fix(layers): release process + remove duplicate code (#1052)

* fix: release process

* chore: remove duplicate code

* Update .github/workflows/reusable-publish-docs.yml

Author: dreamorosi

.github/PULL_REQUEST_TEMPLATE.md

@@ -21,8 +21,8 @@
 
 ### Related issues, RFCs
 
-<!--- Add here the number to the Github Issue or RFC that is related to this PR. -->
-<!-- **Issue number:** #123 -->
+<!--- Add here the number (i.e. #42) to the Github Issue or RFC that is related to this PR. -->
+<!--- If no issue is present the PR might get blocked and not be reviewed. -->
 **Issue number:** 
 
 ### PR status

.github/workflows/auto-merge.yml

@@ -0,0 +1,57 @@
+name: Make Release
+on:
+  workflow_dispatch: {}
+concurrency:
+  group: on-release-publish
+jobs:
+  run-unit-tests:
+    uses: ./.github/workflows/reusable-run-unit-tests.yml
+  publish-npm:
+    needs: run-unit-tests
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          # Here `token` is needed to avoid incurring in error GH006 Protected  Branch Update Failed,
+          token: ${{ secrets.GH_PUBLISH_TOKEN }}
+          # While `fetch-depth` is used to allow the workflow to later commit & push the changes.
+          fetch-depth: 0
+      - name: Setup NodeJS
+        uses: actions/setup-node@v3
+        with:
+          node-version: "16"
+          cache: "npm"
+      - name: Setup npm
+        run: |
+          npm i -g npm@next-8
+          npm set "//registry.npmjs.org/:_authToken=${{ secrets.NPM_TOKEN }}"
+      - name: Cache node modules
+        id: cache-node-modules
+        uses: actions/cache@v3
+        with:
+          path: "./node_modules"
+          # Use the combo between node version, name, and SHA-256 hash of the lock file as cache key so that
+          # if one of them changes the cache is invalidated/discarded
+          key: 16-cache-utils-node-modules-${{ hashFiles('./package-lock.json') }}
+      - name: Build packages
+        run: |
+          npm run build -w packages/commons
+          npm run build -w packages/logger & npm run build -w packages/tracer & npm run build -w packages/metrics
+      - name: "Version and publish"
+        env:
+          GH_TOKEN: ${{ secrets.GH_PUBLISH_TOKEN }}
+        run: |
+          git config --global user.name 'github-actions[bot]'
+          git config --global user.email 'github-actions[bot]@users.noreply.github.com'
+          git remote set-url origin https://x-access-token:${GH_TOKEN}@github.com/$GITHUB_REPOSITORY
+          npx lerna version --conventional-commits --force-publish --yes
+          npx lerna publish from-git --no-verify-access --yes
+  publish:
+    needs: publish-npm
+    uses: ./.github/workflows/reusable-publish-docs.yml
+    with:
+      workflow_origin: ${{ github.event.repository.full_name }}
+      isRelease: "true"
+    secrets:
+      token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/make-release.yml

@@ -5,6 +5,8 @@ on:
     workflows: ["Record PR details"]
     types:
       - completed
+concurrency:
+  group: on-merge-to-main
 
