From f364133bf25ef1c2e7219cbd5d93a42c5c8f83f8 Mon Sep 17 00:00:00 2001 From: Riccardo Magliocchetti Date: Thu, 4 Apr 2024 17:58:57 +0200 Subject: [PATCH 01/16] CONTRIBUTING: describe how to create the pr to the vX.x branch (#2026) Create a PR from a branch already rebased so that the commit list in the github UI is clean. --- CONTRIBUTING.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 21180e9f1..c58fbb7c6 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -192,7 +192,8 @@ If you have commit access, the process is as follows: 1. Tag the commit with `git tag -s vX.Y.Z`, for example `git tag -s v1.2.3`. Copy the changelog for the release to the tag message, removing any leading `#`. 1. Push tag upstream with `git push upstream --tags` (and optionally to your own fork as well) -1. Open a PR from `main` to the major branch, e.g. `1.x` to update it. In order to keep history you may want to +1. Open a PR from `main` to the major branch, e.g. `1.x` to update it. In order to keep history create a + branch from the `main` branch, rebase it on top of the major branch to drop duplicated commits and then merge with the `rebase` strategy. It is crucial that `main` and the major branch have the same content. 1. After tests pass, Github Actions will automatically build and push the new release to PyPI. 1. Edit and publish the [draft Github release](https://github.com/elastic/apm-agent-python/releases) From 085ed0db01f38d6b7d8c56c19952480b2e7e88aa Mon Sep 17 00:00:00 2001 From: apmmachine <58790750+apmmachine@users.noreply.github.com> Date: Wed, 10 Apr 2024 10:30:38 -0400 Subject: [PATCH 02/16] chore: APM agent json server schema a76e999543efb3ba803c9a57dd13a4f6b... (#2028) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ... 3ffa7e1 Made with ❤️️ by updatecli Co-authored-by: apmmachine --- tests/upstream/json-specs/metadata.json | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tests/upstream/json-specs/metadata.json b/tests/upstream/json-specs/metadata.json index 7103bbeb5..1122ed68c 100644 --- a/tests/upstream/json-specs/metadata.json +++ b/tests/upstream/json-specs/metadata.json @@ -441,6 +441,14 @@ ], "maxLength": 1024 }, + "host_id": { + "description": "The OpenTelemetry semantic conventions compliant \"host.id\" attribute, if available.", + "type": [ + "null", + "string" + ], + "maxLength": 1024 + }, "hostname": { "description": "Deprecated: Use ConfiguredHostname and DetectedHostname instead. DeprecatedHostname is the host name of the system the service is running on. It does not distinguish between configured and detected hostname and therefore is deprecated and only used if no other hostname information is available.", "type": [ From 71bd1998d39288c998a52731898133565050c07c Mon Sep 17 00:00:00 2001 From: timostrunk Date: Thu, 18 Apr 2024 13:40:23 +0200 Subject: [PATCH 03/16] Relaxed wrapt-dependency to only blacklist 1.15.0 (#2005) --- setup.cfg | 2 +- tests/requirements/reqs-base.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/setup.cfg b/setup.cfg index ce33450a6..2dca4283e 100644 --- a/setup.cfg +++ b/setup.cfg @@ -39,7 +39,7 @@ zip_safe = false install_requires = urllib3!=2.0.0,<3.0.0 certifi - wrapt>=1.14.1,<1.15.0 # https://github.com/elastic/apm-agent-python/issues/1894 + wrapt>=1.14.1,!=1.15.0 # https://github.com/elastic/apm-agent-python/issues/1894 ecs_logging test_suite=tests diff --git a/tests/requirements/reqs-base.txt b/tests/requirements/reqs-base.txt index 747e42631..849469a79 100644 --- a/tests/requirements/reqs-base.txt +++ b/tests/requirements/reqs-base.txt @@ -29,7 +29,7 @@ mock pytz ecs_logging structlog -wrapt>=1.14.1,<1.15.0 +wrapt>=1.14.1,!