Update 3p actions from VID to CSHA #11
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Releases a patch by cherrypicking commits into a release branch based on the previous | ||
| # release tag. | ||
| name: Patch Release Build | ||
| on: | ||
| workflow_dispatch: | ||
| inputs: | ||
| version: | ||
| description: The version to tag the release with, e.g., 1.2.1, 1.2.2 | ||
| required: true | ||
| commits: | ||
| description: Comma separated list of commit shas to cherrypick | ||
| env: | ||
| AWS_DEFAULT_REGION: us-east-1 | ||
| TEST_TAG: public.ecr.aws/aws-observability/adot-autoinstrumentation-java:test-v2 | ||
| permissions: | ||
| id-token: write | ||
| contents: write | ||
| jobs: | ||
| # Runs once for a patch series to any given minor version to create the initial release branch. Subsequent patches | ||
| # will be applied to the existing release branch. | ||
| prepare-release-branch: | ||
| runs-on: ubuntu-latest | ||
| outputs: | ||
| release-branch-name: ${{ steps.parse-release-branch.outputs.release-branch-name }} | ||
| steps: | ||
| - id: parse-release-branch | ||
| name: Parse release branch name | ||
| run: | | ||
| # Sets the release-branch-name output to the version number with the last non-period element replaced with an 'x' and preprended with v. | ||
| echo "release-branch-name=$(echo '${{ github.event.inputs.version }}' | sed -E 's/([^.]+)\.([^.]+)\.([^.]+)/v\1.\2.x/')" >> $GITHUB_OUTPUT | ||
| # Sets the release-tag-name output to the version number with the last non-period element replace with a '0' and prepended with v | ||
| echo "release-tag-name=$(echo '${{ github.event.inputs.version }}' | sed -E 's/([^.]+)\.([^.]+)\.([^.]+)/v\1.\2.0/')" >> $GITHUB_OUTPUT | ||
| - id: checkout-release-branch | ||
| name: Check out release branch | ||
| # Will fail if there is no release branch yet or succeed otherwise | ||
| continue-on-error: true | ||
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 | ||
| with: | ||
| ref: ${{ steps.parse-release-branch.outputs.release-branch-name }} | ||
| - id: checkout-release-tag | ||
| name: Check out release tag | ||
| # If there is already a release branch, the previous step succeeds and we don't run this or the next one. | ||
| if: ${{ steps.checkout-release-branch.outcome == 'failure' }} | ||
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 | ||
| with: | ||
| ref: ${{ steps.parse-release-branch.outputs.release-tag-name }} | ||
| - name: Create release branch | ||
| if: ${{ steps.checkout-release-tag.outcome == 'success' }} | ||
| run: | | ||
| git checkout -b ${{ steps.parse-release-branch.outputs.release-branch-name }} | ||
| git push --set-upstream origin ${{ steps.parse-release-branch.outputs.release-branch-name }} | ||
| build: | ||
| runs-on: ubuntu-latest | ||
| needs: prepare-release-branch | ||
| steps: | ||
| - name: Checkout release branch | ||
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 | ||
| with: | ||
| ref: ${{ needs.prepare-release-branch.outputs.release-branch-name }} | ||
| - uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0 | ||
| with: | ||
| java-version-file: .java-version | ||
| distribution: 'temurin' | ||
| - name: Configure AWS Credentials | ||
| uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v5.0.0 | ||
| with: | ||
| role-to-assume: ${{ secrets.AWS_ASSUME_ROLE_ARN }} | ||
| aws-region: ${{ env.AWS_DEFAULT_REGION }} | ||
| - name: Log in to AWS ECR | ||
| uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 #v3.5.0 | ||
| with: | ||
| registry: public.ecr.aws | ||
| - name: Setup git name | ||
| run: | | ||
| git config user.name github-actions | ||
| git config user.email [email protected] | ||
| - name: Cherrypicks | ||
| if: ${{ github.event.inputs.commits != '' }} | ||
| run: | | ||
| git fetch origin main | ||
| echo ${{ github.event.inputs.commits }} | sed -n 1'p' | tr ',' '\n' | while read word; do | ||
| # Trim whitespaces and cherrypick | ||
| echo $word | sed 's/ *$//g' | sed 's/^ *//g' | git cherry-pick --stdin | ||
| done | ||
| - name: Build release with Gradle | ||
| uses: gradle/actions/setup-gradle@d9c87d481d55275bb5441eef3fe0e46805f9ef70 #v3.5.0 | ||
| with: | ||
| arguments: build integrationTests -PlocalDocker=true -Prelease.version=${{ github.event.inputs.version }} --stacktrace | ||
| - name: Configure AWS Credentials | ||
| uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v5.0.0 | ||
| with: | ||
| role-to-assume: ${{ secrets.AWS_ASSUME_ROLE_ARN_RELEASE }} | ||
| aws-region: ${{ env.AWS_DEFAULT_REGION }} | ||
| - name: Log in to AWS ECR | ||
| uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 #v3.5.0 | ||
| with: | ||
| registry: public.ecr.aws | ||
| - name: Set up QEMU | ||
| uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 #3.6.0 | ||
| - name: Set up Docker Buildx | ||
| uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 #v3.11.1 | ||
| with: | ||
| driver-opts: image=moby/buildkit:v0.15.1 | ||
| - name: Build image for testing | ||
| uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 #v6.18.0 | ||
| with: | ||
| push: false | ||
| build-args: "ADOT_JAVA_VERSION=${{ github.event.inputs.version }}" | ||
| context: . | ||
| platforms: linux/amd64 | ||
| tags: ${{ env.TEST_TAG }} | ||
| load: true | ||
| - name: Test docker image | ||
| shell: bash | ||
| run: .github/scripts/test-adot-javaagent-image.sh "${{ env.TEST_TAG }}" "${{ github.event.inputs.version }}" | ||
| - name: Build and push image | ||
| uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 #v6.18.0 | ||
| with: | ||
| push: true | ||
| build-args: "ADOT_JAVA_VERSION=${{ github.event.inputs.version }}" | ||
| context: . | ||
| platforms: linux/amd64,linux/arm64 | ||
| tags: | | ||
| public.ecr.aws/aws-observability/adot-autoinstrumentation-java:v${{ github.event.inputs.version }} | ||
| uses: gradle/actions/setup-gradle@d9c87d481d55275bb5441eef3fe0e46805f9ef70 #v3.5.0 | ||
| with: | ||
| arguments: build final closeAndReleaseSonatypeStagingRepository -Prelease.version=${{ github.event.inputs.version }} --stacktrace | ||
| env: | ||
| PUBLISH_TOKEN_USERNAME: ${{ secrets.PUBLISH_TOKEN_USERNAME }} | ||
| PUBLISH_TOKEN_PASSWORD: ${{ secrets.PUBLISH_TOKEN_PASSWORD }} | ||
| GRGIT_USER: ${{ secrets.GITHUB_TOKEN }} | ||
| GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} | ||
| GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | ||
| - name: Create release | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token | ||
| run: | | ||
| cp "otelagent/build/libs/aws-opentelemetry-agent-${{ github.event.inputs.version }}.jar" aws-opentelemetry-agent.jar | ||
| gh release create --target "$GITHUB_REF_NAME" \ | ||
| --title "Release v${{ github.event.inputs.version }}" \ | ||
| --draft \ | ||
| "v${{ github.event.inputs.version }}" \ | ||
| aws-opentelemetry-agent.jar | ||
