aws-xray-sdk 0.11.3 → 0.13.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/aws-xray-sdk/context/default_context.rb +1 -1
- data/lib/aws-xray-sdk/exceptions.rb +1 -1
- data/lib/aws-xray-sdk/facets/aws_sdk.rb +2 -2
- data/lib/aws-xray-sdk/facets/helper.rb +1 -1
- data/lib/aws-xray-sdk/facets/net_http.rb +13 -8
- data/lib/aws-xray-sdk/facets/rails/active_record.rb +7 -1
- data/lib/aws-xray-sdk/facets/rails/railtie.rb +1 -1
- data/lib/aws-xray-sdk/facets/resources/{aws_params_whitelist.rb → aws_params_allowlist.rb} +9 -0
- data/lib/aws-xray-sdk/facets/resources/{aws_services_whitelist.rb → aws_services_allowlist.rb} +116 -20
- data/lib/aws-xray-sdk/plugins/ec2.rb +73 -16
- data/lib/aws-xray-sdk/plugins/ecs.rb +1 -1
- data/lib/aws-xray-sdk/plugins/elastic_beanstalk.rb +1 -1
- data/lib/aws-xray-sdk/version.rb +1 -1
- metadata +5 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7519a013ac4db9cf9536638f8abc1d77dc71c4a7edbb5dbc2b43bfc6f1ab3296
|
4
|
+
data.tar.gz: 58567280e37b1e041720d7cf1c86f1b55d38e992a2e6f19444950bc491d2ef7a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 38640d9e8aa2bf1f2328b26670878056713e9e916934ade89ca4ef1132b998f3544b89e01ae3fa7ab619582e2db4487719dd132228c9a51273e7bc27e91cca06
|
7
|
+
data.tar.gz: b8d0aa1b3f0bc098cdd32e4f61ab810b4c1beee48aec785481edaf365c74174eda5a136e271b5b37c5aaed8ae6f8a74daeb2191f220d381520fe4ac6352fc03d
|
@@ -1,7 +1,7 @@
|
|
1
1
|
require 'aws-sdk-core'
|
2
2
|
require 'aws-xray-sdk/facets/helper'
|
3
|
-
require 'aws-xray-sdk/facets/resources/
|
4
|
-
require 'aws-xray-sdk/facets/resources/
|
3
|
+
require 'aws-xray-sdk/facets/resources/aws_params_allowlist'
|
4
|
+
require 'aws-xray-sdk/facets/resources/aws_services_allowlist'
|
5
5
|
|
6
6
|
module XRay
|
7
7
|
class AwsSDKPlugin < Seahorse::Client::Plugin
|
@@ -2,7 +2,7 @@ require 'aws-xray-sdk/model/trace_header'
|
|
2
2
|
|
3
3
|
module XRay
|
4
4
|
module Facets
|
5
|
-
#
|
5
|
+
# Helper functions shared for all external frameworks/libraries
|
6
6
|
# like make sampling decisions from incoming http requests etc.
|
7
7
|
module Helper
|
8
8
|
TRACE_HEADER = 'X-Amzn-Trace-Id'.freeze
|
@@ -20,21 +20,26 @@ module XRay
|
|
20
20
|
super(*options)
|
21
21
|
end
|
22
22
|
|
23
|
-
# HTTP requests to AWS Lambda Ruby Runtime will
|
24
|
-
# value set in ENV['AWS_LAMBDA_RUNTIME_API']
|
25
|
-
def lambda_runtime_request?
|
26
|
-
ENV['AWS_LAMBDA_RUNTIME_API']
|
27
|
-
req.uri &&
|
28
|
-
req.uri.to_s.start_with?('http://'+ENV['AWS_LAMBDA_RUNTIME_API']+'/')
|
23
|
+
# HTTP requests to AWS Lambda Ruby Runtime will have the address and port
|
24
|
+
# matching the value set in ENV['AWS_LAMBDA_RUNTIME_API']
|
25
|
+
def lambda_runtime_request?
|
26
|
+
ENV['AWS_LAMBDA_RUNTIME_API'] == "#{address}:#{port}"
|
29
27
|
end
|
30
28
|
|
31
29
|
def xray_sampling_request?(req)
|
32
30
|
req.path && (req.path == ('/GetSamplingRules') || req.path == ('/SamplingTargets'))
|
33
31
|
end
|
32
|
+
|
33
|
+
# HTTP requests to IMDS endpoint will be made to 169.254.169.254
|
34
|
+
# for both IMDSv1 and IMDSv2 with the latter including the
|
35
|
+
# X-aws-ec2-metadata-token-ttl-seconds header.
|
36
|
+
def ec2_metadata_request?(req)
|
37
|
+
req.uri && req.uri.hostname == '169.254.169.254'
|
38
|
+
end
|
34
39
|
|
35
40
|
def request(req, body = nil, &block)
|
36
|
-
# Do not trace requests to xray or aws lambda runtime
|
37
|
-
if xray_sampling_request?(req) || lambda_runtime_request?(req)
|
41
|
+
# Do not trace requests to xray or aws lambda runtime or ec2 metadata endpoint
|
42
|
+
if xray_sampling_request?(req) || lambda_runtime_request? || ec2_metadata_request?(req)
|
38
43
|
return super
|
39
44
|
end
|
40
45
|
|
@@ -17,7 +17,12 @@ module XRay
|
|
17
17
|
pool, conn = get_pool_n_conn(payload[:connection_id])
|
18
18
|
|
19
19
|
return if IGNORE_OPS.include?(payload[:name]) || pool.nil? || conn.nil?
|
20
|
-
|
20
|
+
# The spec notation is Rails < 6.1, later this can be found in the db_config
|
21
|
+
db_config = if pool.respond_to?(:spec)
|
22
|
+
pool.spec.config
|
23
|
+
else
|
24
|
+
pool.db_config.configuration_hash
|
25
|
+
end
|
21
26
|
name, sql = build_name_sql_meta config: db_config, conn: conn
|
22
27
|
subsegment = XRay.recorder.begin_subsegment name, namespace: 'remote'
|
23
28
|
# subsegment is nil in case of context missing
|
@@ -52,6 +57,7 @@ module XRay
|
|
52
57
|
::ActiveRecord::Base.connection_handler.connection_pool_list.each do |p|
|
53
58
|
conn = p.connections.select { |c| c.object_id == conn_id }
|
54
59
|
pool = p unless conn.nil?
|
60
|
+
return [pool, conn] if !conn.nil? && !conn.empty? && !pool.nil?
|
55
61
|
end
|
56
62
|
[pool, conn]
|
57
63
|
end
|
@@ -7,7 +7,7 @@ module XRay
|
|
7
7
|
RAILS_OPTIONS = %I[active_record].freeze
|
8
8
|
|
9
9
|
initializer("aws-xray-sdk.rack_middleware") do |app|
|
10
|
-
app.middleware.insert 0, Rack::Middleware
|
10
|
+
app.middleware.insert 0, XRay::Rack::Middleware
|
11
11
|
app.middleware.use XRay::Rails::ExceptionMiddleware
|
12
12
|
end
|
13
13
|
|
data/lib/aws-xray-sdk/facets/resources/{aws_services_whitelist.rb → aws_services_allowlist.rb}
RENAMED
@@ -3,20 +3,32 @@ module XRay
|
|
3
3
|
module AwsServices
|
4
4
|
