Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: build and push Docker image based on Chainguard base image #3623

Merged
merged 5 commits into from
May 16, 2024

Conversation

v1v
Copy link
Member

@v1v v1v commented May 9, 2024

What does this pull request do?

Release two flavours of Docker images:

Please note that we are going to preserve the current Dockerfile, so that users will still be able to build their custom images based on Alpine: this is needed because docker.elastic.co/wolfi/chainguard-base is not a public base image, so docker build would fail for unauthenticated users.

Tests

I created a feature branch test/docker-images-wolfi and ran the snapshot workflow:

Checklist

  • This is an enhancement of existing features, or a new feature in existing plugins
    • I have updated CHANGELOG.asciidoc
    • I have added tests that prove my fix is effective or that my feature works
    • Added an API method or config option? Document in which version this will be introduced
    • I have made corresponding changes to the documentation
  • This is a bugfix
  • This is a new plugin
    • I have updated CHANGELOG.asciidoc
    • My code follows the style guidelines of this project
    • I have made corresponding changes to the documentation
    • I have added tests that prove my fix is effective or that my feature works
    • New and existing unit tests pass locally with my changes
    • I have updated supported-technologies.asciidoc
    • Added an API method or config option? Document in which version this will be introduced
    • Added an instrumentation plugin? Describe how you made sure that old, non-supported versions are not instrumented by accident.
  • This is something else

Signed-off-by: Victor Martinez <VictorMartinezRubio@gmail.com>
@v1v v1v marked this pull request as ready for review May 9, 2024 14:47
@v1v v1v requested review from a team May 9, 2024 14:47
@v1v v1v self-assigned this May 9, 2024
then
# We have build files to use
echo "INFO: Found local build artifact. Using locally built for Docker build"
find -E ${PROJECT_ROOT}elastic-apm-agent/target -regex '.*/elastic-apm-agent-[0-9]+.[0-9]+.[0-9]+(-SNAPSHOT)?.jar' -exec cp {} ${PROJECT_ROOT}apm-agent-java.jar \; || echo "INFO: No locally built image found"
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm afraid -E is MacOS based, using ls with grep instead

@JonasKunz
Copy link
Contributor

Please note that we are going to preserve the current Dockerfile, so that users will still be able to build their custom images based on Alpine: this is needed because docker.elastic.co/wolfi/chainguard-base is not a public base image, so docker build would fail for unauthenticated users.

If users cannot use this new image, what is the purpose of adding it?

@v1v
Copy link
Member Author

v1v commented May 14, 2024

If users cannot use this new image, what is the purpose of adding it?

IIUC, users can use the docker image we generate based on Wolfi, but they cannot use the base docker image docker.elastic.co/wolfi/chainguard-base.

@JonasKunz
Copy link
Contributor

JonasKunz commented May 15, 2024

IIUC, users can use the docker image we generate based on Wolfi, but they cannot use the base docker image docker.elastic.co/wolfi/chainguard-base.

I see. I suppose the purpose of this PR is to enhance security so that we don't ship any outdated libs in our docker image, correct?

I'd argue then why not simply not use any base-image at all (FROM scratch in the Dockerfile)?

Our image is not intended to be used as a base image, the docs state that it should be used in a COPY-statement:
COPY --from=docker.elastic.co/observability/apm-agent-java:latest /usr/agent/elastic-apm-agent.jar /elastic-apm-agent.jar

I feel like this would be a much simpler and easier to maintain approach (if I'm not misunderstanding the goal here).
I'd need to double check with them that we really don't want to use our published images as base images anywhere.

@v1v
Copy link
Member Author

v1v commented May 15, 2024

I'd argue then why not simply not use any base-image at all (FROM scratch in the Dockerfile)?

For completeness in this thread, I just added you to the loop on an internal GitHub issue.

Copy link
Contributor

@JonasKunz JonasKunz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@@ -0,0 +1,7 @@
FROM docker.elastic.co/wolfi/chainguard-base@sha256:9f940409f96296ef56140bcc4665c204dd499af4c32c96cc00e792558097c3f1
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We'll eventually switch to just publishing the wolfi images, right?
When that happens I'd suggest to use an ARG for the base image:

ARG BASE_IMAGE=alpine@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761f8e1ad6b
FROM $BASE_IMAGE

This way we can have a single Dockerfile which locally builts on top of Alpine, but from CI we can pass in the wolfi image as base image.

Nothing to do for now, just something to maybe keep in mind for when we drop publishing the alpine based image.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We'll eventually switch to just publishing the wolfi images, right?

I think so, that's something we are still discussing internally

@JonasKunz
Copy link
Contributor

I'd argue then why not simply not use any base-image at all (FROM scratch in the Dockerfile)?

For reference: We found out that the K8s-attacher requires executing cp within the container, so using FROM scratch is not an option.

@v1v v1v merged commit 22f2166 into elastic:main May 16, 2024
16 of 23 checks passed
@v1v v1v deleted the feature/docker-images-wolfi branch May 16, 2024 10:44
SylvainJuge added a commit that referenced this pull request May 28, 2024
* [maven-release-plugin] prepare for next development iteration

* Update cloudfoundry for 1.48.1 release

* ci: use .java-version and prepare to use VM with installed tools in BK (#3554)

* ci(bk): use specialised VMs (#3555)

* Added a note on centralized agent config support for AWS Lambda (#3498)

* Bump com.networknt:json-schema-validator from 1.1.0 to 1.3.3 (#3547)

* Bump com.networknt:json-schema-validator from 1.1.0 to 1.3.3

Bumps [com.networknt:json-schema-validator](https://github.com/networknt/json-schema-validator) from 1.1.0 to 1.3.3.
- [Release notes](https://github.com/networknt/json-schema-validator/releases)
- [Changelog](https://github.com/networknt/json-schema-validator/blob/master/CHANGELOG.md)
- [Commits](networknt/json-schema-validator@1.1.0...1.3.3)

---
updated-dependencies:
- dependency-name: com.networknt:json-schema-validator
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Fix compilation

* Fix schema version

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jonas Kunz <jonas.kunz@elastic.co>

* Fix inheritance for API annotations (#3551)

* powershell no-logo (#3556)

* security: add permissions block to workflows (#3531)

* Bump io.micrometer:micrometer-core from 1.12.2 to 1.12.4 (#3559)

Bumps [io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer) from 1.12.2 to 1.12.4.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](micrometer-metrics/micrometer@v1.12.2...v1.12.4)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump version.log4j from 2.12.4 to 2.23.1 (#3557)

* Bump version.log4j from 2.12.4 to 2.23.1

Bumps `version.log4j` from 2.12.4 to 2.23.1.

Updates `org.apache.logging.log4j:log4j-core` from 2.12.4 to 2.23.1

Updates `org.apache.logging.log4j:log4j-slf4j-impl` from 2.12.4 to 2.23.1

---
updated-dependencies:
- dependency-name: org.apache.logging.log4j:log4j-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: org.apache.logging.log4j:log4j-slf4j-impl
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* restore previous log4j version

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com>

* Add API for instrumenting FAAS and adjust the AWS plugin (#3516)



---------

Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com>

* Introduce API for metrics collection that does not depend on agent-core (#3522)

* Remove logging API.

* Clean up core dependencies from POMs that do not need it.

* Add API for handling lambda instrumentation and apply to the AWS plugin.

* Move metrics API to tracer.

* Factor out JSON DSL for metrics.

* Fix import issue.

* Fix imports.

* Fix imports.

* fix formatting

---------

Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com>

* differentiate Lambda url from api gateway (#3417)


---------

Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com>

* added support to Elastic Load Balancer triggers (#3411)



---------

Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com>

* feat: new release process with PRs (#3567)

* feat: new release process with PRs

Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co>

* chore: redirect to stderr for both message

Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co>

* chore: apply suggest

Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co>

* ci(chore): use env var instead of prefix v

Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co>

* ci: use maven wrapper instead of direct maven

Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co>

* feat: validate snapshot for snapshot workflow

Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co>

* docs: add new release process

Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co>

---------

Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co>

* Bump version.aws.sdk from 2.25.0 to 2.25.21 in /apm-agent-plugins (#3574)

Bumps `version.aws.sdk` from 2.25.0 to 2.25.21.

Updates `software.amazon.awssdk:s3` from 2.25.0 to 2.25.21

Updates `software.amazon.awssdk:sqs` from 2.25.0 to 2.25.21

Updates `software.amazon.awssdk:dynamodb` from 2.25.0 to 2.25.21

---
updated-dependencies:
- dependency-name: software.amazon.awssdk:s3
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: software.amazon.awssdk:sqs
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: software.amazon.awssdk:dynamodb
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump org.awaitility:awaitility from 4.2.0 to 4.2.1 (#3573)

Bumps [org.awaitility:awaitility](https://github.com/awaitility/awaitility) from 4.2.0 to 4.2.1.
- [Changelog](https://github.com/awaitility/awaitility/blob/master/changelog.txt)
- [Commits](awaitility/awaitility@awaitility-4.2.0...awaitility-4.2.1)

---
updated-dependencies:
- dependency-name: org.awaitility:awaitility
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add exclusion list option for calling DatabaseMetaData.getUserName (#3568)

* use a dummy user for testing

* exclusion list option for calling getUserName

* changelog and test break fixed

* pre release: elastic-apm-agent v1.49.0 (#3576)

Co-authored-by: apmmachine <apmmachine@users.noreply.github.com>

* ci(fix): use input value instead of env value for post release trigger (#3577)

Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co>

* ci(fix): correct buildkite pipeline trigger (#3578)

Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co>

* post release: elastic-apm-agent v1.49.0 (#3579)

Co-authored-by: apmmachine <apmmachine@users.noreply.github.com>

* ci(fix): correct release order (#3581)

Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co>

* Bump org.springframework.boot:spring-boot-dependencies from 2.7.16 to 3.2.4 (#3572)

* Bump org.springframework.boot:spring-boot-dependencies

Bumps [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 2.7.16 to 3.2.4.
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v2.7.16...v3.2.4)

---
updated-dependencies:
- dependency-name: org.springframework.boot:spring-boot-dependencies
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update pom.xml

* Update pom.xml

* Update pom.xml

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jonas Kunz <jonas.kunz@elastic.co>

* buildkite: fallback if home is not available (#3591)

* Prevent cycles in inferred spans (#3588)

* [ci] add list of published artifacts (#3595)

* Bump version.mockito from 5.1.1 to 5.11.0 (#3587)

Bumps `version.mockito` from 5.1.1 to 5.11.0.

Updates `org.mockito:mockito-core` from 5.1.1 to 5.11.0
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](mockito/mockito@v5.1.1...v5.11.0)

Updates `org.mockito:mockito-subclass` from 5.1.1 to 5.11.0
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](mockito/mockito@v5.1.1...v5.11.0)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
  dependency-type: direct:development
  update-type: version-update:semver-minor
- dependency-name: org.mockito:mockito-subclass
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* github-actions: enable provenance for the jar files (#3594)

* chore: APM agent json server schema a76e999543efb3ba803c9a57dd13a4f6b... (#3584)

... 3ffa7e1

Made with ❤️️ by updatecli

Co-authored-by: apmmachine <apmmachine@users.noreply.github.com>

* [ci] fix GH release version tag (#3596)

* [ci] fix artifact list path (#3597)

* Upgrade JDK compatibility tests (#3599)

* Upgrade JDK compatibility tests

* Added JDK 23 ea

* Attempt to set net.bytebuddy.experimental for EA versions

* Remove java 23-ea tests

* Bump version.ecs.logging from 1.5.0 to 1.6.0 (#3585)

Bumps `version.ecs.logging` from 1.5.0 to 1.6.0.

Updates `co.elastic.logging:log4j2-ecs-layout` from 1.5.0 to 1.6.0
- [Release notes](https://github.com/elastic/ecs-logging-java/releases)
- [Commits](elastic/ecs-logging-java@v1.5.0...v1.6.0)

Updates `co.elastic.logging:logback-ecs-encoder` from 1.5.0 to 1.6.0
- [Release notes](https://github.com/elastic/ecs-logging-java/releases)
- [Commits](elastic/ecs-logging-java@v1.5.0...v1.6.0)

Updates `co.elastic.logging:log4j-ecs-layout` from 1.5.0 to 1.6.0
- [Release notes](https://github.com/elastic/ecs-logging-java/releases)
- [Commits](elastic/ecs-logging-java@v1.5.0...v1.6.0)

Updates `co.elastic.logging:jul-ecs-formatter` from 1.5.0 to 1.6.0
- [Release notes](https://github.com/elastic/ecs-logging-java/releases)
- [Commits](elastic/ecs-logging-java@v1.5.0...v1.6.0)

Updates `co.elastic.logging:jboss-logmanager-ecs-formatter` from 1.5.0 to 1.6.0
- [Release notes](https://github.com/elastic/ecs-logging-java/releases)
- [Commits](elastic/ecs-logging-java@v1.5.0...v1.6.0)

---
updated-dependencies:
- dependency-name: co.elastic.logging:log4j2-ecs-layout
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: co.elastic.logging:logback-ecs-encoder
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: co.elastic.logging:log4j-ecs-layout
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: co.elastic.logging:jul-ecs-formatter
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: co.elastic.logging:jboss-logmanager-ecs-formatter
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump org.apache.logging.log4j:log4j-bom from 2.22.1 to 2.23.1 (#3565)

Bumps [org.apache.logging.log4j:log4j-bom](https://github.com/apache/logging-log4j2) from 2.22.1 to 2.23.1.
- [Release notes](https://github.com/apache/logging-log4j2/releases)
- [Changelog](https://github.com/apache/logging-log4j2/blob/2.x/RELEASE-NOTES.adoc)
- [Commits](apache/logging-log4j2@rel/2.22.1...rel/2.23.1)

---
updated-dependencies:
- dependency-name: org.apache.logging.log4j:log4j-bom
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* github-action: add attestations scope (#3601)

* Universal profiling integration: write shared memory (#3598)


---------

Co-authored-by: SylvainJuge <763082+SylvainJuge@users.noreply.github.com>

* ci(release): tag AWS with the ver prefix (#3606)

* release: use tag version for docker build/push (#3600)

* Bump version.byte-buddy from 1.14.12 to 1.14.14 (#3608)

* Bump version.byte-buddy from 1.14.12 to 1.14.14

Bumps `version.byte-buddy` from 1.14.12 to 1.14.14.

Updates `net.bytebuddy:byte-buddy` from 1.14.12 to 1.14.14
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](raphw/byte-buddy@byte-buddy-1.14.12...byte-buddy-1.14.14)

Updates `net.bytebuddy:byte-buddy-agent` from 1.9.16 to 1.14.14
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](raphw/byte-buddy@byte-buddy-1.9.16...byte-buddy-1.14.14)

Updates `net.bytebuddy:byte-buddy-dep` from 1.14.12 to 1.14.14
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](raphw/byte-buddy@byte-buddy-1.14.12...byte-buddy-1.14.14)

---
updated-dependencies:
- dependency-name: net.bytebuddy:byte-buddy
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: net.bytebuddy:byte-buddy-agent
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: net.bytebuddy:byte-buddy-dep
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* keep old version

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com>

* Universal Profiling integration: open socket for communication (#3602)

* Fix NPE in dropped spans stats (#3590)

* fix npe

* update changelog

* Universal profiling integration: Added serialization of stacktrace IDs as profiler_stack_trace_ids otel attributes (#3607)

* release: use explicit container arch (#3611)

* Bump version.aws.sdk from 2.25.21 to 2.25.43 in /apm-agent-plugins (#3614)

Bumps `version.aws.sdk` from 2.25.21 to 2.25.43.

Updates `software.amazon.awssdk:s3` from 2.25.21 to 2.25.43

Updates `software.amazon.awssdk:sqs` from 2.25.21 to 2.25.43

Updates `software.amazon.awssdk:dynamodb` from 2.25.21 to 2.25.43

---
updated-dependencies:
- dependency-name: software.amazon.awssdk:s3
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: software.amazon.awssdk:sqs
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: software.amazon.awssdk:dynamodb
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add thread dump debug option (#3589)

* add thread dump option

* Universal profiling integration: Add stacktrace-IDs to transactions (#3615)

* add c3p0 to DatabaseMetaDataExclusionList (#3619)

* ci(fix): Files or Directories Accessible to External Parties (#3624)

* Bump org.springframework.boot:spring-boot-dependencies from 2.7.16 to 3.2.5 (#3610)

* Bump org.springframework.boot:spring-boot-dependencies

Bumps [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 2.7.16 to 3.2.5.
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v2.7.16...v3.2.5)

---
updated-dependencies:
- dependency-name: org.springframework.boot:spring-boot-dependencies
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* keep v2 dependency

* keep v2 dependency

* keep v2 dependency

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: jackshirazi <jack.shirazi@elastic.co>

* Bump org.jctools:jctools-core from 4.0.1 to 4.0.3 (#3618)

* Bump org.jctools:jctools-core from 4.0.1 to 4.0.3

Bumps [org.jctools:jctools-core](https://github.com/JCTools/JCTools) from 4.0.1 to 4.0.3.
- [Release notes](https://github.com/JCTools/JCTools/releases)
- [Changelog](https://github.com/JCTools/JCTools/blob/master/RELEASE-NOTES.md)
- [Commits](JCTools/JCTools@v4.0.1...v4.0.3)

---
updated-dependencies:
- dependency-name: org.jctools:jctools-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* remove comment

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com>

* Bump version.mockito from 5.11.0 to 5.12.0 (#3629)

Bumps `version.mockito` from 5.11.0 to 5.12.0.

Updates `org.mockito:mockito-core` from 5.11.0 to 5.12.0
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](mockito/mockito@v5.11.0...v5.12.0)

Updates `org.mockito:mockito-subclass` from 5.11.0 to 5.12.0
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](mockito/mockito@v5.11.0...v5.12.0)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
  dependency-type: direct:development
  update-type: version-update:semver-minor
- dependency-name: org.mockito:mockito-subclass
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump com.networknt:json-schema-validator from 1.3.3 to 1.4.0 (#3628)

Bumps [com.networknt:json-schema-validator](https://github.com/networknt/json-schema-validator) from 1.3.3 to 1.4.0.
- [Release notes](https://github.com/networknt/json-schema-validator/releases)
- [Changelog](https://github.com/networknt/json-schema-validator/blob/master/CHANGELOG.md)
- [Commits](networknt/json-schema-validator@1.3.3...1.4.0)

---
updated-dependencies:
- dependency-name: com.networknt:json-schema-validator
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* github-action: delete opentelemetry workflow (#3630)

* buildkite: avoid failing in tear-down failed (#3622)

* github-action: use actions/attest-build-provenance (#3631)

* Clarify rabbitmq naming mode support (#3633)

* ci: build and push Docker image based on Chainguard base image (#3623)

* bouncy castle upgrade (#3634)

* add symlink in dockerfile for /javaagent.jar for otel operator to find (#3635)

* add symlink in dockerfile for /javaagent.jar for otel operator to find

* and wolfi too

* buildkite: support version 21 for opentelemetry (#3621)

* Bump version.testcontainers from 1.19.1 to 1.19.8 (#3641)

Bumps `version.testcontainers` from 1.19.1 to 1.19.8.

Updates `org.testcontainers:testcontainers-bom` from 1.19.1 to 1.19.8
- [Release notes](https://github.com/testcontainers/testcontainers-java/releases)
- [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md)
- [Commits](testcontainers/testcontainers-java@1.19.1...1.19.8)

Updates `org.testcontainers:testcontainers` from 1.19.1 to 1.19.8
- [Release notes](https://github.com/testcontainers/testcontainers-java/releases)
- [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md)
- [Commits](testcontainers/testcontainers-java@1.19.1...1.19.8)

---
updated-dependencies:
- dependency-name: org.testcontainers:testcontainers-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.testcontainers:testcontainers
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* ci: add some job timeouts (#3638)

* Fix too small activation stack for low transaction_max_spans values (#3643)

* Exclude new Cisco AppD packages (#3632)

* Bump version.okhttp from 3.14.7 to 4.12.0 (#3640)

Bumps `version.okhttp` from 3.14.7 to 4.12.0.

Updates `com.squareup.okhttp3:okhttp` from 3.14.7 to 4.12.0
- [Changelog](https://github.com/square/okhttp/blob/master/CHANGELOG.md)
- [Commits](square/okhttp@parent-3.14.7...parent-4.12.0)

Updates `com.squareup.okhttp3:logging-interceptor` from 4.9.1 to 4.12.0
- [Changelog](https://github.com/square/okhttp/blob/master/CHANGELOG.md)
- [Commits](square/okhttp@parent-4.9.1...parent-4.12.0)

---
updated-dependencies:
- dependency-name: com.squareup.okhttp3:okhttp
  dependency-type: direct:production
  update-type: version-update:semver-major
- dependency-name: com.squareup.okhttp3:logging-interceptor
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump redis.clients:jedis from 1.4.0 to 5.1.2 (#3639)

* Bump redis.clients:jedis from 1.4.0 to 5.1.2

Bumps [redis.clients:jedis](https://github.com/redis/jedis) from 1.4.0 to 5.1.2.
- [Release notes](https://github.com/redis/jedis/releases)
- [Commits](redis/jedis@jedis-1.4.0...v5.1.2)

---
updated-dependencies:
- dependency-name: redis.clients:jedis
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update pom.xml

* Update pom.xml

* Update pom.xml

* Update pom.xml

* Fix tests

* Fix invalid extracted method

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jonas Kunz <jonas.kunz@elastic.co>

* build: bump actions/attest-build-provenance in the github-actions group (#3637)

Bumps the github-actions group with 1 update: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance).


Updates `actions/attest-build-provenance` from 1.1.1 to 1.1.2
- [Release notes](https://github.com/actions/attest-build-provenance/releases)
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md)
- [Commits](actions/attest-build-provenance@951c0c5...173725a)

---
updated-dependencies:
- dependency-name: actions/attest-build-provenance
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* more stack frames for thread dump (#3644)

* pre release: elastic-apm-agent v1.50.0 (#3648)

Co-authored-by: apmmachine <apmmachine@users.noreply.github.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co>
Co-authored-by: apmmachine <apmmachine@users.noreply.github.com>
Co-authored-by: Victor Martinez <victormartinezrubio@gmail.com>
Co-authored-by: Som <111349830+someshwaranM@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jonas Kunz <jonas.kunz@elastic.co>
Co-authored-by: SylvainJuge <763082+SylvainJuge@users.noreply.github.com>
Co-authored-by: Jan Calanog <jan.calanog@elastic.co>
Co-authored-by: Rafael Winterhalter <rafael.wth@gmail.com>
Co-authored-by: Nugusbayev Kanagat <48118512+videnkz@users.noreply.github.com>
Co-authored-by: Adrien Mannocci <adrien.mannocci@elastic.co>
Co-authored-by: jackshirazi <jack.shirazi@elastic.co>
Co-authored-by: Thomas ANDRI Wijayanto <hostbugbounty1337@gmail.com>
jackshirazi added a commit that referenced this pull request Jul 29, 2024
* [maven-release-plugin] prepare for next development iteration

* Update cloudfoundry for 1.48.1 release

* ci: use .java-version and prepare to use VM with installed tools in BK (#3554)

* ci(bk): use specialised VMs (#3555)

* Added a note on centralized agent config support for AWS Lambda (#3498)

* Bump com.networknt:json-schema-validator from 1.1.0 to 1.3.3 (#3547)

* Bump com.networknt:json-schema-validator from 1.1.0 to 1.3.3

Bumps [com.networknt:json-schema-validator](https://github.com/networknt/json-schema-validator) from 1.1.0 to 1.3.3.
- [Release notes](https://github.com/networknt/json-schema-validator/releases)
- [Changelog](https://github.com/networknt/json-schema-validator/blob/master/CHANGELOG.md)
- [Commits](https://github.com/networknt/json-schema-validator/compare/1.1.0...1.3.3)

---
updated-dependencies:
- dependency-name: com.networknt:json-schema-validator
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Fix compilation

* Fix schema version

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jonas Kunz <jonas.kunz@elastic.co>

* Fix inheritance for API annotations (#3551)

* powershell no-logo (#3556)

* security: add permissions block to workflows (#3531)

* Bump io.micrometer:micrometer-core from 1.12.2 to 1.12.4 (#3559)

Bumps [io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer) from 1.12.2 to 1.12.4.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.12.2...v1.12.4)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump version.log4j from 2.12.4 to 2.23.1 (#3557)

* Bump version.log4j from 2.12.4 to 2.23.1

Bumps `version.log4j` from 2.12.4 to 2.23.1.

Updates `org.apache.logging.log4j:log4j-core` from 2.12.4 to 2.23.1

Updates `org.apache.logging.log4j:log4j-slf4j-impl` from 2.12.4 to 2.23.1

---
updated-dependencies:
- dependency-name: org.apache.logging.log4j:log4j-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: org.apache.logging.log4j:log4j-slf4j-impl
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* restore previous log4j version

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com>

* Add API for instrumenting FAAS and adjust the AWS plugin (#3516)



---------

Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com>

* Introduce API for metrics collection that does not depend on agent-core (#3522)

* Remove logging API.

* Clean up core dependencies from POMs that do not need it.

* Add API for handling lambda instrumentation and apply to the AWS plugin.

* Move metrics API to tracer.

* Factor out JSON DSL for metrics.

* Fix import issue.

* Fix imports.

* Fix imports.

* fix formatting

---------

Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com>

* differentiate Lambda url from api gateway (#3417)


---------

Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com>

* added support to Elastic Load Balancer triggers (#3411)



---------

Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com>

* feat: new release process with PRs (#3567)

* feat: new release process with PRs

Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co>

* chore: redirect to stderr for both message

Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co>

* chore: apply suggest

Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co>

* ci(chore): use env var instead of prefix v

Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co>

* ci: use maven wrapper instead of direct maven

Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co>

* feat: validate snapshot for snapshot workflow

Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co>

* docs: add new release process

Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co>

---------

Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co>

* Bump version.aws.sdk from 2.25.0 to 2.25.21 in /apm-agent-plugins (#3574)

Bumps `version.aws.sdk` from 2.25.0 to 2.25.21.

Updates `software.amazon.awssdk:s3` from 2.25.0 to 2.25.21

Updates `software.amazon.awssdk:sqs` from 2.25.0 to 2.25.21

Updates `software.amazon.awssdk:dynamodb` from 2.25.0 to 2.25.21

---
updated-dependencies:
- dependency-name: software.amazon.awssdk:s3
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: software.amazon.awssdk:sqs
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: software.amazon.awssdk:dynamodb
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump org.awaitility:awaitility from 4.2.0 to 4.2.1 (#3573)

Bumps [org.awaitility:awaitility](https://github.com/awaitility/awaitility) from 4.2.0 to 4.2.1.
- [Changelog](https://github.com/awaitility/awaitility/blob/master/changelog.txt)
- [Commits](https://github.com/awaitility/awaitility/compare/awaitility-4.2.0...awaitility-4.2.1)

---
updated-dependencies:
- dependency-name: org.awaitility:awaitility
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add exclusion list option for calling DatabaseMetaData.getUserName (#3568)

* use a dummy user for testing

* exclusion list option for calling getUserName

* changelog and test break fixed

* pre release: elastic-apm-agent v1.49.0 (#3576)

Co-authored-by: apmmachine <apmmachine@users.noreply.github.com>

* ci(fix): use input value instead of env value for post release trigger (#3577)

Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co>

* ci(fix): correct buildkite pipeline trigger (#3578)

Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co>

* post release: elastic-apm-agent v1.49.0 (#3579)

Co-authored-by: apmmachine <apmmachine@users.noreply.github.com>

* ci(fix): correct release order (#3581)

Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co>

* Bump org.springframework.boot:spring-boot-dependencies from 2.7.16 to 3.2.4 (#3572)

* Bump org.springframework.boot:spring-boot-dependencies

Bumps [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 2.7.16 to 3.2.4.
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v2.7.16...v3.2.4)

---
updated-dependencies:
- dependency-name: org.springframework.boot:spring-boot-dependencies
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update pom.xml

* Update pom.xml

* Update pom.xml

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jonas Kunz <jonas.kunz@elastic.co>

* buildkite: fallback if home is not available (#3591)

* Prevent cycles in inferred spans (#3588)

* [ci] add list of published artifacts (#3595)

* Bump version.mockito from 5.1.1 to 5.11.0 (#3587)

Bumps `version.mockito` from 5.1.1 to 5.11.0.

Updates `org.mockito:mockito-core` from 5.1.1 to 5.11.0
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v5.1.1...v5.11.0)

Updates `org.mockito:mockito-subclass` from 5.1.1 to 5.11.0
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v5.1.1...v5.11.0)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
  dependency-type: direct:development
  update-type: version-update:semver-minor
- dependency-name: org.mockito:mockito-subclass
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* github-actions: enable provenance for the jar files (#3594)

* chore: APM agent json server schema a76e999543efb3ba803c9a57dd13a4f6b... (#3584)

... 3ffa7e1

Made with ❤️️ by updatecli

Co-authored-by: apmmachine <apmmachine@users.noreply.github.com>

* [ci] fix GH release version tag (#3596)

* [ci] fix artifact list path (#3597)

* Upgrade JDK compatibility tests (#3599)

* Upgrade JDK compatibility tests

* Added JDK 23 ea

* Attempt to set net.bytebuddy.experimental for EA versions

* Remove java 23-ea tests

* Bump version.ecs.logging from 1.5.0 to 1.6.0 (#3585)

Bumps `version.ecs.logging` from 1.5.0 to 1.6.0.

Updates `co.elastic.logging:log4j2-ecs-layout` from 1.5.0 to 1.6.0
- [Release notes](https://github.com/elastic/ecs-logging-java/releases)
- [Commits](https://github.com/elastic/ecs-logging-java/compare/v1.5.0...v1.6.0)

Updates `co.elastic.logging:logback-ecs-encoder` from 1.5.0 to 1.6.0
- [Release notes](https://github.com/elastic/ecs-logging-java/releases)
- [Commits](https://github.com/elastic/ecs-logging-java/compare/v1.5.0...v1.6.0)

Updates `co.elastic.logging:log4j-ecs-layout` from 1.5.0 to 1.6.0
- [Release notes](https://github.com/elastic/ecs-logging-java/releases)
- [Commits](https://github.com/elastic/ecs-logging-java/compare/v1.5.0...v1.6.0)

Updates `co.elastic.logging:jul-ecs-formatter` from 1.5.0 to 1.6.0
- [Release notes](https://github.com/elastic/ecs-logging-java/releases)
- [Commits](https://github.com/elastic/ecs-logging-java/compare/v1.5.0...v1.6.0)

Updates `co.elastic.logging:jboss-logmanager-ecs-formatter` from 1.5.0 to 1.6.0
- [Release notes](https://github.com/elastic/ecs-logging-java/releases)
- [Commits](https://github.com/elastic/ecs-logging-java/compare/v1.5.0...v1.6.0)

---
updated-dependencies:
- dependency-name: co.elastic.logging:log4j2-ecs-layout
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: co.elastic.logging:logback-ecs-encoder
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: co.elastic.logging:log4j-ecs-layout
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: co.elastic.logging:jul-ecs-formatter
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: co.elastic.logging:jboss-logmanager-ecs-formatter
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump org.apache.logging.log4j:log4j-bom from 2.22.1 to 2.23.1 (#3565)

Bumps [org.apache.logging.log4j:log4j-bom](https://github.com/apache/logging-log4j2) from 2.22.1 to 2.23.1.
- [Release notes](https://github.com/apache/logging-log4j2/releases)
- [Changelog](https://github.com/apache/logging-log4j2/blob/2.x/RELEASE-NOTES.adoc)
- [Commits](https://github.com/apache/logging-log4j2/compare/rel/2.22.1...rel/2.23.1)

---
updated-dependencies:
- dependency-name: org.apache.logging.log4j:log4j-bom
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* github-action: add attestations scope (#3601)

* Universal profiling integration: write shared memory (#3598)


---------

Co-authored-by: SylvainJuge <763082+SylvainJuge@users.noreply.github.com>

* ci(release): tag AWS with the ver prefix (#3606)

* release: use tag version for docker build/push (#3600)

* Bump version.byte-buddy from 1.14.12 to 1.14.14 (#3608)

* Bump version.byte-buddy from 1.14.12 to 1.14.14

Bumps `version.byte-buddy` from 1.14.12 to 1.14.14.

Updates `net.bytebuddy:byte-buddy` from 1.14.12 to 1.14.14
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.14.12...byte-buddy-1.14.14)

Updates `net.bytebuddy:byte-buddy-agent` from 1.9.16 to 1.14.14
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.9.16...byte-buddy-1.14.14)

Updates `net.bytebuddy:byte-buddy-dep` from 1.14.12 to 1.14.14
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.14.12...byte-buddy-1.14.14)

---
updated-dependencies:
- dependency-name: net.bytebuddy:byte-buddy
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: net.bytebuddy:byte-buddy-agent
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: net.bytebuddy:byte-buddy-dep
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* keep old version

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com>

* Universal Profiling integration: open socket for communication (#3602)

* Fix NPE in dropped spans stats (#3590)

* fix npe

* update changelog

* Universal profiling integration: Added serialization of stacktrace IDs as profiler_stack_trace_ids otel attributes (#3607)

* release: use explicit container arch (#3611)

* Bump version.aws.sdk from 2.25.21 to 2.25.43 in /apm-agent-plugins (#3614)

Bumps `version.aws.sdk` from 2.25.21 to 2.25.43.

Updates `software.amazon.awssdk:s3` from 2.25.21 to 2.25.43

Updates `software.amazon.awssdk:sqs` from 2.25.21 to 2.25.43

Updates `software.amazon.awssdk:dynamodb` from 2.25.21 to 2.25.43

---
updated-dependencies:
- dependency-name: software.amazon.awssdk:s3
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: software.amazon.awssdk:sqs
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: software.amazon.awssdk:dynamodb
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add thread dump debug option (#3589)

* add thread dump option

* Universal profiling integration: Add stacktrace-IDs to transactions (#3615)

* add c3p0 to DatabaseMetaDataExclusionList (#3619)

* ci(fix): Files or Directories Accessible to External Parties (#3624)

* Bump org.springframework.boot:spring-boot-dependencies from 2.7.16 to 3.2.5 (#3610)

* Bump org.springframework.boot:spring-boot-dependencies

Bumps [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 2.7.16 to 3.2.5.
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v2.7.16...v3.2.5)

---
updated-dependencies:
- dependency-name: org.springframework.boot:spring-boot-dependencies
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* keep v2 dependency

* keep v2 dependency

* keep v2 dependency

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: jackshirazi <jack.shirazi@elastic.co>

* Bump org.jctools:jctools-core from 4.0.1 to 4.0.3 (#3618)

* Bump org.jctools:jctools-core from 4.0.1 to 4.0.3

Bumps [org.jctools:jctools-core](https://github.com/JCTools/JCTools) from 4.0.1 to 4.0.3.
- [Release notes](https://github.com/JCTools/JCTools/releases)
- [Changelog](https://github.com/JCTools/JCTools/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/JCTools/JCTools/compare/v4.0.1...v4.0.3)

---
updated-dependencies:
- dependency-name: org.jctools:jctools-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* remove comment

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com>

* Bump version.mockito from 5.11.0 to 5.12.0 (#3629)

Bumps `version.mockito` from 5.11.0 to 5.12.0.

Updates `org.mockito:mockito-core` from 5.11.0 to 5.12.0
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v5.11.0...v5.12.0)

Updates `org.mockito:mockito-subclass` from 5.11.0 to 5.12.0
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v5.11.0...v5.12.0)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
  dependency-type: direct:development
  update-type: version-update:semver-minor
- dependency-name: org.mockito:mockito-subclass
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump com.networknt:json-schema-validator from 1.3.3 to 1.4.0 (#3628)

Bumps [com.networknt:json-schema-validator](https://github.com/networknt/json-schema-validator) from 1.3.3 to 1.4.0.
- [Release notes](https://github.com/networknt/json-schema-validator/releases)
- [Changelog](https://github.com/networknt/json-schema-validator/blob/master/CHANGELOG.md)
- [Commits](https://github.com/networknt/json-schema-validator/compare/1.3.3...1.4.0)

---
updated-dependencies:
- dependency-name: com.networknt:json-schema-validator
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* github-action: delete opentelemetry workflow (#3630)

* buildkite: avoid failing in tear-down failed (#3622)

* github-action: use actions/attest-build-provenance (#3631)

* Clarify rabbitmq naming mode support (#3633)

* ci: build and push Docker image based on Chainguard base image (#3623)

* bouncy castle upgrade (#3634)

* add symlink in dockerfile for /javaagent.jar for otel operator to find (#3635)

* add symlink in dockerfile for /javaagent.jar for otel operator to find

* and wolfi too

* buildkite: support version 21 for opentelemetry (#3621)

* Bump version.testcontainers from 1.19.1 to 1.19.8 (#3641)

Bumps `version.testcontainers` from 1.19.1 to 1.19.8.

Updates `org.testcontainers:testcontainers-bom` from 1.19.1 to 1.19.8
- [Release notes](https://github.com/testcontainers/testcontainers-java/releases)
- [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md)
- [Commits](https://github.com/testcontainers/testcontainers-java/compare/1.19.1...1.19.8)

Updates `org.testcontainers:testcontainers` from 1.19.1 to 1.19.8
- [Release notes](https://github.com/testcontainers/testcontainers-java/releases)
- [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md)
- [Commits](https://github.com/testcontainers/testcontainers-java/compare/1.19.1...1.19.8)

---
updated-dependencies:
- dependency-name: org.testcontainers:testcontainers-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.testcontainers:testcontainers
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* ci: add some job timeouts (#3638)

* Fix too small activation stack for low transaction_max_spans values (#3643)

* Exclude new Cisco AppD packages (#3632)

* Bump version.okhttp from 3.14.7 to 4.12.0 (#3640)

Bumps `version.okhttp` from 3.14.7 to 4.12.0.

