Skip to content

Commit 875fac1

Browse files
viw-test1viw-test1
committed
feat: Add region build release workflow for Java Lambda layer
1 parent cd1acb9 commit 875fac1

1 file changed

Lines changed: 264 additions & 0 deletions

File tree

.github/workflows/region-build-release.yml

Lines changed: 264 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,264 @@
1+
name: Region Build Release
2+
on:
3+
workflow_dispatch:
4+
inputs:
5+
version:
6+
description: The version to tag the lambda release with, e.g., 1.2.0
7+
required: true
8+
aws_region:
9+
description: 'Deploy to aws regions'
10+
required: true
11+
default: 'us-east-1, us-east-2, us-west-1, us-west-2, ap-south-1, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, eu-central-1, eu-west-1, eu-west-2, eu-west-3, eu-north-1, sa-east-1, af-south-1, ap-east-1, ap-east-2, ap-south-2, ap-southeast-3, ap-southeast-4, ap-southeast-6, eu-central-2, eu-south-1, eu-south-2, il-central-1, me-central-1, me-south-1, ap-southeast-5, ap-southeast-7, mx-central-1, ca-west-1, cn-north-1, cn-northwest-1'
12+
13+
env:
14+
# Legacy list of commercial regions to deploy to. New regions should NOT be added here, and instead should be added to the `aws_region` default input to the workflow.
15+
LEGACY_COMMERCIAL_REGIONS: us-east-1, us-east-2, us-west-1, us-west-2, ap-south-1, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, eu-central-1, eu-west-1, eu-west-2, eu-west-3, eu-north-1, sa-east-1
16+
LAYER_NAME: AWSOpenTelemetryDistroJava
17+
18+
permissions:
19+
id-token: write
20+
contents: write
21+
22+
jobs:
23+
build-layer:
24+
environment: Release
25+
runs-on: ubuntu-latest
26+
outputs:
27+
aws_regions_json: ${{ steps.set-matrix.outputs.aws_regions_json }}
28+
steps:
29+
- name: Set up regions matrix
30+
id: set-matrix
31+
run: |
32+
IFS=',' read -ra REGIONS <<< "${{ github.event.inputs.aws_region }}"
33+
MATRIX="["
34+
for region in "${REGIONS[@]}"; do
35+
trimmed_region=$(echo "$region" | xargs)
36+
MATRIX+="\"$trimmed_region\","
37+
done
38+
MATRIX="${MATRIX%,}]"
39+
echo ${MATRIX}
40+
echo "aws_regions_json=${MATRIX}" >> $GITHUB_OUTPUT
41+
42+
- name: Checkout Repo @ SHA - ${{ github.sha }}
43+
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0
44+
45+
- uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
46+
with:
47+
java-version-file: .java-version
48+
distribution: 'temurin'
49+
50+
- name: Build layers
51+
working-directory: lambda-layer
52+
run: |
53+
./build-layer.sh
54+
55+
- name: Upload layer
56+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 #v4.6.2
57+
with:
58+
name: aws-opentelemetry-java-layer.zip
59+
path: lambda-layer/build/distributions/aws-opentelemetry-java-layer.zip
60+
61+
publish-prod:
62+
runs-on: ubuntu-latest
63+
needs: build-layer
64+
strategy:
65+
matrix:
66+
aws_region: ${{ fromJson(needs.build-layer.outputs.aws_regions_json) }}
67+
steps:
68+
- name: role arn
69+
env:
70+
LEGACY_COMMERCIAL_REGIONS: ${{ env.LEGACY_COMMERCIAL_REGIONS }}
71+
run: |
72+
LEGACY_COMMERCIAL_REGIONS_ARRAY=(${LEGACY_COMMERCIAL_REGIONS//,/ })
73+
FOUND=false
74+
for REGION in "${LEGACY_COMMERCIAL_REGIONS_ARRAY[@]}"; do
75+
if [[ "$REGION" == "${{ matrix.aws_region }}" ]]; then
76+
FOUND=true
77+
break
78+
fi
79+
done
80+
if [ "$FOUND" = true ]; then
81+
echo "Found ${{ matrix.aws_region }} in LEGACY_COMMERCIAL_REGIONS"
82+
SECRET_KEY="LAMBDA_LAYER_RELEASE"
83+
else
84+
echo "Not found ${{ matrix.aws_region }} in LEGACY_COMMERCIAL_REGIONS"
85+
SECRET_KEY="${{ matrix.aws_region }}_LAMBDA_LAYER_RELEASE"
86+
fi
87+
SECRET_KEY=${SECRET_KEY//-/_}
88+
echo "SECRET_KEY=${SECRET_KEY}" >> $GITHUB_ENV
89+
90+
- uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v5.0.0
91+
with:
92+
role-to-assume: ${{ secrets[env.SECRET_KEY] }}
93+
role-duration-seconds: 1200
94+
aws-region: ${{ matrix.aws_region }}
95+
96+
- name: Get s3 bucket name for release
97+
run: |
98+
echo BUCKET_NAME=java-lambda-layer-${{ github.run_id }}-${{ matrix.aws_region }} | tee --append $GITHUB_ENV
99+
100+
- name: download layer.zip
101+
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 #v5.0.0
102+
with:
103+
name: aws-opentelemetry-java-layer.zip
104+
105+
- name: publish
106+
run: |
107+
aws s3 mb s3://${{ env.BUCKET_NAME }}
108+
aws s3 cp aws-opentelemetry-java-layer.zip s3://${{ env.BUCKET_NAME }}
109+
layerARN=$(
110+
aws lambda publish-layer-version \
111+
--layer-name ${{ env.LAYER_NAME }} \
112+
--content S3Bucket=${{ env.BUCKET_NAME }},S3Key=aws-opentelemetry-java-layer.zip \
113+
--compatible-runtimes java11 java17 java21 \
114+
--compatible-architectures "arm64" "x86_64" \
115+
--license-info "Apache-2.0" \
116+
--description "AWS Distro of OpenTelemetry Lambda Layer for Java Runtime" \
117+
--query 'LayerVersionArn' \
118+
--output text
119+
)
120+
echo $layerARN
121+
echo "LAYER_ARN=${layerARN}" >> $GITHUB_ENV
122+
mkdir ${{ env.LAYER_NAME }}
123+
echo $layerARN > ${{ env.LAYER_NAME }}/${{ matrix.aws_region }}
124+
cat ${{ env.LAYER_NAME }}/${{ matrix.aws_region }}
125+
126+
- name: public layer
127+
run: |
128+
layerVersion=$(
129+
aws lambda list-layer-versions \
130+
--layer-name ${{ env.LAYER_NAME }} \
131+
--query 'max_by(LayerVersions, &Version).Version'
132+
)
133+
aws lambda add-layer-version-permission \
134+
--layer-name ${{ env.LAYER_NAME }} \
135+
--version-number $layerVersion \
136+
--principal "*" \
137+
--statement-id publish \
138+
--action lambda:GetLayerVersion
139+
140+
- name: upload layer arn artifact
141+
if: ${{ success() }}
142+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 #v4.6.2
143+
with:
144+
name: ${{ env.LAYER_NAME }}-${{ matrix.aws_region }}
145+
path: ${{ env.LAYER_NAME }}/${{ matrix.aws_region }}
146+
147+
- name: clean s3
148+
if: always()
149+
run: |
150+
aws s3 rb --force s3://${{ env.BUCKET_NAME }}
151+
152+
generate-release-note:
153+
runs-on: ubuntu-latest
154+
needs: publish-prod
155+
steps:
156+
- name: Checkout Repo @ SHA - ${{ github.sha }}
157+
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0
158+
159+
- uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd #v3.1.2
160+
161+
- name: download layerARNs
162+
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 #v5.0.0
163+
with:
164+
pattern: ${{ env.LAYER_NAME }}-*
165+
path: ${{ env.LAYER_NAME }}
166+
merge-multiple: true
167+
168+
- name: show layerARNs
169+
run: |
170+
for file in ${{ env.LAYER_NAME }}/*
171+
do
172+
echo $file
173+
cat $file
174+
done
175+
176+
- name: generate layer-note
177+
working-directory: ${{ env.LAYER_NAME }}
178+
run: |
179+
echo "| Region | Layer ARN |" >> ../layer-note
180+
echo "| ---- | ---- |" >> ../layer-note
181+
for file in *
182+
do
183+
read arn < $file
184+
echo "| " $file " | " $arn " |" >> ../layer-note
185+
done
186+
cat ../layer-note
187+
188+
- name: generate tf layer
189+
working-directory: ${{ env.LAYER_NAME }}
190+
run: |
191+
echo "locals {" >> ../layer_arns.tf
192+
echo " sdk_layer_arns = {" >> ../layer_arns.tf
193+
for file in *
194+
do
195+
read arn < $file
196+
echo " \""$file"\" = \""$arn"\"" >> ../layer_arns.tf
197+
done
198+
cd ..
199+
echo " }" >> layer_arns.tf
200+
echo "}" >> layer_arns.tf
201+
terraform fmt layer_arns.tf
202+
cat layer_arns.tf
203+
204+
- name: generate layer ARN constants for CDK
205+
working-directory: ${{ env.LAYER_NAME }}
206+
run: |
207+
echo "{" > ../layer_cdk
208+
for file in *; do
209+
read arn < "$file"
210+
echo " \"$file\": \"$arn\"," >> ../layer_cdk
211+
done
212+
echo "}" >> ../layer_cdk
213+
cat ../layer_cdk
214+
215+
- name: download aws-opentelemetry-java-layer.zip
216+
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 #v5.0.0
217+
with:
218+
name: aws-opentelemetry-java-layer.zip
219+
220+
- name: rename to layer.zip
221+
run: |
222+
mv aws-opentelemetry-java-layer.zip layer.zip
223+
224+
- name: Get commit hash
225+
id: commit
226+
run: echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
227+
228+
- name: Create Release Notes
229+
run: |
230+
echo "AWS OpenTelemetry Lambda Layer for Java version ${{ github.event.inputs.version }}-${{ steps.commit.outputs.sha_short }}" > release_notes.md
231+
echo "" >> release_notes.md
232+
echo "" >> release_notes.md
233+
echo "See new Lambda Layer ARNs:" >> release_notes.md
234+
echo "" >> release_notes.md
235+
cat layer-note >> release_notes.md
236+
echo "" >> release_notes.md
237+
echo "Notes:" >> release_notes.md
238+
239+
- name: Create GH release
240+
id: create_release
241+
env:
242+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
243+
run: |
244+
gh release create --target "$GITHUB_REF_NAME" \
245+
--title "Release lambda-v${{ github.event.inputs.version }}-${{ steps.commit.outputs.sha_short }}" \
246+
--notes-file release_notes.md \
247+
--draft \
248+
"lambda-v${{ github.event.inputs.version }}-${{ steps.commit.outputs.sha_short }}" \
249+
layer_arns.tf layer.zip
250+
echo Removing release_notes.md ...
251+
rm -f release_notes.md
252+
253+
- name: Upload layer.zip and SHA-256 checksum to SDK Release Notes (tagged with latest)
254+
env:
255+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
256+
run: |
257+
LATEST_SDK_VERSION=$(gh release list --repo "aws-observability/aws-otel-java-instrumentation" --json tagName,isLatest -q 'map(select(.isLatest==true)) | .[0].tagName')
258+
259+
# Generate SHA-256 checksum for layer.zip
260+
shasum -a 256 layer.zip > layer.zip.sha256
261+
262+
# Upload layer.zip and its checksum to the latest SDK release note
263+
gh release upload "$LATEST_SDK_VERSION" layer.zip layer.zip.sha256 --repo "aws-observability/aws-otel-java-instrumentation" --clobber
264+
echo "✅ layer.zip successfully uploaded to $LATEST_SDK_VERSION in the upstream repo!"

0 commit comments

Comments
 (0)