datadog 2.17.0 → 2.18.0

data/lib/datadog/appsec/security_engine/engine.rb

@@ -0,0 +1,194 @@
+# frozen_string_literal: true
+
+module Datadog
+  module AppSec
+    module SecurityEngine
+      # SecurityEngine::Engine creates WAF builder and manages its configuration.
+      # It also rebuilds WAF handle from the WAF builder when configuration changes.
+      class Engine
+        DEFAULT_RULES_CONFIG_PATH = 'ASM_DD/default'
+        TELEMETRY_ACTIONS = %w[init update].freeze
+        DIAGNOSTICS_CONFIG_KEYS = %w[
+          rules
+          custom_rules
+          exclusions
+          actions
+          processors
+          scanners
+          rules_override
+          rules_data
+          exclusion_data
+        ].freeze
+
+        attr_reader :waf_addresses, :ruleset_version
+
+        def initialize(appsec_settings:, telemetry:)
+          @default_ruleset = appsec_settings.ruleset
+
+          # NOTE: replace appsec_settings argument with default_ruleset when removing these deprecated settings
+          @default_ip_denylist = appsec_settings.ip_denylist
+          @default_user_id_denylist = appsec_settings.user_id_denylist
+          @default_ip_passlist = appsec_settings.ip_passlist
+
+          @waf_builder = WAF::HandleBuilder.new(
+            obfuscator: {
+              key_regex: appsec_settings.obfuscator_key_regex,
+              value_regex: appsec_settings.obfuscator_value_regex
+            }
+          )
+
+          diagnostics = load_default_config(telemetry: telemetry)
+          report_configuration_diagnostics(diagnostics, action: 'init', telemetry: telemetry)
+
+          @waf_handle = @waf_builder.build_handle
+          @waf_addresses = @waf_handle.known_addresses
+        rescue WAF::Error => e
+          error_message = "AppSec security engine failed to initialize"
+
+          Datadog.logger.error("#{error_message}, error #{e.inspect}")
+          telemetry.report(e, description: error_message)
+
+          raise e
+        end
+
+        def finalize!
+          @waf_handle&.finalize!
+          @waf_builder&.finalize!
+
+          @waf_addresses = []
+          @ruleset_version = nil
+        end
+
+        def new_runner
+          SecurityEngine::Runner.new(@waf_handle.build_context)
+        end
+
+        def add_or_update_config(config, path:)
+          @is_ruleset_update = path.include?('ASM_DD')
+
+          # default config has to be removed when adding an ASM_DD config
+          remove_config_at_path(DEFAULT_RULES_CONFIG_PATH) if @is_ruleset_update
+
+          diagnostics = @waf_builder.add_or_update_config(config, path: path)
+          @ruleset_version = diagnostics['ruleset_version'] if diagnostics.key?('ruleset_version')
+          report_configuration_diagnostics(diagnostics, action: 'update', telemetry: AppSec.telemetry)
+
+          # we need to load default config if diagnostics contains top-level error for rules or processors
+          if @is_ruleset_update &&
+              (diagnostics.key?('error') ||
+              diagnostics.dig('rules', 'error') ||
+              diagnostics.dig('processors', 'errors'))
+            diagnostics = load_default_config(telemetry: AppSec.telemetry)
+            report_configuration_diagnostics(diagnostics, action: 'update', telemetry: AppSec.telemetry)
+          end
+
+          diagnostics
+        rescue WAF::Error => e
+          error_message = "libddwaf builder failed to add or update config at path: #{path}"
+
+          Datadog.logger.debug("#{error_message}, error: #{e.inspect}")
+          AppSec.telemetry.report(e, description: error_message)
+        end
+
+        def remove_config_at_path(path)
+          result = @waf_builder.remove_config_at_path(path)
+
+          if result && path != DEFAULT_RULES_CONFIG_PATH && path.include?('ASM_DD')
