Update release workflow for 1.6

Newton Der · Newton Der · commit 3aa69ac495a5 · 2025-09-02T13:45:28.000-07:00
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -1,180 +1,121 @@
-name: Automated Release
+# Workflow name
+name: Release
 
-# Controls when the workflow will run
+# This workflow is triggered manually from the GitHub Actions tab.
 on:
-  # Triggers the workflow on updates to the "main" branch which include a version tag
-  push:
-    tags:        
-      - '**'           # Push events to every tag including hierarchical tags like v1.0/beta
-
-  # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
+    inputs:
+      version:
+        description: 'The release version (e.g., v1.8.0). This will be used to create the Git tag.'
+        required: true
+        type: string
+      # This input specifies the branch to tag and release from.
+      source_branch:
+        description: 'The branch to create the release from (e.g., main or 1.8). This branch MUST have the final code.'
+        required: true
+        type: string
+        default: 'main'
 
-
-# Defines permissions granted to the GITHUB_TOKEN for this workflow run.
-# 'contents: write' is needed for actions like softprops/action-gh-release to create GitHub releases
-# and for peter-evans/create-pull-request if it were to commit to the same repo
-
-permissions:
-  contents: write
-
-  
-# A workflow run is made up of one or more jobs that can run sequentially or in parallel
 jobs:
-  # This job checks if the pushed tag is a valid version tag (starts with 'v')
-  check-tag:
+  # The job for creating a release
+  create-release:
+    name: Create Release
     runs-on: ubuntu-latest
+    timeout-minutes: 30
+    permissions:
+      # This permission is required for creating a release and uploading assets.
+      contents: write
+
     steps:
-      # This step performs the tag check
-      - name: Check tag is version tag
-        id: check # Assign an ID to this step to reference its outputs
+      # Step 1: Check out the code from the SPECIFIED BRANCH in the AWS repository.
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          # This ensures we are on the correct branch to get the latest code.
+          ref: ${{ github.event.inputs.source_branch }}
+          # CRITICAL: We check out the code from the AWS repository directly.
+          repository: aws/sagemaker-code-editor
+
+      # Step 2: Explicitly get the commit SHA of the checked-out branch HEAD.
+      - name: Get commit SHA
+        id: get_sha
+        run: echo "sha=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT
+
+      # Step 3: Delete existing tag in the AWS repo if you want to re-run the release.
+      - name: Delete existing tag (if any)
+        uses: actions/github-script@v7
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            const tag = '${{ github.event.inputs.version }}';
+            try {
+              await github.rest.git.deleteRef({
+                owner: 'aws',
+                repo: 'sagemaker-code-editor',
+                ref: `tags/${tag}`
+              });
+              console.log(`Deleted existing tag: ${tag}`);
+            } catch (e) {
+              if (e.status !== 404 && e.status !== 422) {
+                // Re-throw the error if it's not a "Not Found" or "Unprocessable" error
+                throw e;
+              }
+              console.log(`Tag ${tag} does not exist or already deleted.`);
+            }
+              
+
+      # Step 4: Download the build artifact from the UPSTREAM repository after a PUSH event.
+      - name: Download artifact from build workflow
+        uses: dawidd6/action-download-artifact@v6
+        with:
+          # CRITICAL: Explicitly specify the repository where the build artifact was created.
+          repo: aws/sagemaker-code-editor
+          # BEST PRACTICE: Look for artifacts created by a 'push' event (e.g., after a PR is merged).
+          event: push
+          workflow: build.yml
+          branch: ${{ github.event.inputs.source_branch }}
+          name: npm-package
+          path: ./release-assets
+          workflow_conclusion: success
+
+      # Step 5: Prepare the release assets by renaming the artifact.
+      - name: Prepare release assets
+        id: prepare_assets
         run: |
-          # Check if the GitHub reference (github.ref) starts with 'refs/tags/v'
-          if [[ "${{ github.ref }}" == refs/tags/v* ]]; then
-            REF="${{ github.ref }}"
-            VERSION="${REF##refs/tags/v}"
-            echo "Tag starts with 'v'."
-            echo "Version: ${VERSION}"
-            echo "Continuing..."
-            # Set the version as an output variable for other jobs/steps
-            echo "version=${VERSION}" >> $GITHUB_OUTPUT
-            exit 0
-          else
-            echo "The tag doesn't start with 'v'. To release a new version, the tag must start with 'v'"
+          # Find the downloaded tarball (there should only be one).
+          ARTIFACT_FILE=$(find ./release-assets -name "*.tar.gz")
+          
+          if [ -z "$ARTIFACT_FILE" ]; then
+            echo "::error::Build artifact not found! Ensure a 'build.yml' workflow ran successfully on the '${{ github.event.inputs.source_branch }}' branch in 'aws/sagemaker-code-editor' after the code was pushed/merged."
             exit 1
           fi
-    outputs:
-      version: ${{ steps.check.outputs.version }}
-      
-  # This job builds the release tarball and publishes it to GitHub Releases 
-  release:
-    # Specifies the environment for this job (if you have environments configured)
-    environment: release
-    # This job runs on the latest Ubuntu environment
-    runs-on: ubuntu-latest
-    needs: [check-tag]
-    container:
-      image: node:20
-    steps:
-      # Checks out the repository code at the specific tag that triggered the workflow
-      - name: Checkout the main branch
-        uses: actions/checkout@v4
-      - name: Install Dependencies
-        run: |
-          apt-get update
-          apt-get install -y build-essential g++ libx11-dev libxkbfile-dev libsecret-1-dev libkrb5-dev python-is-python3 quilt
-      # Builds the tarball
-      - name: Build Tarball
-        id: build
-        run: |
-          # Configure git safe directory for operations within the workspace
-          git config --global --add safe.directory /__w/sagemaker-code-editor/sagemaker-code-editor
           
