Skip to content

Release Build

Release Build #22

Workflow file for this run

name: Release Build
on:
workflow_dispatch:
inputs:
version:
description: The version to tag the release with, e.g., 1.2.0
required: true
env:
AWS_DEFAULT_REGION: us-east-1
AWS_PUBLIC_ECR_REGION: us-east-1
AWS_PRIVATE_ECR_REGION: us-west-2
RELEASE_PUBLIC_REPOSITORY: public.ecr.aws/aws-observability/adot-autoinstrumentation-python
RELEASE_PRIVATE_REPOSITORY: 020628701572.dkr.ecr.us-west-2.amazonaws.com/adot-autoinstrumentation-python
RELEASE_PRIVATE_REGISTRY: 020628701572.dkr.ecr.us-west-2.amazonaws.com
PACKAGE_NAME: aws-opentelemetry-distro
permissions:
id-token: write
contents: write
jobs:
build:
environment: Release
runs-on: ubuntu-latest
steps:
- name: Checkout Contrib Repo @ SHA - ${{ github.sha }}
uses: actions/checkout@v4
- name: Build Wheel and Image Files
uses: ./.github/actions/artifacts_build
with:
image_uri_with_tag: "adot-autoinstrumentation-python:test"
push_image: false
load_image: true
python_version: "3.10"
package_name: aws-opentelemetry-distro
os: ubuntu-latest
# TODO: Add some sort of smoke/integration testing before we go
# release the artifacts. adot java for reference:
# https://github.com/aws-observability/aws-otel-java-instrumentation/tree/93870a550ac30988fbdd5d3bf1e8f9f1b37916f5/smoke-tests
- name: Configure AWS credentials for PyPI secrets
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_ARN_PYPI_RELEASE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- name: Get PyPI secrets
uses: aws-actions/aws-secretsmanager-get-secrets@v1
id: pypi_secrets
with:
secret-ids: |
PROD_PYPI_TOKEN,${{ secrets.PYPI_PROD_TOKEN_SECRET_ARN }}
TEST_PYPI_TOKEN,${{ secrets.PYPI_TEST_TOKEN_SECRET_ARN }}
parse-json-secrets: true
- name: Configure AWS credentials for private ECR
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }}
aws-region: ${{ env.AWS_PRIVATE_ECR_REGION }}
- name: Log in to AWS private ECR
uses: docker/login-action@v3
with:
registry: ${{ env.RELEASE_PRIVATE_REGISTRY }}
- name: Configure AWS credentials for public ECR
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }}
aws-region: ${{ env.AWS_PUBLIC_ECR_REGION }}
- name: Log in to AWS public ECR
uses: docker/login-action@v3
with:
registry: public.ecr.aws
# The step below publishes to testpypi in order to catch any issues
# with the package configuration that would cause a failure to upload to pypi.
- name: Install twine
run: pip install twine
- name: Publish to TestPyPI
env:
TWINE_USERNAME: '__token__'
TWINE_PASSWORD: ${{ env.TEST_PYPI_TOKEN_API_TOKEN }}
run: |
twine upload --repository testpypi --skip-existing --verbose dist/aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl
# Publish to prod PyPI
- name: Publish to PyPI
env:
TWINE_USERNAME: '__token__'
TWINE_PASSWORD: ${{ env.PROD_PYPI_TOKEN_API_TOKEN }}
run: |
twine upload --skip-existing --verbose dist/aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl
# Publish to public ECR
- name: Build and push public ECR image
uses: docker/build-push-action@v5
with:
push: true
context: .
file: ./Dockerfile
platforms: linux/amd64,linux/arm64
tags: |
${{ env.RELEASE_PUBLIC_REPOSITORY }}:v${{ github.event.inputs.version }}
# Publish to private ECR
- name: Build and push private ECR image
uses: docker/build-push-action@v5
with:
push: true
context: .
file: ./Dockerfile
platforms: linux/amd64,linux/arm64
tags: |
${{ env.RELEASE_PRIVATE_REPOSITORY }}:v${{ github.event.inputs.version }}
# Publish to GitHub releases
- name: Create GH release
id: create_release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
run: |
gh release create --target "$GITHUB_REF_NAME" \
--title "Release v${{ github.event.inputs.version }}" \
--draft \
"v${{ github.event.inputs.version }}" \
dist/aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl