diff --git a/.github/workflows/docker-images.yml b/.github/workflows/docker-images.yml new file mode 100644 index 000000000..665e27aff --- /dev/null +++ b/.github/workflows/docker-images.yml @@ -0,0 +1,29 @@ +name: Docker Images +on: + pull_request: + push: + branches: + - main + schedule: # Rebuild images nightly + - cron: '0 0 * * *' + +jobs: + otel: + runs-on: ubuntu-latest + steps: + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Build Base + uses: docker/build-push-action@v6 + with: + push: ${{ github.ref == 'refs/heads/main' && true || false}} + platforms: linux/amd64,linux/arm64 + tags: pocket/opentelemetry-collector-contrib + context: "{{defaultContext}}:images/otel" \ No newline at end of file diff --git a/images/otel/Dockerfile b/images/otel/Dockerfile index 60950e9a1..8723ac064 100644 --- a/images/otel/Dockerfile +++ b/images/otel/Dockerfile @@ -1,14 +1,17 @@ -FROM alpine:latest +# Use an alpine image as our base image, this allows us to define our own entry point script and have access to sh or bash, which the otel image does not have +FROM alpine:3 -COPY --from=otel/opentelemetry-collector-contrib:latest /otelcol-contrib /otelcol-contrib +# Copy the otelcol-contrib binary from the official image +COPY --from=otel/opentelemetry-collector-contrib:0.111.0 /otelcol-contrib /otelcol-contrib COPY otel-collector-config.yaml /etc/otelcol-contrib/config.yaml -COPY entrypont.sh /entrypont.sh -RUN chmod a+x /entrypont.sh +COPY entrypoint.sh /entrypoint.sh +RUN chmod a+x /entrypoint.sh +#Set the ENV variable for the google credentials that will be used by the google cloud exporter and mounted via an environment variable that will be saved to this file via our entrypoint script ENV GOOGLE_APPLICATION_CREDENTIALS=/etc/otelcol-contrib/key.json WORKDIR / -ENTRYPOINT [ "./entrypont.sh" ] +ENTRYPOINT [ "./entrypoint.sh" ] CMD [ "/otelcol-contrib", "--config", "/etc/otelcol-contrib/config.yaml" ] \ No newline at end of file diff --git a/images/otel/entrypont.sh b/images/otel/entrypoint.sh similarity index 100% rename from images/otel/entrypont.sh rename to images/otel/entrypoint.sh diff --git a/images/otel/otel-collector-config.yaml b/images/otel/otel-collector-config.yaml index 8b3be0726..a90492004 100644 --- a/images/otel/otel-collector-config.yaml +++ b/images/otel/otel-collector-config.yaml @@ -42,6 +42,10 @@ processors: - key: host.id from_attribute: aws.ecs.task.id action: upsert + # https://opentelemetry.io/docs/specs/semconv/resource/deployment-environment/ + - key: deployment.environment.name + value: ${env:DEPLOYMENT_ENVIRONMENT_NAME} + action: upsert service: pipelines: diff --git a/infrastructure/client-api/src/main.ts b/infrastructure/client-api/src/main.ts index 9eea913c5..0aab79814 100644 --- a/infrastructure/client-api/src/main.ts +++ b/infrastructure/client-api/src/main.ts @@ -286,6 +286,12 @@ class ClientAPI extends TerraformStack { containerPort: 55681, }, ], + envVars: [ + { + name: 'DEPLOYMENT_ENVIRONMENT_NAME', + value: config.tags.env_code, + }, + ], secretEnvVars: [ { name: 'GOOGLE_APPLICATION_CREDENTIALS_JSON', diff --git a/infrastructure/list-api/src/main.ts b/infrastructure/list-api/src/main.ts index 99706311b..052cb348d 100644 --- a/infrastructure/list-api/src/main.ts +++ b/infrastructure/list-api/src/main.ts @@ -324,6 +324,12 @@ class ListAPI extends TerraformStack { containerPort: 55681, }, ], + envVars: [ + { + name: 'DEPLOYMENT_ENVIRONMENT_NAME', + value: config.tags.env_code, + }, + ], secretEnvVars: [ { name: 'GOOGLE_APPLICATION_CREDENTIALS_JSON', diff --git a/infrastructure/parser-graphql-wrapper/src/main.ts b/infrastructure/parser-graphql-wrapper/src/main.ts index 56bfb071e..247b798e5 100644 --- a/infrastructure/parser-graphql-wrapper/src/main.ts +++ b/infrastructure/parser-graphql-wrapper/src/main.ts @@ -298,6 +298,12 @@ class ParserGraphQLWrapper extends TerraformStack { containerPort: 55681, }, ], + envVars: [ + { + name: 'DEPLOYMENT_ENVIRONMENT_NAME', + value: config.tags.env_code, + }, + ], secretEnvVars: [ { name: 'GOOGLE_APPLICATION_CREDENTIALS_JSON', diff --git a/infrastructure/user-api/src/main.ts b/infrastructure/user-api/src/main.ts index c610d9563..3cf4c6a2d 100644 --- a/infrastructure/user-api/src/main.ts +++ b/infrastructure/user-api/src/main.ts @@ -218,6 +218,12 @@ class UserAPI extends TerraformStack { containerPort: 55681, }, ], + envVars: [ + { + name: 'DEPLOYMENT_ENVIRONMENT_NAME', + value: config.tags.env_code, + }, + ], secretEnvVars: [ { name: 'GOOGLE_APPLICATION_CREDENTIALS_JSON', @@ -282,11 +288,6 @@ class UserAPI extends TerraformStack { 'logs:CreateLogStream', 'logs:DescribeLogStreams', 'logs:DescribeLogGroups', - 'xray:PutTraceSegments', - 'xray:PutTelemetryRecords', - 'xray:GetSamplingRules', - 'xray:GetSamplingTargets', - 'xray:GetSamplingStatisticSummaries', ], resources: ['*'], effect: 'Allow', diff --git a/infrastructure/user-list-search/ecs.tf b/infrastructure/user-list-search/ecs.tf index 5bcbe3144..9780df9ba 100644 --- a/infrastructure/user-list-search/ecs.tf +++ b/infrastructure/user-list-search/ecs.tf @@ -128,6 +128,11 @@ module "otel" { } } + environment = [{ + name = "DEPLOYMENT_ENVIRONMENT_NAME", + value = local.tags.env_code, + }] + secrets = [{ name = "GOOGLE_APPLICATION_CREDENTIALS_JSON" valueFrom = "${local.secret_path_shared}GCP_SA_TRACES:::" diff --git a/infrastructure/v3-proxy-api/src/main.ts b/infrastructure/v3-proxy-api/src/main.ts index 2cce2ecf4..24f8f7527 100644 --- a/infrastructure/v3-proxy-api/src/main.ts +++ b/infrastructure/v3-proxy-api/src/main.ts @@ -148,6 +148,12 @@ class Stack extends TerraformStack { containerPort: 55681, }, ], + envVars: [ + { + name: 'DEPLOYMENT_ENVIRONMENT_NAME', + value: config.tags.env_code, + }, + ], secretEnvVars: [ { name: 'GOOGLE_APPLICATION_CREDENTIALS_JSON',