Release #26
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| bump_type: | |
| description: 'Version bump type' | |
| required: true | |
| type: choice | |
| options: | |
| - patch | |
| - minor | |
| - major | |
| - pre | |
| changelog: | |
| description: 'Custom changelog entry (optional - leave empty to auto-generate)' | |
| required: false | |
| type: string | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| jobs: | |
| prepare-release: | |
| name: Prepare Release | |
| runs-on: ubuntu-latest | |
| outputs: | |
| version: ${{ steps.bump.outputs.version }} | |
| steps: | |
| - name: Validate running from main | |
| run: | | |
| if [[ "${{ github.ref }}" != "refs/heads/main" ]]; then | |
| echo "⚠️ WARNING: Running from ${{ github.ref }}" | |
| echo "⚠️ Production releases should only run from main branch" | |
| fi | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup Python | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: '3.10' | |
| - name: Configure git | |
| run: | | |
| git config --global user.name "github-actions[bot]" | |
| git config --global user.email "github-actions[bot]@users.noreply.github.com" | |
| - name: Install uv | |
| run: | | |
| curl -LsSf https://astral.sh/uv/install.sh | sh | |
| echo "$HOME/.local/bin" >> $GITHUB_PATH | |
| - name: Get current version | |
| id: current | |
| run: | | |
| VERSION=$(grep -m1 -oP '^version = "\K[^"]+' pyproject.toml) | |
| echo "version=$VERSION" >> $GITHUB_OUTPUT | |
| echo "Current version: $VERSION" | |
| - name: Bump version | |
| id: bump | |
| env: | |
| CHANGELOG_INPUT: ${{ github.event.inputs.changelog }} | |
| BUMP_TYPE: ${{ github.event.inputs.bump_type }} | |
| run: | | |
| chmod +x scripts/bump_version.py | |
| # If no custom changelog, provide guidance | |
| if [ -z "$CHANGELOG_INPUT" ]; then | |
| echo "ℹ️ No custom changelog provided. Will auto-generate from commits." | |
| echo "💡 Tip: Provide a meaningful changelog message for better release notes" | |
| fi | |
| if [ -n "$CHANGELOG_INPUT" ]; then | |
| python scripts/bump_version.py "$BUMP_TYPE" \ | |
| --changelog "$CHANGELOG_INPUT" | |
| else | |
| python scripts/bump_version.py "$BUMP_TYPE" | |
| fi | |
| uv lock --no-progress | |
| NEW_VERSION=$(grep -m1 -oP '^version = "\K[^"]+' pyproject.toml) | |
| echo "version=$NEW_VERSION" >> $GITHUB_OUTPUT | |
| echo "New version: $NEW_VERSION" | |
| - name: Create release branch and PR | |
| env: | |
| NEW_VERSION: ${{ steps.bump.outputs.version }} | |
| run: | | |
| BRANCH_NAME="release/v$NEW_VERSION" | |
| if git ls-remote --exit-code --heads origin $BRANCH_NAME; then | |
| echo "⚠️ Branch $BRANCH_NAME already exists. Deleting it first..." | |
| git push origin --delete $BRANCH_NAME | |
| fi | |
| if git show-ref --verify --quiet refs/heads/$BRANCH_NAME; then | |
| git branch -D $BRANCH_NAME | |
| fi | |
| git checkout -b $BRANCH_NAME | |
| git add -A | |
| git commit -m "chore: bump version to $NEW_VERSION | |
| Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>" | |
| git push origin $BRANCH_NAME | |
| COMMITTED_VERSION=$(git show HEAD:pyproject.toml | grep -m1 -oP '^version = "\K[^"]+') | |
| if [ "$COMMITTED_VERSION" != "$NEW_VERSION" ]; then | |
| echo "❌ ERROR: Version not committed correctly!" | |
| exit 1 | |
| fi | |
| - name: Create Pull Request | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| NEW_VERSION: ${{ steps.bump.outputs.version }} | |
| GITHUB_REF: ${{ github.ref }} | |
| GITHUB_ACTOR: ${{ github.actor }} | |
| run: | | |
| BRANCH_NAME="release/v$NEW_VERSION" | |
| WARNING_TEXT="" | |
| if [ "$GITHUB_REF" != "refs/heads/main" ]; then | |
| WARNING_TEXT="**WARNING**: Not running from main branch!" | |
| else | |
| WARNING_TEXT="✅ Running from main branch" | |
| fi | |
| gh pr create \ | |
| --base main \ | |
| --head "$BRANCH_NAME" \ | |
| --title "Release v$NEW_VERSION" \ | |
| --body "## 🚀 Release v$NEW_VERSION | |
| This PR was automatically created by the release workflow. | |
| ### ⚠️ Pre-merge Checklist | |
| - [ ] Review CHANGELOG.md - ensure it has meaningful release notes | |
| - [ ] Verify version numbers are correct in all files | |
| - [ ] All CI checks are passing | |
| ### 📝 How to improve changelog | |
| If the auto-generated changelog isn't good enough: | |
| 1. Edit CHANGELOG.md in this PR | |
| 2. Commit the changes | |
| 3. Then approve and merge | |
| ### 🔄 Release Process | |
| After merging this PR: | |
| 1. Package will be built and tested | |
| 2. **Manual approval required** before publishing to PyPI | |
| 3. GitHub release and tag created after PyPI publication | |
| ### 🚨 Running from: $GITHUB_REF | |
| $WARNING_TEXT | |
| --- | |
| *Triggered by @$GITHUB_ACTOR*" | |
| test-and-build: | |
| name: Test and Build | |
| needs: prepare-release | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| ref: release/v${{ needs.prepare-release.outputs.version }} | |
| - name: Verify version before build | |
| env: | |
| EXPECTED_VERSION: ${{ needs.prepare-release.outputs.version }} | |
| run: | | |
| ACTUAL_VERSION=$(grep -m1 -oP '^version = "\K[^"]+' pyproject.toml) | |
| echo "Expected version: $EXPECTED_VERSION" | |
| echo "Actual version: $ACTUAL_VERSION" | |
| if [ "$ACTUAL_VERSION" != "$EXPECTED_VERSION" ]; then | |
| echo "❌ ERROR: Version mismatch!" | |
| exit 1 | |
| fi | |
| echo "✓ Version verified: $ACTUAL_VERSION" | |
| - name: Set up Python | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: '3.10' | |
| - name: Install uv | |
| run: | | |
| curl -LsSf https://astral.sh/uv/install.sh | sh | |
| echo "$HOME/.local/bin" >> $GITHUB_PATH | |
| - name: Setup build environment | |
| run: | | |
| uv venv | |
| source .venv/bin/activate | |
| uv pip install build twine | |
| - name: Build and check package | |
| run: | | |
| source .venv/bin/activate | |
| uv build | |
| twine check dist/* | |
| echo "=== Package contents ===" | |
| python -m zipfile -l dist/*.whl | head -20 | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: dist | |
| path: dist/ | |
| release-approval: | |
| name: Release Approval | |
| needs: test-and-build | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: pypi-approval | |
| steps: | |
| - name: Approval checkpoint | |
| run: | | |
| echo "✅ Build and tests successful" | |
| echo "📦 Package ready for PyPI publication" | |
| echo "" | |
| echo "⚠️ MANUAL APPROVAL REQUIRED FOR PRODUCTION" | |
| echo "" | |
| echo "Before approving:" | |
| echo "1. Verify the PR has been merged to main" | |
| echo "2. Check that version number is correct" | |
| echo "3. Review the CHANGELOG.md entries" | |
| echo "4. Ensure no duplicate version exists on PyPI" | |
| echo "" | |
| echo "🚨 Only approve if everything is correct!" | |
| publish-pypi: | |
| name: Publish to PyPI | |
| needs: release-approval | |
| runs-on: ubuntu-latest | |
| # CRITICAL: Only run from main branch | |
| if: github.ref == 'refs/heads/main' | |
| environment: | |
| name: pypi | |
| url: https://pypi.org/project/bedrock-agentcore/ | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 | |
| - name: Download artifacts | |
| uses: actions/download-artifact@v5 | |
| with: | |
| name: dist | |
| path: dist/ | |
| - name: Verify PyPI token exists | |
| env: | |
| PYPI_TOKEN_SET: ${{ secrets.PYPI_API_TOKEN != '' }} | |
| run: | | |
| if [ "$PYPI_TOKEN_SET" != "true" ]; then | |
| echo "❌ ERROR: PYPI_API_TOKEN not configured!" | |
| echo "Please add your PyPI API token to GitHub Secrets" | |
| exit 1 | |
| fi | |
| echo "✓ PyPI token is configured" | |
| - name: Get version | |
| id: version | |
| run: | | |
| VERSION=$(ls dist/*.whl | sed -n 's/.*-\([0-9.]*\)-.*/\1/p') | |
| echo "version=$VERSION" >> $GITHUB_OUTPUT | |
| - name: Check if version exists on PyPI | |
| env: | |
| VERSION: ${{ steps.version.outputs.version }} | |
| run: | | |
| # Check if version already exists on PyPI | |
| if pip index versions bedrock-agentcore | grep -q "^Available versions.*$VERSION"; then | |
| echo "❌ ERROR: Version $VERSION already exists on PyPI!" | |
| echo "You cannot re-upload the same version number." | |
| echo "Please bump the version and try again." | |
| exit 1 | |
| fi | |
| echo "✓ Version $VERSION is not on PyPI, safe to publish" | |
| - name: Publish to PyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| password: ${{ secrets.PYPI_API_TOKEN }} | |
| skip-existing: false | |
| verbose: true | |
| - name: Wait for PyPI availability | |
| env: | |
| VERSION: ${{ steps.version.outputs.version }} | |
| run: | | |
| echo "Waiting for package to be available on PyPI..." | |
| for i in {1..10}; do | |
| if pip index versions bedrock-agentcore | grep -q "$VERSION"; then | |
| echo "✓ Package version $VERSION is now available on PyPI" | |
| break | |
| fi | |
| echo "Attempt $i/10: Package not yet available, waiting 30s..." | |
| sleep 30 | |
| done | |
| - name: Create and push tag | |
| env: | |
| VERSION: ${{ steps.version.outputs.version }} | |
| run: | | |
| git config --global user.name "github-actions[bot]" | |
| git config --global user.email "github-actions[bot]@users.noreply.github.com" | |
| git tag -a "v$VERSION" -m "Release v$VERSION" | |
| git push origin "v$VERSION" | |
| - name: Create GitHub Release | |
| uses: softprops/action-gh-release@v2 | |
| env: | |
| VERSION: ${{ steps.version.outputs.version }} | |
| GITHUB_REPOSITORY: ${{ github.repository }} | |
| with: | |
| tag_name: v${{ steps.version.outputs.version }} | |
| name: Bedrock AgentCore SDK v${{ steps.version.outputs.version }} | |
| files: dist/* | |
| generate_release_notes: true | |
| body: | | |
| ## Installation | |
| ```bash | |
| pip install bedrock-agentcore==${{ steps.version.outputs.version }} | |
| ``` | |
| ## What's Changed | |
| See [CHANGELOG.md](https://github.com/${{ github.repository }}/blob/v${{ steps.version.outputs.version }}/CHANGELOG.md) for details. |