instana 1.12.0 → 1.13.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Rakefile +26 -37
- data/lib/instana/agent.rb +6 -0
- data/lib/instana/base.rb +2 -0
- data/lib/instana/instrumentation/excon.rb +1 -1
- data/lib/instana/instrumentation/net-http.rb +2 -0
- data/lib/instana/secrets.rb +42 -0
- data/lib/instana/setup.rb +1 -0
- data/lib/instana/version.rb +1 -1
- data/test/config_test.rb +1 -17
- data/test/secrets_test.rb +73 -0
- metadata +5 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: '09630573df5e1941fc17023b97864fd430f6135b9e0a72cd2f19225265b66d16'
|
4
|
+
data.tar.gz: b8dc0dda20938dc03f4ebe0887c3ccd68d03995d07e0c7233a19ff3a0780f1a7
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a9bf1d5bfd714b8d1e3e187d0dfe47f0917384fb41b45d8f01b10890c7259c985b20d5adb550d955ac51b8bca9102246e9926ce114d448b391b82e0acdcd46c4
|
7
|
+
data.tar.gz: 139872ad95ceeca46b97be78773d999228ff30563ff90f29e65032bd6b55f7e619fb00a9e130ad6bd06b83dd0bca3e4321428e5172795242c8a045de570bd77a
|
data/Rakefile
CHANGED
@@ -8,44 +8,33 @@ Rake::TestTask.new(:test) do |t|
|
|
8
8
|
|
9
9
|
t.libs << "test"
|
10
10
|
t.libs << "lib"
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
'test/frameworks/sinatra_test.rb']
|
37
|
-
else
|
38
|
-
t.test_files = FileList['test/agent/*_test.rb'] +
|
39
|
-
FileList['test/tracing/*_test.rb'] +
|
40
|
-
FileList['test/profiling/*_test.rb'] +
|
41
|
-
FileList['test/benchmarks/bench_*.rb']
|
42
|
-
end
|
43
|
-
else
|
44
|
-
t.test_files = FileList['test/agent/*_test.rb'] +
|
45
|
-
FileList['test/tracing/*_test.rb'] +
|
46
|
-
FileList['test/profiling/*_test.rb'] +
|
47
|
-
FileList['test/benchmarks/bench_*.rb']
|
11
|
+
|
12
|
+
t.test_files = Dir[
|
13
|
+
'test/*_test.rb',
|
14
|
+
'test/{agent,tracing,profiling,benchmarks}/*_test.rb'
|
15
|
+
]
|
16
|
+
|
17
|
+
case File.basename(ENV.fetch('BUNDLE_GEMFILE', '')).split('.').first
|
18
|
+
when /rails6/
|
19
|
+
t.test_files = %w(test/frameworks/rails/activerecord_test.rb
|
20
|
+
test/frameworks/rails/actioncontroller_test.rb
|
21
|
+
test/frameworks/rails/actionview5_test.rb)
|
22
|
+
when /rails5/
|
23
|
+
t.test_files = %w(test/frameworks/rails/activerecord_test.rb
|
24
|
+
test/frameworks/rails/actioncontroller_test.rb
|
25
|
+
test/frameworks/rails/actionview5_test.rb)
|
26
|
+
when /rails42/
|
27
|
+
t.test_files = %w(test/frameworks/rails/activerecord_test.rb
|
28
|
+
test/frameworks/rails/actioncontroller_test.rb
|
29
|
+
test/frameworks/rails/actionview4_test.rb)
|
30
|
+
when /rails32/
|
31
|
+
t.test_files = %w(test/frameworks/rails/activerecord_test.rb
|
32
|
+
test/frameworks/rails/actioncontroller_test.rb
|
33
|
+
test/frameworks/rails/actionview3_test.rb)
|
34
|
+
when /libraries/
|
35
|
+
t.test_files = Dir['test/{instrumentation,frameworks}/*_test.rb']
|
48
36
|
end
|
37
|
+
|
49
38
|
end
|
50
39
|
|
51
40
|
task :environment do
|
data/lib/instana/agent.rb
CHANGED
@@ -25,6 +25,7 @@ module Instana
|
|
25
25
|
attr_accessor :collect_thread
|
26
26
|
attr_accessor :thread_spawn_lock
|
27
27
|
attr_accessor :extra_headers
|
28
|
+
attr_reader :secret_values
|
28
29
|
|
29
30
|
attr_accessor :testmode
|
30
31
|
|
@@ -83,6 +84,10 @@ module Instana
|
|
83
84
|
|
84
85
|
# The agent may pass down custom headers for this sensor to capture
|
85
86
|
@extra_headers = nil
|
87
|
+
|
88
|
+
# The values considered sensitive and removed from http query parameters
|
89
|
+
# and database connection strings
|
90
|
+
@secret_values = nil
|
86
91
|
end
|
87
92
|
|
88
93
|
# Spawns the background thread and calls start. This method is separated
|
@@ -278,6 +283,7 @@ module Instana
|
|
278
283
|
data = Oj.load(response.body, OJ_OPTIONS)
|
279
284
|
@process[:report_pid] = data['pid']
|
280
285
|
@agent_uuid = data['agentUuid']
|
286
|
+
@secret_values = data['secrets']
|
281
287
|
|
282
288
|
if data.key?('extraHeaders')
|
283
289
|
@extra_headers = data['extraHeaders']
|
data/lib/instana/base.rb
CHANGED
@@ -12,6 +12,7 @@ module Instana
|
|
12
12
|
attr_accessor :config
|
13
13
|
attr_accessor :logger
|
14
14
|
attr_accessor :pid
|
15
|
+
attr_reader :secrets
|
15
16
|
|
16
17
|
##
|
17
18
|
# setup
|
@@ -24,6 +25,7 @@ module Instana
|
|
24
25
|
@tracer = ::Instana::Tracer.new
|
25
26
|
@processor = ::Instana::Processor.new
|
26
27
|
@collector = ::Instana::Collector.new
|
28
|
+
@secrets = ::Instana::Secrets.new
|
27
29
|
end
|
28
30
|
end
|
29
31
|
end
|
@@ -7,7 +7,7 @@ if defined?(::Excon) && ::Instana.config[:excon][:enabled]
|
|
7
7
|
|
8
8
|
payload = { :http => {} }
|
9
9
|
path = datum[:path].split('?').first
|
10
|
-
payload[:http][:url] = "#{datum[:connection].instance_variable_get(:@socket_key)}#{path}"
|
10
|
+
payload[:http][:url] = ::Instana.secrets.remove_from_query("#{datum[:connection].instance_variable_get(:@socket_key)}#{path}")
|
11
11
|
payload[:http][:method] = datum[:method] if datum.key?(:method)
|
12
12
|
|
13
13
|
if datum[:pipeline] == true
|
@@ -32,6 +32,8 @@ if defined?(::Net::HTTP) && ::Instana.config[:nethttp][:enabled]
|
|
32
32
|
kv_payload[:http][:url] = "http://#{@address}:#{@port}#{request.path}"
|
33
33
|
end
|
34
34
|
end
|
35
|
+
|
36
|
+
kv_payload[:http][:url] = ::Instana.secrets.remove_from_query(kv_payload[:http][:url])
|
35
37
|
|
36
38
|
# The core call
|
37
39
|
response = request_without_instana(*args, &block)
|
@@ -0,0 +1,42 @@
|
|
1
|
+
require 'uri'
|
2
|
+
require 'cgi'
|
3
|
+
|
4
|
+
module Instana
|
5
|
+
class Secrets
|
6
|
+
def remove_from_query(str, secret_values = Instana.agent.secret_values)
|
7
|
+
return str unless secret_values
|
8
|
+
|
9
|
+
url = URI(str)
|
10
|
+
params = CGI.parse(url.query)
|
11
|
+
|
12
|
+
redacted = params.map do |k, v|
|
13
|
+
