Setup OTEL provider type

Signed-off-by: Adrian Fernandez De La Torre <adri1197@gmail.com>

Author: adri1197

api/v1beta3/provider_types.go

@@ -52,13 +52,14 @@ const (
 	PagerDutyProvider       string = "pagerduty"
 	DataDogProvider         string = "datadog"
 	NATSProvider            string = "nats"
+	OTELProvider            string = "otel"
 )
 
 // ProviderSpec defines the desired state of the Provider.
 // +kubebuilder:validation:XValidation:rule="self.type == 'github' || self.type == 'gitlab' || self.type == 'gitea' || self.type == 'bitbucketserver' || self.type == 'bitbucket' || self.type == 'azuredevops' || !has(self.commitStatusExpr)", message="spec.commitStatusExpr is only supported for the 'github', 'gitlab', 'gitea', 'bitbucketserver', 'bitbucket', 'azuredevops' provider types"
 type ProviderSpec struct {
 	// Type specifies which Provider implementation to use.
-	// +kubebuilder:validation:Enum=slack;discord;msteams;rocket;generic;generic-hmac;github;gitlab;gitea;bitbucketserver;bitbucket;azuredevops;googlechat;googlepubsub;webex;sentry;azureeventhub;telegram;lark;matrix;opsgenie;alertmanager;grafana;githubdispatch;pagerduty;datadog;nats
+	// +kubebuilder:validation:Enum=slack;discord;msteams;rocket;generic;generic-hmac;github;gitlab;gitea;bitbucketserver;bitbucket;azuredevops;googlechat;googlepubsub;webex;sentry;azureeventhub;telegram;lark;matrix;opsgenie;alertmanager;grafana;githubdispatch;pagerduty;datadog;nats;otel
 	// +required
 	Type string `json:"type"`
 

config/crd/bases/notification.toolkit.fluxcd.io_providers.yaml

@@ -385,6 +385,7 @@ spec:
                 - pagerduty
                 - datadog
                 - nats
+                - otel
                 type: string
               username:
                 description: Username specifies the name under which events are posted.

go.mod

@@ -41,6 +41,10 @@ require (
 	github.com/spf13/pflag v1.0.7
 	github.com/stretchr/testify v1.10.0
 	gitlab.com/gitlab-org/api/client-go v0.137.0
+	go.opentelemetry.io/otel v1.37.0
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.37.0
+	go.opentelemetry.io/otel/sdk v1.37.0
+	go.opentelemetry.io/otel/trace v1.37.0
 	golang.org/x/oauth2 v0.30.0
 	golang.org/x/text v0.27.0
 	google.golang.org/api v0.243.0
@@ -78,6 +82,7 @@ require (
 	github.com/blang/semver/v4 v4.0.0 // indirect
 	github.com/bradleyfalzon/ghinstallation/v2 v2.16.0 // indirect
 	github.com/carapace-sh/carapace-shlex v1.0.1 // indirect
+	github.com/cenkalti/backoff/v5 v5.0.2 // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/chai2010/gettext-go v1.0.2 // indirect
 	github.com/cloudevents/sdk-go/v2 v2.15.2 // indirect
@@ -122,6 +127,7 @@ require (
 	github.com/googleapis/gax-go/v2 v2.15.0 // indirect
 	github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674 // indirect
 	github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect
+	github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.1 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
 	github.com/hashicorp/go-version v1.7.0 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
@@ -167,9 +173,9 @@ require (
 	go.opentelemetry.io/auto/sdk v1.1.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.61.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0 // indirect
-	go.opentelemetry.io/otel v1.37.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.37.0 // indirect
 	go.opentelemetry.io/otel/metric v1.37.0 // indirect
-	go.opentelemetry.io/otel/trace v1.37.0 // indirect
+	go.opentelemetry.io/proto/otlp v1.7.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	go.uber.org/zap v1.27.0 // indirect
 	go.yaml.in/yaml/v2 v2.4.2 // indirect

go.sum

@@ -74,6 +74,8 @@ github.com/carapace-sh/carapace-shlex v1.0.1 h1:ww0JCgWpOVuqWG7k3724pJ18Lq8gh5pH
 github.com/carapace-sh/carapace-shlex v1.0.1/go.mod h1:lJ4ZsdxytE0wHJ8Ta9S7Qq0XpjgjU0mdfCqiI2FHx7M=
 github.com/cdevents/sdk-go v0.4.1 h1:Cr/iH/I51Z+slxKRx9AV7stn6hr2pjRHQ5wpPJhRLTU=
 github.com/cdevents/sdk-go v0.4.1/go.mod h1:3IhWLoY4vsyUEzv7XJbyr0BRQ0KPgvNx+wiD2hQGFNU=
+github.com/cenkalti/backoff/v5 v5.0.2 h1:rIfFVxEf1QsI7E1ZHfp/B4DF/6QBAUhmgkxc0H7Zss8=
+github.com/cenkalti/backoff/v5 v5.0.2/go.mod h1:rkhZdG3JZukswDf7f0cwqPNk4K0sa+F97BxZthm/crw=
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
 github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
 github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
@@ -260,6 +262,8 @@ github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674 h1:JeSE6pjso5T
 github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674/go.mod h1:r4w70xmWCQKmi1ONH4KIaBptdivuRPyosB9RmPlGEwA=
 github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 h1:+ngKgrYPPJrOjhax5N+uePQ0Fh1Z7PheYoUI/0nzkPA=
 github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA=
+github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.1 h1:X5VWvz21y3gzm9Nw/kaUeku/1+uBhcekkmy4IkffJww=
+github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.1/go.mod h1:Zanoh4+gvIgluNqcfMVTJueD4wSS5hT7zTt4Mrutd90=
 github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ=
 github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48=
 github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k=
@@ -419,14 +423,20 @@ go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0 h1:F7Jx+6h
 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0/go.mod h1:UHB22Z8QsdRDrnAtX4PntOl36ajSxcdUMt1sF7Y6E7Q=
 go.opentelemetry.io/otel v1.37.0 h1:9zhNfelUvx0KBfu/gb+ZgeAfAgtWrfHJZcAqFC228wQ=
 go.opentelemetry.io/otel v1.37.0/go.mod h1:ehE/umFRLnuLa/vSccNq9oS1ErUlkkK71gMcN34UG8I=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.37.0 h1:Ahq7pZmv87yiyn3jeFz/LekZmPLLdKejuO3NcK9MssM=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.37.0/go.mod h1:MJTqhM0im3mRLw1i8uGHnCvUEeS7VwRyxlLC78PA18M=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.37.0 h1:bDMKF3RUSxshZ5OjOTi8rsHGaPKsAt76FaqgvIUySLc=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.37.0/go.mod h1:dDT67G/IkA46Mr2l9Uj7HsQVwsjASyV9SjGofsiUZDA=
 go.opentelemetry.io/otel/metric v1.37.0 h1:mvwbQS5m0tbmqML4NqK+e3aDiO02vsf/WgbsdpcPoZE=
 go.opentelemetry.io/otel/metric v1.37.0/go.mod h1:04wGrZurHYKOc+RKeye86GwKiTb9FKm1WHtO+4EVr2E=
-go.opentelemetry.io/otel/sdk v1.36.0 h1:b6SYIuLRs88ztox4EyrvRti80uXIFy+Sqzoh9kFULbs=
-go.opentelemetry.io/otel/sdk v1.36.0/go.mod h1:+lC+mTgD+MUWfjJubi2vvXWcVxyr9rmlshZni72pXeY=
+go.opentelemetry.io/otel/sdk v1.37.0 h1:ItB0QUqnjesGRvNcmAcU0LyvkVyGJ2xftD29bWdDvKI=
+go.opentelemetry.io/otel/sdk v1.37.0/go.mod h1:VredYzxUvuo2q3WRcDnKDjbdvmO0sCzOvVAiY+yUkAg=
 go.opentelemetry.io/otel/sdk/metric v1.36.0 h1:r0ntwwGosWGaa0CrSt8cuNuTcccMXERFwHX4dThiPis=
 go.opentelemetry.io/otel/sdk/metric v1.36.0/go.mod h1:qTNOhFDfKRwX0yXOqJYegL5WRaW376QbB7P4Pb0qva4=
 go.opentelemetry.io/otel/trace v1.37.0 h1:HLdcFNbRQBE2imdSEgm/kwqmQj1Or1l/7bW6mxVK7z4=
 go.opentelemetry.io/otel/trace v1.37.0/go.mod h1:TlgrlQ+PtQO5XFerSPUYG0JSgGyryXewPGyayAWSBS0=
+go.opentelemetry.io/proto/otlp v1.7.0 h1:jX1VolD6nHuFzOYso2E73H85i92Mv8JQYk0K9vz09os=
+go.opentelemetry.io/proto/otlp v1.7.0/go.mod h1:fSKjH6YJ7HDlwzltzyMj036AJ3ejJLCgCSHGj4efDDo=
 go.uber.org/automaxprocs v1.6.0 h1:O3y2/QNTOdbF+e/dpXNNW7Rx2hZ4sTIPyybbxyNqTUs=
 go.uber.org/automaxprocs v1.6.0/go.mod h1:ifeIMSnPZuznNm6jmdzmU3/bfk01Fe2fotchwEFJ8r8=
 go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=

internal/notifier/factory.go

@@ -60,6 +60,7 @@ var (
 		apiv1.BitbucketServerProvider: bitbucketServerNotifierFunc,
 		apiv1.BitbucketProvider:       bitbucketNotifierFunc,
 		apiv1.AzureDevOpsProvider:     azureDevOpsNotifierFunc,
+		apiv1.OTELProvider:            otelNotifierFunc,
 	}
 )
 
@@ -355,3 +356,10 @@ func azureDevOpsNotifierFunc(opts notifierOptions) (Interface, error) {
 		opts.TLSConfig, opts.ProxyURL, opts.ServiceAccountName, opts.ProviderName,
 		opts.ProviderNamespace, opts.TokenClient, opts.TokenCache)
 }
+
+func otelNotifierFunc(opts notifierOptions) (Interface, error) {
+	if opts.Token == "" && opts.Password != "" {
+		opts.Token = opts.Password
+	}
+	return NewOTLPTracer(opts.Context, opts.URL, opts.ProxyURL, opts.Headers, opts.TLSConfig, opts.Username, opts.Token)
+}

internal/notifier/otel.go

@@ -0,0 +1,244 @@
+/*
+Copyright 2025 The Flux authors
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package notifier
+
+import (
+	"context"
+	"crypto/sha256"
+	"crypto/tls"
+	"encoding/base64"
+	"fmt"
+	"net/http"
+	"net/url"
+	"slices"
+
+	"go.opentelemetry.io/otel/attribute"
+	"go.opentelemetry.io/otel/codes"
+	"go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp"
+	sdktrace "go.opentelemetry.io/otel/sdk/trace"
+	"go.opentelemetry.io/otel/trace"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"sigs.k8s.io/controller-runtime/pkg/log"
+
+	eventv1 "github.com/fluxcd/pkg/apis/event/v1beta1"
+
+	apiv1beta3 "github.com/fluxcd/notification-controller/api/v1beta3"
+)
+
+type alertMetadataContextKey struct{}
+
+// Context key functions
+func WithAlertMetadata(ctx context.Context, metadata metav1.ObjectMeta) context.Context {
+	return context.WithValue(ctx, alertMetadataContextKey{}, metadata)
+}
+
+func GetAlertMetadata(ctx context.Context) (metav1.ObjectMeta, bool) {
+	metadata, ok := ctx.Value(alertMetadataContextKey{}).(metav1.ObjectMeta)
+	return metadata, ok
+}
+
+type OTLPTracer struct {
+	tracerProvider *sdktrace.TracerProvider
+	tracer         trace.Tracer
+}
+
+func NewOTLPTracer(ctx context.Context, urlStr string, proxyURL string, headers map[string]string, tlsConfig *tls.Config, username string, password string) (*OTLPTracer, error) {
+	// Set up OTLP exporter options
+	httpOptions := []otlptracehttp.Option{
+		otlptracehttp.WithEndpointURL(urlStr),
+	}
+
+	// Add headers if available
+	if len(headers) > 0 {
+		// Add authentication header, if it doesn't exist yet
+		if headers["Authorization"] == "" {
+			// If username is not set, password is considered as token
+			if username == "" {
+				headers["Authorization"] = "Bearer " + password
+			} else if username != "" && password != "" {
+				auth := base64.StdEncoding.EncodeToString([]byte(username + ":" + password))
+				headers["Authorization"] = "Basic " + auth
+			}
+		}
+		httpOptions = append(httpOptions, otlptracehttp.WithHeaders(headers))
+	}
+
+	// Add TLS config if available
+	if tlsConfig != nil {
+		httpOptions = append(httpOptions, otlptracehttp.WithTLSClientConfig(tlsConfig))
+	}
+
+	// Add proxy if available
+	if proxyURL != "" {
+		proxyURLparsed, err := url.Parse(proxyURL)
+		if err != nil {
+			return nil, fmt.Errorf("failed to proxy URL - %s: %w", proxyURL, err)
+		} else {
+			if username != "" && password != "" {
+				proxyURLparsed.User = url.UserPassword(username, password)
+			}
+			httpOptions = append(httpOptions, otlptracehttp.WithProxy(func(*http.Request) (*url.URL, error) {
+				return proxyURLparsed, nil
+			}))
+		}
+	}
+
+	exporter, err := otlptracehttp.New(ctx, httpOptions...)
+	if err != nil {
+		return nil, err
+	}
+
+	// Create TracerProvider once
+	tp := sdktrace.NewTracerProvider(
+		sdktrace.WithBatcher(exporter),
+	)
+
+	log.FromContext(ctx).Info("Successfully created OTEL tracer")
+	return &OTLPTracer{
+		tracerProvider: tp,
+		tracer:         tp.Tracer("flux:notification-controller"),
+	}, nil
+}
+
+// Post implements the notifier.Interface
+func (t *OTLPTracer) Post(ctx context.Context, event eventv1.Event) error {
+	// Skip Git commit status update event.
+	if event.HasMetadata(eventv1.MetaCommitStatusKey, eventv1.MetaCommitStatusUpdateValue) {
+		return nil
+	}
+
+	logger := log.FromContext(ctx).WithValues(
+		"event", event.Reason,
+		"object", fmt.Sprintf("%s/%s/%s", event.InvolvedObject.Kind, event.InvolvedObject.Namespace, event.InvolvedObject.Name),
+		"severity", event.Severity,
+	)
+	logger.Info("OTEL Post function called", "event", event.Reason)
+
+	alert, ok := GetAlertMetadata(ctx)
+	if !ok {
+		return fmt.Errorf("alert metadata not found in context")
+	}
+
+	// Extract revision from event metadata
+	revision := extractMetadata(event.Metadata, "revision")
+
+	// TraceID: <AlertUID>:<revisionID>
+	logger.V(1).Info("Generating trace IDs", "alertUID", string(alert.UID), "revision", revision)
+	traceIDStr := generateID(string(alert.UID), revision)
+	// spanIDStr := generateID(string(event.InvolvedObject.UID),
+	// 	fmt.Sprintf("%s/%s/%s", event.InvolvedObject.Kind,
+	// 		event.InvolvedObject.Namespace, event.InvolvedObject.Name))
+
+	var traceID trace.TraceID
+	// var spanID trace.SpanID
+	copy(traceID[:], traceIDStr[:16])
+	// copy(spanID[:], spanIDStr[:8])
+
+	// Determine span relationship based on Flux object hierarchy
+	var spanCtx context.Context = t.createSpanContext(ctx, event, traceID)
+
+	// Create single span with proper attributes
+	if event.InvolvedObject.Kind != "HelmRepository" {
+		logger.Info("Processing OTEL notification", "alert", alert.Name)