# exausted list can be tracked at http://docs.aws.amazon.com/sdk-for-ruby/v3/api/Seahorse/Client/Base.html
|
5
5
|
@whitelist = %I[
|
6
|
+
AccessAnalyzer
|
6
7
|
ACM
|
7
|
-
|
8
|
+
ACMPCA
|
8
9
|
AlexaForBusiness
|
9
|
-
|
10
|
-
|
10
|
+
Amplify
|
11
|
+
APIGateway
|
12
|
+
ApiGatewayManagementApi
|
13
|
+
ApiGatewayV2
|
14
|
+
AppConfig
|
11
15
|
ApplicationAutoScaling
|
12
16
|
ApplicationDiscoveryService
|
17
|
+
ApplicationInsights
|
18
|
+
AppMesh
|
19
|
+
AppStream
|
20
|
+
AppSync
|
13
21
|
Athena
|
22
|
+
AugmentedAIRuntime
|
14
23
|
AutoScaling
|
24
|
+
AutoScalingPlans
|
25
|
+
Backup
|
15
26
|
Batch
|
16
27
|
Budgets
|
28
|
+
Chime
|
17
29
|
Cloud9
|
18
30
|
CloudDirectory
|
19
|
-
|
31
|
+
CloudFormation
|
20
32
|
CloudFront
|
21
33
|
CloudHSM
|
22
34
|
CloudHSMV2
|
@@ -29,109 +41,193 @@ module XRay
|
|
29
41
|
CodeBuild
|
30
42
|
CodeCommit
|
31
43
|
CodeDeploy
|
44
|
+
CodeGuruProfiler
|
45
|
+
CodeGuruReviewer
|
32
46
|
CodePipeline
|
33
47
|
CodeStar
|
48
|
+
CodeStarconnections
|
49
|
+
CodeStarNotifications
|
34
50
|
CognitoIdentity
|
35
51
|
CognitoIdentityProvider
|
36
52
|
CognitoSync
|
37
53
|
Comprehend
|
54
|
+
ComprehendMedical
|
55
|
+
ComputeOptimizer
|
38
56
|
ConfigService
|
39
|
-
|
57
|
+
Connect
|
58
|
+
ConnectParticipant
|
40
59
|
CostandUsageReportService
|
41
|
-
|
42
|
-
|
60
|
+
CostExplore
|
61
|
+
CostExplorer
|
43
62
|
DatabaseMigrationService
|
63
|
+
DataExchange
|
64
|
+
DataPipeline
|
65
|
+
DataSync
|
66
|
+
DAX
|
67
|
+
Detective
|
44
68
|
DeviceFarm
|
45
69
|
DirectConnect
|
46
70
|
DirectoryService
|
71
|
+
DLM
|
72
|
+
DocDB
|
47
73
|
DynamoDB
|
48
74
|
DynamoDBStreams
|
75
|
+
EBS
|
49
76
|
EC2
|
77
|
+
EC2InstanceConnect
|
50
78
|
ECR
|
51
79
|
ECS
|
52
80
|
EFS
|
53
|
-
|
81
|
+
EKS
|
54
82
|
ElastiCache
|
55
83
|
ElasticBeanstalk
|
84
|
+
ElasticInference
|
56
85
|
ElasticLoadBalancing
|
57
86
|
ElasticLoadBalancingV2
|
58
|
-
ElasticTranscoder
|
59
87
|
ElasticsearchService
|
88
|
+
ElasticTranscoder
|
89
|
+
EMR
|
90
|
+
EventBridge
|
60
91
|
Firehose
|
92
|
+
FMS
|
93
|
+
ForecastQueryService
|
94
|
+
ForecastService
|
95
|
+
FraudDetector
|
96
|
+
FSx
|
61
97
|
GameLift
|
62
98
|
Glacier
|
99
|
+
GlobalAccelerator
|
63
100
|
Glue
|
64
101
|
Greengrass
|
102
|
+
GroundStation
|
65
103
|
GuardDuty
|
66
104
|
Health
|
67
105
|
IAM
|
106
|
+
IVS
|
107
|
+
Imagebuilder
|
68
108
|
ImportExport
|
69
109
|
Inspector
|
70
110
|
IoT
|
111
|
+
IoT1ClickDevicesService
|
112
|
+
IoT1ClickProjects
|
113
|
+
IoTAnalytics
|
71
114
|
IoTDataPlane
