opentelemetry-instrumentation-mysql2 0.11.0 → 0.16.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 343f1b5abb33a678fabe4a1f0d2cb0900841a576bdebc2af3eb853086844e7b8
-  data.tar.gz: 326da9138c5abae9a79b6e5447976556b61ded92bd97d15b617eec7f8c3b3c6b
+  metadata.gz: 89fb1be56f26510a07111f785844a64bb8afa67b451967481f66b34fb4148918
+  data.tar.gz: 2fda38e2e737d5400de33644f634a2fd01b292de783af6c79a7f7ab202d5c2e0
 SHA512:
-  metadata.gz: 209f75a882204378bb3c56844b2f49dc88747fb0437a70d836725000cf384c3e3da78756dca0250ca5840145ce350352760f22eb723cc373d39f7c7518a533c9
-  data.tar.gz: 27260bbd464888fb87b3f2fe86751a01f22ed0ebb1eb45b3ecfe22b9e4db802be8cac5d5033bc43a144b241202a9dfeb3fbe19b827ee431d40ec219bd7574d12
+  metadata.gz: c606394f621ae305fe5eea6b9167bd5fc6303aa2c73365d6d381f0f2dbe545d91caa2ed3c55e6e7db62797381eaccdea0f68afeb38f2efb6673282fcae3f68ae
+  data.tar.gz: 430c6c8530deee4cfa85f739c256663ac536eec693a0e39a8899f7b73d2a6f3b896787802b349ed4dbb46758ce4552ad3ff0e3a3d4acaaa20f569e1724a9fad8

data/CHANGELOG.md

@@ -1,5 +1,27 @@
 # Release History: opentelemetry-instrumentation-mysql2
 
+### v0.16.0 / 2021-03-17
+
+* FIXED: Update DB semantic conventions 
+* FIXED: Example scripts now reference local common lib 
+* ADDED: Configurable obfuscation of sql in mysql2 instrumentation to avoid logging sensitive data
+
+### v0.15.0 / 2021-02-18
+
+* ADDED: Add instrumentation config validation 
+
+### v0.14.0 / 2021-02-03
+
+* (No significant changes)
+
+### v0.13.0 / 2021-01-29
+
+* (No significant changes)
+
+### v0.12.0 / 2020-12-24
+
+* (No significant changes)
+
 ### v0.11.0 / 2020-12-11
 
 * ADDED: Add peer service config to mysql 

data/README.md

@@ -0,0 +1,65 @@
+# OpenTelemetry Mysql2 Instrumentation
+
+The OpenTelemetry Mysql2 Ruby gem is a community maintained instrumentation for [Mysql2][mysql2-home].
+
+## How do I get started?
+
+Install the gem using:
+
+```
+gem install opentelemetry-instrumentation-mysql2
+```
+
+Or, if you use [bundler][bundler-home], include `opentelemetry-instrumentation-mysql2` in your `Gemfile`.
+
+## Usage
+
+To use the instrumentation, call `use` with the name of the instrumentation:
+
+```ruby
+OpenTelemetry::SDK.configure do |c|
+  c.use 'OpenTelemetry::Instrumentation::Mysql2'
+end
+```
+
+Alternatively, you can also call `use_all` to install all the available instrumentation.
+
+```ruby
+OpenTelemetry::SDK.configure do |c|
+  c.use_all
+end
+```
+
+### Configuration options
+
+```ruby
+OpenTelemetry::SDK.configure do |c|
+  c.use 'OpenTelemetry::Instrumentation::Mysql2', {
+    # The obfuscation of SQL in the db.statement attribute is disabled by default.
+    # To enable, set enable_sql_obfuscation to true.
+    enable_sql_obfuscation: false,
+  }
+end
+```
+
+## Examples
+
+An example of usage can be seen in [`example/mysql2.rb`](https://github.com/open-telemetry/opentelemetry-ruby/blob/main/instrumentation/mysql2/example/mysql2.rb).
+
+## How can I get involved?
+
+The `opentelemetry-instrumentation-mysql2` gem source is [on github][repo-github], along with related gems including `opentelemetry-api` and `opentelemetry-sdk`.
+
+The OpenTelemetry Ruby gems are maintained by the OpenTelemetry-Ruby special interest group (SIG). You can get involved by joining us on our [gitter channel][ruby-gitter] or attending our weekly meeting. See the [meeting calendar][community-meetings] for dates and times. For more information on this and other language SIGs, see the OpenTelemetry [community page][ruby-sig].
+
+## License
+
+The `opentelemetry-instrumentation-mysql2` gem is distributed under the Apache 2.0 license. See [LICENSE][license-github] for more information.
+
+[mysql2-home]: https://github.com/brianmario/mysql2
+[bundler-home]: https://bundler.io
+[repo-github]: https://github.com/open-telemetry/opentelemetry-ruby
+[license-github]: https://github.com/open-telemetry/opentelemetry-ruby/blob/main/LICENSE
+[ruby-sig]: https://github.com/open-telemetry/community#ruby-sig
+[community-meetings]: https://github.com/open-telemetry/community#community-meetings
+[ruby-gitter]: https://gitter.im/open-telemetry/opentelemetry-ruby

data/lib/opentelemetry/instrumentation/mysql2/instrumentation.rb

@@ -19,6 +19,9 @@ module OpenTelemetry
           defined?(::Mysql2)
         end
 
