-
Notifications
You must be signed in to change notification settings - Fork 324
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ci: build and push Docker image based on Chainguard base image #3623
Conversation
Signed-off-by: Victor Martinez <[email protected]>
then | ||
# We have build files to use | ||
echo "INFO: Found local build artifact. Using locally built for Docker build" | ||
find -E ${PROJECT_ROOT}elastic-apm-agent/target -regex '.*/elastic-apm-agent-[0-9]+.[0-9]+.[0-9]+(-SNAPSHOT)?.jar' -exec cp {} ${PROJECT_ROOT}apm-agent-java.jar \; || echo "INFO: No locally built image found" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm afraid -E
is MacOS based, using ls with grep instead
If users cannot use this new image, what is the purpose of adding it? |
IIUC, users can use the docker image we generate based on Wolfi, but they cannot use the base docker image |
I see. I suppose the purpose of this PR is to enhance security so that we don't ship any outdated libs in our docker image, correct? I'd argue then why not simply not use any base-image at all ( Our image is not intended to be used as a base image, the docs state that it should be used in a I feel like this would be a much simpler and easier to maintain approach (if I'm not misunderstanding the goal here). |
For completeness in this thread, I just added you to the loop on an internal GitHub issue. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
@@ -0,0 +1,7 @@ | |||
FROM docker.elastic.co/wolfi/chainguard-base@sha256:9f940409f96296ef56140bcc4665c204dd499af4c32c96cc00e792558097c3f1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We'll eventually switch to just publishing the wolfi images, right?
When that happens I'd suggest to use an ARG
for the base image:
ARG BASE_IMAGE=alpine@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761f8e1ad6b
FROM $BASE_IMAGE
This way we can have a single Dockerfile which locally builts on top of Alpine, but from CI we can pass in the wolfi image as base image.
Nothing to do for now, just something to maybe keep in mind for when we drop publishing the alpine based image.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We'll eventually switch to just publishing the wolfi images, right?
I think so, that's something we are still discussing internally
For reference: We found out that the K8s-attacher requires executing |
* [maven-release-plugin] prepare for next development iteration * Update cloudfoundry for 1.48.1 release * ci: use .java-version and prepare to use VM with installed tools in BK (#3554) * ci(bk): use specialised VMs (#3555) * Added a note on centralized agent config support for AWS Lambda (#3498) * Bump com.networknt:json-schema-validator from 1.1.0 to 1.3.3 (#3547) * Bump com.networknt:json-schema-validator from 1.1.0 to 1.3.3 Bumps [com.networknt:json-schema-validator](https://github.com/networknt/json-schema-validator) from 1.1.0 to 1.3.3. - [Release notes](https://github.com/networknt/json-schema-validator/releases) - [Changelog](https://github.com/networknt/json-schema-validator/blob/master/CHANGELOG.md) - [Commits](networknt/json-schema-validator@1.1.0...1.3.3) --- updated-dependencies: - dependency-name: com.networknt:json-schema-validator dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Fix compilation * Fix schema version --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jonas Kunz <[email protected]> * Fix inheritance for API annotations (#3551) * powershell no-logo (#3556) * security: add permissions block to workflows (#3531) * Bump io.micrometer:micrometer-core from 1.12.2 to 1.12.4 (#3559) Bumps [io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer) from 1.12.2 to 1.12.4. - [Release notes](https://github.com/micrometer-metrics/micrometer/releases) - [Commits](micrometer-metrics/micrometer@v1.12.2...v1.12.4) --- updated-dependencies: - dependency-name: io.micrometer:micrometer-core dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump version.log4j from 2.12.4 to 2.23.1 (#3557) * Bump version.log4j from 2.12.4 to 2.23.1 Bumps `version.log4j` from 2.12.4 to 2.23.1. Updates `org.apache.logging.log4j:log4j-core` from 2.12.4 to 2.23.1 Updates `org.apache.logging.log4j:log4j-slf4j-impl` from 2.12.4 to 2.23.1 --- updated-dependencies: - dependency-name: org.apache.logging.log4j:log4j-core dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.apache.logging.log4j:log4j-slf4j-impl dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * restore previous log4j version --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sylvain Juge <[email protected]> * Add API for instrumenting FAAS and adjust the AWS plugin (#3516) --------- Co-authored-by: Sylvain Juge <[email protected]> * Introduce API for metrics collection that does not depend on agent-core (#3522) * Remove logging API. * Clean up core dependencies from POMs that do not need it. * Add API for handling lambda instrumentation and apply to the AWS plugin. * Move metrics API to tracer. * Factor out JSON DSL for metrics. * Fix import issue. * Fix imports. * Fix imports. * fix formatting --------- Co-authored-by: Sylvain Juge <[email protected]> * differentiate Lambda url from api gateway (#3417) --------- Co-authored-by: Sylvain Juge <[email protected]> * added support to Elastic Load Balancer triggers (#3411) --------- Co-authored-by: Sylvain Juge <[email protected]> * feat: new release process with PRs (#3567) * feat: new release process with PRs Signed-off-by: Adrien Mannocci <[email protected]> * chore: redirect to stderr for both message Signed-off-by: Adrien Mannocci <[email protected]> * chore: apply suggest Signed-off-by: Adrien Mannocci <[email protected]> * ci(chore): use env var instead of prefix v Signed-off-by: Adrien Mannocci <[email protected]> * ci: use maven wrapper instead of direct maven Signed-off-by: Adrien Mannocci <[email protected]> * feat: validate snapshot for snapshot workflow Signed-off-by: Adrien Mannocci <[email protected]> * docs: add new release process Signed-off-by: Adrien Mannocci <[email protected]> --------- Signed-off-by: Adrien Mannocci <[email protected]> * Bump version.aws.sdk from 2.25.0 to 2.25.21 in /apm-agent-plugins (#3574) Bumps `version.aws.sdk` from 2.25.0 to 2.25.21. Updates `software.amazon.awssdk:s3` from 2.25.0 to 2.25.21 Updates `software.amazon.awssdk:sqs` from 2.25.0 to 2.25.21 Updates `software.amazon.awssdk:dynamodb` from 2.25.0 to 2.25.21 --- updated-dependencies: - dependency-name: software.amazon.awssdk:s3 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:sqs dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:dynamodb dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.awaitility:awaitility from 4.2.0 to 4.2.1 (#3573) Bumps [org.awaitility:awaitility](https://github.com/awaitility/awaitility) from 4.2.0 to 4.2.1. - [Changelog](https://github.com/awaitility/awaitility/blob/master/changelog.txt) - [Commits](awaitility/awaitility@awaitility-4.2.0...awaitility-4.2.1) --- updated-dependencies: - dependency-name: org.awaitility:awaitility dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add exclusion list option for calling DatabaseMetaData.getUserName (#3568) * use a dummy user for testing * exclusion list option for calling getUserName * changelog and test break fixed * pre release: elastic-apm-agent v1.49.0 (#3576) Co-authored-by: apmmachine <[email protected]> * ci(fix): use input value instead of env value for post release trigger (#3577) Signed-off-by: Adrien Mannocci <[email protected]> * ci(fix): correct buildkite pipeline trigger (#3578) Signed-off-by: Adrien Mannocci <[email protected]> * post release: elastic-apm-agent v1.49.0 (#3579) Co-authored-by: apmmachine <[email protected]> * ci(fix): correct release order (#3581) Signed-off-by: Adrien Mannocci <[email protected]> * Bump org.springframework.boot:spring-boot-dependencies from 2.7.16 to 3.2.4 (#3572) * Bump org.springframework.boot:spring-boot-dependencies Bumps [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 2.7.16 to 3.2.4. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v2.7.16...v3.2.4) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-dependencies dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Update pom.xml * Update pom.xml * Update pom.xml --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jonas Kunz <[email protected]> * buildkite: fallback if home is not available (#3591) * Prevent cycles in inferred spans (#3588) * [ci] add list of published artifacts (#3595) * Bump version.mockito from 5.1.1 to 5.11.0 (#3587) Bumps `version.mockito` from 5.1.1 to 5.11.0. Updates `org.mockito:mockito-core` from 5.1.1 to 5.11.0 - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](mockito/mockito@v5.1.1...v5.11.0) Updates `org.mockito:mockito-subclass` from 5.1.1 to 5.11.0 - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](mockito/mockito@v5.1.1...v5.11.0) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:development update-type: version-update:semver-minor - dependency-name: org.mockito:mockito-subclass dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * github-actions: enable provenance for the jar files (#3594) * chore: APM agent json server schema a76e999543efb3ba803c9a57dd13a4f6b... (#3584) ... 3ffa7e1 Made with ❤️️ by updatecli Co-authored-by: apmmachine <[email protected]> * [ci] fix GH release version tag (#3596) * [ci] fix artifact list path (#3597) * Upgrade JDK compatibility tests (#3599) * Upgrade JDK compatibility tests * Added JDK 23 ea * Attempt to set net.bytebuddy.experimental for EA versions * Remove java 23-ea tests * Bump version.ecs.logging from 1.5.0 to 1.6.0 (#3585) Bumps `version.ecs.logging` from 1.5.0 to 1.6.0. Updates `co.elastic.logging:log4j2-ecs-layout` from 1.5.0 to 1.6.0 - [Release notes](https://github.com/elastic/ecs-logging-java/releases) - [Commits](elastic/ecs-logging-java@v1.5.0...v1.6.0) Updates `co.elastic.logging:logback-ecs-encoder` from 1.5.0 to 1.6.0 - [Release notes](https://github.com/elastic/ecs-logging-java/releases) - [Commits](elastic/ecs-logging-java@v1.5.0...v1.6.0) Updates `co.elastic.logging:log4j-ecs-layout` from 1.5.0 to 1.6.0 - [Release notes](https://github.com/elastic/ecs-logging-java/releases) - [Commits](elastic/ecs-logging-java@v1.5.0...v1.6.0) Updates `co.elastic.logging:jul-ecs-formatter` from 1.5.0 to 1.6.0 - [Release notes](https://github.com/elastic/ecs-logging-java/releases) - [Commits](elastic/ecs-logging-java@v1.5.0...v1.6.0) Updates `co.elastic.logging:jboss-logmanager-ecs-formatter` from 1.5.0 to 1.6.0 - [Release notes](https://github.com/elastic/ecs-logging-java/releases) - [Commits](elastic/ecs-logging-java@v1.5.0...v1.6.0) --- updated-dependencies: - dependency-name: co.elastic.logging:log4j2-ecs-layout dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: co.elastic.logging:logback-ecs-encoder dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: co.elastic.logging:log4j-ecs-layout dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: co.elastic.logging:jul-ecs-formatter dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: co.elastic.logging:jboss-logmanager-ecs-formatter dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.apache.logging.log4j:log4j-bom from 2.22.1 to 2.23.1 (#3565) Bumps [org.apache.logging.log4j:log4j-bom](https://github.com/apache/logging-log4j2) from 2.22.1 to 2.23.1. - [Release notes](https://github.com/apache/logging-log4j2/releases) - [Changelog](https://github.com/apache/logging-log4j2/blob/2.x/RELEASE-NOTES.adoc) - [Commits](apache/logging-log4j2@rel/2.22.1...rel/2.23.1) --- updated-dependencies: - dependency-name: org.apache.logging.log4j:log4j-bom dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * github-action: add attestations scope (#3601) * Universal profiling integration: write shared memory (#3598) --------- Co-authored-by: SylvainJuge <[email protected]> * ci(release): tag AWS with the ver prefix (#3606) * release: use tag version for docker build/push (#3600) * Bump version.byte-buddy from 1.14.12 to 1.14.14 (#3608) * Bump version.byte-buddy from 1.14.12 to 1.14.14 Bumps `version.byte-buddy` from 1.14.12 to 1.14.14. Updates `net.bytebuddy:byte-buddy` from 1.14.12 to 1.14.14 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](raphw/byte-buddy@byte-buddy-1.14.12...byte-buddy-1.14.14) Updates `net.bytebuddy:byte-buddy-agent` from 1.9.16 to 1.14.14 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](raphw/byte-buddy@byte-buddy-1.9.16...byte-buddy-1.14.14) Updates `net.bytebuddy:byte-buddy-dep` from 1.14.12 to 1.14.14 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](raphw/byte-buddy@byte-buddy-1.14.12...byte-buddy-1.14.14) --- updated-dependencies: - dependency-name: net.bytebuddy:byte-buddy dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: net.bytebuddy:byte-buddy-agent dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: net.bytebuddy:byte-buddy-dep dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * keep old version --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sylvain Juge <[email protected]> * Universal Profiling integration: open socket for communication (#3602) * Fix NPE in dropped spans stats (#3590) * fix npe * update changelog * Universal profiling integration: Added serialization of stacktrace IDs as profiler_stack_trace_ids otel attributes (#3607) * release: use explicit container arch (#3611) * Bump version.aws.sdk from 2.25.21 to 2.25.43 in /apm-agent-plugins (#3614) Bumps `version.aws.sdk` from 2.25.21 to 2.25.43. Updates `software.amazon.awssdk:s3` from 2.25.21 to 2.25.43 Updates `software.amazon.awssdk:sqs` from 2.25.21 to 2.25.43 Updates `software.amazon.awssdk:dynamodb` from 2.25.21 to 2.25.43 --- updated-dependencies: - dependency-name: software.amazon.awssdk:s3 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:sqs dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:dynamodb dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add thread dump debug option (#3589) * add thread dump option * Universal profiling integration: Add stacktrace-IDs to transactions (#3615) * add c3p0 to DatabaseMetaDataExclusionList (#3619) * ci(fix): Files or Directories Accessible to External Parties (#3624) * Bump org.springframework.boot:spring-boot-dependencies from 2.7.16 to 3.2.5 (#3610) * Bump org.springframework.boot:spring-boot-dependencies Bumps [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 2.7.16 to 3.2.5. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v2.7.16...v3.2.5) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-dependencies dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * keep v2 dependency * keep v2 dependency * keep v2 dependency --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: jackshirazi <[email protected]> * Bump org.jctools:jctools-core from 4.0.1 to 4.0.3 (#3618) * Bump org.jctools:jctools-core from 4.0.1 to 4.0.3 Bumps [org.jctools:jctools-core](https://github.com/JCTools/JCTools) from 4.0.1 to 4.0.3. - [Release notes](https://github.com/JCTools/JCTools/releases) - [Changelog](https://github.com/JCTools/JCTools/blob/master/RELEASE-NOTES.md) - [Commits](JCTools/JCTools@v4.0.1...v4.0.3) --- updated-dependencies: - dependency-name: org.jctools:jctools-core dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * remove comment --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sylvain Juge <[email protected]> * Bump version.mockito from 5.11.0 to 5.12.0 (#3629) Bumps `version.mockito` from 5.11.0 to 5.12.0. Updates `org.mockito:mockito-core` from 5.11.0 to 5.12.0 - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](mockito/mockito@v5.11.0...v5.12.0) Updates `org.mockito:mockito-subclass` from 5.11.0 to 5.12.0 - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](mockito/mockito@v5.11.0...v5.12.0) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:development update-type: version-update:semver-minor - dependency-name: org.mockito:mockito-subclass dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump com.networknt:json-schema-validator from 1.3.3 to 1.4.0 (#3628) Bumps [com.networknt:json-schema-validator](https://github.com/networknt/json-schema-validator) from 1.3.3 to 1.4.0. - [Release notes](https://github.com/networknt/json-schema-validator/releases) - [Changelog](https://github.com/networknt/json-schema-validator/blob/master/CHANGELOG.md) - [Commits](networknt/json-schema-validator@1.3.3...1.4.0) --- updated-dependencies: - dependency-name: com.networknt:json-schema-validator dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * github-action: delete opentelemetry workflow (#3630) * buildkite: avoid failing in tear-down failed (#3622) * github-action: use actions/attest-build-provenance (#3631) * Clarify rabbitmq naming mode support (#3633) * ci: build and push Docker image based on Chainguard base image (#3623) * bouncy castle upgrade (#3634) * add symlink in dockerfile for /javaagent.jar for otel operator to find (#3635) * add symlink in dockerfile for /javaagent.jar for otel operator to find * and wolfi too * buildkite: support version 21 for opentelemetry (#3621) * Bump version.testcontainers from 1.19.1 to 1.19.8 (#3641) Bumps `version.testcontainers` from 1.19.1 to 1.19.8. Updates `org.testcontainers:testcontainers-bom` from 1.19.1 to 1.19.8 - [Release notes](https://github.com/testcontainers/testcontainers-java/releases) - [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md) - [Commits](testcontainers/testcontainers-java@1.19.1...1.19.8) Updates `org.testcontainers:testcontainers` from 1.19.1 to 1.19.8 - [Release notes](https://github.com/testcontainers/testcontainers-java/releases) - [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md) - [Commits](testcontainers/testcontainers-java@1.19.1...1.19.8) --- updated-dependencies: - dependency-name: org.testcontainers:testcontainers-bom dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.testcontainers:testcontainers dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * ci: add some job timeouts (#3638) * Fix too small activation stack for low transaction_max_spans values (#3643) * Exclude new Cisco AppD packages (#3632) * Bump version.okhttp from 3.14.7 to 4.12.0 (#3640) Bumps `version.okhttp` from 3.14.7 to 4.12.0. Updates `com.squareup.okhttp3:okhttp` from 3.14.7 to 4.12.0 - [Changelog](https://github.com/square/okhttp/blob/master/CHANGELOG.md) - [Commits](square/okhttp@parent-3.14.7...parent-4.12.0) Updates `com.squareup.okhttp3:logging-interceptor` from 4.9.1 to 4.12.0 - [Changelog](https://github.com/square/okhttp/blob/master/CHANGELOG.md) - [Commits](square/okhttp@parent-4.9.1...parent-4.12.0) --- updated-dependencies: - dependency-name: com.squareup.okhttp3:okhttp dependency-type: direct:production update-type: version-update:semver-major - dependency-name: com.squareup.okhttp3:logging-interceptor dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump redis.clients:jedis from 1.4.0 to 5.1.2 (#3639) * Bump redis.clients:jedis from 1.4.0 to 5.1.2 Bumps [redis.clients:jedis](https://github.com/redis/jedis) from 1.4.0 to 5.1.2. - [Release notes](https://github.com/redis/jedis/releases) - [Commits](redis/jedis@jedis-1.4.0...v5.1.2) --- updated-dependencies: - dependency-name: redis.clients:jedis dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Update pom.xml * Update pom.xml * Update pom.xml * Update pom.xml * Fix tests * Fix invalid extracted method --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jonas Kunz <[email protected]> * build: bump actions/attest-build-provenance in the github-actions group (#3637) Bumps the github-actions group with 1 update: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance). Updates `actions/attest-build-provenance` from 1.1.1 to 1.1.2 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](actions/attest-build-provenance@951c0c5...173725a) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * more stack frames for thread dump (#3644) * pre release: elastic-apm-agent v1.50.0 (#3648) Co-authored-by: apmmachine <[email protected]> --------- Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: Adrien Mannocci <[email protected]> Co-authored-by: apmmachine <[email protected]> Co-authored-by: Victor Martinez <[email protected]> Co-authored-by: Som <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jonas Kunz <[email protected]> Co-authored-by: SylvainJuge <[email protected]> Co-authored-by: Jan Calanog <[email protected]> Co-authored-by: Rafael Winterhalter <[email protected]> Co-authored-by: Nugusbayev Kanagat <[email protected]> Co-authored-by: Adrien Mannocci <[email protected]> Co-authored-by: jackshirazi <[email protected]> Co-authored-by: Thomas ANDRI Wijayanto <[email protected]>
* [maven-release-plugin] prepare for next development iteration * Update cloudfoundry for 1.48.1 release * ci: use .java-version and prepare to use VM with installed tools in BK (#3554) * ci(bk): use specialised VMs (#3555) * Added a note on centralized agent config support for AWS Lambda (#3498) * Bump com.networknt:json-schema-validator from 1.1.0 to 1.3.3 (#3547) * Bump com.networknt:json-schema-validator from 1.1.0 to 1.3.3 Bumps [com.networknt:json-schema-validator](https://github.com/networknt/json-schema-validator) from 1.1.0 to 1.3.3. - [Release notes](https://github.com/networknt/json-schema-validator/releases) - [Changelog](https://github.com/networknt/json-schema-validator/blob/master/CHANGELOG.md) - [Commits](https://github.com/networknt/json-schema-validator/compare/1.1.0...1.3.3) --- updated-dependencies: - dependency-name: com.networknt:json-schema-validator dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Fix compilation * Fix schema version --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jonas Kunz <[email protected]> * Fix inheritance for API annotations (#3551) * powershell no-logo (#3556) * security: add permissions block to workflows (#3531) * Bump io.micrometer:micrometer-core from 1.12.2 to 1.12.4 (#3559) Bumps [io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer) from 1.12.2 to 1.12.4. - [Release notes](https://github.com/micrometer-metrics/micrometer/releases) - [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.12.2...v1.12.4) --- updated-dependencies: - dependency-name: io.micrometer:micrometer-core dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump version.log4j from 2.12.4 to 2.23.1 (#3557) * Bump version.log4j from 2.12.4 to 2.23.1 Bumps `version.log4j` from 2.12.4 to 2.23.1. Updates `org.apache.logging.log4j:log4j-core` from 2.12.4 to 2.23.1 Updates `org.apache.logging.log4j:log4j-slf4j-impl` from 2.12.4 to 2.23.1 --- updated-dependencies: - dependency-name: org.apache.logging.log4j:log4j-core dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.apache.logging.log4j:log4j-slf4j-impl dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * restore previous log4j version --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sylvain Juge <[email protected]> * Add API for instrumenting FAAS and adjust the AWS plugin (#3516) --------- Co-authored-by: Sylvain Juge <[email protected]> * Introduce API for metrics collection that does not depend on agent-core (#3522) * Remove logging API. * Clean up core dependencies from POMs that do not need it. * Add API for handling lambda instrumentation and apply to the AWS plugin. * Move metrics API to tracer. * Factor out JSON DSL for metrics. * Fix import issue. * Fix imports. * Fix imports. * fix formatting --------- Co-authored-by: Sylvain Juge <[email protected]> * differentiate Lambda url from api gateway (#3417) --------- Co-authored-by: Sylvain Juge <[email protected]> * added support to Elastic Load Balancer triggers (#3411) --------- Co-authored-by: Sylvain Juge <[email protected]> * feat: new release process with PRs (#3567) * feat: new release process with PRs Signed-off-by: Adrien Mannocci <[email protected]> * chore: redirect to stderr for both message Signed-off-by: Adrien Mannocci <[email protected]> * chore: apply suggest Signed-off-by: Adrien Mannocci <[email protected]> * ci(chore): use env var instead of prefix v Signed-off-by: Adrien Mannocci <[email protected]> * ci: use maven wrapper instead of direct maven Signed-off-by: Adrien Mannocci <[email protected]> * feat: validate snapshot for snapshot workflow Signed-off-by: Adrien Mannocci <[email protected]> * docs: add new release process Signed-off-by: Adrien Mannocci <[email protected]> --------- Signed-off-by: Adrien Mannocci <[email protected]> * Bump version.aws.sdk from 2.25.0 to 2.25.21 in /apm-agent-plugins (#3574) Bumps `version.aws.sdk` from 2.25.0 to 2.25.21. Updates `software.amazon.awssdk:s3` from 2.25.0 to 2.25.21 Updates `software.amazon.awssdk:sqs` from 2.25.0 to 2.25.21 Updates `software.amazon.awssdk:dynamodb` from 2.25.0 to 2.25.21 --- updated-dependencies: - dependency-name: software.amazon.awssdk:s3 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:sqs dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:dynamodb dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.awaitility:awaitility from 4.2.0 to 4.2.1 (#3573) Bumps [org.awaitility:awaitility](https://github.com/awaitility/awaitility) from 4.2.0 to 4.2.1. - [Changelog](https://github.com/awaitility/awaitility/blob/master/changelog.txt) - [Commits](https://github.com/awaitility/awaitility/compare/awaitility-4.2.0...awaitility-4.2.1) --- updated-dependencies: - dependency-name: org.awaitility:awaitility dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add exclusion list option for calling DatabaseMetaData.getUserName (#3568) * use a dummy user for testing * exclusion list option for calling getUserName * changelog and test break fixed * pre release: elastic-apm-agent v1.49.0 (#3576) Co-authored-by: apmmachine <[email protected]> * ci(fix): use input value instead of env value for post release trigger (#3577) Signed-off-by: Adrien Mannocci <[email protected]> * ci(fix): correct buildkite pipeline trigger (#3578) Signed-off-by: Adrien Mannocci <[email protected]> * post release: elastic-apm-agent v1.49.0 (#3579) Co-authored-by: apmmachine <[email protected]> * ci(fix): correct release order (#3581) Signed-off-by: Adrien Mannocci <[email protected]> * Bump org.springframework.boot:spring-boot-dependencies from 2.7.16 to 3.2.4 (#3572) * Bump org.springframework.boot:spring-boot-dependencies Bumps [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 2.7.16 to 3.2.4. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](https://github.com/spring-projects/spring-boot/compare/v2.7.16...v3.2.4) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-dependencies dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Update pom.xml * Update pom.xml * Update pom.xml --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jonas Kunz <[email protected]> * buildkite: fallback if home is not available (#3591) * Prevent cycles in inferred spans (#3588) * [ci] add list of published artifacts (#3595) * Bump version.mockito from 5.1.1 to 5.11.0 (#3587) Bumps `version.mockito` from 5.1.1 to 5.11.0. Updates `org.mockito:mockito-core` from 5.1.1 to 5.11.0 - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v5.1.1...v5.11.0) Updates `org.mockito:mockito-subclass` from 5.1.1 to 5.11.0 - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v5.1.1...v5.11.0) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:development update-type: version-update:semver-minor - dependency-name: org.mockito:mockito-subclass dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * github-actions: enable provenance for the jar files (#3594) * chore: APM agent json server schema a76e999543efb3ba803c9a57dd13a4f6b... (#3584) ... 3ffa7e1 Made with ❤️️ by updatecli Co-authored-by: apmmachine <[email protected]> * [ci] fix GH release version tag (#3596) * [ci] fix artifact list path (#3597) * Upgrade JDK compatibility tests (#3599) * Upgrade JDK compatibility tests * Added JDK 23 ea * Attempt to set net.bytebuddy.experimental for EA versions * Remove java 23-ea tests * Bump version.ecs.logging from 1.5.0 to 1.6.0 (#3585) Bumps `version.ecs.logging` from 1.5.0 to 1.6.0. Updates `co.elastic.logging:log4j2-ecs-layout` from 1.5.0 to 1.6.0 - [Release notes](https://github.com/elastic/ecs-logging-java/releases) - [Commits](https://github.com/elastic/ecs-logging-java/compare/v1.5.0...v1.6.0) Updates `co.elastic.logging:logback-ecs-encoder` from 1.5.0 to 1.6.0 - [Release notes](https://github.com/elastic/ecs-logging-java/releases) - [Commits](https://github.com/elastic/ecs-logging-java/compare/v1.5.0...v1.6.0) Updates `co.elastic.logging:log4j-ecs-layout` from 1.5.0 to 1.6.0 - [Release notes](https://github.com/elastic/ecs-logging-java/releases) - [Commits](https://github.com/elastic/ecs-logging-java/compare/v1.5.0...v1.6.0) Updates `co.elastic.logging:jul-ecs-formatter` from 1.5.0 to 1.6.0 - [Release notes](https://github.com/elastic/ecs-logging-java/releases) - [Commits](https://github.com/elastic/ecs-logging-java/compare/v1.5.0...v1.6.0) Updates `co.elastic.logging:jboss-logmanager-ecs-formatter` from 1.5.0 to 1.6.0 - [Release notes](https://github.com/elastic/ecs-logging-java/releases) - [Commits](https://github.com/elastic/ecs-logging-java/compare/v1.5.0...v1.6.0) --- updated-dependencies: - dependency-name: co.elastic.logging:log4j2-ecs-layout dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: co.elastic.logging:logback-ecs-encoder dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: co.elastic.logging:log4j-ecs-layout dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: co.elastic.logging:jul-ecs-formatter dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: co.elastic.logging:jboss-logmanager-ecs-formatter dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump org.apache.logging.log4j:log4j-bom from 2.22.1 to 2.23.1 (#3565) Bumps [org.apache.logging.log4j:log4j-bom](https://github.com/apache/logging-log4j2) from 2.22.1 to 2.23.1. - [Release notes](https://github.com/apache/logging-log4j2/releases) - [Changelog](https://github.com/apache/logging-log4j2/blob/2.x/RELEASE-NOTES.adoc) - [Commits](https://github.com/apache/logging-log4j2/compare/rel/2.22.1...rel/2.23.1) --- updated-dependencies: - dependency-name: org.apache.logging.log4j:log4j-bom dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * github-action: add attestations scope (#3601) * Universal profiling integration: write shared memory (#3598) --------- Co-authored-by: SylvainJuge <[email protected]> * ci(release): tag AWS with the ver prefix (#3606) * release: use tag version for docker build/push (#3600) * Bump version.byte-buddy from 1.14.12 to 1.14.14 (#3608) * Bump version.byte-buddy from 1.14.12 to 1.14.14 Bumps `version.byte-buddy` from 1.14.12 to 1.14.14. Updates `net.bytebuddy:byte-buddy` from 1.14.12 to 1.14.14 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.14.12...byte-buddy-1.14.14) Updates `net.bytebuddy:byte-buddy-agent` from 1.9.16 to 1.14.14 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.9.16...byte-buddy-1.14.14) Updates `net.bytebuddy:byte-buddy-dep` from 1.14.12 to 1.14.14 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.14.12...byte-buddy-1.14.14) --- updated-dependencies: - dependency-name: net.bytebuddy:byte-buddy dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: net.bytebuddy:byte-buddy-agent dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: net.bytebuddy:byte-buddy-dep dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * keep old version --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sylvain Juge <[email protected]> * Universal Profiling integration: open socket for communication (#3602) * Fix NPE in dropped spans stats (#3590) * fix npe * update changelog * Universal profiling integration: Added serialization of stacktrace IDs as profiler_stack_trace_ids otel attributes (#3607) * release: use explicit container arch (#3611) * Bump version.aws.sdk from 2.25.21 to 2.25.43 in /apm-agent-plugins (#3614) Bumps `version.aws.sdk` from 2.25.21 to 2.25.43. Updates `software.amazon.awssdk:s3` from 2.25.21 to 2.25.43 Updates `software.amazon.awssdk:sqs` from 2.25.21 to 2.25.43 Updates `software.amazon.awssdk:dynamodb` from 2.25.21 to 2.25.43 --- updated-dependencies: - dependency-name: software.amazon.awssdk:s3 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:sqs dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:dynamodb dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add thread dump debug option (#3589) * add thread dump option * Universal profiling integration: Add stacktrace-IDs to transactions (#3615) * add c3p0 to DatabaseMetaDataExclusionList (#3619) * ci(fix): Files or Directories Accessible to External Parties (#3624) * Bump org.springframework.boot:spring-boot-dependencies from 2.7.16 to 3.2.5 (#3610) * Bump org.springframework.boot:spring-boot-dependencies Bumps [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 2.7.16 to 3.2.5. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](https://github.com/spring-projects/spring-boot/compare/v2.7.16...v3.2.5) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-dependencies dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * keep v2 dependency * keep v2 dependency * keep v2 dependency --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: jackshirazi <[email protected]> * Bump org.jctools:jctools-core from 4.0.1 to 4.0.3 (#3618) * Bump org.jctools:jctools-core from 4.0.1 to 4.0.3 Bumps [org.jctools:jctools-core](https://github.com/JCTools/JCTools) from 4.0.1 to 4.0.3. - [Release notes](https://github.com/JCTools/JCTools/releases) - [Changelog](https://github.com/JCTools/JCTools/blob/master/RELEASE-NOTES.md) - [Commits](https://github.com/JCTools/JCTools/compare/v4.0.1...v4.0.3) --- updated-dependencies: - dependency-name: org.jctools:jctools-core dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * remove comment --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sylvain Juge <[email protected]> * Bump version.mockito from 5.11.0 to 5.12.0 (#3629) Bumps `version.mockito` from 5.11.0 to 5.12.0. Updates `org.mockito:mockito-core` from 5.11.0 to 5.12.0 - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v5.11.0...v5.12.0) Updates `org.mockito:mockito-subclass` from 5.11.0 to 5.12.0 - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v5.11.0...v5.12.0) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:development update-type: version-update:semver-minor - dependency-name: org.mockito:mockito-subclass dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump com.networknt:json-schema-validator from 1.3.3 to 1.4.0 (#3628) Bumps [com.networknt:json-schema-validator](https://github.com/networknt/json-schema-validator) from 1.3.3 to 1.4.0. - [Release notes](https://github.com/networknt/json-schema-validator/releases) - [Changelog](https://github.com/networknt/json-schema-validator/blob/master/CHANGELOG.md) - [Commits](https://github.com/networknt/json-schema-validator/compare/1.3.3...1.4.0) --- updated-dependencies: - dependency-name: com.networknt:json-schema-validator dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * github-action: delete opentelemetry workflow (#3630) * buildkite: avoid failing in tear-down failed (#3622) * github-action: use actions/attest-build-provenance (#3631) * Clarify rabbitmq naming mode support (#3633) * ci: build and push Docker image based on Chainguard base image (#3623) * bouncy castle upgrade (#3634) * add symlink in dockerfile for /javaagent.jar for otel operator to find (#3635) * add symlink in dockerfile for /javaagent.jar for otel operator to find * and wolfi too * buildkite: support version 21 for opentelemetry (#3621) * Bump version.testcontainers from 1.19.1 to 1.19.8 (#3641) Bumps `version.testcontainers` from 1.19.1 to 1.19.8. Updates `org.testcontainers:testcontainers-bom` from 1.19.1 to 1.19.8 - [Release notes](https://github.com/testcontainers/testcontainers-java/releases) - [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md) - [Commits](https://github.com/testcontainers/testcontainers-java/compare/1.19.1...1.19.8) Updates `org.testcontainers:testcontainers` from 1.19.1 to 1.19.8 - [Release notes](https://github.com/testcontainers/testcontainers-java/releases) - [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md) - [Commits](https://github.com/testcontainers/testcontainers-java/compare/1.19.1...1.19.8) --- updated-dependencies: - dependency-name: org.testcontainers:testcontainers-bom dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.testcontainers:testcontainers dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * ci: add some job timeouts (#3638) * Fix too small activation stack for low transaction_max_spans values (#3643) * Exclude new Cisco AppD packages (#3632) * Bump version.okhttp from 3.14.7 to 4.12.0 (#3640) Bumps `version.okhttp` from 3.14.7 to 4.12.0. Updates `com.squareup.okhttp3:okhttp` from 3.14.7 to 4.12.0 - [Changelog](https://github.com/square/okhttp/blob/master/CHANGELOG.md) - [Commits](https://github.com/square/okhttp/compare/parent-3.14.7...parent-4.12.0) Updates `com.squareup.okhttp3:logging-interceptor` from 4.9.1 to 4.12.0 - [Changelog](https://github.com/square/okhttp/blob/master/CHANGELOG.md) - [Commits](https://github.com/square/okhttp/compare/parent-4.9.1...parent-4.12.0) --- updated-dependencies: - dependency-name: com.squareup.okhttp3:okhttp dependency-type: direct:production update-type: version-update:semver-major - dependency-name: com.squareup.okhttp3:logging-interceptor dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump redis.clients:jedis from 1.4.0 to 5.1.2 (#3639) * Bump redis.clients:jedis from 1.4.0 to 5.1.2 Bumps [redis.clients:jedis](https://github.com/redis/jedis) from 1.4.0 to 5.1.2. - [Release notes](https://github.com/redis/jedis/releases) - [Commits](https://github.com/redis/jedis/compare/jedis-1.4.0...v5.1.2) --- updated-dependencies: - dependency-name: redis.clients:jedis dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Update pom.xml * Update pom.xml * Update pom.xml * Update pom.xml * Fix tests * Fix invalid extracted method --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jonas Kunz <[email protected]> * build: bump actions/attest-build-provenance in the github-actions group (#3637) Bumps the github-actions group with 1 update: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance). Updates `actions/attest-build-provenance` from 1.1.1 to 1.1.2 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](https://github.com/actions/attest-build-provenance/compare/951c0c5f8e375ad4efad33405ab77f7ded2358e4...173725a1209d09b31f9d30a3890cf2757ebbff0d) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * more stack frames for thread dump (#3644) * pre release: elastic-apm-agent v1.50.0 (#3648) Co-authored-by: apmmachine <[email protected]> * post release: elastic-apm-agent v1.50.0 (#3649) Co-authored-by: apmmachine <[email protected]> * fix docker build for release in CI (#3652) * ci: use updatecli with GitHub secrets (#3651) * buildkite: use bot user (#3653) * build: bump org.springframework.boot:spring-boot-maven-plugin (#3646) Bumps [org.springframework.boot:spring-boot-maven-plugin](https://github.com/spring-projects/spring-boot) from 3.2.0 to 3.3.0. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](https://github.com/spring-projects/spring-boot/compare/v3.2.0...v3.3.0) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * buildkite: use shared secret for obltmachine (#3656) * build: bump org.springframework.boot:spring-boot-dependencies from 2.7.16 to 3.3.0 (#3645) * build: bump org.springframework.boot:spring-boot-dependencies Bumps [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 2.7.16 to 3.3.0. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](https://github.com/spring-projects/spring-boot/compare/v2.7.16...v3.3.0) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-dependencies dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * keep older versions --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sylvain Juge <[email protected]> * revert jctools to 4.0.1 (#3657) * revert jctools to 4.0.1 * update changelog * add a jdk7 check so that we break before releasing! (#3659) * github-actions: docker login with GitHub secrets (#3658) * build: bump version.aws.sdk in /apm-agent-plugins (#3661) Bumps `version.aws.sdk` from 2.25.43 to 2.25.64. Updates `software.amazon.awssdk:s3` from 2.25.43 to 2.25.64 Updates `software.amazon.awssdk:sqs` from 2.25.43 to 2.25.64 Updates `software.amazon.awssdk:dynamodb` from 2.25.43 to 2.25.64 --- updated-dependencies: - dependency-name: software.amazon.awssdk:s3 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:sqs dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: software.amazon.awssdk:dynamodb dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build: bump version.byte-buddy from 1.14.14 to 1.14.17 (#3664) * build: bump version.byte-buddy from 1.14.14 to 1.14.17 Bumps `version.byte-buddy` from 1.14.14 to 1.14.17. Updates `net.bytebuddy:byte-buddy` from 1.14.14 to 1.14.17 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.14.14...byte-buddy-1.14.17) Updates `net.bytebuddy:byte-buddy-agent` from 1.9.16 to 1.14.17 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.9.16...byte-buddy-1.14.17) Updates `net.bytebuddy:byte-buddy-dep` from 1.14.14 to 1.14.17 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.14.14...byte-buddy-1.14.17) --- updated-dependencies: - dependency-name: net.bytebuddy:byte-buddy dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: net.bytebuddy:byte-buddy-agent dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: net.bytebuddy:byte-buddy-dep dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * revert old known version * bump asm version to keep it consistent with bytebuddy --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sylvain Juge <[email protected]> * adding an option to make routing-key part of RabbitMQ transaction names (#3636) Co-authored-by: Deniza Topalova <[email protected]> * [release] improve release steps naming (#3667) * enhance main branch PR message for merge with commit * minor wording clarifications * [release] rename release steps * add PR created in first step in readme * Fix unreleased changelog (#3669) * github-action: run buildkite action with GH secrets (#3668) * github-actions: remove snapshoty (#3670) * [release] fix typo in release workflow (#3671) * build: bump docker/login-action from 3.1.0 to 3.2.0 in the github-actions group (#3663) Bumps the github-actions group with 1 update: [docker/login-action](https://github.com/docker/login-action). Updates `docker/login-action` from 3.1.0 to 3.2.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/e92390c5fb421da1463c202d546fed0ec5c39f20...0d4c9c5ea7693da7b068278f7b52bda2a190a446) * build: bump actions/attest-build-provenance in the github-actions group (#3673) Bumps the github-actions group with 1 update: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance). Updates `actions/attest-build-provenance` from 1.1.2 to 1.2.0 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](https://github.com/actions/attest-build-provenance/compare/173725a1209d09b31f9d30a3890cf2757ebbff0d...49df96e17e918a15956db358890b08e61c704919) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Warn unexpected SpanContext in otel span link (#3672) * add warning with non elastic spancontext * update changelog * ci: use github secrets for GH token (#3678) * feat(aws-lambda): apm-agent-java (#3680) * github-actions: use buildkite and slack bot GH secrets (#3679) * github-actions: use number output (#3681) * build: bump io.opentelemetry.semconv:opentelemetry-semconv (#3674) Bumps [io.opentelemetry.semconv:opentelemetry-semconv](https://github.com/open-telemetry/semantic-conventions-java) from 1.23.1-alpha to 1.25.0-alpha. - [Release notes](https://github.com/open-telemetry/semantic-conventions-java/releases) - [Changelog](https://github.com/open-telemetry/semantic-conventions-java/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/semantic-conventions-java/commits) --- updated-dependencies: - dependency-name: io.opentelemetry.semconv:opentelemetry-semconv dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Remove unused functions and clean up servlet integration test base (#3683) * Remove unused functions and clean up servlet integration test base Signed-off-by: Adrian Cole <[email protected]> * less code Signed-off-by: Adrian Cole <[email protected]> --------- Signed-off-by: Adrian Cole <[email protected]> * Uses MockWebServer instead of a docker container for servlet integration tests (#3684) Signed-off-by: Adrian Cole <[email protected]> * Remove unused API and resolve naming ambiguities (#3561) * Rename implementation versions of interfaces to reflect their state as non-API. * Merge main branch. * Fix test imports. * Fix plugin imports. * Fix plugin imports. * build: bump actions/attest-build-provenance in the github-actions group (#3685) Bumps the github-actions group with 1 update: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance). Updates `actions/attest-build-provenance` from 1.2.0 to 1.3.1 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](https://github.com/actions/attest-build-provenance/compare/49df96e17e918a15956db358890b08e61c704919...534b352d658f90498fd148d231fdbf88f3886a3a) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Revert "Uses MockWebServer instead of a docker container for servlet integration tests (#3684)" (#3690) This reverts commit cd893419137fd80981505c754ecea5cce6fb0bbd. This breaks JBoss startup somehow in non-obvious ways * build: bump org.jctools:jctools-core from 4.0.1 to 4.0.5 (#3687) * build: bump org.jctools:jctools-core from 4.0.1 to 4.0.5 Bumps [org.jctools:jctools-core](https://github.com/JCTools/JCTools) from 4.0.1 to 4.0.5. - [Release notes](https://github.com/JCTools/JCTools/releases) - [Changelog](https://github.com/JCTools/JCTools/blob/master/RELEASE-NOTES.md) - [Commits](https://github.com/JCTools/JCTools/compare/v4.0.1...v4.0.5) --- updated-dependencies: - dependency-name: org.jctools:jctools-core dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * 4.0.5 does support java 7 --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: jackshirazi <[email protected]> * build: bump io.micrometer:micrometer-core from 1.12.4 to 1.13.1 (#3688) Bumps [io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer) from 1.12.4 to 1.13.1. - [Release notes](https://github.com/micrometer-metrics/micrometer/releases) - [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.12.4...v1.13.1) --- updated-dependencies: - dependency-name: io.micrometer:micrometer-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build: bump version.aws.sdk from 1.12.215 to 1.12.740 in /apm-agent-plugins (#3677) * build: bump version.aws.sdk in /apm-agent-plugins Bumps `version.aws.sdk` from 1.12.215 to 1.12.740. Updates `com.amazonaws:aws-java-sdk-s3` from 1.12.215 to 1.12.740 - [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-java/compare/1.12.215...1.12.740) Updates `com.amazonaws:aws-java-sdk-dynamodb` from 1.12.215 to 1.12.740 - [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-java/compare/1.12.215...1.12.740) Updates `com.amazonaws:aws-java-sdk-sqs` from 1.12.215 to 1.12.740 - [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-java/compare/1.12.215...1.12.740) --- updated-dependencies: - dependency-name: com.amazonaws:aws-java-sdk-s3 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: com.amazonaws:aws-java-sdk-dynamodb dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: com.amazonaws:aws-java-sdk-sqs dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * AWS changed the comms protocols, need latest localstack --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jack Shirazi <[email protected]> * build: bump actions/attest-build-provenance from 1.3.1 to 1.3.2 in the github-actions group (#3693) Bumps the github-actions group with 1 update: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance). Updates `actions/attest-build-provenance` from 1.3.1 to 1.3.2 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) * Use elastic/oblt-actions/aws/[email protected] action to authenticate with AWS (#3696) * Use elastic/oblt-actions/aws/[email protected] action to authenticate with AWS * Fix input * Add necessary permissions * Add comment about filename * build: bump org.springframework.boot:spring-boot-dependencies from 2.7.16 to 3.3.1 (#3694) * build: bump org.springframework.boot:spring-boot-dependencies Bumps [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 2.7.16 to 3.3.1. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](https://github.com/spring-projects/spring-boot/compare/v2.7.16...v3.3.1) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-dependencies dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Revert spring 2 version * Update pom.xml * Update pom.xml --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jonas Kunz <[email protected]> * build: bump version.jackson from 2.13.3 to 2.17.1 (#3676) * build: bump version.jackson from 2.13.3 to 2.17.1 Bumps `version.jackson` from 2.13.3 to 2.17.1. Updates `com.fasterxml.jackson.core:jackson-databind` from 2.13.3 to 2.17.1 - [Commits](https://github.com/FasterXML/jackson/commits) Updates `com.fasterxml.jackson.module:jackson-module-afterburner` from 2.14.2 to 2.17.1 - [Commits](https://github.com/FasterXML/jackson-modules-base/compare/jackson-modules-base-2.14.2...jackson-modules-base-2.17.1) Updates `com.fasterxml.jackson.dataformat:jackson-dataformat-cbor` from 2.14.2 to 2.17.1 - [Commits](https://github.com/FasterXML/jackson-dataformats-binary/compare/jackson-dataformats-binary-2.14.2...jackson-dataformats-binary-2.17.1) Updates `com.fasterxml.jackson.dataformat:jackson-dataformat-protobuf` from 2.14.2 to 2.17.1 - [Commits](https://github.com/FasterXML/jackson-dataformats-binary/compare/jackson-dataformats-binary-2.14.2...jackson-dataformats-binary-2.17.1) --- updated-dependencies: - dependency-name: com.fasterxml.jackson.core:jackson-databind dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: com.fasterxml.jackson.module:jackson-module-afterburner dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-cbor dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-protobuf dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Revert finagle jackson bump, it only supports 2.13 * switch to BOM for jackson version management --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jonas Kunz <[email protected]> * build: bump com.networknt:json-schema-validator from 1.4.0 to 1.4.3 (#3697) Bumps [com.networknt:json-schema-validator](https://github.com/networknt/json-schema-validator) from 1.4.0 to 1.4.3. - [Release notes](https://github.com/networknt/json-schema-validator/releases) - [Changelog](https://github.com/networknt/json-schema-validator/blob/master/CHANGELOG.md) - [Commits](https://github.com/networknt/json-schema-validator/compare/1.4.0...1.4.3) --- updated-dependencies: - dependency-name: com.networknt:json-schema-validator dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build: bump version.aws.sdk in /apm-agent-plugins (#3703) Bumps `version.aws.sdk` from 2.25.64 to 2.26.12. Updates `software.amazon.awssdk:s3` from 2.25.64 to 2.26.12 Updates `software.amazon.awssdk:sqs` from 2.25.64 to 2.26.12 Updates `software.amazon.awssdk:dynamodb` from 2.25.64 to 2.26.12 --- updated-dependencies: - dependency-name: software.amazon.awssdk:s3 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: software.amazon.awssdk:sqs dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: software.amazon.awssdk:dynamodb dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build: bump redis.clients:jedis from 1.4.0 to 5.1.3 (#3700) * build: bump redis.clients:jedis from 1.4.0 to 5.1.3 Bumps [redis.clients:jedis](https://github.com/redis/jedis) from 1.4.0 to 5.1.3. - [Release notes](https://github.com/redis/jedis/releases) - [Commits](https://github.com/redis/jedis/compare/jedis-1.4.0...v5.1.3) --- updated-dependencies: - dependency-name: redis.clients:jedis dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Update pom.xml * Update pom.xml * Update pom.xml * Update pom.xml --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jonas Kunz <[email protected]> * build: bump version.aws.sdk in /apm-agent-plugins (#3705) Bumps `version.aws.sdk` from 1.12.740 to 1.12.755. Updates `com.amazonaws:aws-java-sdk-s3` from 1.12.740 to 1.12.755 - [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-java/compare/1.12.740...1.12.755) Updates `com.amazonaws:aws-java-sdk-dynamodb` from 1.12.740 to 1.12.755 - [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-java/compare/1.12.740...1.12.755) Updates `com.amazonaws:aws-java-sdk-sqs` from 1.12.740 to 1.12.755 - [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-java/compare/1.12.740...1.12.755) --- updated-dependencies: - dependency-name: com.amazonaws:aws-java-sdk-s3 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: com.amazonaws:aws-java-sdk-dynamodb dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: com.amazonaws:aws-java-sdk-sqs dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build: bump org.assertj:assertj-core from 3.25.3 to 3.26.0 (#3701) Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.25.3 to 3.26.0. - [Release notes](https://github.com/assertj/assertj/releases) - [Commits](https://github.com/assertj/assertj/compare/assertj-build-3.25.3...assertj-build-3.26.0) --- updated-dependencies: - dependency-name: org.assertj:assertj-core dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add elastic-otel-java to weekly benchmarks (#3706) * Add elastic-otel-java to weekly benchmarks * Apply suggestions from code review Co-authored-by: jackshirazi <[email protected]> * Fix wrong agent name * Shorten name to not mess up results table * Even shorter name --------- Co-authored-by: jackshirazi <[email protected]> * updatecli: use shared policy (#3707) * Run opentelemetry benchmarks for individual features (#3708) * Add benchmarks for individual distro features on snapshot * Fix argument generation * runtime attach: prevent NPE with null value (#3712) * runtime attach: prevent NPE with null value * build: bump com.networknt:json-schema-validator from 1.4.3 to 1.5.0 (#3710) Bumps [com.networknt:json-schema-validator](https://github.com/networknt/json-schema-validator) from 1.4.3 to 1.5.0. - [Release notes](https://github.com/networknt/json-schema-validator/releases) - [Changelog](https://github.com/networknt/json-schema-validator/blob/master/CHANGELOG.md) - [Commits](https://github.com/networknt/json-schema-validator/compare/1.4.3...1.5.0) --- updated-dependencies: - dependency-name: com.networknt:json-schema-validator dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * updatecli: bump policies too (#3714) * [DOCS] Clarify error capturing (#3716) Clarify we collect the exceptions passed to a `logger.error`, not the message of the `logger.error`. * deps(updatecli): bump all policies (#3715) * build: bump actions/attest-build-provenance in the github-actions group (#3717) Bumps the github-actions group with 1 update: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance). Updates `actions/attest-build-provenance` from 1.3.2 to 1.3.3 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](https://github.com/actions/attest-build-provenance/compare/bdd51370e0416ac948727f861e03c2f05d32d78e...5e9cb68e95676991667494a6a4e59b8a2f13e1d0) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build: bump org.assertj:assertj-core from 3.26.0 to 3.26.3 (#3720) Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.26.0 to 3.26.3. - [Release notes](https://github.com/assertj/assertj/releases) - [Commits](https://github.com/assertj/assertj/compare/assertj-build-3.26.0...assertj-build-3.26.3) --- updated-dependencies: - dependency-name: org.assertj:assertj-core dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * z/OS avoids using NOFOLLOW_LINKS (#3722) * z/OS avoids using NOFOLLOW_LINKS * add changelg entry for zos-no-follow-links * build: bump version.byte-buddy from 1.14.17 to 1.14.18 (#3718) * build: bump version.byte-buddy from 1.14.17 to 1.14.18 Bumps `version.byte-buddy` from 1.14.17 to 1.14.18. Updates `net.bytebuddy:byte-buddy` from 1.14.17 to 1.14.18 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.14.17...byte-buddy-1.14.18) Updates `net.bytebuddy:byte-buddy-agent` from 1.9.16 to 1.14.18 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.9.16...byte-buddy-1.14.18) Updates `net.bytebuddy:byte-buddy-dep` from 1.14.17 to 1.14.18 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.14.17...byte-buddy-1.14.18) --- updated-dependencies: - dependency-name: net.bytebuddy:byte-buddy dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: net.bytebuddy:byte-buddy-agent dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: net.bytebuddy:byte-buddy-dep dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * old version stays --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: jackshirazi <[email protected]> * Capture request body for Apache HttpClient 4.x (#3692) Co-authored-by: jackshirazi <[email protected]> * jmx-metrics-fix (#3713) * properly handle missing metrics with non-wildcards * update changelog --------- Co-authored-by: jackshirazi <[email protected]> * build: bump io.micrometer:micrometer-core from 1.13.1 to 1.13.2 (#3729) Bumps [io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer) from 1.13.1 to 1.13.2. - [Release notes](https://github.com/micrometer-metrics/micrometer/releases) - [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.13.1...v1.13.2) --- updated-dependencies: - dependency-name: io.micrometer:micrometer-core dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build: bump org.springframework.boot:spring-boot-dependencies from 2.7.16 to 3.3.2 (#3727) * build: bump org.springframework.boot:spring-boot-dependencies Bumps [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 2.7.16 to 3.3.2. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](https://github.com/spring-projects/spring-boot/compare/v2.7.16...v3.3.2) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-dependencies dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Update pom.xml * Update pom.xml * Update pom.xml --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: jackshirazi <[email protected]> * pre release: elastic-apm-agent v1.51.0 (#3731) Co-authored-by: obltmachine <[email protected]> * Use 1.5.5 lambda layer for tests because 1.5.6 seems to be broken (#3735) --------- Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: Adrien Mannocci <[email protected]> Signed-off-by: Adrian Cole <[email protected]> Co-authored-by: apmmachine <[email protected]> Co-authored-by: Victor Martinez <[email protected]> Co-authored-by: Som <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jonas Kunz <[email protected]> Co-authored-by: SylvainJuge <[email protected]> Co-authored-by: Jan Calanog <[email protected]> Co-authored-by: Rafael Winterhalter <[email protected]> Co-authored-by: Nugusbayev Kanagat <[email protected]> Co-authored-by: Adrien Mannocci <[email protected]> Co-authored-by: jackshirazi <[email protected]> Co-authored-by: apmmachine <[email protected]> Co-authored-by: Thomas ANDRI Wijayanto <[email protected]> Co-authored-by: Deniza Topalova <[email protected]> Co-authored-by: Deniza Topalova <[email protected]> Co-authored-by: Adrian Cole <[email protected]> Co-authored-by: jackshirazi <[email protected]> Co-authored-by: Luca Belluccini <[email protected]> Co-authored-by: obltmachine <[email protected]>
What does this pull request do?
Release two flavours of Docker images:
Please note that we are going to preserve the current
Dockerfile
, so that users will still be able to build their custom images based onAlpine
: this is needed becausedocker.elastic.co/wolfi/chainguard-base
is not a public base image, so docker build would fail for unauthenticated users.Tests
I created a feature branch
test/docker-images-wolfi
and ran the snapshot workflow:Checklist