datadog 2.20.0 → 2.26.0

data/lib/datadog/core/utils/network.rb

@@ -13,6 +13,7 @@ module Datadog
           true-client-ip
           x-client-ip
           x-forwarded
+          forwarded
           forwarded-for
           x-cluster-client-ip
           fastly-client-ip
@@ -20,6 +21,8 @@ module Datadog
           cf-connecting-ipv6
         ].freeze
 
+        CGNAT_IP_RANGE = IPAddr.new('100.64.0.0/10')
+
         class << self
           # Returns a client IP associated with the request if it was
           #   retrieved successfully.
@@ -73,6 +76,8 @@ module Datadog
               next unless value
 
               ips = value.split(',')
+              ips = process_forwarded_header_values(ips) if name == 'forwarded'
+
               ips.each do |ip|
                 parsed_ip = ip_to_ipaddr(ip.strip)
 
@@ -83,6 +88,22 @@ module Datadog
             nil
           end
 
+          def process_forwarded_header_values(values)
+            values.each_with_object([]) do |value, acc|
+              value.downcase!
+
+              value.split(';').each do |tuple_str|
+                tuple_str.strip!
+                next unless tuple_str.start_with?('for=')
+
+                tuple_str.delete_prefix!('for=')
+                tuple_str.delete!('"')
+
+                acc << tuple_str
+              end
+            end
+          end
+
           # Returns whether the given value is more likely to be an IPv4 than an IPv6 address.
           #
           # This is done by checking if a dot (`'.'`) character appears before a colon (`':'`) in the value.
@@ -112,7 +133,7 @@ module Datadog
           end
 
           def global_ip?(parsed_ip)
-            parsed_ip && !parsed_ip.private? && !parsed_ip.loopback? && !parsed_ip.link_local?
+            parsed_ip && !parsed_ip.private? && !parsed_ip.loopback? && !parsed_ip.link_local? && !CGNAT_IP_RANGE.include?(parsed_ip)
           end
         end
       end

data/lib/datadog/core/utils/only_once_successful.rb

@@ -29,7 +29,11 @@ module Datadog
       # In https://github.com/DataDog/dd-trace-rb/pull/1398#issuecomment-797378810 we have a discussion of alternatives,
       # including an alternative implementation that is Ractor-safe once spent.
       class OnlyOnceSuccessful < OnlyOnce
-        def initialize(limit = 0)
+        def initialize(limit = nil)
+          if limit && limit <= 0
+            raise ArgumentError, "Limit must be a positive integer if provided: #{limit}"
+          end
+
           super()
 
           @limit = limit
@@ -63,7 +67,9 @@ module Datadog
 
         private
 
+        # Use this method only after checking that limit is not nil.
         def check_limit!
+          # @type ivar @limit: Integer
           if @retries >= @limit
             @failed = true
             @ran_once = true
@@ -71,7 +77,7 @@ module Datadog
         end
 
         def limited?
-          !@limit.nil? && @limit.positive?
+          !@limit.nil?
         end
 
         def reset_ran_once_state_for_tests

data/lib/datadog/core/utils/safe_dup.rb

@@ -5,8 +5,8 @@ module Datadog
     module Utils
       # Helper methods for safer dup
       module SafeDup
-        # String#+@ was introduced in Ruby 2.3
-        def self.frozen_or_dup(v)
+        # Steep: https://github.com/soutaro/steep/issues/2001
+        def self.frozen_or_dup(v) # steep:ignore MethodBodyTypeMismatch
           # For the case of a String we use the methods +@ and -@.
           # Those methods are only for String objects
           # they are faster and chepaer on the memory side.

data/lib/datadog/core/utils/sequence.rb

@@ -12,6 +12,8 @@ module Datadog
         end
 
         def next
+          # Steep: https://github.com/soutaro/steep/issues/477
+          # @type ivar @next_item: ^(::Integer) -> Integer
           next_item = @next_item ? @next_item.call(@current) : @current
           @current += 1
           next_item

data/lib/datadog/core/utils/time.rb

@@ -10,7 +10,7 @@ module Datadog
         # Current monotonic time
         #
         # @param unit [Symbol] unit for the resulting value, same as ::Process#clock_gettime, defaults to :float_second
-        # @return [Numeric] timestamp in the requested unit, since some unspecified starting point
+        # @return [Float|Integer] timestamp in the requested unit, since some unspecified starting point
         def get_time(unit = :float_second)
           Process.clock_gettime(Process::CLOCK_MONOTONIC, unit)
         end

data/lib/datadog/core/utils.rb

@@ -38,6 +38,8 @@ module Datadog
 
       # Ensure `str` is a valid UTF-8, ready to be
       # sent through the tracer transport.
+      # DEV-3.0: This method should unconditionally handle invalid byte sequences
+      # DEV-3.0: and return a safe string to display.
       #
       # @param [String,#to_s] str object to be converted to a UTF-8 string
       # @param [Boolean] binary whether to expect binary data in the `str` parameter

data/lib/datadog/core/workers/async.rb

@@ -8,6 +8,11 @@ module Datadog
       module Async
         # Adds threading behavior to workers
         # to run tasks asynchronously.
+        #
+        # This module is included in Polling module, and has no other
+        # direct users.
+        #
+        # @api private
         module Thread
           FORK_POLICY_STOP = :stop
           FORK_POLICY_RESTART = :restart
@@ -24,7 +29,11 @@ module Datadog
           # Methods that must be prepended
           module PrependedMethods
             def perform(*args)
-              start_async { self.result = super(*args) } unless started?
+              unless started?
+                start_async do
+                  self.result = super(*args)
+                end
+              end
             end
           end
 

data/lib/datadog/core/workers/interval_loop.rb

@@ -5,6 +5,11 @@ module Datadog
     module Workers
       # Adds looping behavior to workers, with a sleep
       # interval between each loop.
+      #
+      # This module is included in Polling module, and has no other
+      # direct users.
+      #
+      # @api private
       module IntervalLoop
         BACK_OFF_RATIO = 1.2
         BACK_OFF_MAX = 5
@@ -38,15 +43,39 @@ module Datadog
 
         def stop_loop
           mutex.synchronize do
-            return false unless run_loop?
-
+            # Do not call run_loop? from this method to see if the loop
+            # is running, because @run_loop is normally initialized by
+            # the background thread and if the stop is requested right
+            # after the worker starts, the background thread may be created
+            # (and scheduled) but hasn't run yet, thus skipping the
+            # write to @run_loop here would leave the thread running forever.
             @run_loop = false
+
+            # It is possible that we don't need to signal shutdown if
+            # @run_loop was not initialized (i.e. we changed it from not
+            # defined to false above). But let's be safe and signal the
+            # shutdown anyway, I don't see what harm it can cause.
             shutdown.signal
           end
 
+          # Previously, this method would return false (and do nothing)
+          # if the worker was not running the loop. However, this was racy -
+          # see https://github.com/DataDog/ruby-guild/issues/279.
+          # stop_loop now always sets the state to "stop requested" and,
+          # correspondingly, always returns true.
+          #
+          # There is some test code that returns false when mocking this
+          # method - most likely this method should be treated as a void one
+          # and the caller should assume that the stop was always requested.
           true
         end
 
+        # TODO This overwrites Queue's +work_pending?+ method with an
+        # implementation that, to me, is at leat questionable semantically:
+        # the Queue's idea of pending work is if the buffer is not empty,
+        # but this module says that work is pending if the work processing
+        # loop is scheduled to run (in other words, as long as the background
+        # thread is running, there is always pending work).
         def work_pending?
           run_loop?
         end
@@ -104,7 +133,19 @@ module Datadog
 
         def perform_loop
           mutex.synchronize do
-            @run_loop = true
+            unless defined?(@run_loop)
+              # This write must only happen if @run_loop is not defined
+              # (i.e., not initialized). In the case when the worker is
+              # asked to stop right after it is created, the thread may not
+              # have run yet by the time +stop_loop+ is invoked and
+              # we need to preserve the stop-requested state from
+              # +stop_loop+ to +perform_loop+.
+              #
+              # If the workers are refactored to use classes and inheritance
+              # and their state, such as @run_loop, is initialized in
+              # constructors, the write can be made unconditional.
+              @run_loop = true
+            end
 
             shutdown.wait(mutex, loop_wait_time) if loop_wait_before_first_iteration?
           end

data/lib/datadog/core/workers/polling.rb

@@ -7,6 +7,8 @@ module Datadog
   module Core
     module Workers
       # Adds polling (async looping) behavior to workers
+      #
+      # @api private
       module Polling
         DEFAULT_SHUTDOWN_TIMEOUT = 1
 

data/lib/datadog/core/workers/queue.rb

@@ -5,6 +5,17 @@ module Datadog
     module Workers
       # Adds queue behavior to workers, with a buffer
       # to which items can be queued then dequeued.
+      #
+      # This module is included in some but not all workers.
+      # Notably, Data Streams Processor uses a queue but implements it
+      # inline rather than using this module.
+      #
+      # The workers that do include Queue also include Polling, which
+      # in turn includes Async::Thread and IntervalLoop. This means
+      # we have e.g. +in_iteration?+ always available in any worker
+      # that includes Queue.
+      #
+      # @api private
       module Queue
         def self.included(base)
           base.prepend(PrependedMethods)
@@ -13,11 +24,16 @@ module Datadog
         # Methods that must be prepended
         module PrependedMethods
           def perform(*args)
-            super(*dequeue) if work_pending?
+            if work_pending?
+              work = dequeue
+              super(*work)
+            end
           end
         end
 
         def buffer
+          # Why is this an unsynchronized Array and not a Core::Buffer
+          # instance?
           @buffer ||= []
         end
 
@@ -34,10 +50,93 @@ module Datadog
           !buffer.empty?
         end
 
+        # Wait for the worker to finish handling all work that has already
+        # been submitted to it.
+        #
+        # If the worker is not enabled, returns nil.
+        # If the worker is enabled, returns whether, at the point of return,
+        # there was no pending or in progress work.
+        #
+        # Flushing can time out because there is a constant stream of work
+        # submitted at the same or higher rate than it is processed.
+        # Flushing can also fail if the worker thread is not running -
+        # this method will not flush from the calling thread.
+        def flush(timeout: nil)
+          # Default timeout is 5 seconds.
+          # Specific workers can override it to be more or less
+          timeout ||= 5
+
+          # Nothing needs to be done if the worker is not enabled.
+          return nil unless enabled?
+
+          unless running?
+            unless buffer.empty?
+              # If we are asked to flush but the worker is not running,
+              # do not flush from the caller thread. If the buffer is not
+              # empty, it will not be flushed. Log a warning to this effect.
+              #
+              # We are not guaranteed to have a logger as an instance method,
+              # reference the global for now - all other worker methods
+              # also reference the logger globally.
+              # TODO inject it into worker instances.
+              Datadog.logger.debug { "Asked to flush #{self} when the worker is not running" }
+              return false
+            end
+          end
+
+          started = Utils::Time.get_time
+          loop do
+            # The AppStarted event is triggered by the worker itself,
+            # from the worker thread. As such the main thread has no way
+            # to delay itself until that event is queued and we need some
+            # way to wait until that event is sent out to assert on it in
+            # the test suite. Check the run once flag which *should*
+            # indicate the event has been queued (at which point our queue
+            # depth check should wait until it's sent).
+            # This is still a hack because the flag can be overridden
+            # either way with or without the event being sent out.
+            # Note that if the AppStarted sending fails, this check
+            # will return false and flushing will be blocked until the
+            # 15 second timeout.
+            # Note that the first wait interval between telemetry event
+            # sending is 10 seconds, the timeout needs to be strictly
+            # greater than that.
+            return true if idle?
+
+            return false if Utils::Time.get_time - started > timeout
+
+            sleep 0.5
+          end
+        end
+
         protected
 
         attr_writer \
           :buffer
+
+        # Returns whether this worker has no pending work and is not actively
+        # working.
+        #
+        # The reason why "actively working" is considered is that we use
+        # flushing to ensure all work is completed before asserting on the
+        # outcome in the tests - if work is happening in a background thread,
+        # it's too early to assert on its results.
+        def idle?
+          # We have a +work_pending?+ method in this class that semantically
+          # would be appropriate here instead of calling +buffer.empty?+.
+          # Unfortunately IntervalLoop replaces our implementation of
+          # +work_pending?+ with one that doesn't make sense at least for the
+          # Queue. And we can't change the order of module includes because
+          # they all override +perform+ and the correct behavior depends on
+          # placing IntervalLoop after Queue.
+          #
+          # The TraceWriter worker then defines +work_pending?+ to be the
+          # same as Queue implementation here... Essentially, it demands
+          # the behavior that perhaps should be applied to all workers.
+          #
+          # Until this mess is untangled, call +buffer.empty?+ here.
+          buffer.empty? && !in_iteration?
+        end
       end
     end
   end

data/lib/datadog/core.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require_relative 'core/deprecations'
+require_relative 'core/configuration/config_helper'
 require_relative 'core/extensions'
 
 # We must load core extensions to make certain global APIs
@@ -21,6 +22,7 @@ module Datadog
       end
   end
 
+  DATADOG_ENV = Core::Configuration::ConfigHelper.new
   extend Core::Extensions
 
   # Add shutdown hook:

data/lib/datadog/data_streams/configuration/settings.rb

@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+
+require_relative '../../core/environment/variable_helpers'
+require_relative '../ext'
+
+module Datadog
+  module DataStreams
+    module Configuration
+      # Configuration settings for Data Streams Monitoring.
+      module Settings
+        def self.extended(base)
+          base = base.singleton_class unless base.is_a?(Class)
+          add_settings!(base)
+        end
+
+        def self.add_settings!(base)
+          base.class_eval do
+            # Data Streams Monitoring configuration
+            # @public_api
+            settings :data_streams do
+              # Whether Data Streams Monitoring is enabled. When enabled, the library will
+              # collect and report data lineage information for messaging systems.
+              #
+              # @default `DD_DATA_STREAMS_ENABLED` environment variable, otherwise `false`.
+              # @return [Boolean]
+              option :enabled do |o|
+                o.type :bool
+                o.env Ext::ENV_ENABLED
+                o.default false
+              end
+
+              # The interval (in seconds) at which Data Streams Monitoring stats are flushed.
+              #
+              # @default 10.0
+              # @env '_DD_TRACE_STATS_WRITER_INTERVAL'
+              # @return [Float]
+              # @!visibility private
+              option :interval do |o|
+                o.type :float
+                o.env '_DD_TRACE_STATS_WRITER_INTERVAL'
+                o.default 10.0
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/datadog/data_streams/configuration.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+require_relative 'configuration/settings'
+
+module Datadog
+  module DataStreams
+    # Configuration for Data Streams Monitoring
+    module Configuration
+    end
+  end
+end

data/lib/datadog/data_streams/ext.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Datadog
+  module DataStreams
+    # Constants for Data Streams Monitoring configuration
+    # @public_api
+    module Ext
+      ENV_ENABLED = 'DD_DATA_STREAMS_ENABLED'
+    end
+  end
+end

data/lib/datadog/data_streams/extensions.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+require_relative 'configuration'
+require_relative '../core/configuration'
+
+module Datadog
+  module DataStreams
+    # Extends Datadog with Data Streams Monitoring features
+    module Extensions
+      # Inject Data Streams settings into global configuration.
+      def self.activate!
+        Core::Configuration::Settings.extend(Configuration::Settings)
+      end
+    end
+  end
+end

