elastic-apm 3.4.0 → 3.9.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.ci/.jenkins_exclude.yml +39 -20
- data/.ci/.jenkins_framework.yml +2 -2
- data/.ci/Jenkinsfile +286 -170
- data/.ci/docker/jruby/11-jdk/Dockerfile +40 -0
- data/.ci/docker/jruby/12-jdk/Dockerfile +40 -0
- data/.ci/docker/jruby/13-jdk/Dockerfile +40 -0
- data/.ci/docker/jruby/7-jdk/Dockerfile +40 -0
- data/.ci/docker/jruby/8-jdk/Dockerfile +40 -0
- data/.ci/docker/jruby/README.md +31 -0
- data/.ci/docker/jruby/run.sh +73 -0
- data/.ci/docker/jruby/test.sh +13 -0
- data/.ci/jobs/defaults.yml +1 -1
- data/.ci/packer_cache.sh +16 -0
- data/.github/ISSUE_TEMPLATE/Bug_report.md +13 -11
- data/.github/ISSUE_TEMPLATE/Feature_request.md +8 -8
- data/.github/PULL_REQUEST_TEMPLATE.md +51 -5
- data/.gitignore +5 -0
- data/.rspec +0 -1
- data/.rubocop.yml +13 -1
- data/CHANGELOG.asciidoc +94 -1
- data/CONTRIBUTING.md +6 -48
- data/Gemfile +34 -9
- data/README.md +62 -13
- data/Rakefile +37 -5
- data/bin/run-tests +4 -1
- data/docker-compose.yml +7 -0
- data/docs/api.asciidoc +15 -3
- data/docs/configuration.asciidoc +164 -32
- data/docs/debugging.asciidoc +14 -0
- data/docs/getting-started-rails.asciidoc +2 -0
- data/docs/graphql.asciidoc +23 -0
- data/docs/images/dynamic-config.svg +1 -0
- data/docs/index.asciidoc +6 -1
- data/docs/introduction.asciidoc +2 -1
- data/docs/performance-tuning.asciidoc +106 -0
- data/docs/set-up.asciidoc +5 -2
- data/docs/supported-technologies.asciidoc +68 -1
- data/docs/upgrading.asciidoc +45 -0
- data/elastic-apm.gemspec +17 -0
- data/lib/elastic-apm.rb +17 -0
- data/lib/elastic_apm.rb +29 -0
- data/lib/elastic_apm/agent.rb +49 -2
- data/lib/elastic_apm/central_config.rb +27 -8
- data/lib/elastic_apm/central_config/cache_control.rb +17 -0
- data/lib/elastic_apm/child_durations.rb +17 -0
- data/lib/elastic_apm/config.rb +82 -7
- data/lib/elastic_apm/config/bytes.rb +17 -0
- data/lib/elastic_apm/config/duration.rb +17 -0
- data/lib/elastic_apm/config/options.rb +18 -1
- data/lib/elastic_apm/config/regexp_list.rb +17 -0
- data/lib/elastic_apm/config/wildcard_pattern_list.rb +20 -1
- data/lib/elastic_apm/context.rb +17 -0
- data/lib/elastic_apm/context/request.rb +17 -0
- data/lib/elastic_apm/context/request/socket.rb +17 -0
- data/lib/elastic_apm/context/request/url.rb +17 -0
- data/lib/elastic_apm/context/response.rb +18 -1
- data/lib/elastic_apm/context/user.rb +17 -0
- data/lib/elastic_apm/context_builder.rb +17 -0
- data/lib/elastic_apm/deprecations.rb +17 -0
- data/lib/elastic_apm/error.rb +17 -0
- data/lib/elastic_apm/error/exception.rb +17 -0
- data/lib/elastic_apm/error/log.rb +17 -0
- data/lib/elastic_apm/error_builder.rb +17 -0
- data/lib/elastic_apm/grape.rb +17 -0
- data/lib/elastic_apm/graphql.rb +91 -0
- data/lib/elastic_apm/grpc.rb +99 -0
- data/lib/elastic_apm/instrumenter.rb +29 -4
- data/lib/elastic_apm/internal_error.rb +17 -0
- data/lib/elastic_apm/logging.rb +17 -0
