diff options
Diffstat (limited to '.github')
| -rw-r--r-- | .github/CODEOWNERS | 1 | ||||
| -rw-r--r-- | .github/new-prs-labeler.yml | 11 | ||||
| -rw-r--r-- | .github/workflows/containers/github-action-ci-tooling/Dockerfile | 2 | ||||
| -rw-r--r-- | .github/workflows/containers/github-action-ci-windows/Dockerfile | 4 | ||||
| -rw-r--r-- | .github/workflows/containers/github-action-ci/Dockerfile | 2 | ||||
| -rw-r--r-- | .github/workflows/ids-check.yml | 8 | ||||
| -rw-r--r-- | .github/workflows/libcxx-build-and-test.yaml | 2 | ||||
| -rw-r--r-- | .github/workflows/libcxx-check-generated-files.yml | 1 | ||||
| -rw-r--r-- | .github/workflows/prune-branches.yml | 37 | ||||
| -rw-r--r-- | .github/workflows/prune-unused-branches.py | 120 | ||||
| -rw-r--r-- | .github/workflows/release-binaries-all.yml | 4 | ||||
| -rw-r--r-- | .github/workflows/release-binaries.yml | 17 | ||||
| -rw-r--r-- | .github/workflows/release-lit.yml | 79 | ||||
| -rw-r--r-- | .github/workflows/release-tasks.yml | 64 | ||||
| -rw-r--r-- | .github/workflows/upload-release-artifact/action.yml | 2 |
15 files changed, 257 insertions, 97 deletions
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index e246475..8d01973 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -55,6 +55,7 @@ /mlir/**/SubsetOpInterfaceImpl.* @matthias-springer /mlir/include/mlir/Interfaces/DestinationStyleOpInterface.* @matthias-springer /mlir/lib/Interfaces/DestinationStyleOpInterface.* @matthias-springer +/mlir/**/Interfaces/ControlFlowInterfaces.* @matthias-springer # AMDGPU and ROCDL dialects in MLIR. /mlir/include/mlir/Dialect/AMDGPU @krzysz00 @kuhar diff --git a/.github/new-prs-labeler.yml b/.github/new-prs-labeler.yml index 07c3df2..7daac40 100644 --- a/.github/new-prs-labeler.yml +++ b/.github/new-prs-labeler.yml @@ -184,7 +184,10 @@ compiler-rt:msan: compiler-rt:sanitizer: - changed-files: - any-glob-to-any-file: + - llvm/include/llvm/Transforms/Utils/MemoryTaggingSupport.h + - llvm/lib/Target/AArch64/AArch64StackTagging.cpp - llvm/lib/Transforms/Instrumentation/*Sanitizer* + - llvm/lib/Transforms/Utils/MemoryTaggingSupport.cpp - compiler-rt/lib/interception/** - compiler-rt/lib/*san*/** - compiler-rt/include/sanitizer/** @@ -686,6 +689,14 @@ clang:analysis: - clang/include/clang/Analysis/** - clang/lib/Analysis/** +clang:ssaf: + - changed-files: + - any-glob-to-any-file: + - clang/include/clang/Analysis/Scalable/** + - clang/lib/Analysis/Scalable/** + - clang/unittests/Analysis/Scalable/** + - clang/docs/ScalableStaticAnalysisFramework/** + clang:static analyzer: - changed-files: - any-glob-to-any-file: diff --git a/.github/workflows/containers/github-action-ci-tooling/Dockerfile b/.github/workflows/containers/github-action-ci-tooling/Dockerfile index cbd0b69..ec6b05f 100644 --- a/.github/workflows/containers/github-action-ci-tooling/Dockerfile +++ b/.github/workflows/containers/github-action-ci-tooling/Dockerfile @@ -1,4 +1,4 @@ -ARG LLVM_VERSION=21.1.0 +ARG LLVM_VERSION=21.1.8 # FIXME: Use "${LLVM_VERSION%%.*}" instead of "LLVM_VERSION_MAJOR" once we update runners to Ubuntu-26.04 with Buildah >= 1.37 ARG LLVM_VERSION_MAJOR=21 diff --git a/.github/workflows/containers/github-action-ci-windows/Dockerfile b/.github/workflows/containers/github-action-ci-windows/Dockerfile index 746c235..508c596 100644 --- a/.github/workflows/containers/github-action-ci-windows/Dockerfile +++ b/.github/workflows/containers/github-action-ci-windows/Dockerfile @@ -2,6 +2,8 @@ # .net 4.8 is required by chocolately package manager. FROM mcr.microsoft.com/dotnet/framework/sdk:4.8-windowsservercore-ltsc2022 +# FORCE BUILD 1/23/26 + # Restore the default Windows shell for correct batch processing. SHELL ["cmd", "/S", "/C"] @@ -97,7 +99,7 @@ RUN powershell -Command \ rm actions-runner-win.zip # Set the LLVM_VERSION environment variable -ENV LLVM_VERSION=21.1.2 +ENV LLVM_VERSION=21.1.8 # Download and extract Clang compiler. # Create directories, download, extract, and clean up all in one layer diff --git a/.github/workflows/containers/github-action-ci/Dockerfile b/.github/workflows/containers/github-action-ci/Dockerfile index b4e0ac6..3b478fb 100644 --- a/.github/workflows/containers/github-action-ci/Dockerfile +++ b/.github/workflows/containers/github-action-ci/Dockerfile @@ -2,7 +2,7 @@ FROM docker.io/library/ubuntu:24.04 AS base ENV LLVM_SYSROOT=/opt/llvm FROM base AS stage1-toolchain -ENV LLVM_VERSION=21.1.3 +ENV LLVM_VERSION=21.1.8 RUN apt-get update && \ apt-get install -y \ diff --git a/.github/workflows/ids-check.yml b/.github/workflows/ids-check.yml index 7dcd9ff..0fdf33a 100644 --- a/.github/workflows/ids-check.yml +++ b/.github/workflows/ids-check.yml @@ -1,6 +1,10 @@ name: "Check LLVM ABI annotations" + +# TODO(https://github.com/llvm/llvm-project/issues/109483): Re-enable on pull +# requests once the workflow is less diruptive. on: - pull_request: + # pull_request: + workflow_dispatch: permissions: contents: read @@ -93,7 +97,7 @@ jobs: --changed-files "$CHANGED_FILES" - name: Upload results - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 if: always() with: name: workflow-args diff --git a/.github/workflows/libcxx-build-and-test.yaml b/.github/workflows/libcxx-build-and-test.yaml index f7d4d70..7c55a13 100644 --- a/.github/workflows/libcxx-build-and-test.yaml +++ b/.github/workflows/libcxx-build-and-test.yaml @@ -154,6 +154,8 @@ jobs: machine: llvm-premerge-libcxx-runners - config: 'generic-asan' machine: llvm-premerge-libcxx-runners + - config: 'generic-asan-in-tests-only' + machine: llvm-premerge-libcxx-runners - config: 'generic-tsan' machine: llvm-premerge-libcxx-runners - config: 'generic-ubsan' diff --git a/.github/workflows/libcxx-check-generated-files.yml b/.github/workflows/libcxx-check-generated-files.yml index 791bbc8..fc26ba4 100644 --- a/.github/workflows/libcxx-check-generated-files.yml +++ b/.github/workflows/libcxx-check-generated-files.yml @@ -10,6 +10,7 @@ permissions: jobs: check_generated_files: runs-on: ubuntu-24.04 + if: github.repository == 'llvm/llvm-project' steps: - name: Fetch LLVM sources uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 diff --git a/.github/workflows/prune-branches.yml b/.github/workflows/prune-branches.yml new file mode 100644 index 0000000..f3550b3 --- /dev/null +++ b/.github/workflows/prune-branches.yml @@ -0,0 +1,37 @@ +name: Prune Unused Branches + +permissions: + contents: read + +on: + pull_request: + paths: + - .github/workflows/prune-branches.yml + schedule: + - cron: '0 8 * * *' # Runs daily at 08:00 UTC. + +jobs: + prune-branches: + name: Prune Branches + if: github.repository_owner == 'llvm' + runs-on: ubuntu-24.04 + steps: + - name: Fetch LLVM sources + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + with: + fetch-depth: 0 + - name: Install dependencies + run: | + pip install --require-hashes -r ./llvm/utils/git/requirements.txt + - name: Run Script + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + mkdir patches + python3 .github/workflows/prune-unused-branches.py patches/ + - name: Upload Patches + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + with: + name: BranchDiffs + retention-days: 90 + path: patches/*.patch diff --git a/.github/workflows/prune-unused-branches.py b/.github/workflows/prune-unused-branches.py new file mode 100644 index 0000000..1aff0ae --- /dev/null +++ b/.github/workflows/prune-unused-branches.py @@ -0,0 +1,120 @@ +import subprocess +import sys +import os + +import github + + +def get_branches() -> list[str]: + git_process = subprocess.run( + ["git", "branch", "--all"], stdout=subprocess.PIPE, check=True + ) + branches = [ + branch.strip() for branch in git_process.stdout.decode("utf-8").split("\n") + ] + + def branch_filter(branch_name): + user_or_revert = "users/" in branch_name or "revert-" in branch_name + origin_branch = branch_name.startswith("remotes/origin/") + return