dash0-lambda-extension/.github/workflows/deploy.yml at master · dash0hq/dash0-lambda-extension · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
name: Deploy

on:
  push:
    branches: [master]
  workflow_dispatch:

permissions:
  id-token: write
  contents: write

jobs:
  build:
    uses: ./.github/workflows/build.yml

  deploy-dev:
    if: github.event_name == 'push'
    needs: build
    strategy:
      matrix:
        region: [eu-central-1, us-east-2]
    uses: ./.github/workflows/publish.yml
    with:
      environment: dev-integration
      region: ${{ matrix.region }}
    secrets: inherit

  deploy-prod:
    if: github.event_name == 'workflow_dispatch'
    needs: build
    strategy:
      matrix:
        region: [us-east-1, us-east-2, us-west-1, us-west-2, ap-south-1, ap-northeast-1, ap-northeast-2, ap-northeast-3, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-west-1, eu-west-2, eu-west-3, eu-north-1, sa-east-1]
    uses: ./.github/workflows/publish.yml
    with:
      environment: prod-integration
      region: ${{ matrix.region }}
    secrets: inherit

  sanity-checks:
    if: github.event_name == 'workflow_dispatch'
    needs: deploy-prod
    uses: ./.github/workflows/sanity-checks.yml
    secrets: inherit

  create-release:
    if: github.event_name == 'workflow_dispatch'
    needs: deploy-prod
    runs-on: ubuntu-latest
    environment: prod-integration
    steps:
      - uses: actions/checkout@v4

      - uses: aws-actions/configure-aws-credentials@v4
        with:
          role-to-assume: ${{ vars.AWS_ROLE_ARN }}
          aws-region: eu-central-1

      - name: Get layer versions
        id: layers
        run: |
          for layer in python node java manual; do
            version=$(aws lambda list-layer-versions \
              --layer-name "dash0-extension-${layer}" \
              --query 'LayerVersions[0].Version' \
              --output text)
            echo "${layer}_version=${version}" >> "$GITHUB_OUTPUT"
          done

      - name: Determine next tag
        id: tag
        env:
          GH_TOKEN: ${{ github.token }}
        run: |
          latest=$(gh release list --limit 1 --json tagName --jq '.[0].tagName // empty')
          if [ -z "$latest" ]; then
            next="v1"
          else
            num=${latest#v}
            next="v$(( num + 1 ))"
          fi
          echo "tag=${next}" >> "$GITHUB_OUTPUT"

      - name: Create GitHub Release
        env:
          GH_TOKEN: ${{ github.token }}
        run: |
          PYTHON="${{ steps.layers.outputs.python_version }}"
          NODE="${{ steps.layers.outputs.node_version }}"
          JAVA="${{ steps.layers.outputs.java_version }}"
          MANUAL="${{ steps.layers.outputs.manual_version }}"

          cat <<EOF > /tmp/release-notes.md
          ## Layer ARNs

          **Python:**
          \`arn:aws:lambda:<region>:115813213817:layer:dash0-extension-python:${PYTHON}\`

          **Node:**
          \`arn:aws:lambda:<region>:115813213817:layer:dash0-extension-node:${NODE}\`

          **Java:**
          \`arn:aws:lambda:<region>:115813213817:layer:dash0-extension-java:${JAVA}\`

          **Manual:**
          \`arn:aws:lambda:<region>:115813213817:layer:dash0-extension-manual:${MANUAL}\`
          EOF

          gh release create "${{ steps.tag.outputs.tag }}" \
            --title "${{ steps.tag.outputs.tag }}" \
            --notes-file /tmp/release-notes.md \
            --generate-notes