sqreen 1.18.6-java → 1.20.0-java

Sign up to get free protection for your applications and to get access to all the features.
Files changed (190) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +27 -0
  3. data/lib/sqreen/actions.rb +2 -0
  4. data/lib/sqreen/actions/actions_index.rb +16 -0
  5. data/lib/sqreen/actions/base.rb +4 -10
  6. data/lib/sqreen/actions/block_ip.rb +2 -0
  7. data/lib/sqreen/actions/block_user.rb +2 -0
  8. data/lib/sqreen/actions/ip_range_indexed_action_class.rb +4 -24
  9. data/lib/sqreen/actions/ip_ranges_index.rb +32 -11
  10. data/lib/sqreen/actions/redirect_ip.rb +2 -0
  11. data/lib/sqreen/actions/redirect_user.rb +2 -0
  12. data/lib/sqreen/actions/repository.rb +27 -8
  13. data/lib/sqreen/actions/unknown_action_type.rb +4 -0
  14. data/lib/sqreen/actions/user_action_class.rb +5 -30
  15. data/lib/sqreen/actions/users_index.rb +35 -0
  16. data/lib/sqreen/agent.rb +2 -1
  17. data/lib/sqreen/aggregated_metric.rb +25 -0
  18. data/lib/sqreen/attack_blocked.rb +2 -0
  19. data/lib/sqreen/binding_accessor.rb +2 -0
  20. data/lib/sqreen/binding_accessor/path_elem.rb +2 -0
  21. data/lib/sqreen/binding_accessor/transforms.rb +8 -1
  22. data/lib/sqreen/call_countable.rb +2 -0
  23. data/lib/sqreen/capped_queue.rb +2 -0
  24. data/lib/sqreen/cb.rb +2 -0
  25. data/lib/sqreen/cb_tree.rb +2 -0
  26. data/lib/sqreen/condition_evaluator.rb +2 -0
  27. data/lib/sqreen/conditionable.rb +2 -0
  28. data/lib/sqreen/configuration.rb +19 -1
  29. data/lib/sqreen/context.rb +2 -0
  30. data/lib/sqreen/default_cb.rb +2 -0
  31. data/lib/sqreen/deferred_logger.rb +2 -0
  32. data/lib/sqreen/deliveries.rb +2 -0
  33. data/lib/sqreen/deliveries/batch.rb +6 -1
  34. data/lib/sqreen/deliveries/simple.rb +6 -0
  35. data/lib/sqreen/dependency.rb +3 -1
  36. data/lib/sqreen/dependency/detector.rb +22 -14
  37. data/lib/sqreen/dependency/libsqreen.rb +4 -0
  38. data/lib/sqreen/dependency/new_relic.rb +2 -0
  39. data/lib/sqreen/dependency/rack.rb +10 -5
  40. data/lib/sqreen/dependency/rails.rb +4 -0
  41. data/lib/sqreen/dependency/sentry.rb +2 -0
  42. data/lib/sqreen/dependency/sinatra.rb +12 -1
  43. data/lib/sqreen/encoding_sanitizer.rb +2 -0
  44. data/lib/sqreen/error_handling_middleware.rb +2 -0
  45. data/lib/sqreen/event.rb +9 -5
  46. data/lib/sqreen/events/attack.rb +25 -18
  47. data/lib/sqreen/events/remote_exception.rb +2 -22
  48. data/lib/sqreen/events/request_record.rb +17 -70
  49. data/lib/sqreen/exception.rb +2 -0
  50. data/lib/sqreen/formatter_with_tid.rb +2 -0
  51. data/lib/sqreen/framework_cb.rb +2 -0
  52. data/lib/sqreen/frameworks.rb +2 -0
  53. data/lib/sqreen/frameworks/generic.rb +2 -0
  54. data/lib/sqreen/frameworks/rails.rb +1 -0
  55. data/lib/sqreen/frameworks/rails3.rb +2 -0
  56. data/lib/sqreen/frameworks/request_recorder.rb +15 -2
  57. data/lib/sqreen/frameworks/sinatra.rb +2 -0
  58. data/lib/sqreen/frameworks/sqreen_test.rb +2 -0
  59. data/lib/sqreen/graft.rb +12 -0
  60. data/lib/sqreen/graft/call.rb +150 -0
  61. data/lib/sqreen/{dependency → graft}/callback.rb +12 -4
  62. data/lib/sqreen/graft/hook.rb +316 -0
  63. data/lib/sqreen/{dependency → graft}/hook_point.rb +152 -33
  64. data/lib/sqreen/graft/hook_point_error.rb +10 -0
  65. data/lib/sqreen/invalid_signature_exception.rb +2 -0
  66. data/lib/sqreen/js.rb +2 -0
  67. data/lib/sqreen/js/call_context.rb +2 -0
