Skip to content

Commit

Permalink
[cicd] add initial cicd attributes to registry (#1075)
Browse files Browse the repository at this point in the history
  • Loading branch information
adrielp authored Jul 19, 2024
1 parent 8c21da3 commit 5b640ca
Show file tree
Hide file tree
Showing 23 changed files with 610 additions and 17 deletions.
24 changes: 24 additions & 0 deletions .chloggen/cicd-reg-attr.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
# Use this changelog template to create an entry for release notes.
#
# If your change doesn't affect end users you should instead start
# your pull request title with [chore] or use the "Skip Changelog" label.

# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix'
change_type: breaking

# The name of the area of concern in the attributes-registry, (e.g. http, cloud, db)
component: cicd, deployment, artifact, test, vcs

# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`).
note: Adds CICD common attributes to the registry.

# Mandatory: One or more tracking issues related to the change. You can use the PR number here if no issue exists.
# The values here must be integers.
issues: [915, 832, 833]

# (Optional) One or more lines of additional information to render under the primary note.
# These lines will be padded with 2 spaces and then inserted directly into the document.
# Use pipe (|) for multiline entries.
subtext: |
- CICD common attributes have been added to the registry.
- `deployment.environment` has been deprecated and moved to `deployment.environment.name`.
8 changes: 8 additions & 0 deletions .github/CODEOWNERS
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
Expand Up @@ -87,3 +87,11 @@
/model/metrics/process-metrics.yaml @open-telemetry/specs-semconv-approvers @open-telemetry/semconv-security-approvers
/model/resource/process.yaml @open-telemetry/specs-semconv-approvers @open-telemetry/semconv-security-approvers
/model/network.yaml @open-telemetry/specs-semconv-approvers @open-telemetry/semconv-security-approvers

# CICD semantic conventions approvers
/model/registry/artifact.yaml @open-telemetry/specs-semconv-approvers @open-telemetry/semconv-cicd-approvers
/model/registry/cicd.yaml @open-telemetry/specs-semconv-approvers @open-telemetry/semconv-cicd-approvers
/model/registry/code.yaml @open-telemetry/specs-semconv-approvers @open-telemetry/semconv-cicd-approvers
/model/registry/deployment.yaml @open-telemetry/specs-semconv-approvers @open-telemetry/semconv-cicd-approvers
/model/registry/test.yaml @open-telemetry/specs-semconv-approvers @open-telemetry/semconv-cicd-approvers
/model/registry/vcs.yaml @open-telemetry/specs-semconv-approvers @open-telemetry/semconv-cicd-approvers
4 changes: 4 additions & 0 deletions .github/ISSUE_TEMPLATE/bug_report.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -20,9 +20,11 @@ body:
# DO NOT manually edit it.
# Start semconv area list
- area:android
- area:artifact
- area:aspnetcore
- area:aws
- area:browser
- area:cicd
- area:client
- area:cloud
- area:cloudevents
Expand Down Expand Up @@ -67,12 +69,14 @@ body:
- area:source
- area:system
- area:telemetry
- area:test
- area:thread
- area:tls
- area:url
- area:user-agent
- area:user
- area:v8js
- area:vcs
- area:webengine
# End semconv area list
- type: textarea
Expand Down
4 changes: 4 additions & 0 deletions .github/ISSUE_TEMPLATE/change_proposal.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,11 @@ body:
# DO NOT manually edit it.
# Start semconv area list
- area:android
- area:artifact
- area:aspnetcore
- area:aws
- area:browser
- area:cicd
- area:client
- area:cloud
- area:cloudevents
Expand Down Expand Up @@ -60,12 +62,14 @@ body:
- area:source
- area:system
- area:telemetry
- area:test
- area:thread
- area:tls
- area:url
- area:user-agent
- area:user
- area:v8js
- area:vcs
- area:webengine
# End semconv area list
- type: textarea
Expand Down
4 changes: 4 additions & 0 deletions .github/ISSUE_TEMPLATE/new-conventions.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -22,9 +22,11 @@ body:
# DO NOT manually edit it.
# Start semconv area list
- area:android
- area:artifact
- area:aspnetcore
- area:aws
- area:browser
- area:cicd
- area:client
- area:cloud
- area:cloudevents
Expand Down Expand Up @@ -69,12 +71,14 @@ body:
- area:source
- area:system
- area:telemetry
- area:test
- area:thread
- area:tls
- area:url
- area:user-agent
- area:user
- area:v8js
- area:vcs
- area:webengine
# End semconv area list
- type: textarea
Expand Down
5 changes: 4 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -34,4 +34,7 @@ package-lock.json
.vscode

# Visual Studio
.vs/
.vs/

# Python
venv
2 changes: 1 addition & 1 deletion .markdown_link_check_config.json
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
"pattern": "^https://github\\.com/open-telemetry/opentelemetry-specification/(issues|pull)"
},
{
"pattern": "^https://github\\.com/open-telemetry/semantic-conventions/(issues|pull)"
"pattern": "^https://github\\.com/open-telemetry/semantic-conventions/(issues|pull|actions)"
}
],
"replacementPatterns": [
Expand Down
4 changes: 4 additions & 0 deletions docs/attributes-registry/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -32,9 +32,11 @@ All registered attributes are listed by namespace in this registry.
Currently, the following namespaces exist:

- [Android](android.md)
- [Artifact](artifact.md)
- [Aspnetcore](aspnetcore.md)
- [AWS](aws.md)
- [Browser](browser.md)
- [CICD](cicd.md)
- [Client](client.md)
- [Cloud](cloud.md)
- [CloudEvents](cloudevents.md)
Expand Down Expand Up @@ -81,12 +83,14 @@ Currently, the following namespaces exist:
- [Source](source.md)
- [System](system.md)
- [Telemetry](telemetry.md)
- [Test](test.md)
- [Thread](thread.md)
- [TLS](tls.md)
- [URL](url.md)
- [User](user.md)
- [User Agent](user-agent.md)
- [V8js](v8js.md)
- [VCS](vcs.md)
- [Webengine](webengine.md)

[developers recommendations]: ../general/attribute-naming.md#recommendations-for-application-developers
35 changes: 35 additions & 0 deletions docs/attributes-registry/artifact.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
<!--- Hugo front matter used to generate the website version of this page:
--->

<!-- NOTE: THIS FILE IS AUTOGENERATED. DO NOT EDIT BY HAND. -->
<!-- see templates/registry/markdown/attribute_namespace.md.j2 -->

# Artifact

## Artifact Attributes

This group describes attributes specific to artifacts. Artifacts are files or other immutable objects that are intended for distribution. This definition aligns directly with the [SLSA](https://slsa.dev/spec/v1.0/terminology#package-model) package model.

| Attribute | Type | Description | Examples | Stability |
| ------------------------------- | ------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------- |
| `artifact.attestation.filename` | string | The provenance filename of the built attestation which directly relates to the build artifact filename. This filename SHOULD accompany the artifact at publish time. See the [SLSA Relationship](https://slsa.dev/spec/v1.0/distributing-provenance#relationship-between-artifacts-and-attestations) specification for more information. | `golang-binary-amd64-v0.1.0.attestation`; `docker-image-amd64-v0.1.0.intoto.json1`; `release-1.tar.gz.attestation`; `file-name-package.tar.gz.intoto.json1` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| `artifact.attestation.hash` | string | The full [hash value (see glossary)](https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf), of the built attestation. Some envelopes in the software attestation space also refer to this as the [digest](https://github.com/in-toto/attestation/blob/main/spec/README.md#in-toto-attestation-framework-spec). | `1b31dfcd5b7f9267bf2ff47651df1cfb9147b9e4df1f335accf65b4cda498408` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| `artifact.attestation.id` | string | The id of the build [software attestation](https://slsa.dev/attestation-model). | `123` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| `artifact.filename` | string | The human readable file name of the artifact, typically generated during build and release processes. Often includes the package name and version in the file name. [1] | `golang-binary-amd64-v0.1.0`; `docker-image-amd64-v0.1.0`; `release-1.tar.gz`; `file-name-package.tar.gz` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| `artifact.hash` | string | The full [hash value (see glossary)](https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf), often found in checksum.txt on a release of the artifact and used to verify package integrity. [2] | `9ff4c52759e2c4ac70b7d517bc7fcdc1cda631ca0045271ddd1b192544f8a3e9` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| `artifact.purl` | string | The [Package URL](https://github.com/package-url/purl-spec) of the [package artifact](https://slsa.dev/spec/v1.0/terminology#package-model) provides a standard way to identify and locate the packaged artifact. | `pkg:github/package-url/purl-spec@1209109710924`; `pkg:npm/foo@12.12.3` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| `artifact.version` | string | The version of the artifact. | `v0.1.0`; `1.2.1`; `122691-build` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |

**[1]:** This file name can also act as the [Package Name](https://slsa.dev/spec/v1.0/terminology#package-model)
in cases where the package ecosystem maps accordingly.
Additionally, the artifact [can be published](https://slsa.dev/spec/v1.0/terminology#software-supply-chain)
for others, but that is not a guarantee.

**[2]:** The specific algorithm used to create the cryptographic hash value is
not defined. In situations where an artifact has multiple
cryptographic hashes, it is up to the implementer to choose which
hash value to set here; this should be the most secure hash algorithm
that is suitable for the situation and consistent with the
corresponding attestation. The implementer can then provide the other
hash values through an additional set of attribute extensions as they
deem necessary.
28 changes: 28 additions & 0 deletions docs/attributes-registry/cicd.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
<!--- Hugo front matter used to generate the website version of this page:
--->

<!-- NOTE: THIS FILE IS AUTOGENERATED. DO NOT EDIT BY HAND. -->
<!-- see templates/registry/markdown/attribute_namespace.md.j2 -->

# CICD

## CICD Pipeline Attributes

This group describes attributes specific to pipelines within a Continuous Integration and Continuous Deployment (CI/CD) system. A [pipeline](<https://en.wikipedia.org/wiki/Pipeline_(computing)>) in this case is a series of steps that are performed in order to deliver a new version of software. This aligns with the [Britannica](https://www.britannica.com/dictionary/pipeline) definition of a pipeline where a **pipeline** is the system for developing and producing something. In the context of CI/CD, a pipeline produces or delivers software.

| Attribute | Type | Description | Examples | Stability |
| --------------------------------- | ------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------- |
| `cicd.pipeline.name` | string | The human readable name of the pipeline within a CI/CD system. | `Build and Test`; `Lint`; `Deploy Go Project`; `deploy_to_environment` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| `cicd.pipeline.run.id` | string | The unique identifier of a pipeline run within a CI/CD system. | `120912` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| `cicd.pipeline.task.name` | string | The human readable name of a task within a pipeline. Task here most closely aligns with a [computing process](<https://en.wikipedia.org/wiki/Pipeline_(computing)>) in a pipeline. Other terms for tasks include commands, steps, and procedures. | `Run GoLang Linter`; `Go Build`; `go-test`; `deploy_binary` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| `cicd.pipeline.task.run.id` | string | The unique identifier of a task run within a pipeline. | `12097` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| `cicd.pipeline.task.run.url.full` | string | The [URL](https://en.wikipedia.org/wiki/URL) of the pipeline run providing the complete address in order to locate and identify the pipeline run. | `https://github.com/open-telemetry/semantic-conventions/actions/runs/9753949763/job/26920038674?pr=1075` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| `cicd.pipeline.task.type` | string | The type of the task within a pipeline. | `build`; `test`; `deploy` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |

`cicd.pipeline.task.type` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.

| Value | Description | Stability |
| -------- | ----------- | ---------------------------------------------------------------- |
| `build` | build | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| `deploy` | deploy | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| `test` | test | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
Loading

0 comments on commit 5b640ca

Please sign in to comment.