newrelic_rpm 6.6.0.358 → 6.11.0.365

data/lib/new_relic/agent/agent_logger.rb

@@ -173,6 +173,10 @@ module NewRelic
         StartupLogger.instance.dump(self)
       end
 
+      def self.format_fatal_error message
+        "** [NewRelic] FATAL : #{message}\n"
+      end
+
     end
 
     # In an effort to not lose messages during startup, we trap them in memory

data/lib/new_relic/agent/attribute_filter.rb

@@ -121,7 +121,7 @@ module NewRelic
         @high_security = config[:high_security]
 
         setup_key_cache
-        cache_prefix_blacklist
+        cache_prefix_denylist
       end
 
       # Note the key_cache is a global cache, accessible by multiple threads,
@@ -222,16 +222,16 @@ module NewRelic
       # arguments for Sidekiq and Resque in the common case, since none of
       # these attributes are captured by default.
       #
-      def cache_prefix_blacklist
-        @prefix_blacklist = {}
-        @prefix_blacklist[:'request.parameters'] = true unless might_allow_prefix_uncached?(:'request.parameters')
-        @prefix_blacklist[:'job.sidekiq.args']   = true unless might_allow_prefix_uncached?(:'job.sidekiq.args')
-        @prefix_blacklist[:'job.resque.args']    = true unless might_allow_prefix_uncached?(:'job.resque.args')
+      def cache_prefix_denylist
+        @prefix_denylist = {}
+        @prefix_denylist[:'request.parameters'] = true unless might_allow_prefix_uncached?(:'request.parameters')
+        @prefix_denylist[:'job.sidekiq.args']   = true unless might_allow_prefix_uncached?(:'job.sidekiq.args')
+        @prefix_denylist[:'job.resque.args']    = true unless might_allow_prefix_uncached?(:'job.resque.args')
       end
 
       # Note that the given prefix *must* be a Symbol
       def might_allow_prefix?(prefix)
-        !@prefix_blacklist.include?(prefix)
+        !@prefix_denylist.include?(prefix)
       end
 
       def might_allow_prefix_uncached?(prefix)

data/lib/new_relic/agent/attributes.rb

@@ -0,0 +1,150 @@
+# encoding: utf-8
+# This file is distributed under New Relic's license terms.
+# See https://github.com/newrelic/rpm/blob/master/LICENSE for complete details.
+
+require 'new_relic/agent/attribute_processing'
+
+module NewRelic
+  module Agent
+    class Attributes
+      KEY_LIMIT   = 255
+      VALUE_LIMIT = 255
+      COUNT_LIMIT = 64
+
+      def initialize(filter)
+        @filter = filter
+
+        @custom_attributes = {}
+        @agent_attributes = {}
+        @intrinsic_attributes = {}
+
+        @custom_destinations = {}
+        @agent_destinations = {}
+        @already_warned_count_limit = nil
+      end
+
+      def add_agent_attribute(key, value, default_destinations)
+        destinations = @filter.apply(key, default_destinations)
+        return if destinations == AttributeFilter::DST_NONE
+
+        @agent_destinations[key] = destinations
+        add(@agent_attributes, key, value)
+      end
+
+      def add_agent_attribute_with_key_check(key, value, default_destinations)
+        if exceeds_bytesize_limit? key, KEY_LIMIT
+          NewRelic::Agent.logger.debug("Agent attribute #{key} was dropped for exceeding key length limit #{KEY_LIMIT}")
+          return
+        end
+
+        add_agent_attribute(key, value, default_destinations)
+      end
+
+      def add_intrinsic_attribute(key, value)
+        add(@intrinsic_attributes, key, value)
+      end
+
+      def merge_untrusted_agent_attributes(attributes, prefix, default_destinations)
+        return if @filter.high_security?
+        return if !@filter.might_allow_prefix?(prefix)
+
+        AttributeProcessing.flatten_and_coerce(attributes, prefix) do |k, v|
+          add_agent_attribute_with_key_check(k, v, AttributeFilter::DST_NONE)
+        end
+      end
+
+      def merge_custom_attributes(other)
+        return unless Agent.config[:'custom_attributes.enabled']
+        return if other.empty?
+        AttributeProcessing.flatten_and_coerce(other) do |k, v|
+          add_custom_attribute(k, v)
+        end
+      end
+
+      def custom_attributes_for(destination)
+        for_destination(@custom_attributes, @custom_destinations, destination)
+      end
+
+      def agent_attributes_for(destination)
+        for_destination(@agent_attributes, @agent_destinations, destination)
+      end
+
+      def intrinsic_attributes_for(destination)
+        if destination == NewRelic::Agent::AttributeFilter::DST_TRANSACTION_TRACER ||
+           destination == NewRelic::Agent::AttributeFilter::DST_ERROR_COLLECTOR
+          @intrinsic_attributes
+        else
+          NewRelic::EMPTY_HASH
+        end
+      end
+
+      private
+
+      def add_custom_attribute(key, value)
+        if @custom_attributes.size >= COUNT_LIMIT
+          unless @already_warned_count_limit
+            NewRelic::Agent.logger.warn("Custom attributes count exceeded limit of #{COUNT_LIMIT}. Any additional custom attributes during this transaction will be dropped.")
+            @already_warned_count_limit = true
+          end
+          return
+        end
+
+        if @filter.high_security?
+          NewRelic::Agent.logger.debug("Unable to add custom attribute #{key} while in high security mode.")
+          return
+        end
+
+        if exceeds_bytesize_limit?(key, KEY_LIMIT)
+          NewRelic::Agent.logger.warn("Custom attribute key '#{key}' was longer than limit of #{KEY_LIMIT} bytes. This attribute will be dropped.")
+          return
+        end
+
+        destinations = @filter.apply(key, AttributeFilter::DST_ALL)
+        return if destinations == AttributeFilter::DST_NONE
+
+        @custom_destinations[key] = destinations
+        add(@custom_attributes, key, value)
+      end
+
+      def add(attributes, key, value)
+        return if value.nil?
+
+        if exceeds_bytesize_limit?(value, VALUE_LIMIT)
+          value = slice(value)
+        end
+
+        attributes[key] = value
+      end
+
+      def for_destination(attributes, calculated_destinations, destination)
+        # Avoid allocating anything if there are no attrs at all
+        return NewRelic::EMPTY_HASH if attributes.empty?
+
+        attributes.inject({}) do |memo, (key, value)|
+          if @filter.allows?(calculated_destinations[key], destination)
+            memo[key] = value
+          end
+          memo
+        end
+      end
+
+      def exceeds_bytesize_limit?(value, limit)
+        if value.respond_to?(:bytesize)
+          value.bytesize > limit
+        elsif value.is_a?(Symbol)
+          value.to_s.bytesize > limit
+        else
+          false
+        end
+      end
+
+      # Take one byte past our limit. Why? This lets us unconditionally chop!
+      # the end. It'll either remove the one-character-too-many we have, or
+      # peel off the partial, mangled character left by the byteslice.
+      def slice(incoming)
+        result = incoming.to_s.byteslice(0, VALUE_LIMIT + 1)
+        result.chop!
+      end
+    end
+  end
+end

data/lib/new_relic/agent/autostart.rb

@@ -20,23 +20,28 @@ module NewRelic
 
 
       # The constants, executables (i.e. $0) and rake tasks used can be
-      # configured with the config keys 'autostart.blacklisted_constants',
-      # 'autostart.blacklisted_executables' and
-      # 'autostart.blacklisted_rake_tasks'
+      # configured with the config keys 'autostart.denylisted_constants',
+      # 'autostart.denylisted_executables' and
+      # 'autostart.denylisted_rake_tasks'
       def agent_should_start?
-          !blacklisted_constants? &&
-          !blacklisted_executables? &&
-          !in_blacklisted_rake_task?
+          !denylisted_constants? &&
+          !denylisted_executables? &&
+          !in_denylisted_rake_task?
       end
 
-      def blacklisted_constants?
-        blacklisted?(NewRelic::Agent.config[:'autostart.blacklisted_constants']) do |name|
+      COMMA = ",".freeze
+
+      def denylisted_constants?
+        # For backwards compatibility until :'autostart_blacklisted_constants' config option is removed
+        constants = NewRelic::Agent.config[:'autostart.denylisted_constants'] << COMMA << NewRelic::Agent.config[:'autostart.blacklisted_constants']
+
+        denylisted?(constants) do |name|
           constant_is_defined?(name)
         end
       end
 
