Release Build #28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release Build | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| version: | |
| description: The version to tag the release with, e.g., 1.2.0 | |
| required: true | |
| env: | |
| AWS_DEFAULT_REGION: us-east-1 | |
| AWS_PUBLIC_ECR_REGION: us-east-1 | |
| AWS_PRIVATE_ECR_REGION: us-west-2 | |
| RELEASE_PUBLIC_REPOSITORY: public.ecr.aws/aws-observability/adot-autoinstrumentation-python | |
| RELEASE_PRIVATE_REPOSITORY: 020628701572.dkr.ecr.us-west-2.amazonaws.com/adot-autoinstrumentation-python | |
| RELEASE_PRIVATE_REGISTRY: 020628701572.dkr.ecr.us-west-2.amazonaws.com | |
| PACKAGE_NAME: aws-opentelemetry-distro | |
| permissions: | |
| id-token: write | |
| contents: write | |
| jobs: | |
| build: | |
| environment: Release | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Repo @ SHA - ${{ github.sha }} | |
| uses: actions/checkout@v4 | |
| - name: Build Wheel and Image Files | |
| uses: ./.github/actions/artifacts_build | |
| with: | |
| image_uri_with_tag: "adot-autoinstrumentation-python:test" | |
| push_image: false | |
| load_image: true | |
| python_version: "3.10" | |
| package_name: aws-opentelemetry-distro | |
| os: ubuntu-latest | |
| # TODO: Add some sort of smoke/integration testing before we go | |
| # release the artifacts. adot java for reference: | |
| # https:/aws-observability/aws-otel-java-instrumentation/tree/93870a550ac30988fbdd5d3bf1e8f9f1b37916f5/smoke-tests | |
| - name: Configure AWS credentials for PyPI secrets | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ secrets.AWS_ROLE_ARN_SECRETS_MANAGER }} | |
| aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
| - name: Get PyPI secrets | |
| uses: aws-actions/aws-secretsmanager-get-secrets@v1 | |
| id: pypi_secrets | |
| with: | |
| secret-ids: | | |
| PROD_PYPI_TOKEN,${{ secrets.PYPI_PROD_TOKEN_SECRET_ARN }} | |
| TEST_PYPI_TOKEN,${{ secrets.PYPI_TEST_TOKEN_SECRET_ARN }} | |
| parse-json-secrets: true | |
| - name: Configure AWS credentials for private ECR | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }} | |
| aws-region: ${{ env.AWS_PRIVATE_ECR_REGION }} | |
| - name: Log in to AWS private ECR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.RELEASE_PRIVATE_REGISTRY }} | |
| - name: Configure AWS credentials for public ECR | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }} | |
| aws-region: ${{ env.AWS_PUBLIC_ECR_REGION }} | |
| - name: Log in to AWS public ECR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: public.ecr.aws | |
| # The step below publishes to testpypi in order to catch any issues | |
| # with the package configuration that would cause a failure to upload to pypi. | |
| - name: Install twine | |
| run: pip install twine | |
| - name: Publish to TestPyPI | |
| env: | |
| TWINE_USERNAME: '__token__' | |
| TWINE_PASSWORD: ${{ env.TEST_PYPI_TOKEN_API_TOKEN }} | |
| run: | | |
| twine upload --repository testpypi --skip-existing --verbose dist/aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl | |
| # Publish to prod PyPI | |
| - name: Publish to PyPI | |
| env: | |
| TWINE_USERNAME: '__token__' | |
| TWINE_PASSWORD: ${{ env.PROD_PYPI_TOKEN_API_TOKEN }} | |
| run: | | |
| twine upload --skip-existing --verbose dist/aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl | |
| # Publish to public ECR | |
| - name: Build and push public ECR image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| push: true | |
| context: . | |
| file: ./Dockerfile | |
| platforms: linux/amd64,linux/arm64 | |
| tags: | | |
| ${{ env.RELEASE_PUBLIC_REPOSITORY }}:v${{ github.event.inputs.version }} | |
| # Publish to private ECR | |
| - name: Build and push private ECR image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| push: true | |
| context: . | |
| file: ./Dockerfile | |
| platforms: linux/amd64,linux/arm64 | |
| tags: | | |
| ${{ env.RELEASE_PRIVATE_REPOSITORY }}:v${{ github.event.inputs.version }} | |
| # Publish to GitHub releases | |
| - name: Create GH release | |
| id: create_release | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token | |
| run: | | |
| gh release create --target "$GITHUB_REF_NAME" \ | |
| --title "Release v${{ github.event.inputs.version }}" \ | |
| --draft \ | |
| "v${{ github.event.inputs.version }}" \ | |
| dist/aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl |