datadog 2.14.0 → 2.15.0

data/lib/datadog/appsec/component.rb

@@ -12,7 +12,25 @@ module Datadog
       class << self
         def build_appsec_component(settings, telemetry:)
           return if !settings.respond_to?(:appsec) || !settings.appsec.enabled
-          return if incompatible_ffi_version?
+
+          ffi_version = Gem.loaded_specs['ffi'] && Gem.loaded_specs['ffi'].version
+          unless ffi_version
+            Datadog.logger.warn('FFI gem is not loaded, AppSec will be disabled.')
+            telemetry.error('AppSec: Component not loaded, due to missing FFI gem')
+
+            return
+          end
+
+          if Gem::Version.new(RUBY_VERSION) >= Gem::Version.new('3.3') && ffi_version < Gem::Version.new('1.16.0')
+            Datadog.logger.warn(
+              'AppSec is not supported in Ruby versions above 3.3.0 when using `ffi` versions older than 1.16.0, ' \
+              'and will be forcibly disabled due to a memory leak in `ffi`. ' \
+              'Please upgrade your `ffi` version to 1.16.0 or higher.'
+            )
+            telemetry.error('AppSec: Component not loaded, ffi version is leaky with ruby > 3.3.0')
+
+            return
+          end
 
           processor = create_processor(settings, telemetry)
 
@@ -29,22 +47,6 @@ module Datadog
 
         private
 
-        def incompatible_ffi_version?
-          ffi_version = Gem.loaded_specs['ffi'] && Gem.loaded_specs['ffi'].version
-          return true unless ffi_version
-
-          return false unless Gem::Version.new(RUBY_VERSION) >= Gem::Version.new('3.3') &&
-            ffi_version < Gem::Version.new('1.16.0')
-
-          Datadog.logger.warn(
-            'AppSec is not supported in Ruby versions above 3.3.0 when using `ffi` versions older than 1.16.0, ' \
-            'and will be forcibly disabled due to a memory leak in `ffi`. ' \
-            'Please upgrade your `ffi` version to 1.16.0 or higher.'
-          )
-
-          true
-        end
-
         def create_processor(settings, telemetry)
           rules = AppSec::Processor::RuleLoader.load_rules(
             telemetry: telemetry,

data/lib/datadog/appsec/compressed_json.rb

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+
+require 'json'
+require 'zlib'
+require 'stringio'
+
+require_relative '../core/utils/base64'
+
+module Datadog
+  module AppSec
+    # Converts derivative schema payloads into JSON and compresses them into a
+    # base64 encoded string if the payload is worth compressing.
+    #
+    # See: https://github.com/DataDog/dd-trace-rb/pull/3177#issuecomment-1747221082
+    module CompressedJson
+      MIN_SIZE_FOR_COMPRESSION = 260
+
+      def self.dump(payload)
+        value = JSON.dump(payload)
+        return value if value.bytesize < MIN_SIZE_FOR_COMPRESSION
+
+        compress_and_encode(value)
+      rescue ArgumentError, Encoding::UndefinedConversionError, JSON::JSONError => e
+        AppSec.telemetry.report(e, description: 'AppSec: Failed to convert value into JSON')
+
+        nil
+      end
+
+      private_class_method def self.compress_and_encode(payload)
+        Core::Utils::Base64.strict_encode64(
+          Zlib.gzip(payload, level: Zlib::BEST_SPEED, strategy: Zlib::DEFAULT_STRATEGY)
+        )
+      rescue Zlib::Error, TypeError => e
+        AppSec.telemetry.report(e, description: 'AppSec: Failed to compress and encode value')
+
+        nil
+      end
+    end
+  end
+end

data/lib/datadog/appsec/contrib/active_record/integration.rb

@@ -13,7 +13,7 @@ module Datadog
 
           MINIMUM_VERSION = Gem::Version.new('4')
 
-          register_as :active_record, auto_patch: false
+          register_as :active_record, auto_patch: true
 
           def self.version
             Gem.loaded_specs['activerecord'] && Gem.loaded_specs['activerecord'].version

data/lib/datadog/appsec/event.rb

@@ -1,15 +1,15 @@
 # frozen_string_literal: true
 
 require 'json'
-require 'zlib'
-
 require_relative 'rate_limiter'
-require_relative '../core/utils/base64'
+require_relative 'compressed_json'
 
 module Datadog
   module AppSec
     # AppSec event
     module Event
+      DERIVATIVE_SCHEMA_KEY_PREFIX = '_dd.appsec.s.'
+      DERIVATIVE_SCHEMA_MAX_COMPRESSED_SIZE = 25000
       ALLOWED_REQUEST_HEADERS = %w[
         X-Forwarded-For
         X-Client-IP
@@ -38,11 +38,6 @@ module Datadog
         Content-Language
       ].map!(&:downcase).freeze
 
-      MAX_ENCODED_SCHEMA_SIZE = 25000
-      # For more information about this number
-      # please check https://github.com/DataDog/dd-trace-rb/pull/3177#issuecomment-1747221082
-      MIN_SCHEMA_SIZE_FOR_COMPRESSION = 260
-
       # Record events for a trace
       #
       # This is expected to be called only once per trace for the rate limiter
@@ -80,7 +75,6 @@ module Datadog
           end
         end
 
-        # rubocop:disable Metrics/MethodLength
         def build_service_entry_tags(event_group)
           waf_events = []
           entry_tags = event_group.each_with_object({ '_dd.origin' => 'appsec' }) do |event, tags|
@@ -106,26 +100,17 @@ module Datadog
             waf_events += waf_result.events
 
             waf_result.derivatives.each do |key, value|
-              parsed_value = json_parse(value)
-              next unless parsed_value
-
-              parsed_value_size = parsed_value.size
-
-              schema_value = if parsed_value_size >= MIN_SCHEMA_SIZE_FOR_COMPRESSION
-                               compressed_and_base64_encoded(parsed_value)
-                             else
-                               parsed_value
-                             end
-              next unless schema_value
-
-              if schema_value.size >= MAX_ENCODED_SCHEMA_SIZE
-                Datadog.logger.debug do
-                  "Schema key: #{key} exceeds the max size value. It will not be included as part of the span tags"
-                end
+              next tags[key] = value unless key.start_with?(DERIVATIVE_SCHEMA_KEY_PREFIX)
+
+              value = CompressedJson.dump(value)
+              next if value.nil?
+
+              if value.size >= DERIVATIVE_SCHEMA_MAX_COMPRESSED_SIZE
+                Datadog.logger.debug { "AppSec: Schema key '#{key}' will not be included into span tags due to it's size" }
                 next
               end
 
-              tags[key] = schema_value
+              tags[key] = value
             end
 
             tags
@@ -135,14 +120,16 @@ module Datadog
           entry_tags['_dd.appsec.json'] = appsec_events if appsec_events
           entry_tags
         end
-        # rubocop:enable Metrics/MethodLength
 
         def tag_and_keep!(context, waf_result)
           # We want to keep the trace in case of security event
           context.trace.keep! if context.trace
 
           if context.span
-            context.span.set_tag('appsec.blocked', 'true') if waf_result.actions.key?('block_request')
+            if waf_result.actions.key?('block_request') || waf_result.actions.key?('redirect_request')
+              context.span.set_tag('appsec.blocked', 'true')
+            end
+
             context.span.set_tag('appsec.event', 'true')
           end
 
@@ -151,31 +138,15 @@ module Datadog
 
         private
 
-        def compressed_and_base64_encoded(value)
-          Datadog::Core::Utils::Base64.strict_encode64(gzip(value))
-        rescue TypeError => e
-          Datadog.logger.debug do
-            "Failed to compress and encode value when populating AppSec::Event. Error: #{e.message}"
-          end
-          nil
-        end
-
+        # NOTE: Handling of Encoding::UndefinedConversionError is added as a quick fix to
+        #       the issue between Ruby encoded strings and libddwaf produced events and now
+        #       is under investigation.
         def json_parse(value)
           JSON.dump(value)
-        rescue ArgumentError => e
-          Datadog.logger.debug do
-            "Failed to parse value to JSON when populating AppSec::Event. Error: #{e.message}"
-          end
-          nil
-        end
+        rescue ArgumentError, Encoding::UndefinedConversionError, JSON::JSONError => e
+          AppSec.telemetry.report(e, description: 'AppSec: Failed to convert value into JSON')
 
-        def gzip(value)
-          sio = StringIO.new
-          # For an in depth comparison of Zlib options check https://github.com/DataDog/dd-trace-rb/pull/3177#issuecomment-1747215473
-          gz = Zlib::GzipWriter.new(sio, Zlib::BEST_SPEED, Zlib::DEFAULT_STRATEGY)
-          gz.write(value)
-          gz.close
-          sio.string
+          nil
         end
 
         # Propagate to downstream services the information that the current distributed trace is

data/lib/datadog/appsec/remote.rb

@@ -23,6 +23,8 @@ module Datadog
         CAP_ASM_CUSTOM_RULES              = 1 << 8   # accept custom rules
         CAP_ASM_CUSTOM_BLOCKING_RESPONSE  = 1 << 9   # supports custom http code or redirect sa blocking response
         CAP_ASM_TRUSTED_IPS               = 1 << 10  # supports trusted ip
+        CAP_ASM_RASP_SSRF                 = 1 << 23  # support for server-side request forgery exploit prevention rules
+        CAP_ASM_RASP_SQLI                 = 1 << 21  # support for SQL injection exploit prevention rules
 
         # TODO: we need to dynamically add CAP_ASM_ACTIVATION once we support it
         ASM_CAPABILITIES = [
@@ -35,6 +37,8 @@ module Datadog
           CAP_ASM_CUSTOM_RULES,
           CAP_ASM_CUSTOM_BLOCKING_RESPONSE,
           CAP_ASM_TRUSTED_IPS,
+          CAP_ASM_RASP_SSRF,
+          CAP_ASM_RASP_SQLI,
         ].freeze
 
         ASM_PRODUCTS = [

data/lib/datadog/core/diagnostics/environment_logger.rb

@@ -79,7 +79,7 @@ module Datadog
 
           # @return [String] current time in ISO8601 format
           def date
-            Time.now.utc.iso8601
+            Core::Utils::Time.now.utc.iso8601
           end
 
           # Best portable guess of OS information.

data/lib/datadog/core/telemetry/metric.rb

@@ -108,9 +108,9 @@ module Datadog
             value = value.to_i
 
             if values.empty?
-              values << [Time.now.to_i, value]
+              values << [Core::Utils::Time.now.to_i, value]
             else
-              values[0][0] = Time.now.to_i
+              values[0][0] = Core::Utils::Time.now.to_i
               values[0][1] += value
             end
             nil
@@ -129,9 +129,9 @@ module Datadog
 
           def track(value)
             if values.empty?
-              values << [Time.now.to_i, value]
+              values << [Core::Utils::Time.now.to_i, value]
             else
-              values[0][0] = Time.now.to_i
+              values[0][0] = Core::Utils::Time.now.to_i
               values[0][1] = value
             end
             nil
@@ -155,7 +155,7 @@ module Datadog
 
           def track(value = 1.0)
             @value += value
-            @values = [[Time.now.to_i, @value / interval]]
+            @values = [[Core::Utils::Time.now.to_i, @value / interval]]
             nil
           end
         end

data/lib/datadog/core/telemetry/request.rb

@@ -21,7 +21,7 @@ module Datadog
               request_type: event.type,
               runtime_id: Core::Environment::Identity.id,
               seq_id: seq_id,
-              tracer_time: Time.now.to_i,
+              tracer_time: Core::Utils::Time.now.to_i,
             }
             hash.compact!
             hash

data/lib/datadog/di/probe_notification_builder.rb

@@ -191,7 +191,7 @@ module Datadog
       end
 
       def timestamp_now
-        (Time.now.to_f * 1000).to_i
+        (Core::Utils::Time.now.to_f * 1000).to_i
       end
 
       def get_local_variables(trace_point)

data/lib/datadog/di/transport/http/diagnostics.rb

@@ -38,7 +38,6 @@ module Datadog
               end
             end
 
-            # Endpoint for negotiation
             class Endpoint < Datadog::Core::Transport::HTTP::API::Endpoint
               attr_reader :encoder
 

data/lib/datadog/di/transport/http/input.rb

@@ -38,7 +38,6 @@ module Datadog
               end
             end
 
-            # Endpoint for negotiation
             class Endpoint < Datadog::Core::Transport::HTTP::API::Endpoint
               HEADER_CONTENT_TYPE = 'Content-Type'
 

data/lib/datadog/di/transport/http.rb

@@ -1,15 +1,9 @@
 # frozen_string_literal: true
 
-require 'uri'
-
-require_relative '../../core/environment/container'
-require_relative '../../core/environment/ext'
-require_relative '../../core/transport/ext'
 require_relative 'diagnostics'
 require_relative 'input'
 require_relative 'http/api'
 require_relative '../../core/transport/http'
-require_relative '../../../datadog/version'
 
