[chore] repo: Sync fork with current upstream main

[amir-jakoby]

Summary

• sync the fork to current upstream/main
• keep the active Sawmills delta on top of the new upstream base
• avoid replaying stale historical fork churn that no longer matters to the shipped distro

Preserved fork delta

• exporter/loadbalancingexporter
• exporter/elasticsearchexporter
• processor/hotreloadprocessor
• processor/logstometricsprocessor
• processor/transformprocessor compat surface
• pkg/ottl compat surface
• extension/storage/inmemorystorage
• confmap/provider/s3provider encryptor helper
• distro/support wiring: builder-config, versions.yaml, reports/distributions/contrib.yaml, .checkapi.yaml, .codecov.yml, .golangci.yml, internal/tidylist

Validation

• go test ./... in confmap/provider/s3provider
• go test ./... in exporter/elasticsearchexporter
• go test ./... in exporter/loadbalancingexporter
• go test ./... in extension/storage/inmemorystorage
• go test ./... in processor/transformprocessor
• go test ./... in pkg/ottl
• go test ./... in processor/hotreloadprocessor
• go test ./... in processor/logstometricsprocessor

Notes

• make checkapi from repo root is noisy in this checkout because it scans sibling worktrees under .worktrees/; the fork-owned modules above are green.
• push blocker fix: used git push --no-follow-tags to avoid uploading the repo tag universe.

---

Note

Medium Risk
Touches multiple runtime components (Prometheus exporter, interval processor, AWS log parsing) plus CI/workflow scripts and dependency bumps, so behavior changes could impact stability despite being well-scoped and covered by tests.

Overview
Pulls in upstream updates and release-note entries, including behavioral fixes and enhancements across telemetry components.

Prometheus exporter now supports exemplars for exponential histograms, uses confighttp.NewDefaultServerConfig() defaults, and adds a background eviction loop to clean expired metric families/accumulator entries even when no scrapes occur (preventing unbounded memory growth).

AWS S3 access log unmarshaler adds the new source_region field and becomes forward-compatible by skipping unknown trailing fields instead of erroring; interval processor now flushes buffered metrics on shutdown and waits for its export goroutine to exit.

CI/tooling changes harden workflow automation (stricter /workflow-approve parsing, safer rerun authorization via commenter association, disk-space script baseline handling), update codeowner-activity script Octokit usage/reporting, adjust issue templates/config, and refresh various docs/dependencies (notably moving pkg/xk8stest to github.com/moby/moby/client).

^{Written by Cursor Bugbot for commit ccb65b6. This will update automatically on new commits. Configure here.}

---

Summary by cubic

Sync the fork to the latest upstream/main and rebase our Sawmills changes on top. This pulls in upstream fixes, features, and tooling while keeping our exporters/processors and distro wiring intact.

• Refactors

  • Preserved fork delta in exporter/elasticsearchexporter, exporter/loadbalancingexporter, processor/hotreloadprocessor, processor/logstometricsprocessor, processor/transformprocessor, pkg/ottl, extension/storage/inmemorystorage, and confmap/provider/s3provider (encryptor helper).
  • Kept distro wiring (builder-config, versions.yaml, reports and lint configs) aligned; validated with go test ./... in the preserved modules.

• Notable Upstream Changes

  • Prometheus exporter: exemplar support for exponential histograms; fixed default HTTP server config; background eviction of expired metric families to stop memory growth.
  • AWS S3 ingest: .zst decompression and optional tag_object_after_ingestion; SQS “s3:TestEvent” loop fix; S3 access log parser adds source_region and skips unknown fields.
  • Kafka: exporter removes local queue partitioning and deprecated top‑level topic/encoding; fixes topic_from_attribute routing for multi‑resource batches and validation for topic_from_metadata_key; receiver adds topic/partition/offset as client metadata; deprecates azure_resource_logs unmarshaler.
  • Processors/extensions: interval processor flushes on shutdown; resourcedetection always propagates detector errors, fixes shared‑provider lifecycle, and adds IBM Cloud VPC support; receivercreator adds profiles signal (alpha); k8sattributesprocessor warns when deprecated v0 K8s semconv attrs are enabled; OTTL setters now error on type mismatches.
  • Diagnostics and logs: pprof receiver supports remote HTTP/self‑scrape and fixes file‑scraper profile merging; Windows Event Log flattens event_data to a map; journald suppresses historical entries when starting at “end”.
  • Elasticsearch exporter: new otelcol.elasticsearch.docs.retried_http_request metric; populates _doc_count in ECS mode; stops setting host.os.type (moved to elasticapmprocessor).
  • Other components: MongoDB receiver supports mongodb+srv via scheme; re‑aggregation enabled for mysql, postgresql, github, expvar, flinkmetrics, and vcenter; k8s_events stops emitting delete watch events by default.
  • Reliability/security: otelarrowreceiver maps transient consumer errors to retryable gRPC statuses; bearertokenauth stops including bearer tokens in error messages.
  • Tooling/deps: internal AWS HTTP client honors NO_PROXY; core upgraded to v0.148.0; gRPC 1.79.3; schemagen emits local ref paths; CI/workflow hardening; pkg/xk8stest migrates to github.com/moby/moby/client.

^{Written for commit ccb65b6. Summary will update on new commits.}

Summary by CodeRabbit

• New Features

  • Added exemplar support for exponential histograms in Prometheus exporter.
  • Added Zstandard decompression support to the S3 receiver.
  • Added S3 object tagging after ingestion capability to S3 receiver.
  • Added profiles signal support to receiver creator.
  • Added source_region field parsing to S3 access log unmarshaler.

• Bug Fixes

  • Fixed Prometheus exporter HTTP server default behavior for keep-alives and timeouts.
  • Fixed unbounded memory growth in Prometheus exporter by ensuring expired metrics are cleaned up.
  • Fixed S3 receiver SQS handling of s3:TestEvent messages.
  • Fixed S3 access log parser to gracefully handle additional trailing fields.

• Enhancements

  • Interval processor now flushes buffered metrics on shutdown.
  • OTTL setter type validation now returns errors on type mismatches.
  • Transform processor now supports semantic conventions version 1.38.0.

• Breaking Changes

  • Resource detection processor: removed propagateerrors feature gate.
  • OTTL setters now enforce type validation.

[coderabbitai]

Walkthrough

This PR introduces multiple enhancements and bug fixes across various OpenTelemetry collector components, including Prometheus exporter improvements (exemplar support and metric family cleanup), S3 receiver enhancements (zstd decompression and object tagging), receiver creator profiles support, resource detection processor feature gate removal, and numerous changelog entries documenting these changes. Additionally, it updates dependencies and GitHub workflows while refactoring several components.

Changes

Cohort / File(s)	Summary
Changelog Entries .chloggen/47159.yaml, .chloggen/47173-bug-defaultConfigPrometheusExporter.yaml, .chloggen/awss3-zstd.yaml, .chloggen/feat_delete-ff-resourcedetection-propagateerrors.yaml, .chloggen/fix-prometheus-exporter-metric-family-leak.yaml, .chloggen/fix-s3-access-log-source-region-field.yaml, .chloggen/fix-severity-parser.yaml, .chloggen/fix_s3HandleMessages.yaml, .chloggen/intervalprocessor-flush-on-shutdown.yaml, .chloggen/ottl-setter-type-validation.yaml, .chloggen/profiles-in-receiver-creator.yaml, .chloggen/s3-receiver-delete-obj.yaml, .chloggen/transformprocessor-set_semconv_span_name-v1.40.0.yaml, .chloggen/wevtlog-receiver-raw-xml-unmarshal-optimization.yaml	Multiple new changelog entries documenting enhancements, bug fixes, and breaking changes across prometheus exporter, s3 receiver, resource detection, and other components.
Configuration & Metadata .checkapi.yaml, .chloggen/config.yaml	Updated checkapi path ignoring for storage/inmemorystorage; removed duplicate scraper/system entry from components list.
GitHub Workflows & Scripts .github/workflows/build-and-test-windows.yml, .github/workflows/rerun-workflows.yml, .github/workflows/scripts/approve-workflows.sh, .github/workflows/scripts/check-disk-space.sh, .github/workflows/scripts/generate-codeowners-activity.js, .github/workflows/scripts/generate-pr-from-changelog.sh, .github/workflows/scripts/rerun-failed-workflows.sh	Updated workflow scripts and configuration including stricter command parsing, environment variable handling, API migration from octokit.rest to octokit, and improved authorization checks.
Issue Templates .github/ISSUE_TEMPLATE/beta_stability.yaml, .github/ISSUE_TEMPLATE/bug_report.yaml, .github/ISSUE_TEMPLATE/feature_request.yaml, .github/ISSUE_TEMPLATE/other.yaml, .github/ISSUE_TEMPLATE/unmaintained.yaml	Removed component options: extension/storage/inmemorystorage, processor/hotreload, processor/logstometrics from dropdown menus.
Link Checker Configuration .github/lychee.toml	Removed extensive URL exclusion patterns and max_redirects setting, reducing excluded domains from lychee link checker.
Prometheus Exporter exporter/prometheusexporter/accumulator.go, exporter/prometheusexporter/collector.go, exporter/prometheusexporter/collector_test.go, exporter/prometheusexporter/config_test.go, exporter/prometheusexporter/factory.go, exporter/prometheusexporter/factory_test.go, exporter/prometheusexporter/prometheus.go, exporter/prometheusexporter/prometheus_test.go, exporter/prometheusexporter/README.md	Added cleanupExpired() method for independent metric family expiration, exemplar support for exponential histograms, background cleanup goroutine on start, improved ServerConfig initialization, and documentation updates.
Prometheus Exporter Additional Documentation exporter/alertmanagerexporter/README.md, exporter/datadogexporter/README.md, exporter/honeycombmarkerexporter/README.md, exporter/prometheusexporter/README.md	Updated external reference links and clarified semantic convention resource attributes in README files.
AWS S3 Access Log Encoding extension/encoding/awslogsencodingextension/internal/unmarshaler/s3-access-log/fields.go, extension/encoding/awslogsencodingextension/internal/unmarshaler/s3-access-log/unmarshaler.go, extension/encoding/awslogsencodingextension/internal/unmarshaler/s3-access-log/unmarshaler_test.go, extension/encoding/awslogsencodingextension/internal/unmarshaler/s3-access-log/testdata/*	Added source_region field parsing, made extra trailing fields ignorable (forward-compatible), and updated test expectations to handle logs with more fields than schema.
S3 Receiver receiver/awss3receiver/config.go, receiver/awss3receiver/config.schema.yaml, receiver/awss3receiver/config_test.go, receiver/awss3receiver/go.mod, receiver/awss3receiver/receiver.go, receiver/awss3receiver/receiver_test.go, receiver/awss3receiver/s3intf.go, receiver/awss3receiver/s3reader.go, receiver/awss3receiver/s3reader_test.go, receiver/awss3receiver/s3sqsreader.go, receiver/awss3receiver/s3sqsreader_test.go, receiver/awss3receiver/README.md, receiver/awss3receiver/testdata/config.yaml	Added zstd decompression support, object tagging after ingestion feature, refactored client interfaces from GetObjectAPI to SingleObjectAPI, and enhanced test coverage.
Receiver Creator receiver/receivercreator/config.go, receiver/receivercreator/config_test.go, receiver/receivercreator/consumer.go, receiver/receivercreator/consumer_test.go, receiver/receivercreator/discovery.go, receiver/receivercreator/factory.go, receiver/receivercreator/factory_test.go, receiver/receivercreator/generated_component_test.go, receiver/receivercreator/go.mod, receiver/receivercreator/internal/metadata/generated_status.go, receiver/receivercreator/metadata.yaml, receiver/receivercreator/observerhandler.go, receiver/receivercreator/observerhandler_test.go, receiver/receivercreator/receiver.go, receiver/receivercreator/runner.go, receiver/receivercreator/discovery_test.go, receiver/receivercreator/README.md	Added profiles signal support throughout the receiver creator, migrated factory to xreceiver API, updated all relevant structs and functions to handle profiles consumer, and extended test coverage.
Resource Detection Processor processor/resourcedetectionprocessor/README.md, processor/resourcedetectionprocessor/documentation.md, processor/resourcedetectionprocessor/go.mod, processor/resourcedetectionprocessor/internal/metadata/generated_feature_gates.go, processor/resourcedetectionprocessor/internal/resourcedetection.go, processor/resourcedetectionprocessor/internal/resourcedetection_test.go, processor/resourcedetectionprocessor/metadata.yaml	Removed propagateerrors feature gate, always enabling error propagation, and eliminated feature gate documentation and registration.
Interval Processor processor/intervalprocessor/processor.go, processor/intervalprocessor/processor_test.go	Added flush-on-shutdown behavior with WaitGroup coordination and context cancellation to prevent data loss during shutdown.
Other Receivers receiver/prometheusreceiver/metrics_receiver_helper_test.go, receiver/kubeletstatsreceiver/go.mod, receiver/k8sobjectsreceiver/go.mod, receiver/k8sclusterreceiver/go.mod, receiver/k8sobserver/go.mod, receiver/lokireceiver/README.md, receiver/lokireceiver/metadata.yaml, receiver/postgresqlreceiver/README.md, receiver/systemdreceiver/documentation.md, receiver/systemdreceiver/metadata.yaml	Updated go.mod dependencies (Docker/Moby migration), refactored test helpers, updated README links and terminology.
Processor Dependencies & Tests processor/k8sattributesprocessor/go.mod, internal/datadog/e2e/go.mod	Updated indirect dependencies, migrated from docker/docker to moby/moby packages.
Trie Implementation Removal pkg/stanza/fileconsumer/internal/trie/trie.go, pkg/stanza/fileconsumer/internal/trie/trie_test.go, pkg/stanza/fileconsumer/internal/trie/package_test.go	Removed generic Trie[T] implementation and associated tests; removed TestMain goleak integration.
K8s Test Helpers pkg/xk8stest/go.mod, pkg/xk8stest/k8s_data_helpers.go, pkg/xk8stest/k8s_data_helpers_test.go	Migrated Docker client from github.com/docker/docker to github.com/moby/moby, updated network gateway handling with new helpers, and added test coverage.
Health Check internal/healthcheck/internal/http/server_test.go	Added readiness gate polling before test execution to ensure server is ready.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~50 minutes

Possibly related PRs

• [chore] repo: Sync fork with current upstream main #26 — Added the extension/storage/inmemorystorage module that is now being referenced in checkapi configuration changes.

Suggested reviewers

• sawmills-architect-review

Poem

🐰 A Collector's Bounty

Prometheus shines with exemplars bright,
While S3 compress with zstd's might,
The receiver creator now profiles too,
Background cleanup keeps metrics true,
Each tag and gate, a careful stride—
Features flourish, tests preside! 🚀

🚥 Pre-merge checks | ✅ 1 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 13.04% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Description check	❓ Inconclusive	PR description is comprehensive but does not follow the required template structure with clear Description, Link to tracking issue, Testing, and Documentation sections.	Restructure description to match template: add explicit Description section explaining the sync scope, add Link to tracking issue section (if applicable), add Testing section documenting validation steps, and add Documentation section noting any doc updates.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title '[chore] repo: Sync fork with current upstream main' accurately describes the main objective of syncing the fork to upstream, which aligns with the core changes.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch amiri/sync-upstream-main-2026-04-02

[chatgpt-codex-connector]

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.

[cubic-dev-ai]

14 issues found across 3000 files

Confidence score: 2/5

• Merge risk is elevated because .github/workflows/rerun-workflows.yml has a high-confidence permission-gating gap: allowing any PR author to trigger reruns with actions: write can enable untrusted external contributors to invoke privileged workflow behavior.
• There are several concrete correctness risks in automation scripts, including pagination gaps in .github/workflows/scripts/generate-codeowners-activity.js, index misalignment in .github/workflows/scripts/generate-pr-from-changelog.sh, and missing baseline validation in .github/workflows/scripts/check-disk-space.sh, which can produce incorrect reports or PR metadata.
• Configuration scope issues in .checkapi.yaml (overly broad ignored_paths) and changelog entries under .chloggen/*.yaml may hide coverage or omit user-facing release notes, increasing the chance of silent process regressions.
• Pay close attention to .github/workflows/rerun-workflows.yml, .github/workflows/scripts/generate-codeowners-activity.js, .github/workflows/scripts/generate-pr-from-changelog.sh, .checkapi.yaml - security gating and workflow/reporting correctness are the main risk areas.

Note: This PR contains a large number of files. cubic only reviews up to 75 files per PR, so some files may not have been reviewed.