-      def blacklisted_executables?
-        blacklisted?(NewRelic::Agent.config[:'autostart.blacklisted_executables']) do |bin|
+      def denylisted_executables?
+        denylisted?(NewRelic::Agent.config[:'autostart.denylisted_executables']) do |bin|
           File.basename($0) == bin
         end
       end
@@ -47,18 +52,18 @@ module NewRelic
         !!::NewRelic::LanguageSupport.constantize(const_name)
       end
 
-      def blacklisted?(value, &block)
+      def denylisted?(value, &block)
         value.split(/\s*,\s*/).any?(&block)
       end
 
-      def in_blacklisted_rake_task?
+      def in_denylisted_rake_task?
         tasks = begin
                   ::Rake.application.top_level_tasks
                 rescue => e
-            ::NewRelic::Agent.logger.debug("Not in Rake environment so skipping blacklisted_rake_tasks check: #{e}")
+            ::NewRelic::Agent.logger.debug("Not in Rake environment so skipping denylisted_rake_tasks check: #{e}")
             []
           end
-        !(tasks & ::NewRelic::Agent.config[:'autostart.blacklisted_rake_tasks'].split(/\s*,\s*/)).empty?
+        !(tasks & ::NewRelic::Agent.config[:'autostart.denylisted_rake_tasks'].split(/\s*,\s*/)).empty?
       end
     end
   end

data/lib/new_relic/agent/configuration/default_source.rb

@@ -196,6 +196,15 @@ module NewRelic
           end
         end
 
+        SEMICOLON = ';'.freeze
+        def self.convert_to_list_on_semicolon value
+          case value
+          when Array then value
+          when String then value.split(SEMICOLON)
+          else []
+          end
+        end
+
         def self.convert_to_constant_list(raw_value)
           const_names = convert_to_list(raw_value)
           const_names.map! do |class_name|
@@ -209,9 +218,19 @@ module NewRelic
           end
           const_names.compact
         end
+
+        def self.enforce_fallback(allowed_values: nil, fallback: nil)
+          Proc.new do |configured_value|
+            if allowed_values.any? { |v| v =~ /#{configured_value}/i }
+              configured_value
+            else
+              fallback
+            end
+          end
+        end
       end
 