needs_redaction = secret_values['list']
|
14
|
+
.any? { |t| matcher(secret_values['matcher']).(t,k) }
|
15
|
+
[k, needs_redaction ? '<redacted>' : v]
|
16
|
+
end
|
17
|
+
|
18
|
+
url.query = URI.encode_www_form(redacted)
|
19
|
+
CGI.unescape(url.to_s)
|
20
|
+
end
|
21
|
+
|
22
|
+
private
|
23
|
+
|
24
|
+
def matcher(name)
|
25
|
+
case name
|
26
|
+
when 'equals-ignore-case'
|
27
|
+
->(expected, actual) { expected.casecmp(actual) == 0 }
|
28
|
+
when 'equals'
|
29
|
+
->(expected, actual) { (expected <=> actual) == 0 }
|
30
|
+
when 'contains-ignore-case'
|
31
|
+
->(expected, actual) { actual.downcase.include?(expected) }
|
32
|
+
when 'contains'
|
33
|
+
->(expected, actual) { actual.include?(expected) }
|
34
|
+
when 'regex'
|
35
|
+
->(expected, actual) { !Regexp.new(expected).match(actual).nil? }
|
36
|
+
else
|
37
|
+
::Instana.logger.warn("Matcher #{name} is not supported.")
|
38
|
+
lambda { false }
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
data/lib/instana/setup.rb
CHANGED
data/lib/instana/version.rb
CHANGED
data/test/config_test.rb
CHANGED
@@ -10,28 +10,12 @@ class ConfigTest < Minitest::Test
|
|
10
10
|
assert_equal '127.0.0.1', ::Instana.config[:agent_host]
|
11
11
|
assert_equal 42699, ::Instana.config[:agent_port]
|
12
12
|
|
13
|
-
assert ::Instana.config[:enabled]
|
14
13
|
assert ::Instana.config[:tracing][:enabled]
|
15
14
|
assert ::Instana.config[:metrics][:enabled]
|
16
15
|
|
17
16
|
::Instana.config[:metrics].each do |k, v|
|
17
|
+
next unless v.is_a? Hash
|
18
18
|
assert_equal true, ::Instana.config[:metrics][k].key?(:enabled)
|
19
19
|
end
|
20
20
|
end
|
21
|
-
|
22
|
-
def test_that_global_affects_children
|
23
|
-
# Disabling the gem should explicitly disable
|
24
|
-
# metrics and tracing flags
|
25
|
-
::Instana.config[:enabled] = false
|
26
|
-
|
27
|
-
assert_equal false, ::Instana.config[:tracing][:enabled]
|
28
|
-
assert_equal false, ::Instana.config[:metrics][:enabled]
|
29
|
-
|
30
|
-
# Enabling the gem should explicitly enable
|
31
|
-
# metrics and tracing flags
|
32
|
-
::Instana.config[:enabled] = true
|
33
|
-
|
34
|
-
assert_equal ::Instana.config[:tracing][:enabled]
|
35
|
-
assert_equal ::Instana.config[:metrics][:enabled]
|
36
|
-
end
|
37
21
|
end
|
@@ -0,0 +1,73 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
|
3
|
+
class SecretsTest < Minitest::Test
|
4
|
+
def setup
|
5
|
+
@subject = Instana::Secrets.new
|
6
|
+
end
|
7
|
+
|
8
|
+
def test_equals_ignore_case
|
9
|
+
sample_config = {
|
10
|
+
"matcher"=>"equals-ignore-case",
|
11
|
+
"list"=>["key"]
|
12
|
+
}
|
13
|
+
|
14
|
+
url = url_for(%w(key Str kEy KEY))
|
15
|
+
assert_redacted @subject.remove_from_query(url, sample_config), %w(key kEy KEY)
|
16
|
+
end
|
17
|
+
|
18
|
+
def test_equals
|
19
|
+
sample_config = {
|
20
|
+
"matcher"=>"equals",
|
21
|
+
