From 58ed6aa79f9d56a2c0a541b7cf182d930a16a778 Mon Sep 17 00:00:00 2001 From: Olivier John Ndjike Nzia Date: Wed, 22 Apr 2026 13:20:34 -0400 Subject: [PATCH 1/5] add us2 --- scripts/publish_govcloud_layers.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/scripts/publish_govcloud_layers.sh b/scripts/publish_govcloud_layers.sh index 2d6f2dc64..4040dc09e 100755 --- a/scripts/publish_govcloud_layers.sh +++ b/scripts/publish_govcloud_layers.sh @@ -59,6 +59,17 @@ elif [ $ENVIRONMENT = "us1-fed" ]; then # sso_account_id=002406178527 # sso_role_name=engineering # sso_region=us-gov-west-1 +# region=us-gov-west-1 + +elif [ $ENVIRONMENT = "us2-fed" ]; then + AWS_VAULT_ROLE=sso-govcloud-fed-us2-engineering + +# this role looks like this in ~/.aws/config: +# [profile sso-govcloud-fed-us2-engineering] +# sso_start_url=https://start.us-gov-west-1.us-gov-home.awsapps.com/directory/d-98671fdc8b +# sso_account_id=486696501492 +# sso_role_name=engineering +# sso_region=us-gov-west-1 # region=us-gov-west-1 export STAGE="prod" From 39924440de9b76596b8d005647470d8a82af3712 Mon Sep 17 00:00:00 2001 From: Olivier John Ndjike Nzia Date: Wed, 22 Apr 2026 13:22:42 -0400 Subject: [PATCH 2/5] update comment --- scripts/publish_govcloud_layers.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/publish_govcloud_layers.sh b/scripts/publish_govcloud_layers.sh index 4040dc09e..10cfe2816 100755 --- a/scripts/publish_govcloud_layers.sh +++ b/scripts/publish_govcloud_layers.sh @@ -79,7 +79,7 @@ elif [ $ENVIRONMENT = "us2-fed" ]; then fi else - printf "[ERROR]: ENVIRONMENT not supported, must be us1-staging-fed or us1-fed.\n" + printf "[ERROR]: ENVIRONMENT not supported, must be us1-staging-fed, us1-fed, or us2-fed.\n" exit 1 fi From 316062879318b6c1d663f41911304c8d2b52826c Mon Sep 17 00:00:00 2001 From: Olivier John Ndjike Nzia Date: Wed, 22 Apr 2026 13:24:49 -0400 Subject: [PATCH 3/5] update usage comment --- scripts/publish_govcloud_layers.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/publish_govcloud_layers.sh b/scripts/publish_govcloud_layers.sh index 10cfe2816..a02bd5636 100755 --- a/scripts/publish_govcloud_layers.sh +++ b/scripts/publish_govcloud_layers.sh @@ -9,7 +9,7 @@ # Download button on the `layer bundle` job. This will be a zip file containing # all of the required layers. Run this script as follows: # -# ENVIRONMENT=[us1-staging-fed or us1-fed] [PIPELINE_LAYER_SUFFIX=optional-layer-suffix] [REGIONS=us-gov-west-1] ./scripts/publish_govcloud_layers.sh +# ENVIRONMENT=[us1-staging-fed|us1-fed|us2-fed] [PIPELINE_LAYER_SUFFIX=optional-layer-suffix] [REGIONS=us-gov-west-1] ./scripts/publish_govcloud_layers.sh # # protip: you can drag the zip file from finder into your terminal to insert # its path. From 7d13497a9266c9a314359e9bbba1ee59a6686542 Mon Sep 17 00:00:00 2001 From: Olivier John Ndjike Nzia Date: Fri, 24 Apr 2026 10:09:21 -0400 Subject: [PATCH 4/5] update aws role name --- scripts/publish_govcloud_layers.sh | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/scripts/publish_govcloud_layers.sh b/scripts/publish_govcloud_layers.sh index a02bd5636..fd741b976 100755 --- a/scripts/publish_govcloud_layers.sh +++ b/scripts/publish_govcloud_layers.sh @@ -61,14 +61,20 @@ elif [ $ENVIRONMENT = "us1-fed" ]; then # sso_region=us-gov-west-1 # region=us-gov-west-1 + export STAGE="prod" + if [[ ! "$PACKAGE_NAME" =~ ^datadog_lambda_js-signed-bundle-[0-9]+$ ]]; then + echo "[ERROR]: Unexpected package name: $PACKAGE_NAME" + exit 1 + fi + elif [ $ENVIRONMENT = "us2-fed" ]; then - AWS_VAULT_ROLE=sso-govcloud-fed-us2-engineering + AWS_VAULT_ROLE=sso-govcloud-fed-us2-lambda-layer-operator # this role looks like this in ~/.aws/config: -# [profile sso-govcloud-fed-us2-engineering] +# [profile sso-govcloud-fed-us2-lambda-layer-operator] # sso_start_url=https://start.us-gov-west-1.us-gov-home.awsapps.com/directory/d-98671fdc8b # sso_account_id=486696501492 -# sso_role_name=engineering +# sso_role_name=lambda-layer-operator # sso_region=us-gov-west-1 # region=us-gov-west-1 From 2ddff4130fc0b196c62bc880d8fed4b5fbec8665 Mon Sep 17 00:00:00 2001 From: Olivier John Ndjike Nzia Date: Fri, 24 Apr 2026 10:40:08 -0400 Subject: [PATCH 5/5] update usage comment --- scripts/publish_govcloud_layers.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/publish_govcloud_layers.sh b/scripts/publish_govcloud_layers.sh index fd741b976..c0e8743ed 100755 --- a/scripts/publish_govcloud_layers.sh +++ b/scripts/publish_govcloud_layers.sh @@ -9,7 +9,7 @@ # Download button on the `layer bundle` job. This will be a zip file containing # all of the required layers. Run this script as follows: # -# ENVIRONMENT=[us1-staging-fed|us1-fed|us2-fed] [PIPELINE_LAYER_SUFFIX=optional-layer-suffix] [REGIONS=us-gov-west-1] ./scripts/publish_govcloud_layers.sh +# CI_COMMIT_TAG= ENVIRONMENT=[us1-staging-fed|us1-fed|us2-fed] [PIPELINE_LAYER_SUFFIX=optional-layer-suffix] [REGIONS=us-gov-west-1] ./scripts/publish_govcloud_layers.sh # # protip: you can drag the zip file from finder into your terminal to insert # its path.