  68. data/lib/sqreen/js/context_pool.rb +2 -0
  69. data/lib/sqreen/js/exec_js_runnable.rb +2 -0
  70. data/lib/sqreen/js/execjs_adapter.rb +2 -0
  71. data/lib/sqreen/js/executable_js.rb +2 -0
  72. data/lib/sqreen/js/js_service.rb +2 -0
  73. data/lib/sqreen/js/js_service_adapter.rb +2 -0
  74. data/lib/sqreen/js/mini_racer_adapter.rb +2 -0
  75. data/lib/sqreen/js/mini_racer_executable_js.rb +2 -0
  76. data/lib/sqreen/js/thread_local_exec_js_runnable.rb +2 -0
  77. data/lib/sqreen/kit/signals/specialized/aggregated_metric.rb +72 -0
  78. data/lib/sqreen/kit/signals/specialized/attack.rb +57 -0
  79. data/lib/sqreen/kit/signals/specialized/binning_metric.rb +76 -0
  80. data/lib/sqreen/kit/signals/specialized/http_trace.rb +26 -0
  81. data/lib/sqreen/kit/signals/specialized/sdk_track_call.rb +50 -0
  82. data/lib/sqreen/kit/signals/specialized/sqreen_exception.rb +57 -0
  83. data/lib/sqreen/{backport.rb → legacy.rb} +3 -2
  84. data/lib/sqreen/{instrumentation.rb → legacy/instrumentation.rb} +31 -2
  85. data/lib/sqreen/legacy/old_event_submission_strategy.rb +221 -0
  86. data/lib/sqreen/legacy/waf_redactions.rb +49 -0
  87. data/lib/sqreen/log.rb +2 -0
  88. data/lib/sqreen/log/loggable.rb +28 -0
  89. data/lib/sqreen/logger.rb +2 -0
  90. data/lib/sqreen/metrics.rb +2 -0
  91. data/lib/sqreen/metrics/average.rb +2 -0
  92. data/lib/sqreen/metrics/base.rb +5 -0
  93. data/lib/sqreen/metrics/binning.rb +2 -0
  94. data/lib/sqreen/metrics/collect.rb +2 -0
  95. data/lib/sqreen/metrics/sum.rb +2 -0
  96. data/lib/sqreen/metrics_store.rb +24 -12
  97. data/lib/sqreen/metrics_store/already_registered_metric.rb +2 -0
  98. data/lib/sqreen/metrics_store/unknown_metric.rb +2 -0
  99. data/lib/sqreen/metrics_store/unregistered_metric.rb +2 -0
  100. data/lib/sqreen/middleware.rb +2 -0
  101. data/lib/sqreen/mono_time.rb +2 -0
  102. data/lib/sqreen/node.rb +2 -0
  103. data/lib/sqreen/not_implemented_yet.rb +2 -0
  104. data/lib/sqreen/null_logger.rb +2 -0
  105. data/lib/sqreen/payload_creator.rb +2 -0
  106. data/lib/sqreen/payload_creator/header_section.rb +2 -0
  107. data/lib/sqreen/performance_notifications.rb +2 -0
  108. data/lib/sqreen/performance_notifications/binned_metrics.rb +10 -2
  109. data/lib/sqreen/performance_notifications/log.rb +2 -0
  110. data/lib/sqreen/performance_notifications/log_performance.rb +2 -0
  111. data/lib/sqreen/performance_notifications/metrics.rb +2 -0
  112. data/lib/sqreen/performance_notifications/newrelic.rb +2 -0
  113. data/lib/sqreen/prefix.rb +2 -0
  114. data/lib/sqreen/rails_middleware.rb +2 -0
  115. data/lib/sqreen/remote_command.rb +2 -0
  116. data/lib/sqreen/remote_command/failure_output.rb +5 -0
  117. data/lib/sqreen/rules.rb +6 -2
  118. data/lib/sqreen/rules/attrs.rb +2 -0
  119. data/lib/sqreen/rules/auth_track_cb.rb +2 -0
  120. data/lib/sqreen/rules/binding_accessor_matcher_cb.rb +2 -0
  121. data/lib/sqreen/rules/binding_accessor_metrics.rb +2 -0
  122. data/lib/sqreen/rules/blacklist_ips_cb.rb +2 -0
  123. data/lib/sqreen/rules/count_http_codes.rb +2 -0
  124. data/lib/sqreen/rules/crawler_user_agent_matches_cb.rb +2 -0
  125. data/lib/sqreen/rules/crawler_user_agent_matches_metrics_cb.rb +2 -0
  126. data/lib/sqreen/rules/custom_error_cb.rb +2 -0
  127. data/lib/sqreen/rules/devise_auth_track_cb.rb +2 -0
  128. data/lib/sqreen/rules/devise_signup_track_cb.rb +2 -0
  129. data/lib/sqreen/rules/execjs_cb.rb +2 -0
  130. data/lib/sqreen/rules/headers_insert_cb.rb +7 -0
  131. data/lib/sqreen/rules/matcher_rule.rb +2 -0
  132. data/lib/sqreen/rules/not_found_cb.rb +7 -0
  133. data/lib/sqreen/rules/rails_parameters_cb.rb +2 -0
  134. data/lib/sqreen/rules/record_request_context.rb +2 -0
  135. data/lib/sqreen/rules/regexp_rule_cb.rb +2 -0
  136. data/lib/sqreen/rules/rule_cb.rb +4 -0
  137. data/lib/sqreen/rules/run_req_start_actions.rb +3 -1
  138. data/lib/sqreen/rules/run_user_actions.rb +3 -1
  139. data/lib/sqreen/rules/shell_env_cb.rb +2 -0
  140. data/lib/sqreen/rules/signup_track_cb.rb +2 -0
  141. data/lib/sqreen/rules/update_request_context.rb +2 -0
  142. data/lib/sqreen/rules/url_matches_cb.rb +2 -0
  143. data/lib/sqreen/rules/user_agent_matches_cb.rb +2 -0
  144. data/lib/sqreen/rules/waf_cb.rb +41 -16
  145. data/lib/sqreen/rules/xss_cb.rb +2 -0
  146. data/lib/sqreen/run_when_called_cb.rb +2 -0
  147. data/lib/sqreen/runner.rb +68 -12
  148. data/lib/sqreen/runtime_infos.rb +2 -0
  149. data/lib/sqreen/safe_json.rb +2 -0
  150. data/lib/sqreen/sdk.rb +4 -0
  151. data/lib/sqreen/sensitive_data_redactor.rb +21 -31
  152. data/lib/sqreen/serializer.rb +2 -0
  153. data/lib/sqreen/session.rb +41 -37
  154. data/lib/sqreen/shared_storage.rb +2 -0
  155. data/lib/sqreen/shared_storage23.rb +2 -0
  156. data/lib/sqreen/shrink_wrap.rb +16 -0
  157. data/lib/sqreen/signals/conversions.rb +283 -0
  158. data/lib/sqreen/signals/http_trace_redaction.rb +111 -0
  159. data/lib/sqreen/signals/signals_submission_strategy.rb +78 -0
  160. data/lib/sqreen/signature_verifier.rb +2 -0
  161. data/lib/sqreen/sinatra_middleware.rb +2 -0
  162. data/lib/sqreen/sqreen_signed_verifier.rb +2 -0
  163. data/lib/sqreen/token_invalid_exception.rb +2 -0
  164. data/lib/sqreen/token_not_found_exception.rb +2 -0
  165. data/lib/sqreen/trie.rb +2 -0
  166. data/lib/sqreen/unauthorized.rb +2 -0
  167. data/lib/sqreen/util.rb +5 -0
  168. data/lib/sqreen/util/capped_array.rb +2 -0
  169. data/lib/sqreen/util/capped_hash.rb +2 -0
  170. data/lib/sqreen/util/capped_string.rb +2 -0
  171. data/lib/sqreen/util/capper.rb +2 -0
  172. data/lib/sqreen/version.rb +3 -1
  173. data/lib/sqreen/waf_error.rb +2 -0
  174. data/lib/sqreen/weave.rb +12 -0
  175. data/lib/sqreen/weave/hardcoded.rb +19 -0
  176. data/lib/sqreen/weave/instrumentor.rb +48 -0
  177. data/lib/sqreen/weave/legacy.rb +12 -0
  178. data/lib/sqreen/weave/legacy/instrumentation.rb +406 -0
  179. data/lib/sqreen/web_server.rb +2 -0
  180. data/lib/sqreen/web_server/generic.rb +2 -0
  181. data/lib/sqreen/web_server/passenger.rb +2 -0
  182. data/lib/sqreen/web_server/puma.rb +2 -0
  183. data/lib/sqreen/web_server/rainbows.rb +2 -0
  184. data/lib/sqreen/web_server/thin.rb +2 -0
  185. data/lib/sqreen/web_server/unicorn.rb +2 -0
  186. data/lib/sqreen/web_server/webrick.rb +2 -0
  187. data/lib/sqreen/worker.rb +2 -0
  188. metadata +65 -9
  189. data/lib/sqreen/backport/original_name.rb +0 -86
  190. data/lib/sqreen/dependency/hook.rb +0 -102
data/lib/sqreen/rules/record_request_context.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # typed: ignore
2
+
1
3
  # Copyright (c) 2015 Sqreen. All Rights Reserved.
2
4
  # Please refer to our terms for more information: https://www.sqreen.com/terms.html
3
5
 
data/lib/sqreen/rules/regexp_rule_cb.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # typed: ignore
2
+
1
3
  # Copyright (c) 2015 Sqreen. All Rights Reserved.
2
4
  # Please refer to our terms for more information: https://www.sqreen.com/terms.html
3
5
 
data/lib/sqreen/rules/rule_cb.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # typed: ignore
2
+
1
3
  # Copyright (c) 2015 Sqreen. All Rights Reserved.
2
4
  # Please refer to our terms for more information: https://www.sqreen.com/terms.html
3
5
 
@@ -59,7 +61,9 @@ module Sqreen
59
61
  :infos => infos,
60
62
  :rulespack_id => rulespack_id,
61
63
  :rule_name => rule_name,
64
+ :attack_type => @rule['attack_type'], # for signal
62
65
  :test => test,
66
+ :block => @rule['block'], # for signal
63
67
  :time => at,
64
68
  }
65
69
  if payload_tpl.include?('context')
data/lib/sqreen/rules/run_req_start_actions.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # typed: ignore
2
+
1
3
  # Copyright (c) 2015 Sqreen. All Rights Reserved.
2
4
  # Please refer to our terms for more information: https://www.sqreen.com/terms.html
3
5
 
@@ -62,7 +64,7 @@ module Sqreen
62
64
 
63
65
  # @return [Sqreen::Actions::Repository]
64
66
  def actions_repo
65
- Sqreen::Actions::Repository.instance
67
+ Sqreen::Actions::Repository.current
66
68
  end
67
69
  end
68
70
  end
data/lib/sqreen/rules/run_user_actions.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # typed: true
2
+
1
3
  # Copyright (c) 2015 Sqreen. All Rights Reserved.
2
4
  # Please refer to our terms for more information: https://www.sqreen.com/terms.html
3
5
 
@@ -28,7 +30,7 @@ module Sqreen
28
30
 
29
31
  # @return [Sqreen::Actions::Repository]
30
32
  def actions_repo
31
- Sqreen::Actions::Repository.instance
33
+ Sqreen::Actions::Repository.current
32
34
  end
33
35
  end
34
36
  end
data/lib/sqreen/rules/shell_env_cb.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # typed: ignore
2
+
1
3
  # Copyright (c) 2015 Sqreen. All Rights Reserved.
2
4
  # Please refer to our terms for more information: https://www.sqreen.com/terms.html
3
5
 
data/lib/sqreen/rules/signup_track_cb.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # typed: ignore
2
+
1
3
  # Copyright (c) 2015 Sqreen. All Rights Reserved.
2
4
  # Please refer to our terms for more information: https://www.sqreen.com/terms.html
3
5
 
data/lib/sqreen/rules/update_request_context.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # typed: ignore
2
+
1
3
  # Copyright (c) 2015 Sqreen. All Rights Reserved.
2
4
  # Please refer to our terms for more information: https://www.sqreen.com/terms.html
3
5
 
data/lib/sqreen/rules/url_matches_cb.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # typed: ignore
2
+
1
3
  # Copyright (c) 2015 Sqreen. All Rights Reserved.
2
4
  # Please refer to our terms for more information: https://www.sqreen.com/terms.html
3
5
 
data/lib/sqreen/rules/user_agent_matches_cb.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # typed: ignore
2
+
1
3
  # Copyright (c) 2015 Sqreen. All Rights Reserved.
2
4
  # Please refer to our terms for more information: https://www.sqreen.com/terms.html
3
5
 
data/lib/sqreen/rules/waf_cb.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # typed: ignore
2
+
1
3
  # Copyright (c) 2015 Sqreen. All Rights Reserved.
2
4
  # Please refer to our terms for more information: https://www.sqreen.com/terms.html
3
5
 
@@ -9,11 +11,15 @@ require 'sqreen/safe_json'
9
11
  require 'sqreen/exception'
10
12
  require 'sqreen/util/capper'
11
13
  require 'sqreen/dependency/libsqreen'
14
+ require 'sqreen/encoding_sanitizer'
12
15
 
13
16
  module Sqreen
14
17
  module Rules
15
18
  class WAFCB < RuleCB
16
- BUDGET_MAX = 5
19
+ # 2^30 -1 or 2^62 -1
20
+ MAX_FIXNUM = 1.size == 4 ? 1_073_741_823 : 4_611_686_018_427_387_903
21
+ # will be converted to a long, so better not to overflow
22
+ INFINITE_BUDGET_US = MAX_FIXNUM
17
23
 
18
24
  def self.libsqreen?
19
25
  Sqreen::Dependency::LibSqreen.required?
@@ -23,7 +29,7 @@ module Sqreen
23
29
  Sqreen::Dependency.const_exist?('LibSqreen::WAF')
24
30
  end
25
31
 
26
- attr_reader :binding_accessors, :budget, :waf_rule_name
32
+ attr_reader :binding_accessors, :max_run_budget_us, :waf_rule_name
27
33
 
28
34
  def initialize(*args)
29
35
  super(*args)
@@ -52,8 +58,12 @@ module Sqreen
52
58
  @binding_accessors = @data['values'].fetch('binding_accessors', []).each_with_object({}) do |e, h|
53
59
  h[e] = BindingAccessor.new(e)
54
60
  end
55
- @budget = (@data['values'].fetch('budget_in_ms', nil) || BUDGET_MAX) * 1000
56
- Sqreen.log.debug("WAF budget for #{@waf_rule_name} set to #{@budget}us")
61
+
62
+ # 0 for using defaults (PW_RUN_TIMEOUT)
63
+ @max_run_budget_us = (@data['values'].fetch('budget_in_ms', 0) * 1000).to_i
64
+ @max_run_budget_us = INFINITE_BUDGET_US if @max_run_budget_us >= INFINITE_BUDGET_US
65
+
66
+ Sqreen.log.debug { "Max WAF run budget for #{@waf_rule_name} set to #{@max_run_budget_us} us" }
57
67
 
58
68
  ObjectSpace.define_finalizer(self, WAFCB.finalizer(@waf_rule_name.dup))
59
69
  end
@@ -66,20 +76,32 @@ module Sqreen
66
76
 
