diff --git a/.github/workflows/release_build.yml b/.github/workflows/release_build.yml index 678fc9a8..4d2b47ca 100644 --- a/.github/workflows/release_build.yml +++ b/.github/workflows/release_build.yml @@ -1,5 +1,6 @@ name: Release Build on: + push: workflow_dispatch: inputs: version: @@ -14,6 +15,7 @@ env: RELEASE_PRIVATE_REPOSITORY: 020628701572.dkr.ecr.us-west-2.amazonaws.com/adot-autoinstrumentation-python RELEASE_PRIVATE_REGISTRY: 020628701572.dkr.ecr.us-west-2.amazonaws.com PACKAGE_NAME: aws-opentelemetry-distro + ARTIFACT_NAME: aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl permissions: id-token: write @@ -37,96 +39,95 @@ jobs: package_name: aws-opentelemetry-distro os: ubuntu-latest - # TODO: Add some sort of smoke/integration testing before we go - # release the artifacts. adot java for reference: - # https://github.com/aws-observability/aws-otel-java-instrumentation/tree/93870a550ac30988fbdd5d3bf1e8f9f1b37916f5/smoke-tests + # # TODO: Add some sort of smoke/integration testing before we go + # # release the artifacts. adot java for reference: + # # https://github.com/aws-observability/aws-otel-java-instrumentation/tree/93870a550ac30988fbdd5d3bf1e8f9f1b37916f5/smoke-tests - - name: Configure AWS credentials for PyPI secrets - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.AWS_ROLE_ARN_SECRETS_MANAGER }} - aws-region: ${{ env.AWS_DEFAULT_REGION }} + # - name: Configure AWS credentials for PyPI secrets + # uses: aws-actions/configure-aws-credentials@v4 + # with: + # role-to-assume: ${{ secrets.AWS_ROLE_ARN_SECRETS_MANAGER }} + # aws-region: ${{ env.AWS_DEFAULT_REGION }} - - name: Get PyPI secrets - uses: aws-actions/aws-secretsmanager-get-secrets@v1 - id: pypi_secrets - with: - secret-ids: | - PROD_PYPI_TOKEN,${{ secrets.PYPI_PROD_TOKEN_SECRET_ARN }} - TEST_PYPI_TOKEN,${{ secrets.PYPI_TEST_TOKEN_SECRET_ARN }} - parse-json-secrets: true - - - name: Configure AWS credentials for private ECR - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }} - aws-region: ${{ env.AWS_PRIVATE_ECR_REGION }} - - - name: Log in to AWS private ECR - uses: docker/login-action@v3 - with: - registry: ${{ env.RELEASE_PRIVATE_REGISTRY }} - - - name: Configure AWS credentials for public ECR - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }} - aws-region: ${{ env.AWS_PUBLIC_ECR_REGION }} - - - name: Log in to AWS public ECR - uses: docker/login-action@v3 - with: - registry: public.ecr.aws - - # The step below publishes to testpypi in order to catch any issues - # with the package configuration that would cause a failure to upload to pypi. - - name: Install twine - run: pip install twine + # - name: Get PyPI secrets + # uses: aws-actions/aws-secretsmanager-get-secrets@v1 + # id: pypi_secrets + # with: + # secret-ids: | + # PROD_PYPI_TOKEN,${{ secrets.PYPI_PROD_TOKEN_SECRET_ARN }} + # TEST_PYPI_TOKEN,${{ secrets.PYPI_TEST_TOKEN_SECRET_ARN }} + # parse-json-secrets: true + + # - name: Configure AWS credentials for private ECR + # uses: aws-actions/configure-aws-credentials@v4 + # with: + # role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }} + # aws-region: ${{ env.AWS_PRIVATE_ECR_REGION }} + + # - name: Log in to AWS private ECR + # uses: docker/login-action@v3 + # with: + # registry: ${{ env.RELEASE_PRIVATE_REGISTRY }} + + # - name: Configure AWS credentials for public ECR + # uses: aws-actions/configure-aws-credentials@v4 + # with: + # role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }} + # aws-region: ${{ env.AWS_PUBLIC_ECR_REGION }} + + # - name: Log in to AWS public ECR + # uses: docker/login-action@v3 + # with: + # registry: public.ecr.aws + + # # The step below publishes to testpypi in order to catch any issues + # # with the package configuration that would cause a failure to upload to pypi. + # - name: Install twine + # run: pip install twine - - name: Publish to TestPyPI - env: - TWINE_USERNAME: '__token__' - TWINE_PASSWORD: ${{ env.TEST_PYPI_TOKEN_API_TOKEN }} - run: | - twine upload --repository testpypi --skip-existing --verbose dist/aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl - - # Publish to prod PyPI - - name: Publish to PyPI - env: - TWINE_USERNAME: '__token__' - TWINE_PASSWORD: ${{ env.PROD_PYPI_TOKEN_API_TOKEN }} - run: | - twine upload --skip-existing --verbose dist/aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl - - # Publish to public ECR - - name: Build and push public ECR image - uses: docker/build-push-action@v5 - with: - push: true - context: . - file: ./Dockerfile - platforms: linux/amd64,linux/arm64 - tags: | - ${{ env.RELEASE_PUBLIC_REPOSITORY }}:v${{ github.event.inputs.version }} - - # Publish to private ECR - - name: Build and push private ECR image - uses: docker/build-push-action@v5 - with: - push: true - context: . - file: ./Dockerfile - platforms: linux/amd64,linux/arm64 - tags: | - ${{ env.RELEASE_PRIVATE_REPOSITORY }}:v${{ github.event.inputs.version }} + # - name: Publish to TestPyPI + # env: + # TWINE_USERNAME: '__token__' + # TWINE_PASSWORD: ${{ env.TEST_PYPI_TOKEN_API_TOKEN }} + # run: | + # twine upload --repository testpypi --skip-existing --verbose dist/${{ env.ARTIFACT_NAME }} + + # # Publish to prod PyPI + # - name: Publish to PyPI + # env: + # TWINE_USERNAME: '__token__' + # TWINE_PASSWORD: ${{ env.PROD_PYPI_TOKEN_API_TOKEN }} + # run: | + # twine upload --skip-existing --verbose dist/${{ env.ARTIFACT_NAME }} + + # # Publish to public ECR + # - name: Build and push public ECR image + # uses: docker/build-push-action@v5 + # with: + # push: true + # context: . + # file: ./Dockerfile + # platforms: linux/amd64,linux/arm64 + # tags: | + # ${{ env.RELEASE_PUBLIC_REPOSITORY }}:v${{ github.event.inputs.version }} + + # # Publish to private ECR + # - name: Build and push private ECR image + # uses: docker/build-push-action@v5 + # with: + # push: true + # context: . + # file: ./Dockerfile + # platforms: linux/amd64,linux/arm64 + # tags: | + # ${{ env.RELEASE_PRIVATE_REPOSITORY }}:v${{ github.event.inputs.version }} - name: Get SHA256 checksum of wheel file id: get_sha256 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - filename="aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl" - shasum -a 256 dist/$filename | awk '{print $1}' > $filename.sha256 + shasum -a 256 dist/${{ env.ARTIFACT_NAME }} | awk '{print $1}' > ${{ env.ARTIFACT_NAME }}.sha256 # Publish to GitHub releases - name: Create GH release @@ -138,5 +139,5 @@ jobs: --title "Release v${{ github.event.inputs.version }}" \ --draft \ "v${{ github.event.inputs.version }}" \ - dist/aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl \ - aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl.sha256 \ No newline at end of file + dist/${{ env.ARTIFACT_NAME }} \ + ${{ env.ARTIFACT_NAME }}.sha256 \ No newline at end of file