Skip to content

Latest commit

 

History

History
466 lines (301 loc) · 18.2 KB

assets.md

File metadata and controls

466 lines (301 loc) · 18.2 KB

OpenTelemetry managed assets

This file is intended to list all the assets controlled by OpenTelemetry.

GitHub organization

Link: https://github.com/open-telemetry

Credential Storage

Community Resource Accounts

AWS account

Link: http://cncf-aws-opentelemetry.signin.aws.amazon.com/

  • Community account to published Lambda layers
  • Admin: Alex Boten @codeboten & Anthony Mirabella @aneurysm9

FOSSA

We have an OpenTelemetry team under the CNCF's enterprise account.

Link: https://app.fossa.com/

Special GitHub Action runners

Large Linux runners

CNCF provides the following large Linux runners which are available to all repositories:

Note that normal-sized Linux ARM64 runners are available for free to all public repositories.

CNCF and GitHub expect fair use of these provided resources. Please ensure your workloads are optimized to avoid unnecessary usage.

Admins: CNCF (via CNCF Service Desk ticket).

Large Windows runners

Access to large Windows runners is available to repositories on request (open a community issue), which will give access to the following GitHub-hosted runner:

  • otel-windows-latest-8-cores

Note: these runners are pay-as-you-go. CNCF and GitHub expect fair use of these provided resources. Please ensure your workloads are optimized to avoid unnecessary usage.

Admins: @open-telemetry/admins

Bare metal runners

Access to bare metal runners for benchmarking is available to repositories on request (open a community issue), which will give access to the following GitHub-hosted runner:

  • oracle-bare-metal-64cpu-512gb-x86-64

Note: there is only one bare metal runner at this time, so please ensure your workloads are optimized to avoid unnecessary usage.

Admins: @open-telemetry/admins

Linux/s390x runners

IBM provides linux/s390x runners for build and test automation on this platform. Access to these runners is available to repositories on request; please open a community issue to request access. The following runners are currently available:

  • ubuntu-24.04-s390x
  • ubuntu-22.04-s390x

Note: In response to your request, IBM may ask for additional information such as primary use cases for the runner or the link to the current existing actions workflow file(s). At this stage, the action runners are sized to fulfill common build and unit test tasks.

Admin: @rrschulze

Google Cloud account

Link: https://cloud.google.com

Grafana organization for SIG Security

Link: https://grafana.com/orgs/otelsigsecurity

  • Used to provide an overview of open security incidents in the org and historical data on how quickly we respond to incidents
  • Users: SIG-Security Maintainers, Technical and Governance Committees
  • Admins: Juraci Paixão Kröhling @jpkrohling & Armin Ruech @arminru

The GitHub organization open-telemetry-private also exists for this purpose.

Netlify

Link: https://app.netlify.com/login

Oracle Cloud account

Link: https://www.oracle.com/cloud/sign-in.html

  • Admin: @austinlparker (password is available in the OpenTelemetry Governance 1Password)

Develocity

We have a Develocity instance available to Java projects using Gradle build system.

Link: https://develocity.opentelemetry.io

  • GitHub organization secret: DEVELOCITY_ACCESS_KEY
  • Secret stored in the OpenTelemetry Java 1Password vault
  • Admin: @trask

Artifact repositories

NuGet OpenTelemetry organization

Link: https://www.nuget.org/organization/OpenTelemetry

MyGet OpenTelemetryCNCF account

Link: https://www.myget.org/feed/Packages/opentelemetry

NPM OpenTelemetry Organization

Link: https://www.npmjs.com/settings/opentelemetry/packages

  • Ask any of the following people if you need access
  • Owner: Mayur Kale @mayurkale22
  • Admin: Daniel Dyla @dyladan
  • Member: Bogdan Drutu @bogdandrutu

Crates

Link: https://crates.io/teams/github:open-telemetry:rust-publishers

Owners: @open-telemetry/rust-publishers

Maven

Link: https://repo1.maven.org/maven2/io/opentelemetry/

Maven doesn't have the concept of an "organization account", but these individual OpenTelemetry members have been given rights to publish under io.opentelemetry:

PyPI

Link: https://pypi.org/user/opentelemetry/

PHP Extras

SIG Extra Repositories: https://github.com/opentelemetry-php

Owners:

Packagist: https://packagist.org/?query=open-telemetry

Owners:

Communication channels

CNCF Community Group

Used by the End-User SIG to organize events (e.g. OTel Q&A, OTel in Practice, feedback sessions, etc.).

CNCF are the owners of the group, so certain requests (e.g. adding/removing organizers) need to be requested via on of these:

Link: https://community.cncf.io/opentelemetry/

opentelemetry-calendar-contributors Google Group

Used to provide write access to public OpenTelemetry calendar. See docs/how-to-handle-public-calendar.md.

Link: https://groups.google.com/g/opentelemetry-calendar-contributors

OpenTelemetry Calendar Invites Google Group

Used to automatically invite members to all OpenTelemetry calendar events, so that time is blocked on their calendars.

Link: https://groups.google.com/g/opentelemetry-calendar

  • Owners: @mtwo

Mailing list cncf-opentelemetry-net-maintainers@lists.cncf.io

  • Used to register service accounts and as a NuGet OpenTelemetry organization e-mail. All .NET SIG maintainers are part of this list. Owned by CNCF.
  • Admin: add member.