=1.15.0 simplejson pytest-asyncio==0.21.0 ; python_version >= '3.7' From 186996ff7d3120dd4baab413f68b80f8c39800d5 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Tue, 23 Apr 2024 18:18:58 +0200 Subject: [PATCH 04/16] github-action: enable provenance (#2014) --- .github/actions/build-distribution/action.yml | 21 +++++++ .github/actions/packages/action.yml | 31 ++++++++++ .github/dependabot.yml | 27 ++++++++ .github/workflows/build-distribution.yml | 23 ------- .github/workflows/packages.yml | 25 ++------ .github/workflows/release.yml | 62 +++++++++++++------ .github/workflows/test.yml | 6 +- dev-utils/make-packages.sh | 16 +++++ 8 files changed, 147 insertions(+), 64 deletions(-) create mode 100644 .github/actions/build-distribution/action.yml create mode 100644 .github/actions/packages/action.yml delete mode 100644 .github/workflows/build-distribution.yml create mode 100755 dev-utils/make-packages.sh diff --git a/.github/actions/build-distribution/action.yml b/.github/actions/build-distribution/action.yml new file mode 100644 index 000000000..bc0d55c29 --- /dev/null +++ b/.github/actions/build-distribution/action.yml @@ -0,0 +1,21 @@ +--- + +name: common build distribution tasks +description: Run the build distribution + +runs: + using: "composite" + steps: + - uses: actions/setup-python@v5 + with: + python-version: "3.10" + + - name: Build lambda layer zip + run: ./dev-utils/make-distribution.sh + shell: bash + + - uses: actions/upload-artifact@v4 + with: + name: build-distribution + path: ./build/ + if-no-files-found: error diff --git a/.github/actions/packages/action.yml b/.github/actions/packages/action.yml new file mode 100644 index 000000000..3ffda1d8c --- /dev/null +++ b/.github/actions/packages/action.yml @@ -0,0 +1,31 @@ +--- + +name: common package tasks +description: Run the packages + +runs: + using: "composite" + steps: + - uses: actions/setup-python@v5 + with: + python-version: "3.10" + - name: Override the version if there is no tag release. + run: | + if [[ "${GITHUB_REF}" != refs/tags/* ]]; then + echo "ELASTIC_CI_POST_VERSION=${{ github.run_id }}" >> "${GITHUB_ENV}" + fi + shell: bash + - name: Build packages + run: ./dev-utils/make-packages.sh + shell: bash + - name: Upload Packages + uses: actions/upload-artifact@v4 + with: + name: packages + path: | + dist/*.whl + dist/*tar.gz + - name: generate build provenance + uses: github-early-access/generate-build-provenance@main + with: + subject-path: "${{ github.workspace }}/dist/*" \ No newline at end of file diff --git a/.github/dependabot.yml b/.github/dependabot.yml index eb1cff95b..afb941790 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -29,3 +29,30 @@ updates: github-actions: patterns: - "*" + + # GitHub composite actions + - package-ecosystem: "github-actions" + directory: "/.github/actions/packages" + reviewers: + - "elastic/observablt-ci" + schedule: + interval: "weekly" + day: "sunday" + time: "22:00" + groups: + github-actions: + patterns: + - "*" + + - package-ecosystem: "github-actions" + directory: "/.github/actions/build-distribution" + reviewers: + - "elastic/observablt-ci" + schedule: + interval: "weekly" + day: "sunday" + time: "22:00" + groups: + github-actions: + patterns: + - "*" diff --git a/.github/workflows/build-distribution.yml b/.github/workflows/build-distribution.yml