From bb1678749f3cf2e741729e73153eb66549b839c4 Mon Sep 17 00:00:00 2001 From: Harry Date: Tue, 17 Dec 2024 15:37:11 -0800 Subject: [PATCH] Add artifact name to env variable --- .github/workflows/release_build.yml | 169 ++++++++++++++-------------- README.md | 5 + 2 files changed, 89 insertions(+), 85 deletions(-) diff --git a/.github/workflows/release_build.yml b/.github/workflows/release_build.yml index 678fc9a8d..f6fe6cf51 100644 --- a/.github/workflows/release_build.yml +++ b/.github/workflows/release_build.yml @@ -1,5 +1,6 @@ name: Release Build on: + push: workflow_dispatch: inputs: version: @@ -14,6 +15,7 @@ env: RELEASE_PRIVATE_REPOSITORY: 020628701572.dkr.ecr.us-west-2.amazonaws.com/adot-autoinstrumentation-python RELEASE_PRIVATE_REGISTRY: 020628701572.dkr.ecr.us-west-2.amazonaws.com PACKAGE_NAME: aws-opentelemetry-distro + ARTIFACT_NAME: aws_opentelemetry_distro-0.7.0.dev0-py3-none-any.whl permissions: id-token: write @@ -37,96 +39,93 @@ jobs: package_name: aws-opentelemetry-distro os: ubuntu-latest - # TODO: Add some sort of smoke/integration testing before we go - # release the artifacts. adot java for reference: - # https://github.com/aws-observability/aws-otel-java-instrumentation/tree/93870a550ac30988fbdd5d3bf1e8f9f1b37916f5/smoke-tests + # # TODO: Add some sort of smoke/integration testing before we go + # # release the artifacts. adot java for reference: + # # https://github.com/aws-observability/aws-otel-java-instrumentation/tree/93870a550ac30988fbdd5d3bf1e8f9f1b37916f5/smoke-tests - - name: Configure AWS credentials for PyPI secrets - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.AWS_ROLE_ARN_SECRETS_MANAGER }} - aws-region: ${{ env.AWS_DEFAULT_REGION }} + # - name: Configure AWS credentials for PyPI secrets + # uses: aws-actions/configure-aws-credentials@v4 + # with: + # role-to-assume: ${{ secrets.AWS_ROLE_ARN_SECRETS_MANAGER }} + # aws-region: ${{ env.AWS_DEFAULT_REGION }} - - name: Get PyPI secrets - uses: aws-actions/aws-secretsmanager-get-secrets@v1 - id: pypi_secrets - with: - secret-ids: | - PROD_PYPI_TOKEN,${{ secrets.PYPI_PROD_TOKEN_SECRET_ARN }} - TEST_PYPI_TOKEN,${{ secrets.PYPI_TEST_TOKEN_SECRET_ARN }} - parse-json-secrets: true - - - name: Configure AWS credentials for private ECR - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }} - aws-region: ${{ env.AWS_PRIVATE_ECR_REGION }} - - - name: Log in to AWS private ECR - uses: docker/login-action@v3 - with: - registry: ${{ env.RELEASE_PRIVATE_REGISTRY }} - - - name: Configure AWS credentials for public ECR - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }} - aws-region: ${{ env.AWS_PUBLIC_ECR_REGION }} - - - name: Log in to AWS public ECR - uses: docker/login-action@v3 - with: - registry: public.ecr.aws - - # The step below publishes to testpypi in order to catch any issues - # with the package configuration that would cause a failure to upload to pypi. - - name: Install twine - run: pip install twine + # - name: Get PyPI secrets + # uses: aws-actions/aws-secretsmanager-get-secrets@v1 + # id: pypi_secrets + # with: + # secret-ids: | + # PROD_PYPI_TOKEN,${{ secrets.PYPI_PROD_TOKEN_SECRET_ARN }} + # TEST_PYPI_TOKEN,${{ secrets.PYPI_TEST_TOKEN_SECRET_ARN }} + # parse-json-secrets: true + + # - name: Configure AWS credentials for private ECR + # uses: aws-actions/configure-aws-credentials@v4 + # with: + # role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }} + # aws-region: ${{ env.AWS_PRIVATE_ECR_REGION }} + + # - name: Log in to AWS private ECR + # uses: docker/login-action@v3 + # with: + # registry: ${{ env.RELEASE_PRIVATE_REGISTRY }} + + # - name: Configure AWS credentials for public ECR + # uses: aws-actions/configure-aws-credentials@v4 + # with: + # role-to-assume: ${{ secrets.AWS_ROLE_ARN_ECR_RELEASE }} + # aws-region: ${{ env.AWS_PUBLIC_ECR_REGION }} + + # - name: Log in to AWS public ECR + # uses: docker/login-action@v3 + # with: + # registry: public.ecr.aws + + # # The step below publishes to testpypi in order to catch any issues + # # with the package configuration that would cause a failure to upload to pypi. + # - name: Install twine + # run: pip install twine - - name: Publish to TestPyPI - env: - TWINE_USERNAME: '__token__' - TWINE_PASSWORD: ${{ env.TEST_PYPI_TOKEN_API_TOKEN }} - run: | - twine upload --repository testpypi --skip-existing --verbose dist/aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl - - # Publish to prod PyPI - - name: Publish to PyPI - env: - TWINE_USERNAME: '__token__' - TWINE_PASSWORD: ${{ env.PROD_PYPI_TOKEN_API_TOKEN }} - run: | - twine upload --skip-existing --verbose dist/aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl - - # Publish to public ECR - - name: Build and push public ECR image - uses: docker/build-push-action@v5 - with: - push: true - context: . - file: ./Dockerfile - platforms: linux/amd64,linux/arm64 - tags: | - ${{ env.RELEASE_PUBLIC_REPOSITORY }}:v${{ github.event.inputs.version }} - - # Publish to private ECR - - name: Build and push private ECR image - uses: docker/build-push-action@v5 - with: - push: true - context: . - file: ./Dockerfile - platforms: linux/amd64,linux/arm64 - tags: | - ${{ env.RELEASE_PRIVATE_REPOSITORY }}:v${{ github.event.inputs.version }} + # - name: Publish to TestPyPI + # env: + # TWINE_USERNAME: '__token__' + # TWINE_PASSWORD: ${{ env.TEST_PYPI_TOKEN_API_TOKEN }} + # run: | + # twine upload --repository testpypi --skip-existing --verbose dist/${{ env.ARTIFACT_NAME }} + + # # Publish to prod PyPI + # - name: Publish to PyPI + # env: + # TWINE_USERNAME: '__token__' + # TWINE_PASSWORD: ${{ env.PROD_PYPI_TOKEN_API_TOKEN }} + # run: | + # twine upload --skip-existing --verbose dist/${{ env.ARTIFACT_NAME }} + + # # Publish to public ECR + # - name: Build and push public ECR image + # uses: docker/build-push-action@v5 + # with: + # push: true + # context: . + # file: ./Dockerfile + # platforms: linux/amd64,linux/arm64 + # tags: | + # ${{ env.RELEASE_PUBLIC_REPOSITORY }}:v${{ github.event.inputs.version }} + + # # Publish to private ECR + # - name: Build and push private ECR image + # uses: docker/build-push-action@v5 + # with: + # push: true + # context: . + # file: ./Dockerfile + # platforms: linux/amd64,linux/arm64 + # tags: | + # ${{ env.RELEASE_PRIVATE_REPOSITORY }}:v${{ github.event.inputs.version }} - name: Get SHA256 checksum of wheel file id: get_sha256 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - filename="aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl" - shasum -a 256 dist/$filename | awk '{print $1}' > $filename.sha256 + shasum -a 256 dist/${{ env.ARTIFACT_NAME }} > ${{ env.ARTIFACT_NAME }}.sha256 # Publish to GitHub releases - name: Create GH release @@ -138,5 +137,5 @@ jobs: --title "Release v${{ github.event.inputs.version }}" \ --draft \ "v${{ github.event.inputs.version }}" \ - dist/aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl \ - aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl.sha256 \ No newline at end of file + dist/${{ env.ARTIFACT_NAME }} \ + ${{ env.ARTIFACT_NAME }}.sha256 \ No newline at end of file diff --git a/README.md b/README.md index 6ef55eabe..7ccd9d92f 100644 --- a/README.md +++ b/README.md @@ -39,3 +39,8 @@ This project ensures compatibility with the following supported Python versions: ### Note on Amazon CloudWatch Application Signals [Amazon CloudWatch Application Signals](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Application-Monitoring-Sections.html) components are designed to seamlessly work with all library instrumentations offered by [OpenTelemetry Python auto-instrumentation](https://github.com/open-telemetry/opentelemetry-python-contrib/blob/main/instrumentation/README.md). While upstream OpenTelemetry Python instrumentations are in beta, Application Signals components are stable, production ready and have also been tested for popular libraries/frameworks such as [Django, Boto3, and others](https://github.com/aws-observability/aws-otel-python-instrumentation/tree/main/contract-tests/images/applications). We will prioritize backward compatibility for Application Signals components, striving to ensure that they remain functional even in the face of potential breaking changes introduced by OpenTelemetry upstream libraries. Please [raise an issue](https://github.com/aws-observability/aws-otel-python-instrumentation/blob/main/CONTRIBUTING.md#reporting-bugsfeature-requests) if you notice Application Signals doesn't work for a particular OpenTelemetry supported library. + +### Checksum Verification +Artifacts released will include a `.sha256` file for checksum verification starting from v0.7.0 +To verify, run the command `shasum -a 256 -c .sha256` +It should return the output `: OK` if the validation is successful