-
Notifications
You must be signed in to change notification settings - Fork 304
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Standalone ASM configuration and span tags #4291
Conversation
Overall package sizeSelf size: 6.72 MB Dependency sizes
🤖 This report was automatically generated by heaviest-objects-in-the-universe |
BenchmarksBenchmark execution time: 2024-06-18 08:20:11 Comparing candidate commit 7dc9981 in PR branch Found 2 performance improvements and 0 performance regressions! Performance is the same for 258 metrics, 6 unstable metrics. scenario:plugin-graphql-with-depth-and-collapse-on-18
scenario:plugin-graphql-with-depth-on-max-18
|
ff3519d
to
2bb1295
Compare
2bb1295
to
5d6210d
Compare
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #4291 +/- ##
===========================================
- Coverage 80.42% 69.19% -11.24%
===========================================
Files 3 1 -2
Lines 373 198 -175
Branches 33 33
===========================================
- Hits 300 137 -163
+ Misses 73 61 -12 ☔ View full report in Codecov by Sentry. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Missing type for experimental.appsec.standalone.enabled
in index.d.ts and test.ts
packages/dd-trace/test/appsec/iast/vulnerability-reporter.spec.js
Outdated
Show resolved
Hide resolved
Co-authored-by: Ugaitz Urien <[email protected]>
@@ -180,6 +181,7 @@ class Tracer extends NoopProxy { | |||
if (!this._tracingInitialized) { | |||
this._tracer = new DatadogTracer(config) | |||
this.appsec = new AppsecSdk(this._tracer, config) | |||
appsecStandalone.configure(config) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
maybe we could move this configure() somewhere in appsec territory ? it's not super important but if we can do it in a clean way it could be nice
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I need it in proxy.js
to replace the default PrioritySampler
via DatadogTracer
constructor, something you could see in the next standalone PR.
Also standalone is not related with AppsecSdk
so I'd prefer not to mix the two features.
* DD_APM_TRACING_ENABLED and span _dd.apm.enabled tag * clean up * Use MANUAL_KEEP const * Add _dd.p.appsec tag on standalone ASM events * Include apmTracingEnabled checks * Appsec Reporter tests * Appsec sdk track_event test * Use numeric value for _dd.p.appsec * Include appsec standalone config in .ts files * Clean up null and undefined values * Remove not needed config properties * standalone module * Clean up * standalone proxy test * Update packages/dd-trace/test/appsec/iast/vulnerability-reporter.spec.js Co-authored-by: Ugaitz Urien <[email protected]> * appsec reporter test * Use standalone singletone in vulnerability-reporter * continue applying ratelimiter on appsec standalone events * Update packages/dd-trace/src/appsec/reporter.js Co-authored-by: simon-id <[email protected]> * Add _dd.apm.enabled:0 in root spans with remote parent * Use a method to add the tag * Remove apmTracingEnabled config property * Add _dd.p.appsec tag in trace tags * Some tests * Set _dd.apm.enabled in root span * configure standalone if _tracingInitialized * Use dd-trace:span:start channel * Clean up * use a meta tag * hasSubscribers check * test description * Check span context has tags before using them and check if config has changed * clean up * Clean up * Clean up * clean up * Update packages/dd-trace/test/appsec/sdk/track_event.spec.js Co-authored-by: Ugaitz Urien <[email protected]> * Update packages/dd-trace/test/appsec/standalone.spec.js Co-authored-by: Ugaitz Urien <[email protected]> * protect sample method * Use assert instead expect * unsubscribe after test * suggestions --------- Co-authored-by: Ugaitz Urien <[email protected]> Co-authored-by: simon-id <[email protected]>
* DD_APM_TRACING_ENABLED and span _dd.apm.enabled tag * clean up * Use MANUAL_KEEP const * Add _dd.p.appsec tag on standalone ASM events * Include apmTracingEnabled checks * Appsec Reporter tests * Appsec sdk track_event test * Use numeric value for _dd.p.appsec * Include appsec standalone config in .ts files * Clean up null and undefined values * Remove not needed config properties * standalone module * Clean up * standalone proxy test * Update packages/dd-trace/test/appsec/iast/vulnerability-reporter.spec.js Co-authored-by: Ugaitz Urien <[email protected]> * appsec reporter test * Use standalone singletone in vulnerability-reporter * continue applying ratelimiter on appsec standalone events * Update packages/dd-trace/src/appsec/reporter.js Co-authored-by: simon-id <[email protected]> * Add _dd.apm.enabled:0 in root spans with remote parent * Use a method to add the tag * Remove apmTracingEnabled config property * Add _dd.p.appsec tag in trace tags * Some tests * Set _dd.apm.enabled in root span * configure standalone if _tracingInitialized * Use dd-trace:span:start channel * Clean up * use a meta tag * hasSubscribers check * test description * Check span context has tags before using them and check if config has changed * clean up * Clean up * Clean up * clean up * Update packages/dd-trace/test/appsec/sdk/track_event.spec.js Co-authored-by: Ugaitz Urien <[email protected]> * Update packages/dd-trace/test/appsec/standalone.spec.js Co-authored-by: Ugaitz Urien <[email protected]> * protect sample method * Use assert instead expect * unsubscribe after test * suggestions --------- Co-authored-by: Ugaitz Urien <[email protected]> Co-authored-by: simon-id <[email protected]>
* DD_APM_TRACING_ENABLED and span _dd.apm.enabled tag * clean up * Use MANUAL_KEEP const * Add _dd.p.appsec tag on standalone ASM events * Include apmTracingEnabled checks * Appsec Reporter tests * Appsec sdk track_event test * Use numeric value for _dd.p.appsec * Include appsec standalone config in .ts files * Clean up null and undefined values * Remove not needed config properties * standalone module * Clean up * standalone proxy test * Update packages/dd-trace/test/appsec/iast/vulnerability-reporter.spec.js Co-authored-by: Ugaitz Urien <[email protected]> * appsec reporter test * Use standalone singletone in vulnerability-reporter * continue applying ratelimiter on appsec standalone events * Update packages/dd-trace/src/appsec/reporter.js Co-authored-by: simon-id <[email protected]> * Add _dd.apm.enabled:0 in root spans with remote parent * Use a method to add the tag * Remove apmTracingEnabled config property * Add _dd.p.appsec tag in trace tags * Some tests * Set _dd.apm.enabled in root span * configure standalone if _tracingInitialized * Use dd-trace:span:start channel * Clean up * use a meta tag * hasSubscribers check * test description * Check span context has tags before using them and check if config has changed * clean up * Clean up * Clean up * clean up * Update packages/dd-trace/test/appsec/sdk/track_event.spec.js Co-authored-by: Ugaitz Urien <[email protected]> * Update packages/dd-trace/test/appsec/standalone.spec.js Co-authored-by: Ugaitz Urien <[email protected]> * protect sample method * Use assert instead expect * unsubscribe after test * suggestions --------- Co-authored-by: Ugaitz Urien <[email protected]> Co-authored-by: simon-id <[email protected]>
* DD_APM_TRACING_ENABLED and span _dd.apm.enabled tag * clean up * Use MANUAL_KEEP const * Add _dd.p.appsec tag on standalone ASM events * Include apmTracingEnabled checks * Appsec Reporter tests * Appsec sdk track_event test * Use numeric value for _dd.p.appsec * Include appsec standalone config in .ts files * Clean up null and undefined values * Remove not needed config properties * standalone module * Clean up * standalone proxy test * Update packages/dd-trace/test/appsec/iast/vulnerability-reporter.spec.js Co-authored-by: Ugaitz Urien <[email protected]> * appsec reporter test * Use standalone singletone in vulnerability-reporter * continue applying ratelimiter on appsec standalone events * Update packages/dd-trace/src/appsec/reporter.js Co-authored-by: simon-id <[email protected]> * Add _dd.apm.enabled:0 in root spans with remote parent * Use a method to add the tag * Remove apmTracingEnabled config property * Add _dd.p.appsec tag in trace tags * Some tests * Set _dd.apm.enabled in root span * configure standalone if _tracingInitialized * Use dd-trace:span:start channel * Clean up * use a meta tag * hasSubscribers check * test description * Check span context has tags before using them and check if config has changed * clean up * Clean up * Clean up * clean up * Update packages/dd-trace/test/appsec/sdk/track_event.spec.js Co-authored-by: Ugaitz Urien <[email protected]> * Update packages/dd-trace/test/appsec/standalone.spec.js Co-authored-by: Ugaitz Urien <[email protected]> * protect sample method * Use assert instead expect * unsubscribe after test * suggestions --------- Co-authored-by: Ugaitz Urien <[email protected]> Co-authored-by: simon-id <[email protected]>
* DD_APM_TRACING_ENABLED and span _dd.apm.enabled tag * clean up * Use MANUAL_KEEP const * Add _dd.p.appsec tag on standalone ASM events * Include apmTracingEnabled checks * Appsec Reporter tests * Appsec sdk track_event test * Use numeric value for _dd.p.appsec * Include appsec standalone config in .ts files * Clean up null and undefined values * Remove not needed config properties * standalone module * Clean up * standalone proxy test * Update packages/dd-trace/test/appsec/iast/vulnerability-reporter.spec.js Co-authored-by: Ugaitz Urien <[email protected]> * appsec reporter test * Use standalone singletone in vulnerability-reporter * continue applying ratelimiter on appsec standalone events * Update packages/dd-trace/src/appsec/reporter.js Co-authored-by: simon-id <[email protected]> * Add _dd.apm.enabled:0 in root spans with remote parent * Use a method to add the tag * Remove apmTracingEnabled config property * Add _dd.p.appsec tag in trace tags * Some tests * Set _dd.apm.enabled in root span * configure standalone if _tracingInitialized * Use dd-trace:span:start channel * Clean up * use a meta tag * hasSubscribers check * test description * Check span context has tags before using them and check if config has changed * clean up * Clean up * Clean up * clean up * Update packages/dd-trace/test/appsec/sdk/track_event.spec.js Co-authored-by: Ugaitz Urien <[email protected]> * Update packages/dd-trace/test/appsec/standalone.spec.js Co-authored-by: Ugaitz Urien <[email protected]> * protect sample method * Use assert instead expect * unsubscribe after test * suggestions --------- Co-authored-by: Ugaitz Urien <[email protected]> Co-authored-by: simon-id <[email protected]>
* DD_APM_TRACING_ENABLED and span _dd.apm.enabled tag * clean up * Use MANUAL_KEEP const * Add _dd.p.appsec tag on standalone ASM events * Include apmTracingEnabled checks * Appsec Reporter tests * Appsec sdk track_event test * Use numeric value for _dd.p.appsec * Include appsec standalone config in .ts files * Clean up null and undefined values * Remove not needed config properties * standalone module * Clean up * standalone proxy test * Update packages/dd-trace/test/appsec/iast/vulnerability-reporter.spec.js Co-authored-by: Ugaitz Urien <[email protected]> * appsec reporter test * Use standalone singletone in vulnerability-reporter * continue applying ratelimiter on appsec standalone events * Update packages/dd-trace/src/appsec/reporter.js Co-authored-by: simon-id <[email protected]> * Add _dd.apm.enabled:0 in root spans with remote parent * Use a method to add the tag * Remove apmTracingEnabled config property * Add _dd.p.appsec tag in trace tags * Some tests * Set _dd.apm.enabled in root span * configure standalone if _tracingInitialized * Use dd-trace:span:start channel * Clean up * use a meta tag * hasSubscribers check * test description * Check span context has tags before using them and check if config has changed * clean up * Clean up * Clean up * clean up * Update packages/dd-trace/test/appsec/sdk/track_event.spec.js Co-authored-by: Ugaitz Urien <[email protected]> * Update packages/dd-trace/test/appsec/standalone.spec.js Co-authored-by: Ugaitz Urien <[email protected]> * protect sample method * Use assert instead expect * unsubscribe after test * suggestions --------- Co-authored-by: Ugaitz Urien <[email protected]> Co-authored-by: simon-id <[email protected]>
What does this PR do?
DD_EXPERIMENTAL_APPSEC_STANDALONE_ENABLED
env var andexperimental.appsec.standalone.enabled
config optiondd-trace:span:start
channel and add the_dd.apm.enabled:0
tag in root spans and child spans with remote parent._dd.p.appsec
trace tag whether an appsec or iast event occurs.Motivation
This is the first part to support Standalone ASM billing. We have divided the feature into two PRs in order to facilitate the review.
Note for APM reviewers:
opentracing/span.js
modified to include thefields
param indd-trace:span:start
eventsproxy.js
modified to configure standalone module when initializing the tracer.Plugin Checklist
Additional Notes