RubyGems - opentelemetry-instrumentation-mysql2 - Versions diffs - 0.15.0 → 0.16.0 - Mend

opentelemetry-instrumentation-mysql2 0.15.0 → 0.16.0

Files changed (7) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +6 -0
data/README.md +65 -0
data/lib/opentelemetry/instrumentation/mysql2/instrumentation.rb +1 -0
data/lib/opentelemetry/instrumentation/mysql2/patches/client.rb +47 -3
data/lib/opentelemetry/instrumentation/mysql2/version.rb +1 -1
metadata +7 -6

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 12b400ad2f7611c8d44e1c6dd14083fcedeb4f730cb2fbf19259abc59c15d564
-  data.tar.gz: cf2687053add9de9805c7b8e8416cd9c99a44a4b461c540335b8616329f30623
+  metadata.gz: 89fb1be56f26510a07111f785844a64bb8afa67b451967481f66b34fb4148918
+  data.tar.gz: 2fda38e2e737d5400de33644f634a2fd01b292de783af6c79a7f7ab202d5c2e0
 SHA512:
-  metadata.gz: 44e78341f4f54a7ea84225980b55d5d50b913c7640660158b703070e1f6ab936923552858eef9ba8e26c1813bf36c4015e89abd60c31b8d349e2e65f99502a92
-  data.tar.gz: efcc6c0a2049ceaffd32153439102c8eab5e5c8cce13fa27fce1bb0aa11ab37ec6eb7b0dcbe87c729b40178586839b9a6a60ccd17daeccc594aec47d94e41d47
+  metadata.gz: c606394f621ae305fe5eea6b9167bd5fc6303aa2c73365d6d381f0f2dbe545d91caa2ed3c55e6e7db62797381eaccdea0f68afeb38f2efb6673282fcae3f68ae
+  data.tar.gz: 430c6c8530deee4cfa85f739c256663ac536eec693a0e39a8899f7b73d2a6f3b896787802b349ed4dbb46758ce4552ad3ff0e3a3d4acaaa20f569e1724a9fad8

data/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,11 @@
 # Release History: opentelemetry-instrumentation-mysql2
+### v0.16.0 / 2021-03-17
+* FIXED: Update DB semantic conventions
+* FIXED: Example scripts now reference local common lib
+* ADDED: Configurable obfuscation of sql in mysql2 instrumentation to avoid logging sensitive data
 ### v0.15.0 / 2021-02-18
 * ADDED: Add instrumentation config validation

data/README.md ADDED Viewed

@@ -0,0 +1,65 @@
+# OpenTelemetry Mysql2 Instrumentation
+The OpenTelemetry Mysql2 Ruby gem is a community maintained instrumentation for [Mysql2][mysql2-home].
+## How do I get started?
+Install the gem using:
+```
+gem install opentelemetry-instrumentation-mysql2
+```
+Or, if you use [bundler][bundler-home], include `opentelemetry-instrumentation-mysql2` in your `Gemfile`.
+## Usage
+To use the instrumentation, call `use` with the name of the instrumentation:
+```ruby
+OpenTelemetry::SDK.configure do |c|
+  c.use 'OpenTelemetry::Instrumentation::Mysql2'
+end
+```
+Alternatively, you can also call `use_all` to install all the available instrumentation.
+```ruby
+OpenTelemetry::SDK.configure do |c|
+  c.use_all
+end
+```
+### Configuration options
+```ruby
+OpenTelemetry::SDK.configure do |c|
+  c.use 'OpenTelemetry::Instrumentation::Mysql2', {
+    # The obfuscation of SQL in the db.statement attribute is disabled by default.
+    # To enable, set enable_sql_obfuscation to true.
+    enable_sql_obfuscation: false,
+  }
+end
+```
+## Examples
+An example of usage can be seen in [`example/mysql2.rb`](https://github.com/open-telemetry/opentelemetry-ruby/blob/main/instrumentation/mysql2/example/mysql2.rb).
+## How can I get involved?
+The `opentelemetry-instrumentation-mysql2` gem source is [on github][repo-github], along with related gems including `opentelemetry-api` and `opentelemetry-sdk`.
+The OpenTelemetry Ruby gems are maintained by the OpenTelemetry-Ruby special interest group (SIG). You can get involved by joining us on our [gitter channel][ruby-gitter] or attending our weekly meeting. See the [meeting calendar][community-meetings] for dates and times. For more information on this and other language SIGs, see the OpenTelemetry [community page][ruby-sig].
+## License
+The `opentelemetry-instrumentation-mysql2` gem is distributed under the Apache 2.0 license. See [LICENSE][license-github] for more information.
+[mysql2-home]: https://github.com/brianmario/mysql2
+[bundler-home]: https://bundler.io
+[repo-github]: https://github.com/open-telemetry/opentelemetry-ruby
+[license-github]: https://github.com/open-telemetry/opentelemetry-ruby/blob/main/LICENSE
+[ruby-sig]: https://github.com/open-telemetry/community#ruby-sig
+[community-meetings]: https://github.com/open-telemetry/community#community-meetings
+[ruby-gitter]: https://gitter.im/open-telemetry/opentelemetry-ruby

data/lib/opentelemetry/instrumentation/mysql2/instrumentation.rb CHANGED Viewed

@@ -20,6 +20,7 @@ module OpenTelemetry
         end
         option :peer_service, default: nil, validate: :string
+        option :enable_sql_obfuscation, default: false, validate: :boolean
         private

data/lib/opentelemetry/instrumentation/mysql2/patches/client.rb CHANGED Viewed

@@ -30,11 +30,31 @@ module OpenTelemetry
           QUERY_NAME_RE = Regexp.new("^(#{QUERY_NAMES.join('|')})", Regexp::IGNORECASE)
+          COMPONENTS_REGEX_MAP = {
+            single_quotes: /'(?:[^']|'')*?(?:\\'.*|'(?!'))/,
+            double_quotes: /"(?:[^"]|"")*?(?:\\".*|"(?!"))/,
+            numeric_literals: /-?\b(?:[0-9]+\.)?[0-9]+([eE][+-]?[0-9]+)?\b/,
+            boolean_literals: /\b(?:true|false|null)\b/i,
+            hexadecimal_literals: /0x[0-9a-fA-F]+/,
+            comments: /(?:#|--).*?(?=\r|\n|$)/i,
+            multi_line_comments: %r{\/\*(?:[^\/]|\/[^*])*?(?:\*\/|\/\*.*)}
+          }.freeze
+          MYSQL_COMPONENTS = %i[
+            single_quotes
+            double_quotes
+            numeric_literals
+            boolean_literals
+            hexadecimal_literals
+            comments
+            multi_line_comments
+          ].freeze
           def query(sql, options = {})
             tracer.in_span(
               database_span_name(sql),
               attributes: client_attributes.merge(
-                'db.statement' => sql
+                'db.statement' => obfuscate_sql(sql)
               ),
               kind: :client
             ) do
@@ -44,6 +64,31 @@ module OpenTelemetry
           private
+          def obfuscate_sql(sql)
+            return sql unless config[:enable_sql_obfuscation]
+            if sql.size > 2000
+              'SQL query too large to remove sensitive data ...'
+            else
+              obfuscated = sql.gsub(generated_mysql_regex, '?')
+              obfuscated = 'Failed to obfuscate SQL query - quote characters remained after obfuscation' if detect_unmatched_pairs(obfuscated)
+              obfuscated
+            end
+          end
+          def generated_mysql_regex
+            @generated_mysql_regex ||= Regexp.union(MYSQL_COMPONENTS.map { |component| COMPONENTS_REGEX_MAP[component] })
+          end
+          def detect_unmatched_pairs(obfuscated)
+            # We use this to check whether the query contains any quote characters
+            # after obfuscation. If so, that's a good indication that the original
+            # query was malformed, and so our obfuscation can't reliably find
+            # literals. In such a case, we'll replace the entire query with a
+            # placeholder.
+            %r{'|"|\/\*|\*\/}.match(obfuscated)
+          end
           def database_span_name(sql)
             # Setting span name to the SQL query without obfuscation would
             # result in PII + cardinality issues.
@@ -74,8 +119,7 @@ module OpenTelemetry
             attributes = {
               'db.system' => 'mysql',
-              'db.instance' => database_name,
-              'db.url' => "mysql://#{host}:#{port}",
+              'db.name' => database_name,
               'net.peer.name' => host,
               'net.peer.port' => port
             }

data/lib/opentelemetry/instrumentation/mysql2/version.rb CHANGED Viewed

@@ -7,7 +7,7 @@
 module OpenTelemetry
   module Instrumentation
     module Mysql2
-      VERSION = '0.15.0'
+      VERSION = '0.16.0'
     end
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: opentelemetry-instrumentation-mysql2
 version: !ruby/object:Gem::Version
-  version: 0.15.0
+  version: 0.16.0
 platform: ruby
 authors:
 - OpenTelemetry Authors
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-02-18 00:00:00.000000000 Z
+date: 2021-03-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: opentelemetry-api
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.15.0
+        version: 0.16.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.15.0
+        version: 0.16.0
 - !ruby/object:Gem::Dependency
   name: appraisal
   requirement: !ruby/object:Gem::Requirement
@@ -160,6 +160,7 @@ files:
 - ".yardopts"
 - CHANGELOG.md
 - LICENSE
+- README.md
 - lib/opentelemetry-instrumentation-mysql2.rb
 - lib/opentelemetry/instrumentation.rb
 - lib/opentelemetry/instrumentation/mysql2.rb
@@ -170,10 +171,10 @@ homepage: https://github.com/open-telemetry/opentelemetry-ruby
 licenses:
 - Apache-2.0
 metadata:
-  changelog_uri: https://open-telemetry.github.io/opentelemetry-ruby/opentelemetry-instrumentation-mysql2/v0.15.0/file.CHANGELOG.html
+  changelog_uri: https://open-telemetry.github.io/opentelemetry-ruby/opentelemetry-instrumentation-mysql2/v0.16.0/file.CHANGELOG.html
   source_code_uri: https://github.com/open-telemetry/opentelemetry-ruby/tree/main/instrumentation/mysql2
   bug_tracker_uri: https://github.com/open-telemetry/opentelemetry-ruby/issues
-  documentation_uri: https://open-telemetry.github.io/opentelemetry-ruby/opentelemetry-instrumentation-mysql2/v0.15.0
+  documentation_uri: https://open-telemetry.github.io/opentelemetry-ruby/opentelemetry-instrumentation-mysql2/v0.16.0
 post_install_message:
 rdoc_options: []
 require_paths: