Merge branch 'main' into dependabot/gradle/java/com.amazonaws-aws-lambda-java-events-3.11.3

Author: tylerbenson

.github/CODEOWNERS

@@ -1,3 +1,3 @@
 # https://docs.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners
 
-* @Aneurysm9 @codeboten @tsloughter @tylerbenson
+* @open-telemetry/lambda-extension-approvers

.github/dependabot.yml

@@ -12,6 +12,14 @@ updates:
       opentelemetry-deps-collector:
         patterns:
           - "*opentelemetry*"
+  - package-ecosystem: "gomod"
+    directory: "/collector/lambdacomponents"
+    schedule:
+      interval: "weekly"
+    groups:
+      opentelemetry-deps-lambdacomponents:
+        patterns:
+          - "*opentelemetry*"
   - package-ecosystem: "gradle"
     directory: "/java"
     schedule:
@@ -35,7 +43,7 @@ updates:
           - "@opentelemetry/*"
     rebase-strategy: "auto"
   - package-ecosystem: "pip"
-    directory: "/python/src/otel/otel_sdk"
+    directory: "/python/src/otel"
     schedule:
       interval: "weekly"
     groups:

.github/workflows/ci-collector.yml

@@ -18,10 +18,10 @@ jobs:
   tidy:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: actions/setup-go@v4
         with:
-          go-version: '^1.20.7'
+          go-version: '^1.20.8'
       - uses: actions/cache@v3
         with:
           path: ~/go/pkg/mod
@@ -34,10 +34,10 @@ jobs:
   test:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: actions/setup-go@v4
         with:
-          go-version: '^1.20.7'
+          go-version: '^1.20.8'
       - uses: actions/cache@v3
         with:
           path: ~/go/pkg/mod
@@ -54,10 +54,10 @@ jobs:
       matrix:
         architecture: [ amd64, arm64 ]
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: actions/setup-go@v4
         with:
-          go-version: '^1.20.7'
+          go-version: '^1.20.8'
       - uses: actions/cache@v3
         with:
           path: ~/go/pkg/mod

.github/workflows/ci-java.yml

@@ -16,7 +16,7 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: actions/setup-java@v3
         with:
           distribution: corretto

.github/workflows/ci-nodejs.yml

@@ -16,7 +16,7 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: actions/setup-node@v3
         with:
           node-version: 14

.github/workflows/ci-shellcheck.yml

@@ -6,7 +6,7 @@ jobs:
   shellcheck:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Install shell check
         run: sudo apt update && sudo apt install --assume-yes shellcheck

.github/workflows/ci-terraform.yml

@@ -18,6 +18,6 @@ jobs:
   check-terraform-syntax:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: hashicorp/setup-terraform@v2
       - run: terraform fmt -check -recursive

.github/workflows/codeql.yml

@@ -38,21 +38,34 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        language: [ 'go', 'javascript', 'python', 'java' ]
+        # Targets of the codeql analysis
+        # Each entry is composed by two elements: the language and the directory
+        # containing source code for that language.
+        target:
+          - language: 'go'
+            directory: 'go'
+          - language: 'javascript'
+            directory: 'nodejs'
+          - language: 'python'
+            directory: 'python'
+          - language: 'java'
+            directory: 'java'
+          - language: 'csharp'
+            directory: 'dotnet'
         # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby', 'swift' ]
         # Use only 'java' to analyze code written in Java, Kotlin or both
         # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both
         # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v2
       with:
-        languages: ${{ matrix.language }}
+        languages: ${{ matrix.target.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
         # By default, queries listed here will override any specified in a config file.
         # Prefix the list here with "+" to use these queries and those in the config file.
@@ -65,7 +78,10 @@ jobs:
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
       uses: github/codeql-action/autobuild@v2
-      if: ${{ matrix.language != 'java' }}
+      with:
+        working-directory: ${{ matrix.target.directory }}
+      # There are no array literals in GHA that is why we need to use fromJson.
+      if: ${{ !contains(fromJson('["java", "csharp"]'), matrix.target.language) }}
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -82,16 +98,28 @@ jobs:
       with:
         distribution: corretto
         java-version: '11'
-      if: ${{ matrix.language == 'java' }}
+      if: ${{ matrix.target.language == 'java' }}
 
     - name: build Java
       uses: gradle/gradle-build-action@v2
       with:
         arguments: build --no-build-cache
-        build-root-directory: java
-      if: ${{ matrix.language == 'java' }}
+        build-root-directory: ${{ matrix.target.directory }}
+      if: ${{ matrix.target.language == 'java' }}
+
+    - name: setup dotnet
+      uses: actions/setup-dotnet@v3
+      with:
+        dotnet-version: 6.x
+      if: ${{ matrix.target.language == 'csharp' }}
+
+    - name: build dotnet
+      # Build all dotnet applications from this directory
+      run: find . -name '*.sln' -exec dotnet build '{}' \;
+      working-directory: ${{ matrix.target.directory }}
+      if: ${{ matrix.target.language == 'csharp' }}
 
     - name: Perform CodeQL Analysis
       uses: github/codeql-action/analyze@v2
       with:
-        category: "/language:${{matrix.language}}"
+        category: "/language:${{matrix.target.language}}"

.github/workflows/layer-publish.yml

@@ -80,7 +80,7 @@ jobs:
         with:
           name: ${{ inputs.artifact-name }}
 
-      - uses: aws-actions/configure-aws-credentials@v3
+      - uses: aws-actions/configure-aws-credentials@v4
         with:
           role-to-assume: ${{ secrets.PROD_LAMBDA_ROLE_ARN }}
           role-duration-seconds: 1200

.github/workflows/pr-python.yml

@@ -23,7 +23,7 @@ jobs:
 
     steps:
       - name: Checkout this repo
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - name: Setup Python for OTel Python SDK
         uses: actions/setup-python@v4
         with:
@@ -36,7 +36,7 @@ jobs:
       - name: Set up Go for ADOT Collector
         uses: actions/setup-go@v4
         with:
-          go-version: '^1.20.7'
+          go-version: '^1.20.8'
       - name: Build Python Layer which includes ADOT Collector
         working-directory: python/src
         run: ./run.sh -b