datadog 2.7.1 → 2.9.0

data/lib/datadog/di/probe_manager.rb

@@ -32,7 +32,7 @@ module Datadog
           install_pending_method_probes(tp.self)
         rescue => exc
           raise if settings.dynamic_instrumentation.internal.propagate_all_exceptions
-          logger.warn("Unhandled exception in definition trace point: #{exc.class}: #{exc}")
+          logger.debug { "di: unhandled exception in definition trace point: #{exc.class}: #{exc}" }
           telemetry&.report(exc, description: "Unhandled exception in definition trace point")
           # TODO test this path
         end
@@ -120,7 +120,7 @@ module Datadog
           # In "propagate all exceptions" mode we will try to instrument again.
           raise if settings.dynamic_instrumentation.internal.propagate_all_exceptions
 
-          logger.warn("Error processing probe configuration: #{exc.class}: #{exc}")
+          logger.debug { "di: error processing probe configuration: #{exc.class}: #{exc}" }
           telemetry&.report(exc, description: "Error processing probe configuration")
           # TODO report probe as failed to agent since we won't attempt to
           # install it again.
@@ -160,8 +160,8 @@ module Datadog
                 raise if settings.dynamic_instrumentation.internal.propagate_all_exceptions
                 # Silence all exceptions?
                 # TODO should we propagate here and rescue upstream?
-                logger.warn("Error removing probe #{probe.id}: #{exc.class}: #{exc}")
-                telemetry&.report(exc, description: "Error removing probe #{probe.id}")
+                logger.debug { "di: error removing probe #{probe.id}: #{exc.class}: #{exc}" }
+                telemetry&.report(exc, description: "Error removing probe")
               end
             end
           end
@@ -190,7 +190,7 @@ module Datadog
                 rescue => exc
                   raise if settings.dynamic_instrumentation.internal.propagate_all_exceptions
 
-                  logger.warn("Error installing probe after class is defined: #{exc.class}: #{exc}")
+                  logger.debug { "di: error installing probe after class is defined: #{exc.class}: #{exc}" }
                   telemetry&.report(exc, description: "Error installing probe after class is defined")
                 end
               end
@@ -206,6 +206,9 @@ module Datadog
       # point, which is invoked for each required or loaded file
       # (and also for eval'd code, but those invocations are filtered out).
       def install_pending_line_probes(path)
+        if path.nil?
+          raise ArgumentError, "path must not be nil"
+        end
         @lock.synchronize do
           @pending_probes.values.each do |probe|
             if probe.line?

data/lib/datadog/di/probe_notification_builder.rb

@@ -65,14 +65,18 @@ module Datadog
                 arguments: if serialized_entry_args
                   serialized_entry_args
                 else
-                  (args || kwargs) && serializer.serialize_args(args, kwargs)
+                  (args || kwargs) && serializer.serialize_args(args, kwargs,
+                    depth: probe.max_capture_depth || settings.dynamic_instrumentation.max_capture_depth,
+                    attribute_count: probe.max_capture_attribute_count || settings.dynamic_instrumentation.max_capture_attribute_count)
                 end,
                 throwable: nil,
                 # standard:enable all
               },
               return: {
                 arguments: {
-                  "@return": serializer.serialize_value(rv),
+                  "@return": serializer.serialize_value(rv,
+                    depth: probe.max_capture_depth || settings.dynamic_instrumentation.max_capture_depth,
+                    attribute_count: probe.max_capture_attribute_count || settings.dynamic_instrumentation.max_capture_attribute_count),
                 },
                 throwable: nil,
               },
@@ -80,7 +84,9 @@ module Datadog
           elsif probe.line?
             {
               lines: snapshot && {
-                probe.line_no => {locals: serializer.serialize_vars(snapshot)},
+                probe.line_no => {locals: serializer.serialize_vars(snapshot,
+                  depth: probe.max_capture_depth || settings.dynamic_instrumentation.max_capture_depth,
+                  attribute_count: probe.max_capture_attribute_count || settings.dynamic_instrumentation.max_capture_attribute_count,)},
               },
             }
           end
@@ -121,7 +127,7 @@ module Datadog
           },
           # In python tracer duration is under debugger.snapshot,
           # but UI appears to expect it here at top level.
-          duration: duration ? (duration * 10**9).to_i : nil,
+          duration: duration ? (duration * 10**9).to_i : 0,
           host: nil,
           logger: {
             name: probe.file,
@@ -135,15 +141,17 @@ module Datadog
             version: 2,
           },
           # TODO add tests that the trace/span id is correctly propagated
-          "dd.trace_id": Datadog::Tracing.active_trace&.id,
-          "dd.span_id": Datadog::Tracing.active_span&.id,
+          "dd.trace_id": active_trace&.id&.to_s,
+          "dd.span_id": active_span&.id&.to_s,
           ddsource: 'dd_debugger',
           message: probe.template && evaluate_template(probe.template,
-            duration: duration ? duration * 1000 : nil),
+            duration: duration ? duration * 1000 : 0),
           timestamp: timestamp,
         }
       end
 
+      private
+
       def build_status(probe, message:, status:)
         {
           service: settings.service,
@@ -194,6 +202,18 @@ module Datadog
           map[name] = value
         end
       end
+
+      def active_trace
+        if defined?(Datadog::Tracing)
+          Datadog::Tracing.active_trace
+        end
+      end
+
+      def active_span
+        if defined?(Datadog::Tracing)
+          Datadog::Tracing.active_span
+        end
+      end
     end
   end
 end

data/lib/datadog/di/probe_notifier_worker.rb

@@ -77,7 +77,7 @@ module Datadog
             rescue => exc
               raise if settings.dynamic_instrumentation.internal.propagate_all_exceptions
 
-              logger.warn("Error in probe notifier worker: #{exc.class}: #{exc} (at #{exc.backtrace.first})")
+              logger.debug { "di: error in probe notifier worker: #{exc.class}: #{exc} (at #{exc.backtrace.first})" }
               telemetry&.report(exc, description: "Error in probe notifier worker")
             end
             @lock.synchronize do
@@ -183,9 +183,8 @@ module Datadog
         define_method("add_#{event_type}") do |event|
           @lock.synchronize do
             queue = send("#{event_type}_queue")
-            # TODO determine a suitable limit via testing/benchmarking
-            if queue.length > 100
-              logger.warn("#{self.class.name}: dropping #{event_type} because queue is full")
+            if queue.length > settings.dynamic_instrumentation.internal.snapshot_queue_capacity
+              logger.debug { "di: #{self.class.name}: dropping #{event_type} because queue is full" }
             else
               queue << event
             end
@@ -242,7 +241,7 @@ module Datadog
               end
             rescue => exc
               raise if settings.dynamic_instrumentation.internal.propagate_all_exceptions
-              logger.warn("failed to send #{event_name}: #{exc.class}: #{exc} (at #{exc.backtrace.first})")
+              logger.debug { "di: failed to send #{event_name}: #{exc.class}: #{exc} (at #{exc.backtrace.first})" }
               # Should we report this error to telemetry? Most likely failure
               # to send is due to a network issue, and trying to send a
               # telemetry message would also fail.
@@ -253,7 +252,7 @@ module Datadog
           # Normally the queue should only be consumed in this method,
           # however if anyone consumes it elsewhere we don't want to block
           # while consuming it here. Rescue ThreadError and return.
-          logger.warn("Unexpected #{event_name} queue underflow - consumed elsewhere?")
+          logger.debug { "di: unexpected #{event_name} queue underflow - consumed elsewhere?" }
           telemetry&.report(exc, description: "Unexpected #{event_name} queue underflow")
         ensure
           @lock.synchronize do

data/lib/datadog/di/remote.rb

@@ -0,0 +1,124 @@
+# frozen_string_literal: true
+
+module Datadog
+  module DI
+    # Provides an interface expected by the core Remote subsystem to
+    # receive DI-specific remote configuration.
+    #
+    # In order to apply (i.e., act on) the configuration, we need the
+    # state stored under DI Component. Thus, this module forwards actual
+    # configuration application to the ProbeManager associated with the
+    # global DI Component.
+    #
+    # @api private
+    module Remote
+      class ReadError < StandardError; end
+
+      class << self
+        PRODUCT = 'LIVE_DEBUGGING'
+
+        def products
+          [PRODUCT]
+        end
+
+        def capabilities
+          []
+        end
+
+        def receivers(telemetry)
+          receiver do |repository, _changes|
+            # DEV: Filter our by product. Given it will be very common
+            # DEV: we can filter this out before we receive the data in this method.
+            # DEV: Apply this refactor to AppSec as well if implemented.
+
+            component = DI.component
+            # We should always have a non-nil DI component here, because we
+            # only add DI product to remote config request if DI is enabled.
+            # Ideally, we should be injected with the DI component here
+            # rather than having to retrieve it from global state.
+            # If the component is nil for some reason, we also don't have a
+            # logger instance to report the issue.
+            if component
+
+              probe_manager = component.probe_manager
+
+              current_probe_ids = {}
+              repository.contents.each do |content|
+                case content.path.product
+                when PRODUCT
+                  begin
+                    probe_spec = parse_content(content)
+                    probe = ProbeBuilder.build_from_remote_config(probe_spec)
+                    payload = component.probe_notification_builder.build_received(probe)
+                    component.probe_notifier_worker.add_status(payload)
+                    component.logger.debug { "di: received probe from RC: #{probe.type} #{probe.location}" }
+
+                    begin
+                      # TODO test exception capture
+                      probe_manager.add_probe(probe)
+                      content.applied
+                    rescue => exc
+                      raise if component.settings.dynamic_instrumentation.internal.propagate_all_exceptions
+
+                      component.logger.debug { "di: unhandled exception adding probe in DI remote receiver: #{exc.class}: #{exc}" }
+                      component.telemetry&.report(exc, description: "Unhandled exception adding probe in DI remote receiver")
+
+                      # If a probe fails to install, we will mark the content
+                      # as errored. On subsequent remote configuration application
+                      # attemps, probe manager will raise the "previously errored"
+                      # exception and we'll rescue it here, again marking the
+                      # content as errored but with a somewhat different exception
+                      # message.
+                      # TODO stack trace must be redacted or not sent at all
+                      content.errored("Error applying dynamic instrumentation configuration: #{exc.class.name} #{exc.message}: #{Array(exc.backtrace).join("\n")}")
+                    end
+
+                    # Important: even if processing fails for this probe config,
+                    # we need to note it as being current so that we do not
+                    # try to remove instrumentation that is still supposed to be
+                    # active.
+                    current_probe_ids[probe_spec.fetch('id')] = true
+                  rescue => exc
+                    raise if component.settings.dynamic_instrumentation.internal.propagate_all_exceptions
+
+                    component.logger.debug { "di: unhandled exception handling probe in DI remote receiver: #{exc.class}: #{exc}" }
+                    component.telemetry&.report(exc, description: "Unhandled exception handling probe in DI remote receiver")
+
+                    content.errored("Error applying dynamic instrumentation configuration: #{exc.class.name} #{exc.message}: #{Array(exc.backtrace).join("\n")}")
+                  end
+                end
+              end
+
+              begin
+                # TODO test exception capture
+                probe_manager.remove_other_probes(current_probe_ids.keys)
+              rescue => exc
+                raise if component.settings.dynamic_instrumentation.internal.propagate_all_exceptions
+
+                component.logger.debug { "di: unhandled exception removing probes in DI remote receiver: #{exc.class}: #{exc}" }
+                component.telemetry&.report(exc, description: "Unhandled exception removing probes in DI remote receiver")
+              end
+            end
+          end
+        end
+
+        def receiver(products = [PRODUCT], &block)
+          matcher = Core::Remote::Dispatcher::Matcher::Product.new(products)
+          [Core::Remote::Dispatcher::Receiver.new(matcher, &block)]
+        end
+
+        private
+
+        def parse_content(content)
+          data = content.data.read
+
+          content.data.rewind
+
+          raise ReadError, 'EOF reached' if data.nil?
+
+          JSON.parse(data)
+        end
+      end
+    end
+  end
+end

data/lib/datadog/di/serializer.rb

@@ -82,7 +82,9 @@ module Datadog
       # between positional and keyword arguments. We convert positional
       # arguments to keyword arguments ("arg1", "arg2", ...) and ensure
       # the positional arguments are listed first.
-      def serialize_args(args, kwargs)
+      def serialize_args(args, kwargs,
+        depth: settings.dynamic_instrumentation.max_capture_depth,
+        attribute_count: settings.dynamic_instrumentation.max_capture_attribute_count)
         counter = 0
         combined = args.each_with_object({}) do |value, c|
           counter += 1
@@ -90,16 +92,18 @@ module Datadog
           # kwargs when they are merged below.
           c[:"arg#{counter}"] = value
         end.update(kwargs)
-        serialize_vars(combined)
+        serialize_vars(combined, depth: depth, attribute_count: attribute_count)
       end
 
