RubyGems - datadog - Versions diffs - 2.3.0 → 2.4.0 - Mend

datadog 2.3.0 → 2.4.0

Files changed (129) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +37 -1
data/ext/datadog_profiling_loader/datadog_profiling_loader.c +9 -1
data/ext/datadog_profiling_loader/extconf.rb +10 -22
data/ext/datadog_profiling_native_extension/collectors_cpu_and_wall_time_worker.c +148 -30
data/ext/datadog_profiling_native_extension/collectors_discrete_dynamic_sampler.c +4 -2
data/ext/datadog_profiling_native_extension/collectors_stack.c +89 -46
data/ext/datadog_profiling_native_extension/collectors_thread_context.c +580 -29
data/ext/datadog_profiling_native_extension/collectors_thread_context.h +9 -1
data/ext/datadog_profiling_native_extension/datadog_ruby_common.c +0 -27
data/ext/datadog_profiling_native_extension/datadog_ruby_common.h +0 -4
data/ext/datadog_profiling_native_extension/extconf.rb +38 -21
data/ext/datadog_profiling_native_extension/gvl_profiling_helper.c +50 -0
data/ext/datadog_profiling_native_extension/gvl_profiling_helper.h +75 -0
data/ext/datadog_profiling_native_extension/heap_recorder.c +20 -6
data/ext/datadog_profiling_native_extension/http_transport.c +38 -6
data/ext/datadog_profiling_native_extension/private_vm_api_access.c +52 -1
data/ext/datadog_profiling_native_extension/private_vm_api_access.h +3 -0
data/ext/datadog_profiling_native_extension/profiling.c +1 -1
data/ext/datadog_profiling_native_extension/stack_recorder.h +1 -0
data/ext/libdatadog_api/crashtracker.c +20 -18
data/ext/libdatadog_api/datadog_ruby_common.c +0 -27
data/ext/libdatadog_api/datadog_ruby_common.h +0 -4
data/ext/libdatadog_extconf_helpers.rb +1 -1
data/lib/datadog/appsec/assets/waf_rules/recommended.json +2184 -108
data/lib/datadog/appsec/assets/waf_rules/strict.json +1430 -2
data/lib/datadog/appsec/component.rb +29 -8
data/lib/datadog/appsec/configuration/settings.rb +2 -2
data/lib/datadog/appsec/contrib/devise/patcher/authenticatable_patch.rb +1 -0
data/lib/datadog/appsec/contrib/devise/patcher/rememberable_patch.rb +21 -0
data/lib/datadog/appsec/contrib/devise/patcher.rb +12 -2
data/lib/datadog/appsec/contrib/graphql/appsec_trace.rb +0 -14
data/lib/datadog/appsec/contrib/graphql/gateway/multiplex.rb +67 -31
data/lib/datadog/appsec/contrib/graphql/gateway/watcher.rb +18 -15
data/lib/datadog/appsec/contrib/graphql/integration.rb +14 -1
data/lib/datadog/appsec/contrib/rack/gateway/request.rb +2 -5
data/lib/datadog/appsec/event.rb +1 -1
data/lib/datadog/appsec/processor/rule_loader.rb +3 -1
data/lib/datadog/appsec/processor/rule_merger.rb +33 -15
data/lib/datadog/appsec/processor.rb +36 -37
data/lib/datadog/appsec/rate_limiter.rb +25 -40
data/lib/datadog/appsec/remote.rb +7 -3
data/lib/datadog/appsec.rb +2 -2
data/lib/datadog/core/configuration/components.rb +4 -3
data/lib/datadog/core/configuration/settings.rb +84 -5
data/lib/datadog/core/crashtracking/component.rb +1 -1
data/lib/datadog/core/environment/execution.rb +5 -5
data/lib/datadog/core/metrics/client.rb +7 -0
data/lib/datadog/core/rate_limiter.rb +183 -0
data/lib/datadog/core/remote/client/capabilities.rb +4 -3
data/lib/datadog/core/remote/component.rb +4 -2
data/lib/datadog/core/remote/negotiation.rb +4 -4
data/lib/datadog/core/remote/tie.rb +2 -0
data/lib/datadog/core/runtime/metrics.rb +1 -1
data/lib/datadog/core/telemetry/component.rb +2 -0
data/lib/datadog/core/telemetry/event.rb +12 -7
data/lib/datadog/core/telemetry/logger.rb +51 -0
data/lib/datadog/core/telemetry/logging.rb +50 -14
data/lib/datadog/core/telemetry/request.rb +13 -1
data/lib/datadog/core/utils/time.rb +12 -0
data/lib/datadog/di/code_tracker.rb +168 -0
data/lib/datadog/di/configuration/settings.rb +163 -0
data/lib/datadog/di/configuration.rb +11 -0
data/lib/datadog/di/error.rb +31 -0
data/lib/datadog/di/extensions.rb +16 -0
data/lib/datadog/di/probe.rb +133 -0
data/lib/datadog/di/probe_builder.rb +41 -0
data/lib/datadog/di/redactor.rb +188 -0
data/lib/datadog/di/serializer.rb +193 -0
data/lib/datadog/di.rb +14 -0
data/lib/datadog/opentelemetry/sdk/propagator.rb +2 -0
data/lib/datadog/profiling/collectors/cpu_and_wall_time_worker.rb +12 -10
data/lib/datadog/profiling/collectors/info.rb +12 -3
data/lib/datadog/profiling/collectors/thread_context.rb +26 -0
data/lib/datadog/profiling/component.rb +20 -4
data/lib/datadog/profiling/http_transport.rb +6 -1
data/lib/datadog/profiling/scheduler.rb +2 -0
data/lib/datadog/profiling/stack_recorder.rb +3 -0
data/lib/datadog/single_step_instrument.rb +12 -0
data/lib/datadog/tracing/contrib/action_cable/instrumentation.rb +8 -12
data/lib/datadog/tracing/contrib/action_pack/action_controller/instrumentation.rb +5 -0
data/lib/datadog/tracing/contrib/action_pack/action_dispatch/instrumentation.rb +78 -0
data/lib/datadog/tracing/contrib/action_pack/action_dispatch/patcher.rb +33 -0
data/lib/datadog/tracing/contrib/action_pack/patcher.rb +2 -0
data/lib/datadog/tracing/contrib/active_record/configuration/resolver.rb +4 -0
data/lib/datadog/tracing/contrib/active_record/events/instantiation.rb +3 -1
data/lib/datadog/tracing/contrib/active_record/events/sql.rb +3 -1
data/lib/datadog/tracing/contrib/active_support/cache/events/cache.rb +5 -1
data/lib/datadog/tracing/contrib/aws/instrumentation.rb +5 -0
data/lib/datadog/tracing/contrib/elasticsearch/patcher.rb +6 -1
data/lib/datadog/tracing/contrib/faraday/middleware.rb +9 -0
data/lib/datadog/tracing/contrib/grape/endpoint.rb +19 -0
data/lib/datadog/tracing/contrib/graphql/patcher.rb +9 -12
data/lib/datadog/tracing/contrib/graphql/trace_patcher.rb +3 -3
data/lib/datadog/tracing/contrib/graphql/tracing_patcher.rb +3 -3
data/lib/datadog/tracing/contrib/graphql/unified_trace.rb +13 -9
data/lib/datadog/tracing/contrib/graphql/unified_trace_patcher.rb +6 -3
data/lib/datadog/tracing/contrib/http/instrumentation.rb +18 -15
data/lib/datadog/tracing/contrib/httpclient/instrumentation.rb +6 -5
data/lib/datadog/tracing/contrib/httpclient/patcher.rb +1 -14
data/lib/datadog/tracing/contrib/httprb/instrumentation.rb +5 -0
data/lib/datadog/tracing/contrib/httprb/patcher.rb +1 -14
data/lib/datadog/tracing/contrib/lograge/patcher.rb +1 -2
data/lib/datadog/tracing/contrib/mongodb/subscribers.rb +2 -0
data/lib/datadog/tracing/contrib/opensearch/patcher.rb +13 -6
data/lib/datadog/tracing/contrib/patcher.rb +2 -1
data/lib/datadog/tracing/contrib/presto/patcher.rb +1 -13
data/lib/datadog/tracing/contrib/rack/middlewares.rb +27 -0
data/lib/datadog/tracing/contrib/redis/tags.rb +4 -0
data/lib/datadog/tracing/contrib/sinatra/tracer.rb +4 -0
data/lib/datadog/tracing/contrib/stripe/request.rb +3 -2
data/lib/datadog/tracing/distributed/propagation.rb +7 -0
data/lib/datadog/tracing/metadata/ext.rb +2 -0
data/lib/datadog/tracing/remote.rb +5 -2
data/lib/datadog/tracing/sampling/matcher.rb +6 -1
data/lib/datadog/tracing/sampling/rate_sampler.rb +1 -1
data/lib/datadog/tracing/sampling/rule.rb +2 -0
data/lib/datadog/tracing/sampling/rule_sampler.rb +9 -5
data/lib/datadog/tracing/sampling/span/ext.rb +1 -1
data/lib/datadog/tracing/sampling/span/rule.rb +2 -2
data/lib/datadog/tracing/trace_operation.rb +26 -2
data/lib/datadog/tracing/tracer.rb +14 -12
data/lib/datadog/tracing/transport/http/client.rb +1 -0
data/lib/datadog/tracing/transport/io/client.rb +1 -0
data/lib/datadog/tracing/workers/trace_writer.rb +1 -1
data/lib/datadog/tracing/workers.rb +1 -1
data/lib/datadog/version.rb +1 -1
metadata +25 -8
data/lib/datadog/tracing/sampling/rate_limiter.rb +0 -185

data/lib/datadog/appsec/rate_limiter.rb CHANGED Viewed

@@ -1,60 +1,45 @@
 # frozen_string_literal: true
+require_relative '../core/rate_limiter'
 module Datadog
   module AppSec
-    # Simple per-thread rate limiter
-    # Since AppSec marks sampling to keep on a security event, this limits the flood of egress traces involving AppSec
+    # Per-thread rate limiter based on token bucket rate limiter.
+    #
+    # Since AppSec marks sampling to keep on a security event, this limits
+    # the flood of egress traces involving AppSec
     class RateLimiter
-      def initialize(rate)
-        @rate = rate
-        @timestamps = []
-      end
-      def limit
-        now = Time.now.to_f
-        loop do
-          oldest = @timestamps.first
-          break if oldest.nil? || now - oldest < 1
-          @timestamps.shift
-        end
-        @timestamps << now
-        if (count = @timestamps.count) <= @rate
-          yield
-        else
-          Datadog.logger.debug { "Rate limit hit: #{count}/#{@rate} AppSec traces/second" }
-        end
-      end
+      THREAD_KEY = :datadog_security_appsec_rate_limiter
       class << self
-        def limit(name, &block)
-          rate_limiter(name).limit(&block)
+        def thread_local
+          rate_limiter = Thread.current.thread_variable_get(THREAD_KEY)
+          return rate_limiter unless rate_limiter.nil?
+          Thread.current.thread_variable_set(THREAD_KEY, new(trace_rate_limit))
         end
         # reset a rate limiter: used for testing
-        def reset!(name)
-          Thread.current[:datadog_security_trace_rate_limiter] = nil
+        def reset!
+          Thread.current.thread_variable_set(THREAD_KEY, nil)
         end
-        protected
-        def rate_limiter(name)
-          case name
-          when :traces
-            Thread.current[:datadog_security_trace_rate_limiter] ||= RateLimiter.new(trace_rate_limit)
-          else
-            raise "unsupported rate limiter: #{name.inspect}"
-          end
-        end
+        private
         def trace_rate_limit
           Datadog.configuration.appsec.trace_rate_limit
         end
       end
+      def initialize(rate)
+        @rate_limiter = Core::TokenBucket.new(rate)
+      end
+      def limit
+        return yield if @rate_limiter.allow?
+        Datadog.logger.debug { "Rate limit hit: #{@rate_limiter.current_window_rate} AppSec traces/second" }
+      end
     end
   end
 end

data/lib/datadog/appsec/remote.rb CHANGED Viewed

@@ -53,7 +53,7 @@ module Datadog
         end
         # rubocop:disable Metrics/MethodLength
-        def receivers
+        def receivers(telemetry)
           return [] unless remote_features_enabled?
           matcher = Core::Remote::Dispatcher::Matcher::Product.new(ASM_PRODUCTS)
@@ -86,7 +86,10 @@ module Datadog
             end
             if rules.empty?
-              settings_rules = AppSec::Processor::RuleLoader.load_rules(ruleset: Datadog.configuration.appsec.ruleset)
+              settings_rules = AppSec::Processor::RuleLoader.load_rules(
+                telemetry: telemetry,
+                ruleset: Datadog.configuration.appsec.ruleset
+              )
               raise NoRulesError, 'no default rules available' unless settings_rules
@@ -99,9 +102,10 @@ module Datadog
               overrides: overrides,
               exclusions: exclusions,
               custom_rules: custom_rules,
+              telemetry: telemetry
             )
-            Datadog::AppSec.reconfigure(ruleset: ruleset, actions: actions)
+            Datadog::AppSec.reconfigure(ruleset: ruleset, actions: actions, telemetry: telemetry)
           end
           [receiver]

data/lib/datadog/appsec.rb CHANGED Viewed

@@ -23,12 +23,12 @@ module Datadog
         appsec_component.processor if appsec_component
       end
-      def reconfigure(ruleset:, actions:)
+      def reconfigure(ruleset:, actions:, telemetry:)
         appsec_component = components.appsec
         return unless appsec_component
-        appsec_component.reconfigure(ruleset: ruleset, actions: actions)
+        appsec_component.reconfigure(ruleset: ruleset, actions: actions, telemetry: telemetry)
       end
       def reconfigure_lock(&block)

data/lib/datadog/core/configuration/components.rb CHANGED Viewed

@@ -94,7 +94,9 @@ module Datadog
           # the Core resolver from within your product/component's namespace.
           agent_settings = AgentSettingsResolver.call(settings, logger: @logger)
-          @remote = Remote::Component.build(settings, agent_settings)
+          @telemetry = self.class.build_telemetry(settings, agent_settings, @logger)
+          @remote = Remote::Component.build(settings, agent_settings, telemetry: telemetry)
           @tracer = self.class.build_tracer(settings, agent_settings, logger: @logger)
           @crashtracker = self.class.build_crashtracker(settings, agent_settings, logger: @logger)
@@ -107,8 +109,7 @@ module Datadog
           @runtime_metrics = self.class.build_runtime_metrics_worker(settings)
           @health_metrics = self.class.build_health_metrics(settings)
-          @telemetry = self.class.build_telemetry(settings, agent_settings, logger)
-          @appsec = Datadog::AppSec::Component.build_appsec_component(settings)
+          @appsec = Datadog::AppSec::Component.build_appsec_component(settings, telemetry: telemetry)
           self.class.configure_tracing(settings)
         end

data/lib/datadog/core/configuration/settings.rb CHANGED Viewed

@@ -410,10 +410,8 @@ module Datadog
             # The profiler gathers data by sending `SIGPROF` unix signals to Ruby application threads.
             #
             # We've discovered that this can trigger a bug in a number of Ruby APIs in the `Dir` class, as
-            # described in https://github.com/DataDog/dd-trace-rb/issues/3450 . This workaround prevents the issue
-            # from happening by monkey patching the affected APIs.
-            #
-            # (In the future, once a fix lands upstream, we'll disable this workaround for Rubies that don't need it)
+            # described in https://bugs.ruby-lang.org/issues/20586 .
+            # This was fixed for Ruby 3.4+, and this setting is a no-op for those versions.
             #
             # @default `DD_PROFILING_DIR_INTERRUPTION_WORKAROUND_ENABLED` environment variable as a boolean,
             # otherwise `true`
@@ -462,6 +460,60 @@ module Datadog
                 end
               end
             end
+            # Enables GVL profiling. This will show when threads are waiting for GVL in the timeline view.
+            #
+            # This is a preview feature and disabled by default. It requires Ruby 3.2+.
+            #
+            # @default `DD_PROFILING_PREVIEW_GVL_ENABLED` environment variable as a boolean, otherwise `false`
+            option :preview_gvl_enabled do |o|
+              o.type :bool
+              o.env 'DD_PROFILING_PREVIEW_GVL_ENABLED'
+              o.default false
+            end
+            # Controls the smallest time period the profiler will report a thread waiting for the GVL.
+            #
+            # The default value was set to minimize overhead. Periods smaller than the set value will not be reported (e.g.
+            # the thread will be reported as whatever it was doing before it waited for the GVL).
+            #
+            # We do not recommend setting this to less than 1ms. Tweaking this value can increase application latency and
+            # memory use.
+            #
+            # @default 10_000_000 (10ms)
+            option :waiting_for_gvl_threshold_ns do |o|
+              o.type :int
+              o.default 10_000_000
+            end
+            # Controls if the profiler should attempt to read context from the otel library
+            #
+            # @default false
+            option :preview_otel_context_enabled do |o|
+              o.env 'DD_PROFILING_PREVIEW_OTEL_CONTEXT_ENABLED'
+              o.default false
+              o.env_parser do |value|
+                if value
+                  value = value.strip.downcase
+                  if ['only', 'both'].include?(value)
+                    value
+                  elsif ['true', '1'].include?(value)
+                    'both'
+                  else
+                    'false'
+                  end
+                end
+              end
+              o.setter do |value|
+                if value == true
+                  :both
+                elsif ['only', 'both', :only, :both].include?(value)
+                  value.to_sym
+                else
+                  false
+                end
+              end
+            end
           end
           # @public_api
@@ -630,6 +682,33 @@ module Datadog
           end
         end
+        # The monotonic clock time provider used by Datadog. This option is internal and is used by `datadog-ci`
+        # gem to avoid traces' durations being skewed by timecop.
+        #
+        # It must respect the interface of [Datadog::Core::Utils::Time#get_time] method.
+        #
+        # For [Timecop](https://rubygems.org/gems/timecop), for example,
+        # `->(unit = :float_second) { ::Process.clock_gettime_without_mock(::Process::CLOCK_MONOTONIC, unit) }`
+        # allows Datadog features to use the real monotonic time when time is frozen with
+        # `Timecop.mock_process_clock = true`.
+        #
+        # @default `->(unit = :float_second) { ::Process.clock_gettime(::Process::CLOCK_MONOTONIC, unit)}`
+        # @return [Proc<Numeric>]
+        option :get_time_provider do |o|
+          o.default_proc { |unit = :float_second| ::Process.clock_gettime(::Process::CLOCK_MONOTONIC, unit) }
+          o.type :proc
+          o.after_set do |get_time_provider|
+            Core::Utils::Time.get_time_provider = get_time_provider
+          end
+          o.resetter do |_value|
+            ->(unit = :float_second) { ::Process.clock_gettime(::Process::CLOCK_MONOTONIC, unit) }.tap do |default|
+              Core::Utils::Time.get_time_provider = default
+            end
+          end
+        end
         # The `version` tag in Datadog. Use it to enable [Deployment Tracking](https://docs.datadoghq.com/tracing/deployment_tracking/).
         # @see https://docs.datadoghq.com/getting_started/tagging/unified_service_tagging
         # @default `DD_VERSION` environment variable, otherwise `nils`
@@ -836,7 +915,7 @@ module Datadog
           # Enables reporting of information when Ruby VM crashes.
           option :enabled do |o|
             o.type :bool
-            o.default true
+            o.default false
             o.env 'DD_CRASHTRACKING_ENABLED'
           end
         end

data/lib/datadog/core/crashtracking/component.rb CHANGED Viewed

@@ -95,7 +95,7 @@ module Datadog
         def start_or_update_on_fork(action:)
           self.class._native_start_or_update_on_fork(
             action: action,
-            exporter_configuration: [:agent, agent_base_url],
+            agent_base_url: agent_base_url,
             path_to_crashtracking_receiver_binary: path_to_crashtracking_receiver_binary,
             ld_library_path: ld_library_path,
             tags_as_array: tags.to_a,

data/lib/datadog/core/environment/execution.rb CHANGED Viewed

@@ -25,9 +25,9 @@ module Datadog
           #   2. Checking if `Net::HTTP` is referring to the original one
           #   => ::Net::HTTP.equal?(::WebMock::HttpLibAdapters::NetHttpAdapter::OriginalNetHTTP)
           def webmock_enabled?
-            defined?(::WebMock::HttpLibAdapters::NetHttpAdapter) &&
+            !!(defined?(::WebMock::HttpLibAdapters::NetHttpAdapter) &&
               defined?(::Net::HTTP) &&
-              ::Net::HTTP.equal?(::WebMock::HttpLibAdapters::NetHttpAdapter.instance_variable_get(:@webMockNetHTTP))
+              ::Net::HTTP.equal?(::WebMock::HttpLibAdapters::NetHttpAdapter.instance_variable_get(:@webMockNetHTTP)))
           end
           private
@@ -68,7 +68,7 @@ module Datadog
           # Check if we are running from `bin/cucumber` or `cucumber/rake/task`.
           def cucumber?
-            defined?(::Cucumber::Cli)
+            !!defined?(::Cucumber::Cli)
           end
           # If this is a Rails application, use different heuristics to detect
@@ -80,7 +80,7 @@ module Datadog
             # detecting its presence is enough to deduct if this is a development environment.
             #
             # @see https://github.com/rails/spring/blob/48b299348ace2188444489a0c216a6f3e9687281/README.md?plain=1#L204-L207
-            defined?(::Spring) || rails_env_development?
+            !!defined?(::Spring) || rails_env_development?
           end
           RAILS_ENV_DEVELOPMENT = Set['development', 'test'].freeze
@@ -94,7 +94,7 @@ module Datadog
           # it's common to have a custom "staging" environment, and such environment normally want to run as close
           # to production as possible.
           def rails_env_development?
-            defined?(::Rails.env) && RAILS_ENV_DEVELOPMENT.include?(::Rails.env)
+            !!defined?(::Rails.env) && RAILS_ENV_DEVELOPMENT.include?(::Rails.env)
           end
         end
       end

data/lib/datadog/core/metrics/client.rb CHANGED Viewed

@@ -2,6 +2,7 @@
 require_relative '../utils/time'
 require_relative '../utils/only_once'
+require_relative '../telemetry/logger'
 require_relative '../configuration/ext'
 require_relative 'ext'
@@ -100,6 +101,7 @@ module Datadog
           Datadog.logger.error(
             "Failed to send count stat. Cause: #{e.class.name} #{e.message} Source: #{Array(e.backtrace).first}"
           )
+          Telemetry::Logger.report(e, description: 'Failed to send count stat')
         end
         def distribution(stat, value = nil, options = nil, &block)
@@ -113,6 +115,7 @@ module Datadog
           Datadog.logger.error(
             "Failed to send distribution stat. Cause: #{e.class.name} #{e.message} Source: #{Array(e.backtrace).first}"
           )
+          Telemetry::Logger.report(e, description: 'Failed to send distribution stat')
         end
         def increment(stat, options = nil)
@@ -125,6 +128,7 @@ module Datadog
           Datadog.logger.error(
             "Failed to send increment stat. Cause: #{e.class.name} #{e.message} Source: #{Array(e.backtrace).first}"
           )
+          Telemetry::Logger.report(e, description: 'Failed to send increment stat')
         end
         def gauge(stat, value = nil, options = nil, &block)
@@ -138,6 +142,7 @@ module Datadog
           Datadog.logger.error(
             "Failed to send gauge stat. Cause: #{e.class.name} #{e.message} Source: #{Array(e.backtrace).first}"
           )
+          Telemetry::Logger.report(e, description: 'Failed to send gauge stat')
         end
         def time(stat, options = nil)
@@ -153,9 +158,11 @@ module Datadog
               distribution(stat, ((finished - start) * 1000), options)
             end
           rescue StandardError => e
+            # TODO: Likely to be redundant, since `distribution` handles its own errors.
             Datadog.logger.error(
               "Failed to send time stat. Cause: #{e.class.name} #{e.message} Source: #{Array(e.backtrace).first}"
             )
+            Telemetry::Logger.report(e, description: 'Failed to send time stat')
           end
         end

data/lib/datadog/core/rate_limiter.rb ADDED Viewed

@@ -0,0 +1,183 @@
+# frozen_string_literal: true
+require_relative 'utils/time'
+module Datadog
+  module Core
+    # Checks for rate limiting on a resource.
+    class RateLimiter
+      # Checks if resource of specified size can be
+      # conforms with the current limit.
+      #
+      # Implementations of this method are not guaranteed
+      # to be side-effect free.
+      #
+      # @return [Boolean] whether a resource conforms with the current limit
+      def allow?(size = 1); end
+      # The effective rate limiting ratio based on
+      # recent calls to `allow?`.
+      #
+      # @return [Float] recent allowance ratio
+      def effective_rate; end
+    end
+    # Implementation of the Token Bucket metering algorithm
+    # for rate limiting.
+    #
+    # @see https://en.wikipedia.org/wiki/Token_bucket Token bucket
+    class TokenBucket < RateLimiter
+      attr_reader :rate, :max_tokens
+      # @param rate [Numeric] Allowance rate, in units per second
+      #  if rate is negative, always allow
+      #  if rate is zero, never allow
+      # @param max_tokens [Numeric] Limit of available tokens
+      def initialize(rate, max_tokens = rate)
+        super()
+        raise ArgumentError, "rate must be a number: #{rate}" unless rate.is_a?(Numeric)
+        raise ArgumentError, "max_tokens must be a number: #{max_tokens}" unless max_tokens.is_a?(Numeric)
+        @rate = rate
+        @max_tokens = max_tokens
+        @tokens = max_tokens
+        @total_messages = 0
+        @conforming_messages = 0
+        @prev_conforming_messages = nil
+        @prev_total_messages = nil
+        @current_window = nil
+        @last_refill = Core::Utils::Time.get_time
+      end
+      # Checks if a message of provided +size+
+      # conforms with the current bucket limit.
+      #
+      # If it does, return +true+ and remove +size+
+      # tokens from the bucket.
+      # If it does not, return +false+ without affecting
+      # the tokens from the bucket.
+      #
+      # @return [Boolean] +true+ if message conforms with current bucket limit
+      def allow?(size = 1)
+        allowed = should_allow?(size)
+        update_rate_counts(allowed)
+        allowed
+      end
+      # Ratio of 'conformance' per 'total messages' checked
+      # averaged for the past 2 buckets
+      #
+      # Returns +1.0+ when no messages have been checked yet.
+      #
+      # @return [Float] Conformance ratio, between +[0,1]+
+      def effective_rate
+        return 0.0 if @rate.zero?
+        return 1.0 if @rate < 0 || @total_messages.zero?
+        return current_window_rate if @prev_conforming_messages.nil? || @prev_total_messages.nil?
+        (@conforming_messages.to_f + @prev_conforming_messages.to_f) / (@total_messages + @prev_total_messages)
+      end
+      # Ratio of 'conformance' per 'total messages' checked
+      # on this bucket
+      #
+      # Returns +1.0+ when no messages have been checked yet.
+      #
+      # @return [Float] Conformance ratio, between +[0,1]+
+      def current_window_rate
+        return 1.0 if @total_messages.zero?
+        @conforming_messages.to_f / @total_messages
+      end
+      # @return [Numeric] number of tokens currently available
+      def available_tokens
+        @tokens
+      end
+      private
+      def refill_since_last_message
+        now = Core::Utils::Time.get_time
+        elapsed = now - @last_refill
+        # Update the number of available tokens, but ensure we do not exceed the max
+        # we return the min of tokens + rate*elapsed, or max tokens
+        refill_tokens(@rate * elapsed)
+        @last_refill = now
+      end
+      def refill_tokens(size)
+        @tokens += size
+        @tokens = @max_tokens if @tokens > @max_tokens
+      end
+      def increment_total_count
+        @total_messages += 1
+      end
+      def increment_conforming_count
+        @conforming_messages += 1
+      end
+      def should_allow?(size = 1)
+        # rate limit of 0 blocks everything
+        return false if @rate.zero?
+        # negative rate limit disables rate limiting
+        return true if @rate < 0
+        refill_since_last_message
+        # if tokens < 1 we don't allow?
+        return false if @tokens < size
+        @tokens -= size
+        true
+      end
+      # Sets and Updates the past two 1 second windows for which
+      # the rate limiter must compute it's rate over and updates
+      # the total count, and conforming message count if +allowed+
+      def update_rate_counts(allowed)
+        now = Core::Utils::Time.get_time
+        # No tokens have been seen yet, start a new window
+        if @current_window.nil?
+          @current_window = now
+        # If more than 1 second has past since last window, reset
+        elsif now - @current_window >= 1
+          @prev_conforming_messages = @conforming_messages
+          @prev_total_messages = @total_messages
+          @conforming_messages = 0
+          @total_messages = 0
+          @current_window = now
+        end
+        increment_conforming_count if allowed
+        increment_total_count
+      end
+    end
+    # {Datadog::Core::RateLimiter} that accepts all resources,
+    # with no limits.
+    class UnlimitedLimiter < RateLimiter
+      # @return [Boolean] always +true+
+      def allow?(_ = 1)
+        true
+      end
+      # @return [Float] always 100%
+      def effective_rate
+        1.0
+      end
+    end
+  end
+end

data/lib/datadog/core/remote/client/capabilities.rb CHANGED Viewed

@@ -12,10 +12,11 @@ module Datadog
         class Capabilities
           attr_reader :products, :capabilities, :receivers, :base64_capabilities
-          def initialize(settings)
+          def initialize(settings, telemetry)
             @capabilities = []
             @products = []
             @receivers = []
+            @telemetry = telemetry
             register(settings)
@@ -28,12 +29,12 @@ module Datadog
             if settings.respond_to?(:appsec) && settings.appsec.enabled
               register_capabilities(Datadog::AppSec::Remote.capabilities)
               register_products(Datadog::AppSec::Remote.products)
-              register_receivers(Datadog::AppSec::Remote.receivers)
+              register_receivers(Datadog::AppSec::Remote.receivers(@telemetry))
             end
             register_capabilities(Datadog::Tracing::Remote.capabilities)
             register_products(Datadog::Tracing::Remote.products)
-            register_receivers(Datadog::Tracing::Remote.receivers)
+            register_receivers(Datadog::Tracing::Remote.receivers(@telemetry))
           end
           def register_capabilities(capabilities)

data/lib/datadog/core/remote/component.rb CHANGED Viewed

@@ -39,6 +39,7 @@ module Datadog
               @client.sync
               @healthy ||= true
             rescue Client::SyncError => e
+              # Transient errors due to network or agent. Logged the error but not via telemetry
               Datadog.logger.error do
                 "remote worker client sync error: #{e.message} location: #{Array(e.backtrace).first}. skipping sync"
               end
@@ -48,6 +49,7 @@ module Datadog
               # negotiation object stores error logging state that should be reset.
               negotiation = Negotiation.new(settings, agent_settings)
+              # Transient errors due to network or agent. Logged the error but not via telemetry
               Datadog.logger.error do
                 "remote worker error: #{e.class.name} #{e.message} location: #{Array(e.backtrace).first}. "\
                 'reseting client state'
@@ -150,10 +152,10 @@ module Datadog
           #
           # Those checks are instead performed inside the worker loop.
           # This allows users to upgrade their agent while keeping their application running.
-          def build(settings, agent_settings)
+          def build(settings, agent_settings, telemetry:)
             return unless settings.remote.enabled
-            new(settings, Client::Capabilities.new(settings), agent_settings)
+            new(settings, Client::Capabilities.new(settings, telemetry), agent_settings)
           end
         end
       end

data/lib/datadog/core/remote/negotiation.rb CHANGED Viewed

@@ -20,7 +20,7 @@ module Datadog
           if res.internal_error? && network_error?(res.error)
             unless @logged[:agent_unreachable]
-              Datadog.logger.error { "agent unreachable: cannot negotiate #{path}" }
+              Datadog.logger.warn { "agent unreachable: cannot negotiate #{path}" }
               @logged[:agent_unreachable] = true
             end
@@ -29,7 +29,7 @@ module Datadog
           if res.not_found?
             unless @logged[:no_info_endpoint]
-              Datadog.logger.error { "agent reachable but has no /info endpoint: cannot negotiate #{path}" }
+              Datadog.logger.warn { "agent reachable but has no /info endpoint: cannot negotiate #{path}" }
               @logged[:no_info_endpoint] = true
             end
@@ -38,7 +38,7 @@ module Datadog
           unless res.ok?
             unless @logged[:unexpected_response]
-              Datadog.logger.error { "agent reachable but unexpected response: cannot negotiate #{path}" }
+              Datadog.logger.warn { "agent reachable but unexpected response: cannot negotiate #{path}" }
               @logged[:unexpected_response] = true
             end
@@ -47,7 +47,7 @@ module Datadog
           unless res.endpoints.include?(path)
             unless @logged[:no_config_endpoint]
-              Datadog.logger.error { "agent reachable but does not report #{path}" }
+              Datadog.logger.warn { "agent reachable but does not report #{path}" }
               @logged[:no_config_endpoint] = true
             end

data/lib/datadog/core/remote/tie.rb CHANGED Viewed

@@ -19,6 +19,8 @@ module Datadog
             barrier = Datadog::Core::Remote.active_remote.barrier(:once)
           end
+          # steep does not permit the next line due to
+          # https://github.com/soutaro/steep/issues/1231
           Boot.new(barrier, t)
         end
       end

data/lib/datadog/core/runtime/metrics.rb CHANGED Viewed

@@ -94,7 +94,7 @@ module Datadog
         def try_flush
           yield
         rescue StandardError => e
-          Datadog.logger.error("Error while sending runtime metric. Cause: #{e.class.name} #{e.message}")
+          Datadog.logger.warn("Error while sending runtime metric. Cause: #{e.class.name} #{e.message}")
         end
         def default_metric_options