Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Get Sha256 Checksum for Release Artifacts #289

Merged
merged 3 commits into from
Dec 20, 2024
Merged
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Add artifact name to env variable
harrryr committed Dec 18, 2024

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
commit 53fff0a3e2b9c9b6fb158c9c8dbf4a04ed913057
14 changes: 6 additions & 8 deletions .github/workflows/release_build.yml
Original file line number Diff line number Diff line change
@@ -14,6 +14,7 @@ env:
RELEASE_PRIVATE_REPOSITORY: 020628701572.dkr.ecr.us-west-2.amazonaws.com/adot-autoinstrumentation-python
RELEASE_PRIVATE_REGISTRY: 020628701572.dkr.ecr.us-west-2.amazonaws.com
PACKAGE_NAME: aws-opentelemetry-distro
ARTIFACT_NAME: aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl

permissions:
id-token: write
@@ -88,15 +89,15 @@ jobs:
TWINE_USERNAME: '__token__'
TWINE_PASSWORD: ${{ env.TEST_PYPI_TOKEN_API_TOKEN }}
run: |
twine upload --repository testpypi --skip-existing --verbose dist/aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl
twine upload --repository testpypi --skip-existing --verbose dist/${{ env.ARTIFACT_NAME }}

# Publish to prod PyPI
- name: Publish to PyPI
env:
TWINE_USERNAME: '__token__'
TWINE_PASSWORD: ${{ env.PROD_PYPI_TOKEN_API_TOKEN }}
run: |
twine upload --skip-existing --verbose dist/aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl
twine upload --skip-existing --verbose dist/${{ env.ARTIFACT_NAME }}

# Publish to public ECR
- name: Build and push public ECR image
@@ -122,11 +123,8 @@ jobs:

- name: Get SHA256 checksum of wheel file
id: get_sha256
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
filename="aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl"
shasum -a 256 dist/$filename | awk '{print $1}' > $filename.sha256
shasum -a 256 dist/${{ env.ARTIFACT_NAME }} | sed "s|dist/||" > ${{ env.ARTIFACT_NAME }}.sha256

# Publish to GitHub releases
- name: Create GH release
@@ -138,5 +136,5 @@ jobs:
--title "Release v${{ github.event.inputs.version }}" \
--draft \
"v${{ github.event.inputs.version }}" \
dist/aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl \
aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl.sha256
dist/${{ env.ARTIFACT_NAME }} \
${{ env.ARTIFACT_NAME }}.sha256
5 changes: 5 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -39,3 +39,8 @@ This project ensures compatibility with the following supported Python versions:

### Note on Amazon CloudWatch Application Signals
[Amazon CloudWatch Application Signals](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Application-Monitoring-Sections.html) components are designed to seamlessly work with all library instrumentations offered by [OpenTelemetry Python auto-instrumentation](https://github.com/open-telemetry/opentelemetry-python-contrib/blob/main/instrumentation/README.md). While upstream OpenTelemetry Python instrumentations are in beta, Application Signals components are stable, production ready and have also been tested for popular libraries/frameworks such as [Django, Boto3, and others](https://github.com/aws-observability/aws-otel-python-instrumentation/tree/main/contract-tests/images/applications). We will prioritize backward compatibility for Application Signals components, striving to ensure that they remain functional even in the face of potential breaking changes introduced by OpenTelemetry upstream libraries. Please [raise an issue](https://github.com/aws-observability/aws-otel-python-instrumentation/blob/main/CONTRIBUTING.md#reporting-bugsfeature-requests) if you notice Application Signals doesn't work for a particular OpenTelemetry supported library.

## Checksum Verification
Artifacts released will include a `.sha256` file for checksum verification starting from v0.7.0
To verify, run the command `shasum -a 256 -c <artifact_name>.sha256`
It should return the output `<artifact_name>: OK` if the validation is successful