       # Serializes variables captured by a line probe.
       #
       # These are normally local variables that exist on a particular line
       # of executed code.
-      def serialize_vars(vars)
+      def serialize_vars(vars,
+        depth: settings.dynamic_instrumentation.max_capture_depth,
+        attribute_count: settings.dynamic_instrumentation.max_capture_attribute_count)
         vars.each_with_object({}) do |(k, v), agg|
-          agg[k] = serialize_value(v, name: k)
+          agg[k] = serialize_value(v, name: k, depth: depth, attribute_count: attribute_count)
         end
       end
 
@@ -115,7 +119,11 @@ module Datadog
       # (integers, strings, arrays, hashes).
       #
       # Respects string length, collection size and traversal depth limits.
-      def serialize_value(value, name: nil, depth: settings.dynamic_instrumentation.max_capture_depth, type: nil)
+      def serialize_value(value, name: nil,
+        depth: settings.dynamic_instrumentation.max_capture_depth,
+        attribute_count: nil,
+        type: nil)
+        attribute_count ||= settings.dynamic_instrumentation.max_capture_attribute_count
         cls = type || value.class
         begin
           if redactor.redact_type?(value)
@@ -203,7 +211,6 @@ module Datadog
               serialized.update(notCapturedReason: "depth")
             else
               fields = {}
-              max = settings.dynamic_instrumentation.max_capture_attribute_count
               cur = 0
 
               # MRI and JRuby 9.4.5+ preserve instance variable definition
@@ -229,7 +236,7 @@ module Datadog
               ivars = value.instance_variables
 
               ivars.each do |ivar|
-                if cur >= max
+                if cur >= attribute_count
                   serialized.update(notCapturedReason: "fieldCount", fields: fields)
                   break
                 end

data/lib/datadog/di/transport.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
-require 'ostruct'
 require_relative 'error'
+require_relative '../core/transport/http/adapters/net'
 
 module Datadog
   module DI
@@ -45,7 +45,7 @@ module Datadog
 
       def send_input(payload)
         send_request('Probe snapshot submission',
-          path: INPUT_PATH, body: payload.to_s,
+          path: INPUT_PATH, body: payload.to_json,
           headers: {'content-type' => 'application/json'},)
       end
 
@@ -60,9 +60,7 @@ module Datadog
       attr_reader :client
 
       def send_request(desc, **options)
-        # steep:ignore:start
-        env = OpenStruct.new(**options)
-        # steep:ignore:end
+        env = Core::Transport::HTTP::Env.new(nil, options)
         response = client.post(env)
         unless response.ok?
           raise Error::AgentCommunicationError, "#{desc} failed: #{response.code}: #{response.payload}"

data/lib/datadog/di/utils.rb

@@ -12,6 +12,13 @@ module Datadog
       # If suffix is not an absolute path, the path matches if its suffix is
       # the provided suffix, at a path component boundary.
       module_function def path_matches_suffix?(path, suffix)
+        if path.nil?
+          raise ArgumentError, "nil path passed"
+        end
+        if suffix.nil?
+          raise ArgumentError, "nil suffix passed"
+        end
+
         if suffix.start_with?('/')
           path == suffix
         else

data/lib/datadog/di.rb

@@ -1,5 +1,6 @@
 # frozen_string_literal: true
 
+require_relative 'di/base'
 require_relative 'di/error'
 require_relative 'di/code_tracker'
 require_relative 'di/component'
@@ -12,22 +13,11 @@ require_relative 'di/probe_manager'
 require_relative 'di/probe_notification_builder'
 require_relative 'di/probe_notifier_worker'
 require_relative 'di/redactor'
+require_relative 'di/remote'
 require_relative 'di/serializer'
 require_relative 'di/transport'
 require_relative 'di/utils'
 
-if defined?(ActiveRecord::Base)
-  # The third-party library integrations need to be loaded after the
-  # third-party libraries are loaded. Tracing and appsec use Railtie
-  # to delay integrations until all of the application's dependencies
-  # are loaded, when running under Rails. We should do the same here in
-  # principle, however DI currently only has an ActiveRecord integration
-  # and AR should be loaded before any application code is loaded, being
-  # part of Rails, therefore for now we should be OK to just require the
-  # AR integration from here.
-  require_relative 'di/contrib/active_record'
-end
-
 module Datadog
   # Namespace for Datadog dynamic instrumentation.
   #
@@ -43,63 +33,34 @@ module Datadog
     Extensions.activate!
 
     class << self
-      attr_reader :code_tracker
 
-      # Activates code tracking. Normally this method should be called
-      # when the application starts. If instrumenting third-party code,
-      # code tracking needs to be enabled before the third-party libraries
-      # are loaded. If you definitely will not be instrumenting
-      # third-party libraries, activating tracking after third-party libraries
-      # have been loaded may improve lookup performance.
+      # This method is called from DI Remote handler to issue DI operations
+      # to the probe manager (add or remove probes).
       #
-      # TODO test that activating tracker multiple times preserves
-      # existing mappings in the registry
-      def activate_tracking!
-        (@code_tracker ||= CodeTracker.new).start
-      end
-
-      # Deactivates code tracking. In normal usage of DI this method should
-      # never be called, however it is used by DI's test suite to reset
-      # state for individual tests.
+      # When DI Remote is executing, Datadog.components should be initialized
+      # and we should be able to reference it to get to the DI component.
       #
-      # Note that deactivating tracking clears out the registry, losing
-      # the ability to look up files that have been loaded into the process
-      # already.
-      def deactivate_tracking!
-        code_tracker&.stop
-      end
-
-      # Returns whether code tracking is available.
-      # This method should be used instead of querying #code_tracker
-      # because the latter one may be nil.
-      def code_tracking_active?
-        code_tracker&.active? || false
-      end
-
+      # Given that we need the current_component anyway for code tracker,
+      # perhaps we should delete the +component+ method and just use
+      # +current_component+ in all cases.
       def component
-        # TODO uncomment when remote is merged
-        #Datadog.send(:components).dynamic_instrumentation
+        Datadog.send(:components).dynamic_instrumentation
       end
     end
   end
 end
 
-=begin not yet enabled
-# :script_compiled trace point was added in Ruby 2.6.
-if RUBY_VERSION >= '2.6'
-  begin
-    # Activate code tracking by default because line trace points will not work
-    # without it.
-    Datadog::DI.activate_tracking!
-  rescue => exc
-    if defined?(Datadog.logger)
-      Datadog.logger.warn("Failed to activate code tracking for DI: #{exc.class}: #{exc}")
-    else
-      # We do not have Datadog logger potentially because DI code tracker is
-      # being loaded early in application boot process and the rest of datadog
-      # wasn't loaded yet. Output to standard error.
-      warn("Failed to activate code tracking for DI: #{exc.class}: #{exc}")
-    end
-  end
+if %w(1 true).include?(ENV['DD_DYNAMIC_INSTRUMENTATION_ENABLED']) # steep:ignore
+  # For initial release of Dynamic Instrumentation, activate code tracking
+  # only if DI is explicitly requested in the environment.
+  # Code tracking is required for line probes to work; see the comments
+  # above for the implementation of the method.
+  #
+  # If DI is enabled programmatically, the application can (and must,
+  # for line probes to work) activate tracking in an initializer.
+  Datadog::DI.activate_tracking
 end
-=end
+
+require_relative 'di/contrib'
+
+Datadog::DI::Contrib.load_now_or_later

data/lib/datadog/kit/appsec/events.rb

@@ -136,9 +136,9 @@ module Datadog
           private
 
           def set_trace_and_span_context(method, trace = nil, span = nil)
-            if (appsec_scope = Datadog::AppSec.active_scope)
-              trace = appsec_scope.trace
-              span = appsec_scope.service_entry_span
+            if (appsec_context = Datadog::AppSec.active_context)
+              trace = appsec_context.trace
+              span = appsec_context.span
             end
 
             trace ||= Datadog::Tracing.active_trace

data/lib/datadog/kit/identity.rb

@@ -66,7 +66,7 @@ module Datadog
               active_span.set_tag("usr.#{k}", v) unless v.nil?
             end
 
-            if Datadog::AppSec.active_scope
+            if Datadog::AppSec.active_context
               user = ::Datadog::AppSec::Instrumentation::Gateway::User.new(id)
               ::Datadog::AppSec::Instrumentation.gateway.push('identity.set_user', user)
             end
@@ -78,9 +78,9 @@ module Datadog
         private
 
         def set_trace_and_span_context(method, trace = nil, span = nil)
-          if (appsec_scope = Datadog::AppSec.active_scope)
-            trace = appsec_scope.trace
-            span = appsec_scope.service_entry_span
+          if (appsec_context = Datadog::AppSec.active_context)
+            trace = appsec_context.trace
+            span = appsec_context.span
           end
 
           trace ||= Datadog::Tracing.active_trace