Merge branch 'sachinh-inject-code-editor-version' into 1.0

Author: sachinh-amazon

.github/workflows/build-targets.yaml

@@ -10,7 +10,6 @@ jobs:
   build:
     name: Build Code Editor Targets
     runs-on: ubuntu-latest
-    environment: build-targets-workflow-env
     strategy:
       matrix:
         build-target: [code-editor-server, code-editor-sagemaker-server, code-editor-web-embedded, code-editor-web-embedded-with-terminal]
@@ -73,4 +72,31 @@ jobs:
         with:
           name: ${{ github.sha }}-${{ matrix.build-target }}-build
           path: ${{ matrix.build-target }}-build.tar.gz
-          retention-days: 90
+          retention-days: 90
+  handle-failures:
+    name: Handle Failures
+    runs-on: ubuntu-latest
+    needs: build
+    environment: build-targets-workflow-env
+    if: failure()
+    permissions:
+      id-token: write # Required for OIDC
+    env:
+      REPOSITORY: ${{ github.repository }}
+      AWS_ROLE_TO_ASSUME: ${{ secrets.AWS_ROLE_TO_ASSUME }}
+    steps:
+      - name: Use role credentials for metrics
+        id: aws-creds
+        continue-on-error: ${{ env.REPOSITORY != 'aws/code-editor' }}
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: ${{ env.AWS_ROLE_TO_ASSUME }}
+          aws-region: us-east-1
+      - name: Report failure
+        if: steps.aws-creds.outcome == 'success'
+        run: |
+          aws cloudwatch put-metric-data \
+            --namespace "GitHub/Workflows" \
+            --metric-name "ExecutionsFailed" \
+            --dimensions "Repository=${{ env.REPOSITORY }},Workflow=BuildTargets" \
+            --value 1

.github/workflows/release.yaml

@@ -15,11 +15,8 @@ jobs:
     runs-on: ubuntu-latest
     permissions:
       contents: write  # Required for creating releases
-    environment: release-workflow-env
     env:
-      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       COMMIT_SHA: ${{ github.sha }}
-      REPOSITORY: ${{ github.repository }}
       VERSION_NUM: ${{ github.event.inputs.version || github.ref_name }}
       SAGEMAKER_ARTIFACT_PREFIX: "code-editor-sagemaker-server"
     steps:
@@ -28,23 +25,20 @@ jobs:
         with:
           fetch-depth: 0
 
-      - name: Validate tag format
+      - name: Validate tag
         run: |
           if ! echo "$VERSION_NUM" | grep -qE '^[0-9]+\.[0-9]+\.[0-9]+$'; then
             echo "Tag $VERSION_NUM does not follow semantic version pattern (x.y.z). Skipping release."
             exit 78  # neutral exit code
           fi
           echo "Tag $VERSION_NUM follows valid semantic version pattern"
 
-      - name: Check if tag is from release branch
-        run: |
-          # Get the branch that contains this tag
-          BRANCHES=$(git branch -r --contains $COMMIT_SHA | grep -E 'origin/[0-9]+\.[0-9]+' || true)
-          if [ -z "$BRANCHES" ]; then
-            echo "Tag $VERSION_NUM is not from a *.* release branch. Skipping release."
-            exit 78  # neutral exit code
-          fi
-          echo "Tag is from a valid release branch: $BRANCHES"
+          # Verify release tag is made on the correct major.minor version branch.
+          # The command will fail with exit code 1 if the tag is not on a valid release branch.
+          MAJOR_MINOR=$(echo "$VERSION_NUM" | cut -d'.' -f1,2)
+          git branch --remote --contains $COMMIT_SHA origin/$MAJOR_MINOR
+          
+          echo "Tag is from a valid branch."
 
       - name: Download sagemaker artifacts by commit ID
         run: |
@@ -108,4 +102,31 @@ jobs:
             gh release create "$VERSION_NUM" *.tar.gz \
               --title "Release $VERSION_NUM" \
               --notes "Release $VERSION_NUM"
-          fi
+          fi
+  handle-failures:
+    name: Handle Failures
+    runs-on: ubuntu-latest
+    needs: release
+    environment: release-workflow-env
+    if: failure()
+    permissions:
+      id-token: write # Required for OIDC
+    env:
+      REPOSITORY: ${{ github.repository }}
+      AWS_ROLE_TO_ASSUME: ${{ secrets.AWS_ROLE_TO_ASSUME }}
+    steps:
+      - name: Use role credentials for metrics
+        id: aws-creds
+        continue-on-error: ${{ env.REPOSITORY != 'aws/code-editor' }}
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: ${{ env.AWS_ROLE_TO_ASSUME }}
+          aws-region: us-east-1
+      - name: Report failure
+        if: steps.aws-creds.outcome == 'success'
+        run: |
+          aws cloudwatch put-metric-data \
+            --namespace "GitHub/Workflows" \
+            --metric-name "ExecutionsFailed" \
+            --dimensions "Repository=${{ env.REPOSITORY }},Workflow=Release" \
+            --value 1

README.md

@@ -10,6 +10,10 @@ The repository structure is the following:
 - `patches`: Patch files created by [Quilt](https://linux.die.net/man/1/quilt), grouped around features.
 - `third-party-src`: Git submodule linking to the upstream [Code-OSS](https://github.com/microsoft/vscode/) commit. The patches are applied on top of this specific commit.
 
+## Creating a new release
+
+See [RELEASE](RELEASE.md) for more information.
+
 ## Troubleshooting and Feedback
 
 See [CONTRIBUTING](CONTRIBUTING.md#reporting-bugsfeature-requests) for more information.