user_or_revert and origin_branch + + filtered_branches = list(filter(branch_filter, branches)) + return [branch.replace("remotes/origin/", "") for branch in filtered_branches] + + +def get_branches_from_open_prs(github_token) -> list[str]: + gh = github.Github(auth=github.Auth.Token(github_token)) + query = """ + query ($after: String) { + search(query: "is:pr repo:llvm/llvm-project is:open head:users/", type: ISSUE, first: 100, after: $after) { + nodes { + ... on PullRequest { + baseRefName + headRefName + isCrossRepository + number + } + } + pageInfo { + hasNextPage + endCursor + } + } + }""" + pr_data = [] + has_next_page = True + variables = {"after": None} + while has_next_page: + _, res_data = gh._Github__requester.graphql_query(query, variables=variables) + page_info = res_data["data"]["search"]["pageInfo"] + has_next_page = page_info["hasNextPage"] + if has_next_page: + variables["after"] = page_info["endCursor"] + prs = res_data["data"]["search"]["nodes"] + pr_data.extend(prs) + print(f"Processed {len(prs)} PRs") + + user_branches = [] + for pr in pr_data: + if not pr["isCrossRepository"]: + if pr["baseRefName"] != "main": + user_branches.append(pr["baseRefName"]) + user_branches.append(pr["headRefName"]) + return user_branches + + +def get_user_branches_to_remove( + user_branches: list[str], user_branches_from_prs: list[str] +) -> list[str]: + user_branches_to_remove = set(user_branches) + for pr_user_branch in set(user_branches_from_prs): + user_branches_to_remove.remove(pr_user_branch) + return list(user_branches_to_remove) + + +def generate_patch_for_branch(branch_name: str) -> bytes: + command_vector = ["git", "diff", f"origin/main...origin/{branch_name}"] + try: + result = subprocess.run( + command_vector, stdout=subprocess.PIPE, stderr=subprocess.PIPE, check=True + ) + except subprocess.CalledProcessError as process_error: + print(process_error.stderr) + print(process_error.stdout) + raise process_error + return result.stdout + + +def generate_patches_for_all_branches(branches_to_remove: list[str], patches_path: str): + for index, branch in enumerate(branches_to_remove): + patch = generate_patch_for_branch(branch) + patch_filename = branch.replace("/", "-") + ".patch" + patch_path = os.path.join(patches_path, patch_filename) + with open(patch_path, "wb") as patches_file_handle: + patches_file_handle.write(patch) + if index % 50 == 0: + print( + f"Finished generating patches for {index}/{len(branches_to_remove)} branches." + ) + + +def main(github_token): + if len(sys.argv) != 2: + print( + "Invalid invocation. Correct usage: python3 prune-unused-branches.py <patch output diectory>" + ) + sys.exit(1) + + user_branches = get_branches() + user_branches_from_prs = get_branches_from_open_prs(github_token) + print(f"Found {len(user_branches)} user branches in the repository") + print(f"Found {len(user_branches_from_prs)} user branches associated with PRs") + user_branches_to_remove = get_user_branches_to_remove( + user_branches, user_branches_from_prs + ) + print(f"Deleting {len(user_branches_to_remove)} user branches.") + generate_patches_for_all_branches(user_branches_to_remove, sys.argv[1]) + + +if __name__ == "__main__": + main(os.environ["GITHUB_TOKEN"]) diff --git a/.github/workflows/release-binaries-all.yml b/.github/workflows/release-binaries-all.yml index edccc99..656ed80 100644 --- a/.github/workflows/release-binaries-all.yml +++ b/.github/workflows/release-binaries-all.yml @@ -4,6 +4,8 @@ permissions: contents: read # Default everything to read-only on: + schedule: + - cron: "0 0 * * 6" workflow_dispatch: inputs: release-version: @@ -67,7 +69,7 @@ jobs: run: | upload="${{ inputs.upload }}" release_version="${{ inputs.release-version }}" - if [ "${{ github.event_name }}" = "pull_request" ]; then + if [ "${{ github.event_name }}" = "pull_request" ] || [ "${{ github.event_name }}" = "schedule" ]; then upload="false" release_version="" fi diff --git a/.github/workflows/release-binaries.yml b/.github/workflows/release-binaries.yml index e58b3443..3bf6860 100644 --- a/.github/workflows/release-binaries.yml +++ b/.github/workflows/release-binaries.yml @@ -62,6 +62,7 @@ jobs: release-binary-filename: ${{ steps.vars.outputs.release-binary-filename }} build-runs-on: ${{ steps.vars.outputs.build-runs-on }} test-runs-on: ${{ steps.vars.outputs.build-runs-on }} + attestation-name: ${{ steps.vars.outptus.attestation-name }} steps: # It's good practice to use setup-python, but this is also required on macos-14 @@ -199,6 +200,7 @@ jobs: echo "target-cmake-flags=$target_cmake_flags" >> $GITHUB_OUTPUT echo "build-runs-on=$build_runs_on" >> $GITHUB_OUTPUT echo "test-runs-on=$test_runs_on" >> $GITHUB_OUTPUT + echo "attestation-name=$RUNNER_OS-$RUNNER_ARCH-release-binary-attestation" >> $GITHUB_OUTPUT build-release-package: name: "Build Release Package" @@ -215,13 +217,13 @@ jobs: # get changed unexpectedly. - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: - python-version: '3.10' + python-version: '3.11.9' # For some reason this is needed on Windows or else the build system can't find python3.lib. - name: Setup Python library path if: runner.os == 'Windows' run: | - echo "LIB=$env:LIB;C:\hostedtoolcache\windows\Python\3.10.11\x64\libs" >> $env:GITHUB_ENV + echo "LIB=$env:LIB;C:\hostedtoolcache\windows\Python\3.11.9\x64\libs" >> $env:GITHUB_ENV - name: Setup crlf if: runner.os == 'Windows' @@ -287,7 +289,13 @@ jobs: # This will be empty on non-Windows builds. WINDOWS_INSTALLER_FILENAME: ${{ steps.build-windows.outputs.windows-installer-filename }} run: | - echo "digest=$(cat $WINDOWS_INSTALLER_FILENAME $RELEASE_BINARY_FILENAME | sha256sum | cut -d ' ' -f 1)" >> $GITHUB_OUTPUT + if [ "$RUNNER_OS" = "macOS" ]; then + # Mac runners don't have sha256sum. + sha256sum="shasum -a 256" + else + sha256sum="sha256sum" + fi + echo "digest=$(cat $WINDOWS_INSTALLER_FILENAME $RELEASE_BINARY_FILENAME | $sha256sum | cut -d ' ' -f 1)" >> $GITHUB_OUTPUT - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 id: artifact-upload @@ -334,6 +342,7 @@ jobs: uses: ./.github/workflows/upload-release-artifact with: artifact-id: ${{ needs.build-release-package.outputs.artifact-id }} - attestation-name: ${{ runner.os }}-${{ runner.arch }}-release-binary-attestation + attestation-name: ${{ needs.prepare.outputs.attestation-name }} digest: ${{ needs.build-release-package.outputs.digest }} upload: ${{ needs.prepare.outputs.upload }} + user-token: ${{ secrets.RELEASE_TASKS_USER_TOKEN }} diff --git a/.github/workflows/release-lit.yml b/.github/workflows/release-lit.yml deleted file mode 100644 index b1f5746..0000000 --- a/.github/workflows/release-lit.yml +++ /dev/null @@ -1,79 +0,0 @@ -name: Release Lit - -permissions: - contents: read - -on: - workflow_dispatch: - inputs: - release-version: - description: 'Release Version' - required: true - type: string - - workflow_call: - inputs: - release-version: - description: 'Release Version' - required: true - type: string - secrets: - RELEASE_TASKS_USER_TOKEN: - description: "Secret used to check user permissions." - required: false - -jobs: - release-lit: - name: Release Lit - runs-on: ubuntu-24.04 - steps: - - name: Checkout LLVM - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - with: - ref: "llvmorg-${{ inputs.release-version }}" - - - name: Install dependencies - run: | - sudo apt-get update - sudo apt-get install -y python3-setuptools python3-psutil python3-github - - - name: Check Permissions - env: - GITHUB_TOKEN: ${{ github.token }} - USER_TOKEN: ${{ secrets.RELEASE_TASKS_USER_TOKEN }} - run: | - ./llvm/utils/release/./github-upload-release.py --token "$GITHUB_TOKEN" --user ${{ github.actor }} --user-token "$USER_TOKEN" check-permissions - - - name: Setup Cpp - uses: aminya/setup-cpp@9bc9b8cd8a8d678f920e4e1e73f29da8010ced51 # v1.7.2 - with: - compiler: llvm-16.0.6 - cmake: true - ninja: true - - - name: Test lit - run: | - mkdir build && cd build - export FILECHECK_OPTS='-dump-input-filter=all -vv -color' - cmake ../llvm -DCMAKE_BUILD_TYPE=Release -G Ninja - ninja -v -j $(nproc) check-lit - - - name: Package lit - run: | - cd llvm/utils/lit - # Remove 'dev' suffix from lit version. - sed -i 's/ + "dev"//g' lit/__init__.py - python3 setup.py sdist bdist_wheel - - - name: Upload lit to test.pypi.org - uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 - with: - password: ${{ secrets.LLVM_LIT_TEST_PYPI_API_TOKEN }} - repository-url: https://test.pypi.org/legacy/ - packages-dir: llvm/utils/lit/dist/ - - - name: Upload lit to pypi.org - uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 - with: - password: ${{ secrets.LLVM_LIT_PYPI_API_TOKEN }} - packages-dir: llvm/utils/lit/dist/ diff --git a/.github/workflows/release-tasks.yml b/.github/workflows/release-tasks.yml index b27cd97..3648e14 100644 --- a/.github/workflows/release-tasks.yml +++ b/.github/workflows/release-tasks.yml @@ -73,15 +73,64 @@ jobs: secrets: RELEASE_TASKS_USER_TOKEN: ${{ secrets.RELEASE_TASKS_USER_TOKEN }} + # The pypi trusted publishing does not support called workflows, so we + # can't use them here. release-lit: name: Release Lit - needs: validate-tag - uses: ./.github/workflows/release-lit.yml - with: - release-version: ${{ needs.validate-tag.outputs.release-version }} - # Called workflows don't have access to secrets by default, so we need to explicitly pass secrets that we use. - secrets: - RELEASE_TASKS_USER_TOKEN: ${{ secrets.RELEASE_TASKS_USER_TOKEN }} + runs-on: ubuntu-24.04 + permissions: + id-token: write # Requred for pypi publishing + needs: + - validate-tag + environment: pypi + steps: + - name: Checkout LLVM + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + with: + ref: "llvmorg-${{ needs.validate-tag.outputs.release-version }}" + + - name: Install dependencies + run: | + sudo apt-get update + sudo apt-get install -y python3-build python3-psutil python3-github + + - name: Check Permissions + env: + GITHUB_TOKEN: ${{ github.token }} + USER_TOKEN: ${{ secrets.RELEASE_TASKS_USER_TOKEN }} + run: | + ./llvm/utils/release/./github-upload-release.py --token "$GITHUB_TOKEN" --user ${{ github.actor }} --user-token "$USER_TOKEN" check-permissions + + - name: Test lit + run: | + mkdir build && cd build + export FILECHECK_OPTS='-dump-input-filter=all -vv -color' + cmake ../llvm -DCMAKE_BUILD_TYPE=Release -G Ninja + ninja -v -j $(nproc) check-lit + + - name: Package lit + run: | + cd llvm/utils/lit + # Remove 'dev' suffix from lit version. + sed -i 's/ + "dev"//g' lit/__init__.py + python3 -m build + + - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + with: + name: lit-${{ inputs.release-version }}-release-binary + path: | + llvm/utils/lit/dist + + - name: Upload lit to test.pypi.org + uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 + with: + repository-url: https://test.pypi.org/legacy/ + packages-dir: llvm/utils/lit/dist/ + + - name: Upload lit to pypi.org + uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 + with: + packages-dir: llvm/utils/lit/dist/ release-binaries: name: Build Release Binaries @@ -122,6 +171,7 @@ jobs: contents: write # For updating the release message. if: '!cancelled()' needs: + - validate-tag - release-binaries steps: diff --git a/.github/workflows/upload-release-artifact/action.yml b/.github/workflows/upload-release-artifact/action.yml index 6259937..bf1f74a 100644 --- a/.github/workflows/upload-release-artifact/action.yml +++ b/.github/workflows/upload-release-artifact/action.yml @@ -19,7 +19,7 @@ inputs: Token with premissions to read llvm teams that is used to ensure that the person who triggred the action has permission to upload artifacts. This is required if upload is true. - requred: false + required: false attestation-name: description: >- This will be used for the artifact name that is attached to the workflow and |