|
115
|
+
IoTEvents
|
116
|
+
IoTEventsData
|
72
117
|
IoTJobsDataPlane
|
73
|
-
|
118
|
+
IoTSecureTunneling
|
119
|
+
IoTThingsGraph
|
120
|
+
Kafka
|
121
|
+
Kendra
|
74
122
|
Kinesis
|
75
123
|
KinesisAnalytics
|
124
|
+
KinesisAnalyticsV2
|
76
125
|
KinesisVideo
|
126
|
+
KinesisVideoArchivedMedia
|
77
127
|
KinesisVideoArchiveMedia
|
78
128
|
KinesisVideoMedia
|
129
|
+
KinesisVideoSignalingChannels
|
130
|
+
KMS
|
131
|
+
LakeFormation
|
79
132
|
Lambda
|
80
133
|
LambdaPreview
|
81
134
|
Lex
|
82
135
|
LexModelBuildingService
|
83
136
|
LexRuntimeService
|
137
|
+
LicenseManager
|
84
138
|
Lightsail
|
85
|
-
|
86
|
-
MTurk
|
139
|
+
LocationService
|
87
140
|
MachineLearning
|
141
|
+
Macie
|
142
|
+
ManagedBlockchain
|
143
|
+
MarketplaceCatalog
|
88
144
|
MarketplaceCommerceAnalytics
|
89
145
|
MarketplaceEntitlementService
|
90
146
|
MarketplaceMetering
|
147
|
+
MediaConnect
|
91
148
|
MediaConvert
|
92
149
|
MediaLive
|
93
150
|
MediaPackage
|
151
|
+
MediaPackageVod
|
94
152
|
MediaStore
|
95
153
|
MediaStoreData
|
154
|
+
MediaTailor
|
96
155
|
MigrationHub
|
156
|
+
MigrationHubConfig
|
97
157
|
Mobile
|
158
|
+
MQ
|
159
|
+
MTurk
|
160
|
+
Neptune
|
161
|
+
NetworkManager
|
98
162
|
OpsWorks
|
99
163
|
OpsWorksCM
|
100
164
|
Organizations
|
165
|
+
Outposts
|
166
|
+
Personalize
|
167
|
+
PersonalizeEvents
|
168
|
+
PersonalizeRuntime
|
169
|
+
PI
|
101
170
|
Pinpoint
|
171
|
+
PinpointEmail
|
172
|
+
PinpointSMSVoice
|
102
173
|
Polly
|
103
174
|
Pricing
|
175
|
+
QLDB
|
176
|
+
QLDBSession
|
177
|
+
QuickSight
|
178
|
+
RAM
|
104
179
|
RDS
|
180
|
+
RDSDataService
|
105
181
|
Redshift
|
106
182
|
Rekognition
|
107
183
|
ResourceGroups
|
108
184
|
ResourceGroupsTaggingAPI
|
185
|
+
RoboMaker
|
109
186
|
Route53
|
110
187
|
Route53Domains
|
188
|
+
Route53Resolver
|
111
189
|
S3
|
112
|
-
|
113
|
-
SFN
|
114
|
-
SMS
|
115
|
-
SNS
|
116
|
-
SQS
|
117
|
-
SSM
|
118
|
-
STS
|
119
|
-
SWF
|
190
|
+
S3Control
|
120
191
|
SageMaker
|
121
192
|
SageMakerRuntime
|
193
|
+
SavingsPlans
|
194
|
+
Schemas
|
195
|
+
SecretsManager
|
196
|
+
SecurityHub
|
122
197
|
ServerlessApplicationRepository
|
123
198
|
ServiceCatalog
|
124
199
|
ServiceDiscovery
|
200
|
+
ServiceQuotas
|
201
|
+
SES
|
202
|
+
SESV2
|
203
|
+
SFN
|
125
204
|
Shield
|
205
|
+
Signer
|
126
206
|
SimpleDB
|
207
|
+
SMS
|
127
208
|
Snowball
|
209
|
+
SNS
|
210
|
+
SQS
|
211
|
+
SSM
|
212
|
+
SSO
|
213
|
+
SSOOIDC
|
128
214
|
States
|
129
215
|
StorageGateway
|
216
|
+
STS
|
130
217
|
Support
|
218
|
+
SWF
|
219
|
+
Textract
|
220
|
+
TranscribeService
|
221
|
+
TranscribeStreamingService
|
222
|
+
Transfer
|
131
223
|
Translate
|
132
224
|
WAF
|
133
225
|
WAFRegional
|
226
|
+
WAFV2
|
134
227
|
WorkDocs
|
228
|
+
WorkLink
|
229
|
+
WorkMail
|
230
|
+
WorkMailMessageFlow
|
135
231
|
WorkSpaces
|
136
232
|
XRay
|
137
233
|
]
|
@@ -1,36 +1,93 @@
|
|
1
|
-
require '
|
1
|
+
require 'net/http'
|
2
|
+
require 'json'
|
2
3
|
require 'aws-xray-sdk/logger'
|
3
4
|
|
4
5
|
module XRay
|
5
6
|
module Plugins
|
6
|
-
# A plugin that gets the EC2
|
7
|
+
# A plugin that gets the EC2 instance_id, availabiity_zone, instance_type, and ami_id if running on an EC2 instance.
|
8
|
+
# The plugin queries IMDSv2 endpoint with X-aws-ec2-metadata-token-ttl-seconds as 60 seconds, and fallback to using
|
9
|
+
# IMDSv1 endpoint.
|
10
|
+
# More details about EC2 instance metadata retreival: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-retrieval
|
7
11
|
module EC2
|
8
12
|
include Logging
|
9
13
|
|
10
14
|
ORIGIN = 'AWS::EC2::Instance'.freeze
|
11
|
-
|
12
|
-
|
13
|
-
AZ_ADDR = 'http://169.254.169.254/latest/meta-data/placement/availability-zone'.freeze
|
15
|
+
|
16
|
+
METADATA_BASE_URL = 'http://169.254.169.254/latest'.freeze
|
14
17
|
|
15
18
|
def self.aws
|
16
|
-
@@aws
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
19
|
+
@@aws = {}
|
20
|
+
token = get_token
|
21
|
+
ec2_metadata = get_metadata(token)
|
22
|
+
@@aws = {
|
23
|
+
ec2: ec2_metadata
|
24
|
+
}
|
25
|
+
end
|
26
|
+
|
27
|
+
|
28
|
+
private # private methods
|
29
|
+
|
30
|
+
def self.get_token
|
31
|
+
token_uri = URI(METADATA_BASE_URL + '/api/token')
|
32
|
+
|
33
|
+
req = Net::HTTP::Put.new(token_uri)
|
34
|
+
req['X-aws-ec2-metadata-token-ttl-seconds'] = '60'
|
35
|
+
begin
|
36
|
+
return do_request(req)
|
37
|
+
rescue StandardError => e
|
38
|
+
Logging.logger.warn %(cannot get the IMDSv2 token due to: #{e.message}.)
|
39
|
+
''
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
def self.get_metadata(token)
|
44
|
+
metadata_uri = URI(METADATA_BASE_URL + '/dynamic/instance-identity/document')
|
45
|
+
|
46
|
+
req = Net::HTTP::Get.new(metadata_uri)
|
47
|
+
if token != ''
|
48
|
+
req['X-aws-ec2-metadata-token'] = token
|
49
|
+
end
|
50
|
+
|
51
|
+
begin
|
52
|
+
metadata_json = do_request(req)
|
53
|
+
return parse_metadata(metadata_json)
|
54
|
+
rescue StandardError => e
|
55
|
+
Logging.logger.warn %(cannot get the ec2 instance metadata due to: #{e.message}.)
