Skip to content

build(deps): Upgrade otelcollector to v0.138.0#1336

Closed
azure-monitor-assistant[bot] wants to merge 2 commits into
mainfrom
bot/otelcollector-upgrade-v0.138.0
Closed

build(deps): Upgrade otelcollector to v0.138.0#1336
azure-monitor-assistant[bot] wants to merge 2 commits into
mainfrom
bot/otelcollector-upgrade-v0.138.0

Conversation

@azure-monitor-assistant

@azure-monitor-assistant azure-monitor-assistant Bot commented Nov 1, 2025

Copy link
Copy Markdown
Contributor

This PR upgrades the otelcollector to the latest version available for the opentelemetry-collector and opentelemetry-operator.

It was automatically generated by the GitHub Actions workflow.

The summary of the OSS changelog is below:

Prometheusreceiver Changes

v0.136.0 to v0.138.0

Generated on: 2025-11-01 07:05:15

v0.138.0

  • [FEATURE] receiver/prometheus: added NHCB(native histogram wit custom buckets) to explicit histogram conversion (#41131)

Summary

Category Count
Breaking Changes 0
Features 1
Bug Fixes 0
Other Changes 0
Total 1

Target-allocator Changes

v0.136.0 to v0.138.0

Generated on: 2025-11-01 07:05:29

0.138.0

  • [BREAKING] target allocator: Remove the operator.collector.targetallocatorcr feature flag (#2422) This behavior has been enabled by default since version 0.127.0.
  • [BUG FIX] target allocator: Add missing TA ownership watches to cert-manager Certificate and Issuer (#4368)

0.137.0

  • [BREAKING] target allocator: Promote the operator.collector.targetallocatorcr feature flag to Stable (#2422) The flag can no longer be disabled. It will be completely removed in 0.138.0.
  • [BUG FIX] target allocator, opamp: Fix version not being updated after version upgrade. (#4378)
  • [BUG FIX] target-allocator: Fixed potential duplicate scrape targets caused by Prometheus relabeling. (#3617)

Summary

Category Count
Breaking Changes 2
Features 0
Bug Fixes 3
Other Changes 0
Total 5

@azure-monitor-assistant azure-monitor-assistant Bot requested a review from a team as a code owner November 1, 2025 07:05
@azure-monitor-assistant

azure-monitor-assistant Bot commented Nov 1, 2025

Copy link
Copy Markdown
Contributor Author

✅ Building the otelcollector and related go binaries succeeded. No breaking changes were detected.
The otelcollector was successfully upgraded to version v0.138.0.

@azure-monitor-assistant

azure-monitor-assistant Bot commented Nov 1, 2025

Copy link
Copy Markdown
Contributor Author

CVE Changes Report

The following CVE changes were detected when upgrading to version v0.138.0:

=== CVE Changes Report ===
Removed CVEs:
Added CVEs:

Preserved CVEs (not scanned):
  = CVE-2025-9232 from prometheus-collector with severity HIGH and package 
  = CVE-2025-9230 from prometheus-collector with severity HIGH and package 
  = CVE-2025-4802 from kube-state-metrics with severity HIGH and package 
  = CVE-2024-33599 from kube-state-metrics with severity HIGH and package 
  = CVE-2023-4806 from kube-state-metrics with severity MEDIUM and package 
  = CVE-2023-4527 from kube-state-metrics with severity MEDIUM and package 
  = CVE-2024-33601 from kube-state-metrics with severity HIGH and package 
  = CVE-2024-33600 from kube-state-metrics with severity MEDIUM and package

The trivyignore file was updated to ignore the new CVEs.

@azure-monitor-assistant

azure-monitor-assistant Bot commented Nov 8, 2025

Copy link
Copy Markdown
Contributor Author

Closing in favor of a newer otelcollector version upgrade (v0.139.0)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

size/XXL

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants