Merge remote-tracking branch 'upstream/main' into process-fields

.chloggen/1216.yaml

@@ -0,0 +1,5 @@
+change_type: breaking
+component: tls
+note: >
+  Deprecate `tls.client.server_name attribute` in favor of common `server.address`.
+issues: [ 1211, 1216 ]

.chloggen/cicd-reg-attr.yaml

@@ -0,0 +1,24 @@
+# Use this changelog template to create an entry for release notes.
+#
+# If your change doesn't affect end users you should instead start
+# your pull request title with [chore] or use the "Skip Changelog" label.
+
+# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix'
+change_type: breaking
+
+# The name of the area of concern in the attributes-registry, (e.g. http, cloud, db)
+component: cicd, deployment, artifact, test, vcs
+
+# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`).
+note: Adds CICD common attributes to the registry.
+
+# Mandatory: One or more tracking issues related to the change. You can use the PR number here if no issue exists.
+# The values here must be integers.
+issues: [915, 832, 833]
+
+# (Optional) One or more lines of additional information to render under the primary note.
+# These lines will be padded with 2 spaces and then inserted directly into the document.
+# Use pipe (|) for multiline entries.
+subtext: |
+  - CICD common attributes have been added to the registry.
+  - `deployment.environment` has been deprecated and moved to `deployment.environment.name`.

.github/CODEOWNERS

@@ -23,7 +23,7 @@
 /model/logs/                        @open-telemetry/specs-semconv-approvers @tigrannajaryan
 /docs/exceptions/exceptions-logs.md       @open-telemetry/specs-semconv-approvers @tigrannajaryan
 /docs/feature-flags/feature-flags-logs.md @open-telemetry/specs-semconv-approvers @tigrannajaryan
-/docs/general/events-general.md           @open-telemetry/specs-semconv-approvers @tigrannajaryan
+/docs/general/events-general.md           @open-telemetry/specs-semconv-approvers @open-telemetry/semconv-event-approvers @tigrannajaryan
 /docs/general/logs-general.md             @open-telemetry/specs-semconv-approvers @tigrannajaryan
 /docs/logs/                               @open-telemetry/specs-semconv-approvers @tigrannajaryan
 
@@ -87,3 +87,11 @@
 /model/metrics/process-metrics.yaml @open-telemetry/specs-semconv-approvers @open-telemetry/semconv-security-approvers
 /model/resource/process.yaml @open-telemetry/specs-semconv-approvers @open-telemetry/semconv-security-approvers
 /model/network.yaml @open-telemetry/specs-semconv-approvers @open-telemetry/semconv-security-approvers
+
+# CICD semantic conventions approvers
+/model/registry/artifact.yaml @open-telemetry/specs-semconv-approvers @open-telemetry/semconv-cicd-approvers
+/model/registry/cicd.yaml @open-telemetry/specs-semconv-approvers @open-telemetry/semconv-cicd-approvers
+/model/registry/code.yaml @open-telemetry/specs-semconv-approvers @open-telemetry/semconv-cicd-approvers
+/model/registry/deployment.yaml @open-telemetry/specs-semconv-approvers @open-telemetry/semconv-cicd-approvers
+/model/registry/test.yaml @open-telemetry/specs-semconv-approvers @open-telemetry/semconv-cicd-approvers
+/model/registry/vcs.yaml @open-telemetry/specs-semconv-approvers @open-telemetry/semconv-cicd-approvers

.github/ISSUE_TEMPLATE/bug_report.yaml

@@ -20,9 +20,11 @@ body:
         # DO NOT manually edit it.
         # Start semconv area list
         - area:android
+        - area:artifact
         - area:aspnetcore
         - area:aws
         - area:browser
+        - area:cicd
         - area:client
         - area:cloud
         - area:cloudevents
@@ -67,12 +69,14 @@ body:
         - area:source
         - area:system
         - area:telemetry
+        - area:test
         - area:thread
         - area:tls
         - area:url
         - area:user-agent
         - area:user
         - area:v8js
+        - area:vcs
         - area:webengine
         # End semconv area list
   - type: textarea

.github/ISSUE_TEMPLATE/change_proposal.yaml

@@ -13,9 +13,11 @@ body:
         # DO NOT manually edit it.
         # Start semconv area list
         - area:android
+        - area:artifact
         - area:aspnetcore
         - area:aws
         - area:browser
+        - area:cicd
         - area:client
         - area:cloud
         - area:cloudevents
@@ -60,12 +62,14 @@ body:
         - area:source
         - area:system
         - area:telemetry
+        - area:test
         - area:thread
         - area:tls
         - area:url
         - area:user-agent
         - area:user
         - area:v8js
+        - area:vcs
         - area:webengine
         # End semconv area list
   - type: textarea

.github/ISSUE_TEMPLATE/new-conventions.yaml

@@ -22,9 +22,11 @@ body:
         # DO NOT manually edit it.
         # Start semconv area list
         - area:android
+        - area:artifact
         - area:aspnetcore
         - area:aws
         - area:browser
+        - area:cicd
         - area:client
         - area:cloud
         - area:cloudevents
@@ -69,12 +71,14 @@ body:
         - area:source
         - area:system
         - area:telemetry
+        - area:test
         - area:thread
         - area:tls
         - area:url
         - area:user-agent
         - area:user
         - area:v8js
+        - area:vcs
         - area:webengine
         # End semconv area list
   - type: textarea

.github/workflows/scripts/prepare-new-issue.sh

@@ -15,6 +15,14 @@
 
 set -euo pipefail
 
+OS=$(uname | tr '[:upper:]' '[:lower:]')
+
+if [[ "${OS}" == "darwin" ]]; then
+  SED="gsed"
+else
+  SED="sed"
+fi
+
 if [[ -z "${ISSUE:-}" || -z "${BODY:-}" || -z "${OPENER:-}" ]]; then
   echo "Missing one of ISSUE, BODY, or OPENER, please ensure all are set."
   exit 0
@@ -25,7 +33,7 @@ AREAS_SECTION_START=$( (echo "${BODY}" | grep -n '### Area(s)' | awk '{ print $1
 BODY_AREAS=""
 
 if [[ "${AREAS_SECTION_START}" != '-1' ]]; then
-  BODY_AREAS=$(echo "${BODY}" | sed -n $((AREAS_SECTION_START+2))p)
+    BODY_AREAS=$(echo "${BODY}" | "${SED}" -n $((AREAS_SECTION_START+2))p)
 fi
 
 for AREA in ${BODY_AREAS}; do

.gitignore

@@ -34,4 +34,10 @@ package-lock.json
 .vscode
 
 # Visual Studio
-.vs/
+.vs/
+
+# Python
+venv
+
+# Brew package lock
+Brewfile.lock.json

.markdown_link_check_config.json

@@ -4,7 +4,7 @@
       "pattern": "^https://github\\.com/open-telemetry/opentelemetry-specification/(issues|pull)"
     },
     {
-      "pattern": "^https://github\\.com/open-telemetry/semantic-conventions/(issues|pull)"
+      "pattern": "^https://github\\.com/open-telemetry/semantic-conventions/(issues|pull|actions)"
     }
   ],
   "replacementPatterns": [

Brewfile

@@ -0,0 +1 @@
+brew "gsed"

CONTRIBUTING.md

@@ -80,6 +80,13 @@ environment configured:
   npm install
   ```
 
+- If on MacOs, ensure you have `gsed` (GNU Sed) installed. If you have [HomeBrew](https://brew.sh)
+  installed, then you can run the following command to install GSED.
+
+  ```bash
+  brew bundle
+  ```
+
 ### 1. Modify the YAML model
 
 Refer to the

Makefile

@@ -2,6 +2,14 @@
 ALL_DOCS := $(shell find . -type f -name '*.md' -not -path './.github/*' -not -path './node_modules/*' | sort)
 PWD := $(shell pwd)
 
+# Determine OS & Arch for specific OS only tools on Unix based systems
+OS := $(shell uname | tr '[:upper:]' '[:lower:]')
+ifeq ($(OS),darwin)
+	SED := gsed
+else
+	SED := sed
+endif
+
 TOOLS_DIR := ./internal/tools
 
 MISSPELL_BINARY=bin/misspell
@@ -151,7 +159,7 @@ table-check:
 #
 # .. which is why some additional processing is required to extract the
 # latest version number and strip off the "v" prefix.
-LATEST_RELEASED_SEMCONV_VERSION := $(shell git ls-remote --tags https://github.com/open-telemetry/semantic-conventions.git | cut -f 2 | sort --reverse | head -n 1 | tr '/' ' ' | cut -d ' ' -f 3 | sed 's/v//g')
+LATEST_RELEASED_SEMCONV_VERSION := $(shell git ls-remote --tags https://github.com/open-telemetry/semantic-conventions.git | cut -f 2 | sort --reverse | head -n 1 | tr '/' ' ' | cut -d ' ' -f 3 | $(SED) 's/v//g')
 .PHONY: compatibility-check
 compatibility-check:
 	docker run --rm -v $(PWD)/model:/source -v $(PWD)/docs:/spec --pull=always \

docs/attributes-registry/README.md

@@ -32,9 +32,11 @@ All registered attributes are listed by namespace in this registry.
 Currently, the following namespaces exist:
 
 - [Android](android.md)
+- [Artifact](artifact.md)
 - [Aspnetcore](aspnetcore.md)
 - [AWS](aws.md)
 - [Browser](browser.md)
+- [CICD](cicd.md)
 - [Client](client.md)
 - [Cloud](cloud.md)
 - [CloudEvents](cloudevents.md)
@@ -81,12 +83,14 @@ Currently, the following namespaces exist:
 - [Source](source.md)
 - [System](system.md)
 - [Telemetry](telemetry.md)
+- [Test](test.md)
 - [Thread](thread.md)
 - [TLS](tls.md)
 - [URL](url.md)
 - [User](user.md)
 - [User Agent](user-agent.md)
 - [V8js](v8js.md)
+- [VCS](vcs.md)
 - [Webengine](webengine.md)
 
 [developers recommendations]: ../general/attribute-naming.md#recommendations-for-application-developers

docs/attributes-registry/artifact.md

@@ -0,0 +1,35 @@
+<!--- Hugo front matter used to generate the website version of this page:
+--->
+
+<!-- NOTE: THIS FILE IS AUTOGENERATED. DO NOT EDIT BY HAND. -->
+<!-- see templates/registry/markdown/attribute_namespace.md.j2 -->
+
+# Artifact
+
+## Artifact Attributes
+
+This group describes attributes specific to artifacts. Artifacts are files or other immutable objects that are intended for distribution. This definition aligns directly with the [SLSA](https://slsa.dev/spec/v1.0/terminology#package-model) package model.
+
+| Attribute                       | Type   | Description                                                                                                                                                                                                                                                                                                                              | Examples                                                                                                                                                    | Stability                                                        |
+| ------------------------------- | ------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------- |
+| `artifact.attestation.filename` | string | The provenance filename of the built attestation which directly relates to the build artifact filename. This filename SHOULD accompany the artifact at publish time. See the [SLSA Relationship](https://slsa.dev/spec/v1.0/distributing-provenance#relationship-between-artifacts-and-attestations) specification for more information. | `golang-binary-amd64-v0.1.0.attestation`; `docker-image-amd64-v0.1.0.intoto.json1`; `release-1.tar.gz.attestation`; `file-name-package.tar.gz.intoto.json1` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
+| `artifact.attestation.hash`     | string | The full [hash value (see glossary)](https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf), of the built attestation. Some envelopes in the software attestation space also refer to this as the [digest](https://github.com/in-toto/attestation/blob/main/spec/README.md#in-toto-attestation-framework-spec).                     | `1b31dfcd5b7f9267bf2ff47651df1cfb9147b9e4df1f335accf65b4cda498408`                                                                                          | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
+| `artifact.attestation.id`       | string | The id of the build [software attestation](https://slsa.dev/attestation-model).                                                                                                                                                                                                                                                          | `123`                                                                                                                                                       | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
+| `artifact.filename`             | string | The human readable file name of the artifact, typically generated during build and release processes. Often includes the package name and version in the file name. [1]                                                                                                                                                                  | `golang-binary-amd64-v0.1.0`; `docker-image-amd64-v0.1.0`; `release-1.tar.gz`; `file-name-package.tar.gz`                                                   | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
+| `artifact.hash`                 | string | The full [hash value (see glossary)](https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf), often found in checksum.txt on a release of the artifact and used to verify package integrity. [2]                                                                                                                                     | `9ff4c52759e2c4ac70b7d517bc7fcdc1cda631ca0045271ddd1b192544f8a3e9`                                                                                          | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
+| `artifact.purl`                 | string | The [Package URL](https://github.com/package-url/purl-spec) of the [package artifact](https://slsa.dev/spec/v1.0/terminology#package-model) provides a standard way to identify and locate the packaged artifact.                                                                                                                        | `pkg:github/package-url/purl-spec@1209109710924`; `pkg:npm/[email protected]`                                                                                     | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
+| `artifact.version`              | string | The version of the artifact.                                                                                                                                                                                                                                                                                                             | `v0.1.0`; `1.2.1`; `122691-build`                                                                                                                           | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
+
+**[1]:** This file name can also act as the [Package Name](https://slsa.dev/spec/v1.0/terminology#package-model)
+in cases where the package ecosystem maps accordingly.
+Additionally, the artifact [can be published](https://slsa.dev/spec/v1.0/terminology#software-supply-chain)
+for others, but that is not a guarantee.
+
+**[2]:** The specific algorithm used to create the cryptographic hash value is
+not defined. In situations where an artifact has multiple
+cryptographic hashes, it is up to the implementer to choose which
+hash value to set here; this should be the most secure hash algorithm
+that is suitable for the situation and consistent with the
+corresponding attestation. The implementer can then provide the other
+hash values through an additional set of attribute extensions as they
+deem necessary.