diff --git a/.github/scripts/update_layer_arn.sh b/.github/scripts/update_layer_arn.sh index 3a39f3135b..337b908a80 100755 --- a/.github/scripts/update_layer_arn.sh +++ b/.github/scripts/update_layer_arn.sh @@ -8,13 +8,12 @@ # see .github/workflows/publish_layer.yml -# Get the new layer arn from the first command-line argument -new_layer_arn=$1 -if [ -z "$new_layer_arn" ]; then - echo "Usage: $0 " +# Get the new layer version from the first command-line argument +new_version=$1 +if [ -z "$new_version" ]; then + echo "Usage: $0 " exit 1 fi -new_version=$(echo $new_layer_arn | sed 's/.*://') # Find all files with specified extensions in ./docs and ./examples directories # -type f: only find files (not directories) diff --git a/.github/workflows/publish_layer.yml b/.github/workflows/publish_layer.yml index 9b59b6791f..5187e16f72 100644 --- a/.github/workflows/publish_layer.yml +++ b/.github/workflows/publish_layer.yml @@ -80,6 +80,16 @@ jobs: secrets: target-account-role: ${{ secrets.AWS_LAYERS_PROD_ROLE_ARN }} + update-ssm-prod: + needs: [deploy-prod] + uses: ./.github/workflows/update_ssm.yml + permissions: + contents: read + with: + environment: prod + package_version: ${{ inputs.latest_published_version }} + layer-version: ${{ needs.deploy-prod.outputs.layer-version }} + update_layer_arn_docs: needs: [deploy-prod] # Force Github action to run only a single job at a time (based on the group name) @@ -98,7 +108,7 @@ jobs: ref: ${{ github.sha }} - name: Replace layer versions in documentation run: | - ./.github/scripts/update_layer_arn.sh ${{ needs.deploy-prod.outputs.layer-arn }} + ./.github/scripts/update_layer_arn.sh ${{ needs.deploy-prod.outputs.layer-version }} - name: Stage changes run: git add . - name: Create PR diff --git a/.github/workflows/reusable_deploy_layer_stack.yml b/.github/workflows/reusable_deploy_layer_stack.yml index f4bf2955ba..c7a5afc855 100644 --- a/.github/workflows/reusable_deploy_layer_stack.yml +++ b/.github/workflows/reusable_deploy_layer_stack.yml @@ -16,9 +16,9 @@ on: required: true type: string outputs: - layer-arn: - description: "The latest deployed Layer ARN" - value: ${{ jobs.deploy-cdk-stack.outputs.layer-arn }} + layer-version: + description: "The latest deployed Layer version" + value: ${{ jobs.deploy-cdk-stack.outputs.layer-version }} secrets: target-account-role: required: true @@ -70,7 +70,7 @@ jobs: "mx-central-1" ] outputs: - layer-arn: ${{ steps.store-latest-layer-arn.outputs.layer-arn }} + layer-version: ${{ steps.store-latest-layer-arn.outputs.layer-version }} steps: - name: checkout uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 @@ -100,10 +100,11 @@ jobs: run: | mkdir cdk-layer-stack jq -r -c '.LayerPublisherStack.LatestLayerArn' layers/cdk-outputs.json > cdk-layer-stack/${{ matrix.region }}-layer-version.txt + layer_arn=$(cat cdk-layer-stack/${{ matrix.region }}-layer-version.txt) + echo "$layer_arn" if [ "${{ matrix.region }}" = "us-east-1" ]; then - echo "layer-arn=$(cat cdk-layer-stack/${{ matrix.region }}-layer-version.txt)" | tee -a "$GITHUB_OUTPUT" - else - cat cdk-layer-stack/${{ matrix.region }}-layer-version.txt + layer_version=$(echo $layer_arn | sed 's/.*://') + echo "layer-version=$layer_version" >> "$GITHUB_OUTPUT" fi - name: Save Layer ARN artifact if: ${{ inputs.stage == 'PROD' }} diff --git a/.github/workflows/update_ssm.yml b/.github/workflows/update_ssm.yml index c9fe02d307..39806ea5ea 100644 --- a/.github/workflows/update_ssm.yml +++ b/.github/workflows/update_ssm.yml @@ -5,7 +5,6 @@ # * environment: will prefix /beta/ into the parameter # * write_latest: will create a latest alias instead of a version number in the parameter # * package_version: semantic version number of the released layer (3.x.y) -# * layer_version: this is sequential layer version from the ARN # # A successful parameter would look similar to: # /aws/service/powertools/python/arm64/python3.8/3.1.0 @@ -27,8 +26,8 @@ on: description: Environment to deploy to type: choice options: - - Beta - - Prod + - beta + - prod required: true write_latest: @@ -41,8 +40,29 @@ on: type: string required: true - layer_version: - description: Layer version + layer-version: + description: Layer version of the published layer + type: string + required: true + + workflow_call: + inputs: + environment: + description: Environment to deploy to + type: string + required: true + + write_latest: + description: Write to the latest path + type: boolean + required: false + + package_version: + description: Semantic Version of published layer + type: string + required: true + layer-version: + description: Layer version of the published layer type: string required: true @@ -111,11 +131,11 @@ jobs: env: prefix: ${{ inputs.environment == 'beta' && '/aws/service/powertools/beta' || '/aws/service/powertools' }} run: | - aws ssm put-parameter --name ${{ env.prefix }}/typescript/generic/all/${{ inputs.package_version }} --value "arn:aws:lambda:${{ matrix.region }}:094274105915:layer:AWSLambdaPowertoolsTypeScriptV2:${{ inputs.layer_version }}" --type String --overwrite + aws ssm put-parameter --name ${{ env.prefix }}/typescript/generic/all/${{ inputs.package_version }} --value "arn:aws:lambda:${{ matrix.region }}:094274105915:layer:AWSLambdaPowertoolsTypeScriptV2:${{ inputs.layer-version }}" --type String --overwrite - id: write-latest if: inputs.write_latest == true env: prefix: ${{ inputs.environment == 'beta' && '/aws/service/powertools/beta' || '/aws/service/powertools' }} run: | - aws ssm put-parameter --name ${{ env.prefix }}/typescript/generic/all/latest --value "arn:aws:lambda:${{ matrix.region }}:094274105915:layer:AWSLambdaPowertoolsTypeScriptV2:${{ inputs.layer_version }}" --type String --overwrite + aws ssm put-parameter --name ${{ env.prefix }}/typescript/generic/all/latest --value "arn:aws:lambda:${{ matrix.region }}:094274105915:layer:AWSLambdaPowertoolsTypeScriptV2:${{ inputs.layer-version }}" --type String --overwrite diff --git a/docs/maintainers.md b/docs/maintainers.md index e6c19b3085..1ad48a25b7 100644 --- a/docs/maintainers.md +++ b/docs/maintainers.md @@ -190,21 +190,7 @@ targeting the `Prod` deployment environment and the China partition, and using t This will publish the Lambda layer to the AWS China (Beijing) Region. 9. **Merge docs PR**: Once the `Layer Deployment (Partition)` workflow for the production China partition is complete, merge the PR from step 4 to update the documentation with the new version. -10. **Update SSM Parameters (Beta)**: Run the `SSM Parameters` workflow with the `main` branch, targeting the `beta` -deployment environment, and using the package version from npm (i.e., `2.20.0`) and Lambda layer version from step 4. -This will update the SSM parameters with the new version. -11. **Verify SSM Parameters (Beta)**: Use the AWS CLI to verify that the SSM parameters were updated correctly. Run -the following command: `aws ssm get-parameter --name=/aws/service/powertools/beta/typescript/generic/all/latest` -and `aws ssm get-parameter --name=/aws/service/powertools/beta/typescript/generic/all/` to verify that the -SSM parameters were updated correctly. -12. **Update SSM Parameters (Prod)**: Run the `SSM Parameters` workflow with the `main` branch, targeting the `prod` -deployment environment, and using the package version from npm (i.e., `2.20.0`) and Lambda layer version from step 4. -This will update the SSM parameters with the new version. -13. **Verify SSM Parameters (Prod)**: Use the AWS CLI to verify that the SSM parameters were updated correctly. Run -the following command: `aws ssm get-parameter --name=/aws/service/powertools/typescript/generic/all/latest` -and `aws ssm get-parameter --name=/aws/service/powertools/typescript/generic/all/` to verify that the -SSM parameters were updated correctly. -14. **Update Docs**: Run the `Rebuild latest docs` workflow with the `main` branch using the package version from +10. **Update Docs**: Run the `Rebuild latest docs` workflow with the `main` branch using the package version from npm (i.e. `2.20.0`). This will update the documentation with the new version. Once complete, you can start drafting the release notes to let customers know **what changed and what's in it for them (a.k.a why they should care)**. We have guidelines in the release notes section so you know what good looks like.