elastic-apm 3.7.0 → 3.11.0

data/lib/elastic_apm/spies/elasticsearch.rb

@@ -26,16 +26,40 @@ module ElasticAPM
       TYPE = 'db'
       SUBTYPE = 'elasticsearch'
 
+      def self.sanitizer
+        @sanitizer ||=
+          begin
+            config = ElasticAPM.agent.config
+            ElasticAPM::Transport::Filters::HashSanitizer.new(
+              key_patterns: config.custom_key_filters + config.sanitize_field_names
+            )
+          end
+      end
+
       def install
         ::Elasticsearch::Transport::Client.class_eval do
           alias perform_request_without_apm perform_request
 
           def perform_request(method, path, *args, &block)
+            unless ElasticAPM.current_transaction
+              return perform_request_without_apm(method, path, *args, &block)
+            end
+
             name = format(NAME_FORMAT, method, path)
-            statement = args[0].is_a?(String) ? args[0] : args[0].to_json
+            statement = []
+
+            statement << { params: args&.[](0) }
+
+            if ElasticAPM.agent.config.capture_elasticsearch_queries
+              unless args[1].nil? || args[1].empty?
+                statement << {
+                  body: ElasticAPM::Spies::ElasticsearchSpy.sanitizer.strip_from!(args[1])
+                }
+              end
+            end
 
             context = Span::Context.new(
-              db: { statement: statement },
+              db: { statement: statement.reduce({}, :merge).to_json },
               destination: {
                 name: SUBTYPE,
                 resource: SUBTYPE,

data/lib/elastic_apm/spies/mongo.rb

@@ -85,8 +85,8 @@ module ElasticAPM
         end
 
         def pop_event(event)
-          return unless (curr = ElasticAPM.current_span)
           span = @events.delete(event.operation_id)
+          return unless (curr = ElasticAPM.current_span)
 
           curr == span && ElasticAPM.end_span
         end

data/lib/elastic_apm/spies/net_http.rb

@@ -64,8 +64,12 @@ module ElasticAPM
             method = req.method.to_s.upcase
             path, query = req.path.split('?')
 
-            cls = use_ssl? ? URI::HTTPS : URI::HTTP
-            uri = cls.build([nil, host, port, path, query, nil])
+            url = use_ssl? ? +'https://' : +'http://'
+            url << host
+            url << ":#{port}" if port
+            url << path
+            url << "?#{query}" if query
+            uri = URI(url)
 
             destination =
               ElasticAPM::Span::Context::Destination.from_uri(uri)

data/lib/elastic_apm/spies/sequel.rb

@@ -28,7 +28,7 @@ module ElasticAPM
       ACTION = 'query'
 
       def self.summarizer
-        @summarizer = Sql.summarizer
+        @summarizer ||= Sql.summarizer
       end
 
       def install

data/lib/elastic_apm/trace_context.rb

@@ -33,7 +33,7 @@ module ElasticAPM
       **legacy_traceparent_attrs
     )
       @traceparent = traceparent || Traceparent.new(**legacy_traceparent_attrs)
-      @tracestate = tracestate
+      @tracestate = tracestate || Tracestate.new
     end
 
     attr_accessor :traceparent, :tracestate

data/lib/elastic_apm/trace_context/traceparent.rb

@@ -33,8 +33,7 @@ module ElasticAPM
         trace_id: nil,
         span_id: nil,
         id: nil,
-        recorded: true,
-        tracestate: nil
+        recorded: true
       )
         @version = version
         @trace_id = trace_id || hex(TRACE_ID_LENGTH)
@@ -42,11 +41,10 @@ module ElasticAPM
         @parent_id = span_id
         @id = id || hex(ID_LENGTH)
         @recorded = recorded
-        @tracestate = tracestate
       end
       # rubocop:enable Metrics/ParameterLists
 
-      attr_accessor :version, :id, :trace_id, :parent_id, :recorded, :tracestate
+      attr_accessor :version, :id, :trace_id, :parent_id, :recorded
 
       alias :recorded? :recorded
 

data/lib/elastic_apm/trace_context/tracestate.rb

@@ -17,26 +17,129 @@
 
 # frozen_string_literal: true
 
+require 'elastic_apm/util/precision_validator'
+
 module ElasticAPM
   class TraceContext
     # @api private
     class Tracestate
-      def initialize(values = [])
-        @values = values
+      # @api private
+      class Entry
+        def initialize(key, value)
+          @key = key
+          @value = value
+        end
+
+        attr_reader :key, :value
+
+        def to_s
+          "#{key}=#{value}"
+        end
       end
 
-      attr_accessor :values
+      class EsEntry
+        ASSIGN = ':'
+        SPLIT = ';'
+
+        SHORT_TO_LONG = { 's' => 'sample_rate' }
+        LONG_TO_SHORT = { 'sample_rate' => 's' }
+
+        def initialize(values = nil)
+          parse(values)
+        end
+
+        attr_reader :sample_rate
+
+        def key
+          'es'
+        end
+
+        def value
+          LONG_TO_SHORT.map do |l, s|
+            "#{s}#{ASSIGN}#{send(l)}"
+          end.join(SPLIT)
+        end
+
+        def empty?
+          !sample_rate
+        end
+
+        def sample_rate=(val)
+          @sample_rate = Util::PrecisionValidator.validate(
+            val, precision: 4, minimum: 0.0001
+          )
+        end
+
+        def to_s
+          return nil if empty?
+
+          "es=#{value}"
+        end
+
+        private
+
+        def parse(values)
+          return unless values
+
+          values.split(SPLIT).map do |kv|
+            k, v = kv.split(ASSIGN)
+            next unless SHORT_TO_LONG.keys.include?(k)
+            send("#{SHORT_TO_LONG[k]}=", v)
+          end
+        end
+      end
+
+      extend Forwardable
+
+      def initialize(entries: {}, sample_rate: nil)
+        @entries = entries
+
+        self.sample_rate = sample_rate if sample_rate
+      end
+
+      attr_accessor :entries
+
+      def_delegators :es_entry, :sample_rate, :sample_rate=
 
       def self.parse(header)
-        # HTTP allows multiple headers with the same name, eg. multiple
-        # Set-Cookie headers per response.
-        # Rack handles this by joining the headers under the same key, separated
-        # by newlines, see https://www.rubydoc.info/github/rack/rack/file/SPEC
-        new(String(header).split("\n"))
+        entries =
+          split_by_nl_and_comma(header)
+          .each_with_object({}) do |entry, hsh|
+            k, v = entry.split('=')
+
+            hsh[k] =
+              case k
+              when 'es' then EsEntry.new(v)
+              else Entry.new(k, v)
+              end
+          end
+
+        new(entries: entries)
       end
 
       def to_header
-        values.join(',')
+        return "" unless entries.any?
+
+        entries.values.map(&:to_s).join(',')
+      end
+
+      private
+
+      def es_entry
+        # lazy generate this so we only add it if necessary
+        entries['es'] ||= EsEntry.new
+      end
+
+      class << self
+        private
+
+        def split_by_nl_and_comma(str)
+          # HTTP allows multiple headers with the same name, eg. multiple
+          # Set-Cookie headers per response.
+          # Rack handles this by joining the headers under the same key, separated
+          # by newlines, see https://www.rubydoc.info/github/rack/rack/file/SPEC
+          String(str).split("\n").map { |s| s.split(',') }.flatten
+        end
       end
     end
   end

data/lib/elastic_apm/transaction.rb

@@ -34,6 +34,7 @@ module ElasticAPM
       name = nil,
       type = nil,
       sampled: true,
+      sample_rate: 1,
       context: nil,
       config:,
       trace_context: nil
@@ -52,13 +53,19 @@ module ElasticAPM
       @default_labels = config.default_labels
 
       @sampled = sampled
+      @sample_rate = sample_rate
 
       @context = context || Context.new # TODO: Lazy generate this?
       if @default_labels
         Util.reverse_merge!(@context.labels, @default_labels)
       end
 
-      @trace_context = trace_context || TraceContext.new(recorded: sampled)
+      unless (@trace_context = trace_context)
+        @trace_context = TraceContext.new(
+          traceparent: TraceContext::Traceparent.new(recorded: sampled),
+          tracestate: TraceContext::Tracestate.new(sample_rate: sampled ? sample_rate : 0)
+        )
+      end
 
       @started_spans = 0
       @dropped_spans = 0
@@ -69,10 +76,24 @@ module ElasticAPM
 
     attr_accessor :name, :type, :result
 
-    attr_reader :context, :duration, :started_spans, :dropped_spans,
-      :timestamp, :trace_context, :notifications, :self_time,
-      :span_frames_min_duration, :collect_metrics, :breakdown_metrics,
-      :framework_name, :transaction_max_spans
+    attr_reader(
+      :breakdown_metrics,
+      :collect_metrics,
+      :context,
+      :dropped_spans,
+      :duration,
+      :framework_name,
+      :notifications,
+      :self_time,
+      :sample_rate,
+      :span_frames_min_duration,
+      :started_spans,
+      :timestamp,
+      :trace_context,
+      :transaction_max_spans 
+    )
+
+    alias :collect_metrics? :collect_metrics
 
     def sampled?
       @sampled

data/lib/elastic_apm/transport/connection.rb

@@ -47,6 +47,7 @@ module ElasticAPM
       end
 
       attr_reader :http
+
       def write(str)
         return false if @config.disable_send
 

data/lib/elastic_apm/transport/filters/hash_sanitizer.rb

@@ -0,0 +1,70 @@
+# Licensed to Elasticsearch B.V. under one or more contributor
+# license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright
+# ownership. Elasticsearch B.V. licenses this file to you under
+# the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+# frozen_string_literal: true
+
+module ElasticAPM
+  module Transport
+    module Filters
+      class HashSanitizer
+        FILTERED = '[FILTERED]'
+
+        # DEPRECATED: Remove these additions in next major version
+        LEGACY_KEY_FILTERS = [/cookie/i, /auth/i].freeze
+
+        # DEPRECATED: Remove this check in next major version
+        VALUE_FILTERS = [
+          # (probably) credit card number
+          /^\d{4}[- ]?\d{4}[- ]?\d{4}[- ]?\d{4}$/
+        ].freeze
+
+        def initialize(key_patterns:)
+          @key_patterns = key_patterns + LEGACY_KEY_FILTERS
+        end
+
+        attr_accessor :key_patterns
+
+        def strip_from!(obj)
+          return unless obj&.is_a?(Hash)
+
+          obj.each do |k, v|
+            if filter_key?(k)
+              next obj[k] = FILTERED
+            end
+
+            case v
+            when Hash
+              strip_from!(v)
+            when String
+              if filter_value?(v)
+                obj[k] = FILTERED
+              end
+            end
+          end
+        end
+
+        def filter_key?(key)
+          @key_patterns.any? { |regex| regex.match(key) }
+        end
+
+        def filter_value?(value)
+          VALUE_FILTERS.any? { |regex| regex.match(value) }
+        end
+      end
+    end
+  end
+end

data/lib/elastic_apm/transport/filters/secrets_filter.rb

@@ -17,75 +17,33 @@
 
 # frozen_string_literal: true
 
+require 'elastic_apm/transport/filters/hash_sanitizer'
+
 module ElasticAPM
   module Transport
     module Filters
       # @api private
       class SecretsFilter
-        FILTERED = '[FILTERED]'
-
-        KEY_FILTERS = [
-          /passw(or)?d/i,
-          /auth/i,
-          /^pw$/,
-          /secret/i,
-          /token/i,
-          /api[-._]?key/i,
-          /session[-._]?id/i,
-          /(set[-_])?cookie/i
-        ].freeze
-
-        VALUE_FILTERS = [
-          # (probably) credit card number
-          /^\d{4}[- ]?\d{4}[- ]?\d{4}[- ]?\d{4}$/
-        ].freeze
-
         def initialize(config)
           @config = config
-          @key_filters =
-            KEY_FILTERS +
-            config.custom_key_filters +
-            config.sanitize_field_names
+          @sanitizer =
+            HashSanitizer.new(
+              key_patterns: config.custom_key_filters + config.sanitize_field_names
+            )
         end
 
         def call(payload)
-          strip_from! payload.dig(:transaction, :context, :request, :headers)
-          strip_from! payload.dig(:transaction, :context, :request, :env)
-          strip_from! payload.dig(:transaction, :context, :request, :cookies)
-          strip_from! payload.dig(:transaction, :context, :response, :headers)
-          strip_from! payload.dig(:error, :context, :request, :headers)
-          strip_from! payload.dig(:error, :context, :response, :headers)
-          strip_from! payload.dig(:transaction, :context, :request, :body)
+          @sanitizer.strip_from! payload.dig(:transaction, :context, :request, :body)
+          @sanitizer.strip_from! payload.dig(:transaction, :context, :request, :cookies)
+          @sanitizer.strip_from! payload.dig(:transaction, :context, :request, :env)
+          @sanitizer.strip_from! payload.dig(:transaction, :context, :request, :headers)
+          @sanitizer.strip_from! payload.dig(:transaction, :context, :response, :headers)
+          @sanitizer.strip_from! payload.dig(:error, :context, :request, :cookies)
+          @sanitizer.strip_from! payload.dig(:error, :context, :request, :headers)
+          @sanitizer.strip_from! payload.dig(:error, :context, :response, :headers)
 
           payload
         end
-
-        def strip_from!(obj)
-          return unless obj&.is_a?(Hash)
-
-          obj.each do |k, v|
-            if filter_key?(k)
-              next obj[k] = FILTERED
-            end
-
-            case v
-            when Hash
-              strip_from!(v)
-            when String
-              if filter_value?(v)
-                obj[k] = FILTERED
-              end
-            end
-          end
-        end
-
-        def filter_key?(key)
-          @key_filters.any? { |regex| regex.match(key) }
-        end
-
-        def filter_value?(value)
-          VALUE_FILTERS.any? { |regex| regex.match(value) }
-        end
       end
     end
   end