"list"=>["key", "kEy"]
|
22
|
+
}
|
23
|
+
|
24
|
+
url = url_for(%w(key Str kEy KEY))
|
25
|
+
assert_redacted @subject.remove_from_query(url, sample_config), %w(key kEy)
|
26
|
+
end
|
27
|
+
|
28
|
+
def test_contains_ignore_case
|
29
|
+
sample_config = {
|
30
|
+
"matcher"=>"contains-ignore-case",
|
31
|
+
"list"=>["stan"]
|
32
|
+
}
|
33
|
+
|
34
|
+
url = url_for(%w(instantiate conTESTant sample))
|
35
|
+
assert_redacted @subject.remove_from_query(url, sample_config), %w(instantiate conTESTant)
|
36
|
+
end
|
37
|
+
|
38
|
+
def test_contains
|
39
|
+
sample_config = {
|
40
|
+
"matcher"=>"contains",
|
41
|
+
"list"=>["stan"]
|
42
|
+
}
|
43
|
+
|
44
|
+
url = url_for(%w(instantiate conTESTant sample))
|
45
|
+
assert_redacted @subject.remove_from_query(url, sample_config), %w(instantiate)
|
46
|
+
|
47
|
+
end
|
48
|
+
|
49
|
+
def test_regexp
|
50
|
+
sample_config = {
|
51
|
+
"matcher"=>"regex",
|
52
|
+
"list"=>["l{2}"]
|
53
|
+
}
|
54
|
+
|
55
|
+
url = url_for(%w(ball foot move))
|
56
|
+
assert_redacted @subject.remove_from_query(url, sample_config), %w(ball)
|
57
|
+
end
|
58
|
+
|
59
|
+
private
|
60
|
+
|
61
|
+
def url_for(keys)
|
62
|
+
url = URI('http://example.com')
|
63
|
+
url.query = URI.encode_www_form(keys.map { |k| [k, rand(1..100)]})
|
64
|
+
url.to_s
|
65
|
+
end
|
66
|
+
|
67
|
+
def assert_redacted(str, keys)
|
68
|
+
url = URI(str)
|
69
|
+
params = CGI.parse(url.query)
|
70
|
+
|
71
|
+
assert_equal keys, params.select { |_, v| v == %w(<redacted>) }.keys, 'to be redacted'
|
72
|
+
end
|
73
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: instana
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.13.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Peter Giacomo Lombardo
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-01-
|
11
|
+
date: 2021-01-08 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -242,6 +242,7 @@ files:
|
|
242
242
|
- lib/instana/opentracing/carrier.rb
|
243
243
|
- lib/instana/opentracing/tracer.rb
|
244
244
|
- lib/instana/rack.rb
|
245
|
+
- lib/instana/secrets.rb
|
245
246
|
- lib/instana/setup.rb
|
246
247
|
- lib/instana/test.rb
|
247
248
|
- lib/instana/thread_local.rb
|
@@ -287,6 +288,7 @@ files:
|
|
287
288
|
- test/jobs/sidekiq_job_2.rb
|
288
289
|
- test/models/block.rb
|
289
290
|
- test/models/block6.rb
|
291
|
+
- test/secrets_test.rb
|
290
292
|
- test/servers/grpc_50051.rb
|
291
293
|
- test/servers/helpers/sidekiq_worker_initializer.rb
|
292
294
|
- test/servers/rackapp_6511.rb
|
@@ -335,6 +337,7 @@ test_files:
|
|
335
337
|
- test/agent/agent_test.rb
|
336
338
|
- test/models/block.rb
|
337
339
|
- test/models/block6.rb
|
340
|
+
- test/secrets_test.rb
|
338
341
|
- test/instrumentation/sidekiq-client_test.rb
|
339
342
|
- test/instrumentation/resque_test.rb
|
340
343
|
- test/instrumentation/sidekiq-worker_test.rb
|