From 452491804c4f2b88f638e8f1358c48d5a9815ee9 Mon Sep 17 00:00:00 2001 From: Eric Zhang Date: Tue, 21 Oct 2025 16:07:53 -0700 Subject: [PATCH 1/2] Reapply "Merge SDK and Lambda Releases (#253)" (#260) (#261) This reverts commit d463605af2f6acd0c35a2d9a6d65c294bd09b794. DO NOT MERGE until we finalize our enhanced release process. *Issue #, if available:* *Description of changes:* By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice. Co-authored-by: Thomas Pierce --- .github/workflows/release-build.yml | 292 ++++++++++++++++++++++++--- .github/workflows/release-lambda.yml | 241 ---------------------- 2 files changed, 267 insertions(+), 266 deletions(-) delete mode 100644 .github/workflows/release-lambda.yml diff --git a/.github/workflows/release-build.yml b/.github/workflows/release-build.yml index 756f4479..0cc21f08 100644 --- a/.github/workflows/release-build.yml +++ b/.github/workflows/release-build.yml @@ -5,6 +5,10 @@ on: version: description: The version to tag the release with, e.g., 1.2.0 required: true + aws_region: + description: 'Deploy lambda layer to aws regions' + required: true + default: 'us-east-1, us-east-2, us-west-1, us-west-2, ap-south-1, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, eu-central-1, eu-west-1, eu-west-2, eu-west-3, eu-north-1, sa-east-1, af-south-1, ap-east-1, ap-south-2, ap-southeast-3, ap-southeast-4, eu-central-2, eu-south-1, eu-south-2, il-central-1, me-central-1, me-south-1, ap-southeast-5, ap-southeast-7, mx-central-1, ca-west-1, cn-north-1, cn-northwest-1' env: AWS_DEFAULT_REGION: us-east-1 @@ -14,14 +18,17 @@ env: RELEASE_PRIVATE_REPOSITORY: 020628701572.dkr.ecr.us-west-2.amazonaws.com/adot-autoinstrumentation-node RELEASE_PRIVATE_REGISTRY: 020628701572.dkr.ecr.us-west-2.amazonaws.com PACKAGE_NAME: aws-distro-opentelemetry-node-autoinstrumentation - ARTIFACT_NAME: aws-aws-distro-opentelemetry-node-autoinstrumentation-${{ github.event.inputs.version }}.tgz + ARTIFACT_NAME: aws-aws-distro-opentelemetry-node-autoinstrumentation-${{ github.event.inputs.version }}.tgz + # Legacy list of commercial regions to deploy to. New regions should NOT be added here, and instead should be added to the `aws_region` default input to the workflow. + LEGACY_COMMERCIAL_REGIONS: us-east-1, us-east-2, us-west-1, us-west-2, ap-south-1, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, eu-central-1, eu-west-1, eu-west-2, eu-west-3, eu-north-1, sa-east-1 + LAYER_NAME: AWSOpenTelemetryDistroJs permissions: id-token: write contents: write jobs: - build: + build-sdk: environment: Release runs-on: ubuntu-latest steps: @@ -56,9 +63,59 @@ jobs: package_name: aws-distro-opentelemetry-node-autoinstrumentation os: ubuntu-latest + - name: Upload SDK Tarball + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 #v4.6.2 + with: + name: ${{ env.ARTIFACT_NAME }} + path: aws-distro-opentelemetry-node-autoinstrumentation/${{ env.ARTIFACT_NAME }} + # TODO: Add some sort of smoke/integration testing before we go # release the artifacts. adot java for reference: # https://github.com/aws-observability/aws-otel-java-instrumentation/tree/93870a550ac30988fbdd5d3bf1e8f9f1b37916f5/smoke-tests + + build-layer: + needs: build-sdk + runs-on: ubuntu-latest + outputs: + aws_regions_json: ${{ steps.set-matrix.outputs.aws_regions_json }} + steps: + - name: Set up regions matrix + id: set-matrix + run: | + IFS=',' read -ra REGIONS <<< "${{ github.event.inputs.aws_region }}" + MATRIX="[" + for region in "${REGIONS[@]}"; do + trimmed_region=$(echo "$region" | xargs) + MATRIX+="\"$trimmed_region\"," + done + MATRIX="${MATRIX%,}]" + echo ${MATRIX} + echo "aws_regions_json=${MATRIX}" >> $GITHUB_OUTPUT + - name: Checkout Repo @ SHA - ${{ github.sha }} + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 + - name: Setup Node + uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 #v5.0.0 + with: + node-version: 22 + - name: NPM Clean Install + # https://docs.npmjs.com/cli/v10/commands/npm-ci + run: npm ci + - name: Compile all NPM projects + run: npm run compile + - name: Build Lambda Layer + run: npm run build-lambda + - name: upload layer + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 #v4.6.2 + with: + name: layer.zip + path: lambda-layer/packages/layer/build/layer.zip + + publish-sdk: + needs: [build-sdk, build-layer] + runs-on: ubuntu-latest + steps: + - name: Checkout Repo @ SHA - ${{ github.sha }} + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 - name: Configure AWS credentials for private ECR uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v5.0.0 @@ -82,7 +139,6 @@ jobs: with: registry: public.ecr.aws - # Publish to public ECR - name: Build and push public ECR image uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 #v6.18.0 @@ -105,37 +161,223 @@ jobs: tags: | ${{ env.RELEASE_PRIVATE_REPOSITORY }}:v${{ github.event.inputs.version }} - - name: Get SHA256 checksum of release artifact - id: get_sha256 + # Publish '@aws/aws-distro-opentelemetry-node-autoinstrumentation' to npm + - name: Publish autoinstrumentation to npm + working-directory: aws-distro-opentelemetry-node-autoinstrumentation + env: + NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}} + NPM_CONFIG_PROVENANCE: true + run: npm publish + + publish-layer-prod: + runs-on: ubuntu-latest + needs: [build-layer, publish-sdk] + strategy: + matrix: + aws_region: ${{ fromJson(needs.build-layer.outputs.aws_regions_json) }} + steps: + - name: role arn + env: + LEGACY_COMMERCIAL_REGIONS: ${{ env.LEGACY_COMMERCIAL_REGIONS }} + run: | + LEGACY_COMMERCIAL_REGIONS_ARRAY=(${LEGACY_COMMERCIAL_REGIONS//,/ }) + FOUND=false + for REGION in "${LEGACY_COMMERCIAL_REGIONS_ARRAY[@]}"; do + if [[ "$REGION" == "${{ matrix.aws_region }}" ]]; then + FOUND=true + break + fi + done + if [ "$FOUND" = true ]; then + echo "Found ${{ matrix.aws_region }} in LEGACY_COMMERCIAL_REGIONS" + SECRET_KEY="LAMBDA_LAYER_RELEASE" + else + echo "Not found ${{ matrix.aws_region }} in LEGACY_COMMERCIAL_REGIONS" + SECRET_KEY="${{ matrix.aws_region }}_LAMBDA_LAYER_RELEASE" + fi + SECRET_KEY=${SECRET_KEY//-/_} + echo "SECRET_KEY=${SECRET_KEY}" >> $GITHUB_ENV + - uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v5.0.0 + with: + role-to-assume: ${{ secrets[env.SECRET_KEY] }} + role-duration-seconds: 1200 + aws-region: ${{ matrix.aws_region }} + - name: Get s3 bucket name for release + run: | + echo BUCKET_NAME=nodejs-lambda-layer-${{ github.run_id }}-${{ matrix.aws_region }} | tee --append $GITHUB_ENV + - name: download layer.zip + uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 #v5.0.0 + with: + name: layer.zip + - name: publish + run: | + aws s3 mb s3://${{ env.BUCKET_NAME }} + aws s3 cp layer.zip s3://${{ env.BUCKET_NAME }} + layerARN=$( + aws lambda publish-layer-version \ + --layer-name ${{ env.LAYER_NAME }} \ + --content S3Bucket=${{ env.BUCKET_NAME }},S3Key=layer.zip \ + --compatible-runtimes nodejs18.x nodejs20.x nodejs22.x \ + --compatible-architectures "arm64" "x86_64" \ + --license-info "Apache-2.0" \ + --description "AWS Distro of OpenTelemetry Lambda Layer for NodeJs Runtime" \ + --query 'LayerVersionArn' \ + --output text + ) + echo $layerARN + echo "LAYER_ARN=${layerARN}" >> $GITHUB_ENV + mkdir ${{ env.LAYER_NAME }} + echo $layerARN > ${{ env.LAYER_NAME }}/${{ matrix.aws_region }} + cat ${{ env.LAYER_NAME }}/${{ matrix.aws_region }} + - name: public layer + run: | + layerVersion=$( + aws lambda list-layer-versions \ + --layer-name ${{ env.LAYER_NAME }} \ + --query 'max_by(LayerVersions, &Version).Version' + ) + aws lambda add-layer-version-permission \ + --layer-name ${{ env.LAYER_NAME }} \ + --version-number $layerVersion \ + --principal "*" \ + --statement-id publish \ + --action lambda:GetLayerVersion + - name: upload layer arn artifact + if: ${{ success() }} + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 #v4.6.2 + with: + name: ${{ env.LAYER_NAME }}-${{ matrix.aws_region }} + path: ${{ env.LAYER_NAME }}/${{ matrix.aws_region }} + - name: clean s3 + if: always() + run: | + aws s3 rb --force s3://${{ env.BUCKET_NAME }} + + generate-lambda-release-note: + runs-on: ubuntu-latest + needs: publish-layer-prod + outputs: + layer-note: ${{ steps.layer-note.outputs.layer-note }} + steps: + - name: Checkout Repo @ SHA - ${{ github.sha }} + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 + - uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd #v3.1.2 + - name: download layerARNs + uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 #v5.0.0 + with: + pattern: ${{ env.LAYER_NAME }}-* + path: ${{ env.LAYER_NAME }} + merge-multiple: true + - name: show layerARNs + run: | + for file in ${{ env.LAYER_NAME }}/* + do + echo $file + cat $file + done + - name: generate layer-note + id: layer-note + working-directory: ${{ env.LAYER_NAME }} run: | - shasum -a 256 aws-distro-opentelemetry-node-autoinstrumentation/${{ env.ARTIFACT_NAME }} | sed "s|aws-distro-opentelemetry-node-autoinstrumentation/||" > ${{ env.ARTIFACT_NAME }}.sha256 - + echo "| Region | Layer ARN |" >> ../layer-note + echo "| ---- | ---- |" >> ../layer-note + for file in * + do + read arn < $file + echo "| " $file " | " $arn " |" >> ../layer-note + done + cd .. + { + echo "layer-note<> $GITHUB_OUTPUT + cat layer-note + - name: generate tf layer + working-directory: ${{ env.LAYER_NAME }} + run: | + echo "locals {" >> ../layer_arns.tf + echo " sdk_layer_arns = {" >> ../layer_arns.tf + for file in * + do + read arn < $file + echo " \""$file"\" = \""$arn"\"" >> ../layer_arns.tf + done + cd .. + echo " }" >> layer_arns.tf + echo "}" >> layer_arns.tf + terraform fmt layer_arns.tf + cat layer_arns.tf + - name: generate layer ARN constants for CDK + working-directory: ${{ env.LAYER_NAME }} + run: | + echo "{" > ../layer_cdk + for file in *; do + read arn < "$file" + echo " \"$file\": \"$arn\"," >> ../layer_cdk + done + echo "}" >> ../layer_cdk + cat ../layer_cdk + + publish-github: + needs: generate-lambda-release-note + runs-on: ubuntu-latest + steps: + - name: Checkout Repo @ SHA - ${{ github.sha }} + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 + + - name: Download SDK artifact + uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 #v5.0.0 + with: + name: ${{ env.ARTIFACT_NAME }} + + - name: Download layer.zip artifact + uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 #v5.0.0 + with: + name: layer.zip + # Publish to GitHub releases - name: Create GH release id: create_release env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - # Download layer.zip from existing latest tagged SDK release note - LATEST_SDK_VERSION=$(gh release list --repo "aws-observability/aws-otel-js-instrumentation" --json tagName,isLatest -q 'map(select(.isLatest==true)) | .