deleted file mode 100644 index ba8497e0c..000000000 --- a/.github/workflows/build-distribution.yml +++ /dev/null @@ -1,23 +0,0 @@ -name: build-distribution - -on: - workflow_call: ~ - -permissions: - contents: read - -jobs: - build: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - uses: actions/setup-python@v5 - with: - python-version: "3.10" - - name: Build lambda layer zip - run: ./dev-utils/make-distribution.sh - - uses: actions/upload-artifact@v3 - with: - name: build-distribution - path: ./build/ - if-no-files-found: error diff --git a/.github/workflows/packages.yml b/.github/workflows/packages.yml index 4f04d78a4..7e11b4a6c 100644 --- a/.github/workflows/packages.yml +++ b/.github/workflows/packages.yml @@ -18,27 +18,10 @@ permissions: jobs: build: + permissions: + id-token: write + contents: write runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - uses: actions/setup-python@v5 - with: - python-version: "3.10" - - name: Override the version if there is no tag release. - run: | - if [[ "${GITHUB_REF}" != refs/tags/* ]]; then - echo "ELASTIC_CI_POST_VERSION=${{ github.run_id }}" >> "${GITHUB_ENV}" - fi - - name: Install wheel - run: pip install --user wheel - - name: Building universal wheel - run: python setup.py bdist_wheel - - name: Building source distribution - run: python setup.py sdist - - name: Upload Packages - uses: actions/upload-artifact@v4 - with: - name: packages - path: | - dist/*.whl - dist/*tar.gz + - uses: ./.github/actions/packages diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 5f91014b4..616cd9d4d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -18,7 +18,13 @@ jobs: enabled: ${{ startsWith(github.ref, 'refs/tags') }} packages: - uses: ./.github/workflows/packages.yml + permissions: + id-token: write + contents: write + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: ./.github/actions/packages publish-pypi: needs: @@ -46,7 +52,17 @@ jobs: repository-url: https://test.pypi.org/legacy/ build-distribution: - uses: ./.github/workflows/build-distribution.yml + permissions: + id-token: write + contents: write + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: ./.github/actions/build-distribution + - name: generate build provenance + uses: github-early-access/generate-build-provenance@main + with: + subject-path: "${{ github.workspace }}/build/dist/elastic-apm-python-lambda-layer.zip" publish-lambda-layers: needs: @@ -63,7 +79,7 @@ jobs: secrets: | secret/observability-team/ci/service-account/apm-agent-python access_key_id | AWS_ACCESS_KEY_ID ; secret/observability-team/ci/service-account/apm-agent-python secret_access_key | AWS_SECRET_ACCESS_KEY - - uses: actions/download-artifact@v3 + - uses: actions/download-artifact@v4 with: name: build-distribution path: ./build @@ -86,6 +102,9 @@ jobs: needs: - build-distribution runs-on: ubuntu-latest + permissions: + id-token: write + contents: write env: DOCKER_IMAGE_NAME: docker.elastic.co/observability/apm-agent-python steps: @@ -97,7 +116,7 @@ jobs: url: ${{ secrets.VAULT_ADDR }} roleId: ${{ secrets.VAULT_ROLE_ID }} secretId: ${{ secrets.VAULT_SECRET_ID }} - - uses: actions/download-artifact@v3 + - uses: actions/download-artifact@v4 with: name: build-distribution path: ./build @@ -107,25 +126,30 @@ jobs: if [ "${{ startsWith(github.ref, 'refs/tags') }}" == "false" ] ; then # for testing purposes echo "tag=test" >> "${GITHUB_OUTPUT}" + echo "latest=test-latest" >> "${GITHUB_OUTPUT}" else # version without v prefix (e.g. 1.2.3) echo "tag=${GITHUB_REF_NAME/v/}" >> "${GITHUB_OUTPUT}" + echo "latest=latest" >> "${GITHUB_OUTPUT}" fi - - name: Docker build - run: >- - docker build - -t ${{ env.DOCKER_IMAGE_NAME }}:${{ steps.setup-docker.outputs.tag }} - --build-arg AGENT_DIR=./build/dist/package/python - . - - name: Docker retag - run: >- - docker tag - ${{ env.DOCKER_IMAGE_NAME }}:${{ steps.setup-docker.outputs.tag }} - ${{ env.DOCKER_IMAGE_NAME }}:latest - - name: Docker push - if: startsWith(github.ref, 'refs/tags') - run: |- - docker push --all-tags ${{ env.DOCKER_IMAGE_NAME }} + - name: Build and push image + id: push + uses: docker/build-push-action@v5.3.0 + with: + context: . + push: true + tags: | + ${{ env.DOCKER_IMAGE_NAME }}:${{ steps.setup-docker.outputs.tag }} + ${{ env.DOCKER_IMAGE_NAME }}:${{ steps.setup-docker.outputs.latest }} + build-args: | + AGENT_DIR=./build/dist/package/python + + - name: Attest image + uses: github-early-access/generate-build-provenance@main + with: + subject-name: "${{ env.DOCKER_IMAGE_NAME }}:${{ steps.setup-docker.outputs.tag }}" + subject-digest: ${{ steps.push.outputs.digest }} + push-to-registry: false github-draft: permissions: diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 381c317b0..967378697 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -35,7 +35,11 @@ permissions: jobs: build-distribution: - uses: ./.github/workflows/build-distribution.yml + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: ./.github/actions/build-distribution + create-matrix: runs-on: ubuntu-latest diff --git a/dev-utils/make-packages.sh b/dev-utils/make-packages.sh new file mode 100755 index 000000000..91b2a7bd1 --- /dev/null +++ b/dev-utils/make-packages.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# +# Make a Python APM agent distribution +# + +echo "::group::Install wheel" +pip install --user wheel +echo "::endgroup::" + +echo "::group::Building universal wheel" +python setup.py bdist_wheel +echo "::endgroup::" + +echo "::group::Building source distribution" +python setup.py sdist +echo "::endgroup::" From ffc08616a2426f48147e149f7dbdf977b93a3154 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Wed, 24 Apr 2024 10:49:33 +0200 Subject: [PATCH 05/16] github-action: use container image for provenance (#2030) --- .github/workflows/release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 616cd9d4d..96b8e279a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -144,10 +144,10 @@ jobs: build-args: | AGENT_DIR=./build/dist/package/python - - name: Attest image + - name: generate build provenance (containers) uses: github-early-access/generate-build-provenance@main with: - subject-name: "${{ env.DOCKER_IMAGE_NAME }}:${{ steps.setup-docker.outputs.tag }}" + subject-name: "${{ env.DOCKER_IMAGE_NAME }}" subject-digest: ${{ steps.push.outputs.digest }} push-to-registry: false From 52e9c1b7ea261d81048f1e633f1fd7cfee6f84c7 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Fri, 26 Apr 2024 13:57:52 +0200 Subject: [PATCH 06/16] github-action: add attestations scope (#2032) --- .github/actions/packages/action.yml | 4 ---- .github/workflows/packages.yml | 3 --- .github/workflows/release.yml | 7 +++++++ 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/actions/packages/action.yml b/.github/actions/packages/action.yml index 3ffda1d8c..871f49c32 100644 --- a/.github/actions/packages/action.yml +++ b/.github/actions/packages/action.yml @@ -25,7 +25,3 @@ runs: path: | dist/*.whl dist/*tar.gz - - name: generate build provenance - uses: github-early-access/generate-build-provenance@main - with: - subject-path: "${{ github.workspace }}/dist/*" \ No newline at end of file diff --git a/.github/workflows/packages.yml b/.github/workflows/packages.yml index 7e11b4a6c..496107508 100644 --- a/.github/workflows/packages.yml +++ b/.github/workflows/packages.yml @@ -18,9 +18,6 @@ permissions: jobs: build: - permissions: - id-token: write - contents: write runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 96b8e279a..31932eb2e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -19,12 +19,17 @@ jobs: packages: permissions: + attestations: write id-token: write contents: write runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: ./.github/actions/packages + - name: generate build provenance + uses: github-early-access/generate-build-provenance@main + with: + subject-path: "${{ github.workspace }}/dist/*" publish-pypi: needs: @@ -53,6 +58,7 @@ jobs: build-distribution: permissions: + attestations: write id-token: write contents: write runs-on: ubuntu-latest @@ -103,6 +109,7 @@ jobs: - build-distribution runs-on: ubuntu-latest permissions: + attestations: write id-token: write contents: write env: From 880c5945aac6e3c54a4ebe63bfc67a980b39d2f1 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Tue, 7 May 2024 15:41:59 +0200 Subject: [PATCH 07/16] ci: use docker/metadata-action to gather tags/labels (#2033) --- .github/workflows/release.yml | 32 +++++++++++++++----------------- 1 file changed, 15 insertions(+), 17 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 31932eb2e..841057ac2 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -123,31 +123,29 @@ jobs: url: ${{ secrets.VAULT_ADDR }} roleId: ${{ secrets.VAULT_ROLE_ID }} secretId: ${{ secrets.VAULT_SECRET_ID }} + - uses: actions/download-artifact@v4 with: name: build-distribution path: ./build - - id: setup-docker - name: Set up docker variables - run: |- - if [ "${{ startsWith(github.ref, 'refs/tags') }}" == "false" ] ; then - # for testing purposes - echo "tag=test" >> "${GITHUB_OUTPUT}" - echo "latest=test-latest" >> "${GITHUB_OUTPUT}" - else - # version without v prefix (e.g. 1.2.3) - echo "tag=${GITHUB_REF_NAME/v/}" >> "${GITHUB_OUTPUT}" - echo "latest=latest" >> "${GITHUB_OUTPUT}" - fi + + - name: Extract metadata (tags, labels) + id: docker-meta + uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 + with: + images: ${{ env.DOCKER_IMAGE_NAME }} + tags: | + type=raw,value=latest,prefix=test-,enable={{is_default_branch}} + type=semver,pattern={{version}} + - name: Build and push image id: push - uses: docker/build-push-action@v5.3.0 + uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 with: context: . push: true - tags: | - ${{ env.DOCKER_IMAGE_NAME }}:${{ steps.setup-docker.outputs.tag }} - ${{ env.DOCKER_IMAGE_NAME }}:${{ steps.setup-docker.outputs.latest }} + tags: ${{ steps.docker-meta.outputs.tags }} + labels: ${{ steps.docker-meta.outputs.labels }} build-args: | AGENT_DIR=./build/dist/package/python @@ -156,7 +154,7 @@ jobs: with: subject-name: "${{ env.DOCKER_IMAGE_NAME }}" subject-digest: ${{ steps.push.outputs.digest }} - push-to-registry: false + push-to-registry: true github-draft: permissions: From e4488ede6dffd475d8c9ac6d82aa7a31303b349d Mon Sep 17 00:00:00 2001 From: Riccardo Magliocchetti Date: Wed, 8 May 2024 09:13:44 +0200 Subject: [PATCH 08/16] tests: pick mysql image tagged as 8.0 (#2035) As for some reason latest 8.4.0 is not