-snapshot replies (already addressed in earlier rounds), 2 deferred to follow-up (pre-existing in origin/develop).
• Round 4 (24 inline) -- 8 fixed in 3fc7587 (5 P0 + 3 hardening, see commit shape entry 12 in PR description), 14 are pre-existing flake8 / style nits in files byte-identical to origin/develop (utils/{ops,log_formatting}.py, scripts/common/{tools,pre_scripts}/**, tests/fixtures/utils.py, tests/integration/, core/errors.py, database/mongodb.py, deployment/base.py:645) -- not introduced by this PR; deferred to a separate cleanup PR.

The "P0" subset of Round 4 included a real latent crash I'd introduced in the Cat B revert (run_orchestrator.py still passing Context(rocm_path=...) after core/context.py was reverted to upstream's signature) -- that's now fixed and verified by the live re-smoke above.

Bugs surfaced and fixed during real-cluster testing

• --registry parsing: shorthand rocm/pytorch-private was hitting docker login rocm (NXDOMAIN). Now auto-prefixed to docker.io/rocm/pytorch-private with a transparent notice; malformed input rejected up front with usage hints (98f1ac5).
• --build-on-compute local image name: dockerfile path with no .ubuntu.amd.Dockerfile suffix (e.g., scripts/.../Dockerfile) yielded ci-..._Dockerfile -- Docker rejects uppercase. .lower() the assembled name (ae1996c).
• _load_and_merge_manifest was still doing shallow dict.update() despite the Round-2 "deep merge" fix -- promoted to a recursive module-level helper used by both code paths (63a2eae).
• manifest.context.docker_env_vars was being dropped on --manifest-file runs, losing build-time secrets / MAD_SECRETS_* (63a2eae).
• Completion marker was not job-id namespaced -- a second madengine run of the same model tag returned success in ~30 s while the new sbatch was still running (710b51a).
• ErrorContext was being constructed with 5 invalid kwargs across build_orchestrator.py, masking the real error (5ec55ff).
• _collect_slurm_multi_results was only looking at <cwd>/perf.csv, missing the canonical /shared_inference/<user>/<jobid>/perf.csv location the inner scripts emit (5ec55ff).

Sequencing

1. Updates to slurm launcher #86 (this PR) → develop.
2. Kubernetes deployment (split from PR #86) #118 (Kubernetes) rebases onto develop and merges.
3. After both land, follow-up cherry-picks the combined work into main per repo policy.

What I'd appreciate eyes on

• The slurm_multi launcher core (deployment/slurm.py, slurm_node_selector.py, the slurm_multi wrapper-script generation).
• The --build-on-compute / --use-image orchestration in build_orchestrator.py (registry normalization, lowercase tagging, prebuilt-image multi-model handling, per-registry auth hints).
• run_orchestrator._deep_merge semantics for nested slurm.node_selector / distributed.<sub> overrides.
• container_runner._run_self_managed (the new self-managed launcher path used by slurm_multi).
• The models.json slurm-side example configs renamed to slurm-multi-*.json and the launchers / deployment / cli-reference docs.

Reviews welcome. cc @gargrahul @Cemberk @Rohan138 @coketaste @leconcio

[Copilot]

Pull request overview

Copilot reviewed 73 out of 74 changed files in this pull request and generated 14 comments.

Comments suppressed due to low confidence (2)

src/madengine/deployment/base.py:236

• _monitor_until_complete() never treats CANCELLED (or any non-SUCCESS/FAILED terminal status) as terminal. Since DeploymentStatus still includes CANCELLED, this loop can spin forever after a cancellation. Consider returning on CANCELLED as well (and/or treating any non-PENDING/RUNNING status as terminal).

        self.console.print("[blue]Monitoring deployment...[/blue]")

        while True:
            status = self.monitor(deployment_id)

            if status.status in [DeploymentStatus.SUCCESS, DeploymentStatus.FAILED]:
                return status

            # Still running, wait and check again
            self.console.print(
                f"  Status: {status.status.value} - {status.message}"
            )
            time.sleep(30)  # Check every 30 seconds

src/madengine/execution/container_runner.py:251

• create_run_details_dict() indexes self.context.ctx["docker_env_vars"]["MAD_SYSTEM_GPU_ARCHITECTURE"] directly. If docker_env_vars or the key is missing (e.g., older manifests / non-GPU runs / context init differences), this will raise KeyError and prevent perf entry generation. Use .get() with a safe fallback (or guard when the nested dict/key is absent).

[raviguptaamd]

Addressed in bcafdbb: restored the upstream finalize_container_rocm_path() call block (originally introduced on develop in #110, removed by this PR's 6f2e11bf when the model_info env_vars merge block replaced it). The two address different concerns and must coexist — the env_vars merge copies model-card values into docker_env_vars, while finalize normalizes in-container ROCM_PATH via OCI inspect → in-image probe → /opt/rocm default. Block restored verbatim from origin/develop (including the user_supplied_rocm_path short-circuit), placed immediately after the env_vars merge.

slurm_multi safety: the self-managed launcher returns at L1099 before this code path, so this restoration only affects the regular-Docker run path used by non-slurm_multi workloads.

[raviguptaamd]

Addressed in bcafdbb: model_dir is now passed through shlex.quote once and reused across the four cp ... 2>/dev/null || true calls. The trailing *.csv glob is left unquoted intentionally so the in-container shell still expands it inside the (quoted) directory:

_md_q = shlex.quote(model_dir)
model_docker.sh(f"cp {_md_q}/*_profiler_output.csv . 2>/dev/null || true")
model_docker.sh(f"cp {_md_q}/*_output.csv . 2>/dev/null || true")
model_docker.sh(f"cp {_md_q}/*_trace.csv . 2>/dev/null || true")
model_docker.sh(f"cp {_md_q}/library_trace.csv . 2>/dev/null || true")

[raviguptaamd]

Addressed in bcafdbb: both path components are now quoted, so a model-metadata multiple_results value containing whitespace or shell metacharacters can no longer break the command or be re-interpreted by the shell:

model_docker.sh(
    f"cp {shlex.quote(model_dir)}/{shlex.quote(mult_res)} . "
    "2>/dev/null || true"
)

[raviguptaamd]

Addressed in bcafdbb: dropped the unused import os (flake8 F401). The module hasn't referenced os.* since the orchestration helpers it used were moved out.

[raviguptaamd]

Deferred. The line at #L93 is from 04aac390 (Stephen Shao) and is byte-identical to the version on origin/develop in this PR. develop's [2.0.1] already lands the hardware-agnostic fix ([2.0.1] -> "E2E tests — hardware-agnostic GPU arch skip" — test_commandline_argument_skip_gpu_arch now detects the runner's GPU arch at runtime and injects it into skip_gpu_arch, with a new get_gpu_arch() helper in tests/fixtures/utils.py). Once #86 lands and CI re-runs against develop, that fix is what executes; no #86-side change needed. Tracked alongside the other origin/develop-identical concerns in the upstream-flake8 follow-up cleanup PR (per #86 description, Round 4 / Round 5 / Round 6 status sections).

[raviguptaamd]

Deferred. File is byte-identical to origin/develop in this PR (the bare-except: at #L41 is from 04aac390). Tracked alongside the other upstream bare-except: cleanup in the follow-up PR.

[raviguptaamd]

Deferred. File is byte-identical to origin/develop in this PR (the bare-except: at #L42 is from da0d524f (Rahul Garg) and predates #86). Tracked in the upstream-cleanup follow-up PR.

[raviguptaamd]

Deferred. File is byte-identical to origin/develop in this PR (the bare-except: at #L157 is from 0f2c3010 (Stephen Shao) and predates #86). Tracked in the upstream-cleanup follow-up PR.

[raviguptaamd]

Addressed in bcafdbb: dropped the unused import pandas as pd (flake8 F401). Confirmed there are no pd.* references in the file — the test fixtures use dict / MagicMock only, so the import was dead. The line was added by this PR's 50e8895.

[raviguptaamd]

Addressed in bcafdbb: trailing whitespace stripped on every blank-with-spaces line (107 occurrences in this file, including the one at L31). Pure whitespace cleanup, no functional change; flake8 W293 is now clean for this file.