 jobs:
   get_pr_details:
@@ -15,10 +17,30 @@ jobs:
       workflow_origin: ${{ github.event.repository.full_name }}
     secrets:
       token: ${{ secrets.GITHUB_TOKEN }}
+  run-unit-tests:
+    uses: ./.github/workflows/reusable-run-unit-tests.yml
+  publish:
+    needs:
+      [get_pr_details, run-unit-tests, check-examples, check-layer-publisher]
+    uses: ./.github/workflows/reusable-publish-docs.yml
+    with:
+      workflow_origin: ${{ github.event.repository.full_name }}
+      prIsMerged: ${{ needs.get_pr_details.outputs.prIsMerged }}
+    secrets:
+      token: ${{ secrets.GITHUB_TOKEN }}
+  update-release-draft:
+    needs: publish
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - name: Update release draft
+        uses: release-drafter/release-drafter@v5.20.0
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   release_label_on_merge:
-    needs: get_pr_details
+    needs: [get_pr_details, update-release-draft]
     runs-on: ubuntu-latest
-    if: needs.get_pr_details.outputs.prIsMerged == 'true'
     steps:
       - uses: actions/checkout@v3
       - name: "Label PR related issue for release"
@@ -33,98 +55,3 @@ jobs:
           script: |
             const script = require('.github/scripts/label_related_issue.js')
             await script({github, context, core})
-  publish:
-    #########################
-    # Force Github action to run only a single job at a time (based on the group name)
-    # This is to prevent "race-condition" in publishing a new version of doc to `gh-pages` (#365)
-    #########################
-    concurrency:
-      group: on-merge-to-main
-    runs-on: ubuntu-latest
-    steps:
-    - name: "Checkout"
-      uses: actions/checkout@v3
-      with:
-        fetch-depth: 0
-    #########################    
-    # Release new version
-    #########################
-    - name: "Use NodeJS 16"
-      uses: actions/setup-node@v3
-      with:
-        node-version: '16'
-    - name: Install npm@8.x
-      run: npm i -g npm@next-8
-    - name: "Setup npm"
-      run: |
-        npm set "//registry.npmjs.org/:_authToken=${{ secrets.NPM_TOKEN }}"
-    - name: Install monorepo packages
-      # This installs all the dependencies of ./packages/*
-      # See https://github.com/npm/cli/issues/4475 to see why --foreground-scripts
-      run: npm ci --foreground-scripts
-    - name: Install CDK example packages
-      # Since we are not managing the CDK examples with npm workspaces we install
-      # the dependencies in a separate step
-      working-directory: ./examples/cdk
-      run: npm ci
-    - name: Install Layer publisher app
-      working-directory: ./layer-publisher
-      run: npm ci
-    - name: "Setup SAM"
-      # We use an ad-hoc action so we can specify the SAM CLI version
-      uses: aws-actions/setup-sam@v2
-      with:
-        version: 1.49.0
-    - name: Install SAM example packages
-      # Since we are not managing the SAM examples with npm workspaces we install
-      # the dependencies in a separate step
-      working-directory: ./examples/sam
-      run: npm ci
-    - name: Run lint
-      run: npm run lerna-lint
-    - name: Run tests
-      run: npm run lerna-test
-    - name: Update release draft
-      uses: release-drafter/release-drafter@v5.20.0
-      env:
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-    #########################    
-    # Generate documentation
-    #########################
-    - name: Set up Python
-      uses: actions/setup-python@v4
-      with:
-        python-version: '3.8'
-    - name: Install doc generation dependencies
-      run: |
-        pip install --upgrade pip 
-        pip install -r docs/requirements.txt
-    - name: Setup doc deploy
-      run: |
-        git config --global user.name Docs deploy
-        git config --global user.email docs@dummy.bot.com
-    - name: Build mkdocs site in "gh-pages" branch and push
-      run: |
-        rm -rf site
-        VERSION="dev"
-        echo "Publishing doc for version: $VERSION"
-        mkdocs build
-        mike deploy --push "$VERSION"
-    - name: Build API docs
-      run: |
-        rm -rf api
-        npm run docs-generateApiDoc
-    - name: Release API docs to the released version
-      uses: peaceiris/actions-gh-pages@v3
-      with:
-        github_token: ${{ secrets.GITHUB_TOKEN }}
-        publish_dir: ./api
-        keep_files: true
-        destination_dir: dev/api
-    - name: Release API docs to the "latest" version
-      uses: peaceiris/actions-gh-pages@v3
-      with:
-        github_token: ${{ secrets.GITHUB_TOKEN }}
-        publish_dir: ./api
-        keep_files: true
-        destination_dir: latest/api 

.github/workflows/on-merge-to-main.yml

@@ -4,103 +4,5 @@ on:
   pull_request:
     types: [opened, synchronize]
 jobs:
-  run-unit-tests-on-utils:
-    runs-on: ubuntu-latest
-    env:
-      NODE_ENV: dev
-    strategy:
-      matrix:
-        version: [12, 14, 16]
-      fail-fast: false
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v3
-      - name: Setup NodeJS
-        uses: actions/setup-node@v3
-        with:
-          node-version: ${{ matrix.version }}
-          cache: "npm"
-      - name: Setup npm
-        run: npm i -g npm@next-8
-      - name: Cache node modules
-        id: cache-node-modules
-        uses: actions/cache@v3
-        with:
-          path: "./node_modules"
-          # Use the combo between node version, name, and SHA-256 hash of the lock file as cache key so that
-          # if one of them changes the cache is invalidated/discarded
-          key: ${{ matrix.version }}-cache-utils-node-modules-${{ hashFiles('./package-lock.json') }}
-      - name: Install dependencies
-        # We can skip the install if there was a cache hit
-        if: steps.cache-node-modules.outputs.cache-hit != 'true'
-        # See https://github.com/npm/cli/issues/4475 to see why --foreground-scripts
-        run: npm ci --foreground-scripts
-      - name: Build packages
-        # If there's a cache hit we still need to manually build the packages
-        # this would otherwise have been done automatically as a part of the
-        # postinstall npm hook
-        if: steps.cache-node-modules.outputs.cache-hit == 'true'
-        run: |
-          npm run build -w packages/commons
-          npm run build -w packages/logger & npm run build -w packages/tracer & npm run build -w packages/metrics
-      - name: Lint
-        run: npm run lint -w packages/commons -w packages/logger -w packages/tracer -w packages/metrics
-      - name: Run unit tests
-        run: npm t -w packages/commons -w packages/logger -w packages/tracer -w packages/metrics
-  check-examples:
-    runs-on: ubuntu-latest
-    env:
-      NODE_ENV: dev
-    strategy:
-      matrix:
-        example: ["sam", "cdk"]
-      fail-fast: false
-    defaults:
-      run:
-        working-directory: examples/${{ matrix.example }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v3
-      - name: Setup NodeJS
-        uses: actions/setup-node@v3
-        with:
-          node-version: 16
-          cache: "npm"
-      - name: Cache node modules
-        id: cache-node-modules
-        uses: actions/cache@v3
-        with:
-          path: "./examples/${{ matrix.example }}/node_modules"
-          # Use the combo between example, name, and SHA-256 hash of all example lock files as cache key.
-          # It's not possible to use the ${{ matrix.example }} key in the hashFiles fn so
-          # if any of the lock files (wich should be fairly similar anyway) changes the cache is
-          # invalidated/discarded for all.
-          key: ${{ matrix.example }}-cache-examples-node-modules-${{ hashFiles('./examples/*/package-lock.json') }}
-      - name: Install dependencies
-        run: npm ci
-      - name: Run tests
-        run: npm t
-  check-layer-publisher:
-    runs-on: ubuntu-latest
-    env:
-      NODE_ENV: dev
-    defaults:  
-      run:
-        working-directory: layer-publisher
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v3
-      - name: Setup NodeJS
-        uses: actions/setup-node@v3
-        with:
-          node-version: 16
-          cache: "npm"
-      - name: Cache node modules
-        id: cache-node-modules
-        uses: actions/cache@v3
-        with:
-          path: "./layer-publisher/node_modules"
-          # Use the combo between example, name, and SHA-256 hash of the layer-publisher lock files as cache key.
-          key: cache-layer-publisher-node-modules-${{ hashFiles('./layer-publisher/*/package-lock.json') }}
-      - name: Install Layer publisher app
-        run: npm ci
+  run-unit-tests:
+    uses: ./.github/workflows/reusable-run-unit-tests.yml

.github/workflows/on-release-prod.yml

@@ -0,0 +1,104 @@
+name: Publish docs
+
+on:
+  workflow_call:
+    inputs:
+      workflow_origin: # see https://github.com/awslabs/aws-lambda-powertools-python/issues/1349
+        required: true
+        type: string
+      prIsMerged:
+        required: false
+        default: "false"
+        type: string
+      isRelease:
+        required: false
+        default: "false"
+        type: string
+    secrets:
+      token:
+        required: true
+concurrency:
+  group: on-release-publish
+
+jobs:
+  publish-docs:
+    # see https://github.com/awslabs/aws-lambda-powertools-python/issues/1349
+    if: inputs.workflow_origin == 'awslabs/aws-lambda-powertools-typescript'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          # Here `token` is needed to avoid incurring in error GH006 Protected  Branch Update Failed,
+          token: ${{ secrets.token }}
+          # While `fetch-depth` is used to allow the workflow to later commit & push the changes.
+          fetch-depth: 0
+      - name: Setup NodeJS
+        uses: actions/setup-node@v3
+        with:
+          node-version: "16"
+          cache: "npm"
+      # Use the combo between node version, name, and SHA-256 hash of the lock file as cache key so that
+      # if one of them changes the cache is invalidated/discarded
+      - name: Cache node modules
+        id: cache-node-modules
+        uses: actions/cache@v3
+        with:
+          path: "./node_modules"
+          key: 16-cache-utils-node-modules-${{ hashFiles('./package-lock.json') }}
+      # Here we assume that there will always be a cache hit because this workflow can be triggered
+      # only after tests have already happened on this same code
+      - name: Build packages
+        run: |
+          npm run build -w packages/commons
+          npm run build -w packages/logger & npm run build -w packages/tracer & npm run build -w packages/metrics
+      - name: Set up Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: "3.8"
+      # We run this step only when the workflow has been triggered by a release
+      # in this case we publish the docs to `/latest`
+      - name: Set RELEASE_VERSION env var to `latest`
+        if: ${{ inputs.isRelease == 'true' }}
+        run: |
+          RELEASE_VERSION=$(cat packages/commons/package.json | jq '.version' -r)
+          echo "RELEASE_VERSION=${RELEASE_VERSION}" >> $GITHUB_ENV
+      # We run this step only when the workflow has been triggered by a PR merge
+      # in this case we publish the docs to `/dev`
+      - name: Set RELEASE_VERSION env var to `dev`
+        if: ${{ inputs.prIsMerged == 'true' }}
+        run: |
+          echo "RELEASE_VERSION=dev" >> $GITHUB_ENV
+      - name: Install doc generation dependencies
+        run: |
+          pip install --upgrade pip 
+          pip install -r docs/requirements.txt
+      - name: Setup doc deploy
+        run: |
+          git config --global user.name Docs deploy
+          git config --global user.email docs@dummy.bot.com
+      - name: Publish docs to latest
+        if: ${{ env.RELEASE_VERSION != 'dev' }}
+        run: |
+          rm -rf site
+          mkdocs build
+          mike deploy --push --update-aliases --no-redirect "${{ env.RELEASE_VERSION }}" "latest"
+          # Set latest version as a default
+          mike set-default --push latest
+      - name: Publish docs to dev
+        if: ${{ env.RELEASE_VERSION == 'dev' }}
+        run: |
+          rm -rf site
+          mkdocs build
+          mike deploy --push dev
+      - name: Build API docs
+        run: |
+          rm -rf api
+          npm run docs-generateApiDoc
+      - name: Release API docs
+        uses: peaceiris/actions-gh-pages@v3
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          publish_dir: ./api
+          keep_files: true
+          destination_dir: ${{ env.RELEASE_VERSION }}/api

