Skip to content

Latest commit

 

History

History
362 lines (245 loc) · 16 KB

assets.md

File metadata and controls

362 lines (245 loc) · 16 KB

OpenTelemetry managed assets

This file is intended to list all the assets controlled by OpenTelemetry.

Credential Storage

Community Resource Accounts

Actuated

Link: https://actuated.dev/blog/arm-ci-cncf-ampere Doc: Using Actuated

  • GitHub App available for repositories to get ARM64 Actions runners.
  • Admin: N/A. The program is managed by the CNCF and Actuated. The only available admin task is to add the GitHub App to a repository.

AWS account

Link: http://cncf-aws-opentelemetry.signin.aws.amazon.com/

  • Community account to published Lambda layers
  • Admin: Alex Boten @codeboten & Anthony Mirabella @aneurysm9

Equinix bare metal

Link: https://console.equinix.com/projects/6f1c9af6-0470-42da-8f22-59d0df245f6b

  • Reserved bare metal machines for the community to run performance tests and other assets on
  • Admin: Juraci Paixão Kröhling @jpkrohling and OTel TC via the mailing list address

GitHub-hosted ARM64 runners

These Linux and Windows ARM64 GitHub-hosted runners are available to OpenTelemetry repositories:

  • otel-linux-arm64 (4-core)
  • otel-windows-arm64 (4-core)

At the time of writing, both of these runners have a concurrency limit of 20 jobs.

Individual repositories need to be granted access to the runners, so please open a community issue if you would like to use them.

Note: these pay-as-you-go GitHub-hosted runners for ARM64 are available for free for CNCF projects. CNCF and GitHub expect fair use of these provided resources. Please ensure your workloads are optimized to avoid unnecessary usage.

Google Cloud account

Link: https://cloud.google.com

Grafana organization for SIG Security

Link: https://grafana.com/orgs/otelsigsecurity

  • Used to provide an overview of open security incidents in the org and historical data on how quickly we respond to incidents
  • Users: SIG-Security Maintainers, Technical and Governance Committees
  • Admins: Juraci Paixão Kröhling @jpkrohling & Armin Ruech @arminru

The GitHub organization open-telemetry-private also exists for this purpose.

Netlify

Link: https://app.netlify.com/login

Oracle Cloud account

Link: https://www.oracle.com/cloud/sign-in.html

  • Community account to run CLOWarden
  • Admin: @austinlparker (password is available in the OpenTelemetry Governance 1Password)

Artifact repositories

NuGet OpenTelemetry organization

Link: https://www.nuget.org/organization/OpenTelemetry

  • All .NET SIG maintainers are administrators of this organization.
  • Organization e-mail ([email protected]) is owned by CNCF.

MyGet OpenTelemetryCNCF account

Link: https://www.myget.org/feed/Packages/opentelemetry

  • registered under the service account ([email protected]).
  • Individual accounts of .NET SIG maintainers are administrators of the OpenTelemetry feed.
  • Admin: manage members.

NPM OpenTelemetry Organization

Link: https://www.npmjs.com/settings/opentelemetry/packages

  • Ask any of the following people if you need access
  • Owner: Mayur Kale @mayurkale22
  • Admin: Daniel Dyla @dyladan
  • Member: Bogdan Drutu @bogdandrutu

Crates

Link: https://crates.io/teams/github:open-telemetry:rust-publishers

Owners: @open-telemetry/rust-publishers

Maven

Link: https://repo1.maven.org/maven2/io/opentelemetry/

Maven doesn't have the concept of an "organization account", but these individual OpenTelemetry members have been given rights to publish under io.opentelemetry:

PyPI

Link: https://pypi.org/user/opentelemetry/

Communication channels

CNCF Community Group

Used by the End-User SIG to organize events (e.g. OTel Q&A, OTel in Practice, feedback sessions, etc.).

CNCF are the owners of the group, so certain requests (e.g. adding/removing organizers) need to be requested via on of these:

Link: https://community.cncf.io/opentelemetry/

opentelemetry-calendar-contributors Google Group

Used to provide write access to public OpenTelemetry calendar. See docs/how-to-handle-public-calendar.md.

Link: https://groups.google.com/g/opentelemetry-calendar-contributors

OpenTelemetry Calendar Invites Google Group

Used to automatically invite members to all OpenTelemetry calendar events, so that time is blocked on their calendars.

Link: https://groups.google.com/g/opentelemetry-calendar

  • Owners: @mtwo

Mailing list [email protected]

  • Used to register service accounts and as a NuGet OpenTelemetry organization e-mail. All .NET SIG maintainers are part of this list. Owned by CNCF.
  • Admin: add member.

Mailing list [email protected]

Mailing list [email protected]

  • Private mailing list for OpenTelemetry Governance Committee.
  • All GC members AND CNCF reps (Amye Scavarda Perrin, Chris Aniszczyk, Taylor Waggoner) are on the list and are list moderators.
  • Admin: CNCF (via CNCF Service Desk ticket).

YouTube channel OpenTelemetry

Link: https://www.youtube.com/channel/UCHZDBZTIfdy94xMjMKz-_MA/videos

  • Ask any of the following people if you need to manage the feed:
    • Owners: Amye Scavarda Perrin (CNCF rep), Sergey Kanzhelev
    • Managers: Alolita Sharma, Alan West, Austin Parker, Ben Sigelman, Eddy Nakamura

Zoom accounts

Zapier account

Link: https://zapier.com

Google Workspace accounts

Google account for [email protected]

Bot accounts

Related: Guidelines for adding new GitHub extensions.

Easy CLA

This is not really an OpenTelemetry asset as we do not have any credentials or admin access for it.

For support:

Docker Hub

  • We publish images from CI to Docker hub using https://hub.docker.com/u/otelbot account. The bot is registered using [email protected] email address and Technical Committee members are owners of this account. The Admin for bot security credentials for CI is @tigrannajaryan

OpenTelemetry Bot

This is a community-owned bot account that you can use when automating common GitHub tasks (e.g. release automation tasks).

Important: You do not need to (and should not) give this account any permissions to any OpenTelemetry repository.

Link: @opentelemetrybot

The OpenTelemetry Bot addresses two common issues:

  1. Since you can't push directly to main from workflows (due to branch protections), the next best thing is to generate a pull request from the automation and use an account which has signed the CLA as the commit author.

    The OpenTelemetry Bot account has signed the CNCF CLA, and you can assign it as the commit author in your automation:

    git config user.name opentelemetrybot
    git config user.email [email protected]
    

    It is recommended to push to branch names that start with opentelemetrybot/, and to add a branch protection rule for opentelemetrybot/**/** with the same setup as documented for dependabot/**/**. Note that branch protection rule ordering matters, so you will need to delete the **/** branch protection rule temporarily, then add the opentelemetrybot/**/** branch protection rule, then add back the **/** branch protection rule.

  2. When you use the built-in secrets.GITHUB_TOKEN to generate a pull request from inside of a GitHub Action, workflows will not run on that new pull request without closing and re-opening it manually (this limitation is in place to prevent accidental recursive workflow runs).

    The OpenTelemetry GitHub organization has a GitHub Action secret named OPENTELEMETRYBOT_GITHUB_TOKEN, which is a Personal Access Token for @opentelemetrybot with public_repo scope for the OpenTelemetry Bot that you can use to bypass this limitation.

    The personal access token also has workflow scope which is needed when merging upstream changes of .github/workflow files into opentelemetrybot's forks (these forks are used for automatically opening PRs against external repos).

    Maintainers can open an issue in the community repository to have their repository granted access to this organization secret.

Slack

The slack user OpenTelemetry Admin is community owned and can be used for self-servicing slack (e.g. as Channel Manager to rename spaces).

Security

The SIG Security has access to the following tools, with GC and TC members welcome to request access to them as well. Find more details under tools on the SIG Security GitHub repository.

  • Advisories Dashboard
  • Snyk