-
Notifications
You must be signed in to change notification settings - Fork 321
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ci: build and push Docker image based on Chainguard base image #3623
Conversation
Signed-off-by: Victor Martinez <VictorMartinezRubio@gmail.com>
then | ||
# We have build files to use | ||
echo "INFO: Found local build artifact. Using locally built for Docker build" | ||
find -E ${PROJECT_ROOT}elastic-apm-agent/target -regex '.*/elastic-apm-agent-[0-9]+.[0-9]+.[0-9]+(-SNAPSHOT)?.jar' -exec cp {} ${PROJECT_ROOT}apm-agent-java.jar \; || echo "INFO: No locally built image found" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm afraid -E
is MacOS based, using ls with grep instead
If users cannot use this new image, what is the purpose of adding it? |
IIUC, users can use the docker image we generate based on Wolfi, but they cannot use the base docker image |
I see. I suppose the purpose of this PR is to enhance security so that we don't ship any outdated libs in our docker image, correct? I'd argue then why not simply not use any base-image at all ( Our image is not intended to be used as a base image, the docs state that it should be used in a I feel like this would be a much simpler and easier to maintain approach (if I'm not misunderstanding the goal here). |
For completeness in this thread, I just added you to the loop on an internal GitHub issue. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
@@ -0,0 +1,7 @@ | |||
FROM docker.elastic.co/wolfi/chainguard-base@sha256:9f940409f96296ef56140bcc4665c204dd499af4c32c96cc00e792558097c3f1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We'll eventually switch to just publishing the wolfi images, right?
When that happens I'd suggest to use an ARG
for the base image:
ARG BASE_IMAGE=alpine@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761f8e1ad6b
FROM $BASE_IMAGE
This way we can have a single Dockerfile which locally builts on top of Alpine, but from CI we can pass in the wolfi image as base image.
Nothing to do for now, just something to maybe keep in mind for when we drop publishing the alpine based image.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We'll eventually switch to just publishing the wolfi images, right?
I think so, that's something we are still discussing internally
For reference: We found out that the K8s-attacher requires executing |
* [maven-release-plugin] prepare for next development iteration * Update cloudfoundry for 1.48.1 release * ci: use .java-version and prepare to use VM with installed tools in BK (#3554) * ci(bk): use specialised VMs (#3555) * Added a note on centralized agent config support for AWS Lambda (#3498) * Bump com.networknt:json-schema-validator from 1.1.0 to 1.3.3 (#3547) * Bump com.networknt:json-schema-validator from 1.1.0 to 1.3.3 Bumps [com.networknt:json-schema-validator](https://github.com/networknt/json-schema-validator) from 1.1.0 to 1.3.3. - [Release notes](https://github.com/networknt/json-schema-validator/releases) - [Changelog](https://github.com/networknt/json-schema-validator/blob/master/CHANGELOG.md) - [Commits](networknt/json-schema-validator@1.1.0...1.3.3) --- updated-dependencies: - dependency-name: com.networknt:json-schema-validator dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Fix compilation * Fix schema version --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jonas Kunz <jonas.kunz@elastic.co> * Fix inheritance for API annotations (#3551) * powershell no-logo (#3556) * security: add permissions block to workflows (#3531) * Bump io.micrometer:micrometer-core from 1.12.2 to 1.12.4 (#3559) Bumps [io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer) from 1.12.2 to 1.12.4. - [Release notes](https://github.com/micrometer-metrics/micrometer/releases) - [Commits](micrometer-metrics/micrometer@v1.12.2...v1.12.4) --- updated-dependencies: - dependency-name: io.micrometer:micrometer-core dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump version.log4j from 2.12.4 to 2.23.1 (#3557) * Bump version.log4j from 2.12.4 to 2.23.1 Bumps `version.log4j` from 2.12.4 to 2.23.1. Updates `org.apache.logging.log4j:log4j-core` from 2.12.4 to 2.23.1 Updates `org.apache.logging.log4j:log4j-slf4j-impl` from 2.12.4 to 2.23.1 --- updated-dependencies: - dependency-name: org.apache.logging.log4j:log4j-core dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.apache.logging.log4j:log4j-slf4j-impl dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * restore previous log4j version --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com> * Add API for instrumenting FAAS and adjust the AWS plugin (#3516) --------- Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com> * Introduce API for metrics collection that does not depend on agent-core (#3522) * Remove logging API. * Clean up core dependencies from POMs that do not need it. * Add API for handling lambda instrumentation and apply to the AWS plugin. * Move metrics API to tracer. * Factor out JSON DSL for metrics. * Fix import issue. * Fix imports. * Fix imports. * fix formatting --------- Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com> * differentiate Lambda url from api gateway (#3417) --------- Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com> * added support to Elastic Load Balancer triggers (#3411) --------- Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com> * feat: new release process with PRs (#3567) * feat: new release process with PRs Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co> * chore: redirect to stderr for both message Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co> * chore: apply suggest Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co> * ci(chore): use env var instead of prefix v Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co> * ci: use maven wrapper instead of direct maven Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co> * feat: validate snapshot for snapshot workflow Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co> * docs: add new release process Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co> --------- Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co> * Bump version.aws.sdk from 2.25.0 to 2.25.21 in /apm-agent-plugins (#3574) Bumps `version.aws.sdk` from 2.25.0 to 2.25.21. Updates `software.amazon.awssdk:s3` from 2.25.0 to 2.25.21 Updates `software.amazon.awssdk:sqs` from 2.25.0 to 2.25.21 Updates `software.amazon.awssdk:dynamodb` from 2.25.0 to 2.25.21 --- updated-dependencies: - dependency-name: software.amazon.awssdk:s3 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:sqs dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:dynamodb dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.awaitility:awaitility from 4.2.0 to 4.2.1 (#3573) Bumps [org.awaitility:awaitility](https://github.com/awaitility/awaitility) from 4.2.0 to 4.2.1. - [Changelog](https://github.com/awaitility/awaitility/blob/master/changelog.txt) - [Commits](awaitility/awaitility@awaitility-4.2.0...awaitility-4.2.1) --- updated-dependencies: - dependency-name: org.awaitility:awaitility dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add exclusion list option for calling DatabaseMetaData.getUserName (#3568) * use a dummy user for testing * exclusion list option for calling getUserName * changelog and test break fixed * pre release: elastic-apm-agent v1.49.0 (#3576) Co-authored-by: apmmachine <apmmachine@users.noreply.github.com> * ci(fix): use input value instead of env value for post release trigger (#3577) Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co> * ci(fix): correct buildkite pipeline trigger (#3578) Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co> * post release: elastic-apm-agent v1.49.0 (#3579) Co-authored-by: apmmachine <apmmachine@users.noreply.github.com> * ci(fix): correct release order (#3581) Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co> * Bump org.springframework.boot:spring-boot-dependencies from 2.7.16 to 3.2.4 (#3572) * Bump org.springframework.boot:spring-boot-dependencies Bumps [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 2.7.16 to 3.2.4. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v2.7.16...v3.2.4) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-dependencies dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Update pom.xml * Update pom.xml * Update pom.xml --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jonas Kunz <jonas.kunz@elastic.co> * buildkite: fallback if home is not available (#3591) * Prevent cycles in inferred spans (#3588) * [ci] add list of published artifacts (#3595) * Bump version.mockito from 5.1.1 to 5.11.0 (#3587) Bumps `version.mockito` from 5.1.1 to 5.11.0. Updates `org.mockito:mockito-core` from 5.1.1 to 5.11.0 - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](mockito/mockito@v5.1.1...v5.11.0) Updates `org.mockito:mockito-subclass` from 5.1.1 to 5.11.0 - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](mockito/mockito@v5.1.1...v5.11.0) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:development update-type: version-update:semver-minor - dependency-name: org.mockito:mockito-subclass dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * github-actions: enable provenance for the jar files (#3594) * chore: APM agent json server schema a76e999543efb3ba803c9a57dd13a4f6b... (#3584) ... 3ffa7e1 Made with ❤️️ by updatecli Co-authored-by: apmmachine <apmmachine@users.noreply.github.com> * [ci] fix GH release version tag (#3596) * [ci] fix artifact list path (#3597) * Upgrade JDK compatibility tests (#3599) * Upgrade JDK compatibility tests * Added JDK 23 ea * Attempt to set net.bytebuddy.experimental for EA versions * Remove java 23-ea tests * Bump version.ecs.logging from 1.5.0 to 1.6.0 (#3585) Bumps `version.ecs.logging` from 1.5.0 to 1.6.0. Updates `co.elastic.logging:log4j2-ecs-layout` from 1.5.0 to 1.6.0 - [Release notes](https://github.com/elastic/ecs-logging-java/releases) - [Commits](elastic/ecs-logging-java@v1.5.0...v1.6.0) Updates `co.elastic.logging:logback-ecs-encoder` from 1.5.0 to 1.6.0 - [Release notes](https://github.com/elastic/ecs-logging-java/releases) - [Commits](elastic/ecs-logging-java@v1.5.0...v1.6.0) Updates `co.elastic.logging:log4j-ecs-layout` from 1.5.0 to 1.6.0 - [Release notes](https://github.com/elastic/ecs-logging-java/releases) - [Commits](elastic/ecs-logging-java@v1.5.0...v1.6.0) Updates `co.elastic.logging:jul-ecs-formatter` from 1.5.0 to 1.6.0 - [Release notes](https://github.com/elastic/ecs-logging-java/releases) - [Commits](elastic/ecs-logging-java@v1.5.0...v1.6.0) Updates `co.elastic.logging:jboss-logmanager-ecs-formatter` from 1.5.0 to 1.6.0 - [Release notes](https://github.com/elastic/ecs-logging-java/releases) - [Commits](elastic/ecs-logging-java@v1.5.0...v1.6.0) --- updated-dependencies: - dependency-name: co.elastic.logging:log4j2-ecs-layout dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: co.elastic.logging:logback-ecs-encoder dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: co.elastic.logging:log4j-ecs-layout dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: co.elastic.logging:jul-ecs-formatter dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: co.elastic.logging:jboss-logmanager-ecs-formatter dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.apache.logging.log4j:log4j-bom from 2.22.1 to 2.23.1 (#3565) Bumps [org.apache.logging.log4j:log4j-bom](https://github.com/apache/logging-log4j2) from 2.22.1 to 2.23.1. - [Release notes](https://github.com/apache/logging-log4j2/releases) - [Changelog](https://github.com/apache/logging-log4j2/blob/2.x/RELEASE-NOTES.adoc) - [Commits](apache/logging-log4j2@rel/2.22.1...rel/2.23.1) --- updated-dependencies: - dependency-name: org.apache.logging.log4j:log4j-bom dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * github-action: add attestations scope (#3601) * Universal profiling integration: write shared memory (#3598) --------- Co-authored-by: SylvainJuge <763082+SylvainJuge@users.noreply.github.com> * ci(release): tag AWS with the ver prefix (#3606) * release: use tag version for docker build/push (#3600) * Bump version.byte-buddy from 1.14.12 to 1.14.14 (#3608) * Bump version.byte-buddy from 1.14.12 to 1.14.14 Bumps `version.byte-buddy` from 1.14.12 to 1.14.14. Updates `net.bytebuddy:byte-buddy` from 1.14.12 to 1.14.14 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](raphw/byte-buddy@byte-buddy-1.14.12...byte-buddy-1.14.14) Updates `net.bytebuddy:byte-buddy-agent` from 1.9.16 to 1.14.14 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](raphw/byte-buddy@byte-buddy-1.9.16...byte-buddy-1.14.14) Updates `net.bytebuddy:byte-buddy-dep` from 1.14.12 to 1.14.14 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](raphw/byte-buddy@byte-buddy-1.14.12...byte-buddy-1.14.14) --- updated-dependencies: - dependency-name: net.bytebuddy:byte-buddy dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: net.bytebuddy:byte-buddy-agent dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: net.bytebuddy:byte-buddy-dep dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * keep old version --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com> * Universal Profiling integration: open socket for communication (#3602) * Fix NPE in dropped spans stats (#3590) * fix npe * update changelog * Universal profiling integration: Added serialization of stacktrace IDs as profiler_stack_trace_ids otel attributes (#3607) * release: use explicit container arch (#3611) * Bump version.aws.sdk from 2.25.21 to 2.25.43 in /apm-agent-plugins (#3614) Bumps `version.aws.sdk` from 2.25.21 to 2.25.43. Updates `software.amazon.awssdk:s3` from 2.25.21 to 2.25.43 Updates `software.amazon.awssdk:sqs` from 2.25.21 to 2.25.43 Updates `software.amazon.awssdk:dynamodb` from 2.25.21 to 2.25.43 --- updated-dependencies: - dependency-name: software.amazon.awssdk:s3 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:sqs dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:dynamodb dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add thread dump debug option (#3589) * add thread dump option * Universal profiling integration: Add stacktrace-IDs to transactions (#3615) * add c3p0 to DatabaseMetaDataExclusionList (#3619) * ci(fix): Files or Directories Accessible to External Parties (#3624) * Bump org.springframework.boot:spring-boot-dependencies from 2.7.16 to 3.2.5 (#3610) * Bump org.springframework.boot:spring-boot-dependencies Bumps [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 2.7.16 to 3.2.5. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v2.7.16...v3.2.5) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-dependencies dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * keep v2 dependency * keep v2 dependency * keep v2 dependency --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: jackshirazi <jack.shirazi@elastic.co> * Bump org.jctools:jctools-core from 4.0.1 to 4.0.3 (#3618) * Bump org.jctools:jctools-core from 4.0.1 to 4.0.3 Bumps [org.jctools:jctools-core](https://github.com/JCTools/JCTools) from 4.0.1 to 4.0.3. - [Release notes](https://github.com/JCTools/JCTools/releases) - [Changelog](https://github.com/JCTools/JCTools/blob/master/RELEASE-NOTES.md) - [Commits](JCTools/JCTools@v4.0.1...v4.0.3) --- updated-dependencies: - dependency-name: org.jctools:jctools-core dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * remove comment --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com> * Bump version.mockito from 5.11.0 to 5.12.0 (#3629) Bumps `version.mockito` from 5.11.0 to 5.12.0. Updates `org.mockito:mockito-core` from 5.11.0 to 5.12.0 - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](mockito/mockito@v5.11.0...v5.12.0) Updates `org.mockito:mockito-subclass` from 5.11.0 to 5.12.0 - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](mockito/mockito@v5.11.0...v5.12.0) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:development update-type: version-update:semver-minor - dependency-name: org.mockito:mockito-subclass dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump com.networknt:json-schema-validator from 1.3.3 to 1.4.0 (#3628) Bumps [com.networknt:json-schema-validator](https://github.com/networknt/json-schema-validator) from 1.3.3 to 1.4.0. - [Release notes](https://github.com/networknt/json-schema-validator/releases) - [Changelog](https://github.com/networknt/json-schema-validator/blob/master/CHANGELOG.md) - [Commits](networknt/json-schema-validator@1.3.3...1.4.0) --- updated-dependencies: - dependency-name: com.networknt:json-schema-validator dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * github-action: delete opentelemetry workflow (#3630) * buildkite: avoid failing in tear-down failed (#3622) * github-action: use actions/attest-build-provenance (#3631) * Clarify rabbitmq naming mode support (#3633) * ci: build and push Docker image based on Chainguard base image (#3623) * bouncy castle upgrade (#3634) * add symlink in dockerfile for /javaagent.jar for otel operator to find (#3635) * add symlink in dockerfile for /javaagent.jar for otel operator to find * and wolfi too * buildkite: support version 21 for opentelemetry (#3621) * Bump version.testcontainers from 1.19.1 to 1.19.8 (#3641) Bumps `version.testcontainers` from 1.19.1 to 1.19.8. Updates `org.testcontainers:testcontainers-bom` from 1.19.1 to 1.19.8 - [Release notes](https://github.com/testcontainers/testcontainers-java/releases) - [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md) - [Commits](testcontainers/testcontainers-java@1.19.1...1.19.8) Updates `org.testcontainers:testcontainers` from 1.19.1 to 1.19.8 - [Release notes](https://github.com/testcontainers/testcontainers-java/releases) - [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md) - [Commits](testcontainers/testcontainers-java@1.19.1...1.19.8) --- updated-dependencies: - dependency-name: org.testcontainers:testcontainers-bom dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.testcontainers:testcontainers dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * ci: add some job timeouts (#3638) * Fix too small activation stack for low transaction_max_spans values (#3643) * Exclude new Cisco AppD packages (#3632) * Bump version.okhttp from 3.14.7 to 4.12.0 (#3640) Bumps `version.okhttp` from 3.14.7 to 4.12.0. Updates `com.squareup.okhttp3:okhttp` from 3.14.7 to 4.12.0 - [Changelog](https://github.com/square/okhttp/blob/master/CHANGELOG.md) - [Commits](square/okhttp@parent-3.14.7...parent-4.12.0) Updates `com.squareup.okhttp3:logging-interceptor` from 4.9.1 to 4.12.0 - [Changelog](https://github.com/square/okhttp/blob/master/CHANGELOG.md) - [Commits](square/okhttp@parent-4.9.1...parent-4.12.0) --- updated-dependencies: - dependency-name: com.squareup.okhttp3:okhttp dependency-type: direct:production update-type: version-update:semver-major - dependency-name: com.squareup.okhttp3:logging-interceptor dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump redis.clients:jedis from 1.4.0 to 5.1.2 (#3639) * Bump redis.clients:jedis from 1.4.0 to 5.1.2 Bumps [redis.clients:jedis](https://github.com/redis/jedis) from 1.4.0 to 5.1.2. - [Release notes](https://github.com/redis/jedis/releases) - [Commits](redis/jedis@jedis-1.4.0...v5.1.2) --- updated-dependencies: - dependency-name: redis.clients:jedis dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Update pom.xml * Update pom.xml * Update pom.xml * Update pom.xml * Fix tests * Fix invalid extracted method --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jonas Kunz <jonas.kunz@elastic.co> * build: bump actions/attest-build-provenance in the github-actions group (#3637) Bumps the github-actions group with 1 update: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance). Updates `actions/attest-build-provenance` from 1.1.1 to 1.1.2 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](actions/attest-build-provenance@951c0c5...173725a) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * more stack frames for thread dump (#3644) * pre release: elastic-apm-agent v1.50.0 (#3648) Co-authored-by: apmmachine <apmmachine@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co> Co-authored-by: apmmachine <apmmachine@users.noreply.github.com> Co-authored-by: Victor Martinez <victormartinezrubio@gmail.com> Co-authored-by: Som <111349830+someshwaranM@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jonas Kunz <jonas.kunz@elastic.co> Co-authored-by: SylvainJuge <763082+SylvainJuge@users.noreply.github.com> Co-authored-by: Jan Calanog <jan.calanog@elastic.co> Co-authored-by: Rafael Winterhalter <rafael.wth@gmail.com> Co-authored-by: Nugusbayev Kanagat <48118512+videnkz@users.noreply.github.com> Co-authored-by: Adrien Mannocci <adrien.mannocci@elastic.co> Co-authored-by: jackshirazi <jack.shirazi@elastic.co> Co-authored-by: Thomas ANDRI Wijayanto <hostbugbounty1337@gmail.com>
* [maven-release-plugin] prepare for next development iteration * Update cloudfoundry for 1.48.1 release * ci: use .java-version and prepare to use VM with installed tools in BK (#3554) * ci(bk): use specialised VMs (#3555) * Added a note on centralized agent config support for AWS Lambda (#3498) * Bump com.networknt:json-schema-validator from 1.1.0 to 1.3.3 (#3547) * Bump com.networknt:json-schema-validator from 1.1.0 to 1.3.3 Bumps [com.networknt:json-schema-validator](https://github.com/networknt/json-schema-validator) from 1.1.0 to 1.3.3. - [Release notes](https://github.com/networknt/json-schema-validator/releases) - [Changelog](https://github.com/networknt/json-schema-validator/blob/master/CHANGELOG.md) - [Commits](https://github.com/networknt/json-schema-validator/compare/1.1.0...1.3.3) --- updated-dependencies: - dependency-name: com.networknt:json-schema-validator dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Fix compilation * Fix schema version --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jonas Kunz <jonas.kunz@elastic.co> * Fix inheritance for API annotations (#3551) * powershell no-logo (#3556) * security: add permissions block to workflows (#3531) * Bump io.micrometer:micrometer-core from 1.12.2 to 1.12.4 (#3559) Bumps [io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer) from 1.12.2 to 1.12.4. - [Release notes](https://github.com/micrometer-metrics/micrometer/releases) - [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.12.2...v1.12.4) --- updated-dependencies: - dependency-name: io.micrometer:micrometer-core dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump version.log4j from 2.12.4 to 2.23.1 (#3557) * Bump version.log4j from 2.12.4 to 2.23.1 Bumps `version.log4j` from 2.12.4 to 2.23.1. Updates `org.apache.logging.log4j:log4j-core` from 2.12.4 to 2.23.1 Updates `org.apache.logging.log4j:log4j-slf4j-impl` from 2.12.4 to 2.23.1 --- updated-dependencies: - dependency-name: org.apache.logging.log4j:log4j-core dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.apache.logging.log4j:log4j-slf4j-impl dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * restore previous log4j version --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com> * Add API for instrumenting FAAS and adjust the AWS plugin (#3516) --------- Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com> * Introduce API for metrics collection that does not depend on agent-core (#3522) * Remove logging API. * Clean up core dependencies from POMs that do not need it. * Add API for handling lambda instrumentation and apply to the AWS plugin. * Move metrics API to tracer. * Factor out JSON DSL for metrics. * Fix import issue. * Fix imports. * Fix imports. * fix formatting --------- Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com> * differentiate Lambda url from api gateway (#3417) --------- Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com> * added support to Elastic Load Balancer triggers (#3411) --------- Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com> * feat: new release process with PRs (#3567) * feat: new release process with PRs Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co> * chore: redirect to stderr for both message Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co> * chore: apply suggest Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co> * ci(chore): use env var instead of prefix v Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co> * ci: use maven wrapper instead of direct maven Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co> * feat: validate snapshot for snapshot workflow Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co> * docs: add new release process Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co> --------- Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co> * Bump version.aws.sdk from 2.25.0 to 2.25.21 in /apm-agent-plugins (#3574) Bumps `version.aws.sdk` from 2.25.0 to 2.25.21. Updates `software.amazon.awssdk:s3` from 2.25.0 to 2.25.21 Updates `software.amazon.awssdk:sqs` from 2.25.0 to 2.25.21 Updates `software.amazon.awssdk:dynamodb` from 2.25.0 to 2.25.21 --- updated-dependencies: - dependency-name: software.amazon.awssdk:s3 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:sqs dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:dynamodb dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.awaitility:awaitility from 4.2.0 to 4.2.1 (#3573) Bumps [org.awaitility:awaitility](https://github.com/awaitility/awaitility) from 4.2.0 to 4.2.1. - [Changelog](https://github.com/awaitility/awaitility/blob/master/changelog.txt) - [Commits](https://github.com/awaitility/awaitility/compare/awaitility-4.2.0...awaitility-4.2.1) --- updated-dependencies: - dependency-name: org.awaitility:awaitility dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add exclusion list option for calling DatabaseMetaData.getUserName (#3568) * use a dummy user for testing * exclusion list option for calling getUserName * changelog and test break fixed * pre release: elastic-apm-agent v1.49.0 (#3576) Co-authored-by: apmmachine <apmmachine@users.noreply.github.com> * ci(fix): use input value instead of env value for post release trigger (#3577) Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co> * ci(fix): correct buildkite pipeline trigger (#3578) Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co> * post release: elastic-apm-agent v1.49.0 (#3579) Co-authored-by: apmmachine <apmmachine@users.noreply.github.com> * ci(fix): correct release order (#3581) Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co> * Bump org.springframework.boot:spring-boot-dependencies from 2.7.16 to 3.2.4 (#3572) * Bump org.springframework.boot:spring-boot-dependencies Bumps [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 2.7.16 to 3.2.4. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](https://github.com/spring-projects/spring-boot/compare/v2.7.16...v3.2.4) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-dependencies dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Update pom.xml * Update pom.xml * Update pom.xml --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jonas Kunz <jonas.kunz@elastic.co> * buildkite: fallback if home is not available (#3591) * Prevent cycles in inferred spans (#3588) * [ci] add list of published artifacts (#3595) * Bump version.mockito from 5.1.1 to 5.11.0 (#3587) Bumps `version.mockito` from 5.1.1 to 5.11.0. Updates `org.mockito:mockito-core` from 5.1.1 to 5.11.0 - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v5.1.1...v5.11.0) Updates `org.mockito:mockito-subclass` from 5.1.1 to 5.11.0 - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v5.1.1...v5.11.0) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:development update-type: version-update:semver-minor - dependency-name: org.mockito:mockito-subclass dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * github-actions: enable provenance for the jar files (#3594) * chore: APM agent json server schema a76e999543efb3ba803c9a57dd13a4f6b... (#3584) ... 3ffa7e1 Made with ❤️️ by updatecli Co-authored-by: apmmachine <apmmachine@users.noreply.github.com> * [ci] fix GH release version tag (#3596) * [ci] fix artifact list path (#3597) * Upgrade JDK compatibility tests (#3599) * Upgrade JDK compatibility tests * Added JDK 23 ea * Attempt to set net.bytebuddy.experimental for EA versions * Remove java 23-ea tests * Bump version.ecs.logging from 1.5.0 to 1.6.0 (#3585) Bumps `version.ecs.logging` from 1.5.0 to 1.6.0. Updates `co.elastic.logging:log4j2-ecs-layout` from 1.5.0 to 1.6.0 - [Release notes](https://github.com/elastic/ecs-logging-java/releases) - [Commits](https://github.com/elastic/ecs-logging-java/compare/v1.5.0...v1.6.0) Updates `co.elastic.logging:logback-ecs-encoder` from 1.5.0 to 1.6.0 - [Release notes](https://github.com/elastic/ecs-logging-java/releases) - [Commits](https://github.com/elastic/ecs-logging-java/compare/v1.5.0...v1.6.0) Updates `co.elastic.logging:log4j-ecs-layout` from 1.5.0 to 1.6.0 - [Release notes](https://github.com/elastic/ecs-logging-java/releases) - [Commits](https://github.com/elastic/ecs-logging-java/compare/v1.5.0...v1.6.0) Updates `co.elastic.logging:jul-ecs-formatter` from 1.5.0 to 1.6.0 - [Release notes](https://github.com/elastic/ecs-logging-java/releases) - [Commits](https://github.com/elastic/ecs-logging-java/compare/v1.5.0...v1.6.0) Updates `co.elastic.logging:jboss-logmanager-ecs-formatter` from 1.5.0 to 1.6.0 - [Release notes](https://github.com/elastic/ecs-logging-java/releases) - [Commits](https://github.com/elastic/ecs-logging-java/compare/v1.5.0...v1.6.0) --- updated-dependencies: - dependency-name: co.elastic.logging:log4j2-ecs-layout dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: co.elastic.logging:logback-ecs-encoder dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: co.elastic.logging:log4j-ecs-layout dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: co.elastic.logging:jul-ecs-formatter dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: co.elastic.logging:jboss-logmanager-ecs-formatter dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.apache.logging.log4j:log4j-bom from 2.22.1 to 2.23.1 (#3565) Bumps [org.apache.logging.log4j:log4j-bom](https://github.com/apache/logging-log4j2) from 2.22.1 to 2.23.1. - [Release