[chore] Make build fully support podman-is-docker. (open-telemetry#2080)

Co-authored-by: Liudmila Molkova <[email protected]>

Author: michaelsafyan

.github/workflows/build-system-check.yml

@@ -0,0 +1,103 @@
+name: Build System Check
+
+on:
+  push:
+   paths:
+   - 'Makefile'
+   - 'dependencies.Dockerfile'
+   - 'internal/tools/**'
+  pull_request:
+   paths:
+   - 'Makefile'
+   - 'dependencies.Dockerfile'
+   - 'internal/tools/**'
+
+jobs:
+
+  # Ensure that invoking "make" without a specific build target will succeed.
+  make-default-target:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        container-runner: ["docker", "podman"]
+    steps:
+    - name: install podman and podman-docker
+      if: ${{ matrix.container-runner == 'podman' }}
+      run: sudo apt-get install podman podman-docker
+
+    - name: check out code
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+    - name: install dependencies
+      run: npm install
+
+    - name: invoke make
+      run: make
+      env:
+        LYCHEE_GITHUB_TOKEN: ${{ github.token }}
+
+
+  # The "CONTRIBUTING.md" guide provides these make targets for regenerating the files;
+  # ensure that the steps in the "CONTRIBUTING.md" guide continue to work.
+  make-generation-from-contributing-guide:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        container-runner: ["docker", "podman"]
+    steps:
+    - name: install podman and podman-docker
+      if: ${{ matrix.container-runner == 'podman' }}
+      run: sudo apt-get install podman podman-docker
+
+    - name: check out code
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+    - name: install dependencies
+      run: npm install
+
+    - name: invoke make
+      run: make table-generation attribute-registry-generation
+
+  # The "CONTRIBUTING.md" guide provides these make targets for verifying the policies;
+  # ensure that the steps in the "CONTRIBUTING.md" guide continue to work.
+  make-check-policies-from-contributing-guide:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        container-runner: ["docker", "podman"]
+    steps:
+    - name: install podman and podman-docker
+      if: ${{ matrix.container-runner == 'podman' }}
+      run: sudo apt-get install podman podman-docker
+
+    - name: check out code
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+    - name: install dependencies
+      run: npm install
+
+    - name: invoke make
+      run: make check-policies
+
+  # The "CONTRIBUTING.md" guide provides these make targets for doing a last minute full
+  # check over the entire repo before attempting to send a PR. Make sure this succeeds.
+  make-check-from-contributing-guide:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        container-runner: ["docker", "podman"]
+    steps:
+    - name: install podman and podman-docker
+      if: ${{ matrix.container-runner == 'podman' }}
+      run: sudo apt-get install podman podman-docker
+
+    - name: check out code
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+    - name: install dependencies
+      run: npm install
+
+    - name: invoke make
+      run: make check
+      env:
+        LYCHEE_GITHUB_TOKEN: ${{ github.token }}

.github/workflows/checks.yml

@@ -46,6 +46,8 @@ jobs:
 
     - name: run markdown-link-check
       run: make markdown-link-check
+      env:
+        LYCHEE_GITHUB_TOKEN: ${{ github.token }}
 
   markdown-toc-check:
     runs-on: ubuntu-latest
@@ -74,14 +76,16 @@ jobs:
   semantic-conventions:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+    - name: check out code
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
     - name: verify semantic convention tables
       run: make table-check
 
   semantic-conventions-registry:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+    - name: check out code
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
     - name: verify registry tables
       run: |
         make attribute-registry-generation
@@ -90,7 +94,8 @@ jobs:
   schemas-check:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+    - name: check out code
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
     - name: verify schemas
       run: make schema-check
 
@@ -106,14 +111,16 @@ jobs:
   policies-check:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+    - name: check out code
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
     - name: verify semantic conventions yaml definitions
       run: make check-policies
 
   polices-test:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+    - name: check out code
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
     - name: verify semantic conventions yaml definitions
       run: make test-policies
 

Makefile

@@ -10,6 +10,13 @@ else
 	SED ?= sed
 endif
 
+
+ifeq ($(LYCHEE_GITHUB_TOKEN),)
+  LYCHEE_GITHUB_TOKEN_ARG :=
+else:
+  LYCHEE_GITHUB_TOKEN_ARG := --env GITHUB_TOKEN=$(LYCHEE_GITHUB_TOKEN)
+endif
+
 TOOLS_DIR := $(PWD)/internal/tools
 
 MARKDOWN_LINK_CHECK_ARG= # pass extra arguments such as --exclude '^http'
@@ -27,13 +34,15 @@ CONTAINER_REPOSITORY=docker.io
 WEAVER_CONTAINER_REPOSITORY=$(CONTAINER_REPOSITORY)
 SEMCONVGEN_CONTAINER_REPOSITORY=$(CONTAINER_REPOSITORY)
 OPA_CONTAINER_REPOSITORY=$(CONTAINER_REPOSITORY)
+LYCHEE_CONTAINER_REPOSITORY=$(CONTAINER_REPOSITORY)
 
 # Versioned, non-qualified references to containers used in this Makefile.
 # These are parsed from dependencies.Dockerfile so dependabot will autoupdate
 # the versions of docker files we use.
 VERSIONED_WEAVER_CONTAINER_NO_REPO=$(shell cat dependencies.Dockerfile | awk '$$4=="weaver" {print $$2}')
 VERSIONED_SEMCONVGEN_CONTAINER_NO_REPO=$(shell cat dependencies.Dockerfile | awk '$$4=="semconvgen" {print $$2}')
 VERSIONED_OPA_CONTAINER_NO_REPO=$(shell cat dependencies.Dockerfile | awk '$$4=="opa" {print $$2}')
+VERSIONED_LYCHEE_CONTAINER_NO_REPO=$(shell cat dependencies.Dockerfile | awk '$$4=="lychee" {print $$2}')
 
 # Fully qualified references to containers used in this Makefile. These
 # include the container repository, so that the build will work with tools
@@ -46,7 +55,7 @@ VERSIONED_OPA_CONTAINER_NO_REPO=$(shell cat dependencies.Dockerfile | awk '$$4==
 WEAVER_CONTAINER=$(WEAVER_CONTAINER_REPOSITORY)/$(VERSIONED_WEAVER_CONTAINER_NO_REPO)
 SEMCONVGEN_CONTAINER=$(SEMCONVGEN_CONTAINER_REPOSITORY)/$(VERSIONED_SEMCONVGEN_CONTAINER_NO_REPO)
 OPA_CONTAINER=$(OPA_CONTAINER_REPOSITORY)/$(VERSIONED_OPA_CONTAINER_NO_REPO)
-
+LYCHEE_CONTAINER=$(LYCHEE_CONTAINER_REPOSITORY)/$(VERSIONED_LYCHEE_CONTAINER_NO_REPO)
 
 CHECK_TARGETS=install-tools markdownlint misspell table-check compatibility-check \
 			schema-check check-file-and-folder-names-in-docs
@@ -121,22 +130,23 @@ normalized-link-check:
 
 .PHONY: markdown-link-check
 markdown-link-check: normalized-link-check
-    # pinning lychee to 0.18.1
 	$(DOCKER_RUN) --rm \
-		--mount 'type=bind,source=$(PWD),target=/home/repo' \
-		lycheeverse/lychee:sha-2aa22f8 \
+	    $(DOCKER_USER_IS_HOST_USER_ARG) \
+		--mount 'type=bind,source=$(PWD),target=/home/repo' $(LYCHEE_GITHUB_TOKEN_ARG) \
+		$(LYCHEE_CONTAINER) \
 		--config home/repo/.lychee.toml \
 		--root-dir /home/repo \
 		--verbose \
+		--timeout=60 \
 		$(MARKDOWN_LINK_CHECK_ARG) \
 		home/repo
 
 .PHONY: markdown-link-check-changelog-preview
 markdown-link-check-changelog-preview:
-    # pinning lychee to 0.18.1
 	$(DOCKER_RUN) --rm \
-		--mount 'type=bind,source=$(PWD),target=/home/repo' \
-		lycheeverse/lychee:sha-2aa22f8 \
+	   $(DOCKER_USER_IS_HOST_USER_ARG) \
+		--mount 'type=bind,source=$(PWD),target=/home/repo' $(LYCHEE_GITHUB_TOKEN_ARG) \
+		$(LYCHEE_CONTAINER) \
 		--config /home/repo/.lychee.toml \
 		--root-dir /home/repo \
 		--verbose \
@@ -212,6 +222,7 @@ attribute-registry-generation:
 .PHONY: table-check
 table-check:
 	$(DOCKER_RUN) --rm \
+     	$(DOCKER_USER_IS_HOST_USER_ARG) \
 		--mount 'type=bind,source=$(PWD)/templates,target=/home/weaver/templates,readonly' \
 		--mount 'type=bind,source=$(PWD)/model,target=/home/weaver/source,readonly' \
 		--mount 'type=bind,source=$(PWD)/docs,target=/home/weaver/target,readonly' \
@@ -300,6 +311,10 @@ LATEST_RELEASED_SEMCONV_VERSION := $(shell git ls-remote --tags https://github.c
 .PHONY: check-policies
 check-policies:
 	$(DOCKER_RUN) --rm \
+	    $(DOCKER_USER_IS_HOST_USER_ARG) \
+		--env USER=weaver \
+		--env HOME=/home/weaver \
+		-v $(shell mktemp -d):/home/weaver/.weaver \
 		--mount 'type=bind,source=$(PWD)/policies,target=/home/weaver/policies,readonly' \
 		--mount 'type=bind,source=$(PWD)/model,target=/home/weaver/source,readonly' \
 		${WEAVER_CONTAINER} registry check \
@@ -310,7 +325,7 @@ check-policies:
 # Test rego policies
 .PHONY: test-policies
 test-policies:
-	$(DOCKER_RUN) --rm -v $(PWD)/policies:/policies -v $(PWD)/policies_test:/policies_test \
+	$(DOCKER_RUN) --rm $(DOCKER_USER_IS_HOST_USER_ARG) -v $(PWD)/policies:/policies -v $(PWD)/policies_test:/policies_test \
 	${OPA_CONTAINER} test \
     --var-values \
 	--explain fails \
@@ -321,5 +336,5 @@ test-policies:
 # once github action requirements are updated.
 .PHONY: compatibility-check
 compatibility-check:
-	$(DOCKER_RUN) --rm -v $(PWD)/model:/source -v $(PWD)/docs:/spec --pull=always \
+	$(DOCKER_RUN) --rm $(DOCKER_USER_IS_HOST_USER_ARG) -v $(PWD)/model:/source -v $(PWD)/docs:/spec --pull=always \
 		$(SEMCONVGEN_CONTAINER) --continue-on-validation-errors -f /source compatibility --previous-version $(LATEST_RELEASED_SEMCONV_VERSION)

README.md

@@ -1,6 +1,6 @@
 # <img src="https://opentelemetry.io/img/logos/opentelemetry-logo-nav.png" alt="OpenTelemetry Icon" width="45" height=""> OpenTelemetry Semantic Conventions
 
-[![Checks](https://github.com/open-telemetry/semantic-conventions/workflows/Checks/badge.svg?branch=main)](https://github.com/open-telemetry/semantic-conventions/actions?query=workflow%3A%22Checks%22+branch%3Amain)
+[![Checks](https://github.com/open-telemetry/semantic-conventions/workflows/Checks/badge.svg)](https://github.com/open-telemetry/semantic-conventions/actions?query=workflow%3A%22Checks%22+branch%3Amain)
 [![GitHub tag (latest SemVer)](https://img.shields.io/github/tag/open-telemetry/semantic-conventions.svg?logo=opentelemetry&&color=f5a800&label=Latest%20release)](https://github.com/open-telemetry/semantic-conventions/releases/latest)
 [![Specification Version](https://img.shields.io/badge/OTel_specification_version-v1.44.0-blue?logo=opentelemetry&color=f5a800)](https://github.com/open-telemetry/opentelemetry-specification/releases/tag/v1.44.0)
 

dependencies.Dockerfile

@@ -11,3 +11,6 @@ FROM openpolicyagent/opa:1.3.0@sha256:e02dc1957f7a4195f0724762269dfe3309f1334462
 # Semconv gen is used for backwards compatibility checks.
 # TODO(jsuereth): Remove this when no longer used.
 FROM otel/semconvgen:0.25.0@sha256:9df7b8cbaa732277d64d0c0a8604d96bb6f5a36d0e96338cba5dced720c16485 AS semconvgen
+
+# Lychee is used for checking links in documentation.
+FROM lycheeverse/lychee:sha-2aa22f8@sha256:07abefbbc446f9987f9a1f05016e620983c7c70889ee5a1fd00a749d8f53352e AS lychee

internal/tools/schema_check.sh

@@ -84,8 +84,10 @@ for file in $schemas_dir/*; do
     exit 2
   fi
 
-  docker run -v $schemas_dir:/schemas \
-  		otel/build-tool-schemas:$BUILD_TOOL_SCHEMAS_VERSION --file /schemas/$ver --version=$ver
+  PODMAN_USERNS=keep-id docker run \
+      -u $(id -u):$(id -g) \
+      -v $schemas_dir:/schemas \
+  		docker.io/otel/build-tool-schemas:$BUILD_TOOL_SCHEMAS_VERSION --file /schemas/$ver --version=$ver
 
   echo "OK"
 done