[0].tagName') - mkdir -p layer_artifact - gh release download "$LATEST_SDK_VERSION" --repo "aws-observability/aws-otel-js-instrumentation" --pattern "layer.zip" --dir layer_artifact - shasum -a 256 layer_artifact/layer.zip > layer_artifact/layer.zip.sha256 + # Generate dependency versions from package.json + DEPS=$(node -e " + const pkg = require('./aws-distro-opentelemetry-node-autoinstrumentation/package.json'); + const deps = Object.entries(pkg.dependencies || {}) + .map(([name, version]) => \`- \\\`\${name}\\\` - \${version}\`) + .join('\n'); + console.log(deps); + ") + + # Create release notes + cat > release_notes.md << EOF + This release contains the following upstream components: + + $DEPS + + This release also publishes to public ECR and NPM. + * See ADOT node auto-instrumentation Docker image v${{ github.event.inputs.version }} in our public ECR repository: + https://gallery.ecr.aws/aws-observability/adot-autoinstrumentation-node + * See version ${{ github.event.inputs.version }} in our NPM repository: + https://www.npmjs.com/package/@aws/aws-distro-opentelemetry-node-autoinstrumentation + + This release also includes the AWS OpenTelemetry Lambda Layer for JavaScript version ${{ github.event.inputs.version }}-$(echo $GITHUB_SHA | cut -c1-7). + + Lambda Layer ARNs: + ${{ needs.generate-lambda-release-note.outputs.layer-note }} + EOF + + shasum -a 256 ${{ env.ARTIFACT_NAME }} > ${{ env.ARTIFACT_NAME }}.sha256 + shasum -a 256 layer.zip > layer.zip.sha256 gh release create --target "$GITHUB_REF_NAME" \ --title "Release v${{ github.event.inputs.version }}" \ + --notes-file release_notes.md \ --draft \ "v${{ github.event.inputs.version }}" \ - aws-distro-opentelemetry-node-autoinstrumentation/${{ env.ARTIFACT_NAME }} \ + ${{ env.ARTIFACT_NAME }} \ ${{ env.ARTIFACT_NAME }}.sha256 \ - layer_artifact/layer.zip \ - layer_artifact/layer.zip.sha256 - - # Publish '@aws/aws-distro-opentelemetry-node-autoinstrumentation' to npm - - name: Publish autoinstrumentation to npm - working-directory: aws-distro-opentelemetry-node-autoinstrumentation - env: - NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}} - NPM_CONFIG_PROVENANCE: true - run: npm publish - + layer.zip \ + layer.zip.sha256 \ No newline at end of file diff --git a/.github/workflows/release-lambda.yml b/.github/workflows/release-lambda.yml deleted file mode 100644 index 45d895e0..00000000 --- a/.github/workflows/release-lambda.yml +++ /dev/null @@ -1,241 +0,0 @@ -name: Release Lambda layer - -on: - workflow_dispatch: - inputs: - version: - description: The version to tag the lambda release with (should be the same as the current ADOT JavaScript SDK version, e.g., 0.6.0) - required: true - aws_region: - description: 'Deploy to aws regions' - required: true - default: 'us-east-1, us-east-2, us-west-1, us-west-2, ap-south-1, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, eu-central-1, eu-west-1, eu-west-2, eu-west-3, eu-north-1, sa-east-1, af-south-1, ap-east-1, ap-south-2, ap-southeast-3, ap-southeast-4, eu-central-2, eu-south-1, eu-south-2, il-central-1, me-central-1, me-south-1, ap-southeast-5, ap-southeast-7, mx-central-1, ca-west-1, cn-north-1, cn-northwest-1' - -env: - AWS_REGIONS: ${{ github.event.inputs.aws_region }} - # Legacy list of commercial regions to deploy to. New regions should NOT be added here, and instead should be added to the `aws_region` default input to the workflow. - LEGACY_COMMERCIAL_REGIONS: us-east-1, us-east-2, us-west-1, us-west-2, ap-south-1, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, eu-central-1, eu-west-1, eu-west-2, eu-west-3, eu-north-1, sa-east-1 - LAYER_NAME: AWSOpenTelemetryDistroJs - -permissions: - id-token: write - contents: write - -jobs: - build-layer: - environment: Release - runs-on: ubuntu-latest - outputs: - aws_regions_json: ${{ steps.set-matrix.outputs.aws_regions_json }} - steps: - - name: Set up regions matrix - id: set-matrix - run: | - IFS=',' read -ra REGIONS <<< "${{ env.AWS_REGIONS }}" - MATRIX="[" - for region in "${REGIONS[@]}"; do - trimmed_region=$(echo "$region" | xargs) - MATRIX+="\"$trimmed_region\"," - done - MATRIX="${MATRIX%,}]" - echo ${MATRIX} - echo "aws_regions_json=${MATRIX}" >> $GITHUB_OUTPUT - - name: Checkout Repo @ SHA - ${{ github.sha }} - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 - - name: Setup Node - uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 #v5.0.0 - with: - node-version: 22 - - name: NPM Clean Install - # https://docs.npmjs.com/cli/v10/commands/npm-ci - run: npm ci - - name: Compile all NPM projects - run: npm run compile - - name: Build Lambda Layer - run: npm run build-lambda - - name: upload layer - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 #v4.6.2 - with: - name: layer.zip - path: lambda-layer/packages/layer/build/layer.zip - publish-prod: - runs-on: ubuntu-latest - needs: build-layer - strategy: - matrix: - aws_region: ${{ fromJson(needs.build-layer.outputs.aws_regions_json) }} - steps: - - name: role arn - env: - LEGACY_COMMERCIAL_REGIONS: ${{ env.LEGACY_COMMERCIAL_REGIONS }} - run: | - LEGACY_COMMERCIAL_REGIONS_ARRAY=(${LEGACY_COMMERCIAL_REGIONS//,/ }) - FOUND=false - for REGION in "${LEGACY_COMMERCIAL_REGIONS_ARRAY[@]}"; do - if [[ "$REGION" == "${{ matrix.aws_region }}" ]]; then - FOUND=true - break - fi - done - if [ "$FOUND" = true ]; then - echo "Found ${{ matrix.aws_region }} in LEGACY_COMMERCIAL_REGIONS" - SECRET_KEY="LAMBDA_LAYER_RELEASE" - else - echo "Not found ${{ matrix.aws_region }} in LEGACY_COMMERCIAL_REGIONS" - SECRET_KEY="${{ matrix.aws_region }}_LAMBDA_LAYER_RELEASE" - fi - SECRET_KEY=${SECRET_KEY//-/_} - echo "SECRET_KEY=${SECRET_KEY}" >> $GITHUB_ENV - - uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v5.0.0 - with: - role-to-assume: ${{ secrets[env.SECRET_KEY] }} - role-duration-seconds: 1200 - aws-region: ${{ matrix.aws_region }} - - name: Get s3 bucket name for release - run: | - echo BUCKET_NAME=nodejs-lambda-layer-${{ github.run_id }}-${{ matrix.aws_region }} | tee --append $GITHUB_ENV - - name: download layer.zip - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 #v5.0.0 - with: - name: layer.zip - - name: publish - run: | - aws s3 mb s3://${{ env.BUCKET_NAME }} - aws s3 cp layer.zip s3://${{ env.BUCKET_NAME }} - layerARN=$( - aws lambda publish-layer-version \ - --layer-name ${{ env.LAYER_NAME }} \ - --content S3Bucket=${{ env.BUCKET_NAME }},S3Key=layer.zip \ - --compatible-runtimes nodejs18.x nodejs20.x nodejs22.x \ - --compatible-architectures "arm64" "x86_64" \ - --license-info "Apache-2.0" \ - --description "AWS Distro of OpenTelemetry Lambda Layer for NodeJs Runtime" \ - --query 'LayerVersionArn' \ - --output text - ) - echo $layerARN - echo "LAYER_ARN=${layerARN}" >> $GITHUB_ENV - mkdir ${{ env.LAYER_NAME }} - echo $layerARN > ${{ env.LAYER_NAME }}/${{ matrix.aws_region }} - cat ${{ env.LAYER_NAME }}/${{ matrix.aws_region }} - - name: public layer - run: | - layerVersion=$( - aws lambda list-layer-versions \ - --layer-name ${{ env.LAYER_NAME }} \ - --query 'max_by(LayerVersions, &Version).Version' - ) - aws lambda add-layer-version-permission \ - --layer-name ${{ env.LAYER_NAME }} \ - --version-number $layerVersion \ - --principal "*" \ - --statement-id publish \ - --action lambda:GetLayerVersion - - name: upload layer arn artifact - if: ${{ success() }} - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 #v4.6.2 - with: - name: ${{ env.LAYER_NAME }}-${{ matrix.aws_region }} - path: ${{ env.LAYER_NAME }}/${{ matrix.aws_region }} - - name: clean s3 - if: always() - run: | - aws s3 rb --force s3://${{ env.BUCKET_NAME }} - generate-release-note: - runs-on: ubuntu-latest - needs: publish-prod - steps: - - name: Checkout Repo @ SHA - ${{ github.sha }} - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 - - uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd #v3.1.2 - - name: download layerARNs - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 #v5.0.0 - with: - pattern: ${{ env.LAYER_NAME }}-* - path: ${{ env.LAYER_NAME }} - merge-multiple: true - - name: show layerARNs - run: | - for file in ${{ env.LAYER_NAME }}/* - do - echo $file - cat $file - done - - name: generate layer-note - working-directory: ${{ env.LAYER_NAME }} - run: | - echo "| Region | Layer ARN |" >> ../layer-note - echo "| ---- | ---- |" >> ../layer-note - for file in * - do - read arn < $file - echo "| " $file " | " $arn " |" >> ../layer-note - done - cd .. - cat layer-note - - name: generate tf layer - working-directory: ${{ env.LAYER_NAME }} - run: | - echo "locals {" >> ../layer_arns.tf - echo " sdk_layer_arns = {" >> ../layer_arns.tf - for file in * - do - read arn < $file - echo " \""$file"\" = \""$arn"\"" >> ../layer_arns.tf - done - cd .. - echo " }" >> layer_arns.tf - echo "}" >> layer_arns.tf - terraform fmt layer_arns.tf - cat layer_arns.tf - - name: generate layer ARN constants for CDK - working-directory: ${{ env.LAYER_NAME }} - run: | - echo "{" > ../layer_cdk - for file in *; do - read arn < "$file" - echo " \"$file\": \"$arn\"," >> ../layer_cdk - done - echo "}" >> ../layer_cdk - cat ../layer_cdk - - name: download layer.zip - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 #v5.0.0 - with: - name: layer.zip - - name: Get commit hash - id: commit - run: | - echo "sha_short=$(echo $GITHUB_SHA | cut -c1-7)" >> $GITHUB_OUTPUT - - - name: Create Release Notes - run: | - echo "AWS OpenTelemetry Lambda Layer for JavaScript version ${{ github.event.inputs.version }}-${{ steps.commit.outputs.sha_short }}" > release_notes.md - echo "" >> release_notes.md - echo "Lambda Layer ARNs:" >> release_notes.md - echo "" >> release_notes.md - cat layer-note >> release_notes.md - echo "" >> release_notes.md - echo "Notes:" >> release_notes.md - - name: Create GH release - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - gh release create \ - --target "$GITHUB_REF_NAME" \ - --title "Release lambda-v${{ github.event.inputs.version }}-${{ steps.commit.outputs.sha_short }}" \ - --notes-file release_notes.md \ - --draft \ - "lambda-v${{ github.event.inputs.version }}-${{ steps.commit.outputs.sha_short }}" \ - layer_arns.tf layer.zip - echo Removing release_notes.md ... - rm -f release_notes.md - - name: Upload layer.zip and SHA-256 checksum to SDK Release Notes (tagged with latest) - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - LATEST_SDK_VERSION=$(gh release list --repo "aws-observability/aws-otel-js-instrumentation" --json tagName,isLatest -q 'map(select(.isLatest==true)) | .[0].tagName') - # Generate SHA-256 checksum for layer.zip - shasum -a 256 layer.zip > layer.zip.sha256 - # Upload layer.zip and its checksum to the latest SDK release note - gh release upload "$LATEST_SDK_VERSION" layer.zip layer.zip.sha256 --repo "aws-observability/aws-otel-js-instrumentation" --clobber - echo "✅ layer.zip successfully uploaded to $LATEST_SDK_VERSION in the upstream repo!" From 9b12d06334943dd55c266baed5fb4e3a4e705f21 Mon Sep 17 00:00:00 2001 From: Eric Zhang Date: Wed, 22 Oct 2025 12:20:07 -0700 Subject: [PATCH 2/2] Enhance Github release notes (#279) *Issue #, if available:* *Description of changes:* DO NOT MERGE until https://github.com/aws-observability/aws-otel-js-instrumentation/pull/261 has been merged. Add CHANGELOG entries to Github release notes and use headers to separate new changes, upstream components, release artifacts, and Lambda layer ARNs. Tested in my own repo: https://github.com/ezhang6811/release-workflow-test/actions/runs/18236310430/job/51930597871 Mock release created: https://github.com/ezhang6811/release-workflow-test/releases/tag/v2.0.1 By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice. --------- Co-authored-by: Thomas Pierce --- .github/workflows/release-build.yml | 39 +++++++++++++++++++++++------ 1 file changed, 31 insertions(+), 8 deletions(-) diff --git a/.github/workflows/release-build.yml b/.github/workflows/release-build.yml index 0cc21f08..afa93e2b 100644 --- a/.github/workflows/release-build.yml +++ b/.github/workflows/release-build.yml @@ -81,8 +81,10 @@ jobs: steps: - name: Set up regions matrix id: set-matrix + env: + AWS_REGIONS: ${{ github.event.inputs.aws_region }} run: | - IFS=',' read -ra REGIONS <<< "${{ github.event.inputs.aws_region }}" + IFS=',' read -ra REGIONS <<< "$AWS_REGIONS" MATRIX="[" for region in "${REGIONS[@]}"; do trimmed_region=$(echo "$region" | xargs) @@ -341,6 +343,7 @@ jobs: id: create_release env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + VERSION: ${{ github.event.inputs.version }} run: | # Generate dependency versions from package.json DEPS=$(node -e " @@ -351,19 +354,39 @@ jobs: console.log(deps); ") + # Extract CHANGELOG entries for this version + CHANGELOG_ENTRIES=$(python3 -c " + import re, os + version = os.environ['VERSION'] + with open('CHANGELOG.md', 'r') as f: + content = f.read() + version_pattern = rf'## v{re.escape(version)}.*?\n(.*?)(?=\n## |\Z)' + version_match = re.search(version_pattern, content, re.DOTALL) + if version_match: + entries = version_match.group(1).strip() + if entries: + print(entries) + ") + # Create release notes cat > release_notes.md << EOF - This release contains the following upstream components: + $(if [ -n "$CHANGELOG_ENTRIES" ]; then echo "## What's Changed"; echo "$CHANGELOG_ENTRIES"; echo ""; fi) + + ## Upstream Components $DEPS - This release also publishes to public ECR and NPM. - * See ADOT node auto-instrumentation Docker image v${{ github.event.inputs.version }} in our public ECR repository: + ## Release Artifacts + + This release publishes to public ECR and NPM. + * See ADOT node auto-instrumentation Docker image v$VERSION in our public ECR repository: https://gallery.ecr.aws/aws-observability/adot-autoinstrumentation-node - * See version ${{ github.event.inputs.version }} in our NPM repository: + * See version $VERSION in our NPM repository: https://www.npmjs.com/package/@aws/aws-distro-opentelemetry-node-autoinstrumentation - This release also includes the AWS OpenTelemetry Lambda Layer for JavaScript version ${{ github.event.inputs.version }}-$(echo $GITHUB_SHA | cut -c1-7). + ## Lambda Layer + + This release includes the AWS OpenTelemetry Lambda Layer for JavaScript version $VERSION-$(echo $GITHUB_SHA | cut -c1-7). Lambda Layer ARNs: ${{ needs.generate-lambda-release-note.outputs.layer-note }} @@ -373,10 +396,10 @@ jobs: shasum -a 256 layer.zip > layer.zip.sha256 gh release create --target "$GITHUB_REF_NAME" \ - --title "Release v${{ github.event.inputs.version }}" \ + --title "Release v$VERSION" \ --notes-file release_notes.md \ --draft \ - "v${{ github.event.inputs.version }}" \ + "v$VERSION" \ ${{ env.ARTIFACT_NAME }} \ ${{ env.ARTIFACT_NAME }}.sha256 \ layer.zip \