 module Datadog
   module DI

data/lib/datadog/profiling/collectors/info.rb

@@ -31,6 +31,9 @@ module Datadog
         # Instead of trying to figure out real process start time by checking
         # /proc or some other complex/non-portable way, approximate start time
         # by time of requirement of this file.
+        #
+        # Note: this does not use Core::Utils::Time.now because this constant
+        # gets initialized before a user has a chance to configure the library.
         START_TIME = Time.now.utc.freeze
 
         def collect_platform_info

data/lib/datadog/profiling/encoded_profile.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Datadog
+  module Profiling
+    # This class exists to wrap a ddog_prof_EncodedProfile into a Ruby object
+    #
+    # This class is not empty; all of this class is implemented as native code.
+    class EncodedProfile # rubocop:disable Lint/EmptyClass
+    end
+  end
+end

data/lib/datadog/profiling/exporter.rb

@@ -57,7 +57,7 @@ module Datadog
         serialization_result = pprof_recorder.serialize
         return if serialization_result.nil?
 
-        start, finish, compressed_pprof, profile_stats = serialization_result
+        start, finish, encoded_profile, profile_stats = serialization_result
         @last_flush_finish_at = finish
 
         if duration_below_threshold?(start, finish)
@@ -70,8 +70,7 @@ module Datadog
         Flush.new(
           start: start,
           finish: finish,
-          pprof_file_name: Datadog::Profiling::Ext::Transport::HTTP::PPROF_DEFAULT_FILENAME,
-          pprof_data: compressed_pprof.to_s,
+          encoded_profile: encoded_profile,
           code_provenance_file_name: Datadog::Profiling::Ext::Transport::HTTP::CODE_PROVENANCE_FILENAME,
           code_provenance_data: uncompressed_code_provenance,
           tags_as_array: Datadog::Profiling::TagBuilder.call(settings: Datadog.configuration).to_a,

data/lib/datadog/profiling/ext.rb

@@ -26,7 +26,6 @@ module Datadog
           TAG_GIT_REPOSITORY_URL = "git.repository_url"
           TAG_GIT_COMMIT_SHA = "git.commit.sha"
 
-          PPROF_DEFAULT_FILENAME = "rubyprofile.pprof"
           CODE_PROVENANCE_FILENAME = "code-provenance.json"
         end
       end

data/lib/datadog/profiling/flush.rb

@@ -9,10 +9,9 @@ module Datadog
       attr_reader \
         :start,
         :finish,
-        :pprof_file_name,
-        :pprof_data, # gzipped pprof bytes
+        :encoded_profile,
         :code_provenance_file_name,
-        :code_provenance_data, # gzipped json bytes
+        :code_provenance_data,
         :tags_as_array,
         :internal_metadata_json,
         :info_json
@@ -20,8 +19,7 @@ module Datadog
       def initialize(
         start:,
         finish:,
-        pprof_file_name:,
-        pprof_data:,
+        encoded_profile:,
         code_provenance_file_name:,
         code_provenance_data:,
         tags_as_array:,
@@ -30,8 +28,7 @@ module Datadog
       )
         @start = start
         @finish = finish
-        @pprof_file_name = pprof_file_name
-        @pprof_data = pprof_data
+        @encoded_profile = encoded_profile
         @code_provenance_file_name = code_provenance_file_name
         @code_provenance_data = code_provenance_data
         @tags_as_array = tags_as_array

data/lib/datadog/profiling/http_transport.rb

@@ -20,34 +20,21 @@ module Datadog
             [:agent, agent_settings.url].freeze
           end
 
-        status, result = validate_exporter(exporter_configuration)
+        status, result = self.class._native_validate_exporter(exporter_configuration)
 
         raise(ArgumentError, "Failed to initialize transport: #{result}") if status == :error
       end
 
       def export(flush)
-        status, result = do_export(
-          exporter_configuration: exporter_configuration,
-          upload_timeout_milliseconds: @upload_timeout_milliseconds,
-
-          # why "timespec"?
-          # libdatadog represents time using POSIX's struct timespec, see
-          # https://www.gnu.org/software/libc/manual/html_node/Time-Types.html
-          # aka it represents the seconds part separate from the nanoseconds part
-          start_timespec_seconds: flush.start.tv_sec,
-          start_timespec_nanoseconds: flush.start.tv_nsec,
-          finish_timespec_seconds: flush.finish.tv_sec,
-          finish_timespec_nanoseconds: flush.finish.tv_nsec,
-
-          pprof_file_name: flush.pprof_file_name,
-          pprof_data: flush.pprof_data,
-          code_provenance_file_name: flush.code_provenance_file_name,
-          code_provenance_data: flush.code_provenance_data,
-
-          tags_as_array: flush.tags_as_array,
-          internal_metadata_json: flush.internal_metadata_json,
-
-          info_json: flush.info_json
+        status, result = self.class._native_do_export(
+          exporter_configuration,
+          @upload_timeout_milliseconds,
+          flush,
+          # TODO: This is going to be removed once we move to libdatadog 17
+          flush.start.tv_sec,
+          flush.start.tv_nsec,
+          flush.finish.tv_sec,
+          flush.finish.tv_nsec,
         )
 
