From 6901b324512dbb3ab996edcde7c7b8c618ef8354 Mon Sep 17 00:00:00 2001 From: Leandro Damascena Date: Fri, 14 Feb 2025 11:25:44 +0000 Subject: [PATCH] Removing python3.8 when bootstraping a new region --- .github/workflows/bootstrap_region.yml | 2 - .github/workflows/layer_rename.yml | 163 ------------------------- .github/workflows/update_ssm.yml | 2 +- 3 files changed, 1 insertion(+), 166 deletions(-) delete mode 100644 .github/workflows/layer_rename.yml diff --git a/.github/workflows/bootstrap_region.yml b/.github/workflows/bootstrap_region.yml index 360df641cb9..7978f8aaa01 100644 --- a/.github/workflows/bootstrap_region.yml +++ b/.github/workflows/bootstrap_region.yml @@ -75,13 +75,11 @@ jobs: strategy: matrix: layer: - - AWSLambdaPowertoolsPythonV3-python38-arm64 - AWSLambdaPowertoolsPythonV3-python39-arm64 - AWSLambdaPowertoolsPythonV3-python310-arm64 - AWSLambdaPowertoolsPythonV3-python311-arm64 - AWSLambdaPowertoolsPythonV3-python312-arm64 - AWSLambdaPowertoolsPythonV3-python313-arm64 - - AWSLambdaPowertoolsPythonV3-python38-x86_64 - AWSLambdaPowertoolsPythonV3-python39-x86_64 - AWSLambdaPowertoolsPythonV3-python310-x86_64 - AWSLambdaPowertoolsPythonV3-python311-x86_64 diff --git a/.github/workflows/layer_rename.yml b/.github/workflows/layer_rename.yml deleted file mode 100644 index 4360a7d0668..00000000000 --- a/.github/workflows/layer_rename.yml +++ /dev/null @@ -1,163 +0,0 @@ -# Rename Layer -# --- -# This workflow copies a specific layer version in an AWS account, renaming it in the process -# -# Using a matrix, we pull each architecture and python version of the layer and store them as artifacts -# we upload them to each of the AWS accounts. -# -# A number of safety checks are performed to ensure safety. - -on: - workflow_dispatch: - inputs: - environment: - description: Deployment environment - type: choice - options: - - beta - - prod - default: beta - required: true - version: - description: Layer version to duplicate - type: string - required: true - workflow_call: - inputs: - environment: - description: Deployment environment - type: string - required: true - version: - description: Layer version to duplicate - type: string - required: true - -name: Layer Rename -run-name: Layer Rename - ${{ inputs.environment }} - -permissions: - contents: read - -jobs: - download: - runs-on: ubuntu-latest - permissions: - id-token: write - contents: read - strategy: - matrix: - layer: - - AWSLambdaPowertoolsPythonV3-python38 - - AWSLambdaPowertoolsPythonV3-python39 - - AWSLambdaPowertoolsPythonV3-python310 - - AWSLambdaPowertoolsPythonV3-python311 - - AWSLambdaPowertoolsPythonV3-python312 - environment: layer-prod - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # v4.1.0 - with: - role-to-assume: ${{ secrets.AWS_LAYERS_ROLE_ARN }} - aws-region: us-east-1 - mask-aws-account-id: true - - name: Grab Zip - run: | - aws --region us-east-1 lambda get-layer-version-by-arn --arn arn:aws:lambda:us-east-1:017000801446:layer:${{ matrix.layer }}-x86:${{ inputs.version }} --query 'Content.Location' | xargs curl -L -o ${{ matrix.layer }}_x86_64.zip - aws --region us-east-1 lambda get-layer-version-by-arn --arn arn:aws:lambda:us-east-1:017000801446:layer:${{ matrix.layer }}-x86:${{ inputs.version }} > ${{ matrix.layer }}_x86_64.json - - name: Store Zip - uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 - with: - name: ${{ matrix.layer }}_x86_64.zip - path: ${{ matrix.layer }}_x86_64.zip - retention-days: 1 - if-no-files-found: error - - name: Store Metadata - uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 - with: - name: ${{ matrix.layer }}_x86_64.json - path: ${{ matrix.layer }}_x86_64.json - retention-days: 1 - if-no-files-found: error - - copy: - name: Copy - needs: download - runs-on: ubuntu-latest - permissions: - id-token: write - contents: read - strategy: - matrix: - layer: - - AWSLambdaPowertoolsPythonV3-python38 - - AWSLambdaPowertoolsPythonV3-python39 - - AWSLambdaPowertoolsPythonV3-python310 - - AWSLambdaPowertoolsPythonV3-python311 - - AWSLambdaPowertoolsPythonV3-python312 - region: - - "af-south-1" - - "ap-east-1" - - "ap-northeast-1" - - "ap-northeast-2" - - "ap-northeast-3" - - "ap-south-1" - - "ap-south-2" - - "ap-southeast-1" - - "ap-southeast-2" - - "ap-southeast-3" - - "ap-southeast-4" - - "ca-central-1" - - "ca-west-1" - - "eu-central-1" - - "eu-central-2" - - "eu-north-1" - - "eu-south-1" - - "eu-south-2" - - "eu-west-1" - - "eu-west-2" - - "eu-west-3" - - "il-central-1" - - "me-central-1" - - "me-south-1" - - "sa-east-1" - - "us-east-1" - - "us-east-2" - - "us-west-1" - - "us-west-2" - environment: layer-${{ inputs.environment }} - steps: - - name: Download Zip - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 - with: - name: ${{ matrix.layer }}_x86_64.zip - - name: Download Metadata - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 - with: - name: ${{ matrix.layer }}_x86_64.json - - name: Verify Layer Signature - run: | - SHA=$(jq -r '.Content.CodeSha256' ${{ matrix.layer }}_x86_64.json) - test $(openssl dgst -sha256 -binary ${{ matrix.layer }}_x86_64.zip | openssl enc -base64) == $SHA && echo "SHA OK: ${SHA}" || exit 1 - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # v4.1.0 - with: - role-to-assume: ${{ secrets.AWS_LAYERS_ROLE_ARN }} - aws-region: ${{ matrix.region }} - mask-aws-account-id: true - - name: Create Layer - run: | - aws --region ${{ matrix.region }} lambda publish-layer-version \ - --layer-name ${{ matrix.layer }}-x86_64 \ - --zip-file fileb://./${{ matrix.layer }}_x86_64.zip \ - --compatible-runtimes $(jq -r ".CompatibleRuntimes[0]" ${{ matrix.layer }}_x86_64.json) \ - --compatible-architectures $(jq -r ".CompatibleArchitectures[0]" ${{ matrix.layer }}_x86_64.json) \ - --license-info "MIT-0" \ - --description "$(jq -r '.Description' ${{ matrix.layer }}_x86_64.json)" \ - --query 'Version' | \ - xargs aws --region ${{ matrix.region }} lambda add-layer-version-permission \ - --layer-name ${{ matrix.layer }}-x86_64 \ - --statement-id 'PublicLayer' \ - --action lambda:GetLayerVersion \ - --principal '*' \ - --version-number diff --git a/.github/workflows/update_ssm.yml b/.github/workflows/update_ssm.yml index 4207ebed1f8..9f711bb41bc 100644 --- a/.github/workflows/update_ssm.yml +++ b/.github/workflows/update_ssm.yml @@ -13,7 +13,7 @@ run-name: SSM Parameters - Python # A successful parameter would look similar to: # /aws/service/powertools/python/arm64/python3.13/3.1.0 # And will have a value of: -# arn:aws:lambda:eu-west-1:017000801446:layer:AWSLambdaPowertoolsPythonV3-python38-arm64:4 +# arn:aws:lambda:eu-west-1:017000801446:layer:AWSLambdaPowertoolsPythonV3-python313-arm64:4 on: workflow_dispatch: