55 version :
66 description : The version to tag the release with, e.g., 1.2.0
77 required : true
8+ aws_region :
9+ description : ' Deploy lambda layer to aws regions'
10+ required : true
11+ default : ' us-east-1, us-east-2, us-west-1, us-west-2, ap-south-1, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, eu-central-1, eu-west-1, eu-west-2, eu-west-3, eu-north-1, sa-east-1, af-south-1, ap-east-1, ap-south-2, ap-southeast-3, ap-southeast-4, eu-central-2, eu-south-1, eu-south-2, il-central-1, me-central-1, me-south-1, ap-southeast-5, ap-southeast-7, mx-central-1, ca-west-1, cn-north-1, cn-northwest-1'
812
913env :
1014 AWS_DEFAULT_REGION : us-east-1
1418 RELEASE_PRIVATE_REPOSITORY : 020628701572.dkr.ecr.us-west-2.amazonaws.com/adot-autoinstrumentation-node
1519 RELEASE_PRIVATE_REGISTRY : 020628701572.dkr.ecr.us-west-2.amazonaws.com
1620 PACKAGE_NAME : aws-distro-opentelemetry-node-autoinstrumentation
17- ARTIFACT_NAME : aws-aws-distro-opentelemetry-node-autoinstrumentation-${{ github.event.inputs.version }}.tgz
21+ ARTIFACT_NAME : aws-aws-distro-opentelemetry-node-autoinstrumentation-${{ github.event.inputs.version }}.tgz
22+ LAMBDA_AWS_REGIONS : ${{ github.event.inputs.aws_region }}
23+ COMMERCIAL_REGIONS : us-east-1, us-east-2, us-west-1, us-west-2, ap-south-1, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, eu-central-1, eu-west-1, eu-west-2, eu-west-3, eu-north-1, sa-east-1, ap-southeast-5, ap-southeast-7, mx-central-1, ca-west-1, cn-north-1, cn-northwest-1
24+ LAYER_NAME : AWSOpenTelemetryDistroJs
1825
1926permissions :
2027 id-token : write
@@ -108,7 +115,7 @@ jobs:
108115 ")
109116
110117 # Create release notes
111- cat > release_notes.md << ' EOF'
118+ cat > release_notes.md << EOF
112119 This release contains the following upstream components:
113120
114121 $DEPS
@@ -135,4 +142,221 @@ jobs:
135142 NODE_AUTH_TOKEN : ${{secrets.NPM_TOKEN}}
136143 NPM_CONFIG_PROVENANCE : true
137144 run : npm publish
138-
145+ build-layer :
146+ environment : Release
147+ needs : build
148+ runs-on : ubuntu-latest
149+ outputs :
150+ aws_regions_json : ${{ steps.set-matrix.outputs.aws_regions_json }}
151+ steps :
152+ - name : Set up regions matrix
153+ id : set-matrix
154+ run : |
155+ IFS=',' read -ra REGIONS <<< "${{ env.LAMBDA_AWS_REGIONS }}"
156+ MATRIX="["
157+ for region in "${REGIONS[@]}"; do
158+ trimmed_region=$(echo "$region" | xargs)
159+ MATRIX+="\"$trimmed_region\","
160+ done
161+ MATRIX="${MATRIX%,}]"
162+ echo ${MATRIX}
163+ echo "aws_regions_json=${MATRIX}" >> $GITHUB_OUTPUT
164+ name : Checkout Repo @ SHA - ${{ github.sha }}
165+ uses : actions/checkout@v4
166+ - name : Setup Node
167+ uses : actions/setup-node@v4
168+ with :
169+ node-version : 22
170+ - name : NPM Clean Install
171+ # https://docs.npmjs.com/cli/v10/commands/npm-ci
172+ run : npm ci
173+ - name : Compile all NPM projects
174+ run : npm run compile
175+ - name : Build Lambda Layer
176+ run : npm run build-lambda
177+ - name : upload layer
178+ uses : actions/upload-artifact@v4
179+ with :
180+ name : layer.zip
181+ path : lambda-layer/packages/layer/build/layer.zip
182+ publish-layer-prod :
183+ runs-on : ubuntu-latest
184+ needs : build-layer
185+ strategy :
186+ matrix :
187+ aws_region : ${{ fromJson(needs.build-layer.outputs.aws_regions_json) }}
188+ steps :
189+ - name : role arn
190+ env :
191+ COMMERCIAL_REGIONS : ${{ env.COMMERCIAL_REGIONS }}
192+ run : |
193+ COMMERCIAL_REGIONS_ARRAY=(${COMMERCIAL_REGIONS//,/ })
194+ FOUND=false
195+ for REGION in "${COMMERCIAL_REGIONS_ARRAY[@]}"; do
196+ if [[ "$REGION" == "${{ matrix.aws_region }}" ]]; then
197+ FOUND=true
198+ break
199+ fi
200+ done
201+ if [ "$FOUND" = true ]; then
202+ echo "Found ${{ matrix.aws_region }} in COMMERCIAL_REGIONS"
203+ SECRET_KEY="LAMBDA_LAYER_RELEASE"
204+ else
205+ echo "Not found ${{ matrix.aws_region }} in COMMERCIAL_REGIONS"
206+ SECRET_KEY="${{ matrix.aws_region }}_LAMBDA_LAYER_RELEASE"
207+ fi
208+ SECRET_KEY=${SECRET_KEY//-/_}
209+ echo "SECRET_KEY=${SECRET_KEY}" >> $GITHUB_ENV
210+ -
uses :
aws-actions/[email protected] 211+ with :
212+ role-to-assume : ${{ secrets[env.SECRET_KEY] }}
213+ role-duration-seconds : 1200
214+ aws-region : ${{ matrix.aws_region }}
215+ - name : Get s3 bucket name for release
216+ run : |
217+ echo BUCKET_NAME=nodejs-lambda-layer-${{ github.run_id }}-${{ matrix.aws_region }} | tee --append $GITHUB_ENV
218+ name : download layer.zip
219+ uses : actions/download-artifact@v4
220+ with :
221+ name : layer.zip
222+ - name : publish
223+ run : |
224+ aws s3 mb s3://${{ env.BUCKET_NAME }}
225+ aws s3 cp layer.zip s3://${{ env.BUCKET_NAME }}
226+ layerARN=$(
227+ aws lambda publish-layer-version \
228+ --layer-name ${{ env.LAYER_NAME }} \
229+ --content S3Bucket=${{ env.BUCKET_NAME }},S3Key=layer.zip \
230+ --compatible-runtimes nodejs18.x nodejs20.x nodejs22.x \
231+ --compatible-architectures "arm64" "x86_64" \
232+ --license-info "Apache-2.0" \
233+ --description "AWS Distro of OpenTelemetry Lambda Layer for NodeJs Runtime" \
234+ --query 'LayerVersionArn' \
235+ --output text
236+ )
237+ echo $layerARN
238+ echo "LAYER_ARN=${layerARN}" >> $GITHUB_ENV
239+ mkdir ${{ env.LAYER_NAME }}
240+ echo $layerARN > ${{ env.LAYER_NAME }}/${{ matrix.aws_region }}
241+ cat ${{ env.LAYER_NAME }}/${{ matrix.aws_region }}
242+ name : public layer
243+ run : |
244+ layerVersion=$(
245+ aws lambda list-layer-versions \
246+ --layer-name ${{ env.LAYER_NAME }} \
247+ --query 'max_by(LayerVersions, &Version).Version'
248+ )
249+ aws lambda add-layer-version-permission \
250+ --layer-name ${{ env.LAYER_NAME }} \
251+ --version-number $layerVersion \
252+ --principal "*" \
253+ --statement-id publish \
254+ --action lambda:GetLayerVersion
255+ name : upload layer arn artifact
256+ if : ${{ success() }}
257+ uses : actions/upload-artifact@v4
258+ with :
259+ name : ${{ env.LAYER_NAME }}-${{ matrix.aws_region }}
260+ path : ${{ env.LAYER_NAME }}/${{ matrix.aws_region }}
261+ - name : clean s3
262+ if : always()
263+ run : |
264+ aws s3 rb --force s3://${{ env.BUCKET_NAME }}
265+ generate-lambda-release-note :
266+ runs-on : ubuntu-latest
267+ needs : publish-layer-prod
268+ steps :
269+ - name : Checkout Repo @ SHA - ${{ github.sha }}
270+ uses : actions/checkout@v4
271+ - uses : hashicorp/setup-terraform@v2
272+ - name : download layerARNs
273+ uses : actions/download-artifact@v4
274+ with :
275+ pattern : ${{ env.LAYER_NAME }}-*
276+ path : ${{ env.LAYER_NAME }}
277+ merge-multiple : true
278+ - name : show layerARNs
279+ run : |
280+ for file in ${{ env.LAYER_NAME }}/*
281+ do
282+ echo $file
283+ cat $file
284+ done
285+ name : generate layer-note
286+ working-directory : ${{ env.LAYER_NAME }}
287+ run : |
288+ echo "| Region | Layer ARN |" >> ../layer-note
289+ echo "| ---- | ---- |" >> ../layer-note
290+ for file in *
291+ do
292+ read arn < $file
293+ echo "| " $file " | " $arn " |" >> ../layer-note
294+ done
295+ cd ..
296+ cat layer-note
297+ name : generate tf layer
298+ working-directory : ${{ env.LAYER_NAME }}
299+ run : |
300+ echo "locals {" >> ../layer_arns.tf
301+ echo " sdk_layer_arns = {" >> ../layer_arns.tf
302+ for file in *
303+ do
304+ read arn < $file
305+ echo " \""$file"\" = \""$arn"\"" >> ../layer_arns.tf
306+ done
307+ cd ..
308+ echo " }" >> layer_arns.tf
309+ echo "}" >> layer_arns.tf
310+ terraform fmt layer_arns.tf
311+ cat layer_arns.tf
312+ name : generate layer ARN constants for CDK
313+ working-directory : ${{ env.LAYER_NAME }}
314+ run : |
315+ echo "{" > ../layer_cdk
316+ for file in *; do
317+ read arn < "$file"
318+ echo " \"$file\": \"$arn\"," >> ../layer_cdk
319+ done
320+ echo "}" >> ../layer_cdk
321+ cat ../layer_cdk
322+ name : download layer.zip
323+ uses : actions/download-artifact@v4
324+ with :
325+ name : layer.zip
326+ - name : Get commit hash
327+ id : commit
328+ run : |
329+ echo "sha_short=$(echo $GITHUB_SHA | cut -c1-7)" >> $GITHUB_OUTPUT
330+ name : Update GH release
331+ env :
332+ GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
333+ run : |
334+ TAG="v${{ github.event.inputs.version }}"
335+ # Generate SHA-256 checksum for layer.zip
336+ shasum -a 256 layer.zip > layer.zip.sha256
337+ gh release upload $TAG \
338+ layer.zip \
339+ layer.zip.sha256 \
340+ layer_arns.tf \
341+ --clobber
342+ name : Update Release Notes
343+ env :
344+ GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
345+ run : |
346+ TAG="v${{ github.event.inputs.version }}"
347+ # Get current release notes
348+ current_notes=$(gh release view $TAG --json body -q .body)
349+ echo "This release also includes the AWS OpenTelemetry Lambda Layer for JavaScript version ${{ github.event.inputs.version }}-${{ steps.commit.outputs.sha_short }}." >> lambda_notes.md
350+ echo "" >> lambda_notes.md
351+ echo "Lambda Layer ARNs:" >> lambda_notes.md
352+ echo "" >> lambda_notes.md
353+ cat layer-note >> lambda_notes.md
354+ echo "" >> lambda_notes.md
355+ echo "Notes:" >> lambda_notes.md
356+ {
357+ echo "$current_notes"
358+ echo ""
359+ cat lambda_notes.md
360+ } > updated_notes.md
361+ # Update release notes
362+ gh release edit $TAG --notes-file updated_notes.md
0 commit comments