+
+	} else {
+		logger.Info("OTEL notification skipped", "alert", alert.Name)
+	}
+
+	span := t.processSpan(spanCtx, event)
+	// Set status based on event severity
+	if event.Severity == eventv1.EventSeverityError {
+		span.SetStatus(codes.Error, event.Message)
+	} else {
+		span.SetStatus(codes.Ok, event.Message)
+	}
+
+	defer span.End()
+
+	serviceName := fmt.Sprintf("%s: %s/%s", apiv1beta3.AlertKind, alert.Namespace, alert.Name)
+	logger.Info("Successfully sent trace to OTLP endpoint",
+		"alert", serviceName,
+	)
+
+	return nil
+}
+
+func (t *OTLPTracer) createSpanContext(ctx context.Context, event eventv1.Event, traceID trace.TraceID) context.Context {
+	kind := event.InvolvedObject.Kind
+
+	spanContext := trace.NewSpanContext(trace.SpanContextConfig{
+		TraceID:    traceID,
+		TraceFlags: trace.FlagsSampled,
+	})
+
+	// Root spans: Sources that start the deployment flow
+	if isSource(kind) {
+		return trace.ContextWithSpanContext(context.Background(),
+			spanContext.WithTraceFlags(spanContext.TraceFlags()))
+	}
+
+	// Child spans: Everything else inherits from the same trace
+	return trace.ContextWithSpanContext(ctx,
+		spanContext.WithTraceFlags(spanContext.TraceFlags()))
+}
+
+func (t *OTLPTracer) processSpan(ctx context.Context, event eventv1.Event) trace.Span {
+	// Build span attributes including metadata
+	eventAttrs := []attribute.KeyValue{
+		attribute.String("object.uid", string(event.InvolvedObject.UID)),
+		attribute.String("object.kind", event.InvolvedObject.Kind),
+		attribute.String("object.name", event.InvolvedObject.Name),
+		attribute.String("object.namespace", event.InvolvedObject.Namespace),
+	}
+
+	// Add metadata as event attributes
+	for k, v := range event.Metadata {
+		eventAttrs = append(eventAttrs, attribute.String(k, v))
+	}
+
+	// Start span
+	spanName := fmt.Sprintf("%s: %s/%s", event.InvolvedObject.Kind, event.InvolvedObject.Namespace, event.InvolvedObject.Name)
+	_, span := t.tracer.Start(ctx, spanName,
+		trace.WithAttributes(eventAttrs...),
+		trace.WithTimestamp(event.Timestamp.Time))
+
+	return span
+}
+
+// Add cleanup method
+func (t *OTLPTracer) Close(ctx context.Context) error {
+	return t.tracerProvider.Shutdown(ctx)
+}
+
+// Add this function to generate trace and span ID
+func generateID(UID string, rest string) []byte {
+	input := fmt.Sprintf("%s:%s", UID, rest)
+	hash := sha256.Sum256([]byte(input))
+	return hash[:]
+}
+
+func extractMetadata(metadata map[string]string, key string) string {
+	if v, ok := metadata[key]; ok {
+		return v
+	}
+	return "unknown"
+}
+
+func isSource(kind string) bool {
+	sourceKinds := []string{"GitRepository", "HelmChart", "OCIRepository", "Bucket"}
+	return slices.Contains(sourceKinds, kind)
+}