-
Notifications
You must be signed in to change notification settings - Fork 16
130 lines (115 loc) · 4.82 KB
/
release_build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
name: Release Build
on:
#TODO: remove the on-push and hard-coded version after testing
push:
branches:
- release-wf
workflow_dispatch:
inputs:
version:
description: The version to tag the release with, e.g., 1.2.0
required: true
env:
AWS_DEFAULT_REGION: us-east-1
AWS_PUBLIC_ECR_REGION: us-east-1
AWS_PRIVATE_ECR_REGION: us-west-2
RELEASE_PUBLIC_REPOSITORY: public.ecr.aws/aws-observability/adot-autoinstrumentation-python
RELEASE_PRIVATE_REPOSITORY: 020628701572.dkr.ecr.us-west-2.amazonaws.com/adot-autoinstrumentation-python
RELEASE_PRIVATE_REGISTRY: 020628701572.dkr.ecr.us-west-2.amazonaws.com
PACKAGE_NAME: aws-opentelemetry-distro
permissions:
id-token: write
contents: write
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout Contrib Repo @ SHA - ${{ github.sha }}
uses: actions/checkout@v4
# NOTE: do not set push_image to true for this step.
# Some of the required params below are set to dummy values
# as they are only used in the artifacts_build action when push_image is true,
# and setting them to some legit value might cause confusion
# to readers.
- name: Build Wheel and Image Files
uses: ./.github/actions/artifacts_build
with:
aws-region: ${{ env.AWS_DEFAULT_REGION }}
image_uri_with_tag: "adot-autoinstrumentation-python:test"
image_registry: "dummy-registry"
snapshot-ecr-role: "dummy-role"
push_image: false
load_image: false
python_version: "3.10"
package_name: aws-opentelemetry-distro
os: ubuntu-latest
# TODO: Add some sort of smoke/integration testing before we go
# release the artifacts. adot java for reference:
# https://github.com/aws-observability/aws-otel-java-instrumentation/tree/93870a550ac30988fbdd5d3bf1e8f9f1b37916f5/smoke-tests
- name: Configure AWS credentials for PyPI secrets
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_ARN_PYPI_RELEASE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- name: Get PyPI secrets
uses: aws-actions/aws-secretsmanager-get-secrets@v1
id: pypi_secrets
with:
secret-ids: |
PROD_PYPI_TOKEN,${{ secrets.PYPI_PROD_TOKEN_SECRET_ARN }}
TEST_PYPI_TOKEN,${{ secrets.PYPI_TEST_TOKEN_SECRET_ARN }}
parse-json-secrets: true
- name: Configure AWS credentials for private ECR
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }}
aws-region: ${{ env.AWS_PRIVATE_ECR_REGION }}
- name: Log in to AWS private ECR
uses: docker/login-action@v3
with:
registry: ${{ env.RELEASE_PRIVATE_REGISTRY }}
- name: Configure AWS credentials for public ECR
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }}
aws-region: ${{ env.AWS_PUBLIC_ECR_REGION }}
- name: Log in to AWS public ECR
uses: docker/login-action@v3
with:
registry: public.ecr.aws
# The step below publishes to testpypi in order to catch any issues
# with the package configuration that would cause a failure to upload to pypi.
- name: Publish to TestPyPI
env:
TWINE_USERNAME: '__token__'
TWINE_PASSWORD: ${{ env.TEST_PYPI_TOKEN_API_TOKEN }}
run: |
twine upload --repository testpypi --skip-existing --verbose dist/aws_opentelemetry_distro-0.0.0-py3-none-any.whl
# TODO: uncomment once tested
# - name: Publish to PyPI
# env:
# TWINE_USERNAME: '__token__'
# TWINE_PASSWORD: ${{ env.PROD_PYPI_TOKEN_API_TOKEN }}
# run: |
# twine upload --skip-existing --verbose dist/aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl
# The following step publish to ECR
# - name: Build and push images
# uses: docker/build-push-action@v5
# with:
# push: true
# context: .
# file: ./Dockerfile
# platforms: linux/amd64,linux/arm64
# tags: |
# ${{ env.RELEASE_PRIVATE_REPOSITORY }}:v${{ github.event.inputs.version }}
# ${{ env.RELEASE_PUBLIC_REPOSITORY }}:v${{ github.event.inputs.version }}
- name: Create GH release
id: create_release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
run: |
gh release create --target "$GITHUB_REF_NAME" \
--title "Release v0.0.0" \
--draft \
"v0.0.0" \
dist/aws_opentelemetry_distro-0.0.0-py3-none-any.whl