From 29237f651b7e0f3968d9d9ad8c133a62b8047e18 Mon Sep 17 00:00:00 2001 From: Michael Safyan Date: Tue, 15 Apr 2025 17:22:34 -0500 Subject: [PATCH] [chore] Make build fully support podman-is-docker. (#2080) Co-authored-by: Liudmila Molkova --- .github/workflows/build-system-check.yml | 103 +++++++++++++++++++++++ .github/workflows/checks.yml | 17 ++-- Makefile | 33 ++++++-- README.md | 2 +- dependencies.Dockerfile | 3 + internal/tools/schema_check.sh | 6 +- 6 files changed, 147 insertions(+), 17 deletions(-) create mode 100644 .github/workflows/build-system-check.yml diff --git a/.github/workflows/build-system-check.yml b/.github/workflows/build-system-check.yml new file mode 100644 index 000000000..b197b1959 --- /dev/null +++ b/.github/workflows/build-system-check.yml @@ -0,0 +1,103 @@ +name: Build System Check + +on: + push: + paths: + - 'Makefile' + - 'dependencies.Dockerfile' + - 'internal/tools/**' + pull_request: + paths: + - 'Makefile' + - 'dependencies.Dockerfile' + - 'internal/tools/**' + +jobs: + + # Ensure that invoking "make" without a specific build target will succeed. + make-default-target: + runs-on: ubuntu-latest + strategy: + matrix: + container-runner: ["docker", "podman"] + steps: + - name: install podman and podman-docker + if: ${{ matrix.container-runner == 'podman' }} + run: sudo apt-get install podman podman-docker + + - name: check out code + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + + - name: install dependencies + run: npm install + + - name: invoke make + run: make + env: + LYCHEE_GITHUB_TOKEN: ${{ github.token }} + + + # The "CONTRIBUTING.md" guide provides these make targets for regenerating the files; + # ensure that the steps in the "CONTRIBUTING.md" guide continue to work. + make-generation-from-contributing-guide: + runs-on: ubuntu-latest + strategy: + matrix: + container-runner: ["docker", "podman"] + steps: + - name: install podman and podman-docker + if: ${{ matrix.container-runner == 'podman' }} + run: sudo apt-get install podman podman-docker + + - name: check out code + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + + - name: install dependencies + run: npm install + + - name: invoke make + run: make table-generation attribute-registry-generation + + # The "CONTRIBUTING.md" guide provides these make targets for verifying the policies; + # ensure that the steps in the "CONTRIBUTING.md" guide continue to work. + make-check-policies-from-contributing-guide: + runs-on: ubuntu-latest + strategy: + matrix: + container-runner: ["docker", "podman"] + steps: + - name: install podman and podman-docker + if: ${{ matrix.container-runner == 'podman' }} + run: sudo apt-get install podman podman-docker + + - name: check out code + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + + - name: install dependencies + run: npm install + + - name: invoke make + run: make check-policies + + # The "CONTRIBUTING.md" guide provides these make targets for doing a last minute full + # check over the entire repo before attempting to send a PR. Make sure this succeeds. + make-check-from-contributing-guide: + runs-on: ubuntu-latest + strategy: + matrix: + container-runner: ["docker", "podman"] + steps: + - name: install podman and podman-docker + if: ${{ matrix.container-runner == 'podman' }} + run: sudo apt-get install podman podman-docker + + - name: check out code + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + + - name: install dependencies + run: npm install + + - name: invoke make + run: make check + env: + LYCHEE_GITHUB_TOKEN: ${{ github.token }} diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index 00ae63b92..35ed40436 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -46,6 +46,8 @@ jobs: - name: run markdown-link-check run: make markdown-link-check + env: + LYCHEE_GITHUB_TOKEN: ${{ github.token }} markdown-toc-check: runs-on: ubuntu-latest @@ -74,14 +76,16 @@ jobs: semantic-conventions: runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - name: check out code + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: verify semantic convention tables run: make table-check semantic-conventions-registry: runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - name: check out code + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: verify registry tables run: | make attribute-registry-generation @@ -90,7 +94,8 @@ jobs: schemas-check: runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - name: check out code + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: verify schemas run: make schema-check @@ -106,14 +111,16 @@ jobs: policies-check: runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - name: check out code + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: verify semantic conventions yaml definitions run: make check-policies polices-test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - name: check out code + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: verify semantic conventions yaml definitions run: make test-policies diff --git a/Makefile b/Makefile index dff3ce217..b3bc3242e 100644 --- a/Makefile +++ b/Makefile @@ -10,6 +10,13 @@ else SED ?= sed endif + +ifeq ($(LYCHEE_GITHUB_TOKEN),) + LYCHEE_GITHUB_TOKEN_ARG := +else: + LYCHEE_GITHUB_TOKEN_ARG := --env GITHUB_TOKEN=$(LYCHEE_GITHUB_TOKEN) +endif + TOOLS_DIR := $(PWD)/internal/tools MARKDOWN_LINK_CHECK_ARG= # pass extra arguments such as --exclude '^http' @@ -27,6 +34,7 @@ CONTAINER_REPOSITORY=docker.io WEAVER_CONTAINER_REPOSITORY=$(CONTAINER_REPOSITORY) SEMCONVGEN_CONTAINER_REPOSITORY=$(CONTAINER_REPOSITORY) OPA_CONTAINER_REPOSITORY=$(CONTAINER_REPOSITORY) +LYCHEE_CONTAINER_REPOSITORY=$(CONTAINER_REPOSITORY) # Versioned, non-qualified references to containers used in this Makefile. # These are parsed from dependencies.Dockerfile so dependabot will autoupdate @@ -34,6 +42,7 @@ OPA_CONTAINER_REPOSITORY=$(CONTAINER_REPOSITORY) VERSIONED_WEAVER_CONTAINER_NO_REPO=$(shell cat dependencies.Dockerfile | awk '$$4=="weaver" {print $$2}') VERSIONED_SEMCONVGEN_CONTAINER_NO_REPO=$(shell cat dependencies.Dockerfile | awk '$$4=="semconvgen" {print $$2}') VERSIONED_OPA_CONTAINER_NO_REPO=$(shell cat dependencies.Dockerfile | awk '$$4=="opa" {print $$2}') +VERSIONED_LYCHEE_CONTAINER_NO_REPO=$(shell cat dependencies.Dockerfile | awk '$$4=="lychee" {print $$2}') # Fully qualified references to containers used in this Makefile. These # include the container repository, so that the build will work with tools @@ -46,7 +55,7 @@ VERSIONED_OPA_CONTAINER_NO_REPO=$(shell cat dependencies.Dockerfile | awk '$$4== WEAVER_CONTAINER=$(WEAVER_CONTAINER_REPOSITORY)/$(VERSIONED_WEAVER_CONTAINER_NO_REPO) SEMCONVGEN_CONTAINER=$(SEMCONVGEN_CONTAINER_REPOSITORY)/$(VERSIONED_SEMCONVGEN_CONTAINER_NO_REPO) OPA_CONTAINER=$(OPA_CONTAINER_REPOSITORY)/$(VERSIONED_OPA_CONTAINER_NO_REPO) - +LYCHEE_CONTAINER=$(LYCHEE_CONTAINER_REPOSITORY)/$(VERSIONED_LYCHEE_CONTAINER_NO_REPO) CHECK_TARGETS=install-tools markdownlint misspell table-check compatibility-check \ schema-check check-file-and-folder-names-in-docs @@ -121,22 +130,23 @@ normalized-link-check: .PHONY: markdown-link-check markdown-link-check: normalized-link-check - # pinning lychee to 0.18.1 $(DOCKER_RUN) --rm \ - --mount 'type=bind,source=$(PWD),target=/home/repo' \ - lycheeverse/lychee:sha-2aa22f8 \ + $(DOCKER_USER_IS_HOST_USER_ARG) \ + --mount 'type=bind,source=$(PWD),target=/home/repo' $(LYCHEE_GITHUB_TOKEN_ARG) \ + $(LYCHEE_CONTAINER) \ --config home/repo/.lychee.toml \ --root-dir /home/repo \ --verbose \ + --timeout=60 \ $(MARKDOWN_LINK_CHECK_ARG) \ home/repo .PHONY: markdown-link-check-changelog-preview markdown-link-check-changelog-preview: - # pinning lychee to 0.18.1 $(DOCKER_RUN) --rm \ - --mount 'type=bind,source=$(PWD),target=/home/repo' \ - lycheeverse/lychee:sha-2aa22f8 \ + $(DOCKER_USER_IS_HOST_USER_ARG) \ + --mount 'type=bind,source=$(PWD),target=/home/repo' $(LYCHEE_GITHUB_TOKEN_ARG) \ + $(LYCHEE_CONTAINER) \ --config /home/repo/.lychee.toml \ --root-dir /home/repo \ --verbose \ @@ -212,6 +222,7 @@ attribute-registry-generation: .PHONY: table-check table-check: $(DOCKER_RUN) --rm \ + $(DOCKER_USER_IS_HOST_USER_ARG) \ --mount 'type=bind,source=$(PWD)/templates,target=/home/weaver/templates,readonly' \ --mount 'type=bind,source=$(PWD)/model,target=/home/weaver/source,readonly' \ --mount 'type=bind,source=$(PWD)/docs,target=/home/weaver/target,readonly' \ @@ -300,6 +311,10 @@ LATEST_RELEASED_SEMCONV_VERSION := $(shell git ls-remote --tags https://github.c .PHONY: check-policies check-policies: $(DOCKER_RUN) --rm \ + $(DOCKER_USER_IS_HOST_USER_ARG) \ + --env USER=weaver \ + --env HOME=/home/weaver \ + -v $(shell mktemp -d):/home/weaver/.weaver \ --mount 'type=bind,source=$(PWD)/policies,target=/home/weaver/policies,readonly' \ --mount 'type=bind,source=$(PWD)/model,target=/home/weaver/source,readonly' \ ${WEAVER_CONTAINER} registry check \ @@ -310,7 +325,7 @@ check-policies: # Test rego policies .PHONY: test-policies test-policies: - $(DOCKER_RUN) --rm -v $(PWD)/policies:/policies -v $(PWD)/policies_test:/policies_test \ + $(DOCKER_RUN) --rm $(DOCKER_USER_IS_HOST_USER_ARG) -v $(PWD)/policies:/policies -v $(PWD)/policies_test:/policies_test \ ${OPA_CONTAINER} test \ --var-values \ --explain fails \ @@ -321,5 +336,5 @@ test-policies: # once github action requirements are updated. .PHONY: compatibility-check compatibility-check: - $(DOCKER_RUN) --rm -v $(PWD)/model:/source -v $(PWD)/docs:/spec --pull=always \ + $(DOCKER_RUN) --rm $(DOCKER_USER_IS_HOST_USER_ARG) -v $(PWD)/model:/source -v $(PWD)/docs:/spec --pull=always \ $(SEMCONVGEN_CONTAINER) --continue-on-validation-errors -f /source compatibility --previous-version $(LATEST_RELEASED_SEMCONV_VERSION) diff --git a/README.md b/README.md index ac8d2e8e9..e3bcc626b 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # OpenTelemetry Icon OpenTelemetry Semantic Conventions -[![Checks](https://github.com/open-telemetry/semantic-conventions/workflows/Checks/badge.svg?branch=main)](https://github.com/open-telemetry/semantic-conventions/actions?query=workflow%3A%22Checks%22+branch%3Amain) +[![Checks](https://github.com/open-telemetry/semantic-conventions/workflows/Checks/badge.svg)](https://github.com/open-telemetry/semantic-conventions/actions?query=workflow%3A%22Checks%22+branch%3Amain) [![GitHub tag (latest SemVer)](https://img.shields.io/github/tag/open-telemetry/semantic-conventions.svg?logo=opentelemetry&&color=f5a800&label=Latest%20release)](https://github.com/open-telemetry/semantic-conventions/releases/latest) [![Specification Version](https://img.shields.io/badge/OTel_specification_version-v1.44.0-blue?logo=opentelemetry&color=f5a800)](https://github.com/open-telemetry/opentelemetry-specification/releases/tag/v1.44.0) diff --git a/dependencies.Dockerfile b/dependencies.Dockerfile index 015dbaa36..3672733dc 100644 --- a/dependencies.Dockerfile +++ b/dependencies.Dockerfile @@ -11,3 +11,6 @@ FROM openpolicyagent/opa:1.3.0@sha256:e02dc1957f7a4195f0724762269dfe3309f1334462 # Semconv gen is used for backwards compatibility checks. # TODO(jsuereth): Remove this when no longer used. FROM otel/semconvgen:0.25.0@sha256:9df7b8cbaa732277d64d0c0a8604d96bb6f5a36d0e96338cba5dced720c16485 AS semconvgen + +# Lychee is used for checking links in documentation. +FROM lycheeverse/lychee:sha-2aa22f8@sha256:07abefbbc446f9987f9a1f05016e620983c7c70889ee5a1fd00a749d8f53352e AS lychee \ No newline at end of file diff --git a/internal/tools/schema_check.sh b/internal/tools/schema_check.sh index 779fd957e..33d354d58 100755 --- a/internal/tools/schema_check.sh +++ b/internal/tools/schema_check.sh @@ -84,8 +84,10 @@ for file in $schemas_dir/*; do exit 2 fi - docker run -v $schemas_dir:/schemas \ - otel/build-tool-schemas:$BUILD_TOOL_SCHEMAS_VERSION --file /schemas/$ver --version=$ver + PODMAN_USERNS=keep-id docker run \ + -u $(id -u):$(id -g) \ + -v $schemas_dir:/schemas \ + docker.io/otel/build-tool-schemas:$BUILD_TOOL_SCHEMAS_VERSION --file /schemas/$ver --version=$ver echo "OK" done