Updates `com.squareup.okhttp3:okhttp` from 3.14.7 to 4.12.0
- [Changelog](https://github.com/square/okhttp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/square/okhttp/compare/parent-3.14.7...parent-4.12.0)

Updates `com.squareup.okhttp3:logging-interceptor` from 4.9.1 to 4.12.0
- [Changelog](https://github.com/square/okhttp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/square/okhttp/compare/parent-4.9.1...parent-4.12.0)

---
updated-dependencies:
- dependency-name: com.squareup.okhttp3:okhttp
  dependency-type: direct:production
  update-type: version-update:semver-major
- dependency-name: com.squareup.okhttp3:logging-interceptor
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump redis.clients:jedis from 1.4.0 to 5.1.2 (#3639)

* Bump redis.clients:jedis from 1.4.0 to 5.1.2

Bumps [redis.clients:jedis](https://github.com/redis/jedis) from 1.4.0 to 5.1.2.
- [Release notes](https://github.com/redis/jedis/releases)
- [Commits](https://github.com/redis/jedis/compare/jedis-1.4.0...v5.1.2)

---
updated-dependencies:
- dependency-name: redis.clients:jedis
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update pom.xml

* Update pom.xml

* Update pom.xml

* Update pom.xml

* Fix tests

* Fix invalid extracted method

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jonas Kunz <jonas.kunz@elastic.co>

* build: bump actions/attest-build-provenance in the github-actions group (#3637)

Bumps the github-actions group with 1 update: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance).


Updates `actions/attest-build-provenance` from 1.1.1 to 1.1.2
- [Release notes](https://github.com/actions/attest-build-provenance/releases)
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md)
- [Commits](https://github.com/actions/attest-build-provenance/compare/951c0c5f8e375ad4efad33405ab77f7ded2358e4...173725a1209d09b31f9d30a3890cf2757ebbff0d)

---
updated-dependencies:
- dependency-name: actions/attest-build-provenance
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* more stack frames for thread dump (#3644)

* pre release: elastic-apm-agent v1.50.0 (#3648)

Co-authored-by: apmmachine <apmmachine@users.noreply.github.com>

* post release: elastic-apm-agent v1.50.0 (#3649)

Co-authored-by: apmmachine <apmmachine@users.noreply.github.com>

* fix docker build for release in CI (#3652)

* ci: use updatecli with GitHub secrets (#3651)

* buildkite: use bot user (#3653)

* build: bump org.springframework.boot:spring-boot-maven-plugin (#3646)

Bumps [org.springframework.boot:spring-boot-maven-plugin](https://github.com/spring-projects/spring-boot) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.2.0...v3.3.0)

---
updated-dependencies:
- dependency-name: org.springframework.boot:spring-boot-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* buildkite: use shared secret for obltmachine (#3656)

* build: bump org.springframework.boot:spring-boot-dependencies from 2.7.16 to 3.3.0 (#3645)

* build: bump org.springframework.boot:spring-boot-dependencies

Bumps [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 2.7.16 to 3.3.0.
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v2.7.16...v3.3.0)

---
updated-dependencies:
- dependency-name: org.springframework.boot:spring-boot-dependencies
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* keep older versions

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com>

* revert jctools to 4.0.1 (#3657)

* revert jctools to 4.0.1

* update changelog

* add a jdk7 check so that we break before releasing! (#3659)

* github-actions: docker login with GitHub secrets (#3658)

* build: bump version.aws.sdk in /apm-agent-plugins (#3661)

Bumps `version.aws.sdk` from 2.25.43 to 2.25.64.

Updates `software.amazon.awssdk:s3` from 2.25.43 to 2.25.64

Updates `software.amazon.awssdk:sqs` from 2.25.43 to 2.25.64

Updates `software.amazon.awssdk:dynamodb` from 2.25.43 to 2.25.64

---
updated-dependencies:
- dependency-name: software.amazon.awssdk:s3
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: software.amazon.awssdk:sqs
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: software.amazon.awssdk:dynamodb
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build: bump version.byte-buddy from 1.14.14 to 1.14.17 (#3664)

* build: bump version.byte-buddy from 1.14.14 to 1.14.17

Bumps `version.byte-buddy` from 1.14.14 to 1.14.17.

Updates `net.bytebuddy:byte-buddy` from 1.14.14 to 1.14.17
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.14.14...byte-buddy-1.14.17)

Updates `net.bytebuddy:byte-buddy-agent` from 1.9.16 to 1.14.17
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.9.16...byte-buddy-1.14.17)

Updates `net.bytebuddy:byte-buddy-dep` from 1.14.14 to 1.14.17
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.14.14...byte-buddy-1.14.17)

---
updated-dependencies:
- dependency-name: net.bytebuddy:byte-buddy
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: net.bytebuddy:byte-buddy-agent
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: net.bytebuddy:byte-buddy-dep
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* revert old known version

* bump asm version to keep it consistent with bytebuddy

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sylvain Juge <763082+SylvainJuge@users.noreply.github.com>

* adding an option to make routing-key part of RabbitMQ transaction names (#3636)


Co-authored-by: Deniza Topalova <deniza@gtmhub.com>

* [release] improve release steps naming (#3667)

* enhance main branch PR message for merge with commit

* minor wording clarifications

* [release] rename release steps

* add PR created in first step in readme

* Fix unreleased changelog (#3669)

* github-action: run buildkite action with GH secrets (#3668)

* github-actions: remove snapshoty (#3670)

* [release] fix typo in release workflow (#3671)

* build: bump docker/login-action from 3.1.0 to 3.2.0 in the github-actions group (#3663)

Bumps the github-actions group with 1 update: [docker/login-action](https://github.com/docker/login-action).

Updates `docker/login-action` from 3.1.0 to 3.2.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/e92390c5fb421da1463c202d546fed0ec5c39f20...0d4c9c5ea7693da7b068278f7b52bda2a190a446)

* build: bump actions/attest-build-provenance in the github-actions group (#3673)

Bumps the github-actions group with 1 update: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance).


Updates `actions/attest-build-provenance` from 1.1.2 to 1.2.0
- [Release notes](https://github.com/actions/attest-build-provenance/releases)
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md)
- [Commits](https://github.com/actions/attest-build-provenance/compare/173725a1209d09b31f9d30a3890cf2757ebbff0d...49df96e17e918a15956db358890b08e61c704919)

---
updated-dependencies:
- dependency-name: actions/attest-build-provenance
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Warn unexpected SpanContext in otel span link (#3672)

* add warning with non elastic spancontext

* update changelog

* ci: use github secrets for GH token (#3678)

* feat(aws-lambda): apm-agent-java (#3680)

* github-actions: use buildkite and slack bot GH secrets (#3679)

* github-actions: use number output (#3681)

* build: bump io.opentelemetry.semconv:opentelemetry-semconv (#3674)

Bumps [io.opentelemetry.semconv:opentelemetry-semconv](https://github.com/open-telemetry/semantic-conventions-java) from 1.23.1-alpha to 1.25.0-alpha.
- [Release notes](https://github.com/open-telemetry/semantic-conventions-java/releases)
- [Changelog](https://github.com/open-telemetry/semantic-conventions-java/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/semantic-conventions-java/commits)

---
updated-dependencies:
- dependency-name: io.opentelemetry.semconv:opentelemetry-semconv
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Remove unused functions and clean up servlet integration test base (#3683)

* Remove unused functions and clean up servlet integration test base

Signed-off-by: Adrian Cole <adrian.cole@elastic.co>

* less code

Signed-off-by: Adrian Cole <adrian.cole@elastic.co>

---------

Signed-off-by: Adrian Cole <adrian.cole@elastic.co>

* Uses MockWebServer instead of a docker container for servlet integration tests (#3684)

Signed-off-by: Adrian Cole <adrian.cole@elastic.co>

* Remove unused API and resolve naming ambiguities (#3561)

* Rename implementation versions of interfaces to reflect their state as non-API.

* Merge main branch.

* Fix test imports.

* Fix plugin imports.

* Fix plugin imports.

* build: bump actions/attest-build-provenance in the github-actions group (#3685)

Bumps the github-actions group with 1 update: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance).


Updates `actions/attest-build-provenance` from 1.2.0 to 1.3.1
- [Release notes](https://github.com/actions/attest-build-provenance/releases)
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md)
- [Commits](https://github.com/actions/attest-build-provenance/compare/49df96e17e918a15956db358890b08e61c704919...534b352d658f90498fd148d231fdbf88f3886a3a)

---
updated-dependencies:
- dependency-name: actions/attest-build-provenance
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Revert "Uses MockWebServer instead of a docker container for servlet integration tests (#3684)" (#3690)

This reverts commit cd893419137fd80981505c754ecea5cce6fb0bbd.

This breaks JBoss startup somehow in non-obvious ways

* build: bump org.jctools:jctools-core from 4.0.1 to 4.0.5 (#3687)

* build: bump org.jctools:jctools-core from 4.0.1 to 4.0.5

Bumps [org.jctools:jctools-core](https://github.com/JCTools/JCTools) from 4.0.1 to 4.0.5.
- [Release notes](https://github.com/JCTools/JCTools/releases)
- [Changelog](https://github.com/JCTools/JCTools/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/JCTools/JCTools/compare/v4.0.1...v4.0.5)

---
updated-dependencies:
- dependency-name: org.jctools:jctools-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* 4.0.5 does support java 7

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: jackshirazi <jack.shirazi@elastic.co>

* build: bump io.micrometer:micrometer-core from 1.12.4 to 1.13.1 (#3688)

Bumps [io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer) from 1.12.4 to 1.13.1.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.12.4...v1.13.1)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build: bump version.aws.sdk from 1.12.215 to 1.12.740 in /apm-agent-plugins (#3677)

* build: bump version.aws.sdk in /apm-agent-plugins

Bumps `version.aws.sdk` from 1.12.215 to 1.12.740.

Updates `com.amazonaws:aws-java-sdk-s3` from 1.12.215 to 1.12.740
- [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-java/compare/1.12.215...1.12.740)

Updates `com.amazonaws:aws-java-sdk-dynamodb` from 1.12.215 to 1.12.740
- [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-java/compare/1.12.215...1.12.740)

Updates `com.amazonaws:aws-java-sdk-sqs` from 1.12.215 to 1.12.740
- [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-java/compare/1.12.215...1.12.740)

---
updated-dependencies:
- dependency-name: com.amazonaws:aws-java-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: com.amazonaws:aws-java-sdk-dynamodb
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: com.amazonaws:aws-java-sdk-sqs
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* AWS changed the comms protocols, need latest localstack

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jack Shirazi <jack.shirazi@elastic.co>

* build: bump actions/attest-build-provenance from 1.3.1 to 1.3.2 in the github-actions group (#3693)

Bumps the github-actions group with 1 update: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance).
Updates `actions/attest-build-provenance` from 1.3.1 to 1.3.2
- [Release notes](https://github.com/actions/attest-build-provenance/releases)
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md)

* Use elastic/oblt-actions/aws/auth@v1.10.0 action to authenticate with AWS (#3696)

* Use elastic/oblt-actions/aws/auth@v1.10.0 action to authenticate with AWS

* Fix input

* Add necessary permissions

* Add comment about filename

* build: bump org.springframework.boot:spring-boot-dependencies from 2.7.16 to 3.3.1 (#3694)

* build: bump org.springframework.boot:spring-boot-dependencies

Bumps [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 2.7.16 to 3.3.1.
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v2.7.16...v3.3.1)

---
updated-dependencies:
- dependency-name: org.springframework.boot:spring-boot-dependencies
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Revert spring 2 version

* Update pom.xml

* Update pom.xml

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jonas Kunz <jonas.kunz@elastic.co>

* build: bump version.jackson from 2.13.3 to 2.17.1 (#3676)

* build: bump version.jackson from 2.13.3 to 2.17.1

Bumps `version.jackson` from 2.13.3 to 2.17.1.

Updates `com.fasterxml.jackson.core:jackson-databind` from 2.13.3 to 2.17.1
- [Commits](https://github.com/FasterXML/jackson/commits)

Updates `com.fasterxml.jackson.module:jackson-module-afterburner` from 2.14.2 to 2.17.1
- [Commits](https://github.com/FasterXML/jackson-modules-base/compare/jackson-modules-base-2.14.2...jackson-modules-base-2.17.1)

Updates `com.fasterxml.jackson.dataformat:jackson-dataformat-cbor` from 2.14.2 to 2.17.1
- [Commits](https://github.com/FasterXML/jackson-dataformats-binary/compare/jackson-dataformats-binary-2.14.2...jackson-dataformats-binary-2.17.1)

Updates `com.fasterxml.jackson.dataformat:jackson-dataformat-protobuf` from 2.14.2 to 2.17.1
- [Commits](https://github.com/FasterXML/jackson-dataformats-binary/compare/jackson-dataformats-binary-2.14.2...jackson-dataformats-binary-2.17.1)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson.core:jackson-databind
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: com.fasterxml.jackson.module:jackson-module-afterburner
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-cbor
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-protobuf
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Revert finagle jackson bump, it only supports 2.13

* switch to BOM for jackson version management

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jonas Kunz <jonas.kunz@elastic.co>

* build: bump com.networknt:json-schema-validator from 1.4.0 to 1.4.3 (#3697)

Bumps [com.networknt:json-schema-validator](https://github.com/networknt/json-schema-validator) from 1.4.0 to 1.4.3.
- [Release notes](https://github.com/networknt/json-schema-validator/releases)
- [Changelog](https://github.com/networknt/json-schema-validator/blob/master/CHANGELOG.md)
- [Commits](https://github.com/networknt/json-schema-validator/compare/1.4.0...1.4.3)

---
updated-dependencies:
- dependency-name: com.networknt:json-schema-validator
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build: bump version.aws.sdk in /apm-agent-plugins (#3703)

Bumps `version.aws.sdk` from 2.25.64 to 2.26.12.

Updates `software.amazon.awssdk:s3` from 2.25.64 to 2.26.12

Updates `software.amazon.awssdk:sqs` from 2.25.64 to 2.26.12

Updates `software.amazon.awssdk:dynamodb` from 2.25.64 to 2.26.12

---
updated-dependencies:
- dependency-name: software.amazon.awssdk:s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: software.amazon.awssdk:sqs
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: software.amazon.awssdk:dynamodb
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build: bump redis.clients:jedis from 1.4.0 to 5.1.3 (#3700)

* build: bump redis.clients:jedis from 1.4.0 to 5.1.3

Bumps [redis.clients:jedis](https://github.com/redis/jedis) from 1.4.0 to 5.1.3.
- [Release notes](https://github.com/redis/jedis/releases)
- [Commits](https://github.com/redis/jedis/compare/jedis-1.4.0...v5.1.3)

---
updated-dependencies:
- dependency-name: redis.clients:jedis
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update pom.xml

* Update pom.xml

* Update pom.xml

* Update pom.xml

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jonas Kunz <jonas.kunz@elastic.co>

* build: bump version.aws.sdk in /apm-agent-plugins (#3705)

Bumps `version.aws.sdk` from 1.12.740 to 1.12.755.

Updates `com.amazonaws:aws-java-sdk-s3` from 1.12.740 to 1.12.755
- [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-java/compare/1.12.740...1.12.755)

Updates `com.amazonaws:aws-java-sdk-dynamodb` from 1.12.740 to 1.12.755
- [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-java/compare/1.12.740...1.12.755)

Updates `com.amazonaws:aws-java-sdk-sqs` from 1.12.740 to 1.12.755
- [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-java/compare/1.12.740...1.12.755)

---
updated-dependencies:
- dependency-name: com.amazonaws:aws-java-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: com.amazonaws:aws-java-sdk-dynamodb
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: com.amazonaws:aws-java-sdk-sqs
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build: bump org.assertj:assertj-core from 3.25.3 to 3.26.0 (#3701)

Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.25.3 to 3.26.0.
- [Release notes](https://github.com/assertj/assertj/releases)
- [Commits](https://github.com/assertj/assertj/compare/assertj-build-3.25.3...assertj-build-3.26.0)

---
updated-dependencies:
- dependency-name: org.assertj:assertj-core
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add elastic-otel-java to weekly benchmarks (#3706)

* Add elastic-otel-java to weekly benchmarks

* Apply suggestions from code review

Co-authored-by: jackshirazi <jacks@fasterj.com>

* Fix wrong agent name

* Shorten name to not mess up results table

* Even shorter name

---------

Co-authored-by: jackshirazi <jacks@fasterj.com>

* updatecli: use shared policy (#3707)

* Run opentelemetry benchmarks for individual features (#3708)

* Add benchmarks for individual distro features on snapshot

* Fix argument generation

* runtime attach: prevent NPE with null value (#3712)

* runtime attach: prevent NPE with null value

* build: bump com.networknt:json-schema-validator from 1.4.3 to 1.5.0 (#3710)

Bumps [com.networknt:json-schema-validator](https://github.com/networknt/json-schema-validator) from 1.4.3 to 1.5.0.
- [Release notes](https://github.com/networknt/json-schema-validator/releases)
- [Changelog](https://github.com/networknt/json-schema-validator/blob/master/CHANGELOG.md)
- [Commits](https://github.com/networknt/json-schema-validator/compare/1.4.3...1.5.0)

---
updated-dependencies:
- dependency-name: com.networknt:json-schema-validator
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* updatecli: bump policies too (#3714)

* [DOCS] Clarify error capturing (#3716)

Clarify we collect the exceptions passed to a `logger.error`, not the message of the `logger.error`.

* deps(updatecli): bump all policies (#3715)

* build: bump actions/attest-build-provenance in the github-actions group (#3717)

Bumps the github-actions group with 1 update: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance).


Updates `actions/attest-build-provenance` from 1.3.2 to 1.3.3
- [Release notes](https://github.com/actions/attest-build-provenance/releases)
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md)
- [Commits](https://github.com/actions/attest-build-provenance/compare/bdd51370e0416ac948727f861e03c2f05d32d78e...5e9cb68e95676991667494a6a4e59b8a2f13e1d0)

---
updated-dependencies:
- dependency-name: actions/attest-build-provenance
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build: bump org.assertj:assertj-core from 3.26.0 to 3.26.3 (#3720)

Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.26.0 to 3.26.3.
- [Release notes](https://github.com/assertj/assertj/releases)
- [Commits](https://github.com/assertj/assertj/compare/assertj-build-3.26.0...assertj-build-3.26.3)

---
updated-dependencies:
- dependency-name: org.assertj:assertj-core
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* z/OS avoids using NOFOLLOW_LINKS (#3722)

* z/OS avoids using NOFOLLOW_LINKS

* add changelg entry for zos-no-follow-links

* build: bump version.byte-buddy from 1.14.17 to 1.14.18 (#3718)

* build: bump version.byte-buddy from 1.14.17 to 1.14.18

Bumps `version.byte-buddy` from 1.14.17 to 1.14.18.

Updates `net.bytebuddy:byte-buddy` from 1.14.17 to 1.14.18
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.14.17...byte-buddy-1.14.18)

Updates `net.bytebuddy:byte-buddy-agent` from 1.9.16 to 1.14.18
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.9.16...byte-buddy-1.14.18)

Updates `net.bytebuddy:byte-buddy-dep` from 1.14.17 to 1.14.18
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.14.17...byte-buddy-1.14.18)

---
updated-dependencies:
- dependency-name: net.bytebuddy:byte-buddy
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: net.bytebuddy:byte-buddy-agent
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: net.bytebuddy:byte-buddy-dep
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* old version stays

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: jackshirazi <jack.shirazi@elastic.co>

* Capture request body for Apache HttpClient 4.x (#3692)


Co-authored-by: jackshirazi <jacks@fasterj.com>

* jmx-metrics-fix (#3713)

* properly handle missing metrics with non-wildcards

* update changelog

---------

Co-authored-by: jackshirazi <jack.shirazi@elastic.co>

* build: bump io.micrometer:micrometer-core from 1.13.1 to 1.13.2 (#3729)

Bumps [io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer) from 1.13.1 to 1.13.2.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.13.1...v1.13.2)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build: bump org.springframework.boot:spring-boot-dependencies from 2.7.16 to 3.3.2 (#3727)

* build: bump org.springframework.boot:spring-boot-dependencies

Bumps [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 2.7.16 to 3.3.2.
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v2.7.16...v3.3.2)

---
updated-dependencies:
- dependency-name: org.springframework.boot:spring-boot-dependencies
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update pom.xml

* Update pom.xml

* Update pom.xml

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: jackshirazi <jack.shirazi@elastic.co>

* pre release: elastic-apm-agent v1.51.0 (#3731)

Co-authored-by: obltmachine <obltmachine@users.noreply.github.com>

* Use 1.5.5 lambda layer for tests because 1.5.6 seems to be broken (#3735)

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Adrien Mannocci <adrien.mannocci@elastic.co>
Signed-off-by: Adrian Cole <adrian.cole@elastic.co>
Co-authored-by: apmmachine <apmmachine@users.noreply.github.com>
Co-authored-by: Victor Martinez <victormartinezrubio@gmail.com>
Co-authored-by: Som <111349830+someshwaranM@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jonas Kunz <jonas.kunz@elastic.co>
Co-authored-by: SylvainJuge <763082+SylvainJuge@users.noreply.github.com>
Co-authored-by: Jan Calanog <jan.calanog@elastic.co>
Co-authored-by: Rafael Winterhalter <rafael.wth@gmail.com>
Co-authored-by: Nugusbayev Kanagat <48118512+videnkz@users.noreply.github.com>
Co-authored-by: Adrien Mannocci <adrien.mannocci@elastic.co>
Co-authored-by: jackshirazi <jack.shirazi@elastic.co>
Co-authored-by: apmmachine <58790750+apmmachine@users.noreply.github.com>
Co-authored-by: Thomas ANDRI Wijayanto <hostbugbounty1337@gmail.com>
Co-authored-by: Deniza Topalova <129867589+deni-topalova@users.noreply.github.com>
Co-authored-by: Deniza Topalova <deniza@gtmhub.com>
Co-authored-by: Adrian Cole <64215+codefromthecrypt@users.noreply.github.com>
Co-authored-by: jackshirazi <jacks@fasterj.com>
Co-authored-by: Luca Belluccini <luca.belluccini@elastic.co>
Co-authored-by: obltmachine <obltmachine@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
Status: Done
Development

Successfully merging this pull request may close these issues.

3 participants