From 188152dea7b03938ec795286950043fbcd45640d Mon Sep 17 00:00:00 2001 From: Eric Zhang Date: Sat, 13 Sep 2025 13:17:34 -0700 Subject: [PATCH 1/7] Reapply "Merge SDK and Lambda Releases (#253)" (#260) This reverts commit d463605af2f6acd0c35a2d9a6d65c294bd09b794. --- .github/workflows/release-build.yml | 294 ++++++++++++++++++++++++--- .github/workflows/release-lambda.yml | 241 ---------------------- 2 files changed, 268 insertions(+), 267 deletions(-) delete mode 100644 .github/workflows/release-lambda.yml diff --git a/.github/workflows/release-build.yml b/.github/workflows/release-build.yml index 57f16616..8c825ae2 100644 --- a/.github/workflows/release-build.yml +++ b/.github/workflows/release-build.yml @@ -5,6 +5,10 @@ on: version: description: The version to tag the release with, e.g., 1.2.0 required: true + aws_region: + description: 'Deploy lambda layer to aws regions' + required: true + default: 'us-east-1, us-east-2, us-west-1, us-west-2, ap-south-1, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, eu-central-1, eu-west-1, eu-west-2, eu-west-3, eu-north-1, sa-east-1, af-south-1, ap-east-1, ap-south-2, ap-southeast-3, ap-southeast-4, eu-central-2, eu-south-1, eu-south-2, il-central-1, me-central-1, me-south-1, ap-southeast-5, ap-southeast-7, mx-central-1, ca-west-1, cn-north-1, cn-northwest-1' env: AWS_DEFAULT_REGION: us-east-1 @@ -14,18 +18,21 @@ env: RELEASE_PRIVATE_REPOSITORY: 020628701572.dkr.ecr.us-west-2.amazonaws.com/adot-autoinstrumentation-node RELEASE_PRIVATE_REGISTRY: 020628701572.dkr.ecr.us-west-2.amazonaws.com PACKAGE_NAME: aws-distro-opentelemetry-node-autoinstrumentation - ARTIFACT_NAME: aws-aws-distro-opentelemetry-node-autoinstrumentation-${{ github.event.inputs.version }}.tgz + ARTIFACT_NAME: aws-aws-distro-opentelemetry-node-autoinstrumentation-${{ github.event.inputs.version }}.tgz + # Legacy list of commercial regions to deploy to. New regions should NOT be added here, and instead should be added to the `aws_region` default input to the workflow. + LEGACY_COMMERCIAL_REGIONS: us-east-1, us-east-2, us-west-1, us-west-2, ap-south-1, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, eu-central-1, eu-west-1, eu-west-2, eu-west-3, eu-north-1, sa-east-1 + LAYER_NAME: AWSOpenTelemetryDistroJs permissions: id-token: write contents: write jobs: - build: + build-sdk: environment: Release runs-on: ubuntu-latest steps: - - name: Checkout Contrib Repo @ SHA - ${{ github.sha }} + - name: Checkout Repo @ SHA - ${{ github.sha }} uses: actions/checkout@v4 - name: Check main build status @@ -56,9 +63,59 @@ jobs: package_name: aws-distro-opentelemetry-node-autoinstrumentation os: ubuntu-latest + - name: Upload SDK Tarball + uses: actions/upload-artifact@v4 + with: + name: ${{ env.ARTIFACT_NAME }} + path: aws-distro-opentelemetry-node-autoinstrumentation/${{ env.ARTIFACT_NAME }} + # TODO: Add some sort of smoke/integration testing before we go # release the artifacts. adot java for reference: # https://github.com/aws-observability/aws-otel-java-instrumentation/tree/93870a550ac30988fbdd5d3bf1e8f9f1b37916f5/smoke-tests + + build-layer: + needs: build-sdk + runs-on: ubuntu-latest + outputs: + aws_regions_json: ${{ steps.set-matrix.outputs.aws_regions_json }} + steps: + - name: Set up regions matrix + id: set-matrix + run: | + IFS=',' read -ra REGIONS <<< "${{ github.event.inputs.aws_region }}" + MATRIX="[" + for region in "${REGIONS[@]}"; do + trimmed_region=$(echo "$region" | xargs) + MATRIX+="\"$trimmed_region\"," + done + MATRIX="${MATRIX%,}]" + echo ${MATRIX} + echo "aws_regions_json=${MATRIX}" >> $GITHUB_OUTPUT + - name: Checkout Repo @ SHA - ${{ github.sha }} + uses: actions/checkout@v4 + - name: Setup Node + uses: actions/setup-node@v4 + with: + node-version: 22 + - name: NPM Clean Install + # https://docs.npmjs.com/cli/v10/commands/npm-ci + run: npm ci + - name: Compile all NPM projects + run: npm run compile + - name: Build Lambda Layer + run: npm run build-lambda + - name: upload layer + uses: actions/upload-artifact@v4 + with: + name: layer.zip + path: lambda-layer/packages/layer/build/layer.zip + + publish-sdk: + needs: [build-sdk, build-layer] + runs-on: ubuntu-latest + steps: + - name: Checkout Repo @ SHA - ${{ github.sha }} + uses: actions/checkout@v4 - name: Configure AWS credentials for private ECR uses: aws-actions/configure-aws-credentials@v4 @@ -82,7 +139,6 @@ jobs: with: registry: public.ecr.aws - # Publish to public ECR - name: Build and push public ECR image uses: docker/build-push-action@v5 @@ -105,37 +161,223 @@ jobs: tags: | ${{ env.RELEASE_PRIVATE_REPOSITORY }}:v${{ github.event.inputs.version }} - - name: Get SHA256 checksum of release artifact - id: get_sha256 + # Publish '@aws/aws-distro-opentelemetry-node-autoinstrumentation' to npm + - name: Publish autoinstrumentation to npm + working-directory: aws-distro-opentelemetry-node-autoinstrumentation + env: + NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}} + NPM_CONFIG_PROVENANCE: true + run: npm publish + + publish-layer-prod: + runs-on: ubuntu-latest + needs: [build-layer, publish-sdk] + strategy: + matrix: + aws_region: ${{ fromJson(needs.build-layer.outputs.aws_regions_json) }} + steps: + - name: role arn + env: + LEGACY_COMMERCIAL_REGIONS: ${{ env.LEGACY_COMMERCIAL_REGIONS }} + run: | + LEGACY_COMMERCIAL_REGIONS_ARRAY=(${LEGACY_COMMERCIAL_REGIONS//,/ }) + FOUND=false + for REGION in "${LEGACY_COMMERCIAL_REGIONS_ARRAY[@]}"; do + if [[ "$REGION" == "${{ matrix.aws_region }}" ]]; then + FOUND=true + break + fi + done + if [ "$FOUND" = true ]; then + echo "Found ${{ matrix.aws_region }} in LEGACY_COMMERCIAL_REGIONS" + SECRET_KEY="LAMBDA_LAYER_RELEASE" + else + echo "Not found ${{ matrix.aws_region }} in LEGACY_COMMERCIAL_REGIONS" + SECRET_KEY="${{ matrix.aws_region }}_LAMBDA_LAYER_RELEASE" + fi + SECRET_KEY=${SECRET_KEY//-/_} + echo "SECRET_KEY=${SECRET_KEY}" >> $GITHUB_ENV + - uses: aws-actions/configure-aws-credentials@v4.0.2 + with: + role-to-assume: ${{ secrets[env.SECRET_KEY] }} + role-duration-seconds: 1200 + aws-region: ${{ matrix.aws_region }} + - name: Get s3 bucket name for release + run: | + echo BUCKET_NAME=nodejs-lambda-layer-${{ github.run_id }}-${{ matrix.aws_region }} | tee --append $GITHUB_ENV + - name: download layer.zip + uses: actions/download-artifact@v4 + with: + name: layer.zip + - name: publish + run: | + aws s3 mb s3://${{ env.BUCKET_NAME }} + aws s3 cp layer.zip s3://${{ env.BUCKET_NAME }} + layerARN=$( + aws lambda publish-layer-version \ + --layer-name ${{ env.LAYER_NAME }} \ + --content S3Bucket=${{ env.BUCKET_NAME }},S3Key=layer.zip \ + --compatible-runtimes nodejs18.x nodejs20.x nodejs22.x \ + --compatible-architectures "arm64" "x86_64" \ + --license-info "Apache-2.0" \ + --description "AWS Distro of OpenTelemetry Lambda Layer for NodeJs Runtime" \ + --query 'LayerVersionArn' \ + --output text + ) + echo $layerARN + echo "LAYER_ARN=${layerARN}" >> $GITHUB_ENV + mkdir ${{ env.LAYER_NAME }} + echo $layerARN > ${{ env.LAYER_NAME }}/${{ matrix.aws_region }} + cat ${{ env.LAYER_NAME }}/${{ matrix.aws_region }} + - name: public layer + run: | + layerVersion=$( + aws lambda list-layer-versions \ + --layer-name ${{ env.LAYER_NAME }} \ + --query 'max_by(LayerVersions, &Version).Version' + ) + aws lambda add-layer-version-permission \ + --layer-name ${{ env.LAYER_NAME }} \ + --version-number $layerVersion \ + --principal "*" \ + --statement-id publish \ + --action lambda:GetLayerVersion + - name: upload layer arn artifact + if: ${{ success() }} + uses: actions/upload-artifact@v4 + with: + name: ${{ env.LAYER_NAME }}-${{ matrix.aws_region }} + path: ${{ env.LAYER_NAME }}/${{ matrix.aws_region }} + - name: clean s3 + if: always() + run: | + aws s3 rb --force