DataDog
diff --git a/‎.github/workflows/audit.yml
+1-1 b/‎.github/workflows/audit.yml
+1-1
diff --git a/‎.github/workflows/check-changelog.yml
+1-1 b/‎.github/workflows/check-changelog.yml
+1-1
diff --git a/‎.github/workflows/container.yml
+65-20 b/‎.github/workflows/container.yml
+65-20
diff --git a/‎.github/workflows/release.yml
+1-1 b/‎.github/workflows/release.yml
+1-1
diff --git a/‎CHANGELOG.md
+27 b/‎CHANGELOG.md
+27
@@ -19,6 +19,6 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-      - uses: actions-rust-lang/audit@5c5da92c0334eb692d0735bb94f086fd83e59572 # v1.2.2
+      - uses: actions-rust-lang/audit@96e0e19d7510f3de04a5b56213388ac8fcede6d0 # v1.2.3
         with:
           TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -25,7 +25,7 @@ jobs:
     - name: Check if CHANGELOG.md was modified
       id: changelog-check
       if: steps.label-check.outputs.has_label == 'false'
-      uses: tj-actions/changed-files@bab30c2299617f6615ec02a68b9a40d10bd21366 # v45.0.5
+      uses: tj-actions/changed-files@d6e91a2266cdb9d62096cebf1e8546899c6aa18f # v45.0.6
       with:
         files: |
           CHANGELOG.md
 
@@ -8,7 +8,62 @@ env:
   IMAGE_NAME: ${{ github.repository }}
 
 jobs:
+  tagging:
+    name: Determine Tags
+    runs-on: ubuntu-20.04
+    permissions:
+      contents: read
+      packages: read
+    outputs:
+      FINAL_TAG: ${{ steps.tags.outputs.FINAL_TAG }}
+      SHA_TAG: ${{ steps.tags.outputs.SHA_TAG }}
+
+    steps:
+      - name: Log in to Container Registry
+        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
+
+      - name: Extract Docker Metadata
+        uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1
+        id: meta
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            # Tag event produce a semver tag. This will capture tags that begin
+            # vX.Y.Z and X.Y.Z.
+            type=semver,pattern={{version}},event=tag
+            # All other push events (no PR, no semver tag), produce a SHA tag
+            type=sha,format=long
+
+      - name: Determine Final Tag
+        id: tags
+        run: |
+          ALL_TAGS="${{ steps.meta.outputs.tags }}"
+          SEMVER_TAG=$(echo "$ALL_TAGS" | grep -E '^ghcr.io/.+:[0-9]+\.[0-9]+\.[0-9]+(-rc[0-9]+)?' || true)
+          SHA_TAG=$(echo "$ALL_TAGS" | grep sha- || true)
+
+          if [ -n "$SEMVER_TAG" ]; then
+            FINAL_TAG="$SEMVER_TAG"
+          else
+            FINAL_TAG="$SHA_TAG"
+          fi
+
+          echo "SHA_TAG=$SHA_TAG" >> $GITHUB_OUTPUT
+          echo "FINAL_TAG=$FINAL_TAG" >> $GITHUB_OUTPUT
+
+      - name: Debug Tags
+        run: |
+          echo "SHA_TAG: ${{ steps.tags.outputs.SHA_TAG }}"
+          echo "FINAL_TAG: ${{ steps.tags.outputs.FINAL_TAG }}"
+
   build:
+    needs: tagging
     runs-on: ${{ matrix.runner }}
     strategy:
       matrix:
@@ -28,7 +83,7 @@ jobs:
 
       - name: Set up Docker Buildx
         id: buildx
-        uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
+        uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
 
       - name: Log in to the Container registry
         uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
@@ -41,27 +96,25 @@ jobs:
         uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1
         id: meta
         with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
           tags: |
             type=sha,format=long
-            type=ref,prefix=pr-,event=pr
-            type=semver,pattern={{version}},event=tag
-            type=semver,pattern={{major}}.{{minor}},event=tag
-            type=semver,pattern={{major}},event=tag
-          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
 
       - name: Build and push Docker image
         uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
         with:
           file: Dockerfile
-          tags: ${{ steps.meta.outputs.tags }}-${{ matrix.arch }}
+          tags: ${{ needs.tagging.outputs.SHA_TAG }}-${{ matrix.arch }}
           push: true
           labels: ${{ steps.meta.outputs.labels }}
           cache-from: type=registry,ref=ghcr.io/datadog/lading:cache
           cache-to: type=registry,ref=ghcr.io/datadog/lading:cache,mode=max
 
   manifest:
     name: Create Multi-Arch Manifest
-    needs: build
+    needs: 
+      - tagging
+      - build
     runs-on: ubuntu-20.04
     permissions:
       contents: read
@@ -76,19 +129,11 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
-
-      - name: Extract Docker Metadata
-        uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1
-        id: meta
-        with:
-          tags: |
-            type=sha,format=long
-          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+        uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
 
       - name: Create and Push Multiarch Manifest
         run: |
           docker buildx imagetools create \
-            --tag ${{ steps.meta.outputs.tags }} \
-            ${{ steps.meta.outputs.tags }}-amd64 \
-            ${{ steps.meta.outputs.tags }}-arm64
+            --tag "${{ needs.tagging.outputs.FINAL_TAG }}" \
+            "${{ needs.tagging.outputs.SHA_TAG }}-amd64" \
+            "${{ needs.tagging.outputs.SHA_TAG }}-arm64"
@@ -15,7 +15,7 @@ jobs:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Create GitHub release
-        uses: taiki-e/create-gh-release-action@72d65cee1f8033ef0c8b5d79eaf0c45c7c578ce3 # v1.8.2
+        uses: taiki-e/create-gh-release-action@d33396ec937b3c8de323c14ec623aa6bfb93d9a1 # v1.8.3
         with:
           changelog: CHANGELOG.md
           token: ${{ secrets.GITHUB_TOKEN }}
@@ -4,6 +4,33 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [Unreleased]
+## Added
+- Introduced the ability for users to configure lading's sample rate,
+  configuration option `sample_period_milliseconds` in `lading.yaml`.
+
+## [0.25.4]
+## Changed
+- The `splunk_hec` generator now only requires responses to have an `ackId` when
+  `acknowledgements` are enabled.
+- cgroup.v2 PSI metrics are now parsed. These metrics may change in future
+  versions of lading as we get more experience with them.
+
+## [0.25.3]
+## Changed
+- Various dependencies updated, notably `hyper` is now 1.x.
+- Error handling in observer made more forgiving of PID death.
+
+## [0.25.2]
+## Changed
+- The `bytes_received` metric in the HTTP and splunk_heck blackholes now tracks
+  wire bytes, the former metric is preserved with `decoded_bytes_received`.
+- Base image is now bookworm, updated from bullseye.
+
+## [0.25.1]
+## Removed
+- Revert PR #1148
+
 ## [0.25.0]
 ## Added
 - Parse nearly the complete field list of smaps/smaps_rollup in the Linux observer.