+            diagnostics = load_default_config(telemetry: AppSec.telemetry)
+            report_configuration_diagnostics(diagnostics, action: 'update', telemetry: AppSec.telemetry)
+          end
+
+          result
+        rescue WAF::Error => e
+          error_message = "libddwaf handle builder failed to remove config at path: #{path}"
+
+          Datadog.logger.error("#{error_message}, error: #{e.inspect}")
+          AppSec.telemetry.report(e, description: error_message)
+        end
+
+        def reconfigure!
+          old_waf_handle = @waf_handle
+
+          @waf_handle = @waf_builder.build_handle
+          @waf_addresses = @waf_handle.known_addresses
+
+          old_waf_handle&.finalize!
+        rescue WAF::Error => e
+          error_message = "AppSec security engine failed to reconfigure"
+
+          Datadog.logger.error("#{error_message}, error #{e.inspect}")
+          AppSec.telemetry.report(e, description: error_message)
+
+          if old_waf_handle
+            Datadog.logger.warn("Reverting to the previous configuration")
+
+            @waf_handle = old_waf_handle
+            @waf_addresses = old_waf_handle.known_addresses
+          end
+        end
+
+        private
+
+        def load_default_config(telemetry:)
+          config = AppSec::Processor::RuleLoader.load_rules(telemetry: telemetry, ruleset: @default_ruleset)
+
+          # deprecated - ip and user id denylists should be configured via RC
+          config['rules_data'] ||= AppSec::Processor::RuleLoader.load_data(
+            ip_denylist: @default_ip_denylist,
+            user_id_denylist: @default_user_id_denylist
+          )
+
+          # deprecated - ip passlist should be configured via RC
+          config['exclusions'] ||= AppSec::Processor::RuleLoader.load_exclusions(ip_passlist: @default_ip_passlist)
+
+          diagnostics = @waf_builder.add_or_update_config(config, path: DEFAULT_RULES_CONFIG_PATH)
+          @ruleset_version = diagnostics['ruleset_version']
+
+          diagnostics
+        end
+
+        def report_configuration_diagnostics(diagnostics, action:, telemetry:)
+          raise ArgumentError, 'action must be one of TELEMETRY_ACTIONS' unless TELEMETRY_ACTIONS.include?(action)
+
+          common_tags = {
+            waf_version: Datadog::AppSec::WAF::VERSION::BASE_STRING,
+            event_rules_version: diagnostics.fetch('ruleset_version', @ruleset_version).to_s,
+            action: action
+          }
+
+          if diagnostics['error']
+            telemetry.inc(
+              Ext::TELEMETRY_METRICS_NAMESPACE, 'waf.config_errors', 1,
+              tags: common_tags.merge(scope: 'top-level')
+            )
+
+            telemetry.error(diagnostics['error'])
+          end
+
+          diagnostics.each do |config_key, config_diagnostics|
+            next unless DIAGNOSTICS_CONFIG_KEYS.include?(config_key)
+            next if !config_diagnostics.key?('error') && config_diagnostics.fetch('errors', []).empty?
+
+            if config_diagnostics['error']
+              telemetry.error(config_diagnostics['error'])
+
+              telemetry.inc(
+                Ext::TELEMETRY_METRICS_NAMESPACE, 'waf.config_errors', 1,
+                tags: common_tags.merge(config_key: config_key, scope: 'top-level')
+              )
+            elsif config_diagnostics['errors']
+              config_diagnostics['errors'].each do |error, config_ids|
+                telemetry.error("#{error}: [#{config_ids.join(",")}]")
+              end
+
+              telemetry.inc(
+                Ext::TELEMETRY_METRICS_NAMESPACE, 'waf.config_errors', config_diagnostics['errors'].count,
+                tags: common_tags.merge(config_key: config_key, scope: 'item')
+              )
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/datadog/appsec/security_engine/runner.rb

