diff --git a/AwsCryptographicMaterialProviders/codebuild/release-python/prod-release.yml b/AwsCryptographicMaterialProviders/codebuild/release-python/prod-release.yml index f9774dd07..3184f2cfd 100644 --- a/AwsCryptographicMaterialProviders/codebuild/release-python/prod-release.yml +++ b/AwsCryptographicMaterialProviders/codebuild/release-python/prod-release.yml @@ -28,6 +28,15 @@ phases: - git fetch --tags - git checkout $COMMIT_ID - FOUND_VERSION=$(sed -n 's/version = "\(.*\)"/\1/p' AwsCryptographicMaterialProviders/runtimes/python/pyproject.toml) + # Assert we are not releasing "aws-cryptographic-material-providers==10.0.0" to prod PyPI. + # A bad release has already been uploaded under this name/version to prod PyPI. + # This release has been deleted. + # Prod PyPI does not allow re-uploading a release under the same name/version. + - | + if expr ${FOUND_VERSION} == "10.0.0"; then + echo "Cannot release version 10.0.0" + exit 1; + fi - | if expr ${FOUND_VERSION} != ${VERSION}; then echo "pyproject.toml version (${FOUND_VERSION}) does not match expected version (${VERSION}), stopping" diff --git a/AwsCryptographicMaterialProviders/codebuild/release-python/test-release.yml b/AwsCryptographicMaterialProviders/codebuild/release-python/test-release.yml index 38517065a..d672c0f3e 100644 --- a/AwsCryptographicMaterialProviders/codebuild/release-python/test-release.yml +++ b/AwsCryptographicMaterialProviders/codebuild/release-python/test-release.yml @@ -28,6 +28,16 @@ phases: - git fetch --tags - git checkout $COMMIT_ID - FOUND_VERSION=$(sed -n 's/version = "\(.*\)"/\1/p' AwsCryptographicMaterialProviders/runtimes/python/pyproject.toml) + # Assert we are not releasing "aws-cryptographic-material-providers==10.0.0" to prod PyPI. + # A bad release has already been uploaded under this name/version to prod PyPI. + # This release has been deleted. + # Prod PyPI does not allow re-uploading a release under the same name/version. + # (We do not need this assertion for other libraries in the MPL; this only applies to "aws-cryptographic-material-providers==10.0.0".) + - | + if expr ${FOUND_VERSION} == "10.0.0"; then + echo "Cannot release version 10.0.0" + exit 1; + fi - | if expr ${FOUND_VERSION} != ${VERSION}; then echo "pyproject.toml version (${FOUND_VERSION}) does not match expected version (${VERSION}), stopping" diff --git a/AwsCryptographicMaterialProviders/codebuild/release-python/validate.yml b/AwsCryptographicMaterialProviders/codebuild/release-python/validate.yml index 9ff7aac5a..a727dbb8d 100644 --- a/AwsCryptographicMaterialProviders/codebuild/release-python/validate.yml +++ b/AwsCryptographicMaterialProviders/codebuild/release-python/validate.yml @@ -38,7 +38,7 @@ phases: # The actual test code must be from local, since we don't publish tests. - pip install aws-cryptographic-material-providers==$VERSION # Install ESDK-Python, override its requirements to force use of the just-published MPL version - - git clone -b mpl-reviewed https://github.com/aws/aws-encryption-sdk-python.git + - git clone -b master https://github.com/aws/aws-encryption-sdk-python.git - cd aws-encryption-sdk-python - sed -i "s/aws-cryptographic-material-providers.*/aws-cryptographic-material-providers==$VERSION/" requirements_mpl.txt - cd .. diff --git a/ComAmazonawsDynamodb/codebuild/release-python/prod-release.yml b/ComAmazonawsDynamodb/codebuild/release-python/prod-release.yml index def04e70d..d3691897c 100644 --- a/ComAmazonawsDynamodb/codebuild/release-python/prod-release.yml +++ b/ComAmazonawsDynamodb/codebuild/release-python/prod-release.yml @@ -52,12 +52,12 @@ phases: batch: fast-fail: true build-graph: - - identifier: release_to_staging + - identifier: release_to_prod env: image: aws/codebuild/standard:7.0 - - identifier: validate_staging_release + - identifier: validate_prod_release depend-on: - - release_to_staging + - release_to_prod buildspec: ComAmazonawsDynamodb/codebuild/release-python/validate.yml env: variables: