diff --git a/argocd/manifests/alloy-k8s/kustomization.yaml b/argocd/manifests/alloy-k8s/kustomization.yaml index f51bd3a..0326190 100644 --- a/argocd/manifests/alloy-k8s/kustomization.yaml +++ b/argocd/manifests/alloy-k8s/kustomization.yaml @@ -10,7 +10,7 @@ resources: images: - name: registry.ops.eblu.me/blumeops/alloy - newTag: v1.14.0-fd0bebb + newTag: v1.16.0-26a3ab5 configMapGenerator: - name: alloy-config diff --git a/argocd/manifests/alloy-ringtail/kustomization.yaml b/argocd/manifests/alloy-ringtail/kustomization.yaml index df472aa..cecae35 100644 --- a/argocd/manifests/alloy-ringtail/kustomization.yaml +++ b/argocd/manifests/alloy-ringtail/kustomization.yaml @@ -10,7 +10,7 @@ resources: images: - name: registry.ops.eblu.me/blumeops/alloy - newTag: v1.14.0-fd0bebb-nix + newTag: v1.16.0-26a3ab5-nix configMapGenerator: - name: alloy-config diff --git a/argocd/manifests/alloy-tracing-ringtail/kustomization.yaml b/argocd/manifests/alloy-tracing-ringtail/kustomization.yaml index 5c8e683..ac25f4a 100644 --- a/argocd/manifests/alloy-tracing-ringtail/kustomization.yaml +++ b/argocd/manifests/alloy-tracing-ringtail/kustomization.yaml @@ -9,7 +9,7 @@ resources: images: - name: registry.ops.eblu.me/blumeops/alloy - newTag: v1.14.0-fd0bebb-nix + newTag: v1.16.0-26a3ab5-nix configMapGenerator: - name: alloy-tracing-config diff --git a/containers/alloy/Dockerfile b/containers/alloy/Dockerfile deleted file mode 100644 index f2f30f6..0000000 --- a/containers/alloy/Dockerfile +++ /dev/null @@ -1,68 +0,0 @@ -# Grafana Alloy telemetry collector -# Three-stage build: Web UI (Node), server (Go), runtime (Alpine) - -ARG CONTAINER_APP_VERSION=1.14.0 -ARG ALLOY_VERSION=v${CONTAINER_APP_VERSION} -ARG ALLOY_COMMIT=626a738319812d58ebc25ca6d71651f4925b8b18 - -FROM node:22-alpine AS ui-build - -ARG ALLOY_COMMIT -RUN apk add --no-cache git - -RUN mkdir /app && cd /app \ - && git init \ - && git remote add origin https://forge.ops.eblu.me/mirrors/alloy.git \ - && git fetch --depth 1 origin ${ALLOY_COMMIT} \ - && git checkout FETCH_HEAD - -WORKDIR /app/internal/web/ui -RUN npm ci -RUN npx tsc -b && npx vite build - -FROM golang:1.25-alpine3.22 AS build - -ARG ALLOY_VERSION -ARG ALLOY_COMMIT -RUN apk add --no-cache build-base git - -RUN mkdir /app && cd /app \ - && git init \ - && git remote add origin https://forge.ops.eblu.me/mirrors/alloy.git \ - && git fetch --depth 1 origin ${ALLOY_COMMIT} \ - && git checkout FETCH_HEAD - -WORKDIR /app - -# Copy pre-built web UI assets -COPY --from=ui-build /app/internal/web/ui/dist /app/internal/web/ui/dist - -ENV CGO_ENABLED=1 - -# promtail_journal_enabled omitted: requires systemd headers (libsystemd-dev) -# and our k8s deployments read pod logs from the filesystem, not journald -RUN RELEASE_BUILD=1 VERSION=${ALLOY_VERSION} \ - GO_TAGS="netgo embedalloyui" \ - SKIP_UI_BUILD=1 \ - make alloy - -FROM alpine:3.22 - -ARG CONTAINER_APP_VERSION -LABEL org.opencontainers.image.title="Alloy" -LABEL org.opencontainers.image.description="Grafana Alloy is an OpenTelemetry Collector distribution" -LABEL org.opencontainers.image.version="${CONTAINER_APP_VERSION}" -LABEL org.opencontainers.image.source="https://forge.eblu.me/eblume/blumeops" -LABEL org.opencontainers.image.vendor="blumeops" - -RUN apk --no-cache add ca-certificates tzdata \ - && addgroup -g 473 alloy \ - && adduser -D -u 473 -G alloy alloy \ - && mkdir -p /var/lib/alloy/data \ - && chown -R