Mailing list cncf-opentelemetry-ruby@lists.cncf.io

Mailing list cncf-opentelemetry-governance@lists.cncf.io

  • Private mailing list for OpenTelemetry Governance Committee.
  • All GC members AND CNCF reps (Amye Scavarda Perrin, Chris Aniszczyk, Taylor Waggoner) are on the list and are list moderators.
  • Admin: CNCF (via CNCF Service Desk ticket).

Zoom accounts

Zapier account

Link: https://zapier.com

Google Workspace accounts

Google account for cncf-opentelemetry-governance@lists.cncf.io

Social media channels

BlueSky

Link: https://bsky.app/profile/opentelemetry.io

Buffer

Used to publish to the different social media channels.

Link: https://publish.buffer.com/

LinkedIn

Link: https://www.linkedin.com/company/opentelemetry

Mastodon

Link: https://fosstodon.org/@opentelemetry

YouTube

Link: https://www.youtube.com/channel/UCHZDBZTIfdy94xMjMKz-_MA/videos

  • Ask any of the following people if you need to manage the feed:
    • Owners: Amye Scavarda Perrin (CNCF rep), Sergey Kanzhelev
    • Managers: Alolita Sharma, Alan West, Austin Parker, Ben Sigelman, Eddy Nakamura

Bot accounts

Related: Guidelines for adding new GitHub extensions.

Easy CLA

This is not really an OpenTelemetry asset as we do not have any credentials or admin access for it.

For support:

Docker Hub

https://hub.docker.com/u/otel is a Docker-Sponsored Open Source organization.

Minimum-scoped Docker Hub organization access tokens should be used to push images.

otelbot

This is a GitHub App owned by @open-telemetry that you can use when automating common GitHub tasks in OpenTelemetry repos such as release automation tasks.

This GitHub App has the following permissions:

  • Read access to metadata
  • Read and write access to pull requests
  • Read access to org members and teams

Admins

This GitHub App addresses two common issues:

  1. Since you can't push directly to main from workflows (due to branch protections), the next best thing is to generate a pull request from the automation and use an account which has signed the CLA as the commit author.

    The OpenTelemetry Bot account has signed the CNCF CLA, and you can assign it as the commit author in your automation:

    git config user.name otelbot
git config user.email 197425009+otelbot@users.noreply.github.com

    It is recommended to push to branch names that start with otelbot/, and to add a branch protection rule for otelbot/**/* with the same setup as documented for dependabot/**/*.

    [!WARNING] Branch protection rule ordering matters, so you will need to delete the **/** branch protection rule temporarily, then add the otelbot/**/* branch protection rule, then add back the **/** branch protection rule.

  2. When you use the built-in secrets.GITHUB_TOKEN to generate a pull request from inside a GitHub Action, workflows will not run on that new pull request without closing and re-opening it manually (this limitation is in place to prevent accidental recursive workflow runs).

    The OpenTelemetry GitHub organization has a GitHub Action secret (OTELBOT_PRIVATE_KEY) and a GitHub Action variable OTELBOT_APP_ID that can be used to create a GitHub App token which will bypass this limitation, e.g.

    - uses: actions/create-github-app-token@v1
  id: app-token
  with:
    app-id: ${{ vars.OTELBOT_APP_ID }}
    private-key: ${{ secrets.OTELBOT_PRIVATE_KEY }}

- name: Create pull request
  env:
    # not using secrets.GITHUB_TOKEN since pull requests from that token do not trigger workflows
    GH_TOKEN: ${{ steps.app-token.outputs.token }}
  run: ...

Warning

The otelbot is and needs to remain a public GitHub App in order for EasyCLA to be able to verify its CLA status.

otelbot (SIG-specific)

SIG-specific otelbot GitHub apps are for repositories that need to run automations with permissions beyond the main otelbot. Each of these apps is scoped to a single repository with dedicated credentials.

Usage in GitHub Actions:

(replacing _JAVA_CONTRIB_ with the SIG-specific name)

- uses: actions/create-github-app-token@v1
  id: app-token
  with:
    app-id: ${{ vars.OTELBOT_JAVA_CONTRIB_APP_ID }}
    private-key: ${{ secrets.OTELBOT_JAVA_CONTRIB_PRIVATE_KEY }}

- name: Automated task
  env:
    GH_TOKEN: ${{ steps.app-token.outputs.token }}
  run: |
    # otelbot is on the EasyCLA allowlist
    git config user.name otelbot
    git config user.email 197425009+otelbot@users.noreply.github.com
    # Your automation commands here

@opentelemetrybot GitHub user

@opentelemetrybot is a GitHub user that can be used for automation that requires a real GitHub user rather than a GitHub App.

For example, the open-telemetry/opentelemetry-operator repository has an automation that sends PRs to external GitHub organizations, and so a real GitHub user is required (at least without asking the external GitHub organization to install a GitHub App).

Slack

The slack user OpenTelemetry Admin is community owned and can be used for self-servicing slack (e.g. as Channel Manager to rename spaces).

Security

The SIG Security has access to the following tools, with GC and TC members welcome to request access to them as well. Find more details under tools on the SIG Security GitHub repository.

  • Advisories Dashboard
  • Snyk