aws · fabisev · Jul 11, 2025 · Jul 17, 2025 · Jul 17, 2025 · Jul 17, 2025
diff --git a/.github/workflows/build-and-release.yml b/.github/workflows/build-and-release.yml
@@ -0,0 +1,183 @@
+name: Build and Release
+
+on:
+  push:
+    branches: [ main ]
+    tags: [ 'v*', 'rc-*' ]
+  pull_request:
+    branches: [ main ]
+  workflow_dispatch:
+
+permissions:
+  id-token: write
+  contents: read
+
+jobs:
+  get-version:
+    runs-on: ubuntu-latest
+    outputs:
+      version: ${{ steps.version.outputs.version }}
+    steps:
+    - uses: actions/checkout@v4
+    - name: Get version
+      id: version
+      run: |
+        BASE_VERSION=$(node -p "require('./package.json').version")
+        echo "version=$BASE_VERSION" >> $GITHUB_OUTPUT
+
+  build:
+    needs: [get-version]
+    timeout-minutes: 30
+    strategy:
+      matrix:
+        include:
+          - arch: x86_64
+            runner: codebuild-project-awsaws-lambda-nodejs-runtime-interface-client-${{ github.run_id }}-${{ github.run_attempt }}
+          - arch: aarch64
+            runner: codebuild-project-awsaws-lambda-nodejs-runtime-interface-client-${{ github.run_id }}-${{ github.run_attempt }}
+    runs-on: ${{ matrix.runner }}
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Setup Node.js
+      uses: actions/setup-node@v4
+      with:
+        node-version: '20'
+
+    - name: Install build dependencies
+      run: |
+        apt-get update
+        apt-get install -y cmake make g++ autotools-dev automake libtool
+
+    - name: Build natively for $(arch)
+      run: |
+        echo "Building for architecture: $(arch)"
+        CURRENT_ARCH=$(arch)
+
+        # Build native dependencies and JavaScript (this creates dist/node14 and dist/node16)
+        BUILD=1 npm install
+        npm run build
+
+        # Verify required files were created
+        if [ ! -f "dist/rapid-client.node" ] || [ ! -f "dist/index.mjs" ] || [ ! -f "dist/UserFunction.js" ]; then
+          echo "Error: Required files not found in dist directory"
+          exit 1
+        fi
+
+        # Copy architecture-specific package.json to dist
+        node -e "
+          const pkg = require('./package.json');
+          pkg.name = 'aws-lambda-ric-' + process.env.CURRENT_ARCH;
+          require('fs').writeFileSync('./dist/package.json', JSON.stringify(pkg, null, 2));
+        " CURRENT_ARCH=$CURRENT_ARCH
+
+        # Create tarball with only required files
+        tar -czf aws-lambda-ric-$CURRENT_ARCH-${{ needs.get-version.outputs.version }}.tgz \
+          -C dist package.json index.mjs UserFunction.js rapid-client.node
+
+    - name: Generate checksums
+      run: |
+        CURRENT_ARCH=$(arch)
+        PACKAGE_FILE="aws-lambda-ric-$CURRENT_ARCH-${{ needs.get-version.outputs.version }}.tgz"
+        sha256sum $PACKAGE_FILE > checksums-$CURRENT_ARCH.sha256
+        sha512sum $PACKAGE_FILE > checksums-$CURRENT_ARCH.sha512
+        echo "Package: $PACKAGE_FILE ($CURRENT_ARCH) with version: ${{ needs.get-version.outputs.version }}" > checksums-$CURRENT_ARCH.txt
+
+    - name: Upload artifacts
+      uses: actions/upload-artifact@v4
+      with:
+        name: package-${{ matrix.arch }}-${{ needs.get-version.outputs.version }}
+        path: |
+          aws-lambda-ric-*-${{ needs.get-version.outputs.version }}.tgz
+          checksums-*
+        retention-days: 30
+
+  test:
+    needs: [get-version, build]
+    strategy:
+      matrix:
+        node-version: [18, 20, 22]
+        include:
+          - arch: x86_64
+            runner: ubuntu-latest
+          - arch: aarch64
+            runner: ubuntu-latest
+    runs-on: ${{ matrix.runner }}
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Run unit tests - Node ${{ matrix.node-version }} (native $(arch))
+      run: |
+        docker build \
+          -f test/unit/Dockerfile.nodejs${{ matrix.node-version }}.x \
+          -t unit/nodejs.${{ matrix.node-version }}x \
+          .
+        docker run --rm unit/nodejs.${{ matrix.node-version }}x
+
+  publish:
