This patch fixes the LLVM project tests workflow on Linux. Two changes
were needed. Firstly, some commands need to be performed with sudo now
that the container executes as a non-root user. Second, we needed to
change from `ubuntu-latest` to `ubuntu-22.04` as `ubuntu-latest` not
defaults to `ubuntu-24.04` which causes `setup-python` to install a
python executable linked against a newer version of glibc that is not
found on ubuntu 22.04, which causes failures when CMake cannot execute
the python interpreter that it finds.
(cherry picked from commit a75917679549109fcbf92cb63ef61638517713d6)
This is instead of pushing directly. Creating a pull request is slightly
more work for the release manager, but it is more secure as we no longer
need a secret with write access to the www-releases repo.
(cherry picked from commit 9cd289fa4a7355e1bfd3129ba9c755f979fd0a72)
The actions/checkout step will clear the current directory, so we need
to checkout the sources first so that the downloaded artifacts won't be
deleted.
(cherry picked from commit 8f2aa9dbad7c1400f66e1ee1c43b071a1905f3e6)
Flang for Windows depends on compiler-rt, so we need to enable it for
the stage1 builds. This also fixes failures building the flang tests on
macOS.
Fixes#100202.
(cherry picked from commit 8927576b8f6442bb6129bda597efee46176f8aec)
Called workflows don't have access to secrets by default, so we need to
explicitly pass secrets that we use.
(cherry picked from commit 9d81e7e36e33aecdee05fef551c0652abafaa052)
The .git/config file contains an auth token that can be leaked if the
.git directory is included in a workflow artifact.
(cherry picked from commit ef50970204384643acca42ba4c7ca8f14865a0c2)
For reusable workflows, the called workflow cannot upgrade it's
permissions, and since the default permission is none, we need to
explicitly declare 'contents: read' when calling the release-sources
workflow.
Fixes the error:
The workflow is requesting 'contents: read', but is only allowed
'contents: none'.
(cherry picked from commit 82c2259aeb87f5cb418decfb6a1961287055e5d2)
A called workflow does not have access to secrets by default, so we need
to explicitly pass any secret that we want to use.
(cherry picked from commit 1fb1a5d8e2c5a0cbaeb39ead68352e5e55752a6d)
We need a different attestation for each supported architecture, so
there artifacts all need to have a different name.
The upload step is run on a Linux runner, so no matter which
architecture's binary is being uploaded the runner.os and runner.arch
variables would always be 'Linux' and 'X64' and so we can't use them for
naming the artifact.
(cherry picked from commit 3c8dadda3aa20b89fb5ad29ae31380d9594c3430)
Now that the release binaries create artifact attestations, we need to
ensure that we call the workflow with the correct permissions.
(cherry picked from commit dc349a3f47882cdac7112c763d2964b59e77356a)
The old version in the llvm/actions repo stopped working after the
version variables were moved out of llvm/CMakeLists.txt. Composite
actions are more simple and don't require javascript, which is why I
reimplemented it as a composite action.
This will fix the failing abi checks on the release branch.
(cherry picked from commit 14837aff058f9a2d32b8277debe619d8eb1995a1)
python3 wasn't able to see modules installed by pip, so we need to use
the setup-python action to ensure that the default pip and python3 both
use the same prefix.
See https://github.com/actions/runner-images/issues/10385
(cherry picked from commit 59476c99983d3813b412c9b0c0464365644c23a8)
If we pull from the release tag, then if there is a bug in one of the
actions on the release tag, then we can never do a build for that tag.
Pulling from main will allows us to fix bugs in the actions we use to
build the releases.
(cherry picked from commit b0860b20878d2c84fc3ce56ea608c5186872faa2)
This adds release binary builds for the 4 platforms currently supported
by the free GitHub Action runners:
* Linux x86_64
* Windows x86_64
* Mac x86_64
* Mac AArch64
The test stages for these are known to fail, but the creating and
upoading of the release binaries should pass.
(cherry picked from commit 247251aee0d4314385a3fea86e31484d3d792ffb)
The old out-of-tree build configuration stopped working and in tree
builds are supported now, so we should use the in tree configuration.
The only downside is we can't run the tests any more, but at least we
will be able to test the build again.
(cherry picked from commit 0512ba0a435a9d693cb61f182fc9e3eb7f6dbd6a)
This patch makes the issue write workflow only run after success or
failure of the workflow invoking it, preventing it from running where
the original workflow was skipped.
Fixes#97294
The PR removes the `*` from the generic MLIR Vector/Linalg rules. The
`*` symbol keeps the match local to the files in the directory,
excluding sub-directories, which was not the intention when I added
these rules.
This job uses the new artifact attestations:
https://github.blog/2024-05-02-introducing-artifact-attestations-now-in-public-beta/
This will allow users to verify that the sources came from a specific
workflow run in the llvm-project repository. Currently, this job does
not automatically upload sources to the release page, but rather it
attaches them the workflow run as artifacts. The release manager is
expected to download, verify, and sign the sources before uploading them
to the release page.
We may be able to automatically upload them in the future once we have a
process for signing the binaries within the github workflow.
Technically, though, the binaries are being signed as part of the
attestation process, but the only way to verify the signatures is using
the gh command line tool, and I don't think it is best to rely on that,
since the tool may not be easily available on all systems.
Since clang-format 18.1.4, there have been a number of commits that
fixed various kinds of issues:
- Bug
3ceccbdb1995
- Regression
6dbaa89433f7
51ff7f38b633
35fea1032741
7699b341b763
768118d1ad38
8c0fe0d65ed8
- Crash
f1491c7460e7
- Invalid code generation
0abb89a80f5c
We currently receive a warning on all Github Actions workflows that use
`setup-python`, since they all use v4 of the action, which uses the
deprecated Node.js 16. This PR upgrades the action in all places to v5,
which uses Node.js 20 (see [setup-python release
page](https://github.com/actions/setup-python/releases/tag/v5.0.0))
Pick the latest version available in Chocolatey (18.1.6) and llvm-mingw
(20240606, which includes LLVM 18.1.7).
Also add the flag "--allow-downgrade" when installing a specific version
of LLVM. If the preinstalled version is higher than the requested one,
Chocolatey would otherwise error out when requesting installing a lower
version. This will avoid errors in the future, if the runner image comes
preinstalled with a newer version of LLVM.
(This currently seems to happen with a recent version of the GitHub
Actions runner image, version 20240610.1.0 has LLVM 18.1.6 already
preinstalled, and will error out when trying to install the 17.0.6
version that we previously requested.)
This job will run once per day on the main branch, and for every commit
on a release branch. It currently only builds llvm, but could add more
sub-projects in the future.
OpenSSF Best Practices recommends running a static analyzer on software
before it is released:
https://www.bestpractices.dev/en/criteria/0#0.static_analysis
In order to make the behavior of the libc++ restarter more visible
to users, this change creates a check run on the considered workflow
to let users know what action, if any, was taken
This patch introduces `SemaAMDGPU`, `SemaARM`, `SemaBPF`, `SemaHexagon`,
`SemaLoongArch`, `SemaMIPS`, `SemaNVPTX`, `SemaPPC`, `SemaSystemZ`,
`SemaWasm`. This continues previous efforts to split Sema up. Additional
context can be found in #84184 and #92682.
I decided to bundle target-specific components together because of their
low impact on `Sema`. That said, their impact on `SemaChecking.cpp` is
far from low, and I consider it a success.
Somewhat accidentally, I also moved Wasm- and AMDGPU-specific function
from `SemaDeclAttr.cpp`, because they were exposed in `Sema`. That went
well, and I consider it a success, too. I'd like to move the rest of
static target-specific functions out of `SemaDeclAttr.cpp` like we're
doing with built-ins in `SemaChecking.cpp` .
- `llvm/**/ProfileData/**/*` intends to cover `llvm/include/llvm/ProfileData/` and `llvm/lib/ProfileData/`
- `llvm/**/SampleProfile*` intends to cover a bunch of SamplePGO files and their headers. For example,
`SampleProfile.cpp`, `SampleProfileMatcher.cpp`, `SampleProfileProbe.cpp`
- `llvm/**/CodeGen/MIRSampleProfile*` intends to cover MIRSampleProfile.cpp and its header.
- `llvm/test/Transforms/SampleProfile/**/*` intends to cover unit tests.
