Skip to content

improv(ci): Verify Output of Layer Deployment (Partitions) GitHub Action #4308

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 6 commits into from
Aug 12, 2025
+33 −28
Merged

improv(ci): Verify Output of Layer Deployment (Partitions) GitHub Action #4308

Changes from 1 commit
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
f0ed27a
Added verification checks for the description and the layer number
sdangol Aug 12, 2025
fbcd743
Removed the manual verification of the layers step in the maintainers…
sdangol Aug 12, 2025
3de9a2b
Documented the steps in the partitioned layer publish workflow
sdangol Aug 12, 2025
ef54218
Added some more details to the verify layer step
sdangol Aug 12, 2025
996cfd2
Update .github/workflows/layers_partitions.yml
sdangol Aug 12, 2025
dc7b577
Update .github/workflows/layers_partitions.yml
sdangol Aug 12, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 13 additions & 0 deletions .github/workflows/layers_partitions.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,16 @@
# We pull each the version of the layer and store them as artifacts, the we upload them to each of the Partitioned AWS accounts.
#
# A number of safety checks are performed to ensure safety.
#
# === Automated activities ===
# 1. [Setup] configure partition-specific regions, partition names, and STS audience based on target partition (China/GovCloud)
# 2. [Download] retrieve the specified layer version from the main AWS partition (us-east-1) and store as artifacts
# 3. [Copy & Verify] deploy the layer to all regions in the target partition and validate layer deployment by comparing SHA256, description, and version numbers
#
# === Manual activities ===
# 1. After `make-release` workflow finishes and the PR for the documentation update gets created, trigger this workflow manually via workflow_dispatch with environment, version, and partition inputs for each Gamma and Prod with China and GovCloud partitions
# 2. Monitor deployment progress and verify successful layer publication across all target regions
# 3. Once this workflow is completed, the PR for the documentation update can me merged

on:
workflow_dispatch:
Expand Down Expand Up @@ -44,6 +54,7 @@ permissions:
contents: read

jobs:
# This job configures partition-specific settings including regions, partition names, and STS audience based on the target partition (China or GovCloud) selected in the workflow inputs.
setup:
runs-on: ubuntu-latest
outputs:
Expand All @@ -65,6 +76,7 @@ jobs:
echo regions='["us-gov-east-1", "us-gov-west-1"]'>> "$GITHUB_OUTPUT"
echo partition='aws-us-gov'>> "$GITHUB_OUTPUT"
echo aud='sts.amazonaws.com'>> "$GITHUB_OUTPUT"
# This job downloads the specified layer version from the main AWS partition (us-east-1) and stores both the layer zip file and metadata as GitHub Actions artifacts for use in deployment.
download:
runs-on: ubuntu-latest
permissions:
Expand Down Expand Up @@ -96,6 +108,7 @@ jobs:
path: AWSLambdaPowertoolsTypeScriptV2.json
retention-days: 1
if-no-files-found: error
# This job deploys the layer to all regions in the target partition using a matrix strategy. It performs integrity checks, publishes the layer, sets public permissions, and validates deployment.

copy:
name: Copy
Expand Down