-          # Run the install script to build the tarball, passing the version
-          sh ./scripts/install.sh -t ${{ needs.check-tag.outputs.version }}
+          # Get the version from the manual input, and remove the leading 'v' if it exists.
+          VERSION_TAG="${{ github.event.inputs.version }}"
+          VERSION_NUM="${VERSION_TAG#v}"
           
-          # Define the tarball name based on the version
-          TARBALL_NAME="code-editor${{ needs.check-tag.outputs.version }}.tar.gz"
-          # Set the tarball name as an output variable
-          echo "tarball_name=${TARBALL_NAME}" >> $GITHUB_OUTPUT
+          # Create the new, clean filename for the release.
+          NEW_FILENAME="code-editor${VERSION_NUM}.tar.gz"
           
-          # Calculate the SHA256 hash of the tarball
-          SHA256_HASH=$(sha256sum ${TARBALL_NAME} | awk '{ print $1 }')
-          # Set the SHA256 hash as an output variable
-          echo "sha256_hash=${SHA256_HASH}" >> $GITHUB_OUTPUT
-      # Publishes the release to GitHub Releases
-      - name: Publish Release
-        id: publish # Assign an ID to this step to reference its outputs
-        uses: softprops/action-gh-release@v2.2.2 # Caution: Due to recent update of action-gh-release, it now requires node24. So here we still used the previous version v2.2.2
-        with:
-          # Name of the release (e.g., "Code Editor x.y.z")
-          name: Code Editor ${{ needs.check-tag.outputs.version }}
-          # Tag name for the release (e.g., "vx.y.z")
-          tag_name: v${{ needs.check-tag.outputs.version }}
-          # Files to upload as release assets
-          files: |
-            ${{ steps.build.outputs.tarball_name }}
-    # Define outputs for this job
-    outputs:
-      sha256_hash: ${{ steps.build.outputs.sha256_hash }}
-      assets: ${{ steps.publish.outputs.assets }}
-
-  # This job updates the feedstock repository
-  update-feedstock-files:
-    runs-on: ubuntu-latest
-    # This job depends on the successful completion of 'check-tag' and 'release' jobs
-    needs: [check-tag, release]
-    steps:
-      # Clones the feedstock repository (your fork)
-      - name: Clone the feedstock repository
-        uses: actions/checkout@v4
-        with:
-          repository: 'harvenstar/sagemaker-code-editor-feedstock'
-          ref: 'dev'
-          token: ${{ secrets.PERSONAL_TOKEN }}
-
-      - name: Create and checkout dynamic update branch
-        id: create_branch # Assign an ID to this step to reference its outputs
-        run: |
-          # Generate a unique branch name using the version (e.g., "auto-update-v1.2.0")
-          # This prevents conflicts with pre-existing branches from previous runs.
-          NEW_BRANCH_NAME="auto-update-v${{ needs.check-tag.outputs.version }}"
-
-          git checkout -b ${NEW_BRANCH_NAME}
-          echo "Created and switched to new branch: ${NEW_BRANCH_NAME}"
+          # Rename the file.
+          mv "$ARTIFACT_FILE" "./release-assets/$NEW_FILENAME"
           
