workflows: Fixes for building the release binaries

[tstellar]

Since aa02002 we weren't installing the correct dependencies, and since 2836d8e we must pass a custom token to github-upload-release.py for verifying permissions.

[llvmbot]

@llvm/pr-subscribers-github-workflow

Author: Tom Stellard (tstellar)

Changes

Since aa02002 we weren't installing the correct dependencies, and since 2836d8e we must pass a custom token to github-upload-release.py for verifying permissions.

---

Full diff: https://github.com/llvm/llvm-project/pull/83694.diff

1 Files Affected:

• (modified) .github/workflows/release-binaries.yml (+8-1)

diff --git a/.github/workflows/release-binaries.yml b/.github/workflows/release-binaries.yml
index ebf6fa41898dc4..eb3a4f0fc94625 100644
--- a/.github/workflows/release-binaries.yml
+++ b/.github/workflows/release-binaries.yml
@@ -44,14 +44,21 @@ jobs:
       upload: ${{ steps.vars.outputs.upload }}
 
     steps:
+    - name: Install Dependencies
+      run: |
+        sudo apt-get update
+        sudo apt-get install -y \
+            python3-github
+
     - name: Checkout LLVM
       uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
     - name: Check Permissions
       env:
         GITHUB_TOKEN: ${{ github.token }}
+        USER_TOKEN: ${{ secrets.RELEASE_TASKS_USER_TOKEN }}
       run: |
-        ./llvm/utils/release/./github-upload-release.py --token "$GITHUB_TOKEN" --user ${{ github.actor }} check-permissions
+        ./llvm/utils/release/./github-upload-release.py --token "$GITHUB_TOKEN" --user ${{ github.actor }} --user-token "$USER_TOKEN" check-permissions
 
     - name: Collect Variables
       id: vars

[boomanaiden154]

I'm thinking we should probably install from a requirements.txt so that we get better version control? llvm/utils/git/requirements.txt would work I think.

[boomanaiden154]

LGTM.

I'm wondering if we can set this up to trigger on dependency workflow/actions changing like we've done with other jobs to catch regressions earlier. It might need some restructuring though with the permissions check.

I'm also wondering if we're able to get rid of the cache filling stage now that double the cores are available on the free runners? Might reduce some complexity that isn't needed now.

Both of those are follow up patches though and can be addressed later.

[tstellar]

LGTM.

I'm wondering if we can set this up to trigger on dependency workflow/actions changing like we've done with other jobs to catch regressions earlier. It might need some restructuring though with the permissions check.

I can look into this.

I'm also wondering if we're able to get rid of the cache filling stage now that double the cores are available on the free runners? Might reduce some complexity that isn't needed now.

The free runners still aren't powerful enough to do the release builds in less than 6 hours, so we have to keep using the non-free builders for this. The cache filling stage sill saves us money, so I think we have to keep it.

[boomanaiden154]

The free runners still aren't powerful enough to do the release builds in less than 6 hours, so we have to keep using the non-free builders for this. The cache filling stage sill saves us money, so I think we have to keep it.

Ah. Didn't realize that. Keeping it around makes sense then.