Merge branch 'signalfx:main' into ansible_fix_loop_otelwinreg

Author: alanbty

.gitlab-ci.yml

@@ -26,6 +26,7 @@ include:
     file:
       - '/prodsec/.oss-scan.yml'
       - '/prodsec/.binary-scan.yml'
+      - '/prodsec/.container-scan.yml'
   - project: 'core-ee/signing/api-integration'
     ref: develop
     file: '/templates/.sign-client.yml'
@@ -1271,6 +1272,26 @@ sign-multiarch-manifest:
   before_script:
     - mv tags_to_sign_${MANIFEST} tags_to_sign
 
+xray-scan-docker:
+  only:
+    - main
+  except:
+    - schedules
+  extends: .container-scan
+  stage: xray-scan
+  parallel:
+    matrix:
+      # - CHILD: ["amd64", "arm64", "ppc64le", "2019", "2022"]
+      - CHILD: ["amd64"]  # the .container-scan template currently only supports linux/amd64 images
+  needs:
+    - push-multiarch-manifest
+    - sign-multiarch-manifest
+  variables:
+    create_jira: "true"
+  before_script:
+    - export CONTAINER_IMAGE="$(cat tags_to_sign_multiarch)-${CHILD}"
+    - echo $CONTAINER_IMAGE
+
 github-release:
   extends:
     - .trigger-filter

CHANGELOG.md

@@ -8,9 +8,17 @@
   in v0.42.0 to support a bug causing double expansion. $$ is treated as an escape sequence representing a literal
   $ character ([#5134](https://github.com/signalfx/splunk-otel-collector/pull/5134))
 
+### 🚩Deprecations 🚩
+
+- (Splunk) Deprecate usage of bare environment variables and config sources in configuration files. 
+  - Use `${env:VAR}` or `${VAR}` instead of `$VAR`.
+  - Use `${uri:selector}` instead of `$uri:selector`, e.g. `${file:/path/to/file}` instead of `$file:/path/to/file`.
+
 ### 💡 Enhancements 💡
 
+- (Splunk) `discovery`: Enable discovery mode for SQL Server receiver ([#5109](https://github.com/signalfx/splunk-otel-collector/pull/5109))
 - (Splunk) Update bundled OpenJDK to [11.0.24_8](https://github.com/adoptium/temurin11-binaries/releases/tag/jdk-11.0.24%2B8) ([#5113](https://github.com/signalfx/splunk-otel-collector/pull/5113))
+- (Splunk) Rabbitmq receiver was added into the discovery feature([#5113](https://github.com/signalfx/splunk-otel-collector/pull/5051))
 
 ## v0.104.0
 

cmd/otelcol/config/collector/config.d.linux/receivers/rabbitmq.discovery.yaml

@@ -0,0 +1,32 @@
+#####################################################################################
+# This file is generated by the Splunk Distribution of the OpenTelemetry Collector. #
+#                                                                                   #
+# It reflects the default configuration bundled in the Collector executable for use #
+# in discovery mode (--discovery) and is provided for reference or customization.   #
+# Please note that any changes made to this file will need to be reconciled during  #
+# upgrades of the Collector.                                                        #
+#####################################################################################
+# rabbitmq:
+#   enabled: true
+#   rule:
+#     docker_observer: type == "container" and any([name, image, command], {# matches "(?i)rabbitmq.*"}) and not (command matches "splunk.discovery")
+#     host_observer: type == "hostport" and command matches "(?i)rabbitmq.*" and not (command matches "splunk.discovery")
+#     k8s_observer: type == "port" and pod.name matches "(?i)rabbitmq.*"
+#   config:
+#     default:
+#       endpoint: '`endpoint`'
+#       username: splunk.discovery.default
+#       password: splunk.discovery.default
+#       collection_interval: 10s
+#   status:
+#     metrics:
+#       - status: successful
+#         strict: rabbitmq.consumer.count
+#         message: RabbitMQ receiver is working!
+#     statements:
+#       - status: failed
+#         regexp: 'connect: network is unreachable'
+#         message: The endpoint is refusing RabbitMQ server connections.
+#       - status: failed
+#         regexp: 'connect: connection refused'
+#         message: The endpoint is refusing RabbitMQ server connections.

cmd/otelcol/config/collector/config.d.linux/receivers/sqlserver.discovery.yaml

@@ -0,0 +1,104 @@
+#####################################################################################
+# This file is generated by the Splunk Distribution of the OpenTelemetry Collector. #
+#                                                                                   #
+# It reflects the default configuration bundled in the Collector executable for use #
+# in discovery mode (--discovery) and is provided for reference or customization.   #
+# Please note that any changes made to this file will need to be reconciled during  #
+# upgrades of the Collector.                                                        #
+#####################################################################################
+# sqlserver:
+#   enabled: true
+#   rule:
+#     docker_observer: type == "container" and any([name, image, command], {# matches "(?i)mssql"}) and not (command matches "splunk.discovery")
+#     host_observer: type == "hostport" and command matches "(?i)mssql" and not (command matches "splunk.discovery")
+#     k8s_observer: type == "port" and pod.name matches "(?i)mssql"
+#   config:
+#     default:
+#       username: splunk.discovery.default
+#       password: splunk.discovery.default
+#       server: '`host`'
+#       port: '`port`'
+#       resource_attributes:
+#         sqlserver.instance.name:
+#             enabled: true
+#       metrics:
+#         # Enable all OOTB dashboard default metrics
+#         sqlserver.batch.request.rate:
+#             enabled: true
+#         sqlserver.batch.sql_compilation.rate:
+#             enabled: true
+#         sqlserver.batch.sql_recompilation.rate:
+#             enabled: true
+#         sqlserver.database.count:
+#             enabled: true
+#         sqlserver.database.io:
+#             enabled: true
+#         sqlserver.database.latency:
+#             enabled: true
+#         sqlserver.database.operations:
+#             enabled: true
+#         sqlserver.lock.wait.rate:
+#             enabled: true
+#         sqlserver.page.buffer_cache.hit_ratio:
+#             enabled: true
+#         sqlserver.processes.blocked:
+#             enabled: true
+#         sqlserver.resource_pool.disk.throttled.read.rate:
+#             enabled: true
+#         sqlserver.resource_pool.disk.throttled.write.rate:
+#             enabled: true
+#         sqlserver.user.connection.count:
+#             enabled: true
+#         # Disable upstream default metrics that OOTB dashboards don't use
+#         sqlserver.lock.wait_time.avg:
+#             enabled: false
+#         sqlserver.page.checkpoint.flush.rate:
+#             enabled: false
+#         sqlserver.page.lazy_write.rate:
+#             enabled: false
+#         sqlserver.page.life_expectancy:
+#             enabled: false
+#         sqlserver.page.operation.rate:
+#             enabled: false
+#         sqlserver.page.split.rate:
+#             enabled: false
+#         sqlserver.transaction.rate:
+#             enabled: false
+#         sqlserver.transaction.write.rate:
+#             enabled: false
+#         sqlserver.transaction_log.flush.data.rate:
+#             enabled: false
+#         sqlserver.transaction_log.flush.rate:
+#             enabled: false
+#         sqlserver.transaction_log.flush.wait.rate:
+#             enabled: false
+#         sqlserver.transaction_log.growth.count:
+#             enabled: false
+#         sqlserver.transaction_log.shrink.count:
+#             enabled: false
+#         sqlserver.transaction_log.usage:
+#             enabled: false
+# 
+#   status:
+#     metrics:
+#       - status: successful
+#         strict: sqlserver.database.io
+#         message: sqlserver receiver is working!
+#     statements:
+#       - status: failed
+#         regexp: "connection refused"
+#         message: The container is not serving http connections.
+#       - status: failed
+#         regexp: "unable to open tcp connection"
+#         message: Unable to resolve sql server tcp endpoint
+#       - status: partial
+#         regexp: "Login failed for user"
+#         message: >-
+#             Make sure your user credentials are correctly specified using the
+#             `SPLUNK_DISCOVERY_RECEIVERS_sqlserver_CONFIG_username="<username>"` and
+#             `SPLUNK_DISCOVERY_RECEIVERS_sqlserver_CONFIG_password="<password>"` environment variables.
+#       - status: partial
+#         regexp: "The user does not have permission"
+#         message: >-
+#             Specified user does not have proper permissions. User must have view `SERVER STATE` permissions.
+#             This can be accomplished by: `GRANT VIEW SERVER STATE TO [username]`

cmd/otelcol/config/collector/upstream_agent_config.yaml

@@ -132,14 +132,6 @@ exporters:
     #ingest_url: http://${SPLUNK_GATEWAY_URL}:9943
     sync_host_metadata: true
     correlation:
-  # Logs for Splunk Cloud Platform and Log Observer Connect
-  # See https://docs.splunk.com/Observability/gdi/opentelemetry/components/splunk-hec-exporter.html
-  splunk_hec:
-    token: "${SPLUNK_HEC_TOKEN}"
-    endpoint: "${SPLUNK_HEC_URL}"
-    source: "otel"
-    sourcetype: "otel"
-    profiling_data_enabled: false
   splunk_hec/profiling:
     token: "${SPLUNK_ACCESS_TOKEN}"
     endpoint: "https://ingest.${SPLUNK_REALM}.signalfx.com/v1/log"

go.mod

@@ -8,7 +8,7 @@ require (
 	github.com/cenkalti/backoff/v4 v4.3.0
 	github.com/expr-lang/expr v1.16.9
 	github.com/fsnotify/fsnotify v1.7.0
-	github.com/go-zookeeper/zk v1.0.3
+	github.com/go-zookeeper/zk v1.0.4
 	github.com/gogo/protobuf v1.3.2
 	github.com/hashicorp/vault v1.17.2
 	github.com/hashicorp/vault-plugin-auth-gcp v0.18.0
@@ -179,12 +179,12 @@ require (
 	github.com/apache/arrow/go/v15 v15.0.0 // indirect
 	github.com/apache/pulsar-client-go v0.11.0 // indirect
 	github.com/aws/aws-sdk-go-v2/config v1.27.16 // indirect
-	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.3 // indirect
+	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.9 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0 // indirect
 	github.com/aws/aws-sdk-go-v2/service/servicediscovery v1.29.10 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sso v1.20.9 // indirect
-	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.24.3 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sts v1.28.10 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sso v1.22.1 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.2 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sts v1.30.1 // indirect
 	github.com/axiomhq/hyperloglog v0.0.0-20240124082744-24bca3a5b39b // indirect
 	github.com/bits-and-blooms/bitset v1.4.0 // indirect
 	github.com/blang/semver/v4 v4.0.0 // indirect
@@ -383,19 +383,19 @@ require (
 	github.com/armon/go-metrics v0.4.1 // indirect
 	github.com/armon/go-radix v1.0.0 // indirect
 	github.com/aws/aws-sdk-go v1.53.16 // indirect
-	github.com/aws/aws-sdk-go-v2 v1.27.0 // indirect
+	github.com/aws/aws-sdk-go-v2 v1.30.1 // indirect
 	github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.2 // indirect
-	github.com/aws/aws-sdk-go-v2/credentials v1.17.16 // indirect
+	github.com/aws/aws-sdk-go-v2/credentials v1.17.24 // indirect
 	github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.16.15 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.7 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.7 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.13 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.13 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.5 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.2 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.3 // indirect
 	github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.7 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.9 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.15 // indirect
 	github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.5 // indirect
 	github.com/aws/aws-sdk-go-v2/service/s3 v1.53.1 // indirect
-	github.com/aws/smithy-go v1.20.2 // indirect
+	github.com/aws/smithy-go v1.20.3 // indirect
 	github.com/beevik/ntp v1.4.3 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/cenkalti/backoff/v3 v3.2.2 // indirect
@@ -441,7 +441,7 @@ require (
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/golang/snappy v0.0.4
-	github.com/google/cadvisor v0.49.1 // indirect
+	github.com/google/cadvisor v0.50.0 // indirect
 	github.com/google/flatbuffers v24.3.7+incompatible // indirect
 	github.com/google/go-cmp v0.6.0 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
@@ -578,7 +578,7 @@ require (
 	github.com/tklauser/numcpus v0.7.0 // indirect
 	github.com/ulule/deepcopier v0.0.0-20171107155558-ca99b135e50f // indirect
 	github.com/vjeantet/grok v1.0.1 // indirect
-	github.com/vmware/govmomi v0.38.0 // indirect
+	github.com/vmware/govmomi v0.39.0 // indirect
 	github.com/xdg-go/pbkdf2 v1.0.0 // indirect
 	github.com/xdg-go/scram v1.1.2 // indirect
 	github.com/xdg-go/stringprep v1.0.4 // indirect