Sigv4 - Add Missing STS Dependency #1101
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Bumping dependency of AWS SDK due to CVE scan failure: |
|
It's safe to include these AWS SDK dependencies in the ADOT Java Agent because we employ Java class shading during the build process. This technique relocates these classes to a different package namespace at runtime, creating a separate classpath that won't conflict with any AWS SDK dependencies that might be present in the main application. This prevents version conflicts and classloader issues that would otherwise occur when the agent and application use different versions of the same libraries. Unlike other language implementations where lazy-loading is used and dependencies are checked at runtime, Java requires special consideration. In other languages, the SDKs typically include all necessary packages for STS and authentication, and the code checks if the user has the correct dependencies before loading them. For Java, we need to explicitly import AWS SDK components and perform extensive testing to ensure compatibility, as these dependencies are bundled directly |
srprash
approved these changes
Jul 24, 2025
Jeel-mehta
pushed a commit
that referenced
this pull request
Aug 8, 2025
*Issue #, if available:* Current Sigv4 Exporter is missing the required dependency from AWS SDK library to allow STS AssumeRole from the DefaultCredentialsProvider. For example, this is the error that pops up if the exporter is used in an EKS environment: ``` WebIdentityTokenCredentialsProvider(): To use web identity tokens, the 'sts' service module must be on the class path. ``` Leading to the credentials provider to default to the worker node role: ``` WARN io.opentelemetry.exporter.internal.http.HttpExporter - Failed to export spans. Server responded with HTTP status code 403. Error message: User: arn:aws:sts::571600841604:assumed-role/eksctl-spring-demo-cluster-nodegro-NodeInstanceRole-qe5bSShjEHDp/i-0e398f24217b99394 is not authorized to perform: xray:PutTraceSegments because no identity-based policy allows the xray:PutTraceSegments action ``` *Description of changes:* Add STS as a dependency for the OtlpAws Exporters in order to allow the exporter to AssumeRole. - Bumping dependency to 2.30.17 as that is the version that a major CVE was patched in AWS SDK v2: aws/aws-sdk-java-v2#6098 *Testing* A sample EKS application was deployed with a custom ADOT Java Agent artifact that has the STS dependency added. I see spans appearing in the ```aws/spans``` log group: ``` { "resource": { "attributes": { "telemetry.distro.version": "2.11.0-aws-SNAPSHOT", "host.image.id": "ami-0335cf904e4303efa", "process.command_args": [ "/usr/lib/jvm/java-17-amazon-corretto/bin/java", "-Xms512m", "-Xmx1024m", "-Dspring.profiles.active=prod", "-javaagent:/app/opentelemetry-javaagent.jar", "-jar", "app.jar" ], "process.runtime.version": "17.0.15+6-LTS", "os.type": "linux", "process.pid": 1, "host.type": "t3.medium", "cloud.availability_zone": "us-east-1a", "telemetry.sdk.name": "opentelemetry", "telemetry.sdk.language": "java", "process.runtime.name": "OpenJDK Runtime Environment", "service.instance.id": "afe04022-e9c0-4c77-b0a1-0d790fc0200e", "os.description": "Linux 6.1.134-152.225.amzn2023.x86_64", "host.arch": "amd64", "host.name": "ip-192-168-23-12.ec2.internal", "telemetry.sdk.version": "1.45.0", "cloud.platform": "aws_ec2", "host.id": "i-0c88a3c68d45dfd96", "deployment.environment": "prod", "cloud.region": "us-east-1", "service.name": "demo-app", "telemetry.distro.name": "opentelemetry-java-instrumentation", "cloud.provider": "aws", "service.version": "0.0.1-SNAPSHOT", "cloud.account.id": "571600841604", "process.executable.path": "/usr/lib/jvm/java-17-amazon-corretto/bin/java", "process.runtime.description": "Amazon.com Inc. OpenJDK 64-Bit Server VM 17.0.15+6-LTS" } }, "scope": { "name": "io.opentelemetry.tomcat-10.0", "version": "2.11.0-adot1-alpha" }, "traceId": "6849fcc297c5ca4699ec920918d750ee", "spanId": "36e360cfd4490b85", "flags": 257, "name": "GET /hello", "kind": "SERVER", "startTimeUnixNano": 1749679298293950299, "endTimeUnixNano": 1749679298295162110, "durationNano": 1211811, "attributes": { "user_agent.original": "kube-probe/1.32+", "aws.local.service": "demo-app", "telemetry.extended": "true", "network.protocol.version": "1.1", "network.peer.port": 35512, "url.scheme": "http", "thread.name": "http-nio-8080-exec-3", "aws.local.environment": "prod", "server.address": "192.168.21.181", "client.address": "192.168.23.12", "network.peer.address": "192.168.23.12", "aws.local.operation": "GET /hello", "http.status_code": 200, "aws.span.kind": "LOCAL_ROOT", "url.path": "/hello", "http.request.method": "GET", "http.route": "/hello", "server.port": 8080, "PlatformType": "AWS::EC2", "http.response.status_code": 200, "thread.id": 26 }, "status": { "code": "UNSET" } } ``` By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
Merged
Jeel-mehta
added a commit
that referenced
this pull request
Aug 11, 2025
*Description of changes:* Cherry-picked commits from the mainline to my branch release/v2.11.2 438802b Send main build metrics (#1127) f9b24f2 [AppSignal E2E Testing] Validate E2E Tests Are Accounted For (#1126) d672f84 Fix Otlp Aws exporters failures for GZIP compressed telemetry exports (#1124) 0be84b6 AWS SDK v1.11 Patch Migration (#1117) 2c3ef71 AWS SDK v2.2 SPI Patch Migration (#1113) dac0fd8 Sigv4 - Add Missing STS Dependency (#1101) ce91366 fix compatibility issue with java v8 (#1118) 691c970 Base of AWS SDK v1.11 SPI Implementation (#1115 ) f425675 Base of AWS SDK v2.2 SPI Implementation (#1111) a41c7f3 feat: Extract account/access key id and region for cross-account support (#1081) e524eda update local operation of lambda span based on span attribute (#1106) 43198cf Add lambda layer default region (#1104) fe2ec3a Add YYC, BKK, KUL, QRO, ZHY, BJS to the lambda layer release workflow (#1103) 542b209 Update Sonatype publishing URL to Central Portal (#1090) 31e4de1 Release safety (#1096) e45a0ab Update image scan to point to 2.11.1 release (#1099) Also bumped the adot2 to adot3 as we are doing all of this under Java SDK 2.11.2 patch release. By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. --------- Co-authored-by: Jeel Mehta <[email protected]> Co-authored-by: Steve Liu <[email protected]> Co-authored-by: Prashant Srivastava <[email protected]> Co-authored-by: Harry <[email protected]> Co-authored-by: Ping Xiang <[email protected]> Co-authored-by: Blair Huang <[email protected]> Co-authored-by: Anahat <[email protected]> Co-authored-by: Thomas Pierce <[email protected]> Co-authored-by: Jonathan Lee <[email protected]> Co-authored-by: Eric Zhang <[email protected]>
Jeel-mehta
pushed a commit
that referenced
this pull request
Aug 11, 2025
*Issue #, if available:* Current Sigv4 Exporter is missing the required dependency from AWS SDK library to allow STS AssumeRole from the DefaultCredentialsProvider. For example, this is the error that pops up if the exporter is used in an EKS environment: ``` WebIdentityTokenCredentialsProvider(): To use web identity tokens, the 'sts' service module must be on the class path. ``` Leading to the credentials provider to default to the worker node role: ``` WARN io.opentelemetry.exporter.internal.http.HttpExporter - Failed to export spans. Server responded with HTTP status code 403. Error message: User: arn:aws:sts::571600841604:assumed-role/eksctl-spring-demo-cluster-nodegro-NodeInstanceRole-qe5bSShjEHDp/i-0e398f24217b99394 is not authorized to perform: xray:PutTraceSegments because no identity-based policy allows the xray:PutTraceSegments action ``` *Description of changes:* Add STS as a dependency for the OtlpAws Exporters in order to allow the exporter to AssumeRole. - Bumping dependency to 2.30.17 as that is the version that a major CVE was patched in AWS SDK v2: aws/aws-sdk-java-v2#6098 *Testing* A sample EKS application was deployed with a custom ADOT Java Agent artifact that has the STS dependency added. I see spans appearing in the ```aws/spans``` log group: ``` { "resource": { "attributes": { "telemetry.distro.version": "2.11.0-aws-SNAPSHOT", "host.image.id": "ami-0335cf904e4303efa", "process.command_args": [ "/usr/lib/jvm/java-17-amazon-corretto/bin/java", "-Xms512m", "-Xmx1024m", "-Dspring.profiles.active=prod", "-javaagent:/app/opentelemetry-javaagent.jar", "-jar", "app.jar" ], "process.runtime.version": "17.0.15+6-LTS", "os.type": "linux", "process.pid": 1, "host.type": "t3.medium", "cloud.availability_zone": "us-east-1a", "telemetry.sdk.name": "opentelemetry", "telemetry.sdk.language": "java", "process.runtime.name": "OpenJDK Runtime Environment", "service.instance.id": "afe04022-e9c0-4c77-b0a1-0d790fc0200e", "os.description": "Linux 6.1.134-152.225.amzn2023.x86_64", "host.arch": "amd64", "host.name": "ip-192-168-23-12.ec2.internal", "telemetry.sdk.version": "1.45.0", "cloud.platform": "aws_ec2", "host.id": "i-0c88a3c68d45dfd96", "deployment.environment": "prod", "cloud.region": "us-east-1", "service.name": "demo-app", "telemetry.distro.name": "opentelemetry-java-instrumentation", "cloud.provider": "aws", "service.version": "0.0.1-SNAPSHOT", "cloud.account.id": "571600841604", "process.executable.path": "/usr/lib/jvm/java-17-amazon-corretto/bin/java", "process.runtime.description": "Amazon.com Inc. OpenJDK 64-Bit Server VM 17.0.15+6-LTS" } }, "scope": { "name": "io.opentelemetry.tomcat-10.0", "version": "2.11.0-adot1-alpha" }, "traceId": "6849fcc297c5ca4699ec920918d750ee", "spanId": "36e360cfd4490b85", "flags": 257, "name": "GET /hello", "kind": "SERVER", "startTimeUnixNano": 1749679298293950299, "endTimeUnixNano": 1749679298295162110, "durationNano": 1211811, "attributes": { "user_agent.original": "kube-probe/1.32+", "aws.local.service": "demo-app", "telemetry.extended": "true", "network.protocol.version": "1.1", "network.peer.port": 35512, "url.scheme": "http", "thread.name": "http-nio-8080-exec-3", "aws.local.environment": "prod", "server.address": "192.168.21.181", "client.address": "192.168.23.12", "network.peer.address": "192.168.23.12", "aws.local.operation": "GET /hello", "http.status_code": 200, "aws.span.kind": "LOCAL_ROOT", "url.path": "/hello", "http.request.method": "GET", "http.route": "/hello", "server.port": 8080, "PlatformType": "AWS::EC2", "http.response.status_code": 200, "thread.id": 26 }, "status": { "code": "UNSET" } } ``` By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
Merged
lukeina2z
pushed a commit
to lukeina2z/aws-otel-java-instrumentation
that referenced
this pull request
Sep 5, 2025
Updating patch for `v2.10.0` to `v2.11.0` bump. Reference for how this patch was created: yiyuan-he/opentelemetry-java-instrumentation#1 ``` The following dependencies are using the latest release version: - com.sparkjava:spark-core:2.9.4 - com.squareup.okhttp3:okhttp:4.12.0 - io.opentelemetry:opentelemetry-extension-aws:1.20.1 The following dependencies have later release versions: - com.amazonaws:aws-java-sdk-bom [1.12.599 -> 1.12.783] https://aws.amazon.com/sdkforjava - com.fasterxml.jackson:jackson-bom [2.16.0 -> 2.19.0] https://github.com/FasterXML/jackson-bom - com.github.ben-manes.versions:com.github.ben-manes.versions.gradle.plugin [0.50.0 -> 0.52.0] - com.google.guava:guava-bom [33.0.0-jre -> 33.4.8-jre] https://github.com/google/guava - com.google.protobuf:protobuf-bom [3.25.1 -> 4.31.0] https://developers.google.com/protocol-buffers/ - com.linecorp.armeria:armeria-bom [1.26.4 -> 1.32.5] https://armeria.dev/ - commons-logging:commons-logging [1.2 -> 1.3.5] https://commons.apache.org/proper/commons-logging/ - io.grpc:grpc-bom [1.59.1 -> 1.72.0] https://github.com/grpc/grpc-java - io.opentelemetry.contrib:opentelemetry-aws-resources [1.39.0-alpha -> 1.46.0-alpha] https://github.com/open-telemetry/opentelemetry-java-contrib - io.opentelemetry.contrib:opentelemetry-aws-xray [1.39.0 -> 1.46.0] https://github.com/open-telemetry/opentelemetry-java-contrib - io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom-alpha [2.11.0-adot1-alpha -> 2.16.0-alpha] https://github.com/open-telemetry/opentelemetry-java-instrumentation - io.opentelemetry.javaagent:opentelemetry-javaagent [2.11.0-adot1 -> 2.16.0] https://github.com/open-telemetry/opentelemetry-java-instrumentation - io.opentelemetry.proto:opentelemetry-proto [1.0.0-alpha -> 1.7.0-alpha] https://github.com/open-telemetry/opentelemetry-proto-java - net.bytebuddy:byte-buddy [1.14.10 -> 1.17.5] https://bytebuddy.net - org.apache.logging.log4j:log4j-bom [2.21.1 -> 2.24.3] https://logging.apache.org/log4j/2.x/ - org.assertj:assertj-core [3.24.2 -> 3.27.3] https://assertj.github.io/doc/#assertj-core - org.curioswitch.curiostack:protobuf-jackson [2.2.0 -> 2.7.0] https://github.com/curioswitch/protobuf-jackson - org.junit:junit-bom [5.10.1 -> 5.12.2] https://junit.org/junit5/ - org.slf4j:slf4j-api [1.7.36 -> 2.0.17] http://www.slf4j.org - org.slf4j:slf4j-simple [1.7.36 -> 2.0.17] http://www.slf4j.org - org.springframework.boot:spring-boot-dependencies [2.7.17 -> 3.5.0] https://spring.io/projects/spring-boot - org.testcontainers:testcontainers-bom [1.19.3 -> 1.21.0] https://java.testcontainers.org - software.amazon.awssdk:bom [2.21.33 -> 2.31.49] https://aws.amazon.com/sdkforjava Gradle release-candidate updates: - Gradle: [8.10 -> 8.14.1] ``` By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. --------- Co-authored-by: ADOT Patch workflow <[email protected]> Empty commit to trigger main build (aws-observability#1084) Blank commit to trigger Java Agent Main Build with the latest commit from our test framework repo. ``` git commit --allow-empty -m "Empty commit to trigger main build" ``` By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. Release/v2.11.1 (aws-observability#1094) *Description of changes:* Merges changes from mainline to v2.11.1 Namely: aws-observability#1085 and aws-observability#1089 ``` The following dependencies are using the latest release version: - com.sparkjava:spark-core:2.9.4 - com.squareup.okhttp3:okhttp:4.12.0 - io.opentelemetry:opentelemetry-extension-aws:1.20.1 The following dependencies have later release versions: - com.amazonaws:aws-java-sdk-bom [1.12.599 -> 1.12.785] https://aws.amazon.com/sdkforjava - com.fasterxml.jackson:jackson-bom [2.16.0 -> 2.19.0] https://github.com/FasterXML/jackson-bom - com.github.ben-manes.versions:com.github.ben-manes.versions.gradle.plugin [0.50.0 -> 0.52.0] - com.google.guava:guava-bom [33.0.0-jre -> 33.4.8-jre] https://github.com/google/guava - com.google.protobuf:protobuf-bom [3.25.1 -> 4.31.1] https://developers.google.com/protocol-buffers/ - com.linecorp.armeria:armeria-bom [1.26.4 -> 1.32.5] https://armeria.dev/ - commons-logging:commons-logging [1.2 -> 1.3.5] https://commons.apache.org/proper/commons-logging/ - io.grpc:grpc-bom [1.59.1 -> 1.73.0] https://github.com/grpc/grpc-java - io.opentelemetry.contrib:opentelemetry-aws-resources [1.39.0-alpha -> 1.46.0-alpha] https://github.com/open-telemetry/opentelemetry-java-contrib - io.opentelemetry.contrib:opentelemetry-aws-xray [1.39.0-adot1 -> 1.46.0] https://github.com/open-telemetry/opentelemetry-java-contrib - io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom-alpha [2.11.0-adot2-alpha -> 2.16.0-alpha] https://github.com/open-telemetry/opentelemetry-java-instrumentation - io.opentelemetry.javaagent:opentelemetry-javaagent [2.11.0-adot2 -> 2.16.0] https://github.com/open-telemetry/opentelemetry-java-instrumentation - io.opentelemetry.proto:opentelemetry-proto [1.0.0-alpha -> 1.7.0-alpha] https://github.com/open-telemetry/opentelemetry-proto-java - net.bytebuddy:byte-buddy [1.14.10 -> 1.17.5] https://bytebuddy.net - org.apache.logging.log4j:log4j-bom [2.21.1 -> 2.24.3] https://logging.apache.org/log4j/2.x/ - org.assertj:assertj-core [3.24.2 -> 3.27.3] https://assertj.github.io/doc/#assertj-core - org.curioswitch.curiostack:protobuf-jackson [2.2.0 -> 2.7.0] https://github.com/curioswitch/protobuf-jackson - org.junit:junit-bom [5.10.1 -> 5.13.0] https://junit.org/junit5/ - org.slf4j:slf4j-api [1.7.36 -> 2.0.17] http://www.slf4j.org - org.slf4j:slf4j-simple [1.7.36 -> 2.0.17] http://www.slf4j.org - org.springframework.boot:spring-boot-dependencies [2.7.17 -> 3.5.0] https://spring.io/projects/spring-boot - org.testcontainers:testcontainers-bom [1.19.3 -> 1.21.1] https://java.testcontainers.org - software.amazon.awssdk:bom [2.21.33 -> 2.31.56] https://aws.amazon.com/sdkforjava Gradle release-candidate updates: - Gradle: [8.10 -> 8.14.1] ``` By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. --------- Co-authored-by: Jonathan Lee <[email protected]> Co-authored-by: Thomas Pierce <[email protected]> Co-authored-by: Michael He <[email protected]> Co-authored-by: ADOT Patch workflow <[email protected]> Co-authored-by: Prashant Srivastava <[email protected]> Co-authored-by: Mohamed Asaker <[email protected]> Update rust version (aws-observability#1097) *Description of changes:* Release build failed with: <img width="1200" alt="image" src="https://github.com/user-attachments/assets/3df092be-b9f3-4e62-9652-32cf4823d0ef" /> Updating rust version required for `edition2024` By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. [Lambda Java v2.11.x] Merge All Code Changes from v1.33.x Branch into v2.11.x (aws-observability#1114) This change merges all private Lambda Java updates from the v1.33 branch into the v2.11.x branch. I performed a 'git rebase v2.11' on the v1.33 branch, reviewed all changes, and completed the build and testing process. The resulting Lambda layer generated trace data identical to the version built directly from the v2.11.x branch (excluding this PR). Here is the list of all migrated PRs: Build layer during CI/CD workflows + some minor refactoring aws-observability#989 support java11 runtime for lambda aws-observability#1001 Unique artifact names for upload and merge for download aws-observability#1014 Bug fixes] Lambda - duplicate lambda spans + appsignals from unsampled spans aws-observability#1000 Fix: Lambda Topology Issue (aws-observability#1016) Fix: Lambda Topology Issue (aws-observability#1016) aws-observability#1085 feat: Support microservice span in Lambda Java environment. aws-observability#1053 Test Tested Java11, 17, and 21 Lambda functions. Manually tested PR-1000 and PR-1053. Both work as expected in the v2.11 branch. MicroService (SpringBoot) support works well. I verified attribute Trace.lambda.multiple server can be found in the Lambda server span, once we have Servlet instrumentation enabled with OTEL_INSTRUMENTATION_SERVLET_ENABLED. Note: The changes in the patch files are not included in this PR. They should have been reviewed and incorporated as part of this migration: Upgrade Java Lambda Layer to 2.x aws-observability#1076 Lambda with SpringBoot MicroService: <img width="1367" alt="lambda" src="https://github.com/user-attachments/assets/5cf5be29-4986-454c-b61b-773d6cde3848" /> Service Map and added microservice attribute 'Trace.lambda.multiple server'. <img width="1864" alt="traceMap" src="https://github.com/user-attachments/assets/f7ff1771-61f0-4013-b571-90370a726aa9" /> AppSignals <img width="1875" alt="appSignals" src="https://github.com/user-attachments/assets/24f1b3a8-851c-4c97-bb50-087ee275b86d" /> By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. Release/v2.11.2 (aws-observability#1131) *Description of changes:* Cherry-picked commits from the mainline to my branch release/v2.11.2 438802b Send main build metrics (aws-observability#1127) f9b24f2 [AppSignal E2E Testing] Validate E2E Tests Are Accounted For (aws-observability#1126) d672f84 Fix Otlp Aws exporters failures for GZIP compressed telemetry exports (aws-observability#1124) 0be84b6 AWS SDK v1.11 Patch Migration (aws-observability#1117) 2c3ef71 AWS SDK v2.2 SPI Patch Migration (aws-observability#1113) dac0fd8 Sigv4 - Add Missing STS Dependency (aws-observability#1101) ce91366 fix compatibility issue with java v8 (aws-observability#1118) 691c970 Base of AWS SDK v1.11 SPI Implementation (aws-observability#1115 ) f425675 Base of AWS SDK v2.2 SPI Implementation (aws-observability#1111) a41c7f3 feat: Extract account/access key id and region for cross-account support (aws-observability#1081) e524eda update local operation of lambda span based on span attribute (aws-observability#1106) 43198cf Add lambda layer default region (aws-observability#1104) fe2ec3a Add YYC, BKK, KUL, QRO, ZHY, BJS to the lambda layer release workflow (aws-observability#1103) 542b209 Update Sonatype publishing URL to Central Portal (aws-observability#1090) 31e4de1 Release safety (aws-observability#1096) e45a0ab Update image scan to point to 2.11.1 release (aws-observability#1099) Also bumped the adot2 to adot3 as we are doing all of this under Java SDK 2.11.2 patch release. By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. --------- Co-authored-by: Jeel Mehta <[email protected]> Co-authored-by: Steve Liu <[email protected]> Co-authored-by: Prashant Srivastava <[email protected]> Co-authored-by: Harry <[email protected]> Co-authored-by: Ping Xiang <[email protected]> Co-authored-by: Blair Huang <[email protected]> Co-authored-by: Anahat <[email protected]> Co-authored-by: Thomas Pierce <[email protected]> Co-authored-by: Jonathan Lee <[email protected]> Co-authored-by: Eric Zhang <[email protected]> Revert "Release/v2.11.2 (aws-observability#1131)" This reverts commit 4f5704f. Release/v2.11.2 v2 (aws-observability#1133) Description of changes: Cherry-picked commits from the mainline to my branch release/v2.11.2 Release/v2.11.3 (aws-observability#1146) *Description of changes:* Merges changes from mainline to v2.11.3 Namely: aws-observability#1111 aws-observability#1115 aws-observability#1113 aws-observability#1117 and aws-observability#1120 Steps followed: 1. Fork `aws-otel-java-instrumentation` repo 2. Checkout `release/2.11.x` 3. Create branch `release/2.11.3` based off `release/2.11.x` (`git checkout -b release/2.11.3`) 4. `git cherry-pick 572215e ac3c0c7 9a76dda 8a3b772 25b2cd8` 5. Resolved merge conflict for 25b2cd8 6. run `./gradlew dependencyUpdates` 7. Create PR ``` The following dependencies are using the latest release version: - com.sparkjava:spark-core:2.9.4 - io.opentelemetry:opentelemetry-extension-aws:1.20.1 The following dependencies have later release versions: - com.amazonaws:aws-java-sdk-bom [1.12.599 -> 1.12.788] https://aws.amazon.com/sdkforjava - com.fasterxml.jackson:jackson-bom [2.16.0 -> 2.19.2] https://github.com/FasterXML/jackson-bom - com.github.ben-manes.versions:com.github.ben-manes.versions.gradle.plugin [0.50.0 -> 0.52.0] - com.google.guava:guava-bom [33.0.0-jre -> 33.4.8-jre] https://github.com/google/guava - com.google.protobuf:protobuf-bom [3.25.1 -> 4.31.1] https://developers.google.com/protocol-buffers/ - com.linecorp.armeria:armeria-bom [1.26.4 -> 1.33.1] https://armeria.dev/ - com.squareup.okhttp3:okhttp [4.12.0 -> 5.1.0] https://square.github.io/okhttp/ - commons-logging:commons-logging [1.2 -> 1.3.5] https://commons.apache.org/proper/commons-logging/ - io.grpc:grpc-bom [1.59.1 -> 1.74.0] https://github.com/grpc/grpc-java - io.opentelemetry.contrib:opentelemetry-aws-resources [1.39.0-alpha -> 1.48.0-alpha] https://github.com/open-telemetry/opentelemetry-java-contrib - io.opentelemetry.contrib:opentelemetry-aws-xray [1.39.0-adot1 -> 1.48.0] https://github.com/open-telemetry/opentelemetry-java-contrib - io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom-alpha [2.11.0-alpha -> 2.18.1-alpha] https://github.com/open-telemetry/opentelemetry-java-instrumentation - io.opentelemetry.javaagent:opentelemetry-javaagent [2.11.0 -> 2.18.1] https://github.com/open-telemetry/opentelemetry-java-instrumentation - io.opentelemetry.proto:opentelemetry-proto [1.0.0-alpha -> 1.7.0-alpha] https://github.com/open-telemetry/opentelemetry-proto-java - net.bytebuddy:byte-buddy [1.14.10 -> 1.17.6] https://bytebuddy.net - org.apache.logging.log4j:log4j-bom [2.21.1 -> 2.25.1] https://logging.apache.org/log4j/2.x/ - org.assertj:assertj-core [3.24.2 -> 3.27.4] https://assertj.github.io/doc/#assertj-core - org.curioswitch.curiostack:protobuf-jackson [2.2.0 -> 2.8.1] https://github.com/curioswitch/protobuf-jackson - org.junit:junit-bom [5.10.1 -> 5.13.4] https://junit.org/ - org.slf4j:slf4j-api [1.7.36 -> 2.0.17] http://www.slf4j.org - org.slf4j:slf4j-simple [1.7.36 -> 2.0.17] http://www.slf4j.org - org.springframework.boot:spring-boot-dependencies [2.7.17 -> 3.5.4] https://spring.io/projects/spring-boot - org.testcontainers:testcontainers-bom [1.19.3 -> 1.21.3] https://java.testcontainers.org - software.amazon.awssdk:bom [2.30.17 -> 2.32.22] https://aws.amazon.com/sdkforjava Gradle release-candidate updates: - Gradle: [8.10 -> 9.0.0 -> 9.1.0-rc-1] ``` By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. --------- Co-authored-by: Thomas Pierce <[email protected]> Co-authored-by: Steve Liu <[email protected]> AWS X-Ray Adaptive Sampling Support (aws-observability#1141) Propagate sampling decision as attribute (aws-observability#1161) Shorten trace state usage for adaptive sampling (aws-observability#1164) [Adaptive Sampling] Improve trace capturing and counting using cache Fix disk-buffering build failure in contrib (aws-observability#1169)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue #, if available:
Current Sigv4 Exporter is missing the required dependency from AWS SDK library to allow STS AssumeRole from the DefaultCredentialsProvider.
For example, this is the error that pops up if the exporter is used in an EKS environment:
WebIdentityTokenCredentialsProvider(): To use web identity tokens, the 'sts' service module must be on the class path.Leading to the credentials provider to default to the worker node role:
Description of changes:
Add STS as a dependency for the OtlpAws Exporters in order to allow the exporter to AssumeRole.
Testing
A sample EKS application was deployed with a custom ADOT Java Agent artifact that has the STS dependency added. I see spans appearing in the
aws/spanslog group:By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.