forked from llvm/llvm-project
-
Notifications
You must be signed in to change notification settings - Fork 0
123 lines (111 loc) · 3.85 KB
/
release-tasks.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
name: Release Task
permissions:
contents: read
on:
push:
tags:
# The regex support here is limited, so just match everything that starts with llvmorg- and filter later.
- 'llvmorg-*'
jobs:
validate-tag:
name: Validate Tag
runs-on: ubuntu-latest
if: github.repository == 'llvm/llvm-project'
outputs:
release-version: ${{ steps.validate-tag.outputs.release-version }}
steps:
- name: Validate Tag
id: validate-tag
run: |
echo "${{ github.ref_name }}" | grep -e '^llvmorg-[0-9]\+\.[0-9]\+\.[0-9]\+\(-rc[0-9]\+\)\?$'
release_version=$(echo "${{ github.ref_name }}" | sed 's/llvmorg-//g')
echo "release-version=$release_version" >> "$GITHUB_OUTPUT"
release-create:
name: Create a New Release
runs-on: ubuntu-latest
permissions:
contents: write # For creating the release.
needs: validate-tag
steps:
- name: Install Dependencies
run: |
sudo apt-get update
sudo apt-get install python3-github
- name: Checkout LLVM
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Create Release
env:
GITHUB_TOKEN: ${{ github.token }}
USER_TOKEN: ${{ secrets.RELEASE_TASKS_USER_TOKEN }}
run: |
./llvm/utils/release/./github-upload-release.py --token "$GITHUB_TOKEN" --release ${{ needs.validate-tag.outputs.release-version }} --user ${{ github.actor }} --user-token "$USER_TOKEN" create
release-documentation:
name: Build and Upload Release Documentation
needs:
- validate-tag
uses: ./.github/workflows/release-documentation.yml
with:
release-version: ${{ needs.validate-tag.outputs.release-version }}
upload: true
release-doxygen:
name: Build and Upload Release Doxygen
permissions:
contents: write
needs:
- validate-tag
- release-create
uses: ./.github/workflows/release-doxygen.yml
with:
release-version: ${{ needs.validate-tag.outputs.release-version }}
upload: true
# Called workflows don't have access to secrets by default, so we need to explicitly pass secrets that we use.
secrets:
RELEASE_TASKS_USER_TOKEN: ${{ secrets.RELEASE_TASKS_USER_TOKEN }}
release-lit:
name: Release Lit
needs: validate-tag
uses: ./.github/workflows/release-lit.yml
with:
release-version: ${{ needs.validate-tag.outputs.release-version }}
# Called workflows don't have access to secrets by default, so we need to explicitly pass secrets that we use.
secrets:
RELEASE_TASKS_USER_TOKEN: ${{ secrets.RELEASE_TASKS_USER_TOKEN }}
release-binaries:
name: Build Release Binaries
permissions:
contents: write
id-token: write
attestations: write
needs:
- validate-tag
- release-create
strategy:
fail-fast: false
matrix:
runs-on:
- ubuntu-22.04
- windows-2022
- macos-13
- macos-14
uses: ./.github/workflows/release-binaries.yml
with:
release-version: ${{ needs.validate-tag.outputs.release-version }}
upload: true
runs-on: ${{ matrix.runs-on }}
# Called workflows don't have access to secrets by default, so we need to explicitly pass secrets that we use.
secrets:
RELEASE_TASKS_USER_TOKEN: ${{ secrets.RELEASE_TASKS_USER_TOKEN }}
release-sources:
name: Package Release Sources
permissions:
contents: read
id-token: write
attestations: write
needs:
- validate-tag
uses: ./.github/workflows/release-sources.yml
with:
release-version: ${{ needs.validate-tag.outputs.release-version }}
# Called workflows don't have access to secrets by default, so we need to explicitly pass secrets that we use.
secrets:
RELEASE_TASKS_USER_TOKEN: ${{ secrets.RELEASE_TASKS_USER_TOKEN }}