data/lib/datadog/data_streams/pathway_context.rb

@@ -0,0 +1,169 @@
+# frozen_string_literal: true
+
+require 'stringio'
+require_relative '../core/utils/base64'
+
+module Datadog
+  module DataStreams
+    # Represents a pathway context for data streams monitoring
+    class PathwayContext
+      # The current pathway hash value (result of FNV-1a hash function)
+      attr_accessor :hash
+      # When the pathway started
+      attr_accessor :pathway_start
+      # When the current edge started
+      attr_accessor :current_edge_start
+      # The hash value of the parent checkpoint
+      attr_accessor :parent_hash
+      # The direction tag of the previous checkpoint (e.g., 'direction:in', 'direction:out'), or nil if none
+      attr_accessor :previous_direction
+      # Hash value of the closest checkpoint in opposite direction (used for loop detection)
+      attr_accessor :closest_opposite_direction_hash
+      # Edge start time of the closest opposite direction checkpoint
+      attr_accessor :closest_opposite_direction_edge_start
+
+      def initialize(hash_value:, pathway_start:, current_edge_start:)
+        @hash = hash_value
+        @pathway_start = pathway_start
+        @current_edge_start = current_edge_start
+        @parent_hash = nil
+
+        @previous_direction = nil
+        @closest_opposite_direction_hash = 0
+        @closest_opposite_direction_edge_start = current_edge_start
+      end
+
+      def encode_b64
+        Core::Utils::Base64.strict_encode64(encode)
+      end
+
+      # Decode pathway context from base64 encoded string
+      def self.decode_b64(encoded_ctx)
+        return nil unless encoded_ctx && !encoded_ctx.empty?
+
+        begin
+          binary_data = Core::Utils::Base64.strict_decode64(encoded_ctx)
+          decode(binary_data)
+        rescue ArgumentError => e
+          # Invalid base64 encoding - may indicate version mismatch or corruption
+          Datadog.logger.debug("Failed to decode DSM pathway context: #{e.message}")
+          nil
+        end
+      end
+
+      private
+
+      def encode
+        # Format:
+        # - 8 bytes: hash value (little-endian)
+        # - VarInt: pathway start time (milliseconds)
+        # - VarInt: current edge start time (milliseconds)
+        [@hash].pack('Q') <<
+          encode_var_int_64(time_to_ms(@pathway_start)) <<
+          encode_var_int_64(time_to_ms(@current_edge_start))
+      end
+
+      # Decode pathway context from binary data
+      def self.decode(binary_data)
+        return nil unless binary_data && binary_data.bytesize >= 8
+
+        reader = StringIO.new(binary_data)
+
+        # Extract 8-byte hash (little-endian)
+        hash_bytes = reader.read(8)
+        return nil unless hash_bytes
+
+        hash_value = hash_bytes.unpack1('Q') # : Integer
+
+        # Extract pathway start time (VarInt milliseconds)
+        pathway_start_ms = decode_varint(reader)
+        return nil unless pathway_start_ms
+
+        # Extract current edge start time (VarInt milliseconds)
+        current_edge_start_ms = decode_varint(reader)
+        return nil unless current_edge_start_ms
+
+        # Convert milliseconds to Time objects
+        pathway_start = ms_to_time(pathway_start_ms)
+        current_edge_start = ms_to_time(current_edge_start_ms)
+
+        new(
+          hash_value: hash_value,
+          pathway_start: pathway_start,
+          current_edge_start: current_edge_start
+        )
+      rescue EOFError
+        # Not enough data in binary stream
+        nil
+      end
+      private_class_method :decode
+
+      # Encode an unsigned 64-bit integer using LEB128 variable-length encoding.
+      #
+      # This implements unsigned LEB128 (Little Endian Base 128) encoding as specified
+      # in DWARF5 standard section 7.6:
+      # https://dwarfstd.org/doc/DWARF5.pdf#page=301
+      #
+      # Each byte uses 7 bits for data and 1 bit to indicate continuation.
+      # The high bit is set if more bytes follow, clear for the final byte.
+      #
+      # @param value [Integer] Unsigned integer value to encode
+      # @return [String] Binary string of encoded bytes
+      def encode_var_int_64(value)
+        bytes = []
+        while value >= 0x80
+          bytes << ((value & 0x7F) | 0x80)
+          value >>= 7
+        end
+        bytes << value
+        bytes.pack('C*')
+      end
+
+      # Decode an unsigned LEB128 variable-length integer from IO stream.
+      #
+      # This implements unsigned LEB128 (Little Endian Base 128) decoding as specified
+      # in DWARF5 standard section 7.6:
+      # https://dwarfstd.org/doc/DWARF5.pdf#page=301
+      #
+      # VarInt format: Each byte uses 7 bits for data, 1 bit for continuation
+      # - High bit set = more bytes follow
+      # - High bit clear = final byte
+      # - Data bits accumulated in little-endian order
+      #
+      # @param io [StringIO] IO stream to read from
+      # @return [Integer, nil] Decoded unsigned integer, or nil if malformed
+      def self.decode_varint(io)
+        value = 0
+        shift = 0
+
+        loop do
+          byte = io.readbyte
+
+          # Add this byte's 7 data bits to our value
+          value |= (byte & 0x7F) << shift
+
+          # If high bit is clear, we're done
+          return value unless (byte & 0x80).nonzero?
+
+          shift += 7
+
+          # Safety: prevent infinite decoding
+          return nil if shift >= 64
+        end
+      rescue EOFError
+        # Stream ended unexpectedly - malformed data
+        nil
+      end
+      private_class_method :decode_varint
+
+      def self.ms_to_time(milliseconds)
+        ::Time.at(milliseconds / 1000.0)
+      end
+      private_class_method :ms_to_time
+
+      def time_to_ms(time)
+        (time.to_f * 1000).to_i
+      end
+    end
+  end
+end