From 319d75b2698d421d701cf4460e03e90e2b4a2bfb Mon Sep 17 00:00:00 2001 From: Nicolas Schweitzer Date: Thu, 19 Dec 2024 09:59:12 +0100 Subject: [PATCH] fix(ci): Backport .github information from main --- .github/CODEOWNERS | 621 +++++++++++-------- .github/PULL_REQUEST_TEMPLATE.md | 41 +- .github/labeler.yml | 24 +- .github/workflows/add_milestone.yml | 12 +- .github/workflows/backport-pr.yml | 15 +- .github/workflows/buildimages-update.yml | 97 ++- .github/workflows/codeql-analysis.yml | 34 +- .github/workflows/cws-btfhub-sync.yml | 132 +++- .github/workflows/do-not-merge.yml | 2 + .github/workflows/docs-dev.yml | 17 +- .github/workflows/external-contributor.yml | 27 +- .github/workflows/go-update-commenter.yml | 25 +- .github/workflows/go_mod_tidy.yml | 24 +- .github/workflows/gohai.yml | 12 +- .github/workflows/label-analysis.yml | 104 +++- .github/workflows/labeler.yml | 5 +- .github/workflows/markdown-lint-check.yml | 8 +- .github/workflows/serverless-benchmarks.yml | 48 +- .github/workflows/serverless-binary-size.yml | 124 ++-- .github/workflows/serverless-integration.yml | 24 +- 20 files changed, 921 insertions(+), 475 deletions(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 0260a80177430..ec5ac92f6a2e5 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -13,130 +13,176 @@ # a slack channel in tasks/libs/pipeline_notifications.py # Config files for various CI systems / tasks -/.* @DataDog/agent-ci-experience -/.go-version @DataDog/agent-shared-components @DataDog/agent-build-and-releases - -/CHANGELOG.rst @DataDog/agent-build-and-releases -/CHANGELOG-DCA.rst @DataDog/container-integrations -/CHANGELOG-INSTALLSCRIPT.rst @DataDog/agent-build-and-releases - -/*.md @DataDog/agent-ci-experience @DataDog/documentation -/NOTICE @DataDog/agent-build-and-releases @DataDog/documentation +/.* @DataDog/agent-devx-infra +# changing the config of mockery will regenerate the mocks, so owners will have to review anyway +/.mockery.yaml # do not notify anyone +/.go-version @DataDog/agent-shared-components @DataDog/agent-delivery +# Go linters and pre-commit config +/.golangci.yml @DataDog/agent-devx-loops +/.custom-gcl.yml @DataDog/agent-devx-loops +/.pre-commit-config.yaml @DataDog/agent-devx-loops +/.vscode/ @DataDog/agent-devx-loops + +/CHANGELOG.rst @DataDog/agent-delivery +/CHANGELOG-DCA.rst @DataDog/container-integrations @DataDog/container-platform +/CHANGELOG-INSTALLSCRIPT.rst @DataDog/agent-delivery @DataDog/container-ecosystems + +/*.md @DataDog/agent-devx-infra @DataDog/documentation +/NOTICE @DataDog/agent-delivery @DataDog/documentation /LICENSE* # do not notify anyone # Todo: is this file still needed? -/Makefile.trace @DataDog/agent-build-and-releases +/Makefile.trace @DataDog/agent-delivery -/release.json @DataDog/agent-build-and-releases @DataDog/agent-metrics-logs @DataDog/windows-kernel-integrations @DataDog/agent-release-management @DataDog/agent-security -/requirements.txt @DataDog/agent-ci-experience -/pyproject.toml @DataDog/agent-ci-experience -/setup.cfg @DataDog/agent-ci-experience -/repository.datadog.yml @DataDog/agent-ci-experience -/generate_tools.go @DataDog/agent-ci-experience -/service.datadog.yaml @DataDog/agent-build-and-releases +/mkdocs.yml @DataDog/agent-devx-infra +/release.json @DataDog/agent-delivery @DataDog/agent-metrics-logs @DataDog/windows-kernel-integrations @DataDog/agent-security +/requirements.txt @DataDog/agent-devx-infra +/pyproject.toml @DataDog/agent-devx-infra @DataDog/agent-devx-loops +/repository.datadog.yml @DataDog/agent-devx-infra +/generate_tools.go @DataDog/agent-devx-infra +/service.datadog.yaml @DataDog/agent-delivery +/static-analysis.datadog.yml @DataDog/software-integrity-and-trust @DataDog/agent-devx-infra /modules.yml @DataDog/agent-shared-components - -/.circleci/ @DataDog/agent-ci-experience - -/.github/CODEOWNERS # do not notify anyone -/.github/*_TEMPLATE.md @DataDog/agent-all -/.github/dependabot.yaml @DataDog/agent-ci-experience -/.github/workflows/serverless-benchmarks.yml @DataDog/serverless -/.github/workflows/serverless-binary-size.yml @DataDog/serverless -/.github/workflows/serverless-integration.yml @DataDog/serverless -/.github/workflows/serverless-vuln-scan.yml @DataDog/serverless -/.github/workflows/windows-*.yml @DataDog/windows-agent -/.github/workflows/cws-btfhub-sync.yml @DataDog/agent-security -/.github/workflows/gohai.yml @DataDog/agent-shared-components -/.github/workflows/go-update-commenter.yml @DataDog/agent-shared-components -/.github/workflows/buildimages-update.yml @DataDog/agent-build-and-releases @DataDog/agent-shared-components - -/.run @DataDog/agent-developer-tools -/.run/docker/ @DataDog/container-integrations +# if go.work changes then either .go-version or modules.yml changed too, so ASC might as well own it +/go.work @DataDog/agent-shared-components + +/.circleci/ @DataDog/agent-devx-infra + +/.github/CODEOWNERS # do not notify anyone +/.github/*_TEMPLATE.md @DataDog/agent-devx-loops +/.github/dependabot.yaml @DataDog/agent-devx-infra +/.github/workflows/serverless-benchmarks.yml @DataDog/serverless @Datadog/serverless-aws +/.github/workflows/serverless-binary-size.yml @DataDog/serverless @Datadog/serverless-aws +/.github/workflows/serverless-integration.yml @DataDog/serverless @Datadog/serverless-aws +/.github/workflows/cws-btfhub-sync.yml @DataDog/agent-security +/.github/workflows/gohai.yml @DataDog/agent-shared-components +/.github/workflows/go-update-commenter.yml @DataDog/agent-shared-components +/.github/workflows/update_dependencies.yml @DataDog/agent-shared-components +/.github/workflows/buildimages-update.yml @DataDog/agent-delivery @DataDog/agent-shared-components +/.github/workflows/collector-generate-and-update.yml @DataDog/opentelemetry + +/.run @DataDog/agent-devx-loops +/.run/docker/ @DataDog/container-integrations @DataDog/container-platform # Gitlab files -# Files containing job contents are owned by teams in charge of the jobs + agent-ci-experience or agent-build-and-releases -# Files that only describe structure (eg. includes, rules) are owned by agent-ci-experience - -/.gitlab/ @DataDog/agent-ci-experience - -/.gitlab/binary_build/cluster_agent_cloudfoundry.yml @DataDog/platform-integrations @DataDog/agent-build-and-releases -/.gitlab/binary_build/cluster_agent.yml @DataDog/container-integrations @DataDog/agent-build-and-releases -/.gitlab/binary_build/fakeintake.yml @DataDog/agent-developer-tools -/.gitlab/binary_build/serverless.yml @DataDog/serverless @DataDog/agent-build-and-releases -/.gitlab/binary_build/system_probe.yml @DataDog/ebpf-platform @DataDog/agent-build-and-releases -/.gitlab/binary_build/windows.yml @DataDog/agent-build-and-releases @DataDog/windows-agent - -/.gitlab/benchmarks/ @DataDog/agent-ci-experience @DataDog/apm-core-reliability-and-performance @DataDog/agent-apm - -/.gitlab/deploy_containers/ @DataDog/container-integrations @DataDog/agent-build-and-releases -/.gitlab/deploy_dca/ @DataDog/container-integrations @DataDog/agent-build-and-releases - -/.gitlab/deploy_packages/ @DataDog/agent-build-and-releases -/.gitlab/deploy_packages/windows.yml @DataDog/agent-build-and-releases @DataDog/windows-agent -/.gitlab/deploy_packages/winget.yml @DataDog/agent-build-and-releases @DataDog/windows-agent -/.gitlab/deploy_packages/cluster_agent_cloudfoundry.yml @DataDog/platform-integrations @DataDog/agent-ci-experience - -/.gitlab/deps_build/ @DataDog/ebpf-platform @DataDog/agent-build-and-releases @DataDog/windows-agent -/.gitlab/windows_python_build.yml @DataDog/windows-agent - -/.gitlab/kitchen_* @DataDog/agent-build-and-releases -/.gitlab/kitchen_testing/windows.yml @DataDog/agent-build-and-releases @DataDog/windows-agent -/.gitlab/kitchen_testing/new-e2e_testing/windows.yml @DataDog/agent-build-and-releases @DataDog/windows-agent - -/.gitlab/common/ @DataDog/container-integrations @DataDog/agent-ci-experience - -/.gitlab/e2e/e2e.yml @DataDog/container-integrations @DataDog/agent-developer-tools -/.gitlab/container_build/fakeintake.yml @DataDog/agent-e2e-testing @DataDog/agent-developer-tools -/.gitlab/binary_build/fakeintake.yml @DataDog/agent-e2e-testing @DataDog/agent-developer-tools - -/.gitlab/functional_test/security_agent.yml @DataDog/agent-security @DataDog/agent-ci-experience -/.gitlab/functional_test/serverless.yml @DataDog/serverless @DataDog/agent-ci-experience -/.gitlab/functional_test_cleanup.yml @DataDog/agent-security @DataDog/ebpf-platform @DataDog/agent-ci-experience -/.gitlab/functional_test/system_probe_windows.yml @DataDog/agent-ci-experience @DataDog/windows-kernel-integrations -/.gitlab/functional_test/common.yml @DataDog/agent-ci-experience @DataDog/windows-kernel-integrations @DataDog/ebpf-platform -/.gitlab/functional_test_sysprobe/system_probe.yml @DataDog/ebpf-platform @DataDog/agent-ci-experience -/.gitlab/choco_build/choco_build.yml @DataDog/agent-build-and-releases @DataDog/windows-agent -/.gitlab/choco_deploy/choco_deploy.yml @DataDog/agent-build-and-releases @DataDog/windows-agent - -/.gitlab/integration_test/windows.yml @DataDog/agent-ci-experience @DataDog/windows-agent +# Files containing job contents are owned by teams in charge of the jobs + agent-devx-infra or agent-delivery +# Files that only describe structure (eg. includes, rules) are owned by agent-devx-infra + +/.gitlab/.ci-linters.yml @DataDog/agent-devx-infra +/.gitlab/.pre/* @DataDog/agent-devx-infra +/.gitlab/check_deploy/* @DataDog/agent-delivery +/.gitlab/check_merge/* @DataDog/agent-devx-infra +/.gitlab/deploy*/* @DataDog/agent-delivery +/.gitlab/deps_fetch/* @DataDog/agent-devx-infra +/.gitlab/e2e/* @DataDog/agent-devx-infra @DataDog/agent-devx-loops +/.gitlab/e2e_testing_deploy/* @DataDog/agent-devx-loops @DataDog/agent-devx-infra +/.gitlab/e2e_install_packages/* @DataDog/agent-delivery @DataDog/container-ecosystems +/.gitlab/e2e_pre_test/* @DataDog/agent-devx-infra @DataDog/agent-devx-loops +/.gitlab/kernel_matrix_testing/* @DataDog/agent-devx-infra @DataDog/ebpf-platform +/.gitlab/lint/* @DataDog/agent-devx-infra +/.gitlab/maintenance_jobs/* @DataDog/agent-devx-infra @DataDog/agent-devx-loops +/.gitlab/notify/* @DataDog/agent-devx-infra +/.gitlab/pkg_metrics/* @DataDog/agent-devx-infra +/.gitlab/post_rc_build/* @DataDog/agent-devx-infra +/.gitlab/setup/* @DataDog/agent-devx-infra +/.gitlab/trigger_release/* @DataDog/agent-devx-infra + +/.gitlab/binary_build/cws_instrumentation.yml @DataDog/agent-devx-infra @DataDog/agent-security +/.gitlab/binary_build/include.yml @DataDog/agent-devx-infra +/.gitlab/binary_build/linux.yml @DataDog/agent-devx-infra @DataDog/agent-delivery +/.gitlab/functional_test/include.yml @DataDog/agent-devx-infra +/.gitlab/install_script_testing/install_script_testing.yml @DataDog/agent-delivery @DataDog/container-ecosystems +/.gitlab/integration_test/dogstatsd.yml @DataDog/agent-devx-infra @DataDog/agent-metrics-logs +/.gitlab/integration_test/include.yml @DataDog/agent-devx-infra +/.gitlab/integration_test/linux.yml @DataDog/agent-devx-infra +/.gitlab/integration_test/otel.yml @DataDog/agent-devx-infra @DataDog/opentelemetry +/.gitlab/internal_image_deploy/internal_image_deploy.yml @DataDog/agent-delivery +/.gitlab/internal_kubernetes_deploy/include.yml @DataDog/agent-devx-infra +/.gitlab/internal_kubernetes_deploy/internal_kubernetes_deploy.yml @DataDog/agent-delivery +/.gitlab/internal_kubernetes_deploy/rc_kubernetes_deploy.yml @DataDog/agent-delivery +/.gitlab/package_deps_build/package_deps_build.yml @DataDog/agent-devx-infra @DataDog/ebpf-platform +/.gitlab/powershell_script_signing/powershell_script_signing.yml @DataDog/agent-delivery @DataDog/windows-agent +/.gitlab/source_test/golang_deps_diff.yml @DataDog/agent-devx-infra @DataDog/agent-devx-loops +/.gitlab/source_test/* @DataDog/agent-devx-infra +/.gitlab/source_test/linux.yml @DataDog/agent-devx-infra @DataDog/agent-devx-loops +/.gitlab/source_test/macos.yml @DataDog/agent-devx-infra @DataDog/agent-devx-loops +/.gitlab/source_test/notify.yml @DataDog/agent-devx-infra @DataDog/agent-devx-loops +/.gitlab/source_test/slack.yml @DataDog/agent-devx-infra @DataDog/agent-devx-loops +/.gitlab/source_test/tooling_unit_tests.yml @DataDog/agent-devx-infra @DataDog/agent-devx-loops + +/.gitlab/binary_build/cluster_agent_cloudfoundry.yml @DataDog/platform-integrations @DataDog/agent-delivery +/.gitlab/binary_build/cluster_agent.yml @DataDog/container-integrations @DataDog/agent-delivery +/.gitlab/binary_build/fakeintake.yml @DataDog/agent-devx-loops +/.gitlab/binary_build/otel_agent.yml @DataDog/opentelemetry @DataDog/agent-delivery +/.gitlab/binary_build/serverless.yml @DataDog/serverless @Datadog/serverless-aws @DataDog/agent-delivery +/.gitlab/binary_build/system_probe.yml @DataDog/ebpf-platform @DataDog/agent-delivery +/.gitlab/binary_build/windows.yml @DataDog/agent-delivery @DataDog/windows-agent + +/.gitlab/benchmarks/ @DataDog/agent-devx-infra @DataDog/apm-ecosystems-performance @DataDog/agent-apm + +/.gitlab/deploy_containers/ @DataDog/container-integrations @DataDog/agent-delivery +/.gitlab/deploy_dca/ @DataDog/container-integrations @DataDog/agent-delivery + +/.gitlab/deploy_packages/ @DataDog/agent-delivery +/.gitlab/deploy_packages/windows.yml @DataDog/agent-delivery @DataDog/windows-agent +/.gitlab/deploy_packages/winget.yml @DataDog/agent-delivery @DataDog/windows-agent +/.gitlab/deploy_packages/cluster_agent_cloudfoundry.yml @DataDog/platform-integrations @DataDog/agent-devx-infra +/.gitlab/deploy_packages/e2e.yml @DataDog/agent-devx-loops @DataDog/agent-e2e-testing @DataDog/fleet + +/.gitlab/deps_build/ @DataDog/ebpf-platform @DataDog/agent-delivery @DataDog/windows-agent + +/.gitlab/e2e_install_packages/windows.yml @DataDog/agent-delivery @DataDog/container-ecosystems @DataDog/windows-agent + +/.gitlab/common/ @DataDog/agent-devx-infra +/.gitlab/common/test_infra_version.yml @DataDog/agent-devx-loops @DataDog/agent-devx-infra + +/.gitlab/e2e/e2e.yml @DataDog/container-integrations @DataDog/agent-devx-loops +/.gitlab/container_build/fakeintake.yml @DataDog/agent-e2e-testing @DataDog/agent-devx-loops +/.gitlab/binary_build/fakeintake.yml @DataDog/agent-e2e-testing @DataDog/agent-devx-loops + +/.gitlab/functional_test/serverless.yml @DataDog/serverless @Datadog/serverless-aws @DataDog/agent-devx-infra +/.gitlab/functional_test/oracle.yml @DataDog/agent-devx-infra @DataDog/database-monitoring + +/.gitlab/powershell_script_deploy @DataDog/agent-delivery @DataDog/windows-agent + +/.gitlab/choco_build/choco_build.yml @DataDog/agent-delivery @DataDog/windows-agent +/.gitlab/choco_deploy/choco_deploy.yml @DataDog/agent-delivery @DataDog/windows-agent + +/.gitlab/integration_test/windows.yml @DataDog/agent-devx-infra @DataDog/windows-agent /.gitlab/kernel_matrix_testing @DataDog/ebpf-platform /.gitlab/kernel_matrix_testing/security_agent.yml @DataDog/agent-security -/.gitlab/common/container_publish_job_templates.yml @DataDog/container-integrations @DataDog/agent-build-and-releases -/.gitlab/container_build/ @DataDog/container-integrations @DataDog/agent-build-and-releases -/.gitlab/container_build/include.yml @DataDog/container-integrations @DataDog/agent-build-and-releases -/.gitlab/container_build/docker_windows_agent6.yml @DataDog/agent-build-and-releases @DataDog/windows-agent -/.gitlab/container_build/docker_windows_agent7.yml @DataDog/agent-build-and-releases @DataDog/windows-agent +/.gitlab/common/container_publish_job_templates.yml @DataDog/container-integrations @DataDog/agent-delivery +/.gitlab/container_build/ @DataDog/container-integrations @DataDog/agent-delivery +/.gitlab/container_build/include.yml @DataDog/container-integrations @DataDog/agent-delivery +/.gitlab/container_build/docker_windows* @DataDog/agent-delivery @DataDog/windows-agent -/.gitlab/dev_container_deploy/ @DataDog/container-integrations @DataDog/agent-build-and-releases -/.gitlab/dev_container_deploy/fakeintake.yml @DataDog/agent-developer-tools -/.gitlab/dev_container_deploy/docker_windows.yml @DataDog/agent-build-and-releases @DataDog/windows-agent +/.gitlab/dev_container_deploy/ @DataDog/container-integrations @DataDog/agent-delivery +/.gitlab/dev_container_deploy/fakeintake.yml @DataDog/agent-devx-loops +/.gitlab/dev_container_deploy/e2e.yml @DataDog/agent-devx-loops @DataDog/agent-e2e-testing +/.gitlab/dev_container_deploy/docker_windows.yml @DataDog/agent-delivery @DataDog/windows-agent -/.gitlab/container_scan/container_scan.yml @DataDog/container-integrations @DataDog/agent-build-and-releases +/.gitlab/container_scan/container_scan.yml @DataDog/container-integrations @DataDog/agent-delivery -/.gitlab/internal_image_deploy.yml @DataDog/container-integrations @DataDog/agent-build-and-releases -/.gitlab/maintenance_jobs/docker.yml @DataDog/container-integrations @DataDog/agent-build-and-releases +/.gitlab/maintenance_jobs/docker.yml @DataDog/container-integrations @DataDog/agent-delivery -/.gitlab/source_test/ebpf.yml @DataDog/ebpf-platform @DataDog/agent-ci-experience -/.gitlab/source_test/windows.yml @DataDog/agent-ci-experience @DataDog/windows-agent +/.gitlab/source_test/ebpf.yml @DataDog/ebpf-platform @DataDog/agent-devx-infra +/.gitlab/source_test/windows.yml @DataDog/agent-devx-infra @DataDog/windows-agent +/.gitlab/source_test/go_generate_check.yml @DataDog/agent-security -/.gitlab/package_build/ @DataDog/agent-build-and-releases -/.gitlab/package_build/windows.yml @DataDog/agent-build-and-releases @DataDog/windows-agent -/.gitlab/packaging/ @DataDog/agent-build-and-releases +/.gitlab/package_build/ @DataDog/agent-delivery +/.gitlab/package_build/windows.yml @DataDog/agent-delivery @DataDog/windows-agent +/.gitlab/packaging/ @DataDog/agent-delivery /.gitlab/benchmarks/benchmarks.yml @DataDog/agent-apm /.gitlab/functional_test/regression_detector.yml @DataDog/single-machine-performance -/.gitlab/functional_test/workload_checks.yml @DataDog/single-machine-performance -/.gitlab/software_composition_analysis/ @DataDog/software-integrity-and-trust -/.gitlab/source_test_stats/windows.yml @DataDog/agent-platform @DataDog/windows-agent /chocolatey/ @DataDog/windows-agent @@ -144,37 +190,37 @@ /cmd/trace-agent/ @DataDog/agent-apm /cmd/agent/subcommands/controlsvc @DataDog/windows-agent /cmd/agent/subcommands/dogstatsd* @DataDog/agent-metrics-logs -/cmd/agent/subcommands/integrations @DataDog/software-integrity-and-trust @DataDog/agent-integrations @DataDog/agent-shared-components +/cmd/agent/subcommands/integrations @DataDog/agent-integrations @DataDog/agent-shared-components /cmd/agent/subcommands/remoteconfig @Datadog/remote-config -/cmd/agent/subcommands/snmp @DataDog/network-device-monitoring +/cmd/agent/subcommands/snmp @DataDog/ndm-core /cmd/agent/subcommands/streamlogs @DataDog/agent-metrics-logs +/cmd/agent/subcommands/analyzelogs @DataDog/agent-metrics-logs /cmd/agent/subcommands/streamep @DataDog/container-integrations -/cmd/agent/subcommands/taggerlist @DataDog/container-integrations -/cmd/agent/subcommands/workloadlist @DataDog/container-integrations -/cmd/agent/subcommands/run/internal/clcrunnerapi/ @DataDog/container-integrations @DataDog/agent-shared-components +/cmd/agent/subcommands/taggerlist @DataDog/container-platform +/cmd/agent/subcommands/workloadlist @DataDog/container-platform +/cmd/agent/subcommands/run/internal/clcrunnerapi/ @DataDog/container-platform /cmd/agent/windows @DataDog/windows-agent /cmd/agent/windows_resources @DataDog/windows-agent /cmd/agent/dist/conf.d/container.d/ @DataDog/container-integrations /cmd/agent/dist/conf.d/containerd.d/ @DataDog/container-integrations /cmd/agent/dist/conf.d/container_image.d/ @DataDog/container-integrations /cmd/agent/dist/conf.d/container_lifecycle.d/ @DataDog/container-integrations -/cmd/agent/dist/conf.d/jetson.d/ @DataDog/agent-ci-experience +/cmd/agent/dist/conf.d/jetson.d/ @DataDog/agent-devx-infra /cmd/agent/dist/conf.d/oracle.d/ @DataDog/database-monitoring /cmd/agent/dist/conf.d/oracle-dbm.d/ @DataDog/database-monitoring +/cmd/agent/dist/conf.d/network_path.d/ @DataDog/Networks @DataDog/network-device-monitoring /cmd/agent/dist/conf.d/sbom.d/ @DataDog/container-integrations -/cmd/agent/dist/conf.d/snmp.d/ @DataDog/network-device-monitoring -/cmd/agent/install*.sh @DataDog/agent-build-and-releases -/cmd/agent/gui/views/private/js/apm.js @DataDog/agent-apm -/cmd/agentless-scanner/ @DataDog/agent-cspm -/cmd/cluster-agent/ @DataDog/container-integrations -/cmd/cluster-agent/commands/ @DataDog/container-integrations @DataDog/platform-integrations +/cmd/agent/dist/conf.d/snmp.d/ @DataDog/ndm-core +/cmd/agent/dist/conf.d/win32_event_log.d/ @DataDog/windows-agent +/cmd/agent/install*.sh @DataDog/container-ecosystems @DataDog/agent-delivery +/cmd/cluster-agent/ @DataDog/container-platform /cmd/cluster-agent-cloudfoundry/ @DataDog/platform-integrations /cmd/cluster-agent/api/v1/cloudfoundry_metadata.go @DataDog/platform-integrations /cmd/cws-instrumentation/ @DataDog/agent-security /cmd/dogstatsd/ @DataDog/agent-metrics-logs /cmd/otel-agent/ @DataDog/opentelemetry -/cmd/process-agent/ @DataDog/processes -/cmd/serverless/ @DataDog/serverless +/cmd/process-agent/ @DataDog/container-intake +/cmd/serverless/ @DataDog/serverless @Datadog/serverless-aws /cmd/serverless-init/ @DataDog/serverless /cmd/system-probe/ @DataDog/ebpf-platform /cmd/system-probe/config/adjust_npm.go @DataDog/ebpf-platform @DataDog/Networks @@ -182,37 +228,40 @@ /cmd/system-probe/config/adjust_security.go @DataDog/ebpf-platform @DataDog/agent-security /cmd/system-probe/modules/network_tracer* @DataDog/Networks /cmd/system-probe/modules/oom_kill_probe* @DataDog/container-integrations -/cmd/system-probe/modules/process* @DataDog/processes +/cmd/system-probe/modules/process* @DataDog/container-intake /cmd/system-probe/modules/eventmonitor* @DataDog/agent-security /cmd/system-probe/modules/tcp_queue_tracer* @DataDog/container-integrations /cmd/system-probe/modules/traceroute* @DataDog/network-device-monitoring @Datadog/Networks -/cmd/system-probe/modules/ping* @DataDog/network-device-monitoring -/cmd/system-probe/windows/ @DataDog/windows-kernel-integrations +/cmd/system-probe/modules/ping* @DataDog/ndm-core +/cmd/system-probe/modules/language_detection* @DataDog/container-intake @DataDog/universal-service-monitoring +/cmd/system-probe/modules/dynamic_instrumentation* @DataDog/debugger /cmd/system-probe/windows_resources/ @DataDog/windows-kernel-integrations /cmd/system-probe/main_windows*.go @DataDog/windows-kernel-integrations +/cmd/system-probe/api/client/client_windows.go @DataDog/windows-kernel-integrations +/cmd/system-probe/api/server/listener_windows.go @DataDog/windows-kernel-integrations /cmd/systray/ @DataDog/windows-agent /cmd/security-agent/ @DataDog/agent-security -/cmd/updater/ @DataDog/fleet +/cmd/installer/ @DataDog/fleet @DataDog/windows-agent +/cmd/installer-downloader/ @DataDog/fleet -/dev/ @DataDog/agent-developer-tools -/devenv/ @DataDog/agent-developer-tools +/dev/ @DataDog/agent-devx-loops +/devenv/ @DataDog/agent-devx-loops /Dockerfiles/ @DataDog/container-integrations /Dockerfiles/agent/entrypoint.d.windows/ @DataDog/container-integrations @DataDog/windows-agent /Dockerfiles/agent/entrypoint.ps1 @DataDog/container-integrations @DataDog/windows-agent /Dockerfiles/agent/windows/ @DataDog/container-integrations @DataDog/windows-agent +/Dockerfiles/agent-ot @DataDog/opentelemetry +/Dockerfiles/agent/bouncycastle-fips @DataDog/agent-metrics-logs -/docs/ @DataDog/documentation @DataDog/agent-developer-tools -/docs/agent/ @DataDog/documentation @DataDog/agent-shared-components -/docs/dogstatsd/ @DataDog/documentation @DataDog/agent-metrics-logs -/docs/trace-agent/ @DataDog/documentation @DataDog/agent-apm -/docs/cluster-agent/ @DataDog/documentation @DataDog/container-integrations +/docs/ @DataDog/documentation @DataDog/agent-devx-loops /docs/dev/checks/ @DataDog/documentation @DataDog/agent-metrics-logs /docs/cloud-workload-security/ @DataDog/documentation @DataDog/agent-security -/docs/public/architecture/components/ @DataDog/agent-shared-components -/docs/public/guidelines/components/ @DataDog/agent-shared-components -/docs/public/how-to/components/ @DataDog/agent-shared-components +/docs/public/components/ @DataDog/documentation @DataDog/agent-shared-components +/docs/public/hostname/ @DataDog/documentation @DataDog/agent-shared-components +/docs/public/architecture/dogstatsd/ @DataDog/documentation @DataDog/agent-metrics-logs +/docs/public/guidelines/deprecated-components-documentation/ @DataDog/documentation @DataDog/agent-shared-components /google-marketplace/ @DataDog/container-ecosystems @@ -222,53 +271,69 @@ /go.mod # do not notify anyone /go.sum # do not notify anyone + /Makefile.trace @DataDog/agent-apm -/omnibus/ @DataDog/agent-build-and-releases +/omnibus/ @DataDog/agent-delivery +/omnibus/python-scripts/ @DataDog/platform-integrations /omnibus/config/patches/openscap/ @DataDog/agent-cspm /omnibus/config/software/datadog-agent-integrations-*.rb @DataDog/agent-integrations -/omnibus/config/software/datadog-security-agent*.rb @Datadog/agent-security @DataDog/agent-build-and-releases +/omnibus/config/software/datadog-security-agent*.rb @Datadog/agent-security @DataDog/agent-delivery /omnibus/config/software/openscap.rb @DataDog/agent-cspm -/omnibus/config/software/snmp-traps.rb @DataDog/network-device-monitoring +/omnibus/config/software/sds.rb @DataDog/agent-processing-and-routing +/omnibus/config/software/snmp-traps.rb @DataDog/ndm-core /omnibus/resources/*/msi/ @DataDog/windows-agent # The following is managed by `inv lint-components` -- DO NOT EDIT # BEGIN COMPONENTS /comp @DataDog/agent-shared-components -/comp/aggregator @DataDog/agent-shared-components +/comp/agent @DataDog/agent-shared-components +/comp/aggregator @DataDog/agent-metrics-logs /comp/api @DataDog/agent-shared-components -/comp/checks @DataDog/agent-shared-components +/comp/checks @DataDog/agent-metrics-logs /comp/collector @DataDog/agent-metrics-logs /comp/core @DataDog/agent-shared-components /comp/dogstatsd @DataDog/agent-metrics-logs -/comp/forwarder @DataDog/agent-shared-components -/comp/languagedetection @DataDog/container-integrations +/comp/forwarder @DataDog/agent-processing-and-routing /comp/logs @DataDog/agent-metrics-logs /comp/metadata @DataDog/agent-shared-components -/comp/ndmtmp @DataDog/network-device-monitoring -/comp/netflow @DataDog/network-device-monitoring +/comp/ndmtmp @DataDog/ndm-core +/comp/netflow @DataDog/ndm-integrations +/comp/networkpath @DataDog/Networks @DataDog/network-device-monitoring /comp/otelcol @DataDog/opentelemetry -/comp/process @DataDog/processes +/comp/process @DataDog/container-intake /comp/remote-config @DataDog/remote-config -/comp/snmptraps @DataDog/network-device-monitoring +/comp/snmptraps @DataDog/ndm-core /comp/systray @DataDog/windows-agent /comp/trace @DataDog/agent-apm -/comp/updater @DataDog/fleet +/comp/updater @DataDog/fleet @DataDog/windows-agent +/comp/agent/cloudfoundrycontainer @DataDog/platform-integrations +/comp/agent/jmxlogger @DataDog/agent-metrics-logs +/comp/aggregator/diagnosesendermanager @DataDog/agent-shared-components /comp/checks/agentcrashdetect @DataDog/windows-kernel-integrations +/comp/checks/windowseventlog @DataDog/windows-agent /comp/checks/winregistry @DataDog/windows-agent -/comp/core/autodiscovery @DataDog/container-integrations +/comp/core/autodiscovery @DataDog/container-platform /comp/core/sysprobeconfig @DataDog/ebpf-platform -/comp/core/tagger @DataDog/container-integrations -/comp/core/workloadmeta @DataDog/container-integrations -/comp/forwarder/eventplatform @DataDog/agent-metrics-logs -/comp/forwarder/eventplatformreceiver @DataDog/agent-metrics-logs -/comp/forwarder/orchestrator @DataDog/agent-metrics-logs -/comp/forwarder/orchestrator/orchestratorinterface @DataDog/agent-metrics-logs -/comp/metadata/packagesigning @DataDog/agent-build-and-releases +/comp/core/tagger @DataDog/container-platform +/comp/core/workloadmeta @DataDog/container-platform +/comp/metadata/packagesigning @DataDog/agent-delivery /comp/trace/etwtracer @DataDog/windows-agent +/comp/autoscaling/datadogclient @DataDog/container-integrations /comp/etw @DataDog/windows-agent +/comp/haagent @DataDog/ndm-core +/comp/languagedetection/client @DataDog/container-platform +/comp/rdnsquerier @DataDog/ndm-integrations +/comp/serializer/compression @DataDog/agent-metrics-logs +/comp/snmpscan @DataDog/ndm-core # END COMPONENTS +# Additional notification to @iglendd about Agent Telemetry changes for optional approval and governance acknowledgement +/comp/core/agenttelemetry @DataDog/agent-shared-components @iglendd + +# trace-agent logging implementation should also notify agent-apm +/comp/core/log/impl-trace @DataDog/agent-apm + # pkg /pkg/ @DataDog/agent-shared-components /pkg/api/ @DataDog/agent-shared-components @@ -276,20 +341,19 @@ /pkg/collector/ @DataDog/agent-metrics-logs /pkg/commonchecks/ @DataDog/agent-metrics-logs /pkg/cli/ @DataDog/agent-shared-components -/pkg/cli/subcommands/clusterchecks @DataDog/container-integrations -/pkg/dogstatsd/ @DataDog/agent-metrics-logs +/pkg/cli/subcommands/clusterchecks @DataDog/container-platform +/pkg/discovery/ @DataDog/universal-service-monitoring /pkg/errors/ @DataDog/agent-shared-components -/pkg/forwarder/ @DataDog/agent-metrics-logs @DataDog/agent-shared-components /pkg/gohai @DataDog/agent-shared-components +/pkg/gpu/ @DataDog/ebpf-platform /pkg/jmxfetch/ @DataDog/agent-metrics-logs -/pkg/metadata/ @DataDog/agent-shared-components /pkg/metrics/ @DataDog/agent-metrics-logs -/pkg/serializer/ @DataDog/agent-metrics-logs -/pkg/serverless/ @DataDog/serverless +/pkg/metrics/metricsource.go @DataDog/agent-metrics-logs @DataDog/agent-integrations +/pkg/serializer/ @DataDog/agent-processing-and-routing +/pkg/serializer/internal/metrics/origin_mapping.go @DataDog/agent-processing-and-routing @DataDog/agent-integrations +/pkg/serverless/ @DataDog/serverless @Datadog/serverless-aws /pkg/serverless/appsec/ @DataDog/asm-go /pkg/status/ @DataDog/agent-shared-components -/pkg/status/templates/trace-agent.tmpl @DataDog/agent-apm -/pkg/status/templates/process-agent.tmpl @DataDog/processes /pkg/telemetry/ @DataDog/agent-shared-components /pkg/telemetry/stat_gauge_wrapper.go @DataDog/ebpf-platform /pkg/telemetry/stat_counter_wrapper.go @DataDog/ebpf-platform @@ -297,19 +361,26 @@ /pkg/obfuscate/ @DataDog/agent-apm /pkg/trace/ @DataDog/agent-apm /pkg/trace/api/otlp*.go @DataDog/opentelemetry -/pkg/trace/telemetry/ @DataDog/telemetry-and-analytics -/comp/core/autodiscovery/listeners/ @DataDog/container-integrations +/pkg/trace/traceutil/otel*.go @DataDog/opentelemetry +/pkg/trace/stats/ @DataDog/agent-apm @DataDog/opentelemetry +/pkg/trace/telemetry/ @DataDog/apm-trace-storage +/pkg/trace/transform/ @DataDog/opentelemetry +/comp/core/autodiscovery/listeners/ @DataDog/container-platform /comp/core/autodiscovery/listeners/cloudfoundry*.go @DataDog/platform-integrations -/comp/core/autodiscovery/listeners/snmp*.go @DataDog/network-device-monitoring -/comp/core/autodiscovery/providers/ @DataDog/container-integrations +/comp/core/autodiscovery/listeners/snmp*.go @DataDog/ndm-core +/comp/core/autodiscovery/providers/ @DataDog/container-platform /comp/core/autodiscovery/providers/file*.go @DataDog/agent-metrics-logs -/comp/core/autodiscovery/providers/config_reader*.go @DataDog/container-integrations @DataDog/agent-metrics-logs +/comp/core/autodiscovery/providers/config_reader*.go @DataDog/container-platform @DataDog/agent-metrics-logs /comp/core/autodiscovery/providers/cloudfoundry*.go @DataDog/platform-integrations /comp/core/autodiscovery/providers/remote_config*.go @DataDog/remote-config /pkg/cloudfoundry @Datadog/platform-integrations -/pkg/clusteragent/ @DataDog/container-integrations +/pkg/clusteragent/ @DataDog/container-platform +/pkg/clusteragent/autoscaling/ @DataDog/container-integrations +/pkg/clusteragent/admission/mutate/autoscaling @DataDog/container-integrations +/pkg/clusteragent/admission/mutate/autoinstrumentation/ @DataDog/container-platform @DataDog/injection-platform +/pkg/clusteragent/admission/mutate/cwsinstrumentation @Datadog/agent-security /pkg/clusteragent/orchestrator/ @DataDog/container-app -/pkg/clusteragent/telemetry/ @DataDog/telemetry-and-analytics +/pkg/clusteragent/telemetry/ @DataDog/apm-trace-storage /pkg/collector/ @DataDog/agent-metrics-logs /pkg/collector/corechecks/cluster/ @DataDog/container-integrations /pkg/collector/corechecks/cluster/orchestrator @DataDog/container-app @@ -320,105 +391,116 @@ /pkg/collector/corechecks/ebpf/ebpf* @DataDog/ebpf-platform /pkg/collector/corechecks/ebpf/probe/ebpfcheck/ @DataDog/ebpf-platform /pkg/collector/corechecks/ebpf/c/runtime/ebpf* @DataDog/ebpf-platform -/pkg/collector/corechecks/embed/ @Datadog/agent-ci-experience -/pkg/collector/corechecks/embed/jmx/ @Datadog/agent-metrics-logs -/pkg/collector/corechecks/embed/apm/ @Datadog/agent-ci-experience @DataDog/agent-apm -/pkg/collector/corechecks/embed/process/ @Datadog/agent-ci-experience @DataDog/processes -/pkg/collector/corechecks/network-devices/ @DataDog/network-device-monitoring +/pkg/collector/corechecks/embed/ @Datadog/agent-delivery +/pkg/collector/corechecks/embed/apm/ @DataDog/agent-apm +/pkg/collector/corechecks/embed/process/ @DataDog/container-intake +/pkg/collector/corechecks/gpu/ @DataDog/ebpf-platform +/pkg/collector/corechecks/network-devices/ @DataDog/ndm-integrations /pkg/collector/corechecks/orchestrator/ @DataDog/container-app -/pkg/collector/corechecks/kubernetes/ @DataDog/container-integrations /pkg/collector/corechecks/net/ @DataDog/platform-integrations /pkg/collector/corechecks/oracle @DataDog/database-monitoring /pkg/collector/corechecks/sbom/ @DataDog/container-integrations -/pkg/collector/corechecks/snmp/ @DataDog/network-device-monitoring +/pkg/collector/corechecks/servicediscovery/ @DataDog/universal-service-monitoring +/pkg/collector/corechecks/snmp/ @DataDog/ndm-core /pkg/collector/corechecks/system/ @DataDog/platform-integrations /pkg/collector/corechecks/system/**/*_windows*.go @DataDog/platform-integrations @DataDog/windows-agent /pkg/collector/corechecks/system/wincrashdetect/ @DataDog/windows-kernel-integrations /pkg/collector/corechecks/system/winkmem/ @DataDog/windows-agent /pkg/collector/corechecks/system/winproc/ @DataDog/windows-agent /pkg/collector/corechecks/systemd/ @DataDog/agent-integrations -/pkg/collector/corechecks/nvidia/ @DataDog/agent-ci-experience -/pkg/collector/corechecks/windows_event_log/ @DataDog/windows-agent +/pkg/collector/corechecks/nvidia/ @DataDog/platform-integrations /pkg/config/ @DataDog/agent-shared-components /pkg/config/config_template.yaml @DataDog/agent-shared-components @DataDog/documentation /pkg/config/setup/apm.go @DataDog/agent-apm -/pkg/config/autodiscovery/ @Datadog/container-integrations -/pkg/config/env @DataDog/container-integrations @DataDog/container-app -/pkg/config/logs @Datadog/agent-shared-components -/pkg/config/logs/internal/seelog/seelog_config.go @Datadog/agent-shared-components +/pkg/config/autodiscovery/ @DataDog/container-integrations @DataDog/container-platform +/pkg/config/env @DataDog/container-integrations @DataDog/container-platform /pkg/config/setup @DataDog/agent-shared-components -/pkg/config/setup/process*.go @DataDog/processes +/pkg/config/setup/process*.go @DataDog/container-intake /pkg/config/setup/system_probe.go @DataDog/ebpf-platform /pkg/config/setup/system_probe_cws.go @DataDog/agent-security /pkg/config/setup/system_probe_cws_notwin.go @DataDog/agent-security /pkg/config/setup/system_probe_cws_windows.go @DataDog/windows-kernel-integrations +/pkg/config/setup/security_agent.go @DataDog/agent-security /pkg/config/remote/ @DataDog/remote-config /pkg/config/remote/meta/ @DataDog/remote-config @DataDog/software-integrity-and-trust /pkg/containerlifecycle/ @Datadog/container-integrations -/pkg/diagnose/ @Datadog/container-integrations +/pkg/diagnose/ @Datadog/container-platform /pkg/diagnose/connectivity/ @DataDog/agent-shared-components +/pkg/diagnose/ports/ @DataDog/agent-shared-components /pkg/eventmonitor/ @DataDog/ebpf-platform @DataDog/agent-security /pkg/dynamicinstrumentation/ @DataDog/debugger -/pkg/epforwarder/ @DataDog/agent-shared-components @DataDog/agent-metrics-logs /pkg/flare/ @DataDog/agent-shared-components +/pkg/flare/manifests.go @DataDog/container-ecosystems /pkg/flare/*_win.go @Datadog/windows-agent /pkg/flare/*_windows.go @Datadog/windows-agent /pkg/flare/*_windows_test.go @Datadog/windows-agent -/pkg/otlp/ @DataDog/opentelemetry -/pkg/otlp/*_serverless*.go @DataDog/serverless -/pkg/otlp/*_not_serverless*.go @DataDog/opentelemetry +/pkg/fleet/ @DataDog/fleet @DataDog/windows-agent +/pkg/fleet/installer/setup/djm/ @DataDog/fleet @DataDog/data-jobs-monitoring /pkg/pidfile/ @DataDog/agent-shared-components /pkg/persistentcache/ @DataDog/agent-metrics-logs /pkg/proto/ @DataDog/agent-shared-components -/pkg/proto/datadog/languagedetection @DataDog/processes -/pkg/proto/datadog/process @DataDog/processes +/pkg/proto/datadog/languagedetection @DataDog/container-intake +/pkg/proto/datadog/process @DataDog/container-intake /pkg/proto/datadog/trace @DataDog/agent-apm +/pkg/proto/datadog/workloadmeta @DataDog/container-platform /pkg/remoteconfig/ @DataDog/remote-config /pkg/runtime/ @DataDog/agent-shared-components -/pkg/serializer/ @DataDog/agent-metrics-logs /pkg/tagset/ @DataDog/agent-shared-components -/pkg/updater/ @DataDog/fleet /pkg/util/ @DataDog/agent-shared-components -/pkg/util/aggregatingqueue @DataDog/container-integrations +/pkg/util/aggregatingqueue @DataDog/container-integrations @DataDog/container-platform /pkg/util/cloudproviders/cloudfoundry/ @DataDog/platform-integrations -/pkg/util/clusteragent/ @DataDog/container-integrations +/pkg/util/clusteragent/ @DataDog/container-platform /pkg/util/containerd/ @DataDog/container-integrations /pkg/util/containers/ @DataDog/container-integrations -/pkg/util/containers/collectors/cloudfoundry.go @DataDog/platform-integrations +/pkg/util/crio/ @DataDog/container-integrations /pkg/util/docker/ @DataDog/container-integrations /pkg/util/ecs/ @DataDog/container-integrations /pkg/util/funcs/ @DataDog/ebpf-platform +/pkg/util/gpu/ @DataDog/container-platform /pkg/util/kernel/ @DataDog/ebpf-platform -/pkg/util/kubernetes/ @DataDog/container-integrations @DataDog/container-app -/pkg/util/orchestrator/ @DataDog/container-app +/pkg/util/safeelf/ @DataDog/ebpf-platform +/pkg/util/ktime @DataDog/agent-security +/pkg/util/kubernetes/ @DataDog/container-integrations @DataDog/container-platform @DataDog/container-app /pkg/util/podman/ @DataDog/container-integrations /pkg/util/prometheus @DataDog/container-integrations /pkg/util/trivy/ @DataDog/container-integrations @DataDog/agent-security /pkg/util/uuid/ @DataDog/agent-shared-components /pkg/util/cgroups/ @DataDog/container-integrations -/pkg/util/retry/ @DataDog/container-integrations +/pkg/util/retry/ @DataDog/container-platform /pkg/util/intern/ @DataDog/ebpf-platform /pkg/util/crashreport/ @DataDog/windows-kernel-integrations /pkg/util/pdhutil/ @DataDog/windows-agent /pkg/util/winutil/ @DataDog/windows-agent -/pkg/util/testutil/flake @DataDog/agent-developer-tools -/pkg/languagedetection @DataDog/processes @DataDog/universal-service-monitoring +/pkg/util/testutil/flake @DataDog/agent-devx-loops +/pkg/util/testutil/patternscanner.go @DataDog/universal-service-monitoring @DataDog/ebpf-platform +/pkg/util/testutil/docker @DataDog/universal-service-monitoring @DataDog/ebpf-platform +/pkg/util/trie @DataDog/container-integrations +/pkg/languagedetection @DataDog/container-intake @DataDog/universal-service-monitoring +/pkg/linters/ @DataDog/agent-devx-loops +/pkg/linters/components/ @DataDog/agent-shared-components /pkg/logs/ @DataDog/agent-metrics-logs /pkg/logs/launchers/windowsevent @DataDog/agent-metrics-logs @DataDog/windows-agent /pkg/logs/tailers/windowsevent @DataDog/agent-metrics-logs @DataDog/windows-agent -/pkg/process/ @DataDog/processes +/pkg/logs/util/windowsevent @DataDog/agent-metrics-logs @DataDog/windows-agent +/pkg/logs/client @DataDog/agent-processing-and-routing +/pkg/logs/diagnostic @DataDog/agent-processing-and-routing +/pkg/logs/message @DataDog/agent-processing-and-routing +/pkg/logs/pipeline @DataDog/agent-processing-and-routing +/pkg/logs/processor @DataDog/agent-processing-and-routing +/pkg/logs/sds @DataDog/agent-processing-and-routing +/pkg/logs/sender @DataDog/agent-processing-and-routing +/pkg/process/ @DataDog/container-intake /pkg/process/util/address*.go @DataDog/Networks -/pkg/process/util/netns*.go @DataDog/Networks /pkg/process/checks/net*.go @DataDog/Networks -/pkg/process/metadata/parser/ @DataDog/universal-service-monitoring @DataDog/processes @DataDog/Networks -/pkg/process/metadata/parser/*windows* @DataDog/universal-service-monitoring @DataDog/processes @DataDog/Networks @DataDog/windows-kernel-integrations +/pkg/process/metadata/parser/ @DataDog/universal-service-monitoring @DataDog/container-intake @DataDog/Networks +/pkg/process/metadata/parser/*windows* @DataDog/universal-service-monitoring @DataDog/container-intake @DataDog/Networks @DataDog/windows-kernel-integrations /pkg/process/monitor/ @DataDog/universal-service-monitoring -/pkg/process/net/ @DataDog/processes @DataDog/Networks +/pkg/process/net/ @DataDog/universal-service-monitoring @DataDog/Networks /pkg/proto/datadog/remoteconfig/ @DataDog/remote-config /pkg/proto/pbgo/ # do not notify anyone /pkg/proto/pbgo/trace @DataDog/agent-apm /pkg/proto/pbgo/languagedetection @DataDog/agent-apm -/pkg/proto/pbgo/process @DataDog/processes +/pkg/proto/pbgo/process @DataDog/container-intake /pkg/proto/pbgo/core @DataDog/agent-shared-components /pkg/proto/pbgo/core/remoteconfig.pb.go @DataDog/remote-config /pkg/proto/pbgo/core/remoteconfig_gen.go @DataDog/remote-config @@ -437,144 +519,145 @@ /pkg/network/ebpf/c/prebuilt/shared-libraries* @DataDog/universal-service-monitoring /pkg/network/ebpf/c/runtime/shared-libraries* @DataDog/universal-service-monitoring /pkg/network/ebpf/c/shared-libraries/ @DataDog/universal-service-monitoring -/pkg/network/ebpf/c/prebuilt/http* @DataDog/universal-service-monitoring -/pkg/network/ebpf/c/runtime/http* @DataDog/universal-service-monitoring /pkg/network/ebpf/c/protocols/ @DataDog/universal-service-monitoring -/pkg/network/encoding/marshal/http* @DataDog/universal-service-monitoring -/pkg/network/encoding/marshal/kafka* @DataDog/universal-service-monitoring /pkg/network/encoding/marshal/*usm* @DataDog/universal-service-monitoring /pkg/network/encoding/marshal/*_windows*.go @DataDog/windows-kernel-integrations -/pkg/network/etw/ @DataDog/windows-kernel-integrations /pkg/network/go/ @DataDog/universal-service-monitoring /pkg/network/protocols/ @DataDog/universal-service-monitoring /pkg/network/protocols/http/driver_*.go @DataDog/windows-kernel-integrations /pkg/network/protocols/http/etw*.go @DataDog/windows-kernel-integrations /pkg/network/protocols/http/*_windows*.go @DataDog/windows-kernel-integrations -/pkg/network/tracer/*classification*.go @DataDog/universal-service-monitoring -/pkg/network/tracer/testutil/http2/ @DataDog/universal-service-monitoring -/pkg/network/tracer/testutil/grpc/ @DataDog/universal-service-monitoring -/pkg/network/tracer/testutil/prefetch_file/ @DataDog/universal-service-monitoring /pkg/network/tracer/testutil/proxy/ @DataDog/universal-service-monitoring -/pkg/network/tracer/*usm*.go @DataDog/universal-service-monitoring /pkg/network/tracer/*_windows*.go @DataDog/windows-kernel-integrations /pkg/network/usm/ @DataDog/universal-service-monitoring +/pkg/network/usm/tests/*_windows*.go @DataDog/windows-kernel-integrations /pkg/ebpf/ @DataDog/ebpf-platform -/pkg/ebpf/bytecode/runtime/conntrack.go @DataDog/Networks @DataDog/universal-service-monitoring -/pkg/ebpf/bytecode/runtime/usm.go @DataDog/Networks @DataDog/universal-service-monitoring -/pkg/ebpf/bytecode/runtime/oom-kill.go @DataDog/container-integrations -/pkg/ebpf/bytecode/runtime/runtime-security.go @DataDog/agent-security -/pkg/ebpf/bytecode/runtime/tcp-queue-length.go @DataDog/container-integrations -/pkg/ebpf/bytecode/runtime/tracer.go @DataDog/Networks @DataDog/universal-service-monitoring /pkg/ebpf/map_cleaner*.go @DataDog/universal-service-monitoring /pkg/compliance/ @DataDog/agent-cspm /pkg/databasemonitoring @DataDog/database-monitoring /pkg/kubestatemetrics @DataDog/container-integrations /pkg/security/ @DataDog/agent-security -/pkg/networkdevice/ @DataDog/network-device-monitoring -/pkg/snmp/ @DataDog/network-device-monitoring -/pkg/tagger/ @DataDog/container-integrations +/pkg/networkdevice/ @DataDog/ndm-core +/pkg/snmp/ @DataDog/ndm-core +/pkg/tagger/ @DataDog/container-platform /pkg/windowsdriver/ @DataDog/windows-kernel-integrations /comp/core/workloadmeta/collectors/internal/cloudfoundry @DataDog/platform-integrations /pkg/sbom/ @DataDog/container-integrations @DataDog/agent-security -/pkg/internaltelemetry @DataDog/windows-kernel-integrations -/pkg-config/ @DataDog/agent-build-and-releases +/pkg/internaltelemetry @DataDog/windows-kernel-integrations @DataDog/fleet /pkg/networkpath/ @DataDog/network-device-monitoring @DataDog/Networks /pkg/collector/corechecks/networkpath/ @DataDog/network-device-monitoring @DataDog/Networks /releasenotes/ @DataDog/documentation -/releasenotes-installscript/ @DataDog/documentation -/releasenotes-dca/ @DataDog/documentation @DataDog/container-integrations +/releasenotes-dca/ @DataDog/documentation /rtloader/ @DataDog/agent-metrics-logs -/tasks/ @DataDog/agent-developer-tools @DataDog/agent-ci-experience +/tasks/ @DataDog/agent-devx-loops @DataDog/agent-devx-infra /tasks/msi.py @DataDog/windows-agent /tasks/agent.py @DataDog/agent-shared-components +/tasks/go_deps.py @DataDog/agent-shared-components +/tasks/dogstatsd.py @DataDog/agent-metrics-logs /tasks/update_go.py @DataDog/agent-shared-components -/tasks/unit-tests/update_go_tests.py @DataDog/agent-shared-components +/tasks/unit_tests/update_go_tests.py @DataDog/agent-shared-components /tasks/cluster_agent_cloudfoundry.py @DataDog/platform-integrations -/tasks/new_e2e_tests.py @DataDog/agent-e2e-testing @DataDog/agent-developer-tools -/tasks/process_agent.py @DataDog/processes +/tasks/new_e2e_tests.py @DataDog/agent-e2e-testing @DataDog/agent-devx-loops +/tasks/process_agent.py @DataDog/container-intake /tasks/system_probe.py @DataDog/ebpf-platform /tasks/ebpf.py @DataDog/ebpf-platform /tasks/kmt.py @DataDog/ebpf-platform /tasks/kernel_matrix_testing/ @DataDog/ebpf-platform +/tasks/ebpf_verifier/ @DataDog/ebpf-platform /tasks/trace_agent.py @DataDog/agent-apm +/tasks/rtloader.py @DataDog/agent-metrics-logs /tasks/security_agent.py @DataDog/agent-security +/tasks/sds.py @DataDog/agent-processing-and-routing /tasks/systray.py @DataDog/windows-agent /tasks/winbuildscripts/ @DataDog/windows-agent +/tasks/winbuild.py @DataDog/windows-agent /tasks/windows_resources.py @DataDog/windows-agent +/tasks/collector.py @DataDog/opentelemetry /tasks/components.py @DataDog/agent-shared-components /tasks/components_templates @DataDog/agent-shared-components -/tasks/updater.py @DataDog/fleet -/test/ @DataDog/agent-developer-tools +/tasks/libs/ciproviders/ @DataDog/agent-devx-infra +/tasks/libs/common/omnibus.py @DataDog/agent-delivery +/tasks/omnibus.py @DataDog/agent-delivery +/tasks/release.py @DataDog/agent-delivery +/tasks/unit_tests/components_tests.py @DataDog/agent-shared-components +/tasks/unit_tests/omnibus_tests.py @DataDog/agent-delivery +/tasks/unit_tests/testdata/components_src/ @DataDog/agent-shared-components +/tasks/installer.py @DataDog/fleet +/test/ @DataDog/agent-devx-loops /test/benchmarks/ @DataDog/agent-metrics-logs /test/benchmarks/kubernetes_state/ @DataDog/container-integrations -/test/e2e/ @DataDog/container-integrations @DataDog/agent-security -/test/e2e/cws-tests/ @DataDog/agent-security -/test/e2e/argo-workflows/otlp-workflow.yaml @DataDog/opentelemetry -/test/e2e/containers/otlp_sender/ @DataDog/opentelemetry /test/integration/ @DataDog/container-integrations -/test/integration/serverless @DataDog/serverless -/test/integration/serverless_perf @DataDog/serverless -/test/kitchen/ @DataDog/agent-developer-tools -/test/kitchen/test-definitions/ @DataDog/agent-build-and-releases -/test/kitchen/test/integration/ @DataDog/agent-build-and-releases -/test/kitchen/kitchen-azure-security-agent-test.yml @DataDog/agent-security -/test/kitchen/kitchen-vagrant-security-agent.yml @DataDog/agent-security -/test/kitchen/site-cookbooks/dd-security-agent-check/ @DataDog/agent-security -/test/kitchen/test/integration/security-agent-stress/ @DataDog/agent-security -/test/kitchen/test/integration/security-agent-test/ @DataDog/agent-security -/test/kitchen/kitchen-azure-system-probe-test.yml @DataDog/ebpf-platform -/test/kitchen/kitchen-vagrant-system-probe.yml @DataDog/ebpf-platform -/test/kitchen/site-cookbooks/dd-system-probe-check/ @DataDog/ebpf-platform -/test/kitchen/test/integration/system-probe-test/ @DataDog/ebpf-platform -/test/kitchen/test/integration/win-all-subservices/ @DataDog/windows-agent -/test/kitchen/test/integration/win-alt-dir/ @DataDog/windows-agent -/test/kitchen/test/integration/win-install-fail/ @DataDog/windows-agent -/test/kitchen/test/integration/win-installopts/ @DataDog/windows-agent -/test/kitchen/test/integration/win-no-subservices/ @DataDog/windows-agent -/test/kitchen/test/integration/win-sysprobe-test/ @DataDog/windows-kernel-integrations -/test/kitchen/test/integration/win-reinstall-option/ @DataDog/windows-agent -/test/kitchen/test/integration/win-repair/ @DataDog/windows-agent -/test/kitchen/test/integration/win-user/ @DataDog/windows-agent -/test/fakeintake/ @DataDog/agent-e2e-testing @DataDog/agent-developer-tools -/test/new-e2e/ @DataDog/agent-e2e-testing @DataDog/agent-developer-tools -/test/new-e2e/test-infra-definition @DataDog/agent-developer-tools +/test/integration/docker/otel_agent_build_tests.py @DataDog/opentelemetry +/test/integration/serverless @DataDog/serverless @Datadog/serverless-aws +/test/integration/serverless_perf @DataDog/serverless @Datadog/serverless-aws +/test/fakeintake/ @DataDog/agent-e2e-testing @DataDog/agent-devx-loops +/test/fakeintake/aggregator/ndmflowAggregator.go @DataDog/ndm-integrations +/test/fakeintake/aggregator/ndmflowAggregator_test.go @DataDog/ndm-integrations +/test/fakeintake/aggregator/servicediscovery* @DataDog/universal-service-monitoring +/test/new-e2e/ @DataDog/agent-e2e-testing @DataDog/agent-devx-loops +/test/new-e2e/pkg/components/datadog-installer @DataDog/windows-agent +/test/new-e2e/test-infra-definition @DataDog/agent-devx-loops /test/new-e2e/system-probe @DataDog/ebpf-platform /test/new-e2e/scenarios/system-probe @DataDog/ebpf-platform -/test/new-e2e/tests/agent-platform @DataDog/agent-build-and-releases @DataDog/agent-developer-tools +/test/new-e2e/tests/agent-platform @DataDog/container-ecosystems @DataDog/agent-delivery @DataDog/agent-devx-loops /test/new-e2e/tests/agent-shared-components @DataDog/agent-shared-components /test/new-e2e/tests/agent-subcommands @DataDog/agent-shared-components -/test/new-e2e/tests/containers @DataDog/container-integrations -/test/new-e2e/tests/language-detection @DataDog/processes -/test/new-e2e/tests/ndm @DataDog/network-device-monitoring +/test/new-e2e/tests/containers @DataDog/container-integrations @DataDog/container-platform +/test/new-e2e/tests/discovery @DataDog/universal-service-monitoring +/test/new-e2e/tests/ha-agent @DataDog/ndm-core +/test/new-e2e/tests/language-detection @DataDog/container-intake +/test/new-e2e/tests/ndm @DataDog/ndm-core +/test/new-e2e/tests/ndm/netflow @DataDog/ndm-integrations +/test/new-e2e/tests/netpath @DataDog/Networks @DataDog/network-device-monitoring /test/new-e2e/tests/npm @DataDog/Networks /test/new-e2e/tests/npm/ec2_1host_wkit_test.go @DataDog/Networks @DataDog/windows-kernel-integrations /test/new-e2e/tests/orchestrator @DataDog/container-app -/test/new-e2e/tests/process @DataDog/processes +/test/new-e2e/tests/otel @DataDog/opentelemetry +/test/new-e2e/tests/process @DataDog/container-intake +/test/new-e2e/tests/sysprobe-functional @DataDog/windows-kernel-integrations +/test/new-e2e/tests/security-agent-functional @DataDog/windows-kernel-integrations @DataDog/agent-security /test/new-e2e/tests/cws @DataDog/agent-security -/test/new-e2e/tests/agent-metric-logs @DataDog/agent-metrics-logs +/test/new-e2e/tests/agent-metrics-logs @DataDog/agent-metrics-logs /test/new-e2e/tests/windows @DataDog/windows-agent @DataDog/windows-kernel-integrations /test/new-e2e/tests/apm @DataDog/agent-apm /test/new-e2e/tests/remote-config @DataDog/remote-config -/test/new-e2e/tests/updater @DataDog/fleet +/test/new-e2e/tests/installer @DataDog/fleet @DataDog/windows-agent +/test/new-e2e/tests/installer/script @DataDog/fleet @DataDog/data-jobs-monitoring +/test/new-e2e/tests/gpu @Datadog/ebpf-platform +/test/otel/ @DataDog/opentelemetry /test/system/ @DataDog/agent-shared-components /test/system/dogstatsd/ @DataDog/agent-metrics-logs /test/benchmarks/apm_scripts/ @DataDog/agent-apm /test/regression/ @DataDog/single-machine-performance -/test/workload-checks/ @DataDog/single-machine-performance -/tools/ @DataDog/agent-developer-tools +/tools/ @DataDog/agent-devx-loops +/tools/ci @DataDog/agent-devx-infra /tools/ebpf/ @DataDog/ebpf-platform /tools/gdb/ @DataDog/agent-shared-components /tools/go-update/ @DataDog/agent-shared-components +/tools/NamedPipeCmd/ @DataDog/windows-kernel-integrations /tools/retry_file_dump/ @DataDog/agent-metrics-logs /tools/windows/ @DataDog/windows-agent /tools/windows/DatadogAgentInstaller/WixSetup/localization-en-us.wxl @DataDog/windows-agent @DataDog/documentation /tools/agent_QA/ @DataDog/agent-metrics-logs -/internal/tools/ @DataDog/agent-developer-tools @DataDog/agent-ci-experience -/internal/third_party/client-go @DataDog/container-integrations +/internal/tools/ @DataDog/agent-devx-loops @DataDog/agent-devx-infra +/internal/third_party/client-go @DataDog/container-platform /internal/third_party/kubernetes @DataDog/container-integrations /internal/third_party/golang/ @DataDog/container-integrations + +# With the introduction of go.work, dependencies bump modify go.mod and go.sum in a lot of file. +# Which bring a lot of team in the review each time. To make it smoother we no longer consider go.mod and go.sum owned by teams. +# Each team can individually decide to update CODEOWNERS to be requested for a review on each modification of their go.mod/sum +/**/go.mod # do not notify anyone +/**/go.sum # do not notify anyone + +# Add here modules that need explicit review from the team owning them +/internal/tools/**/go.mod @DataDog/agent-devx-loops +/internal/tools/**/go.sum @DataDog/agent-devx-loops + +/pkg/util/scrubber/go.mod @DataDog/agent-shared-components +/pkg/util/scrubber/go.sum @DataDog/agent-shared-components diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index f863248aa0d26..7f5c8e1546904 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -1,46 +1,35 @@ ### What does this PR do? - - ### Motivation +### Describe how you validated your changes -### Additional Notes +### Possible Drawbacks / Trade-offs +### Additional Notes - -### Possible Drawbacks / Trade-offs - - - -### Describe how to test/QA your changes - - +--> \ No newline at end of file diff --git a/.github/labeler.yml b/.github/labeler.yml index 8f9851b6d3c94..f651a752f414e 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -1,13 +1,15 @@ +--- # add system-probe label to any changes done in network, security, eventmonitor or ebpf packages component/system-probe: - - pkg/collector/corechecks/ebpf/** #ebpf-platform (oomkill and tcp_queue_length) - - pkg/ebpf/** # ebpf-platform (ebpf_manager) - - pkg/eventmonitor/** # cws (new event monitor component) - - pkg/network/** # npm and usm - - pkg/process/monitor/** # usm (process monitor) - - pkg/security/** # cws - - pkg/util/kernel/** # ebpf-platform - - cmd/system-probe/** # ebpf_platform (system-probe executable) - - tasks/system_probe.py # invoke tasks - - +- changed-files: + - any-glob-to-any-file: + - pkg/collector/corechecks/ebpf/** #ebpf-platform (oomkill and tcp_queue_length) + - pkg/collector/corechecks/servicediscovery/module/** # usm + - pkg/ebpf/** # ebpf-platform (ebpf_manager) + - pkg/eventmonitor/** # cws (new event monitor component) + - pkg/network/** # npm and usm + - pkg/process/monitor/** # usm (process monitor) + - pkg/security/** # cws + - pkg/util/kernel/** # ebpf-platform + - cmd/system-probe/** # ebpf_platform (system-probe executable) + - tasks/system_probe.py # invoke tasks diff --git a/.github/workflows/add_milestone.yml b/.github/workflows/add_milestone.yml index cde6cc294c423..06747874a8213 100644 --- a/.github/workflows/add_milestone.yml +++ b/.github/workflows/add_milestone.yml @@ -8,22 +8,28 @@ on: - main - "[0-9]+.[0-9]+.x" +permissions: {} + jobs: add-milestone-pr: name: Add Milestone on PR if: github.event.pull_request.merged == true runs-on: ubuntu-latest + permissions: + pull-requests: write env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} GH_REPO: ${{ github.repository }} steps: - name: Checkout datadog-agent repository - uses: actions/checkout@v4 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + with: + persist-credentials: false - name: Get repo current milestone id: current-milestone run: | - if [[ ${GITHUB_REF##*/} =~ ^7\.[0-9]+\.[0-9]+$ ]]; then + if [[ ${GITHUB_REF##*/} =~ ^6\.[0-9]+\.[0-9]+$ ]]; then # If we're on a release branch, set the milestone to the latest release milestone found. MILESTONE=$(gh release list | grep -o $(echo ${GITHUB_REF##*/} | sed 's/x/[0-9]*/g') | sort -uV | tail -1) if [ -z "$MILESTONE" ]; then @@ -38,7 +44,7 @@ jobs: exit 1 fi fi - if [[ ! $MILESTONE =~ ^7\.[0-9]+\.[0-9]+$ ]]; then + if [[ ! $MILESTONE =~ ^6\.[0-9]+\.[0-9]+$ ]]; then echo "Error: Malformed milestone $MILESTONE. It should be of the form '7.x.y'." exit 1 fi diff --git a/.github/workflows/backport-pr.yml b/.github/workflows/backport-pr.yml index 4ff0c953f87d4..3acf8cda7ebf2 100644 --- a/.github/workflows/backport-pr.yml +++ b/.github/workflows/backport-pr.yml @@ -5,6 +5,8 @@ on: - closed - labeled +permissions: {} + jobs: backport: name: Backport PR @@ -18,14 +20,23 @@ jobs: && contains(github.event.label.name, 'backport') ) ) + permissions: + contents: write + pull-requests: write steps: - - uses: actions/create-github-app-token@v1 + - uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0 id: app-token with: app-id: ${{ vars.DD_GITHUB_TOKEN_GENERATOR_APP_ID }} private-key: ${{ secrets.DD_GITHUB_TOKEN_GENERATOR_PRIVATE_KEY }} - - uses: tibdex/backport@v2 + - uses: tibdex/backport@9565281eda0731b1d20c4025c43339fb0a23812e # v2.0.4 with: label_pattern: "^backport/(?([^ ]+))$" labels_template: "<%= JSON.stringify([...labels, 'backport', 'bot']) %>" github_token: ${{ steps.app-token.outputs.token }} + body_template: | + Backport <%- mergeCommitSha %> from #<%- number %>. + + ___ + + <%- body %> diff --git a/.github/workflows/buildimages-update.yml b/.github/workflows/buildimages-update.yml index bd38179252345..1138e8557d011 100644 --- a/.github/workflows/buildimages-update.yml +++ b/.github/workflows/buildimages-update.yml @@ -19,43 +19,54 @@ on: description: 'Whether the images are test images' required: true type: boolean + include_otel_modules: + description: 'Whether to also bump the Go version in modules used by OpenTelemetry' + required: true + type: boolean + +permissions: {} jobs: open-go-update-pr: runs-on: ubuntu-latest permissions: contents: write # push commit and branch + pull-requests: write steps: - name: Checkout branch - uses: actions/checkout@v4 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 with: - ref: ${{ github.head_ref }} + # credentials are needed to create the PR at the end of the workflow + persist-credentials: true - name: Fetch branch + env: + TARGET_BRANCH: ${{ inputs.branch }} # this step needs the github repository to be already cloned locally id: branch_fetch run: | - if git fetch origin "refs/heads/${{ inputs.branch }}"; then + if git fetch origin "refs/heads/$TARGET_BRANCH"; then echo "RESULT=true" >> $GITHUB_OUTPUT else echo "RESULT=false" >> $GITHUB_OUTPUT fi - name: Checkout branch - uses: actions/checkout@v4 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 if: ${{ steps.branch_fetch.outputs.RESULT == 'true' }} with: ref: ${{ inputs.branch }} + persist-credentials: false - name: Setup Python and pip - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: # use Python < 3.12 so that distutil is still available by default python-version: 3.11 cache: "pip" - - uses: actions/setup-go@v5 + - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: # use the go version from the input, not from the .go-version file # in case it's a Go update PR @@ -70,20 +81,30 @@ jobs: run: | echo "GO_VERSION=$(inv go-version)" >> $GITHUB_OUTPUT + - name: Get current buildimage tag + id: current_buildimage_tag + run: | + echo "BUILDIMAGE_TAG=$(inv buildimages.get-tag)" >> $GITHUB_OUTPUT + - name: Update buildimages IDs and Go version id: update_build_images env: - TEST_VERSION_FLAG: ${{ inputs.test_version && '--test-version' || '--no-test-version' }} + TEST_VERSION_FLAG: ${{ inputs.test_version && '--test' || '--no-test' }} + # INCLUDE_OTEL_MODULES must be used without quotes to be ignored when empty + INCLUDE_OTEL_MODULES: ${{ inputs.include_otel_modules && '--include-otel-modules' || '' }} + CURRENT_GO_VERSION: ${{ steps.current_go_version.outputs.GO_VERSION }} + INPUT_GO_VERSION: ${{ inputs.go_version }} + IMAGES_ID: ${{ inputs.images_id }} run: | - if [ "${{ steps.current_go_version.outputs.GO_VERSION }}" = "${{ inputs.go_version }}" ]; then - inv -e buildimages.update --image-tag ${{ inputs.images_id }} $TEST_VERSION_FLAG - echo 'MESSAGE=Update buildimages ID to ${{ inputs.images_id }}' >> $GITHUB_OUTPUT + if [ "$CURRENT_GO_VERSION" = "$INPUT_GO_VERSION" ]; then + inv -e buildimages.update --tag "$IMAGES_ID" "$TEST_VERSION_FLAG" + echo "MESSAGE=Update buildimages ID to $IMAGES_ID" >> $GITHUB_OUTPUT else - inv -e update-go --image-tag ${{ inputs.images_id }} $TEST_VERSION_FLAG -v "${{ inputs.go_version }}" - echo 'MESSAGE=Update Go version to ${{ inputs.go_version }}' >> $GITHUB_OUTPUT + inv -e update-go --image-tag "$IMAGES_ID" "$TEST_VERSION_FLAG" $INCLUDE_OTEL_MODULES -v "$INPUT_GO_VERSION" + echo "MESSAGE=Update Go version to $INPUT_GO_VERSION" >> $GITHUB_OUTPUT fi - - uses: stefanzweifel/git-auto-commit-action@v5 + - uses: stefanzweifel/git-auto-commit-action@8621497c8c39c72f3e2a999a26b4ca1b5058a842 # v5.0.1 id: autocommit with: commit_message: ${{ steps.update_build_images.outputs.MESSAGE }} @@ -95,3 +116,53 @@ jobs: # the action fetches all branches and tags, in our case the branches we care about are already fetched # if they exist, so we can skip the fetch skip_fetch: true + + - name: Check if PR exists + id: check_pr + env: + GH_TOKEN: ${{ github.token }} + BASE_BRANCH: ${{ github.ref_name }} + INPUT_BRANCH: ${{ inputs.branch }} + run: | + # prs variable contains the number of PRs already created that match head and base branches + prs=$(gh pr list \ + --repo "$GITHUB_REPOSITORY" \ + --head "$INPUT_BRANCH" \ + --base "$BASE_BRANCH" \ + --json title \ + --jq 'length') + if [ $prs -eq 0 ]; then + echo "CREATE_PR=true" >> $GITHUB_OUTPUT + fi + + # Create PR only if there is no pre-existing PR on the branch + - name: Create PR + if: ${{ steps.check_pr.outputs.CREATE_PR == 'true' }} + env: + TMP_PR_BODY_PATH: /tmp/pr_body + GH_TOKEN: ${{ github.token }} + PR_TITLE: "[automated] ${{ steps.update_build_images.outputs.MESSAGE }}" + PR_LABELS: "go-update,team/agent-shared-components" + CURRENT_BUILDIMAGE_TAG: ${{ steps.current_buildimage_tag.outputs.BUILDIMAGE_TAG }} + IMAGES_ID: ${{ inputs.images_id }} + CURRENT_GO_VERSION: ${{ steps.current_go_version.outputs.GO_VERSION }} + INPUT_GO_VERSION: ${{ inputs.go_version }} + # INPUT_TEST_VERSION must be used without quotes to be ignored when empty + INPUT_TEST_VERSION: ${{ inputs.test_version && '--test' || '' }} + GITHUB_REF: ${{ github.ref }} + run: | + # Generate the PR description + inv -e buildimages.generate-pr-body \ + "$CURRENT_BUILDIMAGE_TAG" \ + "$IMAGES_ID" \ + "$CURRENT_GO_VERSION" \ + "$INPUT_GO_VERSION" \ + $INPUT_TEST_VERSION > $TMP_PR_BODY_PATH + + # Create the PR + gh pr create \ + --base "$GITHUB_REF" \ + --title "$PR_TITLE" \ + --body-file "$TMP_PR_BODY_PATH" \ + --label "$PR_LABELS" \ + --draft \ diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index db2831a1b3da6..bb6d39efa5e6d 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -5,47 +5,55 @@ on: branches: - main - "[0-9]+.[0-9]+.x" - - mq-working-branch-* pull_request: branches: - main - "[0-9]+.[0-9]+.x" +permissions: {} + jobs: CodeQL-Build: runs-on: ubuntu-20.04 + permissions: + security-events: write + strategy: + matrix: + language: ["go", "javascript", "python", "cpp"] steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 with: fetch-depth: 0 + persist-credentials: false - name: Setup Python3 - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: - python-version: "3.11.8" + python-version: "3.12.6" cache: "pip" - run: pip3 install -r requirements.txt - name: Setup env variables run: | - echo "CODEQL_PYTHON=$(which python3)" >> $GITHUB_ENV - echo "$GOPATH/bin" >> $GITHUB_PATH echo "CGO_LDFLAGS= -L${GITHUB_WORKSPACE}/rtloader/build/rtloader -ldl " >> $GITHUB_ENV echo "CGO_CFLAGS= -I${GITHUB_WORKSPACE}/rtloader/include -I${GITHUB_WORKSPACE}/rtloader/common " >> $GITHUB_ENV - - uses: actions/setup-go@v5 + - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version-file: ".go-version" - name: Initialize CodeQL - uses: github/codeql-action/init@v3.24.10 + uses: github/codeql-action/init@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9 with: - languages: go, javascript, python, cpp - setup-python-dependencies: false - # Defining a fixed CodeQL bundle version - tools: https://github.com/github/codeql-action/releases/download/codeql-bundle-20230207/codeql-bundle-linux64.tar.gz + languages: ${{ matrix.language }} + config: | + paths-ignore: + - rtloader/build/rtloader/CMakeFiles/datadog-agent-rtloader.dir + - rtloader/build/three/CMakeFiles/datadog-agent-three.dir + - rtloader/build/test/CMakeFiles/run.dir + - rtloader/build/CMakeFiles/clang-format.dir - name: Set Swap Space uses: pierotofy/set-swap-space@49819abfb41bd9b44fb781159c033dba90353a7c @@ -59,4 +67,4 @@ jobs: invoke agent.build --build-exclude=systemd - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3.24.10 + uses: github/codeql-action/analyze@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9 diff --git a/.github/workflows/cws-btfhub-sync.yml b/.github/workflows/cws-btfhub-sync.yml index 70259ef0a291f..795953b22a354 100644 --- a/.github/workflows/cws-btfhub-sync.yml +++ b/.github/workflows/cws-btfhub-sync.yml @@ -2,54 +2,147 @@ name: "CWS BTFHub constants sync" on: workflow_dispatch: + inputs: + base_branch: + description: 'Base branch to target' + required: false + default: 'main' + type: string + force_refresh: + description: 'Force refresh of the constants' + required: false + default: 'false' + type: boolean schedule: - - cron: '30 4 * * 1-5' # at 4:30 UTC every week-day + - cron: '30 4 * * 5' # at 4:30 UTC on Friday + +permissions: {} jobs: - sync: + generate: runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + cone: + - amzn + - centos + - debian + - fedora + - ol/7/arm64 + - ol/7/x86_64 + - ol/8/arm64 + - ol/8/x86_64 + - opensuse-leap + - rhel + - sles + - ubuntu/16.04/x86_64 + - ubuntu/18.04/arm64 + - ubuntu/18.04/x86_64 + - ubuntu/20.04/arm64 + - ubuntu/20.04/x86_64 steps: - name: Cleanup runner run: | sudo rm -rf /usr/local/lib/android >/dev/null 2>&1 docker rmi $(docker image ls -aq) >/dev/null 2>&1 + sudo rm -rf /usr/share/dotnet + sudo rm -rf /opt/ghc + sudo rm -rf "/usr/local/share/boost" + df -h - name: Checkout datadog-agent repository - uses: actions/checkout@v4 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + with: + ref: ${{ inputs.base_branch || 'main' }} + persist-credentials: false - name: Checkout btfhub-archive repository - uses: actions/checkout@v4 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 with: - ref: no-kmod repository: DataDog/btfhub-archive path: dev/dist/archive + sparse-checkout: ${{ matrix.cone }} + persist-credentials: false + + - name: Install python + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 + with: + python-version: 3.11 + cache: 'pip' + - run: pip install -r requirements.txt + + - name: Install go + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + with: + go-version-file: '.go-version' + + - name: Compute name + id: artifact-name + run: | + echo "ARTIFACT_NAME=constants-${{ matrix.cone }}" | tr '/' '-' >> $GITHUB_OUTPUT + + - name: Sync constants + if: ${{ !inputs.force_refresh }} + env: + ARTIFACT_NAME: ${{ steps.artifact-name.outputs.ARTIFACT_NAME }} + run: | + inv -e security-agent.generate-btfhub-constants --archive-path=./dev/dist/archive --output-path=./"$ARTIFACT_NAME".json + + - name: Force sync constants + if: ${{ inputs.force_refresh }} + env: + ARTIFACT_NAME: ${{ steps.artifact-name.outputs.ARTIFACT_NAME }} + run: | + inv -e security-agent.generate-btfhub-constants --archive-path=./dev/dist/archive --output-path=./"$ARTIFACT_NAME".json --force-refresh + + - name: Upload artifact + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + with: + name: ${{ steps.artifact-name.outputs.ARTIFACT_NAME }} + path: ./${{ steps.artifact-name.outputs.ARTIFACT_NAME }}.json + + combine: + needs: generate + runs-on: ubuntu-latest + permissions: + contents: write + pull-requests: write + steps: + - name: Checkout datadog-agent repository + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + with: + ref: ${{ inputs.base_branch || 'main' }} - name: Install python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: - python-version: '3.9' + python-version: 3.11 cache: 'pip' - run: pip install -r requirements.txt - name: Install go - uses: actions/setup-go@v5 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version-file: '.go-version' - - name: Install go deps + - name: Download All Artifacts + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 + with: + path: ./dev/dist/constants + pattern: constants-* + merge-multiple: true + + - name: Combine constants run: | - inv -e deps + inv -e security-agent.combine-btfhub-constants --archive-path=./dev/dist/constants - name: Compute branch name id: branch-name run: | echo "BRANCH_NAME=cws/constants-sync-$(date +%s)" >> $GITHUB_OUTPUT - - name: Sync constants - run: | - inv -e security-agent.generate-btfhub-constants --archive-path=./dev/dist/archive - - - uses: stefanzweifel/git-auto-commit-action@v5 + - uses: stefanzweifel/git-auto-commit-action@8621497c8c39c72f3e2a999a26b4ca1b5058a842 # v5.0.1 id: commit-creator with: commit_message: "CWS: sync BTFhub constants" @@ -59,7 +152,10 @@ jobs: skip_checkout: true - name: Create Pull Request - uses: actions/github-script@v7 + env: + BRANCH_NAME: ${{ steps.branch-name.outputs.BRANCH_NAME }} + BASE_BRANCH: ${{ inputs.base_branch || 'main' }} + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 if: steps.commit-creator.outputs.changes_detected == 'true' with: script: | @@ -68,8 +164,8 @@ jobs: title: 'CWS: sync BTFHub constants', owner, repo, - head: '${{ steps.branch-name.outputs.BRANCH_NAME }}', - base: 'main', + head: process.env.BRANCH_NAME, + base: process.env.BASE_BRANCH, body: [ '### What does this PR do?', 'This PR syncs the BTFHub constants used by CWS', diff --git a/.github/workflows/do-not-merge.yml b/.github/workflows/do-not-merge.yml index 13886c696f679..a21f9e03d1fb2 100644 --- a/.github/workflows/do-not-merge.yml +++ b/.github/workflows/do-not-merge.yml @@ -10,6 +10,8 @@ on: branches: - mq-working-branch-* +permissions: {} + jobs: do-not-merge: if: ${{ contains(github.event.*.labels.*.name, 'do-not-merge/hold') || contains(github.event.*.labels.*.name, 'do-not-merge/WIP') }} diff --git a/.github/workflows/docs-dev.yml b/.github/workflows/docs-dev.yml index f7466f8e5b9e8..1eab6460db4b6 100644 --- a/.github/workflows/docs-dev.yml +++ b/.github/workflows/docs-dev.yml @@ -6,11 +6,15 @@ on: - main paths: - docs/** + - .github/workflows/docs-dev.yml pull_request: branches: - main paths: - docs/** + - .github/workflows/docs-dev.yml + +permissions: {} concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} @@ -21,13 +25,14 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 with: + persist-credentials: false # Fetch all history for applying timestamps to every page fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: '3.12' @@ -45,25 +50,27 @@ jobs: - name: Build documentation run: invoke docs.build - - uses: actions/upload-artifact@v4 + - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: documentation path: site publish: runs-on: ubuntu-latest + permissions: + contents: write if: github.event_name == 'push' && github.ref == 'refs/heads/main' needs: - build steps: - - uses: actions/download-artifact@v4 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: documentation path: site - - uses: peaceiris/actions-gh-pages@v3 + - uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4.0.0 with: github_token: ${{ secrets.GITHUB_TOKEN }} publish_dir: site diff --git a/.github/workflows/external-contributor.yml b/.github/workflows/external-contributor.yml index 54c1f128aa4c1..f0beb805c2a50 100644 --- a/.github/workflows/external-contributor.yml +++ b/.github/workflows/external-contributor.yml @@ -1,3 +1,4 @@ +--- name: Handle External Contributor PRs on: @@ -5,18 +6,38 @@ on: pull_request_target: types: [opened, reopened] +permissions: {} + jobs: external-contributor-prs: name: Handle Fork PRs runs-on: ubuntu-latest + permissions: + pull-requests: write if: github.event.pull_request.head.repo.full_name != github.repository steps: + - name: Checkout repository + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + with: + ref: main + fetch-depth: 0 + persist-credentials: false + - name: Setup python + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 + with: + python-version: 3.11 + cache: 'pip' + cache-dependency-path: '**/requirements*.txt' + - name: Install dependencies + run: pip install -r requirements.txt -r tasks/requirements.txt - name: Set label on external contributor PRs - run: gh issue edit "$NUMBER" --add-label "$LABELS" --milestone "$MILESTONE" + run: | + inv -e github.handle-community-pr --repo="$GH_REPO" --pr-id="$NUMBER" --labels="$LABELS" env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SLACK_API_TOKEN: ${{ secrets.SLACK_DATADOG_AGENT_BOT_TOKEN }} GH_REPO: ${{ github.repository }} NUMBER: ${{ github.event.number }} # labels is a comma-separated list of tags - LABELS: community,team/triage - MILESTONE: Triage + LABELS: community diff --git a/.github/workflows/go-update-commenter.yml b/.github/workflows/go-update-commenter.yml index 7f27d238faa39..1028110bc4fda 100644 --- a/.github/workflows/go-update-commenter.yml +++ b/.github/workflows/go-update-commenter.yml @@ -5,6 +5,10 @@ on: # Only run on PR label events (in particular not on every commit) types: [ labeled ] +permissions: + # write permissions are needed to create the comment + pull-requests: write + jobs: old-versions-match: # Only run if the PR is labeled with 'go-update' @@ -12,16 +16,19 @@ jobs: runs-on: ubuntu-latest steps: # get the Go version of the target branch - - uses: actions/checkout@v4 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 with: ref: ${{ github.base_ref }} + persist-credentials: false - name: Get former Go version id: former_go_version run: | echo version="$(cat .go-version)" >> $GITHUB_OUTPUT # get the Go version of the PR branch - - uses: actions/checkout@v4 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + with: + persist-credentials: false - name: Get current Go version id: new_go_version run: | @@ -29,11 +36,17 @@ jobs: # build the comment - name: Build full comment + env: + GITHUB_SERVER_URL: ${{ github.server_url }} + GITHUB_REPOSITORY: ${{ github.repository }} + GITHUB_SHA: ${{ github.sha }} + FORMER_GO_VERSION: ${{ steps.former_go_version.outputs.version }} + NEW_GO_VERSION: ${{ steps.new_go_version.outputs.version }} id: old_versions run: | - set -euxo pipefail + set -euo pipefail # build the base of the Github URL to the current commit - GITHUB_HEAD_URL='${{ github.server_url }}/${{ github.repository }}/blob/${{ github.sha }}' + GITHUB_HEAD_URL="$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/blob/$GITHUB_SHA" { echo "matches<> $GITHUB_OUTPUT # and display it - - uses: actions/github-script@v7 + - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 env: # We need to store the output in an environment variable and not use it directly in the createComment, # as it will likely not be a valid JS string (eg. if it contains a quote character) diff --git a/.github/workflows/go_mod_tidy.yml b/.github/workflows/go_mod_tidy.yml index 5944641ee0639..e48d806c9dce9 100644 --- a/.github/workflows/go_mod_tidy.yml +++ b/.github/workflows/go_mod_tidy.yml @@ -9,35 +9,37 @@ on: description: "PR number" required: true type: number -permissions: - contents: write + jobs: mod_tidy_and_generate_licenses: if: ${{ github.event_name == 'workflow_dispatch' || (github.event_name == 'pull_request' && github.actor == 'dependabot[bot]' && contains(github.event.pull_request.labels.*.name, 'dependencies-go')) }} runs-on: ubuntu-latest + permissions: + contents: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 with: ref: ${{ github.head_ref }} - name: Checkout PR # run only if triggered manually, otherwise we are already on the right branch and we won't have `pr_number` if: ${{ github.event_name == 'workflow_dispatch' }} - run: gh pr checkout ${{ github.event.inputs.pr_number }} + run: gh pr checkout "$PR_NUMBER" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + PR_NUMBER: ${{ github.event.inputs.pr_number }} - name: Install go - uses: actions/setup-go@v5 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version-file: ".go-version" - name: Install python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: - python-version: "3.9.12" + python-version: 3.11 cache: "pip" - name: Install python requirements.txt run: python3 -m pip install -r requirements.txt - name: Go mod tidy - run: inv -e tidy-all + run: inv -e tidy - name: Update LICENSE-3rdparty.csv if: ${{ github.event_name == 'workflow_dispatch' || !contains(github.event.pull_request.labels.*.name, 'dependencies-go-tools') }} run: | @@ -46,10 +48,12 @@ jobs: - name: Update mocks if: ${{ github.event_name == 'workflow_dispatch' || !contains(github.event.pull_request.labels.*.name, 'dependencies-go-tools') }} run: inv -e security-agent.gen-mocks # generate both security agent and process mocks - - uses: stefanzweifel/git-auto-commit-action@v5 + - uses: stefanzweifel/git-auto-commit-action@8621497c8c39c72f3e2a999a26b4ca1b5058a842 # v5.0.1 id: autocommit with: commit_message: Auto-generate go.sum and LICENSE-3rdparty.csv changes - name: changes + env: + CHANGES: ${{ steps.autocommit.outputs.changes_detected }} run: | - echo "Changes detected: ${{ steps.autocommit.outputs.changes_detected }}" + echo "Changes detected: $CHANGES" diff --git a/.github/workflows/gohai.yml b/.github/workflows/gohai.yml index 625dd51b434a9..851c2f9d0ccd1 100644 --- a/.github/workflows/gohai.yml +++ b/.github/workflows/gohai.yml @@ -7,11 +7,15 @@ on: - main - "[0-9]+.[0-9]+.x" paths: + - ".github/workflows/gohai.yml" - "pkg/gohai/**" pull_request: paths: + - ".github/workflows/gohai.yml" - "pkg/gohai/**" +permissions: {} + jobs: gohai_test: strategy: @@ -21,7 +25,7 @@ jobs: [ ubuntu-20.04, ubuntu-latest, - macos-11, + macos-13, macos-latest, windows-2019, windows-latest, @@ -30,8 +34,10 @@ jobs: go-file: [.go-version, pkg/gohai/go.mod] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v4 - - uses: actions/setup-go@v5 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + with: + persist-credentials: false + - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version-file: ${{ matrix.go-file }} - name: Test diff --git a/.github/workflows/label-analysis.yml b/.github/workflows/label-analysis.yml index 7d97b83595f71..ec53d5a695fed 100644 --- a/.github/workflows/label-analysis.yml +++ b/.github/workflows/label-analysis.yml @@ -13,17 +13,53 @@ env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} GH_REPO: ${{ github.repository }} +permissions: {} + jobs: assign-team-label: if: github.triggering_actor != 'dd-devflow[bot]' runs-on: ubuntu-latest + permissions: + pull-requests: write steps: - name: Checkout repository - uses: actions/checkout@v4 - - name: Install Python dependencies - run: pip install -r tasks/requirements.txt + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + with: + persist-credentials: false + - name: Setup python + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 + with: + python-version: 3.11 + cache: 'pip' + cache-dependency-path: '**/requirements*.txt' + - name: Install dependencies + run: pip install -r requirements.txt -r tasks/requirements.txt - name: Auto assign team label - run: inv -e github.assign-team-label --pr-id='${{ github.event.pull_request.number }}' + env: + PR_ID: ${{ github.event.pull_request.number }} + run: inv -e github.assign-team-label --pr-id="$PR_ID" + release-note-check: + if: github.triggering_actor != 'dd-devflow[bot]' + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + with: + fetch-depth: 0 + persist-credentials: false + - name: Setup python + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 + with: + python-version: 3.11 + cache: 'pip' + cache-dependency-path: '**/requirements*.txt' + - name: Install dependencies + run: pip install -r requirements.txt -r tasks/requirements.txt + - name: Check release note + env: + BRANCH_NAME: ${{ github.head_ref }} + PR_ID: ${{ github.event.pull_request.number }} + run: inv -e linter.releasenote fetch-labels: needs: assign-team-label if: github.triggering_actor != 'dd-devflow[bot]' @@ -32,12 +68,15 @@ jobs: LABELS: ${{ steps.pr-labels.outputs.LABELS }} steps: - name: Get PR labels + env: + PR_NUMBER: ${{ github.event.pull_request.number }} + EVENT_NUMBER: ${{ github.event.number }} id: pr-labels run: | - labels="$(gh pr view '${{ github.event.pull_request.number }}' --json labels --jq '[.labels[].name] | (join(" "))')" - echo "Fetched labels for PR ${{github.event.number}}: $labels" + labels="$(gh pr view "$PR_NUMBER" --json labels --jq '[.labels[].name] | (join(" "))')" + echo "Fetched labels for PR $EVENT_NUMBER: $labels" echo "LABELS=$labels" >> "$GITHUB_OUTPUT" - team-label: + team-label-check: needs: fetch-labels if: github.triggering_actor != 'dd-devflow[bot]' runs-on: ubuntu-latest @@ -58,27 +97,44 @@ jobs: exit 1 env: LABELS: ${{ needs.fetch-labels.outputs.LABELS}} - skip-qa: + skip-qa-check: needs: fetch-labels if: github.triggering_actor != 'dd-devflow[bot]' runs-on: ubuntu-latest steps: + - name: Checkout repository + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + with: + persist-credentials: false + - name: Setup Python3 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 + with: + python-version: "3.12.6" + cache: "pip" + cache-dependency-path: '**/requirements*.txt' + - name: Install python dependencies + run: pip3 install -r requirements.txt - name: Check qa/[done|no-code-change] labels are not set together - run: | - is_qa_done=1 - is_qa_no_code_change=1 - for label in $LABELS; do - if [[ "$label" == "qa/done" ]]; then - is_qa_done=0 - fi - if [[ "$label" == "qa/no-code-change" ]]; then - is_qa_no_code_change=0 - fi - done - if [ $is_qa_done -eq 0 ] && [ $is_qa_no_code_change -eq 0 ]; then - echo "Both 'qa/done' and 'qa/no-code-change' labels are set -- only one of them should be set" - exit 1 - fi - echo "No issue with 'qa/done' and 'qa/no-code-change' labels" env: LABELS: ${{ needs.fetch-labels.outputs.LABELS}} + run: | + inv -e github.check-qa-labels --labels "${LABELS[@]}" + + agenttelemetry-list-change-ack-check: + if: github.triggering_actor != 'dd-devflow[bot]' + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + with: + ref: ${{ github.head_ref }} + - name: Setup python + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 + with: + python-version: 3.11 + cache: 'pip' + cache-dependency-path: '**/requirements*.txt' + - name: Install dependencies + run: pip install -r requirements.txt -r tasks/requirements.txt + - name: Check agent telemetry metric list + run: inv -e github.agenttelemetry-list-change-ack-check --pr-id=${{ github.event.pull_request.number }} diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml index 24eb9ebd2aba0..b92075b895975 100644 --- a/.github/workflows/labeler.yml +++ b/.github/workflows/labeler.yml @@ -6,6 +6,8 @@ on: - main - "[0-9]+.[0-9]+.x" +permissions: {} + jobs: label: permissions: @@ -13,9 +15,8 @@ jobs: pull-requests: write runs-on: ubuntu-latest steps: - - uses: actions/labeler@v4 + - uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5.0.0 with: repo-token: "${{ secrets.GITHUB_TOKEN }}" - configuration-path: .github/labeler.yml # currently doesn't work sync-labels: true diff --git a/.github/workflows/markdown-lint-check.yml b/.github/workflows/markdown-lint-check.yml index 1478a8960cfe3..5f440614390ae 100644 --- a/.github/workflows/markdown-lint-check.yml +++ b/.github/workflows/markdown-lint-check.yml @@ -3,12 +3,16 @@ name: Check Markdown links on: pull_request: +permissions: {} + jobs: markdown-link-check: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: gaurav-nelson/github-action-markdown-link-check@v1 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + with: + persist-credentials: false + - uses: gaurav-nelson/github-action-markdown-link-check@d53a906aa6b22b8979d33bc86170567e619495ec # v1.0.15 with: use-quiet-mode: yes config-file: .markdown-link-check diff --git a/.github/workflows/serverless-benchmarks.yml b/.github/workflows/serverless-benchmarks.yml index 0884854f91194..8ad83b34d36d1 100644 --- a/.github/workflows/serverless-benchmarks.yml +++ b/.github/workflows/serverless-benchmarks.yml @@ -14,6 +14,8 @@ concurrency: group: ${{ github.workflow }}/PR#${{ github.event.pull_request.number }} cancel-in-progress: true +permissions: {} + jobs: baseline: name: Baseline @@ -22,12 +24,13 @@ jobs: sha: ${{ steps.prepare.outputs.sha }} steps: - name: Checkout ${{ github.base_ref }} - uses: actions/checkout@v4 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 with: ref: ${{ github.base_ref }} + persist-credentials: false - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version: stable @@ -38,12 +41,14 @@ jobs: go get ./... - name: Run benchmark + env: + TEMP_RUNNER: ${{runner.temp}} run: | go test -tags=test -run='^$' -bench=StartEndInvocation -count=10 -benchtime=500ms -timeout=60m \ - ./pkg/serverless/... | tee ${{runner.temp}}/benchmark.log + ./pkg/serverless/... | tee "$TEMP_RUNNER"/benchmark.log - name: Upload result artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: baseline.log path: ${{runner.temp}}/benchmark.log @@ -58,12 +63,13 @@ jobs: steps: - name: Checkout ${{ github.ref }} - uses: actions/checkout@v4 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 with: ref: ${{ github.sha }} + persist-credentials: false - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version: stable @@ -74,12 +80,14 @@ jobs: go get ./... - name: Run benchmark + env: + TEMP_RUNNER: ${{runner.temp}} run: | go test -tags=test -run='^$' -bench=StartEndInvocation -count=10 -benchtime=500ms -timeout=60m \ - ./pkg/serverless/... | tee ${{runner.temp}}/benchmark.log + ./pkg/serverless/... | tee "$TEMP_RUNNER"/benchmark.log - name: Upload result artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: current.log path: ${{runner.temp}}/benchmark.log @@ -89,10 +97,12 @@ jobs: name: Summary runs-on: ubuntu-latest needs: [baseline, current] + permissions: + pull-requests: write steps: - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version: stable cache: false @@ -102,12 +112,12 @@ jobs: go install golang.org/x/perf/cmd/benchstat@latest - name: Download baseline artifact - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: baseline.log path: baseline - name: Download current artifact - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: current.log path: current @@ -121,8 +131,9 @@ jobs: echo "EOF" >> $GITHUB_OUTPUT - name: Post comment - uses: marocchino/sticky-pull-request-comment@v2.9.0 + uses: marocchino/sticky-pull-request-comment@331f8f5b4215f0445d3c07b4967662a32a2d3e31 # v2.9.0 with: + header: serverless-benchmarks recreate: true message: | ## Serverless Benchmark Results @@ -132,6 +143,8 @@ jobs:
tl;dr + Use these benchmarks as an insight tool during development. + 1. Skim down the `vs base` column in each chart. If there is a `~`, then there was no statistically significant change to the benchmark. Otherwise, ensure the estimated percent change is either negative or very small. 2. The last row of each chart is the `geomean`. Ensure this percentage is either negative or very small. @@ -164,7 +177,16 @@ jobs:
-
+
+ I need more help + + First off, do not worry if the benchmarks are failing. They are not tests. The intention is for them to be a tool for you to use during development. + + If you would like a hand interpreting the results come chat with us in `#serverless-agent` in the internal DataDog slack or in `#serverless` in the [public DataDog slack](https://chat.datadoghq.com/). We're happy to help! + +
+ +
Benchmark stats ``` diff --git a/.github/workflows/serverless-binary-size.yml b/.github/workflows/serverless-binary-size.yml index e986f76826d55..7be692d81d51a 100644 --- a/.github/workflows/serverless-binary-size.yml +++ b/.github/workflows/serverless-binary-size.yml @@ -2,36 +2,48 @@ name: "Serverless Binary Size" on: pull_request: - push: - branches: - - mq-working-branch-* + paths: + - 'cmd/serverless/**' + - 'cmd/serverless-init/**' + - 'pkg/serverless/**' env: SIZE_ALLOWANCE: fromJSON(1000000) # 1 MB +permissions: {} + jobs: comment: runs-on: ubuntu-latest + permissions: + pull-requests: write # Add comment to PR steps: - name: Checkout datadog-agent repository - uses: actions/checkout@v4 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 with: path: go/src/github.com/DataDog/datadog-agent + persist-credentials: false - name: Checkout datadog-agent base branch run: | - cd go/src/github.com/DataDog/datadog-agent - git fetch origin $GITHUB_BASE_REF --depth 1 - git checkout $GITHUB_BASE_REF + # on pull request, use the merge-base + # on merge queue, just use the latest main + if [ -n "$GITHUB_HEAD_REF" ]; then + cd go/src/github.com/DataDog/datadog-agent + git fetch origin $GITHUB_HEAD_REF $GITHUB_BASE_REF + TARGET=$(git merge-base origin/$GITHUB_HEAD_REF origin/$GITHUB_BASE_REF) + git checkout $TARGET + fi - name: Checkout the datadog-lambda-extension repository - uses: actions/checkout@v4 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 with: repository: DataDog/datadog-lambda-extension path: go/src/github.com/DataDog/datadog-lambda-extension + persist-credentials: false - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 - name: Previous binary size and dependencies id: previous @@ -66,76 +78,102 @@ jobs: echo "EOF" >> $GITHUB_OUTPUT - name: Compare sizes + env: + PREVIOUS_SIZE: ${{ steps.previous.outputs.result }} + CURRENT_SIZE: ${{ steps.current.outputs.result }} id: compare run: | - OUTPUT=$(( ${{ steps.current.outputs.result }} - ${{ steps.previous.outputs.result }} )) + OUTPUT=$(( $CURRENT_SIZE - $PREVIOUS_SIZE )) + echo "binary size changed by $OUTPUT bytes" echo "diff=$OUTPUT" >> $GITHUB_OUTPUT OUTPUT=$(( $OUTPUT / 100000 )) + echo "cold start time changed by $OUTPUT ms" echo "coldstart=$OUTPUT" >> $GITHUB_OUTPUT - ### Steps below only run if size diff > SIZE_ALLOWANCE ### + - name: Should post comment + env: + GIT_DIFF: ${{ steps.compare.outputs.diff }} + id: should + run: | + cd go/src/github.com/DataDog/datadog-agent + git fetch origin $GITHUB_BASE_REF + git fetch origin $GITHUB_HEAD_REF + if test $( + git diff origin/$GITHUB_BASE_REF...origin/$GITHUB_HEAD_REF --name-only | grep dependencies_linux_amd64.txt + ); then + echo "should_run=true" >> $GITHUB_OUTPUT + echo "dependencies list changed" + elif [[ $GIT_DIFF > env.SIZE_ALLOWANCE ]]; then + echo "should_run=true" >> $GITHUB_OUTPUT + echo "binary size changed" + else + echo "should_run=false" >> $GITHUB_OUTPUT + echo "nothing changed" + fi + + ### Steps below run if size diff > SIZE_ALLOWANCE or file dependencies_linux_amd64.txt changed ### - name: Install graphviz - uses: ts-graphviz/setup-graphviz@v1 - if: steps.compare.outputs.diff > env.SIZE_ALLOWANCE + uses: ts-graphviz/setup-graphviz@b1de5da23ed0a6d14e0aeee8ed52fdd87af2363c # v2.0.2 + if: steps.should.outputs.should_run == 'true' - name: Install digraph - if: steps.compare.outputs.diff > env.SIZE_ALLOWANCE + if: steps.should.outputs.should_run == 'true' run: | GOPATH=$(pwd)/go go install golang.org/x/tools/cmd/digraph@latest - name: List new dependencies + env: + PREVIOUS_DEPS: ${{ steps.previous.outputs.deps }} + CURRENT_DEPS: ${{ steps.current.outputs.deps }} id: deps - if: steps.compare.outputs.diff > env.SIZE_ALLOWANCE + if: steps.should.outputs.should_run == 'true' run: | echo "deps<> $GITHUB_OUTPUT - for dep in $(echo "${{ steps.current.outputs.deps }}"); do - if ! echo "${{ steps.previous.outputs.deps }}" | grep -w -q "$dep"; then + for dep in $(echo "$CURRENT_DEPS"); do + if ! echo "$PREVIOUS_DEPS" | grep -w -q "$dep"; then echo "$dep" >> $GITHUB_OUTPUT fi done echo "EOF" >> $GITHUB_OUTPUT - name: Create dependency graphs - if: steps.compare.outputs.diff > env.SIZE_ALLOWANCE + env: + DEPS: ${{ steps.deps.outputs.deps }} + if: steps.should.outputs.should_run == 'true' run: | export PATH=$(pwd)/go/bin:$PATH cd go/src/github.com/DataDog/datadog-lambda-extension mkdir graphs - for dep in $(echo "${{ steps.deps.outputs.deps }}"); do + for dep in $(echo "$DEPS"); do PACKAGE=$dep ./scripts/visualize_size.sh graph mv .layers/output.svg graphs/$(echo $dep | tr '/' '-').svg done - name: Archive dependency graphs - uses: actions/upload-artifact@v4 - if: steps.compare.outputs.diff > env.SIZE_ALLOWANCE + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + if: steps.should.outputs.should_run == 'true' with: name: dependency-graphs path: go/src/github.com/DataDog/datadog-lambda-extension/graphs + - name: Write message + id: write + if: steps.should.outputs.should_run == 'true' + env: + VAR_COLD_START: ${{ steps.compare.outputs.coldstart }} + VAR_DIFF: ${{ steps.compare.outputs.diff }} + VAR_DEPS: ${{ steps.deps.outputs.deps }} + VAR_RUN_ID: ${{ github.run_id }} + run: | + cd go/src/github.com/DataDog/datadog-agent + ./test/integration/serverless_perf/write_message.sh + - name: Post comment - uses: marocchino/sticky-pull-request-comment@v2.5.0 - if: steps.compare.outputs.diff > env.SIZE_ALLOWANCE + uses: marocchino/sticky-pull-request-comment@331f8f5b4215f0445d3c07b4967662a32a2d3e31 # v2.9.0 + if: steps.should.outputs.should_run == 'true' with: - hide_and_recreate: true - hide_classify: "RESOLVED" - message: | - :warning::rotating_light: Warning, this pull request increases the binary size of serverless extension by ${{ steps.compare.outputs.diff }} bytes. Each MB of binary size increase means about 10ms of additional cold start time, so this pull request would increase cold start time by ${{ steps.compare.outputs.coldstart }}ms. - - If you have questions, we are happy to help, come visit us in the [#serverless](https://dd.slack.com/archives/CBWDFKWV8) slack channel and provide a link to this comment. - -
- Debug info - - These dependencies were added to the serverless extension by this pull request: - - ``` - ${{ steps.deps.outputs.deps }} - ``` - - View dependency graphs for each added dependency in the [artifacts section](https://github.com/DataDog/datadog-agent/actions/runs/${{ github.run_id }}#artifacts) of the github action. - - We suggest you consider adding the `!serverless` build tag to remove any new dependencies not needed in the serverless extension. -
+ header: serverless-binary-size + recreate: true + path: ${{ steps.write.outputs.filename }} diff --git a/.github/workflows/serverless-integration.yml b/.github/workflows/serverless-integration.yml index 1dafa5ad11749..ace5e88fbda98 100644 --- a/.github/workflows/serverless-integration.yml +++ b/.github/workflows/serverless-integration.yml @@ -9,9 +9,12 @@ on: - 'pkg/serverless/**' - 'test/integration/serverless/**' - '.github/workflows/serverless-integration.yml' + - 'go.mod' schedule: - cron: '0 14 * * *' # cron schedule uses UTC timezone. Run tests at the beginning of the day in US-East +permissions: {} + jobs: test: runs-on: ubuntu-latest @@ -19,16 +22,17 @@ jobs: fail-fast: false matrix: architecture: [amd64, arm64] - suite: [metric, appsec, proxy] + suite: [metric, log, trace, appsec, proxy] name: ${{ matrix.suite }} on ${{ matrix.architecture }} steps: - name: Checkout datadog-agent repository - uses: actions/checkout@v4 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 with: path: go/src/github.com/DataDog/datadog-agent + persist-credentials: false - name: Set up Node 20 - uses: actions/setup-node@v4 + uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: node-version: 20 @@ -36,20 +40,21 @@ jobs: run: sudo yarn global add serverless@^3.36.0 --prefix /usr/local - name: Checkout the datadog-lambda-extension repository - uses: actions/checkout@v4 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 with: repository: DataDog/datadog-lambda-extension path: go/src/github.com/DataDog/datadog-lambda-extension + persist-credentials: false - name: Set up QEMU id: qemu - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 with: image: tonistiigi/binfmt:latest platforms: amd64,arm64 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 - name: Create raw logs directory id: rawlogs @@ -59,12 +64,13 @@ jobs: - name: Run tests if AWS credentials are available id: test - uses: nick-fields/retry@v2 + uses: nick-fields/retry@7152eba30c6575329ac0576536151aca5a72780e # v3.0.0 env: AWS_ACCESS_KEY_ID: ${{ secrets.SERVERLESS_AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.SERVERLESS_AWS_SECRET_ACCESS_KEY }} + GOWORK: off with: - timeout_minutes: 45 + timeout_minutes: 120 max_attempts: 2 command: | RAWLOGS_DIR="${{ steps.rawlogs.outputs.dir }}/${{ matrix.architecture }}" @@ -74,7 +80,7 @@ jobs: - name: Archive raw logs if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: rawlogs-${{ matrix.suite }}-${{ matrix.architecture }} path: ${{ steps.rawlogs.outputs.dir }}