diff --git a/.github/workflows/publish-extend-otel-layer.yml b/.github/workflows/publish-extend-otel-layer.yml new file mode 100644 index 0000000..2634ad7 --- /dev/null +++ b/.github/workflows/publish-extend-otel-layer.yml @@ -0,0 +1,107 @@ +# TODO — if CDK stack added to this repo, migrate auth to GitHub OIDC + dedicated IAM role in +# 159581800400; delete AWS_ACCESS_KEY_ID/_SECRET secrets. + +name: Publish Extend OTel Lambda Layer + +on: + push: + branches: [main] + paths: + - 'collector/**' + - 'nodejs/**' + - 'extend/**' + - 'ci-scripts/**' + - '.github/workflows/publish-extend-otel-layer.yml' + workflow_dispatch: + +permissions: + contents: read + +env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + +jobs: + build-collector: + runs-on: blacksmith-4vcpu-ubuntu-2404 + strategy: + matrix: { architecture: [amd64, arm64] } + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 + with: + go-version-file: collector/go.mod + cache-dependency-path: collector/go.sum + - run: make -C collector package-extend GOARCH=${{ matrix.architecture }} + - uses: actions/upload-artifact@v4 + with: + name: collector-${{ matrix.architecture }} + path: collector/build/opentelemetry-collector-layer-${{ matrix.architecture }}.zip + + build-nodejs: + # Only cx-contrib fork needed. cx-js dropped (npm now); import-in-the-middle already from npm. + runs-on: blacksmith-4vcpu-ubuntu-2404 + env: + OPENTELEMETRY_JS_CONTRIB_PATH: ${{ github.workspace }}/opentelemetry-js-contrib + steps: + - uses: actions/checkout@v4 + - uses: actions/checkout@v4 + with: { repository: coralogix/opentelemetry-js-contrib, ref: coralogix-autoinstrumentation, path: opentelemetry-js-contrib } + - uses: actions/setup-node@v4 + with: + node-version: 22 + cache: npm + cache-dependency-path: nodejs/packages/layer/package-lock.json + - run: ./ci-scripts/build_nodejs_layer.sh + - env: + FILE_PATH: ./nodejs/packages/layer/build/layer.zip + MAX_SIZE: 9437184 + run: ./ci-scripts/check_size.sh + - uses: actions/upload-artifact@v4 + with: + name: nodejs-layer + path: nodejs/packages/layer/build/layer.zip + + package-and-publish: + needs: [build-collector, build-nodejs] + runs-on: blacksmith-4vcpu-ubuntu-2404 + strategy: + fail-fast: false + matrix: + architecture: [amd64, arm64] + region: [us-east-1, us-west-2] + steps: + - uses: actions/download-artifact@v4 + with: { name: collector-${{ matrix.architecture }}, path: dl/collector } + - uses: actions/download-artifact@v4 + with: { name: nodejs-layer, path: dl/nodejs } + - name: Merge collector + nodejs zips + run: | + set -euo pipefail + mkdir -p out + unzip -o dl/collector/opentelemetry-collector-layer-${{ matrix.architecture }}.zip -d out/ + unzip -o dl/nodejs/layer.zip -d out/ + (cd out && zip -r ../layer.zip .) + - name: Publish layer version + env: + AWS_REGION: ${{ matrix.region }} + run: | + set -euo pipefail + LAYER_NAME=extend-nodejs-wrapper-and-exporter-${{ matrix.architecture }} + ARCH=$(echo "${{ matrix.architecture }}" | sed 's/amd64/x86_64/') + LAYER_ARN=$(aws lambda publish-layer-version \ + --layer-name "$LAYER_NAME" \ + --license-info "Apache 2.0" \ + --compatible-architectures "$ARCH" \ + --compatible-runtimes nodejs22.x nodejs24.x \ + --zip-file fileb://layer.zip \ + --query 'LayerVersionArn' --output text) + VERSION="${LAYER_ARN##*:}" + echo "::notice ::$LAYER_ARN" + aws lambda add-layer-version-permission \ + --layer-name "$LAYER_NAME" \ + --version-number "$VERSION" \ + --statement-id orgVisible \ + --action lambda:GetLayerVersion \ + --principal '*' \ + --organization-id o-7ngcsohuq5