llvm-project

Форк
0
/
release-sources.yml 
102 строки · 3.2 Кб
1
name: Release Sources
2

3
permissions:
4
  contents: read
5

6
on:
7
  workflow_dispatch:
8
    inputs:
9
      release-version:
10
        description: Release Version
11
        required: true
12
        type: string
13
  workflow_call:
14
    inputs:
15
      release-version:
16
        description: Release Version
17
        required: true
18
        type: string
19
  # Run on pull_requests for testing purposes.
20
  pull_request:
21
    paths:
22
      - '.github/workflows/release-sources.yml'
23
    types:
24
      - opened
25
      - synchronize
26
      - reopened
27
      # When a PR is closed, we still start this workflow, but then skip
28
      # all the jobs, which makes it effectively a no-op.  The reason to
29
      # do this is that it allows us to take advantage of concurrency groups
30
      # to cancel in progress CI jobs whenever the PR is closed.
31
      - closed
32

33
concurrency:
34
  group: ${{ github.workflow }}-${{ inputs.release-version || github.event.pull_request.number }}
35
  cancel-in-progress: True
36

37
jobs:
38
  inputs:
39
    name: Collect Job Inputs
40
    if: >-
41
      github.repository_owner == 'llvm' &&
42
      github.event.action != 'closed'
43
    outputs:
44
      ref: ${{ steps.inputs.outputs.ref }}
45
      export-args: ${{ steps.inputs.outputs.export-args }}
46
    runs-on: ubuntu-latest
47
    steps:
48
      - id: inputs
49
        run: |
50
          ref=${{ inputs.release-version || github.sha }}
51
          if [ -n "${{ inputs.release-version }}" ]; then
52
            export_args="-release ${{ inputs.release-version }} -final"
53
          else
54
            export_args="-git-ref ${{ github.sha }}"
55
          fi
56
          echo "ref=$ref" >> $GITHUB_OUTPUT
57
          echo "export-args=$export_args" >> $GITHUB_OUTPUT
58

59
  release-sources:
60
    name: Package Release Sources
61
    if: github.repository_owner == 'llvm'
62
    runs-on: ubuntu-latest
63
    needs:
64
      - inputs
65
    permissions:
66
      id-token: write
67
      attestations: write
68
    steps:
69
      - name: Checkout LLVM
70
        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
71
        with:
72
          ref: ${{ needs.inputs.outputs.ref }}
73
          fetch-tags: true
74
      - name: Install Dependencies
75
        run: |
76
          pip install --require-hashes -r ./llvm/utils/git/requirements.txt
77

78
      - name: Check Permissions
79
        if: github.event_name != 'pull_request'
80
        env:
81
          GITHUB_TOKEN: ${{ github.token }}
82
          USER_TOKEN: ${{ secrets.RELEASE_TASKS_USER_TOKEN }}
83
        run: |
84
          ./llvm/utils/release/./github-upload-release.py --token "$GITHUB_TOKEN" --user ${{ github.actor }} --user-token "$USER_TOKEN" check-permissions
85
      - name: Create Tarballs
86
        run: |
87
          ./llvm/utils/release/export.sh ${{ needs.inputs.outputs.export-args }}
88
      - name: Attest Build Provenance
89
        if: github.event_name != 'pull_request'
90
        id: provenance
91
        uses: actions/attest-build-provenance@897ed5eab6ed058a474202017ada7f40bfa52940 # v1.0.0
92
        with:
93
          subject-path: "*.xz"
94
      - if: github.event_name != 'pull_request'
95
        run: |
96
          mv ${{ steps.provenance.outputs.bundle-path }} .
97
      - name: Create Tarball Artifacts
98
        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 #v4.3.3
99
        with:
100
          path: |
101
            *.xz
102
            attestation.jsonl
103

104

105

Использование cookies

Мы используем файлы cookie в соответствии с Политикой конфиденциальности и Политикой использования cookies.

Нажимая кнопку «Принимаю», Вы даете АО «СберТех» согласие на обработку Ваших персональных данных в целях совершенствования нашего веб-сайта и Сервиса GitVerse, а также повышения удобства их использования.

Запретить использование cookies Вы можете самостоятельно в настройках Вашего браузера.