[llvm] [GitHub] Make release aduit more strict for LLVM 19 and beyond (PR #125841)

David Spickett via llvm-commits llvm-commits at lists.llvm.org
Wed Feb 5 04:51:36 PST 2025


https://github.com/DavidSpickett updated https://github.com/llvm/llvm-project/pull/125841

>From 9872d043cb9c047152ad00f9f882ea4f65bff097 Mon Sep 17 00:00:00 2001
From: David Spickett <david.spickett at linaro.org>
Date: Wed, 5 Feb 2025 11:17:26 +0000
Subject: [PATCH 1/8] [GitHub] Make release aduit more strict for LLVM 19 and
 beyond

Since 19, only release managers and the bot account can upload
assets. Third party builds are posted on the Discourse thread
instead.
---
 .github/workflows/release-asset-audit.py | 83 +++++++++++++++++-------
 1 file changed, 58 insertions(+), 25 deletions(-)

diff --git a/.github/workflows/release-asset-audit.py b/.github/workflows/release-asset-audit.py
index cf6ad7fbbe1435..137edb93f4089a 100644
--- a/.github/workflows/release-asset-audit.py
+++ b/.github/workflows/release-asset-audit.py
@@ -1,4 +1,5 @@
 import github
+import re
 import sys
 
 _SPECIAL_CASE_BINARIES = {
@@ -16,38 +17,70 @@ def _is_valid(uploader_name, valid_uploaders, asset_name):
     return False
 
 
-def main():
-    token = sys.argv[1]
-
-    gh = github.Github(login_or_token=token)
-    repo = gh.get_repo("llvm/llvm-project")
+def _get_uploaders(release_version):
+    # Until llvm 18, assets were uploaded by community members, the release managers
+    # and the GitHub Actions bot.
+    if release_version <= 18:
+        return set(
+            [
+                "DimitryAndric",
+                "stefanp-ibm",
+                "lei137",
+                "omjavaid",
+                "nicolerabjohn",
+                "amy-kwan",
+                "mandlebug",
+                "zmodem",
+                "androm3da",
+                "tru",
+                "rorth",
+                "quinnlp",
+                "kamaub",
+                "abrisco",
+                "jakeegan",
+                "maryammo",
+                "tstellar",
+                "github-actions[bot]",
+            ]
+        )
 
-    uploaders = set(
+    # llvm 19 and beyond, only the release managers and the GitHub Actions bot
+    # should be uploading assets.
+    return set(
         [
-            "DimitryAndric",
-            "stefanp-ibm",
-            "lei137",
-            "omjavaid",
-            "nicolerabjohn",
-            "amy-kwan",
-            "mandlebug",
-            "zmodem",
-            "androm3da",
             "tru",
-            "rovka",
-            "rorth",
-            "quinnlp",
-            "kamaub",
-            "abrisco",
-            "jakeegan",
-            "maryammo",
             "tstellar",
             "github-actions[bot]",
         ]
     )
 
+
+def _get_major_release_version(release_title):
+    # All release titles are of the form "LLVM X.Y.Z(-rcN)".
+    match = re.match("LLVM ([0-9]+)\.")
+    if match is None:
+        _write_comment_and_exit_with_error(
+            f'Could not parse release version from release title "{release_title}".'
+        )
+    else:
+        return int(match.groups(0))
+
+
+def _write_comment_and_exit_with_error(comment):
+    with open("comment", "w") as file:
+        file.write(comment)
+    sys.exit(1)
+
+
+def main():
+    token = sys.argv[1]
+
+    gh = github.Github(login_or_token=token)
+    repo = gh.get_repo("llvm/llvm-project")
+
     for release in repo.get_releases():
         print("Release:", release.title)
+        uploaders = _get_uploaders(release.title)
         for asset in release.get_assets():
             created_at = asset.created_at
             updated_at = (
@@ -57,9 +90,9 @@ def main():
                 f"{asset.name} : {asset.uploader.login} [{created_at} {updated_at}] ( {asset.download_count} )"
             )
             if not _is_valid(asset.uploader.login, uploaders, asset.name):
-                with open('comment', 'w') as file:
-                    file.write(f'@{asset.uploader.login} is not a valid uploader.')
-                sys.exit(1)
+                _write_comment_and_exit_with_error(
+                    f"@{asset.uploader.login} is not a valid uploader."
+                )
 
 
 if __name__ == "__main__":

>From 49fcb3bf0af287e996b3d15bbb5d7d334c448fad Mon Sep 17 00:00:00 2001
From: David Spickett <david.spickett at linaro.org>
Date: Wed, 5 Feb 2025 11:50:43 +0000
Subject: [PATCH 2/8] wip

---
 .github/workflows/release-asset-audit.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/release-asset-audit.py b/.github/workflows/release-asset-audit.py
index 137edb93f4089a..4d6579394e09cd 100644
--- a/.github/workflows/release-asset-audit.py
+++ b/.github/workflows/release-asset-audit.py
@@ -80,7 +80,7 @@ def main():
 
     for release in repo.get_releases():
         print("Release:", release.title)
-        uploaders = _get_uploaders(release.title)
+        uploaders = _get_uploaders(_get_major_release_version(release.title))
         for asset in release.get_assets():
             created_at = asset.created_at
             updated_at = (

>From ebe29cdb4c8b42a2042d46d523a969f7f54fe7bc Mon Sep 17 00:00:00 2001
From: David Spickett <david.spickett at linaro.org>
Date: Wed, 5 Feb 2025 12:29:36 +0000
Subject: [PATCH 3/8] wip

---
 .github/workflows/release-asset-audit.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/release-asset-audit.py b/.github/workflows/release-asset-audit.py
index 4d6579394e09cd..4f48c1c94658c3 100644
--- a/.github/workflows/release-asset-audit.py
+++ b/.github/workflows/release-asset-audit.py
@@ -57,7 +57,7 @@ def _get_uploaders(release_version):
 
 def _get_major_release_version(release_title):
     # All release titles are of the form "LLVM X.Y.Z(-rcN)".
-    match = re.match("LLVM ([0-9]+)\.")
+    match = re.match("LLVM ([0-9]+)\.", release_title)
     if match is None:
         _write_comment_and_exit_with_error(
             f'Could not parse release version from release title "{release_title}".'

>From 6f2cf73cdbfae2c72240b56cc0f69545d9b3e878 Mon Sep 17 00:00:00 2001
From: David Spickett <david.spickett at linaro.org>
Date: Wed, 5 Feb 2025 12:34:01 +0000
Subject: [PATCH 4/8] wip

---
 .github/workflows/release-asset-audit.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/release-asset-audit.py b/.github/workflows/release-asset-audit.py
index 4f48c1c94658c3..6531c8da2c7f2f 100644
--- a/.github/workflows/release-asset-audit.py
+++ b/.github/workflows/release-asset-audit.py
@@ -63,7 +63,7 @@ def _get_major_release_version(release_title):
             f'Could not parse release version from release title "{release_title}".'
         )
     else:
-        return int(match.groups(0))
+        return int(match.groups()[0])
 
 
 def _write_comment_and_exit_with_error(comment):

>From 37bd393403c0d9f54176eef02584b9bb70f2df62 Mon Sep 17 00:00:00 2001
From: David Spickett <david.spickett at linaro.org>
Date: Wed, 5 Feb 2025 12:39:25 +0000
Subject: [PATCH 5/8] wip

---
 .github/workflows/release-asset-audit.py | 26 ++++++++++++++++--------
 1 file changed, 18 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/release-asset-audit.py b/.github/workflows/release-asset-audit.py
index 6531c8da2c7f2f..8a1d56313183e4 100644
--- a/.github/workflows/release-asset-audit.py
+++ b/.github/workflows/release-asset-audit.py
@@ -43,16 +43,26 @@ def _get_uploaders(release_version):
                 "github-actions[bot]",
             ]
         )
-
     # llvm 19 and beyond, only the release managers and the GitHub Actions bot
     # should be uploading assets.
-    return set(
-        [
-            "tru",
-            "tstellar",
-            "github-actions[bot]",
-        ]
-    )
+    elif release_version == 19:
+        return set(
+            [
+                # But for 19, this person also did.
+                "zmodem"
+                "tru",
+                "tstellar",
+                "github-actions[bot]",
+            ]
+        )
+    else:
+        return set(
+            [
+                "tru",
+                "tstellar",
+                "github-actions[bot]",
+            ]
+        )
 
 
 def _get_major_release_version(release_title):

>From d691225d5f8fbb5c568907d281e77dbdd9c5dc6f Mon Sep 17 00:00:00 2001
From: David Spickett <david.spickett at linaro.org>
Date: Wed, 5 Feb 2025 12:44:16 +0000
Subject: [PATCH 6/8] wip

---
 .github/workflows/release-asset-audit.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/release-asset-audit.py b/.github/workflows/release-asset-audit.py
index 8a1d56313183e4..f7ceb8a920545e 100644
--- a/.github/workflows/release-asset-audit.py
+++ b/.github/workflows/release-asset-audit.py
@@ -77,6 +77,7 @@ def _get_major_release_version(release_title):
 
 
 def _write_comment_and_exit_with_error(comment):
+    print(comment)
     with open("comment", "w") as file:
         file.write(comment)
     sys.exit(1)

>From 77586e266c0fe3861577d466f625f634b6349f51 Mon Sep 17 00:00:00 2001
From: David Spickett <david.spickett at linaro.org>
Date: Wed, 5 Feb 2025 12:48:39 +0000
Subject: [PATCH 7/8] wip

---
 .github/workflows/release-asset-audit.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/release-asset-audit.py b/.github/workflows/release-asset-audit.py
index f7ceb8a920545e..f6b037fe9b31a0 100644
--- a/.github/workflows/release-asset-audit.py
+++ b/.github/workflows/release-asset-audit.py
@@ -49,7 +49,7 @@ def _get_uploaders(release_version):
         return set(
             [
                 # But for 19, this person also did.
-                "zmodem"
+                "zmodem",
                 "tru",
                 "tstellar",
                 "github-actions[bot]",

>From d0bdb53dfe676271878efab6c35070e1ac926768 Mon Sep 17 00:00:00 2001
From: David Spickett <david.spickett at linaro.org>
Date: Wed, 5 Feb 2025 12:51:18 +0000
Subject: [PATCH 8/8] wip

---
 .github/workflows/release-asset-audit.py | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/release-asset-audit.py b/.github/workflows/release-asset-audit.py
index f6b037fe9b31a0..ead25d82d1f22e 100644
--- a/.github/workflows/release-asset-audit.py
+++ b/.github/workflows/release-asset-audit.py
@@ -43,18 +43,19 @@ def _get_uploaders(release_version):
                 "github-actions[bot]",
             ]
         )
-    # llvm 19 and beyond, only the release managers and the GitHub Actions bot
-    # should be uploading assets.
+    # llvm 19 and beyond, only the release managers, bot and a much smaller
+    # number of community members.
     elif release_version == 19:
         return set(
             [
-                # But for 19, this person also did.
                 "zmodem",
+                "omjavaid",
                 "tru",
                 "tstellar",
                 "github-actions[bot]",
             ]
         )
+    # 20 and beyond, only the release managers and the bot.
     else:
         return set(
             [



More information about the llvm-commits mailing list