working. --- tests/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/docker-compose.yml b/tests/docker-compose.yml index 48b43cda2..62a05c83f 100644 --- a/tests/docker-compose.yml +++ b/tests/docker-compose.yml @@ -130,7 +130,7 @@ services: - pymssqldata:/var/opt/mssql mysql: - image: mysql + image: mysql:8.0 command: --default-authentication-plugin=mysql_native_password --log_error_verbosity=3 environment: - MYSQL_DATABASE=eapm_tests From c6fa2f70711cb598b583bdc331b1a988337e6bc0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 8 May 2024 17:23:40 +0200 Subject: [PATCH 09/16] build(deps): bump jinja2 from 3.0.3 to 3.1.4 in /tests/requirements (#2034) * build(deps): bump jinja2 from 3.0.3 to 3.1.4 in /tests/requirements Bumps [jinja2](https://github.com/pallets/jinja) from 3.0.3 to 3.1.4. - [Release notes](https://github.com/pallets/jinja/releases) - [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst) - [Commits](https://github.com/pallets/jinja/compare/3.0.3...3.1.4) --- updated-dependencies: - dependency-name: jinja2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] * Update tests/requirements/reqs-jinja2-2.txt --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Riccardo Magliocchetti --- tests/requirements/reqs-asgi-2.txt | 2 +- tests/requirements/reqs-base.txt | 2 +- tests/requirements/reqs-flask-1.0.txt | 2 +- tests/requirements/reqs-flask-1.1.txt | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/requirements/reqs-asgi-2.txt b/tests/requirements/reqs-asgi-2.txt index eecc89d9a..97ff3022d 100644 --- a/tests/requirements/reqs-asgi-2.txt +++ b/tests/requirements/reqs-asgi-2.txt @@ -1,6 +1,6 @@ quart==0.6.13 MarkupSafe<2.1 -jinja2==3.0.3 +jinja2==3.1.4 async-asgi-testclient asgiref -r reqs-base.txt diff --git a/tests/requirements/reqs-base.txt b/tests/requirements/reqs-base.txt index 849469a79..4f79a5929 100644 --- a/tests/requirements/reqs-base.txt +++ b/tests/requirements/reqs-base.txt @@ -8,7 +8,7 @@ coverage[toml]==6.3 ; python_version == '3.7' coverage==7.3.1 ; python_version > '3.7' pytest-cov==4.0.0 ; python_version < '3.8' pytest-cov==4.1.0 ; python_version > '3.7' -jinja2==3.1.2 ; python_version == '3.7' +jinja2==3.1.4 ; python_version == '3.7' pytest-localserver==0.5.0 pytest-mock==3.6.1 ; python_version == '3.6' pytest-mock==3.10.0 ; python_version > '3.6' diff --git a/tests/requirements/reqs-flask-1.0.txt b/tests/requirements/reqs-flask-1.0.txt index 029a82cdf..b81a74b02 100644 --- a/tests/requirements/reqs-flask-1.0.txt +++ b/tests/requirements/reqs-flask-1.0.txt @@ -1,4 +1,4 @@ -jinja2<3.1.0 +jinja2<3.2.0 Werkzeug<2.1.0 Flask>=1.0,<1.1 MarkupSafe<2.1 diff --git a/tests/requirements/reqs-flask-1.1.txt b/tests/requirements/reqs-flask-1.1.txt index 107d375d5..cd32a4696 100644 --- a/tests/requirements/reqs-flask-1.1.txt +++ b/tests/requirements/reqs-flask-1.1.txt @@ -1,4 +1,4 @@ -jinja2<3.1.0 +jinja2<3.2.0 Werkzeug<2.1.0 Flask>=1.1,<1.2 MarkupSafe<2.1 From c15a7bdf4d862d1b3f4b010d5da7d43efc52ea4a Mon Sep 17 00:00:00 2001 From: Riccardo Magliocchetti Date: Fri, 10 May 2024 09:43:27 +0200 Subject: [PATCH 10/16] tests: revert bumping jinja2 in flask 1.0 tests (#2037) Unfortunately flask 1.0 does not work with jinja 3.1.x: venv/lib/python3.10/site-packages/flask/__init__.py:19: in from jinja2 import Markup, escape E ImportError: cannot import name 'Markup' from 'jinja2' --- tests/requirements/reqs-flask-1.0.