s3://${{ env.BUCKET_NAME }} + + generate-lambda-release-note: + runs-on: ubuntu-latest + needs: publish-layer-prod + outputs: + layer-note: ${{ steps.layer-note.outputs.layer-note }} + steps: + - name: Checkout Repo @ SHA - ${{ github.sha }} + uses: actions/checkout@v4 + - uses: hashicorp/setup-terraform@v2 + - name: download layerARNs + uses: actions/download-artifact@v4 + with: + pattern: ${{ env.LAYER_NAME }}-* + path: ${{ env.LAYER_NAME }} + merge-multiple: true + - name: show layerARNs + run: | + for file in ${{ env.LAYER_NAME }}/* + do + echo $file + cat $file + done + - name: generate layer-note + id: layer-note + working-directory: ${{ env.LAYER_NAME }} run: | - shasum -a 256 aws-distro-opentelemetry-node-autoinstrumentation/${{ env.ARTIFACT_NAME }} | sed "s|aws-distro-opentelemetry-node-autoinstrumentation/||" > ${{ env.ARTIFACT_NAME }}.sha256 - + echo "| Region | Layer ARN |" >> ../layer-note + echo "| ---- | ---- |" >> ../layer-note + for file in * + do + read arn < $file + echo "| " $file " | " $arn " |" >> ../layer-note + done + cd .. + { + echo "layer-note<> $GITHUB_OUTPUT + cat layer-note + - name: generate tf layer + working-directory: ${{ env.LAYER_NAME }} + run: | + echo "locals {" >> ../layer_arns.tf + echo " sdk_layer_arns = {" >> ../layer_arns.tf + for file in * + do + read arn < $file + echo " \""$file"\" = \""$arn"\"" >> ../layer_arns.tf + done + cd .. + echo " }" >> layer_arns.tf + echo "}" >> layer_arns.tf + terraform fmt layer_arns.tf + cat layer_arns.tf + - name: generate layer ARN constants for CDK + working-directory: ${{ env.LAYER_NAME }} + run: | + echo "{" > ../layer_cdk + for file in *; do + read arn < "$file" + echo " \"$file\": \"$arn\"," >> ../layer_cdk + done + echo "}" >> ../layer_cdk + cat ../layer_cdk + + publish-github: + needs: generate-lambda-release-note + runs-on: ubuntu-latest + steps: + - name: Checkout Repo @ SHA - ${{ github.sha }} + uses: actions/checkout@v4 + + - name: Download SDK artifact + uses: actions/download-artifact@v4 + with: + name: ${{ env.ARTIFACT_NAME }} + + - name: Download layer.zip artifact + uses: actions/download-artifact@v4 + with: + name: layer.zip + # Publish to GitHub releases - name: Create GH release id: create_release env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - # Download layer.zip from existing latest tagged SDK release note - LATEST_SDK_VERSION=$(gh release list --repo "aws-observability/aws-otel-js-instrumentation" --json tagName,isLatest -q 'map(select(.isLatest==true)) | .[0].tagName') - mkdir -p layer_artifact - gh release download "$LATEST_SDK_VERSION" --repo "aws-observability/aws-otel-js-instrumentation" --pattern "layer.zip" --dir layer_artifact - shasum -a 256 layer_artifact/layer.zip > layer_artifact/layer.zip.sha256 + # Generate dependency versions from package.json + DEPS=$(node -e " + const pkg = require('./aws-distro-opentelemetry-node-autoinstrumentation/package.json'); + const deps = Object.entries(pkg.dependencies || {}) + .map(([name, version]) => \`- \\\`\${name}\\\` - \${version}\`) + .join('\n'); + console.log(deps); + ") + + # Create release notes + cat > release_notes.md << EOF + This release contains the following upstream components: + + $DEPS + + This release also publishes to public ECR and NPM. + * See ADOT node auto-instrumentation Docker image v${{ github.event.inputs.version }} in our public ECR repository: + https://gallery.ecr.aws/aws-observability/adot-autoinstrumentation-node + * See version ${{ github.event.inputs.version }} in our NPM repository: + https://www.npmjs.com/package/@aws/aws-distro-opentelemetry-node-autoinstrumentation + + This release also includes the AWS OpenTelemetry Lambda Layer for JavaScript version ${{ github.event.inputs.version }}-$(echo $GITHUB_SHA | cut -c1-7). + + Lambda Layer ARNs: + ${{ needs.generate-lambda-release-note.outputs.layer-note }} + EOF + + shasum -a 256 ${{ env.ARTIFACT_NAME }} > ${{ env.ARTIFACT_NAME }}.sha256 + shasum -a 256 layer.zip > layer.zip.sha256 gh release create --target "$GITHUB_REF_NAME" \ --title "Release v${{ github.event.inputs.version }}" \ + --notes-file release_notes.md \ --draft \ "v${{ github.event.inputs.version }}" \ - aws-distro-opentelemetry-node-autoinstrumentation/${{ env.ARTIFACT_NAME }} \ + ${{ env.ARTIFACT_NAME }} \ ${{ env.ARTIFACT_NAME }}.sha256 \ - layer_artifact/layer.zip \ - layer_artifact/layer.zip.sha256 - - # Publish '@aws/aws-distro-opentelemetry-node-autoinstrumentation' to npm - - name: Publish autoinstrumentation to npm - working-directory: aws-distro-opentelemetry-node-autoinstrumentation - env: - NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}} - NPM_CONFIG_PROVENANCE: true - run: npm publish - + layer.zip \ + layer.zip.sha256 \ No newline at end of file diff --git a/.github/workflows/release-lambda.yml b/.github/workflows/release-lambda.yml deleted file mode 100644 index 4bf6745f..00000000 --- a/.github/workflows/release-lambda.yml +++ /dev/null @@ -1,241 +0,0 @@ -name: Release Lambda layer - -on: - workflow_dispatch: - inputs: - version: - description: The version to tag the lambda release with (should be the same as the current ADOT JavaScript SDK version, e.g., 0.6.0) - required: true - aws_region: - description: 'Deploy to aws regions' - required: true - default: 'us-east-1, us-east-2, us-west-1, us-west-2, ap-south-1, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, eu-central-1, eu-west-1, eu-west-2, eu-west-3, eu-north-1, sa-east-1, af-south-1, ap-east-1, ap-south-2, ap-southeast-3, ap-southeast-4, eu-central-2, eu-south-1, eu-south-2, il-central-1, me-central-1, me-south-1, ap-southeast-5, ap-southeast-7, mx-central-1, ca-west-1, cn-north-1, cn-northwest-1' - -env: - AWS_REGIONS: ${{ github.event.inputs.aws_region }} - # Legacy list of commercial regions to deploy to. New regions should NOT be added here, and instead should be added to the `aws_region` default input to the workflow. - LEGACY_COMMERCIAL_REGIONS: us-east-1, us-east-2, us-west-1, us-west-2, ap-south-1, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, eu-central-1, eu-west-1, eu-west-2, eu-west-3, eu-north-1, sa-east-1 - LAYER_NAME: AWSOpenTelemetryDistroJs - -permissions: - id-token: write - contents: write - -jobs: - build-layer: - environment: Release - runs-on: ubuntu-latest - outputs: - aws_regions_json: ${{ steps.set-matrix.outputs.aws_regions_json }} - steps: - - name: Set up regions matrix - id: set-matrix - run: | - IFS=',' read -ra REGIONS <<< "${{ env.AWS_REGIONS }}" - MATRIX="[" - for region in "${REGIONS[@]}"; do - trimmed_region=$(echo "$region" | xargs) - MATRIX+="\"$trimmed_region\"," - done - MATRIX="${MATRIX%,}]" - echo ${MATRIX} - echo "aws_regions_json=${MATRIX}" >> $GITHUB_OUTPUT - - name: Checkout Repo @ SHA - ${{ github.sha }} - uses: actions/checkout@v4 - - name: Setup Node - uses: actions/setup-node@v4 - with: - node-version: 22 - - name: NPM Clean Install - # https://docs.npmjs.com/cli/v10/commands/npm-ci - run: npm ci - - name: Compile all NPM projects - run: npm run compile - - name: Build Lambda Layer - run: npm run build-lambda - - name: upload layer - uses: actions/upload-artifact@v4 - with: - name: layer.zip - path: lambda-layer/packages/layer/build/layer.zip - publish-prod: - runs-on: ubuntu-latest - needs: build-layer - strategy: - matrix: - aws_region: ${{ fromJson(needs.build-layer.outputs.aws_regions_json) }} - steps: - - name: role arn - env: - LEGACY_COMMERCIAL_REGIONS: ${{ env.LEGACY_COMMERCIAL_REGIONS }} - run: | - LEGACY_COMMERCIAL_REGIONS_ARRAY=(${LEGACY_COMMERCIAL_REGIONS//,/ }) - FOUND=false - for REGION in "${LEGACY_COMMERCIAL_REGIONS_ARRAY[@]}"; do - if [[ "$REGION" == "${{ matrix.aws_region }}" ]]; then - FOUND=true - break - fi - done - if [ "$FOUND" = true ]; then - echo "Found ${{ matrix.aws_region }} in LEGACY_COMMERCIAL_REGIONS" - SECRET_KEY="LAMBDA_LAYER_RELEASE" - else - echo "Not found ${{ matrix.aws_region }} in LEGACY_COMMERCIAL_REGIONS" - SECRET_KEY="${{ matrix.aws_region }}_LAMBDA_LAYER_RELEASE" - fi - SECRET_KEY=${SECRET_KEY//-/_} - echo "SECRET_KEY=${SECRET_KEY}" >> $GITHUB_ENV - - uses: aws-actions/configure-aws-credentials@v4.0.2 - with: - role-to-assume: ${{ secrets[env.SECRET_KEY] }} - role-duration-seconds: 1200 - aws-region: ${{ matrix.aws_region }} - - name: Get s3 bucket name for release - run: | - echo BUCKET_NAME=nodejs-lambda-layer-${{ github.run_id }}-${{ matrix.aws_region }} | tee --append $GITHUB_ENV - - name: download layer.zip - uses: actions/download-artifact@v4 - with: - name: layer.zip - - name: publish - run: | - aws s3 mb s3://${{ env.BUCKET_NAME }} - aws s3 cp layer.zip s3://${{ env.BUCKET_NAME }} - layerARN=$( - aws lambda publish-layer-version \ - --layer-name ${{ env.LAYER_NAME }} \ - --content S3Bucket=${{ env.BUCKET_NAME }},S3Key=layer.zip \ - --compatible-runtimes nodejs18.x nodejs20.x nodejs22.x \ - --compatible-architectures "arm64" "x86_64" \ - --license-info "Apache-2.0" \ - --description "AWS Distro of OpenTelemetry Lambda Layer for NodeJs Runtime" \ - --query 'LayerVersionArn' \ - --output text - ) - echo $layerARN - echo "LAYER_ARN=${layerARN}" >> $GITHUB_ENV - mkdir ${{ env.LAYER_NAME }} - echo $layerARN > ${{ env.LAYER_NAME }}/${{ matrix.aws_region }} - cat ${{ env.LAYER_NAME }}/${{ matrix.aws_region }} - - name: public layer - run: | - layerVersion=$( - aws lambda list-layer-versions \ - --layer-name ${{ env.LAYER_NAME }} \ - --query 'max_by(LayerVersions, &Version).Version' - ) - aws lambda add-layer-version-permission \ - --layer-name ${{ env.LAYER_NAME }} \ - --version-number $layerVersion \ - --principal "*" \ - --statement-id publish \ - --action lambda:GetLayerVersion - - name: upload layer arn artifact - if: ${{ success() }} - uses: actions/upload-artifact@v4 - with: - name: ${{ env.LAYER_NAME }}-${{ matrix.aws_region }} - path: ${{ env.LAYER_NAME }}/${{ matrix.aws_region }} - - name: clean s3 - if: always() - run: | - aws s3 rb --force s3://${{ env.BUCKET_NAME }} - generate-release-note: - runs-on: ubuntu-latest - needs: publish-prod - steps: - - name: Checkout Repo @ SHA - ${{ github.sha }} - uses: actions/checkout@v4 - - uses: hashicorp/setup-terraform@v2 - - name: download layerARNs - uses: actions/download-artifact@v4 - with: - pattern: ${{ env.LAYER_NAME }}-* - path: ${{ env.LAYER_NAME }} - merge-multiple: true - - name: show layerARNs - run: | - for file in ${{ env.LAYER_NAME }}/* - do - echo $file - cat $file - done - - name: generate layer-note - working-directory: ${{ env.LAYER_NAME }} - run: | - echo "| Region | Layer ARN |" >> ../layer-note - echo "| ---- | ---- |" >> ../layer-note - for file in * - do - read arn < $file - echo "| " $file " | " $arn " |" >> ../layer-note - done - cd .. - cat layer-note - - name: generate tf layer - working-directory: ${{ env.LAYER_NAME }} - run: | - echo "locals {" >> ../layer_arns.tf - echo " sdk_layer_arns = {" >> ../layer_arns.tf - for file in * - do - read arn < $file - echo " \""$file"\" = \""$arn"\"" >> ../layer_arns.tf - done - cd .. - echo " }" >> layer_arns.tf - echo "}" >> layer_arns.tf - terraform fmt layer_arns.tf - cat layer_arns.tf - - name: generate layer ARN constants for CDK - working-directory: ${{ env.LAYER_NAME }} - run: | - echo "{" > ../layer_cdk - for file in *; do - read arn < "$file" - echo " \"$file\": \"$arn\"," >> ../layer_cdk - done - echo "}" >> ../layer_cdk - cat ../layer_cdk - - name: download layer.zip - uses: actions/download-artifact@v4 - with: - name: layer.zip - - name: Get commit hash - id: commit - run: | - echo "sha_short=$(echo $GITHUB_SHA | cut -c1-7)" >> $GITHUB_OUTPUT - - - name: Create Release Notes - run: | - echo "AWS OpenTelemetry Lambda Layer for JavaScript version ${{ github.event.inputs.version }}-${{ steps.commit.outputs.sha_short }}" > release_notes.md - echo "" >> release_notes.md - echo "Lambda Layer ARNs:" >> release_notes.md - echo "" >> release_notes.md - cat layer-note >> release_notes.md - echo "" >> release_notes.md - echo "Notes:" >> release_notes.md - - name: Create GH release - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - gh release create \ - --target "$GITHUB_REF_NAME" \ - --title "Release lambda-v${{ github.event.inputs.version }}-${{ steps.commit.outputs.sha_short }}" \ - --notes-file release_notes.md \ - --draft \ - "lambda-v${{ github.event.inputs.version }}-${{ steps.commit.outputs.sha_short }}" \ - layer_arns.tf layer.zip - echo Removing release_notes.md ... - rm -f release_notes.md - - name: Upload layer.zip and SHA-256 checksum to SDK Release Notes (tagged with latest) - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - LATEST_SDK_VERSION=$(gh release list --repo "aws-observability/aws-otel-js-instrumentation" --json tagName,isLatest -q 'map(select(.isLatest==true)) | .[0].tagName') - # Generate SHA-256 checksum for layer.zip - shasum -a 256 layer.zip > layer.zip.sha256 - # Upload layer.zip and its checksum to the latest SDK release note - gh release upload "$LATEST_SDK_VERSION" layer.zip layer.zip.sha256 --repo "aws-observability/aws-otel-js-instrumentation" --clobber - echo "✅ layer.zip successfully uploaded to $LATEST_SDK_VERSION in the upstream repo!" From b284a791c7ab8474da3b17ab0577d75dcf569b75 Mon Sep 17 00:00:00 2001 From: Eric Zhang Date: Tue, 7 Oct 2025 12:13:48 -0700 Subject: [PATCH 2/7] add CHANGELOG and enhance release notes --- .github/workflows/release-build.yml | 26 +++++++++++++++++++++++--- 1 file changed, 23 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release-build.yml b/.github/workflows/release-build.yml index 0cc21f08..883865c1 100644 --- a/.github/workflows/release-build.yml +++ b/.github/workflows/release-build.yml @@ -351,19 +351,39 @@ jobs: console.log(deps); ") + # Extract CHANGELOG entries for this version + CHANGELOG_ENTRIES=$(node -e " + const fs = require('fs'); + const content = fs.readFileSync('CHANGELOG.md', 'utf8'); + const versionPattern = new RegExp(\`## v\${{ github.event.inputs.version }}.*?\\n(.*?)(?=\\n## |$)\`, 'gs'); + const versionMatch = content.match(versionPattern); + if (versionMatch && versionMatch[0]) { + const entries = versionMatch[0].replace(/^## v\${{ github.event.inputs.version }}.*?\\n/, '').trim(); + if (entries) { + console.log(entries); + } + } + ") + # Create release notes cat > release_notes.md << EOF - This release contains the following upstream components: + $(if [ -n "$CHANGELOG_ENTRIES" ]; then echo "## What's Changed"; echo "$CHANGELOG_ENTRIES"; echo ""; fi) + + ## Upstream Components $DEPS - This release also publishes to public ECR and NPM. + ## Release Artifacts + + This release publishes to public ECR and NPM. * See ADOT node auto-instrumentation Docker image v${{ github.event.inputs.version }} in our public ECR repository: https://gallery.ecr.aws/aws-observability/adot-autoinstrumentation-node * See version ${{ github.event.inputs.version }} in our NPM repository: https://www.npmjs.com/package/@aws/aws-distro-opentelemetry-node-autoinstrumentation - This release also includes the AWS OpenTelemetry Lambda Layer for JavaScript version ${{ github.event.inputs.version }}-$(echo $GITHUB_SHA | cut -c1-7). + ## Lambda Layer + + This release includes the AWS OpenTelemetry Lambda Layer for JavaScript version ${{ github.event.inputs.version }}-$(echo $GITHUB_SHA | cut -c1-7). Lambda Layer ARNs: ${{ needs.generate-lambda-release-note.outputs.layer-note }} From 9cf9841b407d87698651f9085c742a22f501425d Mon Sep 17 00:00:00 2001 From: Eric Zhang Date: Tue, 7 Oct 2025 12:22:49 -0700 Subject: [PATCH 3/7] modify workflow and CHANGELOG to test release notes --- .github/workflows/release-build.yml | 374 +++++++++++++--------------- CHANGELOG.md | 11 + 2 files changed, 186 insertions(+), 199 deletions(-) diff --git a/.github/workflows/release-build.yml b/.github/workflows/release-build.yml index 883865c1..68f8ffbc 100644 --- a/.github/workflows/release-build.yml +++ b/.github/workflows/release-build.yml @@ -35,23 +35,23 @@ jobs: - name: Checkout Contrib Repo @ SHA - ${{ github.sha }} uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 - - name: Check main build status - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - WORKFLOW_ID=$(gh api repos/${{ github.repository }}/actions/workflows --jq '.workflows[] | select(.name=="NodeJS Instrumentation Main Build") | .id') - LATEST_RUN=$(gh api repos/${{ github.repository }}/actions/workflows/$WORKFLOW_ID/runs --jq '[.workflow_runs[] | select(.head_branch=="${{ github.ref_name }}")] | sort_by(.created_at) | .[-1] | {conclusion, status}') - STATUS=$(echo "$LATEST_RUN" | jq -r '.status') - CONCLUSION=$(echo "$LATEST_RUN" | jq -r '.conclusion') + # - name: Check main build status + # env: + # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # run: | + # WORKFLOW_ID=$(gh api repos/${{ github.repository }}/actions/workflows --jq '.workflows[] | select(.name=="NodeJS Instrumentation Main Build") | .id') + # LATEST_RUN=$(gh api repos/${{ github.repository }}/actions/workflows/$WORKFLOW_ID/runs --jq '[.workflow_runs[] | select(.head_branch=="${{ github.ref_name }}")] | sort_by(.created_at) | .[-1] | {conclusion, status}') + # STATUS=$(echo "$LATEST_RUN" | jq -r '.status') + # CONCLUSION=$(echo "$LATEST_RUN" | jq -r '.conclusion') - if [ "$STATUS" = "in_progress" ] || [ "$STATUS" = "queued" ]; then - echo "Main build is still running (status: $STATUS). Cannot proceed with release." - exit 1 - elif [ "$CONCLUSION" != "success" ]; then - echo "Latest main build on branch ${{ github.ref_name }} conclusion: $CONCLUSION" - exit 1 - fi - echo "Main build succeeded, proceeding with release" + # if [ "$STATUS" = "in_progress" ] || [ "$STATUS" = "queued" ]; then + # echo "Main build is still running (status: $STATUS). Cannot proceed with release." + # exit 1 + # elif [ "$CONCLUSION" != "success" ]; then + # echo "Latest main build on branch ${{ github.ref_name }} conclusion: $CONCLUSION" + # exit 1 + # fi + # echo "Main build succeeded, proceeding with release" - name: Build Tarball and Image Files uses: ./.github/actions/artifacts_build @@ -110,214 +110,190 @@ jobs: name: layer.zip path: lambda-layer/packages/layer/build/layer.zip - publish-sdk: - needs: [build-sdk, build-layer] - runs-on: ubuntu-latest - steps: - - name: Checkout Repo @ SHA - ${{ github.sha }} - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 + # publish-sdk: + # needs: [build-sdk, build-layer] + # runs-on: ubuntu-latest + # steps: + # - name: Checkout Repo @ SHA - ${{ github.sha }} + # uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 - - name: Configure AWS credentials for private ECR - uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v5.0.0 - with: - role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }} - aws-region: ${{ env.AWS_PRIVATE_ECR_REGION }} + # - name: Configure AWS credentials for private ECR + # uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v5.0.0 + # with: + # role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }} + # aws-region: ${{ env.AWS_PRIVATE_ECR_REGION }} - - name: Log in to AWS private ECR - uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 #v3.5.0 - with: - registry: ${{ env.RELEASE_PRIVATE_REGISTRY }} + # - name: Log in to AWS private ECR + # uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 #v3.5.0 + # with: + # registry: ${{ env.RELEASE_PRIVATE_REGISTRY }} - - name: Configure AWS credentials for public ECR - uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v5.0.0 - with: - role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }} - aws-region: ${{ env.AWS_PUBLIC_ECR_REGION }} + # - name: Configure AWS credentials for public ECR + # uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v5.0.0 + # with: + # role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }} + # aws-region: ${{ env.AWS_PUBLIC_ECR_REGION }} - - name: Log in to AWS public ECR - uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 #v3.5.0 - with: - registry: public.ecr.aws + # - name: Log in to AWS public ECR + # uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 #v3.5.0 + # with: + # registry: public.ecr.aws - # Publish to public ECR - - name: Build and push public ECR image - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 #v6.18.0 - with: - push: true - context: . - file: ./Dockerfile - platforms: linux/amd64,linux/arm64 - tags: | - ${{ env.RELEASE_PUBLIC_REPOSITORY }}:v${{ github.event.inputs.version }} + # # Publish to public ECR + # - name: Build and push public ECR image + # uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 #v6.18.0 + # with: + # push: true + # context: . + # file: ./Dockerfile + # platforms: linux/amd64,linux/arm64 + # tags: | + # ${{ env.RELEASE_PUBLIC_REPOSITORY }}:v${{ github.event.inputs.version }} - # Publish to private ECR - - name: Build and push private ECR image - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 #v6.18.0 - with: - push: true - context: . - file: ./Dockerfile - platforms: linux/amd64,linux/arm64 - tags: | - ${{ env.RELEASE_PRIVATE_REPOSITORY }}:v${{ github.event.inputs.version }} + # # Publish to private ECR + # - name: Build and push private ECR image + # uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 #v6.18.0 + # with: + # push: true + # context: . + # file: ./Dockerfile + # platforms: linux/amd64,linux/arm64 + # tags: | + # ${{ env.RELEASE_PRIVATE_REPOSITORY }}:v${{ github.event.inputs.version }} - # Publish '@aws/aws-distro-opentelemetry-node-autoinstrumentation' to npm - - name: Publish autoinstrumentation to npm - working-directory: aws-distro-opentelemetry-node-autoinstrumentation - env: - NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}} - NPM_CONFIG_PROVENANCE: true - run: npm publish + # # Publish '@aws/aws-distro-opentelemetry-node-autoinstrumentation' to npm + # - name: Publish autoinstrumentation to npm + # working-directory: aws-distro-opentelemetry-node-autoinstrumentation + # env: + # NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}} + # NPM_CONFIG_PROVENANCE: true + # run: npm publish - publish-layer-prod: - runs-on: ubuntu-latest - needs: [build-layer, publish-sdk] - strategy: - matrix: - aws_region: ${{ fromJson(needs.build-layer.outputs.aws_regions_json) }} - steps: - - name: role arn - env: - LEGACY_COMMERCIAL_REGIONS: ${{ env.LEGACY_COMMERCIAL_REGIONS }} - run: | - LEGACY_COMMERCIAL_REGIONS_ARRAY=(${LEGACY_COMMERCIAL_REGIONS//,/ }) - FOUND=false - for REGION in "${LEGACY_COMMERCIAL_REGIONS_ARRAY[@]}"; do - if [[ "$REGION" == "${{ matrix.aws_region }}" ]]; then - FOUND=true - break - fi - done - if [ "$FOUND" = true ]; then - echo "Found ${{ matrix.aws_region }} in LEGACY_COMMERCIAL_REGIONS" - SECRET_KEY="LAMBDA_LAYER_RELEASE" - else - echo "Not found ${{ matrix.aws_region }} in LEGACY_COMMERCIAL_REGIONS" - SECRET_KEY="${{ matrix.aws_region }}_LAMBDA_LAYER_RELEASE" - fi - SECRET_KEY=${SECRET_KEY//-/_} - echo "SECRET_KEY=${SECRET_KEY}" >> $GITHUB_ENV - - uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v5.0.0 - with: - role-to-assume: ${{ secrets[env.SECRET_KEY] }} - role-duration-seconds: 1200 - aws-region: ${{ matrix.aws_region }} - - name: Get s3 bucket name for release - run: | - echo BUCKET_NAME=nodejs-lambda-layer-${{ github.run_id }}-${{ matrix.aws_region }} | tee --append $GITHUB_ENV - - name: download layer.zip - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 #v5.0.0 - with: - name: layer.zip - - name: publish - run: | - aws s3 mb s3://${{ env.BUCKET_NAME }} - aws s3 cp layer.zip s3://${{ env.BUCKET_NAME }} - layerARN=$( - aws lambda publish-layer-version \ - --layer-name ${{ env.LAYER_NAME }} \ - --content S3Bucket=${{ env.BUCKET_NAME }},S3Key=layer.zip \ - --compatible-runtimes nodejs18.x nodejs20.x nodejs22.x \ - --compatible-architectures "arm64" "x86_64" \ - --license-info "Apache-2.0" \ - --description "AWS Distro of OpenTelemetry Lambda Layer for NodeJs Runtime" \ - --query 'LayerVersionArn' \ - --output text - ) - echo $layerARN - echo "LAYER_ARN=${layerARN}" >> $GITHUB_ENV - mkdir ${{ env.LAYER_NAME }} - echo $layerARN > ${{ env.LAYER_NAME }}/${{ matrix.aws_region }} - cat ${{ env.LAYER_NAME }}/${{ matrix.aws_region }} - - name: public layer - run: | - layerVersion=$( - aws lambda list-layer-versions \ - --layer-name ${{ env.LAYER_NAME }} \ - --query 'max_by(LayerVersions, &Version).Version' - ) - aws lambda add-layer-version-permission \ - --layer-name ${{ env.LAYER_NAME }} \ - --version-number $layerVersion \ - --principal "*" \ - --statement-id publish \ - --action lambda:GetLayerVersion - - name: upload layer arn artifact - if: ${{ success() }} - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 #v4.6.2 - with: - name: ${{ env.LAYER_NAME }}-${{ matrix.aws_region }} - path: ${{ env.LAYER_NAME }}/${{ matrix.aws_region }} - - name: clean s3 - if: always() - run: | - aws s3 rb --force s3://${{ env.BUCKET_NAME }} + # publish-layer-prod: + # runs-on: ubuntu-latest + # needs: [build-layer, publish-sdk] + # strategy: + # matrix: + # aws_region: ${{ fromJson(needs.build-layer.outputs.aws_regions_json) }} + # steps: + # - name: role arn + # env: + # LEGACY_COMMERCIAL_REGIONS: ${{ env.LEGACY_COMMERCIAL_REGIONS }} + # run: | + # LEGACY_COMMERCIAL_REGIONS_ARRAY=(${LEGACY_COMMERCIAL_REGIONS//,/ }) + # FOUND=false + # for REGION in "${LEGACY_COMMERCIAL_REGIONS_ARRAY[@]}"; do + # if [[ "$REGION" == "${{ matrix.aws_region }}" ]]; then + # FOUND=true + # break + # fi + # done + # if [ "$FOUND" = true ]; then + # echo "Found ${{ matrix.aws_region }} in LEGACY_COMMERCIAL_REGIONS" + # SECRET_KEY="LAMBDA_LAYER_RELEASE" + # else + # echo "Not found ${{ matrix.aws_region }} in LEGACY_COMMERCIAL_REGIONS" + # SECRET_KEY="${{ matrix.aws_region }}_LAMBDA_LAYER_RELEASE" + # fi + # SECRET_KEY=${SECRET_KEY//-/_} + # echo "SECRET_KEY=${SECRET_KEY}" >> $GITHUB_ENV + # - uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v5.0.0 + # with: + # role-to-assume: ${{ secrets[env.SECRET_KEY] }} + # role-duration-seconds: 1200 + # aws-region: ${{ matrix.aws_region }} + # - name: Get s3 bucket name for release + # run: | + # echo BUCKET_NAME=nodejs-lambda-layer-${{ github.run_id }}-${{ matrix.aws_region }} | tee --append $GITHUB_ENV + # - name: download layer.zip + # uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 #v5.0.0 + # with: + # name: layer.zip + # - name: publish + # run: | + # aws s3 mb s3://${{ env.BUCKET_NAME }} + # aws s3 cp layer.zip s3://${{ env.BUCKET_NAME }} + # layerARN=$( + # aws lambda publish-layer-version \ + # --layer-name ${{ env.LAYER_NAME }} \ + # --content S3Bucket=${{ env.BUCKET_NAME }},S3Key=layer.zip \ + # --compatible-runtimes nodejs18.x nodejs20.x nodejs22.x \ + # --compatible-architectures "arm64" "x86_64" \ + # --license-info "Apache-2.0" \ + # --description "AWS Distro of OpenTelemetry Lambda Layer for NodeJs Runtime" \ + # --query 'LayerVersionArn' \ + # --output text + # ) + # echo $layerARN + # echo "LAYER_ARN=${layerARN}" >> $GITHUB_ENV + # mkdir ${{ env.LAYER_NAME }} + # echo $layerARN > ${{ env.LAYER_NAME }}/${{ matrix.aws_region }} + # cat ${{ env.LAYER_NAME }}/${{ matrix.aws_region }} + # - name: public layer + # run: | + # layerVersion=$( + # aws lambda list-layer-versions \ + # --layer-name ${{ env.LAYER_NAME }} \ + # --query 'max_by(LayerVersions, &Version).Version' + # ) + # aws lambda add-layer-version-permission \ + # --layer-name ${{ env.LAYER_NAME }} \ + # --version-number $layerVersion \ + # --principal "*" \ + # --statement-id publish \ + # --action lambda:GetLayerVersion + # - name: upload layer arn artifact + # if: ${{ success() }} + # uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 #v4.6.2 + # with: + # name: ${{ env.LAYER_NAME }}-${{ matrix.aws_region }} + # path: ${{ env.LAYER_NAME }}/${{ matrix.aws_region }} + # - name: clean s3 + # if: always() + # run: | + # aws s3 rb --force s3://${{ env.BUCKET_NAME }} generate-lambda-release-note: runs-on: ubuntu-latest - needs: publish-layer-prod + # needs: publish-layer-prod outputs: layer-note: ${{ steps.layer-note.outputs.layer-note }} steps: - name: Checkout Repo @ SHA - ${{ github.sha }} uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 - - uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd #v3.1.2 - - name: download layerARNs - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 #v5.0.0 - with: - pattern: ${{ env.LAYER_NAME }}-* - path: ${{ env.LAYER_NAME }} - merge-multiple: true - - name: show layerARNs - run: | - for file in ${{ env.LAYER_NAME }}/* - do - echo $file - cat $file - done - name: generate layer-note id: layer-note - working-directory: ${{ env.LAYER_NAME }} run: | - echo "| Region | Layer ARN |" >> ../layer-note - echo "| ---- | ---- |" >> ../layer-note - for file in * - do - read arn < $file - echo "| " $file " | " $arn " |" >> ../layer-note - done - cd .. + cat > layer-note << 'EOF' + | Region | Layer ARN | + | ---- | ---- | + | us-east-1 | arn:aws:lambda:us-east-1:901920570463:layer:AWSOpenTelemetryDistroJs:123 | + | us-east-2 | arn:aws:lambda:us-east-2:901920570463:layer:AWSOpenTelemetryDistroJs:124 | + | us-west-1 | arn:aws:lambda:us-west-1:901920570463:layer:AWSOpenTelemetryDistroJs:125 | + | us-west-2 | arn:aws:lambda:us-west-2:901920570463:layer:AWSOpenTelemetryDistroJs:126 | + | ap-south-1 | arn:aws:lambda:ap-south-1:901920570463:layer:AWSOpenTelemetryDistroJs:127 | + | ap-northeast-3 | arn:aws:lambda:ap-northeast-3:901920570463:layer:AWSOpenTelemetryDistroJs:128 | + | ap-northeast-2 | arn:aws:lambda:ap-northeast-2:901920570463:layer:AWSOpenTelemetryDistroJs:129 | + | ap-southeast-1 | arn:aws:lambda:ap-southeast-1:901920570463:layer:AWSOpenTelemetryDistroJs:130 | + | ap-southeast-2 | arn:aws:lambda:ap-southeast-2:901920570463:layer:AWSOpenTelemetryDistroJs:131 | + | ap-northeast-1 | arn:aws:lambda:ap-northeast-1:901920570463:layer:AWSOpenTelemetryDistroJs:132 | + | ca-central-1 | arn:aws:lambda:ca-central-1:901920570463:layer:AWSOpenTelemetryDistroJs:133 | + | eu-central-1 | arn:aws:lambda:eu-central-1:901920570463:layer:AWSOpenTelemetryDistroJs:134 | + | eu-west-1 | arn:aws:lambda:eu-west-1:901920570463:layer:AWSOpenTelemetryDistroJs:135 | + | eu-west-2 | arn:aws:lambda:eu-west-2:901920570463:layer:AWSOpenTelemetryDistroJs:136 | + | eu-west-3 | arn:aws:lambda:eu-west-3:901920570463:layer:AWSOpenTelemetryDistroJs:137 | + | eu-north-1 | arn:aws:lambda:eu-north-1:901920570463:layer:AWSOpenTelemetryDistroJs:138 | + | sa-east-1 | arn:aws:lambda:sa-east-1:901920570463:layer:AWSOpenTelemetryDistroJs:139 | + | af-south-1 | arn:aws:lambda:af-south-1:901920570463:layer:AWSOpenTelemetryDistroJs:140 | + | ap-east-1 | arn:aws:lambda:ap-east-1:901920570463:layer:AWSOpenTelemetryDistroJs:141 | + | me-south-1 | arn:aws:lambda:me-south-1:901920570463:layer:AWSOpenTelemetryDistroJs:142 | + EOF { echo "layer-note<> $GITHUB_OUTPUT cat layer-note - - name: generate tf layer - working-directory: ${{ env.LAYER_NAME }} - run: | - echo "locals {" >> ../layer_arns.tf - echo " sdk_layer_arns = {" >> ../layer_arns.tf - for file in * - do - read arn < $file - echo " \""$file"\" = \""$arn"\"" >> ../layer_arns.tf - done - cd .. - echo " }" >> layer_arns.tf - echo "}" >> layer_arns.tf - terraform fmt layer_arns.tf - cat layer_arns.tf - - name: generate layer ARN constants for CDK - working-directory: ${{ env.LAYER_NAME }} - run: | - echo "{" > ../layer_cdk - for file in *; do - read arn < "$file" - echo " \"$file\": \"$arn\"," >> ../layer_cdk - done - echo "}" >> ../layer_cdk - cat ../layer_cdk publish-github: needs: generate-lambda-release-note diff --git a/CHANGELOG.md b/CHANGELOG.md index 4903862b..bf6e086b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -17,3 +17,14 @@ If your change does not need a CHANGELOG entry, add the "skip changelog" label t - Support X-Ray Trace Id extraction from Lambda Context object, and respect user-configured OTEL_PROPAGATORS in AWS Lamdba instrumentation ([#259](https://github.com/aws-observability/aws-otel-js-instrumentation/pull/259)) + +## v0.7.0-dev0 + +- random change + ([#259](https://github.com/aws-observability/aws-otel-js-instrumentation/pull/259)) + +- another random change + ([#259](https://github.com/aws-observability/aws-otel-js-instrumentation/pull/259)) + +- yet another random change + ([#259](https://github.com/aws-observability/aws-otel-js-instrumentation/pull/259)) From 80e48d96dd4594453c9557cfc319deef33d1f0cb Mon Sep 17 00:00:00 2001 From: Eric Zhang Date: Tue, 7 Oct 2025 12:29:59 -0700 Subject: [PATCH 4/7] fix workflow for test --- .github/workflows/release-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release-build.yml b/.github/workflows/release-build.yml index 68f8ffbc..84a705f7 100644 --- a/.github/workflows/release-build.yml +++ b/.github/workflows/release-build.yml @@ -255,7 +255,7 @@ jobs: generate-lambda-release-note: runs-on: ubuntu-latest - # needs: publish-layer-prod + needs: build-layer outputs: layer-note: ${{ steps.layer-note.outputs.layer-note }} steps: From a58077b4097d60960976d7434eab86cc5666de8f Mon Sep 17 00:00:00 2001 From: Eric Zhang Date: Tue, 7 Oct 2025 12:41:12 -0700 Subject: [PATCH 5/7] use python for CHANGELOG extraction script --- .github/workflows/release-build.yml | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/.github/workflows/release-build.yml b/.github/workflows/release-build.yml index 84a705f7..643b89b8 100644 --- a/.github/workflows/release-build.yml +++ b/.github/workflows/release-build.yml @@ -328,17 +328,16 @@ jobs: ") # Extract CHANGELOG entries for this version - CHANGELOG_ENTRIES=$(node -e " - const fs = require('fs'); - const content = fs.readFileSync('CHANGELOG.md', 'utf8'); - const versionPattern = new RegExp(\`## v\${{ github.event.inputs.version }}.*?\\n(.*?)(?=\\n## |$)\`, 'gs'); - const versionMatch = content.match(versionPattern); - if (versionMatch && versionMatch[0]) { - const entries = versionMatch[0].replace(/^## v\${{ github.event.inputs.version }}.*?\\n/, '').trim(); - if (entries) { - console.log(entries); - } - } + CHANGELOG_ENTRIES=$(python3 -c " + import re + with open('CHANGELOG.md', 'r') as f: + content = f.read() + version_pattern = r'## v${{ github.event.inputs.version }}.*?\n(.*?)(?=\n## |\Z)' + version_match = re.search(version_pattern, content, re.DOTALL) + if version_match: + entries = version_match.group(1).strip() + if entries: + print(entries) ") # Create release notes From c7e1847f5fb55b6f424be165f35144268afe52fa Mon Sep 17 00:00:00 2001 From: Eric Zhang Date: Tue, 7 Oct 2025 14:33:01 -0700 Subject: [PATCH 6/7] Revert "modify workflow and CHANGELOG to test release notes" This reverts commit 9cf9841b407d87698651f9085c742a22f501425d. --- .github/workflows/release-build.yml | 374 +++++++++++++++------------- CHANGELOG.md | 11 - 2 files changed, 199 insertions(+), 186 deletions(-) diff --git a/.github/workflows/release-build.yml b/.github/workflows/release-build.yml index 643b89b8..abc4e3f0 100644 --- a/.github/workflows/release-build.yml +++ b/.github/workflows/release-build.yml @@ -35,23 +35,23 @@ jobs: - name: Checkout Contrib Repo @ SHA - ${{ github.sha }} uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 - # - name: Check main build status - # env: - # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - # run: | - # WORKFLOW_ID=$(gh api repos/${{ github.repository }}/actions/workflows --jq '.workflows[] | select(.name=="NodeJS Instrumentation Main Build") | .id') - # LATEST_RUN=$(gh api repos/${{ github.repository }}/actions/workflows/$WORKFLOW_ID/runs --jq '[.workflow_runs[] | select(.head_branch=="${{ github.ref_name }}")] | sort_by(.created_at) | .[-1] | {conclusion, status}') - # STATUS=$(echo "$LATEST_RUN" | jq -r '.status') - # CONCLUSION=$(echo "$LATEST_RUN" | jq -r '.conclusion') + - name: Check main build status + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + WORKFLOW_ID=$(gh api repos/${{ github.repository }}/actions/workflows --jq '.workflows[] | select(.name=="NodeJS Instrumentation Main Build") | .id') + LATEST_RUN=$(gh api repos/${{ github.repository }}/actions/workflows/$WORKFLOW_ID/runs --jq '[.workflow_runs[] | select(.head_branch=="${{ github.ref_name }}")] | sort_by(.created_at) | .[-1] | {conclusion, status}') + STATUS=$(echo "$LATEST_RUN" | jq -r '.status') + CONCLUSION=$(echo "$LATEST_RUN" | jq -r '.conclusion') - # if [ "$STATUS" = "in_progress" ] || [ "$STATUS" = "queued" ]; then - # echo "Main build is still running (status: $STATUS). Cannot proceed with release." - # exit 1 - # elif [ "$CONCLUSION" != "success" ]; then - # echo "Latest main build on branch ${{ github.ref_name }} conclusion: $CONCLUSION" - # exit 1 - # fi - # echo "Main build succeeded, proceeding with release" + if [ "$STATUS" = "in_progress" ] || [ "$STATUS" = "queued" ]; then + echo "Main build is still running (status: $STATUS). Cannot proceed with release." + exit 1 + elif [ "$CONCLUSION" != "success" ]; then + echo "Latest main build on branch ${{ github.ref_name }} conclusion: $CONCLUSION" + exit 1 + fi + echo "Main build succeeded, proceeding with release" - name: Build Tarball and Image Files uses: ./.github/actions/artifacts_build @@ -110,190 +110,214 @@ jobs: name: layer.zip path: lambda-layer/packages/layer/build/layer.zip - # publish-sdk: - # needs: [build-sdk, build-layer] - # runs-on: ubuntu-latest - # steps: - # - name: Checkout Repo @ SHA - ${{ github.sha }} - # uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 + publish-sdk: + needs: [build-sdk, build-layer] + runs-on: ubuntu-latest + steps: + - name: Checkout Repo @ SHA - ${{ github.sha }} + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 - # - name: Configure AWS credentials for private ECR - # uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v5.0.0 - # with: - # role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }} - # aws-region: ${{ env.AWS_PRIVATE_ECR_REGION }} + - name: Configure AWS credentials for private ECR + uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v5.0.0 + with: + role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }} + aws-region: ${{ env.AWS_PRIVATE_ECR_REGION }} - # - name: Log in to AWS private ECR - # uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 #v3.5.0 - # with: - # registry: ${{ env.RELEASE_PRIVATE_REGISTRY }} + - name: Log in to AWS private ECR + uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 #v3.5.0 + with: + registry: ${{ env.RELEASE_PRIVATE_REGISTRY }} - # - name: Configure AWS credentials for public ECR - # uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v5.0.0 - # with: - # role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }} - # aws-region: ${{ env.AWS_PUBLIC_ECR_REGION }} + - name: Configure AWS credentials for public ECR + uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v5.0.0 + with: + role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }} + aws-region: ${{ env.AWS_PUBLIC_ECR_REGION }} - # - name: Log in to AWS public ECR - # uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 #v3.5.0 - # with: - # registry: public.ecr.aws + - name: Log in to AWS public ECR + uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 #v3.5.0 + with: + registry: public.ecr.aws - # # Publish to public ECR - # - name: Build and push public ECR image - # uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 #v6.18.0 - # with: - # push: true - # context: . - # file: ./Dockerfile - # platforms: linux/amd64,linux/arm64 - # tags: | - # ${{ env.RELEASE_PUBLIC_REPOSITORY }}:v${{ github.event.inputs.version }} + # Publish to public ECR + - name: Build and push public ECR image + uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 #v6.18.0 + with: + push: true + context: . + file: ./Dockerfile + platforms: linux/amd64,linux/arm64 + tags: | + ${{ env.RELEASE_PUBLIC_REPOSITORY }}:v${{ github.event.inputs.version }} - # # Publish to private ECR - # - name: Build and push private ECR image - # uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 #v6.18.0 - # with: - # push: true - # context: . - # file: ./Dockerfile - # platforms: linux/amd64,linux/arm64 - # tags: | - # ${{ env.RELEASE_PRIVATE_REPOSITORY }}:v${{ github.event.inputs.version }} + # Publish to private ECR + - name: Build and push private ECR image + uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 #v6.18.0 + with: + push: true + context: . + file: ./Dockerfile + platforms: linux/amd64,linux/arm64 + tags: | + ${{ env.RELEASE_PRIVATE_REPOSITORY }}:v${{ github.event.inputs.version }} - # # Publish '@aws/aws-distro-opentelemetry-node-autoinstrumentation' to npm - # - name: Publish autoinstrumentation to npm - # working-directory: aws-distro-opentelemetry-node-autoinstrumentation - # env: - # NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}} - # NPM_CONFIG_PROVENANCE: true - # run: npm publish + # Publish '@aws/aws-distro-opentelemetry-node-autoinstrumentation' to npm + - name: Publish autoinstrumentation to npm + working-directory: aws-distro-opentelemetry-node-autoinstrumentation + env: + NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}} + NPM_CONFIG_PROVENANCE: true + run: npm publish - # publish-layer-prod: - # runs-on: ubuntu-latest - # needs: [build-layer, publish-sdk] - # strategy: - # matrix: - # aws_region: ${{ fromJson(needs.build-layer.outputs.aws_regions_json) }} - # steps: - # - name: role arn - # env: - # LEGACY_COMMERCIAL_REGIONS: ${{ env.LEGACY_COMMERCIAL_REGIONS }} - # run: | - # LEGACY_COMMERCIAL_REGIONS_ARRAY=(${LEGACY_COMMERCIAL_REGIONS//,/ }) - # FOUND=false - # for REGION in "${LEGACY_COMMERCIAL_REGIONS_ARRAY[@]}"; do - # if [[ "$REGION" == "${{ matrix.aws_region }}" ]]; then - # FOUND=true - # break - # fi - # done - # if [ "$FOUND" = true ]; then - # echo "Found ${{ matrix.aws_region }} in LEGACY_COMMERCIAL_REGIONS" - # SECRET_KEY="LAMBDA_LAYER_RELEASE" - # else - # echo "Not found ${{ matrix.aws_region }} in LEGACY_COMMERCIAL_REGIONS" - # SECRET_KEY="${{ matrix.aws_region }}_LAMBDA_LAYER_RELEASE" - # fi - # SECRET_KEY=${SECRET_KEY//-/_} - # echo "SECRET_KEY=${SECRET_KEY}" >> $GITHUB_ENV - # - uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v5.0.0 - # with: - # role-to-assume: ${{ secrets[env.SECRET_KEY] }} - # role-duration-seconds: 1200 - # aws-region: ${{ matrix.aws_region }} - # - name: Get s3 bucket name for release - # run: | - # echo BUCKET_NAME=nodejs-lambda-layer-${{ github.run_id }}-${{ matrix.aws_region }} | tee --append $GITHUB_ENV - # - name: download layer.zip - # uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 #v5.0.0 - # with: - # name: layer.zip - # - name: publish - # run: | - # aws s3 mb s3://${{ env.BUCKET_NAME }} - # aws s3 cp layer.zip s3://${{ env.BUCKET_NAME }} - # layerARN=$( - # aws lambda publish-layer-version \ - # --layer-name ${{ env.LAYER_NAME }} \ - # --content S3Bucket=${{ env.BUCKET_NAME }},S3Key=layer.zip \ - # --compatible-runtimes nodejs18.x nodejs20.x nodejs22.x \ - # --compatible-architectures "arm64" "x86_64" \ - # --license-info "Apache-2.0" \ - # --description "AWS Distro of OpenTelemetry Lambda Layer for NodeJs Runtime" \ - # --query 'LayerVersionArn' \ - # --output text - # ) - # echo $layerARN - # echo "LAYER_ARN=${layerARN}" >> $GITHUB_ENV - # mkdir ${{ env.LAYER_NAME }} - # echo $layerARN > ${{ env.LAYER_NAME }}/${{ matrix.aws_region }} - # cat ${{ env.LAYER_NAME }}/${{ matrix.aws_region }} - # - name: public layer - # run: | - # layerVersion=$( - # aws lambda list-layer-versions \ - # --layer-name ${{ env.LAYER_NAME }} \ - # --query 'max_by(LayerVersions, &Version).Version' - # ) - # aws lambda add-layer-version-permission \ - # --layer-name ${{ env.LAYER_NAME }} \ - # --version-number $layerVersion \ - # --principal "*" \ - # --statement-id publish \ - # --action lambda:GetLayerVersion - # - name: upload layer arn artifact - # if: ${{ success() }} - # uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 #v4.6.2 - # with: - # name: ${{ env.LAYER_NAME }}-${{ matrix.aws_region }} - # path: ${{ env.LAYER_NAME }}/${{ matrix.aws_region }} - # - name: clean s3 - # if: always() - # run: | - # aws s3 rb --force s3://${{ env.BUCKET_NAME }} + publish-layer-prod: + runs-on: ubuntu-latest + needs: [build-layer, publish-sdk] + strategy: + matrix: + aws_region: ${{ fromJson(needs.build-layer.outputs.aws_regions_json) }} + steps: + - name: role arn + env: + LEGACY_COMMERCIAL_REGIONS: ${{ env.LEGACY_COMMERCIAL_REGIONS }} + run: | + LEGACY_COMMERCIAL_REGIONS_ARRAY=(${LEGACY_COMMERCIAL_REGIONS//,/ }) + FOUND=false + for REGION in "${LEGACY_COMMERCIAL_REGIONS_ARRAY[@]}"; do + if [[ "$REGION" == "${{ matrix.aws_region }}" ]]; then + FOUND=true + break + fi + done + if [ "$FOUND" = true ]; then + echo "Found ${{ matrix.aws_region }} in LEGACY_COMMERCIAL_REGIONS" + SECRET_KEY="LAMBDA_LAYER_RELEASE" + else + echo "Not found ${{ matrix.aws_region }} in LEGACY_COMMERCIAL_REGIONS" + SECRET_KEY="${{ matrix.aws_region }}_LAMBDA_LAYER_RELEASE" + fi + SECRET_KEY=${SECRET_KEY//-/_} + echo "SECRET_KEY=${SECRET_KEY}" >> $GITHUB_ENV + - uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v5.0.0 + with: + role-to-assume: ${{ secrets[env.SECRET_KEY] }} + role-duration-seconds: 1200 + aws-region: ${{ matrix.aws_region }} + - name: Get s3 bucket name for release + run: | + echo BUCKET_NAME=nodejs-lambda-layer-${{ github.run_id }}-${{ matrix.aws_region }} | tee --append $GITHUB_ENV + - name: download layer.zip + uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 #v5.0.0 + with: + name: layer.zip + - name: publish + run: | + aws s3 mb s3://${{ env.BUCKET_NAME }} + aws s3 cp layer.zip s3://${{ env.BUCKET_NAME }} + layerARN=$( + aws lambda publish-layer-version \ + --layer-name ${{ env.LAYER_NAME }} \ + --content S3Bucket=${{ env.BUCKET_NAME }},S3Key=layer.zip \ + --compatible-runtimes nodejs18.x nodejs20.x nodejs22.x \ + --compatible-architectures "arm64" "x86_64" \ + --license-info "Apache-2.0" \ + --description "AWS Distro of OpenTelemetry Lambda Layer for NodeJs Runtime" \ + --query 'LayerVersionArn' \ + --output text + ) + echo $layerARN + echo "LAYER_ARN=${layerARN}" >> $GITHUB_ENV + mkdir ${{ env.LAYER_NAME }} + echo $layerARN > ${{ env.LAYER_NAME }}/${{ matrix.aws_region }} + cat ${{ env.LAYER_NAME }}/${{ matrix.aws_region }} + - name: public layer + run: | + layerVersion=$( + aws lambda list-layer-versions \ + --layer-name ${{ env.LAYER_NAME }} \ + --query 'max_by(LayerVersions, &Version).Version' + ) + aws lambda add-layer-version-permission \ + --layer-name ${{ env.LAYER_NAME }} \ + --version-number $layerVersion \ + --principal "*" \ + --statement-id publish \ + --action lambda:GetLayerVersion + - name: upload layer arn artifact + if: ${{ success() }} + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 #v4.6.2 + with: + name: ${{ env.LAYER_NAME }}-${{ matrix.aws_region }} + path: ${{ env.LAYER_NAME }}/${{ matrix.aws_region }} + - name: clean s3 + if: always() + run: | + aws s3 rb --force s3://${{ env.BUCKET_NAME }} generate-lambda-release-note: runs-on: ubuntu-latest - needs: build-layer + needs: publish-layer-prod outputs: layer-note: ${{ steps.layer-note.outputs.layer-note }} steps: - name: Checkout Repo @ SHA - ${{ github.sha }} uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 + - uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd #v3.1.2 + - name: download layerARNs + uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 #v5.0.0 + with: + pattern: ${{ env.LAYER_NAME }}-* + path: ${{ env.LAYER_NAME }} + merge-multiple: true + - name: show layerARNs + run: | + for file in ${{ env.LAYER_NAME }}/* + do + echo $file + cat $file + done - name: generate layer-note id: layer-note + working-directory: ${{ env.LAYER_NAME }} run: | - cat > layer-note << 'EOF' - | Region | Layer ARN | - | ---- | ---- | - | us-east-1 | arn:aws:lambda:us-east-1:901920570463:layer:AWSOpenTelemetryDistroJs:123 | - | us-east-2 | arn:aws:lambda:us-east-2:901920570463:layer:AWSOpenTelemetryDistroJs:124 | - | us-west-1 | arn:aws:lambda:us-west-1:901920570463:layer:AWSOpenTelemetryDistroJs:125 | - | us-west-2 | arn:aws:lambda:us-west-2:901920570463:layer:AWSOpenTelemetryDistroJs:126 | - | ap-south-1 | arn:aws:lambda:ap-south-1:901920570463:layer:AWSOpenTelemetryDistroJs:127 | - | ap-northeast-3 | arn:aws:lambda:ap-northeast-3:901920570463:layer:AWSOpenTelemetryDistroJs:128 | - | ap-northeast-2 | arn:aws:lambda:ap-northeast-2:901920570463:layer:AWSOpenTelemetryDistroJs:129 | - | ap-southeast-1 | arn:aws:lambda:ap-southeast-1:901920570463:layer:AWSOpenTelemetryDistroJs:130 | - | ap-southeast-2 | arn:aws:lambda:ap-southeast-2:901920570463:layer:AWSOpenTelemetryDistroJs:131 | - | ap-northeast-1 | arn:aws:lambda:ap-northeast-1:901920570463:layer:AWSOpenTelemetryDistroJs:132 | - | ca-central-1 | arn:aws:lambda:ca-central-1:901920570463:layer:AWSOpenTelemetryDistroJs:133 | - | eu-central-1 | arn:aws:lambda:eu-central-1:901920570463:layer:AWSOpenTelemetryDistroJs:134 | - | eu-west-1 | arn:aws:lambda:eu-west-1:901920570463:layer:AWSOpenTelemetryDistroJs:135 | - | eu-west-2 | arn:aws:lambda:eu-west-2:901920570463:layer:AWSOpenTelemetryDistroJs:136 | - | eu-west-3 | arn:aws:lambda:eu-west-3:901920570463:layer:AWSOpenTelemetryDistroJs:137 | - | eu-north-1 | arn:aws:lambda:eu-north-1:901920570463:layer:AWSOpenTelemetryDistroJs:138 | - | sa-east-1 | arn:aws:lambda:sa-east-1:901920570463:layer:AWSOpenTelemetryDistroJs:139 | - | af-south-1 | arn:aws:lambda:af-south-1:901920570463:layer:AWSOpenTelemetryDistroJs:140 | - | ap-east-1 | arn:aws:lambda:ap-east-1:901920570463:layer:AWSOpenTelemetryDistroJs:141 | - | me-south-1 | arn:aws:lambda:me-south-1:901920570463:layer:AWSOpenTelemetryDistroJs:142 | - EOF + echo "| Region | Layer ARN |" >> ../layer-note + echo "| ---- | ---- |" >> ../layer-note + for file in * + do + read arn < $file + echo "| " $file " | " $arn " |" >> ../layer-note + done + cd .. { echo "layer-note<> $GITHUB_OUTPUT cat layer-note + - name: generate tf layer + working-directory: ${{ env.LAYER_NAME }} + run: | + echo "locals {" >> ../layer_arns.tf + echo " sdk_layer_arns = {" >> ../layer_arns.tf + for file in * + do + read arn < $file + echo " \""$file"\" = \""$arn"\"" >> ../layer_arns.tf + done + cd .. + echo " }" >> layer_arns.tf + echo "}" >> layer_arns.tf + terraform fmt layer_arns.tf + cat layer_arns.tf + - name: generate layer ARN constants for CDK + working-directory: ${{ env.LAYER_NAME }} + run: | + echo "{" > ../layer_cdk + for file in *; do + read arn < "$file" + echo " \"$file\": \"$arn\"," >> ../layer_cdk + done + echo "}" >> ../layer_cdk + cat ../layer_cdk publish-github: needs: generate-lambda-release-note diff --git a/CHANGELOG.md b/CHANGELOG.md index bf6e086b..4903862b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -17,14 +17,3 @@ If your change does not need a CHANGELOG entry, add the "skip changelog" label t - Support X-Ray Trace Id extraction from Lambda Context object, and respect user-configured OTEL_PROPAGATORS in AWS Lamdba instrumentation ([#259](https://github.com/aws-observability/aws-otel-js-instrumentation/pull/259)) - -## v0.7.0-dev0 - -- random change - ([#259](https://github.com/aws-observability/aws-otel-js-instrumentation/pull/259)) - -- another random change - ([#259](https://github.com/aws-observability/aws-otel-js-instrumentation/pull/259)) - -- yet another random change - ([#259](https://github.com/aws-observability/aws-otel-js-instrumentation/pull/259)) From 3cc167aaa69f593958104295635a3602b20cc9e5 Mon Sep 17 00:00:00 2001 From: Eric Zhang Date: Wed, 22 Oct 2025 11:48:05 -0700 Subject: [PATCH 7/7] use env vars for workflow --- .github/workflows/release-build.yml | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/.github/workflows/release-build.yml b/.github/workflows/release-build.yml index abc4e3f0..afa93e2b 100644 --- a/.github/workflows/release-build.yml +++ b/.github/workflows/release-build.yml @@ -81,8 +81,10 @@ jobs: steps: - name: Set up regions matrix id: set-matrix + env: + AWS_REGIONS: ${{ github.event.inputs.aws_region }} run: | - IFS=',' read -ra REGIONS <<< "${{ github.event.inputs.aws_region }}" + IFS=',' read -ra REGIONS <<< "$AWS_REGIONS" MATRIX="[" for region in "${REGIONS[@]}"; do trimmed_region=$(echo "$region" | xargs) @@ -341,6 +343,7 @@ jobs: id: create_release env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + VERSION: ${{ github.event.inputs.version }} run: | # Generate dependency versions from package.json DEPS=$(node -e " @@ -353,10 +356,11 @@ jobs: # Extract CHANGELOG entries for this version CHANGELOG_ENTRIES=$(python3 -c " - import re + import re, os + version = os.environ['VERSION'] with open('CHANGELOG.md', 'r') as f: content = f.read() - version_pattern = r'## v${{ github.event.inputs.version }}.*?\n(.*?)(?=\n## |\Z)' + version_pattern = rf'## v{re.escape(version)}.*?\n(.*?)(?=\n## |\Z)' version_match = re.search(version_pattern, content, re.DOTALL) if version_match: entries = version_match.group(1).strip() @@ -375,14 +379,14 @@ jobs: ## Release Artifacts This release publishes to public ECR and NPM. - * See ADOT node auto-instrumentation Docker image v${{ github.event.inputs.version }} in our public ECR repository: + * See ADOT node auto-instrumentation Docker image v$VERSION in our public ECR repository: https://gallery.ecr.aws/aws-observability/adot-autoinstrumentation-node - * See version ${{ github.event.inputs.version }} in our NPM repository: + * See version $VERSION in our NPM repository: https://www.npmjs.com/package/@aws/aws-distro-opentelemetry-node-autoinstrumentation ## Lambda Layer - This release includes the AWS OpenTelemetry Lambda Layer for JavaScript version ${{ github.event.inputs.version }}-$(echo $GITHUB_SHA | cut -c1-7). + This release includes the AWS OpenTelemetry Lambda Layer for JavaScript version $VERSION-$(echo $GITHUB_SHA | cut -c1-7). Lambda Layer ARNs: ${{ needs.generate-lambda-release-note.outputs.layer-note }} @@ -392,10 +396,10 @@ jobs: shasum -a 256 layer.zip > layer.zip.sha256 gh release create --target "$GITHUB_REF_NAME" \ - --title "Release v${{ github.event.inputs.version }}" \ + --title "Release v$VERSION" \ --notes-file release_notes.md \ --draft \ - "v${{ github.event.inputs.version }}" \ + "v$VERSION" \ ${{ env.ARTIFACT_NAME }} \ ${{ env.ARTIFACT_NAME }}.sha256 \ layer.zip \