|
56
|
+
{}
|
57
|
+
end
|
58
|
+
end
|
59
|
+
|
60
|
+
def self.parse_metadata(json_str)
|
61
|
+
metadata = {}
|
62
|
+
data = JSON(json_str)
|
63
|
+
metadata['instance_id'] = data['instanceId']
|
64
|
+
metadata['availability_zone'] = data['availabilityZone']
|
65
|
+
metadata['instance_type'] = data['instanceType']
|
66
|
+
metadata['ami_id'] = data['imageId']
|
67
|
+
|
68
|
+
metadata
|
69
|
+
end
|
70
|
+
|
71
|
+
def self.do_request(request)
|
72
|
+
begin
|
73
|
+
response = Net::HTTP.start(request.uri.hostname, read_timeout: 1) { |http|
|
74
|
+
http.request(request)
|
24
75
|
}
|
76
|
+
|
77
|
+
if response.code == '200'
|
78
|
+
return response.body
|
79
|
+
else
|
80
|
+
raise(StandardError.new('Unsuccessful response::' + response.code + '::' + response.message))
|
81
|
+
end
|
25
82
|
rescue StandardError => e
|
26
|
-
# Two attempts in total to
|
83
|
+
# Two attempts in total to complete the request successfully
|
27
84
|
@retries ||= 0
|
28
85
|
if @retries < 1
|
29
86
|
@retries += 1
|
30
87
|
retry
|
31
88
|
else
|
32
|
-
|
33
|
-
|
89
|
+
Logging.logger.warn %(Failed to complete request due to: #{e.message}.)
|
90
|
+
raise e
|
34
91
|
end
|
35
92
|
end
|
36
93
|
end
|
@@ -15,7 +15,7 @@ module XRay
|
|
15
15
|
{ ecs: { container: Socket.gethostname } }
|
16
16
|
rescue StandardError => e
|
17
17
|
@@aws = {}
|
18
|
-
Logging.logger.warn %(
|
18
|
+
Logging.logger.warn %(cannot get the ecs container hostname due to: #{e.message}.)
|
19
19
|
end
|
20
20
|
end
|
21
21
|
end
|
@@ -17,7 +17,7 @@ module XRay
|
|
17
17
|
{ elastic_beanstalk: MultiJson.load(file) }
|
18
18
|
rescue StandardError => e
|
19
19
|
@@aws = {}
|
20
|
-
Logging.logger.warn %(
|
20
|
+
Logging.logger.warn %(cannot get the environment config due to: #{e.message}.)
|
21
21
|
end
|
22
22
|
end
|
23
23
|
end
|
data/lib/aws-xray-sdk/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-xray-sdk
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.13.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-01-04 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-xray
|
@@ -186,8 +186,8 @@ files:
|
|
186
186
|
- lib/aws-xray-sdk/facets/rails/active_record.rb
|
187
187
|
- lib/aws-xray-sdk/facets/rails/ex_middleware.rb
|
188
188
|
- lib/aws-xray-sdk/facets/rails/railtie.rb
|
189
|
-
- lib/aws-xray-sdk/facets/resources/
|
190
|
-
- lib/aws-xray-sdk/facets/resources/
|
189
|
+
- lib/aws-xray-sdk/facets/resources/aws_params_allowlist.rb
|
190
|
+
- lib/aws-xray-sdk/facets/resources/aws_services_allowlist.rb
|
191
191
|
- lib/aws-xray-sdk/lambda.rb
|
192
192
|
- lib/aws-xray-sdk/lambda/facade_segment.rb
|
193
193
|
- lib/aws-xray-sdk/lambda/lambda_context.rb
|
@@ -244,7 +244,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
244
244
|
- !ruby/object:Gem::Version
|
245
245
|
version: '0'
|
246
246
|
requirements: []
|
247
|
-
rubygems_version: 3.
|
247
|
+
rubygems_version: 3.1.6
|
248
248
|
signing_key:
|
249
249
|
specification_version: 4
|
250
250
|
summary: AWS X-Ray SDK for Ruby
|