[llvm] [GitHub] Make release aduit more strict for LLVM 19 and beyond (PR #125841)
David Spickett via llvm-commits
llvm-commits at lists.llvm.org
Wed Feb 5 03:36:07 PST 2025
https://github.com/DavidSpickett created https://github.com/llvm/llvm-project/pull/125841
Since 19, only release managers and the bot account can upload assets. Third party builds are posted on the Discourse thread instead.
>From ac11ecf7a0730478801e2ad57a485cfa2fad32dd Mon Sep 17 00:00:00 2001
From: David Spickett <david.spickett at linaro.org>
Date: Wed, 5 Feb 2025 11:17:26 +0000
Subject: [PATCH] [GitHub] Make release aduit more strict for LLVM 19 and
beyond
Since 19, only release managers and the bot account can upload
assets. Third party builds are posted on the Discourse thread
instead.
---
.github/workflows/release-asset-audit.py | 83 +++++++++++++++++-------
1 file changed, 58 insertions(+), 25 deletions(-)
diff --git a/.github/workflows/release-asset-audit.py b/.github/workflows/release-asset-audit.py
index cf6ad7fbbe1435..436cffb910f731 100644
--- a/.github/workflows/release-asset-audit.py
+++ b/.github/workflows/release-asset-audit.py
@@ -1,4 +1,5 @@
import github
+import re
import sys
_SPECIAL_CASE_BINARIES = {
@@ -16,37 +17,69 @@ def _is_valid(uploader_name, valid_uploaders, asset_name):
return False
-def main():
- token = sys.argv[1]
-
- gh = github.Github(login_or_token=token)
- repo = gh.get_repo("llvm/llvm-project")
+def _get_uploaders(release_version):
+ # Until llvm 18, assets were uploaded by community members, the release managers
+ # and the GitHub Actions bot.
+ if release_version <= 18:
+ return set(
+ [
+ "DimitryAndric",
+ "stefanp-ibm",
+ "lei137",
+ "omjavaid",
+ "nicolerabjohn",
+ "amy-kwan",
+ "mandlebug",
+ "zmodem",
+ "androm3da",
+ "tru",
+ "rorth",
+ "quinnlp",
+ "kamaub",
+ "abrisco",
+ "jakeegan",
+ "maryammo",
+ "tstellar",
+ "github-actions[bot]",
+ ]
+ )
- uploaders = set(
+ # llvm 19 and beyond, only the release managers and the GitHub Actions bot
+ # should be uploading assets.
+ return set(
[
- "DimitryAndric",
- "stefanp-ibm",
- "lei137",
- "omjavaid",
- "nicolerabjohn",
- "amy-kwan",
- "mandlebug",
- "zmodem",
- "androm3da",
"tru",
- "rovka",
- "rorth",
- "quinnlp",
- "kamaub",
- "abrisco",
- "jakeegan",
- "maryammo",
"tstellar",
"github-actions[bot]",
]
)
+
+def _get_major_release_version(release_title):
+ # All release titles are of the form "LLVM X.Y.Z(-rcN)".
+ match = re.match("LLVM ([0-9]+)\.")
+ if match is None:
+ _write_comment_and_exit_with_error(
+ f'Could not parse release version from release title "{release_title}".'
+ )
+ else:
+ return int(match.groups(0))
+
+
+def _write_comment_and_exit_with_error(comment):
+ with open("comment", "w") as file:
+ file.write(comment)
+ sys.exit(1)
+
+
+def main():
+ token = sys.argv[1]
+
+ gh = github.Github(login_or_token=token)
+ repo = gh.get_repo("llvm/llvm-project")
+
for release in repo.get_releases():
+ uploaders = _get_uploaders(release_version)
print("Release:", release.title)
for asset in release.get_assets():
created_at = asset.created_at
@@ -57,9 +90,9 @@ def main():
f"{asset.name} : {asset.uploader.login} [{created_at} {updated_at}] ( {asset.download_count} )"
)
if not _is_valid(asset.uploader.login, uploaders, asset.name):
- with open('comment', 'w') as file:
- file.write(f'@{asset.uploader.login} is not a valid uploader.')
- sys.exit(1)
+ _write_comment_and_exit_with_error(
+ f"@{asset.uploader.login} is not a valid uploader."
+ )
if __name__ == "__main__":
More information about the llvm-commits
mailing list