[llvm] [libclang/python][ci] Add release Clang Python Bindings CI workflow (PR #168234)

[via llvm-commits]

================
@@ -0,0 +1,122 @@
+name: Release Clang Python Bindings
+
+permissions:
+  contents: read
+
+on:
+  push:
+    branches:
+      - main
+      - release/*
+    paths:
+      - .github/workflows/release-clang-pypi.yml
+      - 'clang/bindings/python/**'
+
+  pull_request:
+    paths:
+      - .github/workflows/release-clang-pypi.yml
+      - 'clang/bindings/python/**'
+
+  workflow_dispatch:
+    inputs:
+      release-version:
+        description: 'Release Version'
+        required: false
+        type: string
+
+  workflow_call:
+    inputs:
+      release-version:
+        description: 'Release Version'
+        required: true
+        type: string
+    secrets:
+      RELEASE_TASKS_USER_TOKEN:
+        description: "Secret used to check user permissions."
+        required: false
+
+jobs:
+  build-release:
+    if: github.repository_owner == 'llvm' || github.event_name == 'workflow_dispatch'
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Compute checkout parameters
+        id: checkout-params
+        shell: bash
+        run: |
+          if [ -n "${{ inputs.release-version }}" ]; then
+            echo "ref=llvmorg-${{ inputs.release-version }}" >> $GITHUB_OUTPUT
+            echo "fetch-depth=1" >> $GITHUB_OUTPUT
+          else
+            echo "ref=" >> $GITHUB_OUTPUT
+            echo "fetch-depth=0" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Checkout LLVM
+        uses: actions/checkout at 08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        with:
+          ref: ${{ steps.checkout-params.outputs.ref }}
+          fetch-depth: ${{ steps.checkout-params.outputs.fetch-depth }}
+          sparse-checkout: |
+            clang/bindings/python/
+            llvm/utils/git/requirements_packaging.txt
+
+      - uses: actions/setup-python at e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
----------------
github-advanced-security[bot] wrote:

## Checkout of untrusted code in trusted context

Potential unsafe checkout of untrusted pull request on privileged workflow.

[Show more details](https://github.com/llvm/llvm-project/security/code-scanning/1529)

https://github.com/llvm/llvm-project/pull/168234