alloy:alloy /var/lib/alloy - -COPY --from=build --chown=473:473 /app/build/alloy /bin/alloy - -ENTRYPOINT ["/bin/alloy"] -ENV ALLOY_DEPLOY_MODE=docker -CMD ["run", "/etc/alloy/config.alloy", "--storage.path=/var/lib/alloy/data"] diff --git a/containers/alloy/container.py b/containers/alloy/container.py new file mode 100644 index 0000000..41d3995 --- /dev/null +++ b/containers/alloy/container.py @@ -0,0 +1,95 @@ +"""Grafana Alloy — telemetry collector, native Dagger build. + +Three-stage build: Node (UI), Go (server via upstream Makefile with embedded +UI assets), Alpine (runtime). Source cloned from forge mirror. + +Notes: + - Builds via `make alloy` rather than plain `go build` so version stamping, + release flags, and the netgo+embedalloyui tags match upstream releases. + - promtail_journal_enabled is intentionally omitted: it requires + libsystemd-dev and our k8s deployments read pod logs from the filesystem, + not journald. + - Uses golang:alpine3.23 (currently Go 1.26.2 — matches alloy v1.16.0's + go.mod toolchain requirement and the go_build helper's image choice). +""" + +import dagger +from dagger import dag + +from blumeops.containers import ( + alpine_runtime, + clone_from_forge, + node_build, + oci_labels, +) + +VERSION = "v1.16.0" + + +async def build(src: dagger.Directory) -> dagger.Container: + source = clone_from_forge("alloy", VERSION) + + # Stage 1: Build the web UI (tsc + vite, not the package.json default). + ui = node_build( + source, + "internal/web/ui", + build_cmd=["sh", "-c", "npx tsc -b && npx vite build"], + ) + + # Stage 2: Build alloy via the upstream Makefile with embedded UI assets. + builder = ( + dag.container() + .from_("golang:alpine3.23") + .with_exec(["apk", "add", "--no-cache", "build-base", "git", "make"]) + .with_directory("/app", source) + .with_directory( + "/app/internal/web/ui/dist", + ui.directory("/app/internal/web/ui/dist"), + ) + .with_workdir("/app") + .with_env_variable("CGO_ENABLED", "1") + .with_env_variable("RELEASE_BUILD", "1") + .with_env_variable("VERSION", VERSION) + .with_env_variable("GO_TAGS", "netgo embedalloyui") + .with_env_variable("SKIP_UI_BUILD", "1") + .with_exec(["make", "alloy"]) + ) + + # Stage 3: Runtime as uid/gid 473 alloy. + runtime = alpine_runtime( + extra_apk=["ca-certificates", "tzdata"], + uid=473, + gid=473, + username="alloy", + ) + runtime = oci_labels( + runtime, + title="Alloy", + description="Grafana Alloy is an OpenTelemetry Collector distribution", + version=VERSION, + ) + return ( + runtime.with_file( + "/bin/alloy", + builder.file("/app/build/alloy"), + permissions=0o555, + ) + .with_exec( + [ + "sh", + "-c", + "mkdir -p /var/lib/alloy/data && chown -R alloy:alloy /var/lib/alloy", + ] + ) + .with_env_variable("ALLOY_DEPLOY_MODE", "docker") + .with_exposed_port(12345) + .with_user("alloy") + .with_entrypoint(["/bin/alloy"]) + .with_default_args( + args=[ + "run", + "/etc/alloy/config.alloy", + "--storage.path=/var/lib/alloy/data", + ] + ) + ) diff --git a/containers/alloy/default.nix b/containers/alloy/default.nix index e508a10..c884704 100644 --- a/containers/alloy/default.nix +++ b/containers/alloy/default.nix @@ -1,24 +1,24 @@ # Nix-built Grafana Alloy telemetry collector -# Builds v1.14.0 from forge mirror with embedded web UI +# Builds v1.16.0 from forge mirror with embedded web UI # Uses stdenv + make (not buildGoModule) due to multi-module workspace # with local replace directives (collector/ -> ../, ../syntax, ../extension) # Built with dockerTools.buildLayeredImage for efficient layer caching { pkgs ? import { } }: let - version = "1.14.0"; + version = "1.16.0"; src = pkgs.fetchgit { url = "https://forge.ops.eblu.me/mirrors/alloy.git"; rev = "v${version}"; - hash = "sha256-gxNz4XDE8XSl6LsP3k8DERqDdMLcmbWKfXZGGyRULkg="; + hash = "sha256-q5R2noxBZ3OPyZqmB+bx3iJKWFxC2WIprcgh9RwjLzk="; }; ui = pkgs.buildNpmPackage { inherit version; pname = "alloy-ui"; src = "${src}/internal/web/ui"; - npmDepsHash = "sha256-GT0yisPn+3FCtWL3he0i5zPMlaWNparQDefU69G4Yis="; + npmDepsHash = "sha256-vResNUT4auDsK9ngnJYfMUUOYr/ikPhrvakqCjGq2Q8="; buildPhase = '' runHook preBuild @@ -40,11 +40,12 @@ let pname = "alloy-go-modules"; inherit src version; - nativeBuildInputs = with pkgs; [ go git cacert ]; + nativeBuildInputs = with pkgs; [ go_1_26 git cacert ]; buildPhase = '' export GOPATH=$TMPDIR/go export GOFLAGS=-modcacherw + export GOTOOLCHAIN=local # Download modules for all three go.mod files go mod download cd syntax && go mod download && cd .. @@ -56,7 +57,7 @@ let ''; outputHashMode = "recursive"; - outputHash = "sha256-rD7zqomSVv4d8NaC7jXXgihuQvK8guaAN0KrsBRWMVQ="; + outputHash = "sha256-9/v85HyDInJB+9qHauKVuDol6Yf5mkXfMWgCr7RdRTk="; outputHashAlgo = "sha256"; }; @@ -65,7 +66,7 @@ let pname = "alloy"; nativeBuildInputs = with pkgs; [ - go + go_1_26 git gnumake cacert @@ -77,6 +78,7 @@ let export HOME=$TMPDIR export GOPATH=$TMPDIR/go export GOFLAGS=-modcacherw + export GOTOOLCHAIN=local # Populate module cache from pre-fetched modules mkdir -p $GOPATH/pkg diff --git a/docs/changelog.d/alloy-v1.16.0.infra.md b/docs/changelog.d/alloy-v1.16.0.infra.md new file mode 100644 index 0000000..cd9a1ef --- /dev/null +++ b/docs/changelog.d/alloy-v1.16.0.infra.md @@ -0,0 +1,5 @@ +Upgrade Grafana Alloy v1.14.0 → v1.16.0 across all four service deployments +(alloy-k8s, alloy-ringtail, alloy-tracing-ringtail on k8s; alloy native on +indri). Pulls in stable database observability (v1.15) and the OTel Collector +v0.147.0 bump. Container build also migrated from Dockerfile to native Dagger +`container.py` per the build-container-image migration playbook. diff --git a/service-versions.yaml b/service-versions.yaml index f4f4a6a..42f9c77 100644 --- a/service-versions.yaml +++ b/service-versions.yaml @@ -72,22 +72,22 @@ services: - name: alloy-tracing-ringtail type: argocd - last-reviewed: 2026-03-13 - current-version: "v1.14.0" + last-reviewed: 2026-04-30 + current-version: "v1.16.0" upstream-source: https://github.com/grafana/alloy/releases notes: Privileged DaemonSet with Beyla eBPF for HTTP tracing on ringtail - name: alloy-ringtail type: argocd - last-reviewed: 2026-03-13 - current-version: "v1.14.0" + last-reviewed: 2026-04-30 + current-version: "v1.16.0" upstream-source: https://github.com/grafana/alloy/releases notes: DaemonSet on ringtail for host metrics and pod logs - name: alloy-k8s type: argocd - last-reviewed: 2026-03-13 - current-version: "v1.14.0" + last-reviewed: 2026-04-30 + current-version: "v1.16.0" upstream-source: https://github.com/grafana/alloy/releases - name: tailscale-operator @@ -338,8 +338,8 @@ services: - name: alloy type: ansible - last-reviewed: 2026-03-13 - current-version: "v1.14.0" + last-reviewed: 2026-04-30 + current-version: "v1.16.0" upstream-source: https://github.com/grafana/alloy/releases notes: Built from source on indri