-      AUTOSTART_BLACKLISTED_RAKE_TASKS = [
+      AUTOSTART_DENYLISTED_RAKE_TASKS = [
         'about',
         'assets:clean',
         'assets:clobber',
@@ -291,8 +310,17 @@ module NewRelic
           :public => true,
           :type => String,
           :allowed_from_server => false,
+          :transform => DefaultSource.method(:convert_to_list_on_semicolon),
           :description => 'Specify the <a href="https://docs.newrelic.com/docs/apm/new-relic-apm/installation-configuration/name-your-application">application name</a> used to aggregate data in the New Relic UI. To report data to <a href="https://docs.newrelic.com/docs/apm/new-relic-apm/installation-configuration/using-multiple-names-app">multiple apps at the same time</a>, specify a list of names separated by a semicolon <code>;</code>. For example, <code>MyApp</code> or <code>MyStagingApp;Instance1</code>.'
         },
+        :entity_guid => {
+          :default => nil,
+          :allow_nil => true,
+          :public => true,
+          :type => String,
+          :allowed_from_server => true,
+          :description => 'The <a href="https://docs.newrelic.com/attribute-dictionary/span/entityguid">Entity GUID</a> for the entity running this agent.'
+        },
         :monitor_mode => {
           :default => value_of(:enabled),
           :public => true,
@@ -367,7 +395,21 @@ module NewRelic
           :public => true,
           :type => Boolean,
           :allowed_from_server => false,
-          :description => 'When <code>true</code>, the agent captures HTTP request parameters and attaches them to transaction traces, traced errors, and <a href="https://docs.newrelic.com/docs/insights/new-relic-insights/decorating-events/error-event-default-attributes-insights">TransactionError events</a>.'
+          :description => 'When <code>true</code>, the agent captures HTTP request parameters ' \
+            'and attaches them to transaction traces, traced errors, and ' \
+            '<a href="https://docs.newrelic.com/attribute-dictionary?attribute_name=&events_tids%5B%5D=8241">'\
+            '<code>TransactionError</code> events.' \
+            "\n" \
+            '<div class="callout-warning">' \
+            "\n" \
+            '<p>When using the <code>capture_params</code> setting, the Ruby agent will not attempt ' \
+            'to filter secret information. <b>Recommendation:</b> To filter secret information from ' \
+            'request parameters, use the <a href="/docs/agents/ruby-agent/attributes/enable-disable-attributes-ruby">' \
+            '<code>attributes.include</code> setting</a> instead. For more information, see the ' \
+            '<a href="/docs/agents/ruby-agent/attributes/ruby-attribute-examples#ex_req_params">' \
+            'Ruby attribute examples</a>.' \
+            "</p>\n" \
+            '</div>'
         },
         :config_path => {
           :default => DefaultSource.config_path,
@@ -398,6 +440,17 @@ module NewRelic
           :description => 'Autodetected application framework used to enable framework-specific functionality.'
         },
         :'autostart.blacklisted_constants' => {
+          :default => 'Rails::Console',
+          :public => true,
+          :type => String,
+          :allowed_from_server => false,
+          :description => 'Deprecated.  ' \
+              'For agent versions 6.8.0 or higher, ' \
+              'use <a href="#autostart-denylisted_constants"><code>' \
+                'autostart.denylisted_constants' \
+              '</code></a> instead.'
+        },
+        :'autostart.denylisted_constants' => {
           :default => 'Rails::Console',
           :public => true,
           :type => String,
@@ -409,10 +462,32 @@ module NewRelic
           :public => true,
           :type => String,
           :allowed_from_server => false,
+          :description => 'Deprecated.  ' \
+              'For agent versions 6.8.0 or higher, ' \
+              'use <a href="#autostart-denylisted_executables"><code>' \
+                'autostart.denylisted_executables' \
+              '</code></a> instead.'
+        },
+        :'autostart.denylisted_executables' => {
+          :default => value_of(:'autostart.blacklisted_executables'),
+          :public => true,
+          :type => String,
+          :allowed_from_server => false,
           :description => 'Defines a comma-delimited list of executables that the agent should not instrument. For example, <code>rake,my_ruby_script.rb</code>.'
         },
         :'autostart.blacklisted_rake_tasks' => {
-          :default => AUTOSTART_BLACKLISTED_RAKE_TASKS,
+          :default => AUTOSTART_DENYLISTED_RAKE_TASKS,
+          :public => true,
+          :type => String,
+          :allowed_from_server => false,
+          :description => 'Deprecated.  ' \
+              'For agent versions 6.8.0 or higher, ' \
+              'use <a href="#autostart-denylisted_rake_tasks"><code>' \
+                'autostart.denylisted_rake_tasks' \
+              '</code></a> instead.'
+        },
+        :'autostart.denylisted_rake_tasks' => {
+          :default => value_of(:'autostart.blacklisted_rake_tasks'),
           :public => true,
           :type => String,
           :allowed_from_server => false,
@@ -460,15 +535,28 @@ module NewRelic
           :public => true,
           :type => Boolean,
           :allowed_from_server => false,
-          :description => 'If true, the agent strips messages from all exceptions except those in the <a href="#strip_exception_messages-whitelist">whitelist</a>. Enabled automatically in <a href="https://docs.newrelic.com/docs/accounts-partnerships/accounts/security/high-security">high security mode</a>.'
+          :description => 'If true, the agent strips messages from all exceptions except those in the <a href="#strip_exception_messages-allowlist">allowlist</a>. Enabled automatically in <a href="https://docs.newrelic.com/docs/accounts-partnerships/accounts/security/high-security">high security mode</a>.'
         },
         :'strip_exception_messages.whitelist' => {
+          :default => '',
+          :public => true,
+          :type => String,
+          :deprecated => true,
+          :allowed_from_server => false,
+          :transform => DefaultSource.method(:convert_to_constant_list),
+          :description => 'Deprecated.  ' \
+              'For agent versions 6.8.0 or higher, ' \
+              'use <a href="#strip_exception_messages.allowed_classes"><code>' \
+                'strip_exception_messages.allowed_classes' \
+              '</code></a> instead.'
+        },
+        :'strip_exception_messages.allowed_classes' => {
           :default => '',
           :public => true,
           :type => String,
           :allowed_from_server => false,
           :transform => DefaultSource.method(:convert_to_constant_list),
-          :description => 'Specify a whitelist of exceptions you do not want the agent to strip when <a href="#strip_exception_messages-enabled">strip_exception_messages</a> is <code>true</code>. Separate exceptions with a comma. For example, <code>"ImportantException,PreserveMessageException"</code>.'
+          :description => 'Specify a list of exceptions you do not want the agent to strip when <a href="#strip_exception_messages-enabled">strip_exception_messages</a> is <code>true</code>. Separate exceptions with a comma. For example, <code>"ImportantException,PreserveMessageException"</code>.'
         },
         :host => {
           :default => DefaultSource.host,
@@ -527,7 +615,7 @@ module NewRelic
           :description => 'Use HTTP PUT requests instead of POST.'
         },
         :compressed_content_encoding => {
-          :default => 'deflate',
+          :default => 'gzip',
           :public => false,
           :type => String,
           :allowed_from_server => false,
@@ -568,14 +656,37 @@ module NewRelic
           :allowed_from_server => true,
           :description => 'Number of seconds betwixt connections to the New Relic event collection services.'
         },
-        :'data_report_periods.analytic_event_data' => {
+        :'event_report_period.analytic_event_data' => {
+          :default => 60,
+          :public => false,
+          :type => Integer,
+          :dynamic_name => true,
+          :allowed_from_server => true,
+          :description => 'Number of seconds betwixt connections to the New Relic analytic event collection services.'
+        },
+        :'event_report_period.custom_event_data' => {
+          :default => 60,
+          :public => false,
+          :type => Integer,
+          :dynamic_name => true,
+          :allowed_from_server => true,
+          :description => 'Number of seconds betwixt connections to the New Relic custom event collection services.'
+        },
+        :'event_report_period.error_event_data' => {
+          :default => 60,
+          :public => false,
+          :type => Integer,
+          :dynamic_name => true,
+          :allowed_from_server => true,
+          :description => 'Number of seconds betwixt connections to the New Relic error event collection services.'
+        },
+        :'event_report_period.span_event_data' => {
           :default => 60,
           :public => false,
           :type => Integer,
-          :deprecated => true,
           :dynamic_name => true,
           :allowed_from_server => true,
-          :description => 'Number of seconds between connections to the New Relic data collection service for sending transaction event data.'
+          :description => 'Number of seconds betwixt connections to the New Relic span event collection services.'
         },
         :keep_retrying => {
           :default => true,
@@ -1810,12 +1921,46 @@ module NewRelic
           :allowed_from_server => true,
           :description => 'If <code>true</code>, enables span event sampling.'
         },
+        :'span_events.queue_size' => {
+          :default => 10_000,
+          :public => true,
+          :type => Integer,
+          :allowed_from_server => false,
+          :external => :infinite_tracing,
+          :description => "Sets the maximum number of span events to buffer when streaming to the trace observer."
+        },
         :'span_events.max_samples_stored' => {
           :default => 1000,
           :public => true,
           :type => Integer,
           :allowed_from_server => true,
           :description => 'Defines the maximum number of span events reported from a single harvest.'
+        },
+        :'exclude_newrelic_header' => {
+          :default => false,
+          :public => true,
+          :type => Boolean,
+          :allowed_from_server => true,
+          :description => "Allows newrelic distributed tracing headers to be suppressed on outbound requests."
+        },
+        :'infinite_tracing.trace_observer.host' => {
+          :default => '',
+          :public => true,
+          :type => String,
+          :allowed_from_server => false,
+          :external => :infinite_tracing,
+          :description => "Configures the hostname for the Trace Observer Host. " \
+            "When configured, enables tail-based sampling by sending all recorded spans " \
+            "to a Trace Observer for further sampling decisions, irrespective of any usual " \
+            "agent sampling decision."
+        },
+        :'infinite_tracing.trace_observer.port' => {
+          :default => 443,
+          :public => true,
+          :type => Integer,
+          :allowed_from_server => false,
+          :external => :infinite_tracing,
+          :description => "Configures the TCP/IP port for the Trace Observer Host"
         }
       }.freeze
     end