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name=".chloggen/wevtlog-receiver-raw-xml-unmarshal-optimization.yaml">

<violation number="1" location=".chloggen/wevtlog-receiver-raw-xml-unmarshal-optimization.yaml:27">
P2: This changelog entry is excluded from all changelog outputs by setting `change_logs: []`, so the enhancement note will not be published.</violation>
</file>

<file name=".chloggen/47159.yaml">

<violation number="1" location=".chloggen/47159.yaml:27">
P2: This changelog entry is configured to appear in no changelog files. For a user-facing Prometheus exporter enhancement, set `change_logs` to include `user` so the release note is published.</violation>
</file>

<file name=".github/workflows/rerun-workflows.yml">

<violation number="1" location=".github/workflows/rerun-workflows.yml:11">
P1: Restrict `/rerun` to trusted commenter associations; current gating allows any PR author (including external contributors) to trigger `actions: write` reruns.</violation>
</file>

<file name=".chloggen/config.yaml">

<violation number="1" location=".chloggen/config.yaml:359">
P3: Remove the duplicate `scraper/system` entry from `components` to keep the changelog component registry consistent and non-redundant.</violation>
</file>

<file name=".chloggen/ottl-setter-type-validation.yaml">

<violation number="1" location=".chloggen/ottl-setter-type-validation.yaml:8">
P3: Remove the unnecessary backslash before `#43505` in the changelog text so the issue reference renders correctly.</violation>
</file>

<file name=".chloggen/s3-receiver-delete-obj.yaml">

<violation number="1" location=".chloggen/s3-receiver-delete-obj.yaml:28">
P2: This user-facing enhancement is excluded from changelog output by setting `change_logs` to an empty list.</violation>
</file>

<file name=".github/workflows/scripts/generate-codeowners-activity.js">

<violation number="1" location=".github/workflows/scripts/generate-codeowners-activity.js:186">
P1: Paginate review/comment collection; first-page-only results can undercount responses on high-activity PRs.</violation>

<violation number="2" location=".github/workflows/scripts/generate-codeowners-activity.js:334">
P2: The `Code owners` column is derived from active/requested owners, not actual CODEOWNERS membership, so the report can misstate owner counts.</violation>
</file>

<file name=".chloggen/fix-severity-parser.yaml">

<violation number="1" location=".chloggen/fix-severity-parser.yaml:27">
P2: This bug-fix entry disables changelog routing by setting `change_logs` to an empty list, so the fix can be omitted from release notes.</violation>
</file>

<file name=".checkapi.yaml">

<violation number="1" location=".checkapi.yaml:9">
P2: `ignored_paths` is overly broad here: ignoring `extension/storage` disables checkapi coverage for multiple storage extensions. Scope this to the fork-owned path (`extension/storage/inmemorystorage`) to avoid masking unrelated API changes.</violation>
</file>

<file name=".github/workflows/scripts/generate-pr-from-changelog.sh">

<violation number="1" location=".github/workflows/scripts/generate-pr-from-changelog.sh:108">
P2: `COMPONENTS`, `NOTES`, and `CHANGE_TYPES` can become index-misaligned because they are appended conditionally and independently, causing incorrect component/change-type pairing in the generated PR body.</violation>
</file>

<file name=".chloggen/awss3-zstd.yaml">

<violation number="1" location=".chloggen/awss3-zstd.yaml:27">
P2: This user-facing enhancement is excluded from release notes by setting `change_logs` to an empty list.</violation>
</file>

<file name=".github/workflows/scripts/check-disk-space.sh">

<violation number="1" location=".github/workflows/scripts/check-disk-space.sh:6">
P2: Validate that `BASELINE_SPACE` is set before computing `used_space`; otherwise this script can silently produce incorrect disk-usage results.</violation>
</file>

<file name=".github/workflows/approve-workflows.yml">

<violation number="1" location=".github/workflows/approve-workflows.yml:29">
P2: Off-by-one in the `COMMENT` prefix check: `${COMMENT:0:18}` extracts 18 characters but `/workflow-approve` is only 17 characters long. Any comment with arguments or a trailing newline (e.g. `/workflow-approve run123`) will pass the workflow-level `startsWith` gate but fail this script check and silently exit. The substring length should match the compared string.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review, or fix all with cubic.}

[sawmills-architect-review]

[ARCH-REVIEW] ⏭️ Skipping architecture review for upstream sync chore PR.

[cubic-dev-ai]

5 issues found across 16 files (changes from recent commits).

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name=".github/workflows/scripts/approve-workflows.sh">

<violation number="1" location=".github/workflows/scripts/approve-workflows.sh:14">
P2: The command gate now does a loose prefix match, so malformed commands starting with `/workflow-approve` are treated as valid. Require an exact command or a whitespace boundary after the command.</violation>
</file>

<file name=".github/workflows/scripts/generate-pr-from-changelog.sh">

<violation number="1" location=".github/workflows/scripts/generate-pr-from-changelog.sh:109">
P2: Avoid appending empty components; this can generate malformed title prefixes like `[]` when changelog entries have a note but no component.</violation>

<violation number="2" location=".github/workflows/scripts/generate-pr-from-changelog.sh:112">
P2: Only append subtext when it is non-empty; the current change causes empty `Details` sections in generated PR bodies.</violation>
</file>

<file name="exporter/honeycombmarkerexporter/README.md">

<violation number="1" location="exporter/honeycombmarkerexporter/README.md:15">
P3: The README links to the "List All Markers" endpoint while describing marker creation. Point this to the "Create a Marker" API doc to avoid misleading users.</violation>
</file>

<file name=".github/workflows/scripts/generate-codeowners-activity.js">

<violation number="1" location=".github/workflows/scripts/generate-codeowners-activity.js:186">
P1: `paginate` is called on `github.rest`, which can fail at runtime and silently zero out review/comment data for PR stats.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review, or fix all with cubic.}

[coderabbitai]

Actionable comments posted: 18

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)

.github/workflows/scripts/generate-codeowners-activity.js (1)

53-82: ⚠️ Potential issue | 🟡 Minor

Stale comment contradicts the new implementation.

Line 56-57 still says "(exclusive: we include created_at < periodEnd only...)" but the code at line 82 now uses <=. This creates confusion about whether periodEnd is inclusive or exclusive.

Consider updating line 56-57 to reflect the new behavior:

- * - periodEnd: midnight UTC at the start of the day that was 5 days ago (exclusive: we include
- *   created_at < periodEnd only, so the last full day included is 6 days ago).
+ * - periodEnd: midnight UTC at the start of the day that was 5 days ago (inclusive at midnight:
+ *   we include created_at <= periodEnd, so PRs created exactly at midnight on that day are included).

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/scripts/generate-codeowners-activity.js around lines 53 -
82, The comment above genLookbackDates contradicts filterOnDateRange:
genLookbackDates and filterOnDateRange currently use createdAt >= periodStart &&
createdAt <= periodEnd (inclusive end), so update the block comment (the
descriptive lines mentioning "exclusive" and "created_at < periodEnd only") to
state that periodEnd is inclusive and that filterOnDateRange uses createdAt >=
periodStart && createdAt <= periodEnd (so the last full day included is 6 days
ago), or alternatively adjust wording to explicitly describe the inclusive
semantics; reference genLookbackDates and filterOnDateRange when making the
comment change.

processor/resourcedetectionprocessor/internal/resourcedetection_test.go (1)

127-151: ⚠️ Potential issue | 🟠 Major

Add a mixed success/failure test for unconditional error propagation.

The new tests cover all-fail and no-detector paths, but not the partial-success path (one detector succeeds while another fails). Please add a case asserting merged resource is returned and Refresh still returns the joined error.

Proposed test addition

+func TestDetectResource_PartialSuccess_PropagatesDetectorError(t *testing.T) {
+	md1 := &mockDetector{}
+	res1 := pcommon.NewResource()
+	require.NoError(t, res1.Attributes().FromRaw(map[string]any{"a": "1"}))
+	md1.On("Detect").Return(res1, "", nil)
+
+	md2 := &mockDetector{}
+	md2.On("Detect").Return(pcommon.NewResource(), "", errors.New("err2"))
+
+	p := NewResourceProvider(zap.NewNop(), time.Second, md1, md2)
+	err := p.Refresh(t.Context(), &http.Client{Timeout: 10 * time.Second})
+	require.Error(t, err)
+	require.Contains(t, err.Error(), "err2")
+
+	got, _, getErr := p.Get(t.Context(), &http.Client{Timeout: 10 * time.Second})
+	require.Error(t, getErr)
+	assert.Equal(t, map[string]any{"a": "1"}, got.Attributes().AsRaw())
+}

As per coding guidelines, **/*.{js,ts,jsx,tsx,java,py,go,cs,rb,php,cpp,c,h,hpp,rs,kt}: All code changes should have tests that actually validate the changes.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@processor/resourcedetectionprocessor/internal/resourcedetection_test.go`
around lines 127 - 151, Add a new test that covers the mixed success/failure
case: create two mock detectors (e.g., md1 and md2) where md1.On("Detect")
returns a non-empty pcommon.Resource with a distinguishable attribute (so you
can assert it was merged) and no error, and md2.On("Detect") returns an empty
resource and an error (e.g., "errX"); instantiate the provider with
NewResourceProvider(zap.NewNop(), time.Second, md1, md2), call p.Refresh(ctx,
&http.Client{Timeout: 10 * time.Second}), assert that Refresh returns an error
containing the failing detector error string, and assert that the provider’s
merged resource (the resource produced by the successful detector, e.g., via
p.Resource() or by inspecting the internal state updated by Refresh) contains
the attribute from md1 to verify the successful resource was preserved/merged
despite the overall error.

🧹 Nitpick comments (2)

.github/workflows/scripts/generate-pr-from-changelog.sh (1)

136-136: Component deduplication may break for multi-word component names.

Using echo "${COMPONENTS[@]}" | tr ' ' '\n' splits on all spaces, which would incorrectly fragment component names containing spaces. While OpenTelemetry component names typically don't have spaces, using printf '%s\n' is more robust:

♻️ Suggested fix

-    mapfile -t UNIQUE_COMPONENTS < <(echo "${COMPONENTS[@]}" | tr ' ' '\n' | sort -u)
+    mapfile -t UNIQUE_COMPONENTS < <(printf '%s\n' "${COMPONENTS[@]}" | sort -u)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/scripts/generate-pr-from-changelog.sh at line 136, The
current generation of UNIQUE_COMPONENTS by piping echo "${COMPONENTS[@]}" into
tr splits on spaces and will break multi-word entries; update the pipeline that
populates UNIQUE_COMPONENTS (the mapfile -t UNIQUE_COMPONENTS < <(...) usage) to
emit one COMPONENTS item per line using printf '%s\n' with the COMPONENTS array,
then pipe that into sort -u so deduplication preserves multi-word component
names.

receiver/awss3receiver/s3sqsreader.go (1)

209-220: Clarify the comment for NoSuchKey handling.

The logic is correct: when NoSuchKey occurs, allRecordsSucceeded remains true so the SQS message gets deleted (since there's nothing to retry). However, the comment on line 217 ("Swallow no such key errors as nothing more can be done") could be clearer about why this leads to message deletion.

📝 Suggested comment clarification

 					var noSuchKey *types.NoSuchKey
 					if !errors.As(err, &noSuchKey) {
-						// Swallow no such key errors as nothing more can be done
+						// Only mark as failed for non-NoSuchKey errors.
+						// NoSuchKey errors are swallowed (message will be deleted) since retrying won't help.
 						allRecordsSucceeded = false
 					}

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@receiver/awss3receiver/s3sqsreader.go` around lines 209 - 220, Update the
comment that currently reads "Swallow no such key errors as nothing more can be
done" to explicitly state that when errors.As(err, &noSuchKey) is true we should
not mark the record as failed (leave allRecordsSucceeded true) because the
missing S3 object is non-retryable and we intentionally want the SQS message
deleted; reference the noSuchKey error check and the allRecordsSucceeded flag in
the comment so future readers understand this is deliberate behavior to avoid
retries.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.chloggen/profiles-in-receiver-creator.yaml:
- Line 27: The release-note omission is caused by the change_logs key being set
to an empty list; update the profile to either remove the change_logs field
entirely or set change_logs: [user] so this enhancement is included in
user-facing release notes—look for the change_logs entry in the profile YAML and
replace the empty array value with [user] (or delete the key) to restore default
release-note behavior.

In @.chloggen/transformprocessor-set_semconv_span_name-v1.40.0.yaml:
- Around line 10-13: The changelog claim (support for 1.38.0–1.40.0) is
inconsistent with the implementation in func_set_semconv_span_name.go (const
supportedSemconvVersion = "1.37.0") and the tests that mark 1.38.0 as
unsupported; either update the changelog note to state that
set_semconv_span_name currently supports only 1.37.0, or if the intent was to
add 1.38.0–1.40.0 support, change the constant supportedSemconvVersion in
func_set_semconv_span_name.go and adjust the related validation/tests (the test
file referencing 1.38.0) and any parsing/branching logic in
set_semconv_span_name to accept and correctly handle 1.38.0, 1.39.0, and 1.40.0
so implementation and changelog match.

In @.github/workflows/build-and-test-windows.yml:
- Line 39: The workflow runs invoking the script string
"./.github/workflows/scripts/check-disk-space.sh" (and the other two similar run
steps at lines referenced in the review) will fail on Windows because the
default shell is PowerShell; update each run step that uses a ".sh" script to
explicitly set "shell: bash" so the script executes under Bash on Windows
runners—locate the run steps with run:
./.github/workflows/scripts/check-disk-space.sh and the other two run: ".sh"
entries and add a sibling shell: bash property to each step.

In @.github/workflows/scripts/approve-workflows.sh:
- Line 14: The current check using ${COMMENT:0:17} allows prefixes like
"/workflow-approvefoo"; update the condition in approve-workflows.sh to assert a
command boundary by matching COMMENT against a regex that requires
"/workflow-approve" followed by whitespace or end-of-string (e.g., use [[
$COMMENT =~ ^/workflow-approve($|[[:space:]]) ]] or an equivalent test),
replacing the existing substring comparison so only the exact command
(optionally followed by args) is accepted.

In `@exporter/datadogexporter/README.md`:
- Line 77: Update the README sentence to use consistent version notation and
clearer wording: change the range "0.83.0 - v0.107.0" to a consistent format
like "v0.83.0–v0.107.0" and reword the sentence to state that the Datadog
Exporter populates the `service` field from the OTel resource attribute
`service.name`, noting that `service.name` is not included in Datadog’s default
service attributes. Mention the symbols `service` and `service.name` exactly as
shown.

In `@exporter/honeycombmarkerexporter/README.md`:
- Line 15: The README currently links to the Honeycomb "getmarker" API doc while
claiming it creates markers; update the link in the sentence that mentions
creating markers to point to Honeycomb's create-marker API documentation
(replace the /markers/getmarker URL with the corresponding create-marker/create
endpoint URL) so the link matches the described create operation in README.md.

In `@exporter/prometheusexporter/prometheus_test.go`:
- Around line 728-797: The test TestPrometheusExporter_BackgroundCleanup
currently spawns its own ticker goroutine and never exercises the exporter's
Start() and Shutdown() lifecycle, so update the test to start the exporter
background cleaner via the exporter's Start() (or equivalent method on the
collector/PrometheusExporter that uses pe.stopCh) and then call Shutdown() to
stop it; remove the manual ticker goroutine and instead rely on the exporter's
built-in periodic cleanup that invokes lastValueAccumulator.cleanupExpired and
collector.cleanupMetricFamilies (references:
TestPrometheusExporter_BackgroundCleanup, Start, Shutdown,
lastValueAccumulator.cleanupExpired, collector.cleanupMetricFamilies, pe.stopCh,
metricFamilies, registeredMetrics) so the test validates both starting and
stopping the background cleaner and still asserts eviction of
stale_metric/stale_acc_key and retention of fresh entries.

In `@pkg/xk8stest/k8s_data_helpers.go`:
- Around line 37-46: Write unit tests for HostEndpoint() that exercise the new
nested structure network.Network.IPAM.Config and the typed gateway handling via
ipam.Gateway.String() and ipam.Gateway.Is4(); add one test case where
IPAM.Config contains an IPv4 gateway (ipam.Gateway.Is4() == true) and assert
HostEndpoint() returns that IPv4 string, and another test where the only gateway
is IPv6 (Is4() == false) and assert HostEndpoint() returns the IPv6 string
wrapped in brackets ("[...]" as produced by the code path that sets
ipv6Fallback); construct test fixtures using the same nested types (Network ->
IPAM -> Config with gateway as a netip.Addr or equivalent) to mirror runtime
objects and include assertions for both selection and bracket-wrapping behavior.

In `@processor/intervalprocessor/processor.go`:
- Line 30: The code uses sync.WaitGroup (p.wg) but calls p.wg.Go(...), which
doesn't exist; replace each p.wg.Go(func(){...}) usage with p.wg.Add(1) followed
by launching a goroutine: go func(){ defer p.wg.Done(); /* original goroutine
body */ }(); ensure you call p.wg.Add(1) before starting the goroutine and defer
p.wg.Done() inside it to correctly track lifecycle; alternatively, if you need
Go()-style error handling, switch to golang.org/x/sync/errgroup and replace p.wg
with an errgroup.Group and its Go method.

In `@receiver/awss3receiver/README.md`:
- Around line 65-70: The sample SQS URL under the `sqs` block contains a
duplicated scheme (`https:https://...`) which yields an invalid `queue_url`;
update the `queue_url` value in the README's `sqs` example to a valid SQS URL
(e.g. start with a single `https://` and include the correct AWS account/queue
path) so the `queue_url` key contains a properly formatted endpoint.
- Around line 52-54: The README documents tag_object_after_ingestion under the
top-level notifications table but the implementation and tests place it on the
s3downloader config; update the README entries (both the main table and the
lifecycle section) to document tag_object_after_ingestion as an option under
s3downloader instead of notifications so users are pointed to the correct config
path; ensure the README mentions the same default (false) and "Optional" status
and keep the symbol name tag_object_after_ingestion consistent with the
s3downloader config block.

In `@receiver/awss3receiver/receiver.go`:
- Around line 144-160: In the .zst branch where you decode into data, also strip
the ".zst" suffix from the key so downstream format checks see the uncompressed
extension; after successfully reading decompressedReader into data (in the block
handling strings.HasSuffix(key, ".zst")), set key = strings.TrimSuffix(key,
".zst") (preserving existing error handling and deferred Close on
decompressedReader) so keys like "foo.json.zst" become "foo.json" before further
dispatching.

In `@receiver/awss3receiver/s3sqsreader_test.go`:
- Around line 819-821: Update the failing assertion message in the test to
correctly describe the expectation: locate the assert.False call that checks the
boolean variable callbackCalled (in s3sqsreader_test.go) and change the message
from "Callback should have been called" to a message that indicates the callback
should NOT have been called (e.g., "Callback should not have been called" or
"Callback should not have been called when there is no object to process").
- Around line 800-802: The inline comment next to the struct field assignment
for tagObjectAfterIngestion is incorrect: it says "Enable deletion" but the flag
controls tagging after ingestion. Update the comment for the
tagObjectAfterIngestion assignment (and the duplicate occurrence later) to
reflect that it enables tagging (e.g., "Enable tagging after ingestion" or
similar), ensuring consistency in both places where tagObjectAfterIngestion is
set.

In `@receiver/lokireceiver/README.md`:
- Around line 4-5: The README text uses lowercase "api"; update the user-facing
string "Loki push api" to use standard acronym capitalization "Loki push API"
(in the README line containing the Loki push api link/reference) so the phrase
and any occurrences follow consistent, correct capitalization.

In `@receiver/prometheusreceiver/metrics_receiver_helper_test.go`:
- Around line 863-873: The test currently truncates iteration with
targets[:len(mp.endpoints)], which silently skips targets when mp.endpoints has
collapsed; change the loops to iterate all targets (for _, target := range
targets) and explicitly assert the invariant that a scrape entry exists for each
target (check pResults has key getTargetName(target)) and fail the test fast
(use t.Fatalf/require) if a target is missing instead of ignoring it; keep the
existing scrape-count check using getTargetExpectedScrapes(target) so missing
endpoints cause immediate failure rather than silent test coverage loss (apply
same change to both loop sites referencing targets[:len(mp.endpoints)]).
- Around line 860-873: The test is incorrectly using len(scrapes) (a
[]pmetric.ResourceMetrics) which can count multiple ResourceMetrics per single
scrape; update the guard inside the require.Eventually to count only
scrape-bearing resource metrics by calling the helper that filters valid scrapes
(use getValidScrapes or equivalent) on pResults[getTargetName(target)] and
compare its length to getTargetExpectedScrapes(target) instead of len(scrapes);
adjust references to splitMetricsByTarget and getTargetExpectedScrapes to locate
the change so the loop waits for the actual per-target scrapes rather than raw
ResourceMetrics.

In `@receiver/receivercreator/discovery.go`:
- Line 133: The hint-generated template default for profiles was added
(recTemplate.signals with profiles: false) but tests weren't updated; modify the
unit tests that validate hint/template signal defaults (the tests that call
createScraper and createLogsReceiver and any tests asserting receiverSignals) to
assert that the generated receiverSignals struct includes profiles == false
alongside existing metrics/logs/traces assertions, and add equivalent assertions
for the other hint-creation path that sets recTemplate.signals so both code
paths are covered.

---

Outside diff comments:
In @.github/workflows/scripts/generate-codeowners-activity.js:
- Around line 53-82: The comment above genLookbackDates contradicts
filterOnDateRange: genLookbackDates and filterOnDateRange currently use
createdAt >= periodStart && createdAt <= periodEnd (inclusive end), so update
the block comment (the descriptive lines mentioning "exclusive" and "created_at
< periodEnd only") to state that periodEnd is inclusive and that
filterOnDateRange uses createdAt >= periodStart && createdAt <= periodEnd (so
the last full day included is 6 days ago), or alternatively adjust wording to
explicitly describe the inclusive semantics; reference genLookbackDates and
filterOnDateRange when making the comment change.

In `@processor/resourcedetectionprocessor/internal/resourcedetection_test.go`:
- Around line 127-151: Add a new test that covers the mixed success/failure
case: create two mock detectors (e.g., md1 and md2) where md1.On("Detect")
returns a non-empty pcommon.Resource with a distinguishable attribute (so you
can assert it was merged) and no error, and md2.On("Detect") returns an empty
resource and an error (e.g., "errX"); instantiate the provider with
NewResourceProvider(zap.NewNop(), time.Second, md1, md2), call p.Refresh(ctx,
&http.Client{Timeout: 10 * time.Second}), assert that Refresh returns an error
containing the failing detector error string, and assert that the provider’s
merged resource (the resource produced by the successful detector, e.g., via
p.Resource() or by inspecting the internal state updated by Refresh) contains
the attribute from md1 to verify the successful resource was preserved/merged
despite the overall error.

---

Nitpick comments:
In @.github/workflows/scripts/generate-pr-from-changelog.sh:
- Line 136: The current generation of UNIQUE_COMPONENTS by piping echo
"${COMPONENTS[@]}" into tr splits on spaces and will break multi-word entries;
update the pipeline that populates UNIQUE_COMPONENTS (the mapfile -t
UNIQUE_COMPONENTS < <(...) usage) to emit one COMPONENTS item per line using
printf '%s\n' with the COMPONENTS array, then pipe that into sort -u so
deduplication preserves multi-word component names.

In `@receiver/awss3receiver/s3sqsreader.go`:
- Around line 209-220: Update the comment that currently reads "Swallow no such
key errors as nothing more can be done" to explicitly state that when
errors.As(err, &noSuchKey) is true we should not mark the record as failed
(leave allRecordsSucceeded true) because the missing S3 object is non-retryable
and we intentionally want the SQS message deleted; reference the noSuchKey error
check and the allRecordsSucceeded flag in the comment so future readers
understand this is deliberate behavior to avoid retries.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 6f7a3e8b-053d-4d03-99fd-959a46210501

📥 Commits

Reviewing files that changed from the base of the PR and between c7fe9ae and b12194a.

⛔ Files ignored due to path filters (11)

• extension/encoding/awslogsencodingextension/internal/unmarshaler/s3-access-log/testdata/too_many_values.log is excluded by !**/*.log
• extension/encoding/awslogsencodingextension/internal/unmarshaler/s3-access-log/testdata/valid_s3_access_log.log is excluded by !**/*.log
• extension/observer/k8sobserver/go.sum is excluded by !**/*.sum
• internal/datadog/e2e/go.sum is excluded by !**/*.sum
• pkg/xk8stest/go.sum is excluded by !**/*.sum
• processor/k8sattributesprocessor/go.sum is excluded by !**/*.sum
• processor/resourcedetectionprocessor/go.sum is excluded by !**/*.sum
• receiver/awss3receiver/go.sum is excluded by !**/*.sum
• receiver/k8sclusterreceiver/go.sum is excluded by !**/*.sum
• receiver/k8sobjectsreceiver/go.sum is excluded by !**/*.sum
• receiver/kubeletstatsreceiver/go.sum is excluded by !**/*.sum

📒 Files selected for processing (103)

• .checkapi.yaml
• .chloggen/47159.yaml
• .chloggen/47173-bug-defaultConfigPrometheusExporter.yaml
• .chloggen/awss3-zstd.yaml
• .chloggen/config.yaml
• .chloggen/feat_delete-ff-resourcedetection-propagateerrors.yaml
• .chloggen/fix-prometheus-exporter-metric-family-leak.yaml
• .chloggen/fix-s3-access-log-source-region-field.yaml
• .chloggen/fix-severity-parser.yaml
• .chloggen/fix_s3HandleMessages.yaml
• .chloggen/intervalprocessor-flush-on-shutdown.yaml
• .chloggen/ottl-setter-type-validation.yaml
• .chloggen/profiles-in-receiver-creator.yaml
• .chloggen/s3-receiver-delete-obj.yaml
• .chloggen/transformprocessor-set_semconv_span_name-v1.40.0.yaml
• .chloggen/wevtlog-receiver-raw-xml-unmarshal-optimization.yaml
• .github/ISSUE_TEMPLATE/beta_stability.yaml
• .github/ISSUE_TEMPLATE/bug_report.yaml
• .github/ISSUE_TEMPLATE/feature_request.yaml
• .github/ISSUE_TEMPLATE/other.yaml
• .github/ISSUE_TEMPLATE/unmaintained.yaml
• .github/actions/setup-go-tools/action.yml
• .github/lychee.toml
• .github/workflows/build-and-test-windows.yml
• .github/workflows/rerun-workflows.yml
• .github/workflows/scripts/approve-workflows.sh
• .github/workflows/scripts/check-disk-space.sh
• .github/workflows/scripts/generate-codeowners-activity.js
• .github/workflows/scripts/generate-pr-from-changelog.sh
• .github/workflows/scripts/rerun-failed-workflows.sh
• exporter/alertmanagerexporter/README.md
• exporter/datadogexporter/README.md
• exporter/honeycombmarkerexporter/README.md
• exporter/prometheusexporter/README.md
• exporter/prometheusexporter/accumulator.go
• exporter/prometheusexporter/collector.go
• exporter/prometheusexporter/collector_test.go
• exporter/prometheusexporter/config_test.go
• exporter/prometheusexporter/factory.go
• exporter/prometheusexporter/factory_test.go
• exporter/prometheusexporter/prometheus.go
• exporter/prometheusexporter/prometheus_test.go
• extension/encoding/awslogsencodingextension/internal/unmarshaler/s3-access-log/fields.go
• extension/encoding/awslogsencodingextension/internal/unmarshaler/s3-access-log/testdata/too_many_values_expected.yaml
• extension/encoding/awslogsencodingextension/internal/unmarshaler/s3-access-log/testdata/valid_s3_access_log_expected.yaml
• extension/encoding/awslogsencodingextension/internal/unmarshaler/s3-access-log/unmarshaler.go
• extension/encoding/awslogsencodingextension/internal/unmarshaler/s3-access-log/unmarshaler_test.go
• extension/observer/k8sobserver/go.mod
• internal/datadog/e2e/go.mod
• internal/healthcheck/internal/http/server_test.go
• pkg/stanza/fileconsumer/internal/trie/package_test.go
• pkg/stanza/fileconsumer/internal/trie/trie.go
• pkg/stanza/fileconsumer/internal/trie/trie_test.go
• pkg/xk8stest/go.mod
• pkg/xk8stest/k8s_data_helpers.go
• processor/intervalprocessor/processor.go
• processor/intervalprocessor/processor_test.go
• processor/k8sattributesprocessor/go.mod
• processor/resourcedetectionprocessor/README.md
• processor/resourcedetectionprocessor/documentation.md
• processor/resourcedetectionprocessor/go.mod
• processor/resourcedetectionprocessor/internal/metadata/generated_feature_gates.go
• processor/resourcedetectionprocessor/internal/resourcedetection.go
• processor/resourcedetectionprocessor/internal/resourcedetection_test.go
• processor/resourcedetectionprocessor/metadata.yaml
• receiver/awss3receiver/README.md
• receiver/awss3receiver/config.go
• receiver/awss3receiver/config.schema.yaml
• receiver/awss3receiver/config_test.go
• receiver/awss3receiver/go.mod
• receiver/awss3receiver/receiver.go
• receiver/awss3receiver/receiver_test.go
• receiver/awss3receiver/s3intf.go
• receiver/awss3receiver/s3reader.go
• receiver/awss3receiver/s3reader_test.go
• receiver/awss3receiver/s3sqsreader.go
• receiver/awss3receiver/s3sqsreader_test.go
• receiver/awss3receiver/testdata/config.yaml
• receiver/k8sclusterreceiver/go.mod
• receiver/k8sobjectsreceiver/go.mod
• receiver/kubeletstatsreceiver/go.mod
• receiver/lokireceiver/README.md
• receiver/lokireceiver/metadata.yaml
• receiver/postgresqlreceiver/README.md
• receiver/prometheusreceiver/metrics_receiver_helper_test.go
• receiver/receivercreator/README.md
• receiver/receivercreator/config.go
• receiver/receivercreator/config_test.go
• receiver/receivercreator/consumer.go
• receiver/receivercreator/consumer_test.go
• receiver/receivercreator/discovery.go
• receiver/receivercreator/factory.go
• receiver/receivercreator/factory_test.go
• receiver/receivercreator/generated_component_test.go
• receiver/receivercreator/go.mod
• receiver/receivercreator/internal/metadata/generated_status.go
• receiver/receivercreator/metadata.yaml
• receiver/receivercreator/observerhandler.go
• receiver/receivercreator/observerhandler_test.go
• receiver/receivercreator/receiver.go
• receiver/receivercreator/runner.go
• receiver/systemdreceiver/documentation.md
• receiver/systemdreceiver/metadata.yaml

💤 Files with no reviewable changes (14)

• .github/ISSUE_TEMPLATE/beta_stability.yaml
• .chloggen/config.yaml
• .github/ISSUE_TEMPLATE/unmaintained.yaml
• .github/ISSUE_TEMPLATE/bug_report.yaml
• processor/resourcedetectionprocessor/metadata.yaml
• .github/ISSUE_TEMPLATE/feature_request.yaml
• processor/resourcedetectionprocessor/documentation.md
• processor/resourcedetectionprocessor/README.md
• .github/ISSUE_TEMPLATE/other.yaml
• processor/resourcedetectionprocessor/internal/metadata/generated_feature_gates.go
• pkg/stanza/fileconsumer/internal/trie/package_test.go
• pkg/stanza/fileconsumer/internal/trie/trie_test.go
• .github/actions/setup-go-tools/action.yml
• pkg/stanza/fileconsumer/internal/trie/trie.go

[sawmills-architect-review]

[ARCH-REVIEW] Re-review complete on follow-up commits.
No merge-safety blockers in the workflow/script fixes.
One docs correctness nit left inline.

[sawmills-architect-review]

[ARCH-REVIEW] Re-review: COMMENT — prior nit resolved, 6 unresolved threads block approval.

Prior findings:
✅ exporter/honeycombmarkerexporter/README.md — getmarker link corrected to createmarker. Fixed.

New commit is clean. Workflow shell guards, approve-workflows.sh regex hardening (^/workflow-approve([[:space:]]|$) replaces brittle 17-char prefix check), generate-codeowners-activity.js pagination fix (octokit.paginate now properly wired), xk8stest hostEndpointFromIPAMConfigs extraction with tests, zstd key trim, prometheus test improvements — all correct.

No new 🔴 or 🟡 findings.

Unresolved threads: 6 (5 coderabbitai, 1 ours — ours is code-fixed, thread not closed). Resolve all threads to proceed to approval.

[sawmills-architect-review]

[ARCH-REVIEW] Re-review: ✅ All issues addressed. Clean to merge.

Prior review: 1 🟢 nit (honeycombmarkerexporter README link)
✅ Fixed — getmarker → createmarker endpoint corrected.

New commits scanned: workflow script fixes, k8stest helper refactor, awss3receiver .zst key suffix trim. All look correct. Zero unresolved threads.

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

[cursor]

COMPONENTS and NOTES arrays lose index alignment

Medium Severity

The COMPONENTS array is only appended when both NOTE and COMPONENT are non-empty, but NOTES, CHANGE_TYPES, and SUBTEXTS are appended whenever NOTE is non-empty. This breaks the parallel index alignment that the body generation loop at line 172 relies on (${COMPONENTS[$i]:-unknown}). If any changelog entry has a note but an empty component, all subsequent components will be paired with the wrong notes.

Additional Locations (1)

• .github/workflows/scripts/generate-pr-from-changelog.sh#L171-L172

 

[sawmills-architect-review]

[ARCH-REVIEW] ✅ All 43 review threads resolved and concerns addressed. The docs nit (Honeycomb Markers API link) was corrected to point to the create-marker endpoint. Approved.

[cubic-dev-ai]

2 issues found across 19 files (changes from recent commits).

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name=".github/workflows/scripts/generate-pr-from-changelog.sh">

<violation number="1" location=".github/workflows/scripts/generate-pr-from-changelog.sh:108">
P2: The new `NOTE && COMPONENT` guard breaks array index alignment and can mismatch components with notes in multi-entry PR descriptions.</violation>
</file>

<file name="receiver/awss3receiver/README.md">

<violation number="1" location="receiver/awss3receiver/README.md:160">
P2: The README documents a dotted config key (`s3downloader.tag_object_after_ingestion`) instead of the nested YAML field (`s3downloader: tag_object_after_ingestion`), which can misconfigure the receiver.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review, or fix all with cubic.}

[cubic-dev-ai]

P2: The new NOTE && COMPONENT guard breaks array index alignment and can mismatch components with notes in multi-entry PR descriptions.

Prompt for AI agents

Check if this issue is valid — if so, understand the root cause and fix it. At .github/workflows/scripts/generate-pr-from-changelog.sh, line 108:

<comment>The new `NOTE && COMPONENT` guard breaks array index alignment and can mismatch components with notes in multi-entry PR descriptions.</comment>

<file context>
@@ -105,8 +105,10 @@ main() {
         fi
 
-        if [[ -n "${NOTE}" ]]; then
+        if [[ -n "${NOTE}" && -n "${COMPONENT}" ]]; then
             COMPONENTS+=("${COMPONENT}")
+        fi
</file context>

Suggested change

	if [[ -n "${NOTE}" && -n "${COMPONENT}" ]]; then
	if [[ -n "${NOTE}" ]]; then

[cubic-dev-ai]

P2: The README documents a dotted config key (s3downloader.tag_object_after_ingestion) instead of the nested YAML field (s3downloader: tag_object_after_ingestion), which can misconfigure the receiver.

Prompt for AI agents

Check if this issue is valid — if so, understand the root cause and fix it. At receiver/awss3receiver/README.md, line 160:

<comment>The README documents a dotted config key (`s3downloader.tag_object_after_ingestion`) instead of the nested YAML field (`s3downloader: tag_object_after_ingestion`), which can misconfigure the receiver.</comment>

<file context>
@@ -156,5 +156,5 @@ the time of the data being ingested when the failure occurred.
-This tag can then be used with a lifecycle policy to expire ingested objects or transition them to cheaper storage classes.
\ No newline at end of file
+If `s3downloader.tag_object_after_ingestion` is enabled the receiver will make a best-effort attempt to tag objects with `otel-collector:status = ingested` after they are processed by the pipeline. This requires an additional `s3:PutObjectTagging` permission.
+This tag can then be used with a lifecycle policy to expire ingested objects or transition them to cheaper storage classes.
</file context>

[coderabbitai]

Actionable comments posted: 4

♻️ Duplicate comments (2)

receiver/prometheusreceiver/metrics_receiver_helper_test.go (2)

318-332: ⚠️ Potential issue | 🟠 Major

Only count scrape-bearing ResourceMetrics here.

The len(rms) fallback partially undoes the earlier len(scrapes) fix: if a target only has extra ResourceMetrics without "up" yet, this helper can still make the Eventually gate pass before the scrape-bearing entry arrives.

Proposed fix

 func countObservedScrapes(rms []pmetric.ResourceMetrics) int {
 	observed := 0
 	for i := range rms {
 		for _, metric := range getMetrics(rms[i]) {
 			if metric.Name() == "up" {
 				observed++
 				break
 			}
 		}
 	}
-	if observed > 0 {
-		return observed
-	}
-	return len(rms)
+	return observed
 }

As per coding guidelines, "All code changes should have tests that actually validate the changes".

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@receiver/prometheusreceiver/metrics_receiver_helper_test.go` around lines 318
- 332, countObservedScrapes currently falls back to returning len(rms) which can
falsely satisfy the Eventually in tests when non-scrape ResourceMetrics exist;
update the function (countObservedScrapes) to only count ResourceMetrics that
contain a metric named "up" by iterating getMetrics(rm) and incrementing
observed, then return observed directly (do not return len(rms) as a fallback)
so only actual scrape-bearing ResourceMetrics are counted.

---

874-897: ⚠️ Potential issue | 🟡 Minor

Assert uniqueness of getTargetName(target) before validating pResults.

require.Lenf(t, mp.endpoints, len(targets), ...) only catches duplicate metric paths. The map you actually validate is keyed by service.name, so two fixtures that share the same relabeledJob still collapse into one pResults bucket and both loops below will validate the same scrapes slice. Because helpers like verifyNumValidScrapeResults only require “at least want”, one target can satisfy another without failing.

Proposed fix

 require.Lenf(t, mp.endpoints, len(targets), "mock targets must map to distinct endpoints")
+seenTargetNames := make(map[string]struct{}, len(targets))
+for _, target := range targets {
+	name := getTargetName(target)
+	_, exists := seenTargetNames[name]
+	require.Falsef(t, exists, "mock targets must map to distinct result keys, duplicate %q", name)
+	seenTargetNames[name] = struct{}{}
+}
 
 // Wait for per-target scrape counts, capturing the snapshot used for validation.
 var pResults map[string][]pmetric.ResourceMetrics

As per coding guidelines, "All code changes should have tests that actually validate the changes".

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@receiver/prometheusreceiver/metrics_receiver_helper_test.go` around lines 874
- 897, Before validating pResults, assert that all targets produce unique keys
by checking getTargetName(target) across the targets slice and failing the test
if any duplicates exist; specifically, compute the set of names from
getTargetName for each target and require its length equals len(targets) (so the
test fails early if two fixtures collapse into the same pResults bucket), then
proceed to use pResults, splitMetricsByTarget, and the existing per-target
validation logic unchanged.

🧹 Nitpick comments (1)

pkg/xk8stest/k8s_data_helpers_test.go (1)

14-30: Add a no-gateway case to validate the ok == false branch.

Since hostEndpointFromIPAMConfigs returns (string, bool), please add a case like empty []networktypes.IPAMConfig{} (or no usable gateway) and assert ok == false. That will lock down the full contract and prevent silent regressions.

As per coding guidelines, "All code changes should have tests that actually validate the changes".

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/xk8stest/k8s_data_helpers_test.go` around lines 14 - 30, Add a subtest in
TestHostEndpointFromIPAMConfigs that covers the no-gateway branch: call
hostEndpointFromIPAMConfigs with an empty slice (e.g.
[]networktypes.IPAMConfig{}) and assert that ok is false (and endpoint is
empty/ignored). Locate the test function TestHostEndpointFromIPAMConfigs in
k8s_data_helpers_test.go and add a t.Run case (e.g. "no gateway returns ok
false") that verifies the function returns ok == false to lock down the
contract.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/scripts/generate-codeowners-activity.js:
- Around line 191-195: The code currently treats anyone who submitted a review
as an explicitly requested reviewer by calling requested.add(r.user.login)
inside the reviews loop; remove that line so the reviews loop only adds to
respondents (keep respondents.add(r.user.login)) and ensure the requested set
remains populated only from explicit request data (e.g., from the PR's
requested_reviewers or the earlier logic that collects explicit requests used by
requestedOwnersForLabel). Update the loop in generate-codeowners-activity.js
that iterates over reviews (the block referencing requested and respondents) to
stop mutating requested and rely solely on the existing explicit-request
population logic.
- Around line 182-185: The Promise.all call that fetches prData, reviews, and
comments makes those three requests fail as a unit; replace that with
independent error handling (e.g., use Promise.allSettled or separate try/catch
calls) so a flaky listReviews or listComments does not silently drop the whole
PR before computePrStats runs. Specifically, change the current
Promise.all([...]) that calls octokit.pulls.get, octokit.pulls.listReviews (via
octokit.paginate), and octokit.issues.listComments (via octokit.paginate) to
inspect each result: if octokit.pulls.get rejects, fail the workflow (throw/log
and exit); if listReviews or listComments reject, either log the error and set
reviews/comments to an empty array or rethrow based on desired behavior, then
pass the available prData + whichever reviews/comments you have into
computePrStats so partial failures are handled explicitly rather than dropping
the PR silently.

In `@receiver/awss3receiver/README.md`:
- Around line 139-142: Change the protocol name and wording in the README
sentence that currently references "OLTP logs" and "ProtoBuf formatted" —
replace "OLTP" with "OTLP" and make the grammar clearer by using
"ProtoBuf-formatted" (or "ProtoBuf formatted") so the sentence reads that the
notifications use an OTLP ProtoBuf-formatted logs message with a single Log
Record (the record's body set to status and timestamp used for ingest time);
update the sentence in receiver/awss3receiver/README.md where "OLTP" appears.

In `@receiver/awss3receiver/s3sqsreader_test.go`:
- Around line 612-614: The PutObjectTagging mock expectations only check
Bucket/Key; update the matcher in s3sqsreader_test.go (and the other occurrences
around lines 1008-1013, 1043-1045, 1095-1100) to also assert the Tagging.TagSet
contains the tag Key "otel-collector:status" with Value "ingested" (and any
other expected tags) by using mock.MatchedBy on the *s3.PutObjectTaggingInput
and inspecting input.Tagging.TagSet for the exact tag payload; ensure the
matcher returns true only when the TagSet includes the expected tag(s) so
regressions in receiver/awss3receiver/s3intf.go are caught.

---

Duplicate comments:
In `@receiver/prometheusreceiver/metrics_receiver_helper_test.go`:
- Around line 318-332: countObservedScrapes currently falls back to returning
len(rms) which can falsely satisfy the Eventually in tests when non-scrape
ResourceMetrics exist; update the function (countObservedScrapes) to only count
ResourceMetrics that contain a metric named "up" by iterating getMetrics(rm) and
incrementing observed, then return observed directly (do not return len(rms) as
a fallback) so only actual scrape-bearing ResourceMetrics are counted.
- Around line 874-897: Before validating pResults, assert that all targets
produce unique keys by checking getTargetName(target) across the targets slice
and failing the test if any duplicates exist; specifically, compute the set of
names from getTargetName for each target and require its length equals
len(targets) (so the test fails early if two fixtures collapse into the same
pResults bucket), then proceed to use pResults, splitMetricsByTarget, and the
existing per-target validation logic unchanged.

