55 version :
66 description : The version to tag the release with, e.g., 1.2.0
77 required : true
8+ aws_region :
9+ description : ' Deploy to aws regions'
10+ required : true
11+ default : ' us-east-1, us-east-2, us-west-1, us-west-2, ap-south-1, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, eu-central-1, eu-west-1, eu-west-2, eu-west-3, eu-north-1, sa-east-1, af-south-1, ap-east-1, ap-south-2, ap-southeast-3, ap-southeast-4, eu-central-2, eu-south-1, eu-south-2, il-central-1, me-central-1, me-south-1, ap-southeast-5, ap-southeast-7, mx-central-1, ca-west-1, cn-north-1, cn-northwest-1'
812
913env :
1014 AWS_DEFAULT_REGION : us-east-1
1519 RELEASE_PRIVATE_REGISTRY : 020628701572.dkr.ecr.us-west-2.amazonaws.com
1620 PACKAGE_NAME : aws-opentelemetry-distro
1721 ARTIFACT_NAME : aws_opentelemetry_distro-${{ github.event.inputs.version }}-py3-none-any.whl
22+ # Legacy list of commercial regions to deploy to. New regions should NOT be added here, and instead should be added to the `aws_region` default input to the workflow.
23+ LEGACY_COMMERCIAL_REGIONS : us-east-1, us-east-2, us-west-1, us-west-2, ap-south-1, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, eu-central-1, eu-west-1, eu-west-2, eu-west-3, eu-north-1, sa-east-1
24+ LAYER_NAME : AWSOpenTelemetryDistroPython
1825
1926permissions :
2027 id-token : write
@@ -133,7 +140,7 @@ jobs:
133140 GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
134141 run : |
135142 # Create release notes template
136- cat > release_notes.md << ' EOF'
143+ cat > release_notes.md << EOF
137144 This release contains updates of the following upstream components:
138145
139146 OpenTelemetry Python - <opentelemetry-sdk version number - e.g. 1.22.0>
@@ -153,3 +160,221 @@ jobs:
153160 "v${{ github.event.inputs.version }}" \
154161 dist/${{ env.ARTIFACT_NAME }} \
155162 ${{ env.ARTIFACT_NAME }}.sha256
163+ build-layer :
164+ environment : Release
165+ runs-on : ubuntu-latest
166+ needs : build
167+ outputs :
168+ aws_regions_json : ${{ steps.set-matrix.outputs.aws_regions_json }}
169+ steps :
170+ - name : Set up regions matrix
171+ id : set-matrix
172+ run : |
173+ IFS=',' read -ra REGIONS <<< "${{ github.event.inputs.aws_region }}"
174+ MATRIX="["
175+ for region in "${REGIONS[@]}"; do
176+ trimmed_region=$(echo "$region" | xargs)
177+ MATRIX+="\"$trimmed_region\","
178+ done
179+ MATRIX="${MATRIX%,}]"
180+ echo ${MATRIX}
181+ echo "aws_regions_json=${MATRIX}" >> $GITHUB_OUTPUT
182+ name : Checkout Repo @ SHA - ${{ github.sha }}
183+ uses : actions/checkout@v4
184+ - uses : actions/setup-python@v5
185+ with :
186+ python-version : ' 3.x'
187+ - name : Build layers
188+ working-directory : lambda-layer/src
189+ run : |
190+ ./build-lambda-layer.sh
191+ pip install tox
192+ tox
193+ name : upload layer
194+ uses : actions/upload-artifact@v4
195+ with :
196+ name : layer.zip
197+ path : lambda-layer/src/build/aws-opentelemetry-python-layer.zip
198+ publish-layer-prod :
199+ runs-on : ubuntu-latest
200+ needs : build-layer
201+ strategy :
202+ matrix :
203+ aws_region : ${{ fromJson(needs.build-layer.outputs.aws_regions_json) }}
204+ steps :
205+ - name : role arn
206+ env :
207+ LEGACY_COMMERCIAL_REGIONS : ${{ env.LEGACY_COMMERCIAL_REGIONS }}
208+ run : |
209+ LEGACY_COMMERCIAL_REGIONS_ARRAY=(${LEGACY_COMMERCIAL_REGIONS//,/ })
210+ FOUND=false
211+ for REGION in "${LEGACY_COMMERCIAL_REGIONS_ARRAY[@]}"; do
212+ if [[ "$REGION" == "${{ matrix.aws_region }}" ]]; then
213+ FOUND=true
214+ break
215+ fi
216+ done
217+ if [ "$FOUND" = true ]; then
218+ echo "Found ${{ matrix.aws_region }} in LEGACY_COMMERCIAL_REGIONS"
219+ SECRET_KEY="LAMBDA_LAYER_RELEASE"
220+ else
221+ echo "Not found ${{ matrix.aws_region }} in LEGACY_COMMERCIAL_REGIONS"
222+ SECRET_KEY="${{ matrix.aws_region }}_LAMBDA_LAYER_RELEASE"
223+ fi
224+ SECRET_KEY=${SECRET_KEY//-/_}
225+ echo "SECRET_KEY=${SECRET_KEY}" >> $GITHUB_ENV
226+ -
uses :
aws-actions/[email protected] 227+ with :
228+ role-to-assume : ${{ secrets[env.SECRET_KEY] }}
229+ role-duration-seconds : 1200
230+ aws-region : ${{ matrix.aws_region }}
231+ - name : Get s3 bucket name for release
232+ run : |
233+ echo BUCKET_NAME=python-lambda-layer-${{ github.run_id }}-${{ matrix.aws_region }} | tee --append $GITHUB_ENV
234+ name : download layer.zip
235+ uses : actions/download-artifact@v4
236+ with :
237+ name : layer.zip
238+ - name : publish
239+ run : |
240+ aws s3 mb s3://${{ env.BUCKET_NAME }}
241+ aws s3 cp aws-opentelemetry-python-layer.zip s3://${{ env.BUCKET_NAME }}
242+ layerARN=$(
243+ aws lambda publish-layer-version \
244+ --layer-name ${{ env.LAYER_NAME }} \
245+ --content S3Bucket=${{ env.BUCKET_NAME }},S3Key=aws-opentelemetry-python-layer.zip \
246+ --compatible-runtimes python3.10 python3.11 python3.12 python3.13 \
247+ --compatible-architectures "arm64" "x86_64" \
248+ --license-info "Apache-2.0" \
249+ --description "AWS Distro of OpenTelemetry Lambda Layer for Python Runtime" \
250+ --query 'LayerVersionArn' \
251+ --output text
252+ )
253+ echo $layerARN
254+ echo "LAYER_ARN=${layerARN}" >> $GITHUB_ENV
255+ mkdir ${{ env.LAYER_NAME }}
256+ echo $layerARN > ${{ env.LAYER_NAME }}/${{ matrix.aws_region }}
257+ cat ${{ env.LAYER_NAME }}/${{ matrix.aws_region }}
258+ name : public layer
259+ run : |
260+ layerVersion=$(
261+ aws lambda list-layer-versions \
262+ --layer-name ${{ env.LAYER_NAME }} \
263+ --query 'max_by(LayerVersions, &Version).Version'
264+ )
265+ aws lambda add-layer-version-permission \
266+ --layer-name ${{ env.LAYER_NAME }} \
267+ --version-number $layerVersion \
268+ --principal "*" \
269+ --statement-id publish \
270+ --action lambda:GetLayerVersion
271+ name : upload layer arn artifact
272+ if : ${{ success() }}
273+ uses : actions/upload-artifact@v4
274+ with :
275+ name : ${{ env.LAYER_NAME }}-${{ matrix.aws_region }}
276+ path : ${{ env.LAYER_NAME }}/${{ matrix.aws_region }}
277+ - name : clean s3
278+ if : always()
279+ run : |
280+ aws s3 rb --force s3://${{ env.BUCKET_NAME }}
281+ generate-lambda-release-note :
282+ runs-on : ubuntu-latest
283+ needs : publish-layer-prod
284+ steps :
285+ - name : Checkout Repo @ SHA - ${{ github.sha }}
286+ uses : actions/checkout@v4
287+ - uses : hashicorp/setup-terraform@v2
288+ - name : download layerARNs
289+ uses : actions/download-artifact@v4
290+ with :
291+ pattern : ${{ env.LAYER_NAME }}-*
292+ path : ${{ env.LAYER_NAME }}
293+ merge-multiple : true
294+ - name : show layerARNs
295+ run : |
296+ for file in ${{ env.LAYER_NAME }}/*
297+ do
298+ echo $file
299+ cat $file
300+ done
301+ name : generate layer-note
302+ working-directory : ${{ env.LAYER_NAME }}
303+ run : |
304+ echo "| Region | Layer ARN |" >> ../layer-note
305+ echo "| ---- | ---- |" >> ../layer-note
306+ for file in *
307+ do
308+ read arn < $file
309+ echo "| " $file " | " $arn " |" >> ../layer-note
310+ done
311+ cat ../layer-note
312+ name : generate tf layer
313+ working-directory : ${{ env.LAYER_NAME }}
314+ run : |
315+ echo "locals {" >> ../layer_arns.tf
316+ echo " sdk_layer_arns = {" >> ../layer_arns.tf
317+ for file in *
318+ do
319+ read arn < $file
320+ echo " \""$file"\" = \""$arn"\"" >> ../layer_arns.tf
321+ done
322+ cd ..
323+ echo " }" >> layer_arns.tf
324+ echo "}" >> layer_arns.tf
325+ terraform fmt layer_arns.tf
326+ cat layer_arns.tf
327+ name : generate layer ARN constants for CDK
328+ working-directory : ${{ env.LAYER_NAME }}
329+ run : |
330+ echo "{" > ../layer_cdk
331+ for file in *; do
332+ read arn < "$file"
333+ echo " \"$file\": \"$arn\"," >> ../layer_cdk
334+ done
335+ echo "}" >> ../layer_cdk
336+ cat ../layer_cdk
337+ name : download layer.zip
338+ uses : actions/download-artifact@v4
339+ with :
340+ name : layer.zip
341+ - name : Rename layer file
342+ run : |
343+ cp aws-opentelemetry-python-layer.zip layer.zip
344+ name : Get commit hash
345+ id : commit
346+ run : echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
347+ - name : Update GH release
348+ env :
349+ GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
350+ run : |
351+ TAG="v${{ github.event.inputs.version }}"
352+ # Generate SHA-256 checksum for layer.zip
353+ shasum -a 256 layer.zip > layer.zip.sha256
354+ gh release upload $TAG \
355+ layer.zip \
356+ layer.zip.sha256 \
357+ layer_arns.tf \
358+ --clobber
359+ name : Update Release Notes
360+ env :
361+ GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
362+ run : |
363+ TAG="v${{ github.event.inputs.version }}"
364+ # Get current release notes
365+ current_notes=$(gh release view $TAG --json body -q .body)
366+ echo "This release also includes the AWS OpenTelemetry Lambda Layer for Python version ${{ github.event.inputs.version }}-${{ steps.commit.outputs.sha_short }}." >> lambda_notes.md
367+ echo "" >> lambda_notes.md
368+ echo "Lambda Layer ARNs:" >> lambda_notes.md
369+ echo "" >> lambda_notes.md
370+ cat layer-note >> lambda_notes.md
371+ echo "" >> lambda_notes.md
372+ echo "Notes:" >> lambda_notes.md
373+ {
374+ echo "$current_notes"
375+ echo ""
376+ cat lambda_notes.md
377+ } > updated_notes.md
378+ # Update release notes
379+ gh release edit $TAG --notes-file updated_notes.md
380+
0 commit comments