@@ -9,10 +9,9 @@ module Datadog
       class Runner
         SUCCESSFUL_EXECUTION_CODES = [:ok, :match].freeze
 
-        def initialize(handle, telemetry:)
+        def initialize(waf_context)
           @mutex = Mutex.new
-          @context = WAF::Context.new(handle)
-          @telemetry = telemetry
+          @waf_context = waf_context
 
           @debug_tag = "libddwaf:#{WAF::VERSION::STRING} method:ddwaf_run"
         end
@@ -33,7 +32,7 @@ module Datadog
             v.nil? || v.empty?
           end
 
-          _code, result = try_run(persistent_data, ephemeral_data, timeout)
+          result = try_run(persistent_data, ephemeral_data, timeout)
           stop_ns = Core::Utils::Time.get_time(:nanosecond)
 
           report_execution(result)
@@ -55,19 +54,19 @@ module Datadog
           @mutex.unlock
         end
 
-        def finalize
-          @context.finalize
+        def finalize!
+          @waf_context.finalize!
         end
 
         private
 
         def try_run(persistent_data, ephemeral_data, timeout)
-          @context.run(persistent_data, ephemeral_data, timeout)
-        rescue WAF::LibDDWAF::Error => e
+          @waf_context.run(persistent_data, ephemeral_data, timeout)
+        rescue WAF::LibDDWAFError => e
           Datadog.logger.debug { "#{@debug_tag} execution error: #{e} backtrace: #{e.backtrace&.first(3)}" }
-          @telemetry.report(e, description: 'libddwaf-rb internal low-level error')
+          AppSec.telemetry.report(e, description: 'libddwaf-rb internal low-level error')
 
-          [:err_internal, WAF::Result.new(:err_internal, [], 0, false, [], [])]
+          WAF::Result.new(:err_internal, [], 0, false, [], [])
         end
 
         def report_execution(result)
@@ -79,7 +78,7 @@ module Datadog
             message = "#{@debug_tag} execution error: #{result.status.inspect}"
 
             Datadog.logger.debug { message }
-            @telemetry.error(message)
+            AppSec.telemetry.error(message)
           end
         end
       end

data/lib/datadog/appsec.rb

@@ -26,15 +26,12 @@ module Datadog
         components.appsec&.telemetry
       end
 
-      def processor
-        components.appsec&.processor
+      def security_engine
+        components.appsec&.security_engine
       end
 
-      def reconfigure(ruleset:, telemetry:)
-        appsec_component = components.appsec
-        return unless appsec_component
-
-        appsec_component.reconfigure(ruleset: ruleset, telemetry: telemetry)
+      def reconfigure!
+        components.appsec&.reconfigure!
       end
 
       def reconfigure_lock(&block)

data/lib/datadog/core/configuration/agent_settings.rb

@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+
+require_relative 'ext'
+
+module Datadog
+  module Core
+    module Configuration
+      # Immutable container for the resulting settings
+      class AgentSettings
+        # IPv6 regular expression from
+        # https://stackoverflow.com/questions/53497/regular-expression-that-matches-valid-ipv6-addresses
+        # Does not match IPv4 addresses.
+        IPV6_REGEXP = /\A(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\z)/.freeze # rubocop:disable Layout/LineLength
+
+        attr_reader :adapter, :ssl, :hostname, :port, :uds_path, :timeout_seconds
+
+        def initialize(adapter: nil, ssl: nil, hostname: nil, port: nil, uds_path: nil, timeout_seconds: nil)
+          @adapter = adapter
+          @ssl = ssl
+          @hostname = hostname
+          @port = port
+          @uds_path = uds_path
+          @timeout_seconds = timeout_seconds
+          freeze
+        end
+
+        def url
+          case adapter
+          when Datadog::Core::Configuration::Ext::Agent::HTTP::ADAPTER
+            hostname = self.hostname
+            hostname = "[#{hostname}]" if IPV6_REGEXP.match?(hostname)
+            "#{ssl ? "https" : "http"}://#{hostname}:#{port}/"
+          when Datadog::Core::Configuration::Ext::Agent::UnixSocket::ADAPTER
+            "unix://#{uds_path}"
+          else
+            raise ArgumentError, "Unexpected adapter: #{adapter}"
+          end
+        end
+
+        def ==(other)
+          self.class == other.class &&
+            adapter == other.adapter &&
+            ssl == other.ssl &&
+            hostname == other.hostname &&
+            port == other.port &&
+            uds_path == other.uds_path &&
+            timeout_seconds == other.timeout_seconds
+        end
+      end
+    end
+  end
+end

data/lib/datadog/core/configuration/agent_settings_resolver.rb

@@ -4,6 +4,7 @@ require 'uri'
 
 require_relative 'settings'
 require_relative 'ext'
+require_relative 'agent_settings'
 require_relative '../transport/ext'
 
 module Datadog
@@ -19,49 +20,6 @@ module Datadog
       # Whenever there is a conflict (different configurations are provided in different orders), it MUST warn the users
       # about it and pick a value based on the following priority: code > environment variable > defaults.
       class AgentSettingsResolver
-        # Immutable container for the resulting settings
-        class AgentSettings
-          attr_reader :adapter, :ssl, :hostname, :port, :uds_path, :timeout_seconds
-
-          def initialize(adapter: nil, ssl: nil, hostname: nil, port: nil, uds_path: nil, timeout_seconds: nil)
-            @adapter = adapter
-            @ssl = ssl
-            @hostname = hostname
-            @port = port
-            @uds_path = uds_path
-            @timeout_seconds = timeout_seconds
-            freeze
-          end
-
-          def url
-            case adapter
-            when Datadog::Core::Configuration::Ext::Agent::HTTP::ADAPTER
-              hostname = self.hostname
-              hostname = "[#{hostname}]" if IPV6_REGEXP.match?(hostname)
-              "#{ssl ? "https" : "http"}://#{hostname}:#{port}/"
-            when Datadog::Core::Configuration::Ext::Agent::UnixSocket::ADAPTER
-              "unix://#{uds_path}"
-            else
-              raise ArgumentError, "Unexpected adapter: #{adapter}"
-            end
-          end
-
-          def ==(other)
-            self.class == other.class &&
-              adapter == other.adapter &&
-              ssl == other.ssl &&
-              hostname == other.hostname &&
-              port == other.port &&
-              uds_path == other.uds_path &&
-              timeout_seconds == other.timeout_seconds
-          end
-        end
-
-        # IPv6 regular expression from
-        # https://stackoverflow.com/questions/53497/regular-expression-that-matches-valid-ipv6-addresses
-        # Does not match IPv4 addresses.
-        IPV6_REGEXP = /\A(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\z)/.freeze # rubocop:disable Layout/LineLength
-
         def self.call(settings, logger: Datadog.logger)
           new(settings, logger: logger).send(:call)
         end

data/lib/datadog/core/configuration/components.rb

@@ -126,8 +126,7 @@ module Datadog
           @dynamic_instrumentation = Datadog::DI::Component.build(settings, agent_settings, @logger, telemetry: telemetry)
           @error_tracking = Datadog::ErrorTracking::Component.build(settings, @tracer, @logger)
           @environment_logger_extra[:dynamic_instrumentation_enabled] = !!@dynamic_instrumentation
-          # TODO: Re-enable this once we have updated libdatadog to 17.1
-          # @process_discovery_fd = Core::ProcessDiscovery.get_and_store_metadata(settings, @logger)
+          @process_discovery_fd = Core::ProcessDiscovery.get_and_store_metadata(settings, @logger)
 
           self.class.configure_tracing(settings)
         end
@@ -211,8 +210,7 @@ module Datadog
           telemetry.emit_closing! unless replacement&.telemetry&.enabled
           telemetry.shutdown!
 
-          # TODO: Re-enable this once we have updated libdatadog to 17.1
-          # Core::ProcessDiscovery._native_close_tracer_memfd(@process_discovery_fd, @logger) if @process_discovery_fd
+          @process_discovery_fd&.shutdown!
         end
 
         # Returns the current state of various components.

data/lib/datadog/core/configuration/option.rb

@@ -22,7 +22,7 @@ module Datadog
           # Represents an Option precedence level.
           # Each precedence has a `numeric` value; higher values means higher precedence.
           # `name` is for inspection purposes only.
-          Value = Struct.new(:numeric, :name) do
+          Value = Struct.new(:numeric, :name, :origin) do
             include Comparable
 
             def <=>(other)
@@ -33,22 +33,22 @@ module Datadog
           end
 
           # Remote configuration provided through the Datadog app.
-          REMOTE_CONFIGURATION = Value.new(5, :remote_configuration).freeze
+          REMOTE_CONFIGURATION = Value.new(5, :remote_configuration, 'remote_config').freeze
 
           # Configuration provided in Ruby code, in this same process
-          PROGRAMMATIC = Value.new(4, :programmatic).freeze
+          PROGRAMMATIC = Value.new(4, :programmatic, 'code').freeze
 
           # Configuration provided by fleet managed stable config
-          FLEET_STABLE = Value.new(3, :fleet_stable).freeze
+          FLEET_STABLE = Value.new(3, :fleet_stable, 'fleet_stable_config').freeze
 
           # Configuration provided via environment variable
-          ENVIRONMENT = Value.new(2, :environment).freeze
+          ENVIRONMENT = Value.new(2, :environment, 'env_var').freeze
 
           # Configuration provided by local stable config file
-          LOCAL_STABLE = Value.new(1, :local_stable).freeze
+          LOCAL_STABLE = Value.new(1, :local_stable, 'local_stable_config').freeze
 
           # Configuration that comes from default values
-          DEFAULT = Value.new(0, :default).freeze
+          DEFAULT = Value.new(0, :default, 'default').freeze
 
           # All precedences, sorted from highest to lowest
           LIST = [REMOTE_CONFIGURATION, PROGRAMMATIC, FLEET_STABLE, ENVIRONMENT, LOCAL_STABLE, DEFAULT].sort.reverse.freeze
@@ -309,7 +309,7 @@ module Datadog
         end
 
         def set_customer_stable_config_value
-          customer_config = StableConfig.configuration[:local]
+          customer_config = StableConfig.configuration.dig(:local, :config)
           return if customer_config.nil?
 
           value, resolved_env = get_value_and_resolved_env_from(customer_config, source: 'local stable config')
@@ -317,7 +317,7 @@ module Datadog
         end
 
         def set_fleet_stable_config_value
-          fleet_config = StableConfig.configuration[:fleet]
+          fleet_config = StableConfig.configuration.dig(:fleet, :config)
           return if fleet_config.nil?
 
           value, resolved_env = get_value_and_resolved_env_from(fleet_config, source: 'fleet stable config')

data/lib/datadog/core/configuration/settings.rb

@@ -313,7 +313,7 @@ module Datadog
 
             # Can be used to enable/disable the collection of heap profiles.
             #
-            # This feature is alpha and disabled by default
+            # This feature is in preview and disabled by default. Requires Ruby 3.1+.
             #
             # @warn To enable heap profiling you are required to also enable allocation profiling.
             #
@@ -326,12 +326,12 @@ module Datadog
 
             # Can be used to enable/disable the collection of heap size profiles.
             #
-            # This feature is alpha and enabled by default when heap profiling is enabled.
+            # This feature is in preview and by default is enabled whenever heap profiling is enabled.
             #
-            # @warn To enable heap size profiling you are required to also enable allocation and heap profiling.
+            # @warn Heap size profiling depends on allocation and heap profiling, so they must be enabled as well.
             #
-            # @default `DD_PROFILING_EXPERIMENTAL_HEAP_SIZE_ENABLED` environment variable as a boolean, otherwise
-            # whatever the value of DD_PROFILING_EXPERIMENTAL_HEAP_ENABLED is.
+            # @default `DD_PROFILING_EXPERIMENTAL_HEAP_SIZE_ENABLED` environment variable as a boolean, otherwise it
+            # follows the value of `experimental_heap_enabled`.
             option :experimental_heap_size_enabled do |o|
               o.type :bool
               o.env 'DD_PROFILING_EXPERIMENTAL_HEAP_SIZE_ENABLED'
@@ -341,17 +341,19 @@ module Datadog
             # Can be used to configure the heap sampling rate: a heap sample will be collected for every x allocation
             # samples.
             #
-            # The lower the value, the more accuracy in heap tracking but the bigger the overhead. In particular, a
-            # value of 1 will track ALL allocations samples for heap profiles.
+            # The higher the value, the less accuracy in heap tracking but the smaller the overhead.
+            #
+            # If you needed to tweak this, please tell us why on <https://github.com/DataDog/dd-trace-rb/issues/new>,
+            # so we can fix it!
             #
             # The effective heap sampling rate in terms of allocations (not allocation samples) can be calculated via
             # effective_heap_sample_rate = allocation_sample_rate * heap_sample_rate.
             #
-            # @default `DD_PROFILING_EXPERIMENTAL_HEAP_SAMPLE_RATE` environment variable, otherwise `10`.
+            # @default `DD_PROFILING_EXPERIMENTAL_HEAP_SAMPLE_RATE` environment variable, otherwise `1`.
             option :experimental_heap_sample_rate do |o|
               o.type :int
               o.env 'DD_PROFILING_EXPERIMENTAL_HEAP_SAMPLE_RATE'
-              o.default 10
+              o.default 1
             end
 
             # Can be used to disable checking which version of `libmysqlclient` is being used by the `mysql2` gem.
@@ -542,6 +544,16 @@ module Datadog
               o.env 'DD_PROFILING_HEAP_CLEAN_AFTER_GC_ENABLED'
               o.default true
             end
+
+            # Controls if the profiler should use native filenames for frames in stack traces for functions implemented using
+            # native code. Setting to `false` will make the profiler fall back to default Ruby stack trace behavior (only show .rb files).
+            #
+            # @default true
+            option :native_filenames_enabled do |o|
+              o.type :bool
+              o.env 'DD_PROFILING_NATIVE_FILENAMES_ENABLED'
+              o.default true
+            end
           end
 