- data/lib/elastic_apm/metadata.rb +17 -0
- data/lib/elastic_apm/metadata/process_info.rb +17 -0
- data/lib/elastic_apm/metadata/service_info.rb +22 -2
- data/lib/elastic_apm/metadata/system_info.rb +17 -0
- data/lib/elastic_apm/metadata/system_info/container_info.rb +17 -0
- data/lib/elastic_apm/metrics.rb +33 -1
- data/lib/elastic_apm/metrics/breakdown_set.rb +17 -0
- data/lib/elastic_apm/metrics/cpu_mem_set.rb +17 -0
- data/lib/elastic_apm/metrics/metric.rb +23 -4
- data/lib/elastic_apm/metrics/set.rb +17 -0
- data/lib/elastic_apm/metrics/span_scoped_set.rb +17 -0
- data/lib/elastic_apm/metrics/transaction_set.rb +17 -0
- data/lib/elastic_apm/metrics/vm_set.rb +17 -0
- data/lib/elastic_apm/metricset.rb +17 -0
- data/lib/elastic_apm/middleware.rb +20 -4
- data/lib/elastic_apm/naively_hashable.rb +17 -0
- data/lib/elastic_apm/normalizers.rb +17 -0
- data/lib/elastic_apm/normalizers/grape.rb +17 -0
- data/lib/elastic_apm/normalizers/grape/endpoint_run.rb +18 -1
- data/lib/elastic_apm/normalizers/rails.rb +17 -0
- data/lib/elastic_apm/normalizers/rails/action_controller.rb +17 -0
- data/lib/elastic_apm/normalizers/rails/action_mailer.rb +17 -0
- data/lib/elastic_apm/normalizers/rails/action_view.rb +17 -0
- data/lib/elastic_apm/normalizers/rails/active_record.rb +17 -0
- data/lib/elastic_apm/opentracing.rb +66 -24
- data/lib/elastic_apm/rails.rb +17 -0
- data/lib/elastic_apm/railtie.rb +17 -0
- data/lib/elastic_apm/resque.rb +29 -0
- data/lib/elastic_apm/sinatra.rb +17 -0
- data/lib/elastic_apm/span.rb +17 -0
- data/lib/elastic_apm/span/context.rb +17 -0
- data/lib/elastic_apm/span/context/db.rb +26 -2
- data/lib/elastic_apm/span/context/destination.rb +37 -4
- data/lib/elastic_apm/span/context/http.rb +17 -0
- data/lib/elastic_apm/span_helpers.rb +17 -0
- data/lib/elastic_apm/spies.rb +33 -14
- data/lib/elastic_apm/spies/action_dispatch.rb +17 -0
- data/lib/elastic_apm/spies/delayed_job.rb +17 -0
- data/lib/elastic_apm/spies/dynamo_db.rb +58 -0
- data/lib/elastic_apm/spies/elasticsearch.rb +37 -2
- data/lib/elastic_apm/spies/faraday.rb +18 -1
- data/lib/elastic_apm/spies/http.rb +19 -1
- data/lib/elastic_apm/spies/json.rb +17 -0
- data/lib/elastic_apm/spies/mongo.rb +18 -1
- data/lib/elastic_apm/spies/net_http.rb +25 -3
- data/lib/elastic_apm/spies/rake.rb +17 -0
- data/lib/elastic_apm/spies/redis.rb +17 -0
- data/lib/elastic_apm/spies/resque.rb +53 -0
- data/lib/elastic_apm/spies/sequel.rb +31 -4
- data/lib/elastic_apm/spies/shoryuken.rb +17 -0
- data/lib/elastic_apm/spies/sidekiq.rb +17 -0
- data/lib/elastic_apm/spies/sinatra.rb +17 -0
- data/lib/elastic_apm/spies/sneakers.rb +17 -0
- data/lib/elastic_apm/spies/sucker_punch.rb +54 -0
- data/lib/elastic_apm/spies/tilt.rb +17 -0
- data/lib/elastic_apm/sql.rb +21 -4
- data/lib/elastic_apm/sql/signature.rb +17 -0
- data/lib/elastic_apm/sql/tokenizer.rb +17 -0
- data/lib/elastic_apm/sql/tokens.rb +17 -0
- data/lib/elastic_apm/sql_summarizer.rb +17 -0
- data/lib/elastic_apm/stacktrace.rb +17 -0
- data/lib/elastic_apm/stacktrace/frame.rb +17 -0
- data/lib/elastic_apm/stacktrace_builder.rb +23 -1
- data/lib/elastic_apm/subscriber.rb +17 -0
- data/lib/elastic_apm/trace_context.rb +85 -49
- data/lib/elastic_apm/trace_context/traceparent.rb +113 -0
- data/lib/elastic_apm/trace_context/tracestate.rb +43 -0
- data/lib/elastic_apm/transaction.rb +33 -5
- data/lib/elastic_apm/transport/base.rb +39 -23
- data/lib/elastic_apm/transport/connection.rb +17 -0
- data/lib/elastic_apm/transport/connection/http.rb +17 -0
- data/lib/elastic_apm/transport/connection/proxy_pipe.rb +22 -0
- data/lib/elastic_apm/transport/filters.rb +17 -0
- data/lib/elastic_apm/transport/filters/hash_sanitizer.rb +77 -0
- data/lib/elastic_apm/transport/filters/secrets_filter.rb +29 -53
- data/lib/elastic_apm/transport/headers.rb +17 -0
- data/lib/elastic_apm/transport/serializers.rb +17 -0
- data/lib/elastic_apm/transport/serializers/context_serializer.rb +17 -0
- data/lib/elastic_apm/transport/serializers/error_serializer.rb +17 -0
- data/lib/elastic_apm/transport/serializers/metadata_serializer.rb +44 -20
- data/lib/elastic_apm/transport/serializers/metricset_serializer.rb +17 -0
- data/lib/elastic_apm/transport/serializers/span_serializer.rb +22 -2
- data/lib/elastic_apm/transport/serializers/transaction_serializer.rb +17 -0
- data/lib/elastic_apm/transport/user_agent.rb +17 -0
- data/lib/elastic_apm/transport/worker.rb +17 -0
- data/lib/elastic_apm/util.rb +17 -0
- data/lib/elastic_apm/util/inflector.rb +17 -0
- data/lib/elastic_apm/util/lru_cache.rb +17 -0
- data/lib/elastic_apm/util/throttle.rb +17 -0
- data/lib/elastic_apm/version.rb +18 -1
- metadata +29 -12
- data/.ci/downstreamTests.groovy +0 -185
- data/.ci/prepare-git-context.sh +0 -27
- data/CHANGELOG.md +0 -1
- data/codecov.yml +0 -32
@@ -0,0 +1,43 @@
|
|
1
|
+
# Licensed to Elasticsearch B.V. under one or more contributor
|
2
|
+
# license agreements. See the NOTICE file distributed with
|
3
|
+
# this work for additional information regarding copyright
|
4
|
+
# ownership. Elasticsearch B.V. licenses this file to you under
|
5
|
+
# the Apache License, Version 2.0 (the "License"); you may
|
6
|
+
# not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing,
|
12
|
+
# software distributed under the License is distributed on an
|
13
|
+
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
14
|
+
# KIND, either express or implied. See the License for the
|
15
|
+
# specific language governing permissions and limitations
|
16
|
+
# under the License.
|
17
|
+
|
18
|
+
# frozen_string_literal: true
|
19
|
+
|
20
|
+
module ElasticAPM
|
21
|
+
class TraceContext
|
22
|
+
# @api private
|
23
|
+
class Tracestate
|
24
|
+
def initialize(values = [])
|
25
|
+
@values = values
|
26
|
+
end
|
27
|
+
|
28
|
+
attr_accessor :values
|
29
|
+
|
30
|
+
def self.parse(header)
|
31
|
+
# HTTP allows multiple headers with the same name, eg. multiple
|
32
|
+
# Set-Cookie headers per response.
|
33
|
+
# Rack handles this by joining the headers under the same key, separated
|
34
|
+
# by newlines, see https://www.rubydoc.info/github/rack/rack/file/SPEC
|
35
|
+
new(String(header).split("\n"))
|
36
|
+
end
|
37
|
+
|
38
|
+
def to_header
|
39
|
+
values.join(',')
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
@@ -1,3 +1,20 @@
|
|
1
|
+
# Licensed to Elasticsearch B.V. under one or more contributor
|
2
|
+
# license agreements. See the NOTICE file distributed with
|
3
|
+
# this work for additional information regarding copyright
|
4
|
+
# ownership. Elasticsearch B.V. licenses this file to you under
|
5
|
+
# the Apache License, Version 2.0 (the "License"); you may
|
6
|
+
# not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing,
|
12
|
+
# software distributed under the License is distributed on an
|
13
|
+
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
14
|
+
# KIND, either express or implied. See the License for the
|
15
|
+
# specific language governing permissions and limitations
|
16
|
+
# under the License.
|
17
|
+
|
1
18
|
# frozen_string_literal: true
|
2
19
|
|
3
20
|
module ElasticAPM
|
@@ -25,11 +42,20 @@ module ElasticAPM
|
|
25
42
|
@type = type || DEFAULT_TYPE
|
26
43
|
@config = config
|
27
44
|
|
45
|
+
# Cache these values in case they are changed during the
|
46
|
+
# transaction's lifetime via the remote config
|
47
|
+
@span_frames_min_duration = config.span_frames_min_duration
|
48
|
+
@collect_metrics = config.collect_metrics?
|
49
|
+
@breakdown_metrics = config.breakdown_metrics?
|
50
|
+
@framework_name = config.framework_name
|
51
|
+
@transaction_max_spans = config.transaction_max_spans
|
52
|
+
@default_labels = config.default_labels
|
53
|
+
|
28
54
|
@sampled = sampled
|
29
55
|
|
30
56
|
@context = context || Context.new # TODO: Lazy generate this?
|
31
|
-
if
|
32
|
-
Util.reverse_merge!(@context.labels,
|
57
|
+
if @default_labels
|
58
|
+
Util.reverse_merge!(@context.labels, @default_labels)
|
33
59
|
end
|
34
60
|
|
35
61
|
@trace_context = trace_context || TraceContext.new(recorded: sampled)
|
@@ -44,7 +70,9 @@ module ElasticAPM
|
|
44
70
|
attr_accessor :name, :type, :result
|
45
71
|
|
46
72
|
attr_reader :context, :duration, :started_spans, :dropped_spans,
|
47
|
-
:timestamp, :trace_context, :notifications, :self_time,
|
73
|
+
:timestamp, :trace_context, :notifications, :self_time,
|
74
|
+
:span_frames_min_duration, :collect_metrics, :breakdown_metrics,
|
75
|
+
:framework_name, :transaction_max_spans
|
48
76
|
|
49
77
|
def sampled?
|
50
78
|
@sampled
|
@@ -81,7 +109,7 @@ module ElasticAPM
|
|
81
109
|
def inc_started_spans!
|
82
110
|
MUTEX.synchronize do
|
83
111
|
@started_spans += 1
|
84
|
-
if @started_spans >
|
112
|
+
if @started_spans > transaction_max_spans
|
85
113
|
@dropped_spans += 1
|
86
114
|
return false
|
87
115
|
end
|
@@ -96,7 +124,7 @@ module ElasticAPM
|
|
96
124
|
end
|
97
125
|
|
98
126
|
def set_user(user)
|
99
|
-
context.user = Context::User.infer(config, user)
|
127
|
+
context.user = Context::User.infer(@config, user)
|
100
128
|
end
|
101
129
|
|
102
130
|
def inspect
|
@@ -1,3 +1,20 @@
|
|
1
|
+
# Licensed to Elasticsearch B.V. under one or more contributor
|
2
|
+
# license agreements. See the NOTICE file distributed with
|
3
|
+
# this work for additional information regarding copyright
|
4
|
+
# ownership. Elasticsearch B.V. licenses this file to you under
|
5
|
+
# the Apache License, Version 2.0 (the "License"); you may
|
6
|
+
# not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing,
|
12
|
+
# software distributed under the License is distributed on an
|
13
|
+
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
14
|
+
# KIND, either express or implied. See the License for the
|
15
|
+
# specific language governing permissions and limitations
|
16
|
+
# under the License.
|
17
|
+
|
1
18
|
# frozen_string_literal: true
|
2
19
|
|
3
20
|
require 'elastic_apm/metadata'
|
@@ -31,7 +48,6 @@ module ElasticAPM
|
|
31
48
|
@stopped = Concurrent::AtomicBoolean.new
|
32
49
|
@workers = Array.new(config.pool_size)
|
33
50
|
|
34
|
-
@watcher_mutex = Mutex.new
|
35
51
|
@worker_mutex = Mutex.new
|
36
52
|
end
|
37
53
|
|
@@ -39,11 +55,13 @@ module ElasticAPM
|
|
39
55
|
|
40
56
|
def start
|
41
57
|
debug '%s: Starting Transport', pid_str
|
58
|
+
# Set @stopped to false first, in case transport is restarted;
|
59
|
+
# ensure_worker_count requires @stopped to be false
|
60
|
+
# ~estolfo
|
61
|
+
@stopped.make_false unless @stopped.false?
|
42
62
|
|
43
|
-
ensure_watcher_running
|
44
63
|
ensure_worker_count
|
45
|
-
|
46
|
-
@stopped.make_false unless @stopped.false?
|
64
|
+
create_watcher
|
47
65
|
end
|
48
66
|
|
49
67
|
def stop
|
@@ -62,7 +80,6 @@ module ElasticAPM
|
|
62
80
|
return false
|
63
81
|
end
|
64
82
|
|
65
|
-
ensure_watcher_running
|
66
83
|
queue.push(resource, true)
|
67
84
|
|
68
85
|
true
|
@@ -78,25 +95,26 @@ module ElasticAPM
|
|
78
95
|
@filters.add(key, callback)
|
79
96
|
end
|
80
97
|
|
98
|
+
def handle_forking!
|
99
|
+
# We can't just stop and start again because the StopMessage
|
100
|
+
# will then be the first message processed when the transport is
|
101
|
+
# restarted.
|
102
|
+
stop_watcher
|
103
|
+
ensure_worker_count
|
104
|
+
create_watcher
|
105
|
+
end
|
106
|
+
|
81
107
|
private
|
82
108
|
|
83
109
|
def pid_str
|
84
110
|
format('[PID:%s]', Process.pid)
|
85
111
|
end
|
86
112
|
|
87
|
-
def
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
return if @pid == Process.pid
|
93
|
-
@pid = Process.pid
|
94
|
-
|
95
|
-
@watcher = Concurrent::TimerTask.execute(
|
96
|
-
execution_interval: WATCHER_EXECUTION_INTERVAL,
|
97
|
-
timeout_interval: WATCHER_TIMEOUT_INTERVAL
|
98
|
-
) { ensure_worker_count }
|
99
|
-
end
|
113
|
+
def create_watcher
|
114
|
+
@watcher = Concurrent::TimerTask.execute(
|
115
|
+
execution_interval: WATCHER_EXECUTION_INTERVAL,
|
116
|
+
timeout_interval: WATCHER_TIMEOUT_INTERVAL
|
117
|
+
) { ensure_worker_count }
|
100
118
|
end
|
101
119
|
|
102
120
|
def ensure_worker_count
|
@@ -145,7 +163,8 @@ module ElasticAPM
|
|
145
163
|
thread.kill
|
146
164
|
end
|
147
165
|
|
148
|
-
@
|
166
|
+
# Maintain the @worker array size for when transport is restarted
|
167
|
+
@workers.fill(nil)
|
149
168
|
end
|
150
169
|
end
|
151
170
|
|
@@ -156,10 +175,7 @@ module ElasticAPM
|
|
156
175
|
end
|
157
176
|
|
158
177
|
def stop_watcher
|
159
|
-
|
160
|
-
return if watcher.nil? || @pid != Process.pid
|
161
|
-
watcher.shutdown
|
162
|
-
end
|
178
|
+
watcher&.shutdown
|
163
179
|
end
|
164
180
|
|
165
181
|
def throttled_queue_full_warning
|
@@ -1,3 +1,20 @@
|
|
1
|
+
# Licensed to Elasticsearch B.V. under one or more contributor
|
2
|
+
# license agreements. See the NOTICE file distributed with
|
3
|
+
# this work for additional information regarding copyright
|
4
|
+
# ownership. Elasticsearch B.V. licenses this file to you under
|
5
|
+
# the Apache License, Version 2.0 (the "License"); you may
|
6
|
+
# not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing,
|
12
|
+
# software distributed under the License is distributed on an
|
13
|
+
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
14
|
+
# KIND, either express or implied. See the License for the
|
15
|
+
# specific language governing permissions and limitations
|
16
|
+
# under the License.
|
17
|
+
|
1
18
|
# frozen_string_literal: true
|
2
19
|
|
3
20
|
module ElasticAPM
|
@@ -1,3 +1,20 @@
|
|
1
|
+
# Licensed to Elasticsearch B.V. under one or more contributor
|
2
|
+
# license agreements. See the NOTICE file distributed with
|
3
|
+
# this work for additional information regarding copyright
|
4
|
+
# ownership. Elasticsearch B.V. licenses this file to you under
|
5
|
+
# the Apache License, Version 2.0 (the "License"); you may
|
6
|
+
# not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing,
|
12
|
+
# software distributed under the License is distributed on an
|
13
|
+
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
14
|
+
# KIND, either express or implied. See the License for the
|
15
|
+
# specific language governing permissions and limitations
|
16
|
+
# under the License.
|
17
|
+
|
1
18
|
# frozen_string_literal: true
|
2
19
|
|
3
20
|
require 'elastic_apm/transport/connection/proxy_pipe'
|
@@ -1,3 +1,20 @@
|
|
1
|
+
# Licensed to Elasticsearch B.V. under one or more contributor
|
2
|
+
# license agreements. See the NOTICE file distributed with
|
3
|
+
# this work for additional information regarding copyright
|
4
|
+
# ownership. Elasticsearch B.V. licenses this file to you under
|
5
|
+
# the Apache License, Version 2.0 (the "License"); you may
|
6
|
+
# not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing,
|
12
|
+
# software distributed under the License is distributed on an
|
13
|
+
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
14
|
+
# KIND, either express or implied. See the License for the
|
15
|
+
# specific language governing permissions and limitations
|
16
|
+
# under the License.
|
17
|
+
|
1
18
|
# frozen_string_literal: true
|
2
19
|
|
3
20
|
module ElasticAPM
|
@@ -31,6 +48,11 @@ module ElasticAPM
|
|
31
48
|
|
32
49
|
return unless compress
|
33
50
|
enable_compression!
|
51
|
+
ObjectSpace.define_finalizer(self, self.class.finalize(@io))
|
52
|
+
end
|
53
|
+
|
54
|
+
def self.finalize(io)
|
55
|
+
proc { io.close }
|
34
56
|
end
|
35
57
|
|
36
58
|
attr_reader :io
|
@@ -1,3 +1,20 @@
|
|
1
|
+
# Licensed to Elasticsearch B.V. under one or more contributor
|
2
|
+
# license agreements. See the NOTICE file distributed with
|
3
|
+
# this work for additional information regarding copyright
|
4
|
+
# ownership. Elasticsearch B.V. licenses this file to you under
|
5
|
+
# the Apache License, Version 2.0 (the "License"); you may
|
6
|
+
# not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing,
|
12
|
+
# software distributed under the License is distributed on an
|
13
|
+
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
14
|
+
# KIND, either express or implied. See the License for the
|
15
|
+
# specific language governing permissions and limitations
|
16
|
+
# under the License.
|
17
|
+
|
1
18
|
# frozen_string_literal: true
|
2
19
|
|
3
20
|
require 'elastic_apm/transport/filters/secrets_filter'
|
@@ -0,0 +1,77 @@
|
|
1
|
+
# Licensed to Elasticsearch B.V. under one or more contributor
|
2
|
+
# license agreements. See the NOTICE file distributed with
|
3
|
+
# this work for additional information regarding copyright
|
4
|
+
# ownership. Elasticsearch B.V. licenses this file to you under
|
5
|
+
# the Apache License, Version 2.0 (the "License"); you may
|
6
|
+
# not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing,
|
12
|
+
# software distributed under the License is distributed on an
|
13
|
+
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
14
|
+
# KIND, either express or implied. See the License for the
|
15
|
+
# specific language governing permissions and limitations
|
16
|
+
# under the License.
|
17
|
+
|
18
|
+
# frozen_string_literal: true
|
19
|
+
|
20
|
+
module ElasticAPM
|
21
|
+
module Transport
|
22
|
+
module Filters
|
23
|
+
class HashSanitizer
|
24
|
+
FILTERED = '[FILTERED]'
|
25
|
+
|
26
|
+
KEY_FILTERS = [
|
27
|
+
/passw(or)?d/i,
|
28
|
+
/auth/i,
|
29
|
+
/^pw$/,
|
30
|
+
/secret/i,
|
31
|
+
/token/i,
|
32
|
+
/api[-._]?key/i,
|
33
|
+
/session[-._]?id/i,
|
34
|
+
/(set[-_])?cookie/i
|
35
|
+
].freeze
|
36
|
+
|
37
|
+
VALUE_FILTERS = [
|
38
|
+
# (probably) credit card number
|
39
|
+
/^\d{4}[- ]?\d{4}[- ]?\d{4}[- ]?\d{4}$/
|
40
|
+
].freeze
|
41
|
+
|
42
|
+
attr_accessor :key_filters
|
43
|
+
|
44
|
+
def initialize
|
45
|
+
@key_filters = KEY_FILTERS
|
46
|
+
end
|
47
|
+
|
48
|
+
def strip_from!(obj, key_filters = KEY_FILTERS)
|
49
|
+
return unless obj&.is_a?(Hash)
|
50
|
+
|
51
|
+
obj.each do |k, v|
|
52
|
+
if filter_key?(k)
|
53
|
+
next obj[k] = FILTERED
|
54
|
+
end
|
55
|
+
|
56
|
+
case v
|
57
|
+
when Hash
|
58
|
+
strip_from!(v)
|
59
|
+
when String
|
60
|
+
if filter_value?(v)
|
61
|
+
obj[k] = FILTERED
|
62
|
+
end
|
63
|
+
end
|
64
|
+
end
|
65
|
+
end
|
66
|
+
|
67
|
+
def filter_key?(key)
|
68
|
+
@key_filters.any? { |regex| regex.match(key) }
|
69
|
+
end
|
70
|
+
|
71
|
+
def filter_value?(value)
|
72
|
+
VALUE_FILTERS.any? { |regex| regex.match(value) }
|
73
|
+
end
|
74
|
+
end
|
75
|
+
end
|
76
|
+
end
|
77
|
+
end
|
@@ -1,71 +1,47 @@
|
|
1
|
+
# Licensed to Elasticsearch B.V. under one or more contributor
|
2
|
+
# license agreements. See the NOTICE file distributed with
|
3
|
+
# this work for additional information regarding copyright
|
4
|
+
# ownership. Elasticsearch B.V. licenses this file to you under
|
5
|
+
# the Apache License, Version 2.0 (the "License"); you may
|
6
|
+
# not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing,
|
12
|
+
# software distributed under the License is distributed on an
|
13
|
+
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
14
|
+
# KIND, either express or implied. See the License for the
|
15
|
+
# specific language governing permissions and limitations
|
16
|
+
# under the License.
|
17
|
+
|
1
18
|
# frozen_string_literal: true
|
2
19
|
|
20
|
+
require 'elastic_apm/transport/filters/hash_sanitizer'
|
21
|
+
|
3
22
|
module ElasticAPM
|
4
23
|
module Transport
|
5
24
|
module Filters
|
6
25
|
# @api private
|
7
26
|
class SecretsFilter
|
8
|
-
FILTERED = '[FILTERED]'
|
9
|
-
|
10
|
-
KEY_FILTERS = [
|
11
|
-
/passw(or)?d/i,
|
12
|
-
/auth/i,
|
13
|
-
/^pw$/,
|
14
|
-
/secret/i,
|
15
|
-
/token/i,
|
16
|
-
/api[-._]?key/i,
|
17
|
-
/session[-._]?id/i,
|
18
|
-
/(set[-_])?cookie/i
|
19
|
-
].freeze
|
20
|
-
|
21
|
-
VALUE_FILTERS = [
|
22
|
-
# (probably) credit card number
|
23
|
-
/^\d{4}[- ]?\d{4}[- ]?\d{4}[- ]?\d{4}$/
|
24
|
-
].freeze
|
25
|
-
|
26
27
|
def initialize(config)
|
27
28
|
@config = config
|
28
|
-
@
|
29
|
+
@sanitizer = HashSanitizer.new
|
30
|
+
@sanitizer.key_filters += config.custom_key_filters +
|
31
|
+
config.sanitize_field_names
|
29
32
|
end
|
30
33
|
|
31
34
|
def call(payload)
|
32
|
-
strip_from! payload.dig(:transaction, :context, :request, :headers)
|
33
|
-
strip_from! payload.dig(:transaction, :context, :request, :env)
|
34
|
-
strip_from! payload.dig(:transaction, :context, :request, :cookies)
|
35
|
-
strip_from! payload.dig(:transaction, :context, :response, :headers)
|
36
|
-
strip_from! payload.dig(:error, :context, :request, :headers)
|
37
|
-
strip_from! payload.dig(:error, :context, :response, :headers)
|
38
|
-
strip_from! payload.dig(:transaction, :context, :request, :body)
|
35
|
+
@sanitizer.strip_from! payload.dig(:transaction, :context, :request, :headers)
|
36
|
+
@sanitizer.strip_from! payload.dig(:transaction, :context, :request, :env)
|
37
|
+
@sanitizer.strip_from! payload.dig(:transaction, :context, :request, :cookies)
|
38
|
+
@sanitizer.strip_from! payload.dig(:transaction, :context, :response, :headers)
|
39
|
+
@sanitizer.strip_from! payload.dig(:error, :context, :request, :headers)
|
40
|
+
@sanitizer.strip_from! payload.dig(:error, :context, :response, :headers)
|
41
|
+
@sanitizer.strip_from! payload.dig(:transaction, :context, :request, :body)
|
39
42
|
|
40
43
|
payload
|
41
44
|
end
|
42
|
-
|
43
|
-
def strip_from!(obj)
|
44
|
-
return unless obj&.is_a?(Hash)
|
45
|
-
|
46
|
-
obj.each do |k, v|
|
47
|
-
if filter_key?(k)
|
48
|
-
next obj[k] = FILTERED
|
49
|
-
end
|
50
|
-
|
51
|
-
case v
|
52
|
-
when Hash
|
53
|
-
strip_from!(v)
|
54
|
-
when String
|
55
|
-
if filter_value?(v)
|
56
|
-
obj[k] = FILTERED
|
57
|
-
end
|
58
|
-
end
|
59
|
-
end
|
60
|
-
end
|
61
|
-
|
62
|
-
def filter_key?(key)
|
63
|
-
@key_filters.any? { |regex| key.match regex }
|
64
|
-
end
|
65
|
-
|
66
|
-
def filter_value?(value)
|
67
|
-
VALUE_FILTERS.any? { |regex| value.match regex }
|
68
|
-
end
|
69
45
|
end
|
70
46
|
end
|
71
47
|
end
|