From c4ecca4662bb982e016f5f68bfd8f0035436ab0e Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Tue, 2 Sep 2025 15:43:04 +0200 Subject: [PATCH 1/4] updatecli: automate EDOT SDK k8s auto-instrumentation images to their latest versions --- .ci/updatecli/README.md | 79 +++++++++++++ .ci/updatecli/updatecli-bump-edot.yml | 157 +++++++++++++++++++++++++ .github/workflows/bump-edot-images.yml | 36 ++++++ 3 files changed, 272 insertions(+) create mode 100644 .ci/updatecli/README.md create mode 100644 .ci/updatecli/updatecli-bump-edot.yml create mode 100644 .github/workflows/bump-edot-images.yml diff --git a/.ci/updatecli/README.md b/.ci/updatecli/README.md new file mode 100644 index 00000000000..3d6f99b131f --- /dev/null +++ b/.ci/updatecli/README.md @@ -0,0 +1,79 @@ +# Overview + +This is how we manage adhoc dependency updates using `updatecli`. + +## EDOT SDK Dependencies Update Automation + +This directory contains updatecli configuration to automatically update EDOT SDK docker image versions in the elastic-agent repository. + +### Overview + +The automation tracks latest releases from the following repositories and updates corresponding docker image references in elastic-agent: + +- **elastic/elastic-otel-dotnet** → `docker.elastic.co/observability/elastic-otel-dotnet` +- **elastic/elastic-otel-java** → `docker.elastic.co/observability/elastic-otel-javaagent` +- **elastic/elastic-otel-node** → `docker.elastic.co/observability/elastic-otel-node` +- **elastic/elastic-otel-python** → `docker.elastic.co/observability/elastic-otel-python` +- **open-telemetry/opentelemetry-go-instrumentation** → `ghcr.io/open-telemetry/opentelemetry-go-instrumentation/autoinstrumentation-go` + +### Files Updated + +The automation updates these files in the elastic-agent repository: +- `deploy/helm/edot-collector/kube-stack/managed_otlp/values.yaml` +- `deploy/helm/edot-collector/kube-stack/values.yaml` + +Specifically, it updates the `instrumentation` section with the latest versions: + +```yaml +instrumentation: + java: + image: docker.elastic.co/observability/elastic-otel-javaagent:X.Y.Z + nodejs: + image: docker.elastic.co/observability/elastic-otel-node:X.Y.Z + dotnet: + image: docker.elastic.co/observability/elastic-otel-dotnet:X.Y.Z + python: + image: docker.elastic.co/observability/elastic-otel-python:X.Y.Z + go: + image: ghcr.io/open-telemetry/opentelemetry-go-instrumentation/autoinstrumentation-go:vX.Y.Z +``` + +### Configuration Files + +- **`bump-edot-images.yml`**: Main updatecli configuration that defines sources and targets +- **`values.d/scm.yml`**: Contains SCM configuration values for GitHub authentication + +### GitHub Workflow + +The automation runs via GitHub workflow `.github/workflows/bump-edot-images.yml` which: +- Runs Monday to Friday at 3 PM UTC +- Can be triggered manually via workflow_dispatch +- Uses the OBS_AUTOMATION_APP credentials for creating PRs +- Creates pull requests with `dependencies`, `skip-changelog`, and backport labels. + +### Example Output + +When new versions are detected, the automation will create a pull request similar to [elastic-agent#7327](https://github.com/elastic/elastic-agent/pull/7327) that was manually created previously. + +### Version Handling + +The configuration handles different version formatting: +- Some repositories use `v` prefix in their tags (like `v1.2.0`) +- The automation strips the `v` prefix where needed to match the expected docker tag format +- Go instrumentation keeps the `v` prefix as that's the expected format + +### Manual Testing + +To test the configuration locally: + +```bash +export GITHUB_TOKEN=$(gh auth token) +export GITHUB_ACTOR=v1v +updatecli diff \ + --config .ci/updatecli/bump-edot-images.yml \ + --values .ci/updatecli/values.d/scm.yml +# Apply changes (requires write access to elastic-agent repo) +updatecli apply \ + --config .ci/updatecli/bump-edot-images.yml \ + --values .ci/updatecli/values.d/scm.yml +``` diff --git a/.ci/updatecli/updatecli-bump-edot.yml b/.ci/updatecli/updatecli-bump-edot.yml new file mode 100644 index 00000000000..abdb7f00bc9 --- /dev/null +++ b/.ci/updatecli/updatecli-bump-edot.yml @@ -0,0 +1,157 @@ +--- +name: Bump golang-version to latest version + +scms: + elastic-agent: + kind: github + spec: + user: '{{ requiredEnv "GITHUB_ACTOR" }}' + username: '{{ requiredEnv "GITHUB_ACTOR" }}' + owner: '{{ .scm.owner }}' + repository: '{{ .scm.repository }}' + token: '{{ requiredEnv "GITHUB_TOKEN" }}' + commitusingapi: true + branch: '{{ .scm.branch }}' + force: false + +actions: + elastic-agent: + kind: github/pullrequest + scmid: elastic-agent + spec: + automerge: false + labels: + - backport-active-8 + - backport-active-9 + - dependencies + - skip-changelog + - Team:Elastic-Agent-Control-Plane + title: '[otel/kube-stack] Update EDOT SDK k8s auto-instrumentation images to their latest versions' + description: | + Update the versions of the EDOT language SDK images being used with the OTel Operator. + +sources: + elastic-otel-dotnet: + name: "Get latest Elastic OTEL .NET release" + kind: githubrelease + spec: + owner: "elastic" + repository: "elastic-otel-dotnet" + token: '{{ requiredEnv "GITHUB_TOKEN" }}' + username: '{{ requiredEnv "GITHUB_ACTOR" }}' + versionfilter: + kind: semver + + elastic-otel-java: + name: "Get latest Elastic OTEL Java release" + kind: githubrelease + spec: + owner: "elastic" + repository: "elastic-otel-java" + token: '{{ requiredEnv "GITHUB_TOKEN" }}' + username: '{{ requiredEnv "GITHUB_ACTOR" }}' + versionfilter: + kind: semver + + elastic-otel-node: + name: "Get latest Elastic OTEL Node.js release" + kind: githubrelease + spec: + owner: "elastic" + repository: "elastic-otel-node" + token: '{{ requiredEnv "GITHUB_TOKEN" }}' + username: '{{ requiredEnv "GITHUB_ACTOR" }}' + versionfilter: + kind: semver + + elastic-otel-python: + name: "Get latest Elastic OTEL Python release" + kind: githubrelease + spec: + owner: "elastic" + repository: "elastic-otel-python" + token: '{{ requiredEnv "GITHUB_TOKEN" }}' + username: '{{ requiredEnv "GITHUB_ACTOR" }}' + versionfilter: + kind: semver + + otel-go-instrumentation: + name: "Get latest OpenTelemetry Go Instrumentation release" + kind: githubrelease + spec: + owner: "open-telemetry" + repository: "opentelemetry-go-instrumentation" + token: '{{ requiredEnv "GITHUB_TOKEN" }}' + username: '{{ requiredEnv "GITHUB_ACTOR" }}' + versionfilter: + kind: semver + +targets: + update-dotnet-managed-otlp: + name: "Update Elastic OTEL .NET image in values.yaml" + kind: yaml + scmid: elastic-agent + sourceid: elastic-otel-dotnet + spec: + files: + - "deploy/helm/edot-collector/kube-stack/managed_otlp/values.yaml" + - "deploy/helm/edot-collector/kube-stack/values.yaml" + key: "instrumentation.dotnet.image" + transformers: + - addprefix: "docker.elastic.co/observability/elastic-otel-dotnet:" + + # Update Java image in managed_otlp/values.yaml + update-java-managed-otlp: + name: "Update Elastic OTEL Java image in values.yaml" + kind: yaml + scmid: elastic-agent + sourceid: elastic-otel-java + spec: + files: + - "deploy/helm/edot-collector/kube-stack/managed_otlp/values.yaml" + - "deploy/helm/edot-collector/kube-stack/values.yaml" + key: "instrumentation.java.image" + transformers: + - trimprefix: "v" + - addprefix: "docker.elastic.co/observability/elastic-otel-javaagent:" + + update-nodejs-managed-otlp: + name: "Update Elastic OTEL Node.js image in values.yaml" + kind: yaml + scmid: elastic-agent + sourceid: elastic-otel-node + spec: + files: + - "deploy/helm/edot-collector/kube-stack/managed_otlp/values.yaml" + - "deploy/helm/edot-collector/kube-stack/values.yaml" + key: "instrumentation.nodejs.image" + transformers: + - trimprefix: "v" + - addprefix: "docker.elastic.co/observability/elastic-otel-node:" + + update-python-managed-otlp: + name: "Update Elastic OTEL Python image in managed_otlp/values.yaml" + kind: yaml + scmid: elastic-agent + sourceid: elastic-otel-python + spec: + files: + - "deploy/helm/edot-collector/kube-stack/managed_otlp/values.yaml" + - "deploy/helm/edot-collector/kube-stack/values.yaml" + key: "instrumentation.python.image" + transformers: + - trimprefix: "v" + - addprefix: "docker.elastic.co/observability/elastic-otel-python:" + + update-go-main: + name: "Update OpenTelemetry Go Instrumentation image in values.yaml" + kind: yaml + scmid: elastic-agent + sourceid: otel-go-instrumentation + spec: + files: + - "deploy/helm/edot-collector/kube-stack/managed_otlp/values.yaml" + - "deploy/helm/edot-collector/kube-stack/values.yaml" + key: "instrumentation.go.image" + transformers: + - addprefix: "ghcr.io/open-telemetry/opentelemetry-go-instrumentation/autoinstrumentation-go:" \ No newline at end of file diff --git a/.github/workflows/bump-edot-images.yml b/.github/workflows/bump-edot-images.yml new file mode 100644 index 00000000000..01020ce8616 --- /dev/null +++ b/.github/workflows/bump-edot-images.yml @@ -0,0 +1,36 @@ +--- +name: bump-edot-images + +on: + workflow_dispatch: + schedule: + - cron: "0 20 * * 1-6" + +permissions: + contents: read + +env: + JOB_URL: "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" + +jobs: + bump: + permissions: + contents: write + pull-requests: write + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v5 + + - uses: elastic/oblt-actions/updatecli/run@v1 + with: + command: apply --config .ci/updatecli/updatecli-bump-edot.yml --values .ci/updatecli/values.d/scm.yml + version-file: .updatecli-version + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - if: ${{ failure() }} + uses: elastic/oblt-actions/slack/send@v1 + with: + bot-token: ${{ secrets.SLACK_BOT_TOKEN }} + channel-id: "#ingest-notifications" + message: ":traffic_cone: updatecli failed for `${{ github.repository }}@${{ github.ref_name }}`, `@agent-team` please look what's going on <${{ env.JOB_URL }}|here>" From 808cf838c5a7cd4b99faa601c635757bd53d2eb3 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Tue, 2 Sep 2025 15:45:22 +0200 Subject: [PATCH 2/4] fix: WARNING: current yaml key is "instrumentation.nodejs.image" and should be updated to "$.instrumentation.nodejs.image" --- .ci/updatecli/updatecli-bump-edot.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.ci/updatecli/updatecli-bump-edot.yml b/.ci/updatecli/updatecli-bump-edot.yml index abdb7f00bc9..7cee0db8899 100644 --- a/.ci/updatecli/updatecli-bump-edot.yml +++ b/.ci/updatecli/updatecli-bump-edot.yml @@ -96,7 +96,7 @@ targets: files: - "deploy/helm/edot-collector/kube-stack/managed_otlp/values.yaml" - "deploy/helm/edot-collector/kube-stack/values.yaml" - key: "instrumentation.dotnet.image" + key: "$.instrumentation.dotnet.image" transformers: - addprefix: "docker.elastic.co/observability/elastic-otel-dotnet:" @@ -110,7 +110,7 @@ targets: files: - "deploy/helm/edot-collector/kube-stack/managed_otlp/values.yaml" - "deploy/helm/edot-collector/kube-stack/values.yaml" - key: "instrumentation.java.image" + key: "$.instrumentation.java.image" transformers: - trimprefix: "v" - addprefix: "docker.elastic.co/observability/elastic-otel-javaagent:" @@ -124,7 +124,7 @@ targets: files: - "deploy/helm/edot-collector/kube-stack/managed_otlp/values.yaml" - "deploy/helm/edot-collector/kube-stack/values.yaml" - key: "instrumentation.nodejs.image" + key: "$.instrumentation.nodejs.image" transformers: - trimprefix: "v" - addprefix: "docker.elastic.co/observability/elastic-otel-node:" @@ -138,7 +138,7 @@ targets: files: - "deploy/helm/edot-collector/kube-stack/managed_otlp/values.yaml" - "deploy/helm/edot-collector/kube-stack/values.yaml" - key: "instrumentation.python.image" + key: "$.instrumentation.python.image" transformers: - trimprefix: "v" - addprefix: "docker.elastic.co/observability/elastic-otel-python:" @@ -152,6 +152,6 @@ targets: files: - "deploy/helm/edot-collector/kube-stack/managed_otlp/values.yaml" - "deploy/helm/edot-collector/kube-stack/values.yaml" - key: "instrumentation.go.image" + key: "$.instrumentation.go.image" transformers: - addprefix: "ghcr.io/open-telemetry/opentelemetry-go-instrumentation/autoinstrumentation-go:" \ No newline at end of file From 946a7cb09c35050465996b43eaf070c6d5603aed Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Tue, 2 Sep 2025 15:58:45 +0200 Subject: [PATCH 3/4] update --- .ci/updatecli/updatecli-bump-edot.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ci/updatecli/updatecli-bump-edot.yml b/.ci/updatecli/updatecli-bump-edot.yml index 7cee0db8899..535abc98535 100644 --- a/.ci/updatecli/updatecli-bump-edot.yml +++ b/.ci/updatecli/updatecli-bump-edot.yml @@ -1,5 +1,5 @@ --- -name: Bump golang-version to latest version +name: Bump EDOT SDKs to latest versions scms: elastic-agent: From 6b4ae3eb74aed421a44315d2cbbd3ce053a831c8 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Thu, 4 Sep 2025 12:55:30 +0200 Subject: [PATCH 4/4] change comments --- .../kube-stack/managed_otlp/values.yaml | 21 ++++++++++----- .../edot-collector/kube-stack/values.yaml | 27 ++++++++++++------- 2 files changed, 32 insertions(+), 16 deletions(-) diff --git a/deploy/helm/edot-collector/kube-stack/managed_otlp/values.yaml b/deploy/helm/edot-collector/kube-stack/managed_otlp/values.yaml index e9edc695de8..d40c4e0192c 100644 --- a/deploy/helm/edot-collector/kube-stack/managed_otlp/values.yaml +++ b/deploy/helm/edot-collector/kube-stack/managed_otlp/values.yaml @@ -50,7 +50,8 @@ collectors: processors: # [Resource Detection Processor](https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/processor/resourcedetectionprocessor) resourcedetection/eks: - detectors: [env, eks] # Detects resources from environment variables and EKS (Elastic Kubernetes Service). + # Detects resources from environment variables and EKS (Elastic Kubernetes Service). + detectors: [env, eks] timeout: 15s override: true eks: @@ -58,11 +59,13 @@ collectors: k8s.cluster.name: enabled: true resourcedetection/gcp: - detectors: [env, gcp] # Detects resources from environment variables and GCP (Google Cloud Platform). + # Detects resources from environment variables and GCP (Google Cloud Platform). + detectors: [env, gcp] timeout: 2s override: true resourcedetection/aks: - detectors: [env, aks] # Detects resources from environment variables and AKS (Azure Kubernetes Service). + # Detects resources from environment variables and AKS (Azure Kubernetes Service). + detectors: [env, aks] timeout: 2s override: true aks: @@ -219,7 +222,8 @@ collectors: timeout: 1s # [Resource Detection Processor](https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/processor/resourcedetectionprocessor) resourcedetection/eks: - detectors: [env, eks] # Detects resources from environment variables and EKS (Elastic Kubernetes Service). + # Detects resources from environment variables and EKS (Elastic Kubernetes Service). + detectors: [env, eks] timeout: 15s override: true eks: @@ -227,11 +231,13 @@ collectors: k8s.cluster.name: enabled: true resourcedetection/gcp: - detectors: [env, gcp] # Detects resources from environment variables and GCP (Google Cloud Platform). + # Detects resources from environment variables and GCP (Google Cloud Platform). + detectors: [env, gcp] timeout: 2s override: true resourcedetection/aks: - detectors: [env, aks] # Detects resources from environment variables and AKS (Azure Kubernetes Service). + # Detects resources from environment variables and AKS (Azure Kubernetes Service). + detectors: [env, aks] timeout: 2s override: true aks: @@ -244,7 +250,8 @@ collectors: from_attribute: k8s.node.name action: upsert resourcedetection/system: - detectors: ["system", "ec2"] # Detects resources from the system and EC2 instances. + # Detects resources from the system and EC2 instances. + detectors: ["system", "ec2"] system: hostname_sources: ["os"] resource_attributes: diff --git a/deploy/helm/edot-collector/kube-stack/values.yaml b/deploy/helm/edot-collector/kube-stack/values.yaml index fec4d4a185b..2032a9a77a7 100644 --- a/deploy/helm/edot-collector/kube-stack/values.yaml +++ b/deploy/helm/edot-collector/kube-stack/values.yaml @@ -50,7 +50,8 @@ collectors: processors: # [Resource Detection Processor](https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/processor/resourcedetectionprocessor) resourcedetection/eks: - detectors: [env, eks] # Detects resources from environment variables and EKS (Elastic Kubernetes Service). + # Detects resources from environment variables and EKS (Elastic Kubernetes Service). + detectors: [env, eks] timeout: 15s override: true eks: @@ -58,11 +59,13 @@ collectors: k8s.cluster.name: enabled: true resourcedetection/gcp: - detectors: [env, gcp] # Detects resources from environment variables and GCP (Google Cloud Platform). + # Detects resources from environment variables and GCP (Google Cloud Platform). + detectors: [env, gcp] timeout: 2s override: true resourcedetection/aks: - detectors: [env, aks] # Detects resources from environment variables and AKS (Azure Kubernetes Service). + # Detects resources from environment variables and AKS (Azure Kubernetes Service). + detectors: [env, aks] timeout: 2s override: true aks: @@ -191,14 +194,16 @@ collectors: insecure: true processors: # [Batch Processor](https://github.com/open-telemetry/opentelemetry-collector/tree/main/processor/batchprocessor) - batch: {} # inherit any values from helm chart + # inherit any values from helm chart + batch: {} batch/metrics: # explicitly set send_batch_max_size to 0, as splitting metrics requests may cause version_conflict_engine_exception in TSDB send_batch_max_size: 0 timeout: 1s # [Resource Detection Processor](https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/processor/resourcedetectionprocessor) resourcedetection/eks: - detectors: [env, eks] # Detects resources from environment variables and EKS (Elastic Kubernetes Service). + # Detects resources from environment variables and EKS (Elastic Kubernetes Service). + detectors: [env, eks] timeout: 15s override: true eks: @@ -206,11 +211,13 @@ collectors: k8s.cluster.name: enabled: true resourcedetection/gcp: - detectors: [env, gcp] # Detects resources from environment variables and GCP (Google Cloud Platform). + # Detects resources from environment variables and GCP (Google Cloud Platform). + detectors: [env, gcp] timeout: 2s override: true resourcedetection/aks: - detectors: [env, aks] # Detects resources from environment variables and AKS (Azure Kubernetes Service). + # Detects resources from environment variables and AKS (Azure Kubernetes Service). + detectors: [env, aks] timeout: 2s override: true aks: @@ -223,7 +230,8 @@ collectors: from_attribute: k8s.node.name action: upsert resourcedetection/system: - detectors: ["system", "ec2"] # Detects resources from the system and EC2 instances. + # Detects resources from the system and EC2 instances. + detectors: ["system", "ec2"] system: hostname_sources: ["os"] resource_attributes: @@ -536,7 +544,8 @@ collectors: send_batch_max_size: 0 timeout: 1s # [Elastic Trace Processor](https://github.com/elastic/opentelemetry-collector-components/tree/main/processor/elastictraceprocessor) - elastictrace: {} # The processor enriches traces with elastic specific requirements. + # The processor enriches traces with elastic specific requirements. + elastictrace: {} exporters: debug: {} # [Elasticsearch exporter](https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/main/exporter/elasticsearchexporter/README.md)