-          # Output the new branch name for use in later steps (e.g., creating the PR)
-          echo "branch_name=${NEW_BRANCH_NAME}" >> $GITHUB_OUTPUT
-
-      # Updates the meta.yaml file in the cloned feedstock repository
-            # Updates the meta.yaml file in the cloned feedstock repository
-      - name: Update meta.yaml
-        run: |
-          # Get the version from the 'check-tag' job's output
-          VERSION=${{ needs.check-tag.outputs.version }}
-
-          sed -i "s/{% set version = \".*\" %}/{% set version = \"$VERSION\" %}/" recipe/meta.yaml
-
-          URL="${{ fromJSON(needs.release.outputs.assets)[0].browser_download_url }}"
-          sed -i "s|url: .*\.tar\.gz|url: $URL|" recipe/meta.yaml
-
-          SHA256=${{ needs.release.outputs.sha256_hash }}
-          sed -i "s|sha256: [0-9a-f]*|sha256: $SHA256|" recipe/meta.yaml
-
-      # Displays the differences in meta.yaml after modifications for verification
-      - name: Show changes in meta.yaml
-        run: git diff recipe/meta.yaml
-      
-      # Commits the changes to meta.yaml and pushes them to the dynamic branch in your feedstock fork
-      - name: Commit and push changes
-        # This step commits the modified 'recipe/meta.yaml' file and pushes it to the remote feedstock repository.
-        # - Git user name and email are configured for the commit.
-        # - 'git add' stages the changes.
-        # - 'git commit' creates a commit with a message including the new version.
-        #   ' || echo "No changes to commit." ' prevents the workflow from failing if there are no changes (e.g., if re-running on same version with no actual file change).
-        # - The current local branch (which is the dynamic branch, e.g., 'auto-update-vX.Y.Z') is pushed to the 'origin' remote.
-        #   This creates the branch on the remote if it doesn't exist.
-        run: |
-          git config user.name "github-actions[bot]"
-          git config user.email "github-actions[bot]@users.noreply.github.com"
-          git add recipe/meta.yaml
-
-          # Check if there are changes to commit to avoid error if meta.yaml is already up-to-date
-          if git diff --staged --quiet; then
-            echo "No changes to commit."
-          else
-            git commit -m "Update recipe to v${{ needs.check-tag.outputs.version }}"
-          fi
-
-          # Get the current branch name (should be the dynamic one created earlier)
-          CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD)
-          echo "Pushing changes to origin/${CURRENT_BRANCH}"
-          # Push the dynamic branch to your feedstock fork (origin)
-          # The '-u' flag sets the upstream branch for future pushes/pulls from this local branch.
-          git push -u origin ${CURRENT_BRANCH}
-
-      
-          # labels: automated-update, bot
-          # assignees: harvenstar
-          # reviewers: harvenstar
+          echo "Renamed artifact to $NEW_FILENAME"
+          # Set the new filename as an output for the next step.
+          echo "filename=./release-assets/$NEW_FILENAME" >> $GITHUB_OUTPUT
 
+      # Step 6: Create the GitHub Release in the AWS repo using the CORRECT commit SHA.
+      - name: Create GitHub Release
+        uses: softprops/action-gh-release@v2
+        with:
+          # We need a token with permissions to create releases in the AWS repo.
+          token: ${{ secrets.GITHUB_TOKEN }}
+          # CRITICAL: Explicitly specify the repository to create the release in.
+          repository: aws/sagemaker-code-editor
+          name: CodeEditor ${{ github.event.inputs.version }}
+          tag_name: ${{ github.event.inputs.version }}
+          files: ${{ steps.prepare_assets.outputs.filename }}
+          draft: false
+          generate_release_notes: false
+          # CRITICAL: Force the tag to be created on the commit we explicitly got in Step 2.
+          target_commitish: ${{ steps.get_sha.outputs.sha }}
