From f8372f8c31ab3709a5b36aa7965d7a297eb82407 Mon Sep 17 00:00:00 2001 From: Harry Date: Tue, 17 Dec 2024 13:51:47 -0800 Subject: [PATCH] test --- .github/workflows/release_build.yml | 187 +++++++++++++--------------- 1 file changed, 89 insertions(+), 98 deletions(-) diff --git a/.github/workflows/release_build.yml b/.github/workflows/release_build.yml index de1c4593e..0f4861a05 100644 --- a/.github/workflows/release_build.yml +++ b/.github/workflows/release_build.yml @@ -5,6 +5,7 @@ on: version: description: The version to tag the release with, e.g., 1.2.0 required: true + push: env: AWS_DEFAULT_REGION: us-east-1 @@ -37,88 +38,96 @@ jobs: package_name: aws-opentelemetry-distro os: ubuntu-latest - # TODO: Add some sort of smoke/integration testing before we go - # release the artifacts. adot java for reference: - # https://github.com/aws-observability/aws-otel-java-instrumentation/tree/93870a550ac30988fbdd5d3bf1e8f9f1b37916f5/smoke-tests + # # TODO: Add some sort of smoke/integration testing before we go + # # release the artifacts. adot java for reference: + # # https://github.com/aws-observability/aws-otel-java-instrumentation/tree/93870a550ac30988fbdd5d3bf1e8f9f1b37916f5/smoke-tests - - name: Configure AWS credentials for PyPI secrets - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.AWS_ROLE_ARN_SECRETS_MANAGER }} - aws-region: ${{ env.AWS_DEFAULT_REGION }} + # - name: Configure AWS credentials for PyPI secrets + # uses: aws-actions/configure-aws-credentials@v4 + # with: + # role-to-assume: ${{ secrets.AWS_ROLE_ARN_SECRETS_MANAGER }} + # aws-region: ${{ env.AWS_DEFAULT_REGION }} - - name: Get PyPI secrets - uses: aws-actions/aws-secretsmanager-get-secrets@v1 - id: pypi_secrets - with: - secret-ids: | - PROD_PYPI_TOKEN,${{ secrets.PYPI_PROD_TOKEN_SECRET_ARN }} - TEST_PYPI_TOKEN,${{ secrets.PYPI_TEST_TOKEN_SECRET_ARN }} - parse-json-secrets: true - - - name: Configure AWS credentials for private ECR - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }} - aws-region: ${{ env.AWS_PRIVATE_ECR_REGION }} - - - name: Log in to AWS private ECR - uses: docker/login-action@v3 - with: - registry: ${{ env.RELEASE_PRIVATE_REGISTRY }} - - - name: Configure AWS credentials for public ECR - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }} - aws-region: ${{ env.AWS_PUBLIC_ECR_REGION }} - - - name: Log in to AWS public ECR - uses: docker/login-action@v3 - with: - registry: public.ecr.aws - - # The step below publishes to testpypi in order to catch any issues - # with the package configuration that would cause a failure to upload to pypi. - - name: Install twine - run: pip install twine + # - name: Get PyPI secrets + # uses: aws-actions/aws-secretsmanager-get-secrets@v1 + # id: pypi_secrets + # with: + # secret-ids: | + # PROD_PYPI_TOKEN,${{ secrets.PYPI_PROD_TOKEN_SECRET_ARN }} + # TEST_PYPI_TOKEN,${{ secrets.PYPI_TEST_TOKEN_SECRET_ARN }} + # parse-json-secrets: true + + # - name: Configure AWS credentials for private ECR + # uses: aws-actions/configure-aws-credentials@v4 + # with: + # role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }} + # aws-region: ${{ env.AWS_PRIVATE_ECR_REGION }} + + # - name: Log in to AWS private ECR + # uses: docker/login-action@v3 + # with: + # registry: ${{ env.RELEASE_PRIVATE_REGISTRY }} + + # - name: Configure AWS credentials for public ECR + # uses: aws-actions/configure-aws-credentials@v4 + # with: + # role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }} + # aws-region: ${{ env.AWS_PUBLIC_ECR_REGION }} + + # - name: Log in to AWS public ECR + # uses: docker/login-action@v3 + # with: + # registry: public.ecr.aws + + # # The step below publishes to testpypi in order to catch any issues + # # with the package configuration that would cause a failure to upload to pypi. + # - name: Install twine + # run: pip install twine - - name: Publish to TestPyPI - env: - TWINE_USERNAME: '__token__' - TWINE_PASSWORD: ${{ env.TEST_PYPI_TOKEN_API_TOKEN }} - run: | - twine upload --repository testpypi --skip-existing --verbose dist/aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl + # - name: Publish to TestPyPI + # env: + # TWINE_USERNAME: '__token__' + # TWINE_PASSWORD: ${{ env.TEST_PYPI_TOKEN_API_TOKEN }} + # run: | + # twine upload --repository testpypi --skip-existing --verbose dist/aws_opentelemetry_distro-0.7.0.dev0-py3-none-any.whl + + # # Publish to prod PyPI + # - name: Publish to PyPI + # env: + # TWINE_USERNAME: '__token__' + # TWINE_PASSWORD: ${{ env.PROD_PYPI_TOKEN_API_TOKEN }} + # run: | + # twine upload --skip-existing --verbose dist/aws_opentelemetry_distro-0.7.0.dev0-py3-none-any.whl + + # # Publish to public ECR + # - name: Build and push public ECR image + # uses: docker/build-push-action@v5 + # with: + # push: true + # context: . + # file: ./Dockerfile + # platforms: linux/amd64,linux/arm64 + # tags: | + # ${{ env.RELEASE_PUBLIC_REPOSITORY }}:v0.7.0.dev0 + + # # Publish to private ECR + # - name: Build and push private ECR image + # uses: docker/build-push-action@v5 + # with: + # push: true + # context: . + # file: ./Dockerfile + # platforms: linux/amd64,linux/arm64 + # tags: | + # ${{ env.RELEASE_PRIVATE_REPOSITORY }}:v0.7.0.dev0 - # Publish to prod PyPI - - name: Publish to PyPI + - name: Get SHA256 checksum of wheel file + id: get_sha256 env: - TWINE_USERNAME: '__token__' - TWINE_PASSWORD: ${{ env.PROD_PYPI_TOKEN_API_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - twine upload --skip-existing --verbose dist/aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl - - # Publish to public ECR - - name: Build and push public ECR image - uses: docker/build-push-action@v5 - with: - push: true - context: . - file: ./Dockerfile - platforms: linux/amd64,linux/arm64 - tags: | - ${{ env.RELEASE_PUBLIC_REPOSITORY }}:v${{ github.event.inputs.version }} - - # Publish to private ECR - - name: Build and push private ECR image - uses: docker/build-push-action@v5 - with: - push: true - context: . - file: ./Dockerfile - platforms: linux/amd64,linux/arm64 - tags: | - ${{ env.RELEASE_PRIVATE_REPOSITORY }}:v${{ github.event.inputs.version }} + filename="aws_opentelemetry_distro-0.7.0.dev0-py3-none-any.whl" + shasum -a 256 dist/$filename | awk '{print $1}' > $filename.sha256 # Publish to GitHub releases - name: Create GH release @@ -127,31 +136,13 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token run: | gh release create --target "$GITHUB_REF_NAME" \ - --title "Release v${{ github.event.inputs.version }}" \ + --title "Release v0.7.0.dev0" \ --draft \ - "v${{ github.event.inputs.version }}" \ - dist/aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl + "v0.7.0.dev0" \ + dist/aws_opentelemetry_distro-0.7.0.dev0-py3-none-any.whl \ + aws_opentelemetry_distro-0.7.0.dev0-py3-none-any.whl.sha256 - - name: Get SHA256 checksum of wheel file - id: get_sha256 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - checksum=$(shasum -a 256 dist/aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl | awk '{ print $1 }') - echo "CHECKSUM=$checksum" >> $GITHUB_OUTPUT - - name: Append checksum and update version - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - echo "aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl ${{ steps.get_sha256.outputs.CHECKSUM }}" >> checksum.txt - echo "${{ github.event.inputs.version }}" > version.txt - - git config --local user.email "github-actions[bot]@users.noreply.github.com" - git config --local user.name "GitHub Action Release Workflow" - git add checksum.txt version.txt - git commit -m "Update latest version and append checksum" - git push