artin/sourcegraph
1
0
Fork 0
mirror of https://github.com/sourcegraph/sourcegraph.git synced 2026-02-06 18:31:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
sqs/workflows
sourcegraph/doc/dependency_decisions.yml
Robert Lin 7d91894a01
chore/otel-collector: upgrade to v0.103.0, remove jaegerexporter (#63171) 
Thread:
https://sourcegraph.slack.com/archives/C1JH2BEHZ/p1717797870638299

One problem caused by this upgrade is that the [deprecated
`jaegerexporter`](https://github.com/open-telemetry/opentelemetry-specification/pull/2858)
no longer builds at all with the last published version, so for the
upgrade to go through it must be removed. I've updated local `sg start`
to work with this change, but some Release team support is needed for
deployment configuration + customer-facing docs changes:
https://sourcegraph.slack.com/archives/C1JH2BEHZ/p1718143249191349?thread_ts=1717797870.638299&cid=C1JH2BEHZ,
since current guidance asks customers to configure `jaegerexporter`.

Part of https://linear.app/sourcegraph/issue/SEC-1680

Closes https://linear.app/sourcegraph/issue/CORE-177

## Test plan

Followed steps shared in
https://sourcegraph.slack.com/archives/C04MYFW01NV/p1718136211292469 to
run locally, since `sg run jaeger otel-collector` alone is insufficient
to get updated images:

```diff
diff --git a/wolfi-images/opentelemetry-collector.yaml b/wolfi-images/opentelemetry-collector.yaml
index b995a3d531b..76de80d4f84 100644
--- a/wolfi-images/opentelemetry-collector.yaml
+++ b/wolfi-images/opentelemetry-collector.yaml
@@ -7,7 +7,11 @@ contents:
     - mailcap
 
     ## opentelemetry-collector packages
-    - opentelemetry-collector@sourcegraph
+    - opentelemetry-collector@branch
+  keyring:
+    - https://packages.sgdev.org/sourcegraph-melange-dev.rsa.pub
+  repositories:
+    - '@branch https://packages.sgdev.org/branches/otel-collector-upgrade'
 
 paths:
   - path: /otel-collector
```

plus `sg wolfi lock opentelemetry-collector` will make `sg run
otel-collector` use the correct image.

**The above diffs SHOULD NOT be committed. The lock should happen
post-merge.**

Spot-checked some traces locally with:

```
sg run jaeger otel-collector
sg start
```


![image](https://github.com/sourcegraph/sourcegraph/assets/23356519/dff88d5a-db9a-4039-b7ba-682e120bdc41)


![image](https://github.com/sourcegraph/sourcegraph/assets/23356519/7e553894-0026-47de-ae38-ba5502b94c63)


## Changelog 

- OpenTelemetry Collector: Upgraded OpenTelemetry Collector to v0.103.0
- OpenTelemetry Collector: The [deprecated `jaegerexporter` has been
removed](https://github.com/open-telemetry/opentelemetry-specification/pull/2858).
Users of `exporter: { jaeger: ... }` in the OpenTelemetry Collector
should use `exporter: { otlp/jaeger: ... }` to send traces directly to
Jaeger via its OTLP receiver.
- Users of the default Jaeger configurations now need to provide
`JAEGER_OTLP_GRPC_PORT` as well as the existing `JAEGER_HOST`
configuration.

---------

Co-authored-by: Anish Lakhwara <anish+github@lakhwara.com>
Co-authored-by: Anish Lakhwara <anish+git@lakhwara.com>
2024-07-10 09:01:41 -07:00

638 lines
12 KiB
YAML
Raw Permalink Blame History

---
- - :restrict
- unknown
- &1
:who:
:why: Import licenses-npm.sh FAIL_ON
:versions: []
:when: 2020-06-05 18:25:53.630259000 Z
- - :restrict
- UNKNOWN
- *1
- - :restrict
- GPL-1.0-only
- *1
- - :restrict
- GPL-1.0-or-later
- *1
- - :restrict
- GPL-2.0-only
- *1
- - :restrict
- GPL-2.0-or-later
- *1
- - :restrict
- GPL-3.0-only
- *1
- - :restrict
- GPL-3.0-or-later
- *1
- - :permit
- 0BSD
- &2
:who:
:why: Import approved licenses from ThirdPartyLicensesNpm.csv
:versions: []
:when: 2020-06-05 19:02:14.987331000 Z
- - :permit
- BSD
- *2
- - :permit
- Apache-2.0
- *2
- - :permit
- Apache-2
- *2
- - :permit
- BSD-2-Clause
- *2
- - :permit
- BSD-3-Clause
- *2
- - :permit
- CC-BY-3.0
- *2
- - :permit
- CC0-1.0
- *2
- - :permit
- ISC
- *2
- - :permit
- MIT
- *2
- - :permit
- Unlicense
- *2
- - :permit
- W3C
- *2
- - :permit
- MPL-2.0
- *2
- - :permit
- "(MIT OR Apache-2.0)"
- *2
- - :permit
- Artistic-2.0
- *2
- - :permit
- MIT*
- *2
- - :permit
- BSD*
- *2
- - :permit
- "(MIT AND OFL-1.1)"
- *2
- - :permit
- "(WTFPL OR MIT)"
- *2
- - :permit
- "(BSD-2-Clause OR MIT OR Apache-2.0)"
- *2
- - :permit
- "(BSD-2-Clause OR MIT)"
- *2
- - :permit
- WTFPL
- *2
- - :permit
- Public domain
- *2
- - :permit
- Apache*
- *2
- - :ignore_group
- devDependencies
- :who:
:why: Exclude development dependencies that are not included in bundles
:versions: []
:when: 2020-06-05 21:28:58.197862000 Z
- - :license
- sourcegraph
- Apache-2.0
- &3
:who:
:why:
:versions: []
:when: 2020-06-15 06:45:58.540797000 Z
- - :homepage
- sourcegraph
- https://github.com/sourcegraph/sourcegraph
- *3
- - :license
- "@sourcegraph/extension-api-types"
- Apache-2.0
- *3
- - :license
- github.com/beevik/etree
- BSD-3-Clause
- *3
- - :license
- github.com/bkaradzic/go-lz4
- BSD-2-Clause
- *3
- - :license
- github.com/bmizerany/assert
- MIT
- *3
- - :license
- github.com/chzyer/logex
- MIT
- *3
- - :license
- github.com/crewjam/httperr
- BSD-2-Clause
- *3
- - :license
- github.com/cznic/mathutil
- MIT
- *3
- - :license
- github.com/dchest/uniuri
- CC0-1.0
- *3
- - :license
- github.com/dnaeon/go-vcr
- MIT
- *3
- - :license
- github.com/facebookgo/ensure
- BSD
- *3
- - :license
- github.com/facebookgo/limitgroup
- BSD
- *3
- - :license
- github.com/facebookgo/muster
- BSD
- *3
- - :license
- github.com/facebookgo/stack
- BSD
- *3
- - :license
- github.com/facebookgo/subset
- BSD
- *3
- - :license
- github.com/garyburd/redigo
- Apache-2.0
- *3
- - :license
- github.com/golangci/go-misc
- MIT
- *3
- - :license
- github.com/gomodule/oauth1
- Apache-2.0
- *3
- - :license
- github.com/gomodule/redigo
- Apache-2.0
- *3
- - :license
- github.com/jackc/pgtype
- MIT
- *3
- - :license
- github.com/inconshreveable/mousetrap
- Apache-2.0
- *3
- - :license
- github.com/jmespath/go-jmespath
- Apache-2.0
- *3
- - :license
- github.com/julienschmidt/httprouter
- BSD-3-Clause
- *3
- - :license
- github.com/karlseguin/typed
- MIT
- *3
- - :license
- github.com/mattn/goveralls
- MIT
- *3
- - :license
- github.com/rcrowley/go-metrics
- MIT
- *3
- - :license
- github.com/russellhaering/gosaml2
- Apache-2.0
- *3
- - :license
- github.com/russellhaering/goxmldsig
- Apache-2.0
- *3
- - :license
- github.com/shirou/w32
- MIT
- *3
- - :license
- github.com/shurcooL/github_flavored_markdown
- MIT
- *3
- - :license
- github.com/shurcooL/go-goon
- MIT
- *3
- - :license
- github.com/shurcooL/highlight_go
- MIT
- *3
- - :license
- github.com/sloonz/go-qprintable
- ISC
- *3
- - :license
- github.com/spf13/afero
- Apache-2.0
- *3
- - :license
- github.com/xdg/scram
- Apache-2.0
- *3
- - :license
- github.com/xdg/stringprep
- Apache-2.0
- *3
- - :license
- modernc.org/b
- BSD-3-Clause
- *3
- - :license
- modernc.org/db
- BSD-3-Clause
- *3
- - :license
- modernc.org/file
- BSD-3-Clause
- *3
- - :license
- modernc.org/golex
- BSD-3-Clause
- *3
- - :license
- modernc.org/internal
- BSD-3-Clause
- *3
- - :license
- modernc.org/lldb
- BSD-3-Clause
- *3
- - :license
- modernc.org/mathutil
- BSD-3-Clause
- *3
- - :license
- modernc.org/sortutil
- BSD-3-Clause
- *3
- - :license
- modernc.org/strutil
- BSD-3-Clause
- *3
- - :license
- github.com/pjbgf/sha1cd
- Apache 2.0
- *3
- - :ignore
- github.com/OpenPeeDeeP/depguard
- :who:
:why: Development dependency
:versions: []
:when: 2020-06-16 02:19:49.896604000 Z
- - :ignore
- github.com/golangci/check
- :who:
:why: Development dependency
:versions: []
:when: 2020-06-16 02:20:06.274998000 Z
- - :name_project
- sourcegraph/sourcegraph
- :who:
:why:
:versions: []
:when: 2020-06-16 02:20:33.870044000 Z
- - :approve
- mdi-react
- :who:
:why: Seems to be a bug approving this dependency, despite its license already
being on the approvelist
:versions: []
:when: 2020-07-02 01:16:22.339839000 Z
- - :license
- github.com/sourcegraph/gosaml2
- Apache 2.0
- :who:
:why:
:versions: []
:when: 2020-08-12 08:03:13.360476000 Z
- - :permit
- CC-BY-4.0
- :who:
:why: Used by caniuse-lite
:when: 2020-09-23 12:14:34.205000000 Z
- - :ignore
- "./dev/ci/images"
- :who:
:why: Internal module
:versions: []
:when: 2020-11-29 06:02:35.623296000 Z
- - :ignore
- "./lib"
- :who:
:why: Internal module
:versions: []
:when: 2021-03-09 19:42:12.214862934 Z
- - :license
- github.com/aws/smithy-go
- Apache 2.0
- :who:
:why: Inference broken, LICENSE file lives at https://github.com/aws/smithy-go/blob/main/LICENSE
:versions: []
:when: 2021-04-14 12:51:19.503802000 Z
- - :permit
- Python-2.0
- :who:
:why: Used by argparse
:versions: []
:when: 2021-10-12 11:17:37.706276000 Z
- - :license
- github.com/DataDog/sketches-go
- Apache 2.0
- :who:
:why:
:versions: []
:when: 2022-02-18 21:09:06.289293214 Z
- - :license
- github.com/layeh/gopher-json
- Public domain
- :who:
:why:
:versions: []
:when: 2022-04-18 21:25:36.854878000 Z
- - :ignore
- root-workspace-0b6124
- :who:
:why:
:versions: []
:when: 2022-12-05 09:54:08.112251000 Z
- - :ignore
- trim
- :who:
:why:
:versions: []
:when: 2022-12-05 09:54:31.944623000 Z
- - :ignore
- "./monitoring"
- :who:
:why: Internal module
:versions: []
:when: 2022-12-16 22:04:46.864944000 Z
- - :license
- "@atlassian/aui"
- Apache 2.0
- :who:
:why: Inference broken, LICENSE file lives at https://bitbucket.org/atlassian/aui/src/master/packages/core/LICENSE.md
:versions: []
:when: 2023-01-09 04:35:08.321179000 Z
- - :license
- browser-assert
- MIT
- :who:
:why: Inference broken, LICENSE file lives at https://github.com/socialally/browser-assert/blob/master/LICENSE
:versions: []
:when: 2023-01-09 04:44:39.507826000 Z
- - :ignore
- buffers
- :who:
:why: No LICENSE file, see https://www.npmjs.com/package/buffers
:versions: []
:when: 2023-01-09 04:47:26.508863000 Z
- - :permit
- MIT/X11
- :who:
:why: The MIT license and the MIT/X11 license are actually the same thing. The
MIT/X11 license is just an older name for the MIT license, which was adopted
in the 1980s when the X Window System (also known as X11) was popular.
:versions: []
:when: 2023-01-09 04:50:14.994464000 Z
- - :permit
- Public Domain
- :who:
:why: The Public Domain license is a legal designation that indicates that a work
is not protected by copyright and can be used freely by anyone, for any purpose.
:versions: []
:when: 2023-01-09 04:53:01.534607000 Z
- - :ignore
- language-tags
- :who:
:why: Used by the `eslint-plugin-jsx-a11y` dependency.
:versions: []
:when: 2023-01-09 04:55:27.641853000 Z
- - :ignore
- language-subtag-registry
- :who:
:why: Used by the `eslint-plugin-jsx-a11y` dependency.
:versions: []
:when: 2023-01-09 04:55:27.641853000 Z
- - :license
- skatejs-template-html
- MIT
- :who:
:why: Inference broken, LICENSE file lives at https://www.npmjs.com/package/skatejs-template-html#license
:versions: []
:when: 2023-01-09 04:56:45.936694000 Z
- - :license
- stdin
- MIT
- :who:
:why: Inference broken, LICENSE file lives at https://www.npmjs.com/package/stdin#license
:versions: []
:when: 2023-01-09 04:58:41.642155000 Z
- - :ignore
- eslint-plugin-deprecation
- :who:
:why: dependency from backstage
:versions: []
:when: 2023-01-19 20:03:11.764982000 Z
- - :ignore
- fast-shallow-equal
- :who:
:why: dependency from backstage
:versions: []
:when: 2023-01-19 20:03:33.000495000 Z
- - :ignore
- pako
- :who:
:why: dependency from backstage
:versions: []
:when: 2023-01-19 20:03:51.213298000 Z
- - :ignore
- react-universal-interface
- :who:
:why: dependency from backstage
:versions: []
:when: 2023-01-19 20:04:06.690991000 Z
- - :ignore
- tosource
- :who:
:why: dependency from backstage
:versions: []
:when: 2023-01-19 20:25:48.126482000 Z
- - :ignore
- rollup-plugin-dts
- :who:
:why: dependency from backstage
:versions: []
:when: 2023-01-19 20:26:01.138835000 Z
- - :license
- github.com/xi2/xz
- Public domain
- :who:
:why:
:versions: []
:when: 2023-01-12 01:20:17.504279000 Z
- - :license
- github.com/hashicorp/cronexpr
- Apache 2.0
- :who:
:why:
:versions: []
:when: 2023-06-02 13:33:29.979046000 Z
- - :license
- "@jspm/core"
- Apache 2.0
- :who:
:why:
:versions: []
:when: 2023-06-19 14:46:26.158816000 Z
- - :license
- require-like
- MIT
- :who:
:why:
:versions: []
:when: 2023-06-19 14:47:16.005983000 Z
- - :license
- github.com/ricochet2200/go-disk-usage/du
- Unlicense
- :who:
:why:
:versions: []
:when: 2023-06-19 19:11:34.298774000 Z
- - :license
- github.com/hashicorp/go-retryablehttp
- MPL-2.0
- :who:
:why:
:versions: []
:when: 2023-07-17 17:10:16.265371000 Z
- - :approve
- github.com/hashicorp/go-retryablehttp
- &4
:who:
:why:
:versions: []
:when: 2023-07-17 18:09:46.313307000 Z
- - :approve
- MPL-2.0
- *4
- - :permit
- BlueOak-1.0.0
- :who:
:why: Approved permissive license (https://handbook.sourcegraph.com/departments/engineering/dev/process/licenses/#allowed-licenses-permissive-licenses)
:versions: []
:when: 2023-07-27 21:22:46.362043095 Z
- - :license
- github.com/hashicorp/terraform-cdk-go/cdktf
- MPL-2.0
- :who:
:why:
:versions: []
:when: 2023-08-23 22:45:52.736440000 Z
- - :license
- github.com/hashicorp/go-tfe
- MPL-2.0
- :who:
:why:
:versions: []
:when: 2023-09-06 22:04:27.722891000 Z
- - :ignore
- "./lib/managedservicesplatform"
- :who:
:why: Internal module
:versions: []
:when: 2023-09-23 22:04:27.722891000 Z
- - :ignore
- github.com/sourcegraph/cloud-api
- :who:
:why: Internal sourcegraph library
:versions: []
:when: 2024-04-22 13:42:26.498522000 Z
- - :permit
- FreeType
- &5
:who:
:why:
:versions: []
:when: 2024-04-29 15:13:39.206315000 Z
- - :license
- github.com/golang/freetype
- FreeType
- *5
- - :license
- gonum.org/v1/plot
- BSD-3-Clause
- *5
- - :license
- oss.terrastruct.com/util-go
- ISC
- *5
- - :license
- khroma
- MIT
- :who:
:why:
:versions: []
:when: 2024-05-17 13:16:23.875425000 Z
- - :permit
- EPL-2.0
- :who:
:why: permissive open source license
:versions: []
:when: 2024-05-17 13:21:45.702008000 Z
- - :license
- pgregory.net/rapid
- MPL-2.0
- :who:
:why:
:versions: []
:when: 2024-06-05 15:32:44.440111000 Z
- - :license
- github.com/hashicorp/go-version
- MPL-2.0
- :who:
:why:
:versions: []
:when: 2024-06-07 22:22:48.626799000 Z
- - :permit
- OFL-1.1
- :who:
:why: Safe open font license
:versions: []
:when: 2024-06-12 01:39:30.854523000 Z
- - :license
- github.com/antlr4-go/antlr/v4
- BSD-3-Clause
- :who:
:why:
:versions: []
:when: 2024-06-18 18:25:40.220943000 Z
Reference in New Issue View Git Blame Copy Permalink