+        option :peer_service, default: nil, validate: :string
+        option :enable_sql_obfuscation, default: false, validate: :boolean
+
         private
 
         def require_dependencies

data/lib/opentelemetry/instrumentation/mysql2/patches/client.rb

@@ -30,11 +30,31 @@ module OpenTelemetry
 
           QUERY_NAME_RE = Regexp.new("^(#{QUERY_NAMES.join('|')})", Regexp::IGNORECASE)
 
+          COMPONENTS_REGEX_MAP = {
+            single_quotes: /'(?:[^']|'')*?(?:\\'.*|'(?!'))/,
+            double_quotes: /"(?:[^"]|"")*?(?:\\".*|"(?!"))/,
+            numeric_literals: /-?\b(?:[0-9]+\.)?[0-9]+([eE][+-]?[0-9]+)?\b/,
+            boolean_literals: /\b(?:true|false|null)\b/i,
+            hexadecimal_literals: /0x[0-9a-fA-F]+/,
+            comments: /(?:#|--).*?(?=\r|\n|$)/i,
+            multi_line_comments: %r{\/\*(?:[^\/]|\/[^*])*?(?:\*\/|\/\*.*)}
+          }.freeze
+
+          MYSQL_COMPONENTS = %i[
+            single_quotes
+            double_quotes
+            numeric_literals
+            boolean_literals
+            hexadecimal_literals
+            comments
+            multi_line_comments
+          ].freeze
+
           def query(sql, options = {})
             tracer.in_span(
               database_span_name(sql),
               attributes: client_attributes.merge(
-                'db.statement' => sql
+                'db.statement' => obfuscate_sql(sql)
               ),
               kind: :client
             ) do
@@ -44,6 +64,31 @@ module OpenTelemetry
 
           private
 
+          def obfuscate_sql(sql)
+            return sql unless config[:enable_sql_obfuscation]
+
+            if sql.size > 2000
+              'SQL query too large to remove sensitive data ...'
+            else
+              obfuscated = sql.gsub(generated_mysql_regex, '?')
+              obfuscated = 'Failed to obfuscate SQL query - quote characters remained after obfuscation' if detect_unmatched_pairs(obfuscated)
+              obfuscated
+            end
+          end
+
+          def generated_mysql_regex
+            @generated_mysql_regex ||= Regexp.union(MYSQL_COMPONENTS.map { |component| COMPONENTS_REGEX_MAP[component] })
+          end
+
+          def detect_unmatched_pairs(obfuscated)
+            # We use this to check whether the query contains any quote characters
+            # after obfuscation. If so, that's a good indication that the original
+            # query was malformed, and so our obfuscation can't reliably find
+            # literals. In such a case, we'll replace the entire query with a
+            # placeholder.
+            %r{'|"|\/\*|\*\/}.match(obfuscated)
+          end
+
           def database_span_name(sql)
             # Setting span name to the SQL query without obfuscation would
             # result in PII + cardinality issues.
@@ -74,8 +119,7 @@ module OpenTelemetry
 
             attributes = {
               'db.system' => 'mysql',
-              'db.instance' => database_name,
-              'db.url' => "mysql://#{host}:#{port}",
+              'db.name' => database_name,
               'net.peer.name' => host,
               'net.peer.port' => port
             }

data/lib/opentelemetry/instrumentation/mysql2/version.rb

@@ -7,7 +7,7 @@
 module OpenTelemetry
   module Instrumentation
     module Mysql2
-      VERSION = '0.11.0'
+      VERSION = '0.16.0'
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: opentelemetry-instrumentation-mysql2
 version: !ruby/object:Gem::Version
-  version: 0.11.0
+  version: 0.16.0
 platform: ruby
 authors:
 - OpenTelemetry Authors
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-12-11 00:00:00.000000000 Z
+date: 2021-03-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: opentelemetry-api
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.11.0
+        version: 0.16.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.11.0
+        version: 0.16.0
 - !ruby/object:Gem::Dependency
   name: appraisal
   requirement: !ruby/object:Gem::Requirement
@@ -160,6 +160,7 @@ files:
 - ".yardopts"
 - CHANGELOG.md
 - LICENSE
+- README.md
 - lib/opentelemetry-instrumentation-mysql2.rb
 - lib/opentelemetry/instrumentation.rb
 - lib/opentelemetry/instrumentation/mysql2.rb
@@ -170,10 +171,10 @@ homepage: https://github.com/open-telemetry/opentelemetry-ruby
 licenses:
 - Apache-2.0
 metadata:
-  changelog_uri: https://open-telemetry.github.io/opentelemetry-ruby/opentelemetry-instrumentation-mysql2/v0.11.0/file.CHANGELOG.html
-  source_code_uri: https://github.com/open-telemetry/opentelemetry-ruby/tree/master/instrumentation/mysql2
+  changelog_uri: https://open-telemetry.github.io/opentelemetry-ruby/opentelemetry-instrumentation-mysql2/v0.16.0/file.CHANGELOG.html
+  source_code_uri: https://github.com/open-telemetry/opentelemetry-ruby/tree/main/instrumentation/mysql2
   bug_tracker_uri: https://github.com/open-telemetry/opentelemetry-ruby/issues
-  documentation_uri: https://open-telemetry.github.io/opentelemetry-ruby/opentelemetry-instrumentation-mysql2/v0.11.0
+  documentation_uri: https://open-telemetry.github.io/opentelemetry-ruby/opentelemetry-instrumentation-mysql2/v0.16.0
 post_install_message: 
 rdoc_options: []
 require_paths: