[codex] Recover PR 1767 ingest without rerunning sweep

[cquil11]

What changed

• adds a manually dispatched, CPU-only recovery workflow for PR [NVIDIA][GB300] update DSR1 FP8 GB300 TRTLLM image to latest #1767
• reconstructs the corrected merge configuration and changelog metadata
• validates and reuses artifacts from successful source run 27595478969
• dispatches the resulting carrier run to InferenceX-app

Root cause

The original push-to-main run failed while parsing the malformed changelog entry before reuse or ingest could run. Main already contains the indentation correction from PR #1798.

Safety

• commit and merge message include [skip-sweep]
• workflow requires an explicit confirmation input
• source run, PR commit, workflow path, conclusion, and required artifacts are validated
• no benchmark matrix or GPU runner is referenced

Validation

• actionlint passed
• perf-changelog.yaml parses successfully on current main
• reusable artifact validator passed: 27 benchmark rows and 4 eval jobs

---

Note

Medium Risk
One-off ops workflow that reuses production ingest credentials and publishes benchmark data to the database; guarded by confirmation input and strict source-run/artifact checks, but still a manual path to production ingest.

Overview
Adds a CPU-only, manually dispatched GitHub Actions workflow (recover-pr-1767-ingest.yml) so PR #1767 benchmark results can be ingested after the original push-to-main run failed on a malformed perf-changelog.yaml entry.

The workflow requires typing recover-pr-1767, then validates source run-sweep run 27595478969 (PR event, success, head SHA, required non-expired artifacts). It rebuilds merge config by checking out the original merge commit, fixing the config-keys indentation in perf-changelog.yaml, creating a synthetic commit-tree, and running process_changelog.py for full-config.json and changelog metadata (base/head refs aligned to the original merge). It downloads and filters sweep artifacts like the normal reuse path, runs validate_reusable_sweep_artifacts.py, uploads reused-ingest-artifacts and changelog-metadata, and dispatches ingest-results to InferenceX-app—no GPU matrix or sweep rerun.

^{Reviewed by Cursor Bugbot for commit e851db4. Bugbot is set up for automated code reviews on this repo. Configure here.}

[cursor]

Cursor Bugbot has reviewed your changes and found 2 potential issues.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit e851db4. Configure here.}

[cursor]

Missing actions write permission

High Severity

The workflow caps GITHUB_TOKEN at actions: read and contents: read, then runs actions/upload-artifact for ingest payloads. Upload needs actions: write, so the job likely fails after validation and never supplies artifacts for the downstream ingest dispatch.

 

^{Reviewed by Cursor Bugbot for commit e851db4. Configure here.}

[cursor]

Artifact list not paginated

Medium Severity

Required source artifacts are checked with a single gh api call limited to per_page=100. Full sweeps can expose more than 100 artifact records, so results_bmk, eval_results_all, or run-stats may be omitted and validation fails despite a valid source run.

 

^{Reviewed by Cursor Bugbot for commit e851db4. Configure here.}