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/requirements/reqs-flask-1.0.txt b/tests/requirements/reqs-flask-1.0.txt index b81a74b02..029a82cdf 100644 --- a/tests/requirements/reqs-flask-1.0.txt +++ b/tests/requirements/reqs-flask-1.0.txt @@ -1,4 +1,4 @@ -jinja2<3.2.0 +jinja2<3.1.0 Werkzeug<2.1.0 Flask>=1.0,<1.1 MarkupSafe<2.1 From 73ac28047f7c8ff359d665a817516aa9f1275948 Mon Sep 17 00:00:00 2001 From: Riccardo Magliocchetti Date: Tue, 14 May 2024 09:31:05 +0200 Subject: [PATCH 11/16] Assume os.getppid is always available (#2038) It's always available since 3.2 and tests are already assuming that. --- elasticapm/base.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/elasticapm/base.py b/elasticapm/base.py index ff2fd6e25..2c82f0d88 100644 --- a/elasticapm/base.py +++ b/elasticapm/base.py @@ -374,7 +374,7 @@ def get_service_info(self): def get_process_info(self): result = { "pid": os.getpid(), - "ppid": os.getppid() if hasattr(os, "getppid") else None, + "ppid": os.getppid(), "title": None, # Note: if we implement this, the value needs to be wrapped with keyword_field } if self.config.include_process_args: From 4196b3440f3fc3502d8a891f225089320f5aa1a1 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Tue, 14 May 2024 17:47:44 +0200 Subject: [PATCH 12/16] github-action: delete opentelemetry workflow (#2039) --- .github/workflows/opentelemetry.yml | 22 ---------------------- 1 file changed, 22 deletions(-) delete mode 100644 .github/workflows/opentelemetry.yml diff --git a/.github/workflows/opentelemetry.yml b/.github/workflows/opentelemetry.yml deleted file mode 100644 index 84a6209ff..000000000 --- a/.github/workflows/opentelemetry.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -# Look up results at https://ela.st/oblt-ci-cd-stats. -# There will be one service per GitHub repository, including the org name, and one Transaction per Workflow. -name: OpenTelemetry Export Trace - -on: - workflow_run: - workflows: [ "*" ] - types: [completed] - -permissions: - contents: read - -jobs: - otel-export-trace: - runs-on: ubuntu-latest - steps: - - uses: elastic/apm-pipeline-library/.github/actions/opentelemetry@current - with: - vaultUrl: ${{ secrets.VAULT_ADDR }} - vaultRoleId: ${{ secrets.VAULT_ROLE_ID }} - vaultSecretId: ${{ secrets.VAULT_SECRET_ID }} From ecac14284bd33160cb019d30af19130afc3994d0 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Tue, 14 May 2024 21:32:12 +0200 Subject: [PATCH 13/16] ci: build and push Docker image based on Chainguard base image (#2036) --- .github/workflows/release.yml | 7 +++++++ Dockerfile.wolfi | 3 +++ 2 files changed, 10 insertions(+) create mode 100644 Dockerfile.wolfi diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 841057ac2..854ee4231 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -112,6 +112,10 @@ jobs: attestations: write id-token: write contents: write + strategy: + fail-fast: false + matrix: + dockerfile: [ 'Dockerfile', 'Dockerfile.wolfi' ] env: DOCKER_IMAGE_NAME: docker.elastic.co/observability/apm-agent-python steps: @@ -137,6 +141,8 @@ jobs: tags: | type=raw,value=latest,prefix=test-,enable={{is_default_branch}} type=semver,pattern={{version}} + flavor: | + suffix=${{ contains(matrix.dockerfile, 'wolfi') && '-wolfi' || '' }} - name: Build and push image id: push @@ -144,6 +150,7 @@ jobs: with: context: . push: true + file: ${{ matrix.dockerfile }} tags: ${{ steps.docker-meta.outputs.tags }} labels: ${{ steps.docker-meta.outputs.labels }} build-args: | diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi new file mode 100644 index 000000000..1ed923ce5 --- /dev/null +++ b/Dockerfile.wolfi @@ -0,0 +1,3 @@ +FROM docker.elastic.co/wolfi/chainguard-base@sha256:9f940409f96296ef56140bcc4665c204dd499af4c32c96cc00e792558097c3f1 +ARG AGENT_DIR +COPY ${AGENT_DIR} /opt/python \ No newline at end of file From ce6eb5d4605a90b5721144ea865822d5b5bf9cba Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Wed, 15 May 2024 09:04:42 +0200 Subject: [PATCH 14/16] github-action: use actions/attest-build-provenance (#2040) --- .github/workflows/release.