+    if: startsWith(github.ref, 'refs/tags/')
+    runs-on: codebuild-project-awsaws-lambda-nodejs-runtime-interface-client-${{ github.run_id }}-${{ github.run_attempt }}
+    needs: [get-version, build, test]
+    permissions:
+      contents: write
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Download x86_64 artifacts
+      uses: actions/download-artifact@v4
+      with:
+        name: package-x86_64-${{ needs.get-version.outputs.version }}
+        path: ./artifacts/x86_64
+
+    - name: Download aarch64 artifacts
+      uses: actions/download-artifact@v4
+      with:
+        name: package-aarch64-${{ needs.get-version.outputs.version }}
+        path: ./artifacts/aarch64
+
+    - name: Setup Node.js
+      uses: actions/setup-node@v4
+      with:
+        node-version: '20'
+
+    - name: Setup NPM authentication
+      run: |
+        NPM_TOKEN=$(aws secretsmanager get-secret-value --secret-id aws-lambda-runtimes/github/nodejs/npm-token --query SecretString --output text)
+        echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" > .npmrc
+        chmod 0600 .npmrc
+
+    - name: Determine version and publish packages
+      id: version
+      run: |
+        if [[ "${{ github.ref }}" == refs/tags/rc-* ]]; then
+          RC_NUMBER=${GITHUB_REF#refs/tags/rc-}
+          PACKAGE_VERSION="${{ needs.get-version.outputs.version }}-rc.${RC_NUMBER}"
+          echo "package_version=$PACKAGE_VERSION" >> $GITHUB_OUTPUT
+          echo "is_rc=true" >> $GITHUB_OUTPUT
+          TAG_FLAG="--tag rc"
+        else
+          echo "package_version=${{ needs.get-version.outputs.version }}" >> $GITHUB_OUTPUT
+          TAG_FLAG=""
+        fi
+
+        # Publish architecture-specific packages
+        for arch in x86_64 aarch64; do
+          PACKAGE_FILE=$(ls ./artifacts/$arch/aws-lambda-ric-$arch-*.tgz)
+          echo "Publishing $PACKAGE_FILE for architecture $arch"
+          npm publish $PACKAGE_FILE $TAG_FLAG --access=public
+        done
+
+    - name: Combine checksums
+      run: |
+        cat ./artifacts/*/checksums-*.txt > combined-checksums.txt
+        cat ./artifacts/*/checksums-*.sha256 > combined-checksums.sha256
+        cat ./artifacts/*/checksums-*.sha512 > combined-checksums.sha512
+
+    - name: Create GitHub Release
+      if: startsWith(github.ref, 'refs/tags/')
+      uses: softprops/action-gh-release@v2
+      with:
+        files: |
+          ./artifacts/*/aws-lambda-ric-*-*.tgz
+          combined-checksums.*
+        prerelease: ${{ steps.version.outputs.is_rc }}
diff --git a/.npmignore b/.npmignore
@@ -4,6 +4,8 @@ build
 src/*
 # Rapid-client.c to be used with node-gyp
 !src/rapid-client.cc
+# Include built native binary
+!dist/rapid-client.node
 test
 
 # Logs

diff --git a/README.md b/README.md
@@ -172,6 +172,39 @@ When modifying dependencies (`package.json`), make sure to:
 
 We require package-lock.json to be checked in to ensure consistent installations across development environments.
 
+### Changelog Generation
+This project maintains a changelog in `RELEASE.CHANGELOG.md`. The changelog is automatically updated when a new tag is created.
+
+To manually generate a changelog entry for testing or preview purposes, run:
+```shell script
+npm run changelog
+```
+
+To manually update the RELEASE.CHANGELOG.md file with a new entry:
+```shell script
+npm run changelog -- --update
+```
+
+### Copyright Headers
+All source files in the bin, scripts, src, and test folders must include a copyright header containing both the words "Copyright" and "Amazon.com". The standard header format is:
+
+```
+/*
+Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+SPDX-License-Identifier: Apache-2.0
+*/
+```
+
+To check if your files have proper headers:
+```shell script
+npm run check-headers
+```
+
+To automatically add headers to files missing them:
+```shell script
+npm run add-headers
+```
+
 ### Troubleshooting
 
 While running integration tests, you might encounter the Docker Hub rate limit error with the following body: