[HWASan][Fuchsia] Have Fuchsia use a dynamic shadow start #180880 #11
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release Task | ||
|
Check failure on line 1 in .github/workflows/release-tasks.yml
|
||
| permissions: | ||
| contents: read | ||
| on: | ||
| push: | ||
| tags: | ||
| # The regex support here is limited, so just match everything that starts with llvmorg- and filter later. | ||
| - 'llvmorg-*' | ||
| jobs: | ||
| validate-tag: | ||
| name: Validate Tag | ||
| runs-on: ubuntu-24.04 | ||
| if: github.repository == 'llvm/llvm-project' | ||
| outputs: | ||
| release-version: ${{ steps.validate-tag.outputs.release-version }} | ||
| steps: | ||
| - name: Validate Tag | ||
| id: validate-tag | ||
| run: | | ||
| echo "${{ github.ref_name }}" | grep -e '^llvmorg-[0-9]\+\.[0-9]\+\.[0-9]\+\(-rc[0-9]\+\)\?$' | ||
| release_version=$(echo "${{ github.ref_name }}" | sed 's/llvmorg-//g') | ||
| echo "release-version=$release_version" >> "$GITHUB_OUTPUT" | ||
| release-create: | ||
| name: Create a New Release | ||
| runs-on: ubuntu-24.04 | ||
| permissions: | ||
| contents: write # For creating the release. | ||
| needs: validate-tag | ||
| steps: | ||
| - name: Install Dependencies | ||
| run: | | ||
| sudo apt-get update | ||
| sudo apt-get install python3-github | ||
| - name: Checkout LLVM | ||
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 | ||
| - name: Create Release | ||
| env: | ||
| GITHUB_TOKEN: ${{ github.token }} | ||
| USER_TOKEN: ${{ secrets.RELEASE_TASKS_USER_TOKEN }} | ||
| run: | | ||
| ./llvm/utils/release/./github-upload-release.py --token "$GITHUB_TOKEN" --release ${{ needs.validate-tag.outputs.release-version }} --user ${{ github.actor }} --user-token "$USER_TOKEN" create | ||
| release-documentation: | ||
| name: Build and Upload Release Documentation | ||
| environment: release | ||
| needs: | ||
| - validate-tag | ||
| uses: ./.github/workflows/release-documentation.yml | ||
| with: | ||
| release-version: ${{ needs.validate-tag.outputs.release-version }} | ||
| upload: true | ||
| # Called workflows don't have access to secrets by default, so we need to explicitly pass secrets that we use. | ||
| secrets: | ||
| LLVMBOT_WWW_RELEASES_PUSH: ${{ secrets.LLVMBOT_WWW_RELEASES_PUSH }} | ||
| WWW_RELEASES_TOKEN: ${{ secrets.WWW_RELEASES_TOKEN }} | ||
| release-doxygen: | ||
| name: Build and Upload Release Doxygen | ||
| permissions: | ||
| contents: write | ||
| needs: | ||
| - validate-tag | ||
| - release-create | ||
| uses: ./.github/workflows/release-doxygen.yml | ||
| with: | ||
| release-version: ${{ needs.validate-tag.outputs.release-version }} | ||
| upload: true | ||
| # Called workflows don't have access to secrets by default, so we need to explicitly pass secrets that we use. | ||
| secrets: | ||
| RELEASE_TASKS_USER_TOKEN: ${{ secrets.RELEASE_TASKS_USER_TOKEN }} | ||
| # The pypi trusted publishing does not support called workflows, so we | ||
| # can't use them here. | ||
| release-lit: | ||
| name: Release Lit | ||
| runs-on: ubuntu-24.04 | ||
| permissions: | ||
| id-token: write # Requred for pypi publishing | ||
| needs: | ||
| - validate-tag | ||
| environment: pypi | ||
| steps: | ||
| - name: Checkout LLVM | ||
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 | ||
| with: | ||
| ref: "llvmorg-${{ needs.validate-tag.outputs.release-version }}" | ||
| - name: Install dependencies | ||
| run: | | ||
| sudo apt-get update | ||
| sudo apt-get install -y python3-build python3-psutil python3-github | ||
| - name: Check Permissions | ||
| env: | ||
| GITHUB_TOKEN: ${{ github.token }} | ||
| USER_TOKEN: ${{ secrets.RELEASE_TASKS_USER_TOKEN }} | ||
| run: | | ||
| ./llvm/utils/release/./github-upload-release.py --token "$GITHUB_TOKEN" --user ${{ github.actor }} --user-token "$USER_TOKEN" check-permissions | ||
| - name: Test lit | ||
| run: | | ||
| mkdir build && cd build | ||
| export FILECHECK_OPTS='-dump-input-filter=all -vv -color' | ||
| cmake ../llvm -DCMAKE_BUILD_TYPE=Release -G Ninja | ||
| ninja -v -j $(nproc) check-lit | ||
| - name: Package lit | ||
| run: | | ||
| cd llvm/utils/lit | ||
| # Remove 'dev' suffix from lit version. | ||
| sed -i 's/ + "dev"//g' lit/__init__.py | ||
| python3 -m build | ||
| - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 | ||
| with: | ||
| name: lit-${{ inputs.release-version }}-release-binary | ||
| path: | | ||
| llvm/utils/lit/dist | ||
| - name: Upload lit to test.pypi.org | ||
| uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 | ||
| with: | ||
| repository-url: https://test.pypi.org/legacy/ | ||
| packages-dir: llvm/utils/lit/dist/ | ||
| - name: Upload lit to pypi.org | ||
| uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 | ||
| with: | ||
| packages-dir: llvm/utils/lit/dist/ | ||
| release-binaries: | ||
| name: Build Release Binaries | ||
| permissions: | ||
| contents: write | ||
| id-token: write | ||
| attestations: write | ||
| needs: | ||
| - validate-tag | ||
| - release-create | ||
| uses: ./.github/workflows/release-binaries-all.yml | ||
| with: | ||
| release-version: ${{ needs.validate-tag.outputs.release-version }} | ||
| upload: true | ||
| # Called workflows don't have access to secrets by default, so we need to explicitly pass secrets that we use. | ||
| secrets: | ||
| RELEASE_TASKS_USER_TOKEN: ${{ secrets.RELEASE_TASKS_USER_TOKEN }} | ||
| release-sources: | ||
| name: Package Release Sources | ||
| permissions: | ||
| contents: read | ||
| id-token: write | ||
| attestations: write | ||
| needs: | ||
| - validate-tag | ||
| uses: ./.github/workflows/release-sources.yml | ||
| with: | ||
| release-version: ${{ needs.validate-tag.outputs.release-version }} | ||
| # Called workflows don't have access to secrets by default, so we need to explicitly pass secrets that we use. | ||
| secrets: | ||
| RELEASE_TASKS_USER_TOKEN: ${{ secrets.RELEASE_TASKS_USER_TOKEN }} | ||
| uncomment-download-links: | ||
| name: Uncomment download links | ||
| runs-on: ubuntu-24.04 | ||
| permissions: | ||
| contents: write # For updating the release message. | ||
| if: '!cancelled()' | ||
| needs: | ||
| - validate-tag | ||
| - release-binaries | ||
| steps: | ||
| - name: Install Dependencies | ||
| run: | | ||
| sudo apt-get update | ||
| sudo apt-get install python3-github | ||
| - name: Checkout LLVM | ||
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 | ||
| with: | ||
| sparse-checkout: llvm/utils/release/github-upload-release.py | ||
| sparse-checkout-cone-mode: false | ||
| - name: Uncomment Download Links | ||
| env: | ||
| GITHUB_TOKEN: ${{ github.token }} | ||
| run: | | ||
| ./llvm/utils/release/./github-upload-release.py --token "$GITHUB_TOKEN" --release ${{ needs.validate-tag.outputs.release-version }} uncomment_download_links | ||