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 854ee4231..cc0de40a2 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -27,7 +27,7 @@ jobs: - uses: actions/checkout@v4 - uses: ./.github/actions/packages - name: generate build provenance - uses: github-early-access/generate-build-provenance@main + uses: actions/attest-build-provenance@951c0c5f8e375ad4efad33405ab77f7ded2358e4 # v1.1.1 with: subject-path: "${{ github.workspace }}/dist/*" @@ -66,7 +66,7 @@ jobs: - uses: actions/checkout@v4 - uses: ./.github/actions/build-distribution - name: generate build provenance - uses: github-early-access/generate-build-provenance@main + uses: actions/attest-build-provenance@951c0c5f8e375ad4efad33405ab77f7ded2358e4 # v1.1.1 with: subject-path: "${{ github.workspace }}/build/dist/elastic-apm-python-lambda-layer.zip" @@ -157,7 +157,7 @@ jobs: AGENT_DIR=./build/dist/package/python - name: generate build provenance (containers) - uses: github-early-access/generate-build-provenance@main + uses: actions/attest-build-provenance@951c0c5f8e375ad4efad33405ab77f7ded2358e4 # v1.1.1 with: subject-name: "${{ env.DOCKER_IMAGE_NAME }}" subject-digest: ${{ steps.push.outputs.digest }} From 011c6b4d53188b6cda8479daca19a1493655c7c5 Mon Sep 17 00:00:00 2001 From: Riccardo Magliocchetti Date: Thu, 16 May 2024 10:57:45 +0200 Subject: [PATCH 15/16] contrib/serverless: remove aws reference from azure implementation (#2042) --- elasticapm/contrib/serverless/azure.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/elasticapm/contrib/serverless/azure.py b/elasticapm/contrib/serverless/azure.py index ed2444d60..c5df4882a 100644 --- a/elasticapm/contrib/serverless/azure.py +++ b/elasticapm/contrib/serverless/azure.py @@ -43,8 +43,6 @@ from elasticapm.utils.disttracing import TraceParent from elasticapm.utils.logging import get_logger -SERVERLESS_HTTP_REQUEST = ("api", "elb") - logger = get_logger("elasticapm.serverless") _AnnotatedFunctionT = TypeVar("_AnnotatedFunctionT") From 62448d38c25736e898fb37caeae2a6613d05e15b Mon Sep 17 00:00:00 2001 From: Riccardo Magliocchetti Date: Fri, 17 May 2024 15:40:27 +0200 Subject: [PATCH 16/16] update CHANGELOG and bump version to 6.22.1 (#2044) --- CHANGELOG.asciidoc | 8 ++++++++ elasticapm/version.py | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.asciidoc b/CHANGELOG.asciidoc index 03f4e048f..cf6a99a7c 100644 --- a/CHANGELOG.asciidoc +++ b/CHANGELOG.asciidoc @@ -32,6 +32,14 @@ endif::[] [[release-notes-6.x]] === Python Agent version 6.x +[[release-notes-6.22.1]] +==== 6.22.1 - 2024-05-17 + +[float] +===== Features + +* Relax wrapt dependency to only exclude 1.15.0 {pull}2005[#2005] + [[release-notes-6.22.0]] ==== 6.22.0 - 2024-04-03 diff --git a/elasticapm/version.py b/elasticapm/version.py index c8799817e..e778fc5b2 100644 --- a/elasticapm/version.py +++ b/elasticapm/version.py @@ -28,5 +28,5 @@ # OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -__version__ = (6, 22, 0) +__version__ = (6, 22, 1) VERSION = ".".join(map(str, __version__))