.github/workflows/pr_lint_and_test.yml

@@ -0,0 +1,110 @@
+name: Run unit tests
+
+on:
+  workflow_call:
+
+jobs:
+  run-unit-tests-on-utils:
+    runs-on: ubuntu-latest
+    env:
+      NODE_ENV: dev
+    strategy:
+      matrix:
+        version: [12, 14, 16]
+      fail-fast: false
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - name: Setup NodeJS
+        uses: actions/setup-node@v3
+        with:
+          node-version: ${{ matrix.version }}
+          cache: "npm"
+      - name: Setup npm
+        run: npm i -g npm@next-8
+      - name: Cache node modules
+        id: cache-node-modules
+        uses: actions/cache@v3
+        with:
+          path: "./node_modules"
+          # Use the combo between node version, name, and SHA-256 hash of the lock file as cache key so that
+          # if one of them changes the cache is invalidated/discarded
+          key: ${{ matrix.version }}-cache-utils-node-modules-${{ hashFiles('./package-lock.json') }}
+      - name: Install dependencies
+        # We can skip the install if there was a cache hit
+        if: steps.cache-node-modules.outputs.cache-hit != 'true'
+        # See https://github.com/npm/cli/issues/4475 to see why --foreground-scripts
+        run: npm ci --foreground-scripts
+      - name: Build packages
+        # If there's a cache hit we still need to manually build the packages
+        # this would otherwise have been done automatically as a part of the
+        # postinstall npm hook
+        if: steps.cache-node-modules.outputs.cache-hit == 'true'
+        run: |
+          npm run build -w packages/commons
+          npm run build -w packages/logger & npm run build -w packages/tracer & npm run build -w packages/metrics
+      - name: Lint
+        run: npm run lint -w packages/commons -w packages/logger -w packages/tracer -w packages/metrics
+      - name: Run unit tests
+        run: npm t -w packages/commons -w packages/logger -w packages/tracer -w packages/metrics
+  check-examples:
+    runs-on: ubuntu-latest
+    env:
+      NODE_ENV: dev
+    strategy:
+      matrix:
+        example: ["sam", "cdk"]
+      fail-fast: false
+    defaults:
+      run:
+        working-directory: examples/${{ matrix.example }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - name: Setup NodeJS
+        uses: actions/setup-node@v3
+        with:
+          node-version: 16
+          cache: "npm"
+      - name: Cache node modules
+        id: cache-node-modules
+        uses: actions/cache@v3
+        with:
+          path: "./examples/${{ matrix.example }}/node_modules"
+          # Use the combo between example, name, and SHA-256 hash of all example lock files as cache key.
+          # It's not possible to use the ${{ matrix.example }} key in the hashFiles fn so
+          # if any of the lock files (wich should be fairly similar anyway) changes the cache is
+          # invalidated/discarded for all.
+          key: ${{ matrix.example }}-cache-examples-node-modules-${{ hashFiles('./examples/*/package-lock.json') }}
+      - name: Install dependencies
+        # We can skip the install if there was a cache hit
+        if: steps.cache-node-modules.outputs.cache-hit != 'true'
+        run: npm ci
+      - name: Run tests
+        run: npm t
+  check-layer-publisher:
+    runs-on: ubuntu-latest
+    env:
+      NODE_ENV: dev
+    defaults:
+      run:
+        working-directory: layer-publisher
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - name: Setup NodeJS
+        uses: actions/setup-node@v3
+        with:
+          node-version: 16
+          cache: "npm"
+      - name: Cache node modules
+        id: cache-node-modules
+        uses: actions/cache@v3
+        with:
+          path: "./layer-publisher/node_modules"
+          # Use the combo between example, name, and SHA-256 hash of the layer-publisher lock files as cache key.
+          key: cache-layer-publisher-node-modules-${{ hashFiles('./layer-publisher/*/package-lock.json') }}
+      - name: Install Layer publisher
+        # We can skip the install if there was a cache hit
+        if: steps.cache-node-modules.outputs.cache-hit != 'true'
+        run: npm ci