[CI/Build] Allow mounting AWS credentials for sccache S3 auth#35912
Merged
simon-mo merged 2 commits intovllm-project:mainfrom Mar 3, 2026
Merged
Conversation
added 2 commits
March 3, 2026 12:57
Add an optional secret mount for AWS credentials in the sccache build step. This allows CI systems using S3-backed sccache with IAM/Pod Identity to pass credentials into the Docker build. The mount is required=false so it's a no-op when not provided, fully backwards compatible with existing builds. Signed-off-by: Amr Mahdi <amrmahdi@meta.com>
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Code Review
This pull request introduces an optional secret mount for AWS credentials in the Dockerfile. This allows sccache to authenticate with S3-backed storage during the build process, which is useful for CI systems that provide credentials as secrets. The change is implemented correctly using Docker's --mount=type=secret feature with required=false to ensure backward compatibility for builds that do not provide the secret. The implementation appears correct and follows security best practices for handling credentials in Docker builds.
zackycao
approved these changes
Mar 3, 2026
simon-mo
approved these changes
Mar 3, 2026
Copilot AI
pushed a commit
to machov/vllm
that referenced
this pull request
Mar 10, 2026
…roject#35912) Signed-off-by: Amr Mahdi <amrmahdi@meta.com>
avinashsingh77
pushed a commit
to avinashsingh77/vllm
that referenced
this pull request
Mar 12, 2026
…roject#35912) Signed-off-by: Amr Mahdi <amrmahdi@meta.com>
wendyliu235
pushed a commit
to wendyliu235/vllm-public
that referenced
this pull request
Mar 18, 2026
…roject#35912) Signed-off-by: Amr Mahdi <amrmahdi@meta.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add an optional secret mount for AWS credentials in the sccache build step. This allows CI systems using S3-backed sccache with IAM/Pod Identity to pass credentials into the Docker build.
The mount is required=false so it's a no-op when not provided, fully backwards compatible with existing builds.