           # @public_api
@@ -572,7 +584,7 @@ module Datadog
 
           option :experimental_runtime_id_enabled do |o|
             o.type :bool
-            o.env 'DD_TRACE_EXPERIMENTAL_RUNTIME_ID_ENABLED'
+            o.env ['DD_TRACE_EXPERIMENTAL_RUNTIME_ID_ENABLED', 'DD_RUNTIME_METRICS_RUNTIME_ID_ENABLED']
             o.default false
           end
 

data/lib/datadog/core/configuration/stable_config.rb

@@ -14,8 +14,7 @@ module Datadog
         end
 
         def self.configuration
-          # @configuration ||= StableConfig.extract_configuration # TODO: After libdatadog 17.1 release, uncomment this line
-          @configuration ||= {} # TODO: After libdatadog 17.1 release, delete this line
+          @configuration ||= StableConfig.extract_configuration
         end
       end
     end

data/lib/datadog/core/crashtracking/tag_builder.rb

@@ -1,9 +1,7 @@
 # frozen_string_literal: true
 
+require_relative '../tag_builder'
 require_relative '../utils'
-require_relative '../environment/socket'
-require_relative '../environment/identity'
-require_relative '../environment/git'
 
 module Datadog
   module Core
@@ -11,27 +9,11 @@ module Datadog
       # This module builds a hash of tags
       module TagBuilder
         def self.call(settings)
-          hash = {
-            'host' => Environment::Socket.hostname,
-            'process_id' => Process.pid.to_s,
-            'runtime_engine' => Environment::Identity.lang_engine,
-            'runtime-id' => Environment::Identity.id,
-            'runtime_platform' => Environment::Identity.lang_platform,
-            'runtime_version' => Environment::Identity.lang_version,
-            'env' => settings.env,
-            'service' => settings.service,
-            'version' => settings.version,
-            'git.repository_url' => Environment::Git.git_repository_url,
-            'git.commit.sha' => Environment::Git.git_commit_sha,
+          hash = Core::TagBuilder.tags(settings).merge(
             'is_crash' => 'true',
-            'language' => 'ruby',
-            'library_version' => Core::Environment::Identity.gem_datadog_version,
-          }.compact
+          )
 
-          # Make sure everything is an utf-8 string, to avoid encoding issues in downstream
-          settings.tags.merge(hash).each_with_object({}) do |(key, value), h|
-            h[Utils.utf8_encode(key)] = Utils.utf8_encode(value)
-          end
+          Utils.encode_tags(hash)
         end
       end
     end

data/lib/datadog/core/process_discovery/tracer_memfd.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module Datadog
+  module Core
+    class ProcessDiscovery
+      class TracerMemfd
+        attr_accessor :logger
+
+        def shutdown!
+          ProcessDiscovery._native_close_tracer_memfd(self, logger)
+        end
+      end
+    end
+  end
+end

data/lib/datadog/core/process_discovery.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'datadog/core/process_discovery/tracer_memfd'
+
 module Datadog
   module Core
     # Class used to store tracer metadata in a native file descriptor.
@@ -10,7 +12,9 @@ module Datadog
           return
         end
         metadata = get_metadata(settings)
-        _native_store_tracer_metadata(logger, **metadata)
+        memfd = _native_store_tracer_metadata(logger, **metadata)
+        memfd.logger = logger if memfd
+        memfd
       end
 
       # According to the RFC, runtime_id, service_name, service_env, service_version are optional.

data/lib/datadog/core/remote/configuration/repository.rb

@@ -237,6 +237,10 @@ module Datadog
                 @path = path
                 @previous = previous
               end
+
+              def type
+                :delete
+              end
             end
 
             # Insert change
@@ -247,6 +251,10 @@ module Datadog
                 @path = path
                 @content = content
               end
+
+              def type
+                :insert
+              end
             end
 
             # Update change
@@ -258,6 +266,10 @@ module Datadog
                 @content = content
                 @previous = previous
               end
+
+              def type
+                :update
+              end
             end
           end