https://github.com/llvmbot created https://github.com/llvm/llvm-project/pull/176846
Backport bc3066bb22323032469f0a69f673b4e5b1d86df3 Requested by: @tstellar >From eecafb10777d58cb51e2129345056d412626a010 Mon Sep 17 00:00:00 2001 From: Tom Stellard <[email protected]> Date: Mon, 19 Jan 2026 17:11:17 -0800 Subject: [PATCH] workflows/release-lit: Update workflow and enable trusted publishing with pypi (#174907) This makes some small improvements to the workflow including using some more modern python packaging modules and also enables the trusted publishing for pypi. This will allow us to publish lit packages to pypi without needing to use an access token. This action also now uses the pypi environment which will only publish files when triggered by an llvm-* tag. (cherry picked from commit bc3066bb22323032469f0a69f673b4e5b1d86df3) --- .github/workflows/release-tasks.yml | 57 +++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) diff --git a/.github/workflows/release-tasks.yml b/.github/workflows/release-tasks.yml index 1258121182069..036e58215e53a 100644 --- a/.github/workflows/release-tasks.yml +++ b/.github/workflows/release-tasks.yml @@ -73,6 +73,63 @@ jobs: secrets: RELEASE_TASKS_USER_TOKEN: ${{ secrets.RELEASE_TASKS_USER_TOKEN }} + # The pypi trusted publishing does not support called workflows, so we + # can't use them here. + release-lit: + name: Release Lit + runs-on: ubuntu-24.04 + permissions: + id-token: write # Requred for pypi publishing + environment: pypi + steps: + - name: Checkout LLVM + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + with: + ref: "llvmorg-${{ needs.validate-tag.outputs.release-version }}" + + - name: Install dependencies + run: | + sudo apt-get update + sudo apt-get install -y python3-build python3-psutil python3-github + + - name: Check Permissions + env: + GITHUB_TOKEN: ${{ github.token }} + USER_TOKEN: ${{ secrets.RELEASE_TASKS_USER_TOKEN }} + run: | + ./llvm/utils/release/./github-upload-release.py --token "$GITHUB_TOKEN" --user ${{ github.actor }} --user-token "$USER_TOKEN" check-permissions + + - name: Test lit + run: | + mkdir build && cd build + export FILECHECK_OPTS='-dump-input-filter=all -vv -color' + cmake ../llvm -DCMAKE_BUILD_TYPE=Release -G Ninja + ninja -v -j $(nproc) check-lit + + - name: Package lit + run: | + cd llvm/utils/lit + # Remove 'dev' suffix from lit version. + sed -i 's/ + "dev"//g' lit/__init__.py + python3 -m build + + - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + with: + name: lit-${{ inputs.release-version }}-release-binary + path: | + llvm/utils/lit/dist + + - name: Upload lit to test.pypi.org + uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 + with: + repository-url: https://test.pypi.org/legacy/ + packages-dir: llvm/utils/lit/dist/ + + - name: Upload lit to pypi.org + uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 + with: + packages-dir: llvm/utils/lit/dist/ + release-binaries: name: Build Release Binaries permissions: _______________________________________________ llvm-branch-commits mailing list [email protected] https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-branch-commits