         if status == :ok
@@ -77,42 +64,6 @@ module Datadog
         site && api_key && Core::Environment::VariableHelpers.env_to_bool(Profiling::Ext::ENV_AGENTLESS, false)
       end
 
-      def validate_exporter(exporter_configuration)
-        self.class._native_validate_exporter(exporter_configuration)
-      end
-
-      def do_export(
-        exporter_configuration:,
-        upload_timeout_milliseconds:,
-        start_timespec_seconds:,
-        start_timespec_nanoseconds:,
-        finish_timespec_seconds:,
-        finish_timespec_nanoseconds:,
-        pprof_file_name:,
-        pprof_data:,
-        code_provenance_file_name:,
-        code_provenance_data:,
-        tags_as_array:,
-        internal_metadata_json:,
-        info_json:
-      )
-        self.class._native_do_export(
-          exporter_configuration,
-          upload_timeout_milliseconds,
-          start_timespec_seconds,
-          start_timespec_nanoseconds,
-          finish_timespec_seconds,
-          finish_timespec_nanoseconds,
-          pprof_file_name,
-          pprof_data,
-          code_provenance_file_name,
-          code_provenance_data,
-          tags_as_array,
-          internal_metadata_json,
-          info_json,
-        )
-      end
-
       def config_without_api_key
         "#{exporter_configuration[0]}: #{exporter_configuration[1]}"
       end

data/lib/datadog/profiling/stack_recorder.rb

@@ -63,11 +63,11 @@ module Datadog
         status, result = @no_concurrent_synchronize_mutex.synchronize { self.class._native_serialize(self) }
 
         if status == :ok
-          start, finish, encoded_pprof, profile_stats = result
+          start, finish, encoded_profile, profile_stats = result
 
           Datadog.logger.debug { "Encoded profile covering #{start.iso8601} to #{finish.iso8601}" }
 
-          [start, finish, encoded_pprof, profile_stats]
+          [start, finish, encoded_profile, profile_stats]
         else
           error_message = result
 
@@ -82,9 +82,9 @@ module Datadog
         status, result = @no_concurrent_synchronize_mutex.synchronize { self.class._native_serialize(self) }
 
         if status == :ok
-          _start, _finish, encoded_pprof = result
+          _start, _finish, encoded_profile = result
 
-          encoded_pprof
+          encoded_profile
         else
           error_message = result
 

data/lib/datadog/profiling.rb

@@ -149,6 +149,7 @@ module Datadog
       require_relative 'profiling/collectors/thread_context'
       require_relative 'profiling/stack_recorder'
       require_relative 'profiling/exporter'
+      require_relative 'profiling/encoded_profile'
       require_relative 'profiling/flush'
       require_relative 'profiling/scheduler'
       require_relative 'profiling/tasks/setup'

data/lib/datadog/tracing/contrib/active_record/integration.rb

@@ -57,7 +57,7 @@ module Datadog
           end
 
           def reset_resolver_cache
-            @resolver&.reset_cache
+            @resolver&.reset_cache if defined?(@resolver)
           end
 
           Contrib::Component.register('activerecord') do |_config|

data/lib/datadog/tracing/contrib/opensearch/configuration/settings.rb

@@ -46,6 +46,23 @@ module Datadog
               o.type :string, nilable: true
               o.env Ext::ENV_PEER_SERVICE
             end
+
+            option :resource_pattern do |o|
+              o.type :string
+              o.env Ext::ENV_RESOURCE_PATTERN
+              o.default Ext::DEFAULT_RESOURCE_PATTERN
+              o.setter do |value|
+                next value if Ext::VALID_RESOURCE_PATTERNS.include?(value)
+
+                Datadog.logger.warn(
+                  "Invalid resource pattern: #{value}. " \
+                  "Supported values are: #{Ext::VALID_RESOURCE_PATTERNS.join(' | ')}. " \
+                  "Using default value: #{Ext::DEFAULT_RESOURCE_PATTERN}."
+                )
+
+                Ext::DEFAULT_RESOURCE_PATTERN
+              end
+            end
           end
         end
       end

data/lib/datadog/tracing/contrib/opensearch/ext.rb

@@ -13,6 +13,15 @@ module Datadog
           # @!visibility private
           ENV_ANALYTICS_ENABLED = 'DD_TRACE_OPENSEARCH_ANALYTICS_ENABLED'
           ENV_ANALYTICS_SAMPLE_RATE = 'DD_TRACE_OPENSEARCH_ANALYTICS_SAMPLE_RATE'
+          ENV_RESOURCE_PATTERN = 'DD_TRACE_OPENSEARCH_RESOURCE_PATTERN'
+          ABSOLUTE_RESOURCE_PATTERN = 'absolute'
+          RELATIVE_RESOURCE_PATTERN = 'relative'
+          VALID_RESOURCE_PATTERNS = [
+            ABSOLUTE_RESOURCE_PATTERN,
+            RELATIVE_RESOURCE_PATTERN
+          ].freeze
+          # Default should be changed to RELATIVE in 3.0 to match the Elasticsearch integration
+          DEFAULT_RESOURCE_PATTERN = ABSOLUTE_RESOURCE_PATTERN
           DEFAULT_PEER_SERVICE_NAME = 'opensearch'
           SPAN_QUERY = 'opensearch.query'
           SPAN_TYPE_QUERY = 'opensearch'

data/lib/datadog/tracing/contrib/opensearch/patcher.rb

@@ -77,7 +77,11 @@ module Datadog
                   span.set_tag(Tracing::Metadata::Ext::TAG_PEER_HOSTNAME, host) if host
 
                   # Define span resource
-                  quantized_url = OpenSearch::Quantize.format_url(url)
+                  quantized_url = if datadog_configuration[:resource_pattern] == Ext::RELATIVE_RESOURCE_PATTERN
+                                    OpenSearch::Quantize.format_url(url.path)
+                                  else # Default to Ext::ABSOLUTE_RESOURCE_PATTERN
+                                    OpenSearch::Quantize.format_url(url)
+                                  end
                   span.resource = "#{method} #{quantized_url}"
                   Contrib::SpanAttributeSchema.set_peer_service!(span, Ext::PEER_SERVICE_SOURCES)
                 rescue StandardError => e

data/lib/datadog/tracing/contrib/rack/request_queue.rb

@@ -17,7 +17,7 @@ module Datadog
 
           module_function
 
-          def get_request_start(env, now = Time.now.utc)
+          def get_request_start(env, now = Core::Utils::Time.now.utc)
             header = env[REQUEST_START] || env[QUEUE_START]
             return unless header
 

data/lib/datadog/tracing/contrib/sidekiq/server_tracer.rb

@@ -61,7 +61,7 @@ module Datadog
               span.set_tag(Ext::TAG_JOB_RETRY_COUNT, job['retry_count'])
               span.set_tag(Ext::TAG_JOB_QUEUE, job['queue'])
               span.set_tag(Ext::TAG_JOB_WRAPPER, job['class']) if job['wrapped']
-              span.set_tag(Ext::TAG_JOB_DELAY, 1000.0 * (Time.now.utc.to_f - job['enqueued_at'].to_f))
+              span.set_tag(Ext::TAG_JOB_DELAY, 1000.0 * (Core::Utils::Time.now.utc.to_f - job['enqueued_at'].to_f))
 
               args = job['args']
               if args && !args.empty?

data/lib/datadog/tracing/span_event.rb

@@ -33,7 +33,7 @@ module Datadog
 
         # OpenTelemetry SDK stores span event timestamps in nanoseconds (not seconds).
         # We will do the same here to avoid unnecessary conversions and inconsistencies.
-        @time_unix_nano = time_unix_nano || (Time.now.to_r * 1_000_000_000).to_i
+        @time_unix_nano = time_unix_nano || (Core::Utils::Time.now.to_r * 1_000_000_000).to_i
       end
 
       # Converts the span event into a hash to be used by with the span tag serialization

data/lib/datadog/version.rb

@@ -3,7 +3,7 @@
 module Datadog
   module VERSION
     MAJOR = 2
-    MINOR = 14
+    MINOR = 15
     PATCH = 0
     PRE = nil
     BUILD = nil