---

Nitpick comments:
In `@pkg/xk8stest/k8s_data_helpers_test.go`:
- Around line 14-30: Add a subtest in TestHostEndpointFromIPAMConfigs that
covers the no-gateway branch: call hostEndpointFromIPAMConfigs with an empty
slice (e.g. []networktypes.IPAMConfig{}) and assert that ok is false (and
endpoint is empty/ignored). Locate the test function
TestHostEndpointFromIPAMConfigs in k8s_data_helpers_test.go and add a t.Run case
(e.g. "no gateway returns ok false") that verifies the function returns ok ==
false to lock down the contract.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 91a460df-7455-4064-86fd-a0dbe92413cd

📥 Commits

Reviewing files that changed from the base of the PR and between b12194a and ccb65b6.

📒 Files selected for processing (18)

• .chloggen/profiles-in-receiver-creator.yaml
• .chloggen/transformprocessor-set_semconv_span_name-v1.40.0.yaml
• .github/workflows/build-and-test-windows.yml
• .github/workflows/scripts/approve-workflows.sh
• .github/workflows/scripts/generate-codeowners-activity.js
• .github/workflows/scripts/generate-pr-from-changelog.sh
• exporter/datadogexporter/README.md
• exporter/honeycombmarkerexporter/README.md
• exporter/prometheusexporter/prometheus_test.go
• pkg/xk8stest/k8s_data_helpers.go
• pkg/xk8stest/k8s_data_helpers_test.go
• receiver/awss3receiver/README.md
• receiver/awss3receiver/receiver.go
• receiver/awss3receiver/s3sqsreader_test.go
• receiver/lokireceiver/README.md
• receiver/lokireceiver/metadata.yaml
• receiver/prometheusreceiver/metrics_receiver_helper_test.go
• receiver/receivercreator/discovery_test.go

✅ Files skipped from review due to trivial changes (7)

• exporter/honeycombmarkerexporter/README.md
• .chloggen/profiles-in-receiver-creator.yaml
• .github/workflows/build-and-test-windows.yml
• exporter/datadogexporter/README.md
• receiver/lokireceiver/metadata.yaml
• receiver/lokireceiver/README.md
• .chloggen/transformprocessor-set_semconv_span_name-v1.40.0.yaml

🚧 Files skipped from review as they are similar to previous changes (5)

• .github/workflows/scripts/approve-workflows.sh
• receiver/awss3receiver/receiver.go
• exporter/prometheusexporter/prometheus_test.go
• pkg/xk8stest/k8s_data_helpers.go
• .github/workflows/scripts/generate-pr-from-changelog.sh

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Don't silently drop the whole PR on a partial metadata fetch failure.

These three requests now fail as a unit. If listReviews or listComments flakes, the error path returns empty sets and computePrStats() skips the PR entirely, which quietly undercounts both component and per-owner metrics. Either fail the workflow here or handle partial failures independently.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/scripts/generate-codeowners-activity.js around lines 182 -
185, The Promise.all call that fetches prData, reviews, and comments makes those
three requests fail as a unit; replace that with independent error handling
(e.g., use Promise.allSettled or separate try/catch calls) so a flaky
listReviews or listComments does not silently drop the whole PR before
computePrStats runs. Specifically, change the current Promise.all([...]) that
calls octokit.pulls.get, octokit.pulls.listReviews (via octokit.paginate), and
octokit.issues.listComments (via octokit.paginate) to inspect each result: if
octokit.pulls.get rejects, fail the workflow (throw/log and exit); if
listReviews or listComments reject, either log the error and set
reviews/comments to an empty array or rethrow based on desired behavior, then
pass the available prData + whichever reviews/comments you have into
computePrStats so partial failures are handled explicitly rather than dropping
the PR silently.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Don't equate “reviewed” with “was requested.”

Line 193 changes requested from “explicitly requested reviewer” to “anyone who submitted a review.” An unrequested drive-by review will now satisfy requestedOwnersForLabel and inflate both component coverage and per-owner response rates. Keep requested sourced from explicit request data only.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/scripts/generate-codeowners-activity.js around lines 191 -
195, The code currently treats anyone who submitted a review as an explicitly
requested reviewer by calling requested.add(r.user.login) inside the reviews
loop; remove that line so the reviews loop only adds to respondents (keep
respondents.add(r.user.login)) and ensure the requested set remains populated
only from explicit request data (e.g., from the PR's requested_reviewers or the
earlier logic that collects explicit requests used by requestedOwnersForLabel).
Update the loop in generate-codeowners-activity.js that iterates over reviews
(the block referencing requested and respondents) to stop mutating requested and
rely solely on the existing explicit-request population logic.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Fix the protocol name in the notifications format description.

OLTP should be OTLP here; otherwise the README names the wrong wire format. While you’re here, ProtoBuf-formatted reads better and fixes the grammar issue on the same sentence.

Suggested wording

-The format of the notifications is a ProtoBuf formatted OLTP logs message with a single Log Record. The `body` of the
+The format of the notifications is a ProtoBuf-formatted OTLP logs message with a single Log Record. The `body` of the

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	The receiver can send notifications of ingest progress to an OpAmp server using the custom message capability of
	"org.opentelemetry.collector.receiver.awss3" and message type "TimeBasedIngestStatus".
	The format of the notifications is a ProtoBuf formatted OLTP logs message with a single Log Record. The `body` of the
	record is set to `status` and the timestamp of the record is used to hold the ingest time. The record also has the
	The format of the notifications is a ProtoBuf formatted OLTP logs message with a single Log Record. The `body` of the
	record is set to `status` and the timestamp of the record is used to hold the ingest time. The record also has the
	The receiver can send notifications of ingest progress to an OpAmp server using the custom message capability of
	"org.opentelemetry.collector.receiver.awss3" and message type "TimeBasedIngestStatus".
	The format of the notifications is a ProtoBuf-formatted OTLP logs message with a single Log Record. The `body` of the
	record is set to `status` and the timestamp of the record is used to hold the ingest time. The record also has the

🧰 Tools

🪛 LanguageTool

[grammar] ~141-~141: Use a hyphen to join words.
Context: ...ormat of the notifications is a ProtoBuf formatted OLTP logs message with a singl...

(QB_NEW_EN_HYPHEN)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@receiver/awss3receiver/README.md` around lines 139 - 142, Change the protocol
name and wording in the README sentence that currently references "OLTP logs"
and "ProtoBuf formatted" — replace "OLTP" with "OTLP" and make the grammar
clearer by using "ProtoBuf-formatted" (or "ProtoBuf formatted") so the sentence
reads that the notifications use an OTLP ProtoBuf-formatted logs message with a
single Log Record (the record's body set to status and timestamp used for ingest
time); update the sentence in receiver/awss3receiver/README.md where "OLTP"
appears.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Assert the actual ingested tag payload.

These PutObjectTagging matchers only verify bucket/key. If receiver/awss3receiver/s3intf.go:87-103 regresses the TagSet contents or drops otel-collector:status=ingested, this suite still passes even though the new lifecycle behavior is broken.

Suggested tightening

-				mockS3.On("PutObjectTagging", mock.Anything, mock.MatchedBy(func(input *s3.PutObjectTaggingInput) bool {
-					return *input.Bucket == "test-bucket" && *input.Key == "test-key"
-				})).Run(func(args mock.Arguments) {
+				mockS3.On("PutObjectTagging", mock.Anything, mock.MatchedBy(func(input *s3.PutObjectTaggingInput) bool {
+					return input != nil &&
+						aws.ToString(input.Bucket) == "test-bucket" &&
+						aws.ToString(input.Key) == "test-key" &&
+						input.Tagging != nil &&
+						len(input.Tagging.TagSet) == 1 &&
+						aws.ToString(input.Tagging.TagSet[0].Key) == ingestedTag &&
+						aws.ToString(input.Tagging.TagSet[0].Value) == ingestedStatus
+				})).Run(func(args mock.Arguments) {
 					input := args.Get(1).(*s3.PutObjectTaggingInput)
-					taggedKeys[*input.Key] = true
+					taggedKeys[aws.ToString(input.Key)] = true
 				}).Return(&s3.PutObjectTaggingOutput{}, nil)

As per coding guidelines, "All code changes should have tests that actually validate the changes."

Also applies to: 1008-1013, 1043-1045, 1095-1100

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@receiver/awss3receiver/s3sqsreader_test.go` around lines 612 - 614, The
PutObjectTagging mock expectations only check Bucket/Key; update the matcher in
s3sqsreader_test.go (and the other occurrences around lines 1008-1013,
1043-1045, 1095-1100) to also assert the Tagging.TagSet contains the tag Key
"otel-collector:status" with Value "ingested" (and any other expected tags) by
using mock.MatchedBy on the *s3.PutObjectTaggingInput and inspecting
input.Tagging.TagSet for the exact tag payload; ensure the matcher returns true
only when the TagSet includes the expected tag(s) so regressions in
receiver/awss3receiver/s3intf.go are caught.