refactor update opentelemetry-go & faiss

Signed-off-by: kpango <[email protected]>

.github/ISSUE_TEMPLATE/bug_report.md

@@ -22,7 +22,7 @@ assignees: ""
 
 <!--- Please change the versions below along with your environment -->
 
-- Go Version: 1.21.5
+- Go Version: 1.21.6
 - Docker Version: 20.10.8
-- Kubernetes Version: v1.28.4
+- Kubernetes Version: v1.29.1
 - NGT Version: 2.1.6

.github/ISSUE_TEMPLATE/security_issue_report.md

@@ -16,7 +16,7 @@ assignees: ""
 
 <!--- Please change the versions below along with your environment -->
 
-- Go Version: 1.21.5
+- Go Version: 1.21.6
 - Docker Version: 20.10.8
-- Kubernetes Version: v1.28.4
+- Kubernetes Version: v1.29.1
 - NGT Version: 2.1.6

.github/PULL_REQUEST_TEMPLATE.md

@@ -16,9 +16,9 @@
 
 <!--- Please change the versions below along with your environment -->
 
-- Go Version: 1.21.5
+- Go Version: 1.21.6
 - Docker Version: 20.10.8
-- Kubernetes Version: v1.28.4
+- Kubernetes Version: v1.29.1
 - NGT Version: 2.1.6
 
 ### Checklist:

.github/actions/detect-docker-image-tags/action.yaml

@@ -15,7 +15,6 @@
 #
 name: "Detect Docker image tags"
 description: "A action to detect Docker image tags"
-
 inputs:
   tag_name:
     description: "Tag name to check whether exists or not"
@@ -24,18 +23,14 @@ inputs:
   images:
     description: "Image names"
     required: false
-    default: "vdaas/vald-agent-ngt \
-      vdaas/vald-discoverer-k8s \
-      vdaas/vald-lb-gateway \
-      vdaas/vald-manager-index"
+    default: "vdaas/vald-agent-ngt vdaas/vald-agent-faiss vdaas/vald-agent-sidecar vdaas/vald-discoverer-k8s vdaas/vald-lb-gateway vdaas/vald-manager-index"
 outputs:
   HELM_EXTRA_OPTIONS:
     description: "Helm extra options that specifies image tags"
     value: ${{ steps.specify_container_versions.outputs.HELM_EXTRA_OPTIONS }}
   IMAGE_TAGS:
     description: "Specifies image tags"
     value: ${{ steps.specify_container_versions.outputs.IMAGE_TAGS }}
-
 runs:
   using: "composite"
   steps:
@@ -45,6 +40,7 @@ runs:
       run: |
         declare -A m=(
           ["vdaas/vald-agent-ngt"]="agent.image.tag"
+          ["vdaas/vald-agent-faiss"]="agent.image.tag"
           ["vdaas/vald-agent-sidecar"]="agent.sidecar.image.tag"
           ["vdaas/vald-discoverer-k8s"]="discoverer.image.tag"
           ["vdaas/vald-lb-gateway"]="gateway.lb.image.tag"

.github/actions/wait-for-docker-image/action.yaml

@@ -15,17 +15,12 @@
 #
 name: "Wait for Docker Images"
 description: "A action to wait for Docker images to be published"
-
 inputs:
   images:
     description: "image names"
     required: false
-    default: "vdaas/vald-agent-ngt \
-      vdaas/vald-discoverer-k8s \
-      vdaas/vald-lb-gateway \
-      vdaas/vald-manager-index"
+    default: "vdaas/vald-agent-ngt vdaas/vald-agent-faiss vdaas/vald-agent-sidecar vdaas/vald-discoverer-k8s vdaas/vald-lb-gateway vdaas/vald-manager-index"
 outputs: {}
-
 runs:
   using: "composite"
   steps:

.github/workflows/dockers-image-scan.yml

@@ -26,72 +26,123 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - uses: ./.github/actions/dump-context
-
   agent-ngt:
     uses: ./.github/workflows/_docker-image-scan.yaml
     with:
       target: agent-ngt
-
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: set git config
+        run: |
+          git config --global --add safe.directory ${GITHUB_WORKSPACE}
+      - name: Build the Docker image
+        id: build_image
+        run: |
+          make docker/build/agent-ngt
+          imagename=`make docker/name/agent-ngt`
+          docker tag ${imagename} ${imagename}:${{ github.sha }}
+          echo "IMAGE_NAME=${imagename}" >> $GITHUB_OUTPUT
+        env:
+          DOCKER_BUILDKIT: 1
+      - name: Run vulnerability scanner
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: "${{ steps.build_image.outputs.IMAGE_NAME }}:${{ github.sha }}"
+          format: "table"
+      - name: Run vulnerability scanner
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: "${{ steps.build_image.outputs.IMAGE_NAME }}:${{ github.sha }}"
+          format: "template"
+          template: "@/contrib/sarif.tpl"
+          output: "trivy-results.sarif"
+          severity: "HIGH,CRITICAL"
+      - name: Upload Trivy scan results to Security tab
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: "trivy-results.sarif"
+  agent-faiss:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: set git config
+        run: |
+          git config --global --add safe.directory ${GITHUB_WORKSPACE}
+      - name: Build the Docker image
+        id: build_image
+        run: |
+          make docker/build/agent-faiss
+          imagename=`make docker/name/agent-faiss`
+          docker tag ${imagename} ${imagename}:${{ github.sha }}
+          echo "IMAGE_NAME=${imagename}" >> $GITHUB_OUTPUT
+        env:
+          DOCKER_BUILDKIT: 1
+      - name: Run vulnerability scanner
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: "${{ steps.build_image.outputs.IMAGE_NAME }}:${{ github.sha }}"
+          format: "table"
+      - name: Run vulnerability scanner
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: "${{ steps.build_image.outputs.IMAGE_NAME }}:${{ github.sha }}"
+          format: "template"
+          template: "@/contrib/sarif.tpl"
+          output: "trivy-results.sarif"
+          severity: "HIGH,CRITICAL"
+      - name: Upload Trivy scan results to Security tab
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: "trivy-results.sarif"
   agent-sidecar:
     uses: ./.github/workflows/_docker-image-scan.yaml
     with:
       target: agent-sidecar
-
   ci-container:
     uses: ./.github/workflows/_docker-image-scan.yaml
     with:
       target: ci-container
-
   dev-container:
     uses: ./.github/workflows/_docker-image-scan.yaml
     with:
       target: dev-container
-
   discoverer-k8s:
     uses: ./.github/workflows/_docker-image-scan.yaml
     with:
       target: discoverer-k8s
-
   gateway-lb:
     uses: ./.github/workflows/_docker-image-scan.yaml
     with:
       target: gateway-lb
-
   gateway-filter:
     uses: ./.github/workflows/_docker-image-scan.yaml
     with:
       target: gateway-filter
-
   index-correction:
     uses: ./.github/workflows/_docker-image-scan.yaml
     with:
       target: index-correction
-
   index-creation:
     uses: ./.github/workflows/_docker-image-scan.yaml
     with:
       target: index-creation
-
   index-save:
     uses: ./.github/workflows/_docker-image-scan.yaml
     with:
       target: index-save
-
   loadtest:
     uses: ./.github/workflows/_docker-image-scan.yaml
     with:
       target: loadtest
-
   manager-index:
     uses: ./.github/workflows/_docker-image-scan.yaml
     with:
       target: manager-index
-
   operator-helm:
     uses: ./.github/workflows/_docker-image-scan.yaml
     with:
       target: operator/helm
-
   readreplica-rotate:
     uses: ./.github/workflows/_docker-image-scan.yaml
     with:

.gitignore

@@ -47,6 +47,7 @@ hack/go.mod.default3
 
 # for mac
 .DS_Store
+.nvimlog
 
 # for nvim
 .nvimlog

.golangci.yml

@@ -122,7 +122,6 @@ linters:
     # - whitespace
     # - wrapcheck
     # - wslissues:
-    # - zerologlint
   exclude-use-default: false
   exclude-rules:
     - path: _test\.go