notes](https://github.com/apache/logging-log4j2/releases) - [Changelog](https://github.com/apache/logging-log4j2/blob/2.x/RELEASE-NOTES.adoc) - [Commits](https://github.com/apache/logging-log4j2/compare/rel/2.22.1...rel/2.23.1) --- updated-dependencies: - dependency-name: org.apache.logging.log4j:log4j-bom dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * github-action: add attestations scope (#3601) * Universal profiling integration: write shared memory (#3598) --------- Co-authored-by: SylvainJuge <763082+SylvainJuge@users.noreply.github.com> * ci(release): tag AWS with the ver prefix (#3606) * release: use tag version for docker build/push (#3600) * Bump version.byte-buddy from 1.14.12 to 1.14.14 (#3608) * Bump version.byte-buddy from 1.14.12 to 1.14.14 Bumps `version.byte-buddy` from 1.14.12 to 1.14.14. Updates `net.bytebuddy:byte-buddy` from 1.14.12 to 1.14.14 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.14.12...byte-buddy-1.14.14) Updates `net.bytebuddy:byte-buddy-agent` from 1.9.16 to 1.14.14 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.9.16...byte-buddy-1.14.14) Updates `net.bytebuddy:byte-buddy-dep` from 1.14.12 to 1.14.14 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.14.12...byte-buddy-1.14.14) --- updated-dependencies: - dependency-name: net.bytebuddy:byte-buddy dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: net.bytebuddy:byte-buddy-agent dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: net.bytebuddy:byte-buddy-dep dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * keep old version --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com> * Universal Profiling integration: open socket for communication (#3602) * Fix NPE in dropped spans stats (#3590) * fix npe * update changelog * Universal profiling integration: Added serialization of stacktrace IDs as profiler_stack_trace_ids otel attributes (#3607) * release: use explicit container arch (#3611) * Bump version.aws.sdk from 2.25.21 to 2.25.43 in /apm-agent-plugins (#3614) Bumps `version.aws.sdk` from 2.25.21 to 2.25.43. Updates `software.amazon.awssdk:s3` from 2.25.21 to 2.25.43 Updates `software.amazon.awssdk:sqs` from 2.25.21 to 2.25.43 Updates `software.amazon.awssdk:dynamodb` from 2.25.21 to 2.25.43 --- updated-dependencies: - dependency-name: software.amazon.awssdk:s3 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:sqs dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:dynamodb dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add thread dump debug option (#3589) * add thread dump option * Universal profiling integration: Add stacktrace-IDs to transactions (#3615) * add c3p0 to DatabaseMetaDataExclusionList (#3619) * ci(fix): Files or Directories Accessible to External Parties (#3624) * Bump org.springframework.boot:spring-boot-dependencies from 2.7.16 to 3.2.5 (#3610) * Bump org.springframework.boot:spring-boot-dependencies Bumps [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 2.7.16 to 3.2.5. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](https://github.com/spring-projects/spring-boot/compare/v2.7.16...v3.2.5) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-dependencies dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * keep v2 dependency * keep v2 dependency * keep v2 dependency --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: jackshirazi <jack.shirazi@elastic.co> * Bump org.jctools:jctools-core from 4.0.1 to 4.0.3 (#3618) * Bump org.jctools:jctools-core from 4.0.1 to 4.0.3 Bumps [org.jctools:jctools-core](https://github.com/JCTools/JCTools) from 4.0.1 to 4.0.3. - [Release notes](https://github.com/JCTools/JCTools/releases) - [Changelog](https://github.com/JCTools/JCTools/blob/master/RELEASE-NOTES.md) - [Commits](https://github.com/JCTools/JCTools/compare/v4.0.1...v4.0.3) --- updated-dependencies: - dependency-name: org.jctools:jctools-core dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * remove comment --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com> * Bump version.mockito from 5.11.0 to 5.12.0 (#3629) Bumps `version.mockito` from 5.11.0 to 5.12.0. Updates `org.mockito:mockito-core` from 5.11.0 to 5.12.0 - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v5.11.0...v5.12.0) Updates `org.mockito:mockito-subclass` from 5.11.0 to 5.12.0 - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v5.11.0...v5.12.0) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:development update-type: version-update:semver-minor - dependency-name: org.mockito:mockito-subclass dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump com.networknt:json-schema-validator from 1.3.3 to 1.4.0 (#3628) Bumps [com.networknt:json-schema-validator](https://github.com/networknt/json-schema-validator) from 1.3.3 to 1.4.0. - [Release notes](https://github.com/networknt/json-schema-validator/releases) - [Changelog](https://github.com/networknt/json-schema-validator/blob/master/CHANGELOG.md) - [Commits](https://github.com/networknt/json-schema-validator/compare/1.3.3...1.4.0) --- updated-dependencies: - dependency-name: com.networknt:json-schema-validator dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * github-action: delete opentelemetry workflow (#3630) * buildkite: avoid failing in tear-down failed (#3622) * github-action: use actions/attest-build-provenance (#3631) * Clarify rabbitmq naming mode support (#3633) * ci: build and push Docker image based on Chainguard base image (#3623) * bouncy castle upgrade (#3634) * add symlink in dockerfile for /javaagent.jar for otel operator to find (#3635) * add symlink in dockerfile for /javaagent.jar for otel operator to find * and wolfi too * buildkite: support version 21 for opentelemetry (#3621) * Bump version.testcontainers from 1.19.1 to 1.19.8 (#3641) Bumps `version.testcontainers` from 1.19.1 to 1.19.8. Updates `org.testcontainers:testcontainers-bom` from 1.19.1 to 1.19.8 - [Release notes](https://github.com/testcontainers/testcontainers-java/releases) - [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md) - [Commits](https://github.com/testcontainers/testcontainers-java/compare/1.19.1...1.19.8) Updates `org.testcontainers:testcontainers` from 1.19.1 to 1.19.8 - [Release notes](https://github.com/testcontainers/testcontainers-java/releases) - [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md) - [Commits](https://github.com/testcontainers/testcontainers-java/compare/1.19.1...1.19.8) --- updated-dependencies: - dependency-name: org.testcontainers:testcontainers-bom dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.testcontainers:testcontainers dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * ci: add some job timeouts (#3638) * Fix too small activation stack for low transaction_max_spans values (#3643) * Exclude new Cisco AppD packages (#3632) * Bump version.okhttp from 3.14.7 to 4.12.0 (#3640) Bumps `version.okhttp` from 3.14.7 to 4.12.0. Updates `com.squareup.okhttp3:okhttp` from 3.14.7 to 4.12.0 - [Changelog](https://github.com/square/okhttp/blob/master/CHANGELOG.md) - [Commits](https://github.com/square/okhttp/compare/parent-3.14.7...parent-4.12.0) Updates `com.squareup.okhttp3:logging-interceptor` from 4.9.1 to 4.12.0 - [Changelog](https://github.com/square/okhttp/blob/master/CHANGELOG.md) - [Commits](https://github.com/square/okhttp/compare/parent-4.9.1...parent-4.12.0) --- updated-dependencies: - dependency-name: com.squareup.okhttp3:okhttp dependency-type: direct:production update-type: version-update:semver-major - dependency-name: com.squareup.okhttp3:logging-interceptor dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump redis.clients:jedis from 1.4.0 to 5.1.2 (#3639) * Bump redis.clients:jedis from 1.4.0 to 5.1.2 Bumps [redis.clients:jedis](https://github.com/redis/jedis) from 1.4.0 to 5.1.2. - [Release notes](https://github.com/redis/jedis/releases) - [Commits](https://github.com/redis/jedis/compare/jedis-1.4.0...v5.1.2) --- updated-dependencies: - dependency-name: redis.clients:jedis dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Update pom.xml * Update pom.xml * Update pom.xml * Update pom.xml * Fix tests * Fix invalid extracted method --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jonas Kunz <jonas.kunz@elastic.co> * build: bump actions/attest-build-provenance in the github-actions group (#3637) Bumps the github-actions group with 1 update: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance). Updates `actions/attest-build-provenance` from 1.1.1 to 1.1.2 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](https://github.com/actions/attest-build-provenance/compare/951c0c5f8e375ad4efad33405ab77f7ded2358e4...173725a1209d09b31f9d30a3890cf2757ebbff0d) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * more stack frames for thread dump (#3644) * pre release: elastic-apm-agent v1.50.0 (#3648) Co-authored-by: apmmachine <apmmachine@users.noreply.github.com> * post release: elastic-apm-agent v1.50.0 (#3649) Co-authored-by: apmmachine <apmmachine@users.noreply.github.com> * fix docker build for release in CI (#3652) * ci: use updatecli with GitHub secrets (#3651) * buildkite: use bot user (#3653) * build: bump org.springframework.boot:spring-boot-maven-plugin (#3646) Bumps [org.springframework.boot:spring-boot-maven-plugin](https://github.com/spring-projects/spring-boot) from 3.2.0 to 3.3.0. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](https://github.com/spring-projects/spring-boot/compare/v3.2.0...v3.3.0) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * buildkite: use shared secret for obltmachine (#3656) * build: bump org.springframework.boot:spring-boot-dependencies from 2.7.16 to 3.3.0 (#3645) * build: bump org.springframework.boot:spring-boot-dependencies Bumps [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 2.7.16 to 3.3.0. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](https://github.com/spring-projects/spring-boot/compare/v2.7.16...v3.3.0) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-dependencies dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * keep older versions --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com> * revert jctools to 4.0.1 (#3657) * revert jctools to 4.0.1 * update changelog * add a jdk7 check so that we break before releasing! (#3659) * github-actions: docker login with GitHub secrets (#3658) * build: bump version.aws.sdk in /apm-agent-plugins (#3661) Bumps `version.aws.sdk` from 2.25.43 to 2.25.64. Updates `software.amazon.awssdk:s3` from 2.25.43 to 2.25.64 Updates `software.amazon.awssdk:sqs` from 2.25.43 to 2.25.64 Updates `software.amazon.awssdk:dynamodb` from 2.25.43 to 2.25.64 --- updated-dependencies: - dependency-name: software.amazon.awssdk:s3 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:sqs dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:dynamodb dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build: bump version.byte-buddy from 1.14.14 to 1.14.17 (#3664) * build: bump version.byte-buddy from 1.14.14 to 1.14.17 Bumps `version.byte-buddy` from 1.14.14 to 1.14.17. Updates `net.bytebuddy:byte-buddy` from 1.14.14 to 1.14.17 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.14.14...byte-buddy-1.14.17) Updates `net.bytebuddy:byte-buddy-agent` from 1.9.16 to 1.14.17 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.9.16...byte-buddy-1.14.17) Updates `net.bytebuddy:byte-buddy-dep` from 1.14.14 to 1.14.17 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.14.14...byte-buddy-1.14.17) --- updated-dependencies: - dependency-name: net.bytebuddy:byte-buddy dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: net.bytebuddy:byte-buddy-agent dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: net.bytebuddy:byte-buddy-dep dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * revert old known version * bump asm version to keep it consistent with bytebuddy --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com> * adding an option to make routing-key part of RabbitMQ transaction names (#3636) Co-authored-by: Deniza Topalova <deniza@gtmhub.com> * [release] improve release steps naming (#3667) * enhance main branch PR message for merge with commit * minor wording clarifications * [release] rename release steps * add PR created in first step in readme * Fix unreleased changelog (#3669) * github-action: run buildkite action with GH secrets (#3668) * github-actions: remove snapshoty (#3670) * [release] fix typo in release workflow (#3671) * build: bump docker/login-action from 3.1.0 to 3.2.0 in the github-actions group (#3663) Bumps the github-actions group with 1 update: [docker/login-action](https://github.com/docker/login-action). Updates `docker/login-action` from 3.1.0 to 3.2.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/e92390c5fb421da1463c202d546fed0ec5c39f20...0d4c9c5ea7693da7b068278f7b52bda2a190a446) * build: bump actions/attest-build-provenance in the github-actions group (#3673) Bumps the github-actions group with 1 update: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance). Updates `actions/attest-build-provenance` from 1.1.2 to 1.2.0 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](https://github.com/actions/attest-build-provenance/compare/173725a1209d09b31f9d30a3890cf2757ebbff0d...49df96e17e918a15956db358890b08e61c704919) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Warn unexpected SpanContext in otel span link (#3672) * add warning with non elastic spancontext * update changelog * ci: use github secrets for GH token (#3678) * feat(aws-lambda): apm-agent-java (#3680) * github-actions: use buildkite and slack bot GH secrets (#3679) * github-actions: use number output (#3681) * build: bump io.opentelemetry.semconv:opentelemetry-semconv (#3674) Bumps [io.opentelemetry.semconv:opentelemetry-semconv](https://github.com/open-telemetry/semantic-conventions-java) from 1.23.1-alpha to 1.25.0-alpha. - [Release notes](https://github.com/open-telemetry/semantic-conventions-java/releases) - [Changelog](https://github.com/open-telemetry/semantic-conventions-java/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/semantic-conventions-java/commits) --- updated-dependencies: - dependency-name: io.opentelemetry.semconv:opentelemetry-semconv dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Remove unused functions and clean up servlet integration test base (#3683) * Remove unused functions and clean up servlet integration test base Signed-off-by: Adrian Cole <adrian.cole@elastic.co> * less code Signed-off-by: Adrian Cole <adrian.cole@elastic.co> --------- Signed-off-by: Adrian Cole <adrian.cole@elastic.co> * Uses MockWebServer instead of a docker container for servlet integration tests (#3684) Signed-off-by: Adrian Cole <adrian.cole@elastic.co> * Remove unused API and resolve naming ambiguities (#3561) * Rename implementation versions of interfaces to reflect their state as non-API. * Merge main branch. * Fix test imports. * Fix plugin imports. * Fix plugin imports. * build: bump actions/attest-build-provenance in the github-actions group (#3685) Bumps the github-actions group with 1 update: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance). Updates `actions/attest-build-provenance` from 1.2.0 to 1.3.1 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](https://github.com/actions/attest-build-provenance/compare/49df96e17e918a15956db358890b08e61c704919...534b352d658f90498fd148d231fdbf88f3886a3a) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Revert "Uses MockWebServer instead of a docker container for servlet integration tests (#3684)" (#3690) This reverts commit cd893419137fd80981505c754ecea5cce6fb0bbd. This breaks JBoss startup somehow in non-obvious ways * build: bump org.jctools:jctools-core from 4.0.1 to 4.0.5 (#3687) * build: bump org.jctools:jctools-core from 4.0.1 to 4.0.5 Bumps [org.jctools:jctools-core](https://github.com/JCTools/JCTools) from 4.0.1 to 4.0.5. - [Release notes](https://github.com/JCTools/JCTools/releases) - [Changelog](https://github.com/JCTools/JCTools/blob/master/RELEASE-NOTES.md) - [Commits](https://github.com/JCTools/JCTools/compare/v4.0.1...v4.0.5) --- updated-dependencies: - dependency-name: org.jctools:jctools-core dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * 4.0.5 does support java 7 --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: jackshirazi <jack.shirazi@elastic.co> * build: bump io.micrometer:micrometer-core from 1.12.4 to 1.13.1 (#3688) Bumps [io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer) from 1.12.4 to 1.13.1. - [Release notes](https://github.com/micrometer-metrics/micrometer/releases) - [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.12.4...v1.13.1) --- updated-dependencies: - dependency-name: io.micrometer:micrometer-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build: bump version.aws.sdk from 1.12.215 to 1.12.740 in /apm-agent-plugins (#3677) * build: bump version.aws.sdk in /apm-agent-plugins Bumps `version.aws.sdk` from 1.12.215 to 1.12.740. Updates `com.amazonaws:aws-java-sdk-s3` from 1.12.215 to 1.12.740 - [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-java/compare/1.12.215...1.12.740) Updates `com.amazonaws:aws-java-sdk-dynamodb` from 1.12.215 to 1.12.740 - [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-java/compare/1.12.215...1.12.740) Updates `com.amazonaws:aws-java-sdk-sqs` from 1.12.215 to 1.12.740 - [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-java/compare/1.12.215...1.12.740) --- updated-dependencies: - dependency-name: com.amazonaws:aws-java-sdk-s3 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: com.amazonaws:aws-java-sdk-dynamodb dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: com.amazonaws:aws-java-sdk-sqs dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * AWS changed the comms protocols, need latest localstack --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jack Shirazi <jack.shirazi@elastic.co> * build: bump actions/attest-build-provenance from 1.3.1 to 1.3.2 in the github-actions group (#3693) Bumps the github-actions group with 1 update: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance). Updates `actions/attest-build-provenance` from 1.3.1 to 1.3.2 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) * Use elastic/oblt-actions/aws/auth@v1.10.0 action to authenticate with AWS (#3696) * Use elastic/oblt-actions/aws/auth@v1.10.0 action to authenticate with AWS * Fix input * Add necessary permissions * Add comment about filename * build: bump org.springframework.boot:spring-boot-dependencies from 2.7.16 to 3.3.1 (#3694) * build: bump org.springframework.boot:spring-boot-dependencies Bumps [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 2.7.16 to 3.3.1. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](https://github.com/spring-projects/spring-boot/compare/v2.7.16...v3.3.1) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-dependencies dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Revert spring 2 version * Update pom.xml * Update pom.xml --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jonas Kunz <jonas.kunz@elastic.co> * build: bump version.jackson from 2.13.3 to 2.17.1 (#3676) * build: bump version.jackson from 2.13.3 to 2.17.1 Bumps `version.jackson` from 2.13.3 to 2.17.1. Updates `com.fasterxml.jackson.core:jackson-databind` from 2.13.3 to 2.17.1 - [Commits](https://github.com/FasterXML/jackson/commits) Updates `com.fasterxml.jackson.module:jackson-module-afterburner` from 2.14.2 to 2.17.1 - [Commits](https://github.com/FasterXML/jackson-modules-base/compare/jackson-modules-base-2.14.2...jackson-modules-base-2.17.1) Updates `com.fasterxml.jackson.dataformat:jackson-dataformat-cbor` from 2.14.2 to 2.17.1 - [Commits](https://github.com/FasterXML/jackson-dataformats-binary/compare/jackson-dataformats-binary-2.14.2...jackson-dataformats-binary-2.17.1) Updates `com.fasterxml.jackson.dataformat:jackson-dataformat-protobuf` from 2.14.2 to 2.17.1 - [Commits](https://github.com/FasterXML/jackson-dataformats-binary/compare/jackson-dataformats-binary-2.14.2...jackson-dataformats-binary-2.17.1) --- updated-dependencies: - dependency-name: com.fasterxml.jackson.core:jackson-databind dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: com.fasterxml.jackson.module:jackson-module-afterburner dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-cbor dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-protobuf dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Revert finagle jackson bump, it only supports 2.13 * switch to BOM for jackson version management --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jonas Kunz <jonas.kunz@elastic.co> * build: bump com.networknt:json-schema-validator from 1.4.0 to 1.4.3 (#3697) Bumps [com.networknt:json-schema-validator](https://github.com/networknt/json-schema-validator) from 1.4.0 to 1.4.3. - [Release notes](https://github.com/networknt/json-schema-validator/releases) - [Changelog](https://github.com/networknt/json-schema-validator/blob/master/CHANGELOG.md) - [Commits](https://github.com/networknt/json-schema-validator/compare/1.4.0...1.4.3) --- updated-dependencies: - dependency-name: com.networknt:json-schema-validator dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build: bump version.aws.sdk in /apm-agent-plugins (#3703) Bumps `version.aws.sdk` from 2.25.64 to 2.26.12. Updates `software.amazon.awssdk:s3` from 2.25.64 to 2.26.12 Updates `software.amazon.awssdk:sqs` from 2.25.64 to 2.26.12 Updates `software.amazon.awssdk:dynamodb` from 2.25.64 to 2.26.12 --- updated-dependencies: - dependency-name: software.amazon.awssdk:s3 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: software.amazon.awssdk:sqs dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: software.amazon.awssdk:dynamodb dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build: bump redis.clients:jedis from 1.4.0 to 5.1.3 (#3700) * build: bump redis.clients:jedis from 1.4.0 to 5.1.3 Bumps [redis.clients:jedis](https://github.com/redis/jedis) from 1.4.0 to 5.1.3. - [Release notes](https://github.com/redis/jedis/releases) - [Commits](https://github.com/redis/jedis/compare/jedis-1.4.0...v5.1.3) --- updated-dependencies: - dependency-name: redis.clients:jedis dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Update pom.xml * Update pom.xml * Update pom.xml * Update pom.xml --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jonas Kunz <jonas.kunz@elastic.co> * build: bump version.aws.sdk in /apm-agent-plugins (#3705) Bumps `version.aws.sdk` from 1.12.740 to 1.12.755. Updates `com.amazonaws:aws-java-sdk-s3` from 1.12.740 to 1.12.755 - [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-java/compare/1.12.740...1.12.755) Updates `com.amazonaws:aws-java-sdk-dynamodb` from 1.12.740 to 1.12.755 - [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-java/compare/1.12.740...1.12.755) Updates `com.amazonaws:aws-java-sdk-sqs` from 1.12.740 to 1.12.755 - [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-java/compare/1.12.740...1.12.755) --- updated-dependencies: - dependency-name: com.amazonaws:aws-java-sdk-s3 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: com.amazonaws:aws-java-sdk-dynamodb dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: com.amazonaws:aws-java-sdk-sqs dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build: bump org.assertj:assertj-core from 3.25.3 to 3.26.0 (#3701) Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.25.3 to 3.26.0. - [Release notes](https://github.com/assertj/assertj/releases) - [Commits](https://github.com/assertj/assertj/compare/assertj-build-3.25.3...assertj-build-3.26.0) --- updated-dependencies: - dependency-name: org.assertj:assertj-core dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add elastic-otel-java to weekly benchmarks (#3706) * Add elastic-otel-java to weekly benchmarks * Apply suggestions from code review Co-authored-by: jackshirazi <jacks@fasterj.com> * Fix wrong agent name * Shorten name to not mess up results table * Even shorter name --------- Co-authored-by: jackshirazi <jacks@fasterj.com> * updatecli: use shared policy (#3707) * Run opentelemetry benchmarks for individual features (#3708) * Add benchmarks for individual distro features on snapshot * Fix argument generation * runtime attach: prevent NPE with null value (#3712) * runtime attach: prevent NPE with null value * build: bump com.networknt:json-schema-validator from 1.4.3 to 1.5.0 (#3710) Bumps [com.networknt:json-schema-validator](https://github.com/networknt/json-schema-validator) from 1.4.3 to 1.5.0. - [Release notes](https://github.com/networknt/json-schema-validator/releases) - [Changelog](https://github.com/networknt/json-schema-validator/blob/master/CHANGELOG.md) - [Commits](https://github.com/networknt/json-schema-validator/compare/1.4.3...1.5.0) --- updated-dependencies: - dependency-name: com.networknt:json-schema-validator dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * updatecli: bump policies too (#3714) * [DOCS] Clarify error capturing (#3716) Clarify we collect the exceptions passed to a `logger.error`, not the message of the `logger.error`. * deps(updatecli): bump all policies (#3715) * build: bump actions/attest-build-provenance in the github-actions group (#3717) Bumps the github-actions group with 1 update: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance). Updates `actions/attest-build-provenance` from 1.3.2 to 1.3.3 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](https://github.com/actions/attest-build-provenance/compare/bdd51370e0416ac948727f861e03c2f05d32d78e...5e9cb68e95676991667494a6a4e59b8a2f13e1d0) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build: bump org.assertj:assertj-core from 3.26.0 to 3.26.3 (#3720) Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.26.0 to 3.26.3. - [Release notes](https://github.com/assertj/assertj/releases) - [Commits](https://github.com/assertj/assertj/compare/assertj-build-3.26.0...assertj-build-3.26.3) --- updated-dependencies: - dependency-name: org.assertj:assertj-core dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * z/OS avoids using NOFOLLOW_LINKS (#3722) * z/OS avoids using NOFOLLOW_LINKS * add changelg entry for zos-no-follow-links * build: bump version.byte-buddy from 1.14.17 to 1.14.18 (#3718) * build: bump version.byte-buddy from 1.14.17 to 1.14.18 Bumps `version.byte-buddy` from 1.14.17 to 1.14.18. Updates `net.bytebuddy:byte-buddy` from 1.14.17 to 1.14.18 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.14.17...byte-buddy-1.14.18) Updates `net.bytebuddy:byte-buddy-agent` from 1.9.16 to 1.14.18 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.9.16...byte-buddy-1.14.18) Updates `net.bytebuddy:byte-buddy-dep` from 1.14.17 to 1.14.18 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.14.17...byte-buddy-1.14.18) --- updated-dependencies: - dependency-name: net.bytebuddy:byte-buddy dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: net.bytebuddy:byte-buddy-agent dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: net.bytebuddy:byte-buddy-dep dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * old version stays --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: jackshirazi <jack.shirazi@elastic.co> * Capture request body for Apache HttpClient 4.x (#3692) Co-authored-by: jackshirazi <jacks@fasterj.com> * jmx-metrics-fix (#3713) * properly handle missing metrics with non-wildcards * update changelog --------- Co-authored-by: jackshirazi <jack.shirazi@elastic.co> * build: bump io.micrometer:micrometer-core from 1.13.1 to 1.13.2 (#3729) Bumps [io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer) from 1.13.1 to 1.13.2. - [Release notes](https://github.com/micrometer-metrics/micrometer/releases) - [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.13.1...v1.13.2) --- updated-dependencies: - dependency-name: io.micrometer:micrometer-core dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build: bump org.springframework.boot:spring-boot-dependencies from 2.7.16 to 3.3.2 (#3727) * build: bump org.springframework.boot:spring-boot-dependencies Bumps [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 2.7.16 to 3.3.2. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](https://github.com/spring-projects/spring-boot/compare/v2.7.16...v3.3.2) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-dependencies dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Update pom.xml * Update pom.xml * Update pom.xml --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: jackshirazi <jack.shirazi@elastic.co> * pre release: elastic-apm-agent v1.51.0 (#3731) Co-authored-by: obltmachine <obltmachine@users.noreply.github.com> * Use 1.5.5 lambda layer for tests because 1.5.6 seems to be broken (#3735) --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co> Signed-off-by: Adrian Cole <adrian.cole@elastic.co> Co-authored-by: apmmachine <apmmachine@users.noreply.github.com> Co-authored-by: Victor Martinez <victormartinezrubio@gmail.com> Co-authored-by: Som <111349830+someshwaranM@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jonas Kunz <jonas.kunz@elastic.co> Co-authored-by: SylvainJuge <763082+SylvainJuge@users.noreply.github.com> Co-authored-by: Jan Calanog <jan.calanog@elastic.co> Co-authored-by: Rafael Winterhalter <rafael.wth@gmail.com> Co-authored-by: Nugusbayev Kanagat <48118512+videnkz@users.noreply.github.com> Co-authored-by: Adrien Mannocci <adrien.mannocci@elastic.co> Co-authored-by: jackshirazi <jack.shirazi@elastic.co> Co-authored-by: apmmachine <58790750+apmmachine@users.noreply.github.com> Co-authored-by: Thomas ANDRI Wijayanto <hostbugbounty1337@gmail.com> Co-authored-by: Deniza Topalova <129867589+deni-topalova@users.noreply.github.com> Co-authored-by: Deniza Topalova <deniza@gtmhub.com> Co-authored-by: Adrian Cole <64215+codefromthecrypt@users.noreply.github.com> Co-authored-by: jackshirazi <jacks@fasterj.com> Co-authored-by: Luca Belluccini <luca.belluccini@elastic.co> Co-authored-by: obltmachine <obltmachine@users.noreply.github.com>
What does this pull request do?
Release two flavours of Docker images:
Please note that we are going to preserve the current
Dockerfile
, so that users will still be able to build their custom images based onAlpine
: this is needed becausedocker.elastic.co/wolfi/chainguard-base
is not a public base image, so docker build would fail for unauthenticated users.Tests
I created a feature branch
test/docker-images-wolfi
and ran the snapshot workflow:Checklist