67
77
  env = [binding, framework, instance, args]
68
78
 
79
+ start = Sqreen.time if budget
80
+
69
81
  capper = Sqreen::Util::Capper.new(string_size_cap: 4096, size_cap: 150, depth_cap: 10)
70
82
  waf_args = binding_accessors.each_with_object({}) do |(e, b), h|
71
83
  h[e] = capper.call(b.resolve(*env))
72
84
  end
73
85
  waf_args = Sqreen::EncodingSanitizer.sanitize(waf_args)
74
- waf_budget = [self.budget, budget && budget * 1_000_000].compact.min.to_i
75
- action, data = ::LibSqreen::WAF.run(waf_rule_name, waf_args, waf_budget)
86
+
87
+ if budget
88
+ rem_budget_s = budget - (Sqreen.time - start)
89
+ return advise_action(nil) if rem_budget_s <= 0.0
90
+
91
+ waf_gen_budget_us = [(rem_budget_s * 1_000_000).to_i, MAX_FIXNUM].min
92
+ else # no budget
93
+ waf_gen_budget_us = INFINITE_BUDGET_US
94
+ end
95
+
96
+ action, data = ::LibSqreen::WAF.run(waf_rule_name, waf_args,
97
+ waf_gen_budget_us, @max_run_budget_us)
76
98
 
77
99
  case action
78
100
  when :monitor
79
- record_event({ 'waf_data' => data })
101
+ record_event({ waf_data: data })
80
102
  advise_action(nil)
81
103
  when :block
82
- record_event({ 'waf_data' => data })
104
+ record_event({ waf_data: data })
83
105
  advise_action(:raise)
84
106
  when :good
85
107
  advise_action(nil)
@@ -110,20 +132,23 @@ module Sqreen
110
132
  end
111
133
 
112
134
  def record_exception(exception, infos = {}, at = Time.now.utc)
113
- infos.merge!(exception_to_infos(exception)) if exception.is_a?(Sqreen::WAFError)
135
+ infos.merge!(waf_infos(exception)) if exception.is_a?(Sqreen::WAFError)
114
136
  super(exception, infos, at)
115
137
  end
116
138
 
117
139
  private
118
140
 
119
- def exception_to_infos(e)
141
+ # see https://github.com/sqreen/TechDoc/blob/master/content/specs/spec000016-waf-integration.md#error-management
142
+ def waf_infos(e)
120
143
  {
121
- waf_rule: e.rule_name,
122
- error_code: ERROR_CODES[e.error],
123
- }.tap do |r|
124
- r[:error_data] = e.data if e.data
125
- r[:args] = e.args if e.args
126
- end
144
+ waf: {
145
+ waf_rule: e.rule_name,
146
+ error_code: ERROR_CODES[e.error],
147
+ }.tap do |r|
148
+ r[:error_data] = e.data if e.data
149
+ r[:args] = e.args if e.arg
150
+ end,
151
+ }
127
152
  end
128
153
 
129
154
  ERROR_CODES = {
data/lib/sqreen/rules/xss_cb.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # typed: ignore
2
+
1
3
  # Copyright (c) 2015 Sqreen. All Rights Reserved.
2
4
  # Please refer to our terms for more information: https://www.sqreen.com/terms.html
3
5
 
data/lib/sqreen/run_when_called_cb.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # typed: true
2
+
1
3
  # Copyright (c) 2015 Sqreen. All Rights Reserved.
2
4
  # Please refer to our terms for more information: https://www.sqreen.com/terms.html
3
5
 
data/lib/sqreen/runner.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # typed: ignore
2
+
1
3
  # Copyright (c) 2015 Sqreen. All Rights Reserved.
2
4
  # Please refer to our terms for more information: https://www.sqreen.com/terms.html
3
5
 
@@ -18,8 +20,10 @@ require 'sqreen/deliveries/simple'
18
20
  require 'sqreen/deliveries/batch'
19
21
  require 'sqreen/performance_notifications/metrics'
20
22
  require 'sqreen/performance_notifications/binned_metrics'
21
- require 'sqreen/instrumentation'
23
+ require 'sqreen/legacy/instrumentation'
22
24
  require 'sqreen/call_countable'
25
+ require 'sqreen/weave/legacy/instrumentation'
26
+ require 'sqreen/kit/configuration'
23
27
 
24
28
  module Sqreen
25
29
  @features = {}
@@ -34,6 +38,8 @@ module Sqreen
34
38
  PERF_METRICS_PERIOD = 60 # 1 min
35
39
  DEFAULT_PERF_LEVEL = 0 # disabled
36
40
 
41
+ DEFAULT_USE_SIGNALS = false
42
+
37
43
  class << self
38
44
  attr_reader :features
39
45
  def update_features(features)
@@ -84,7 +90,9 @@ module Sqreen
84
90
 
85
91
  attr_accessor :heartbeat_delay
86
92
  attr_accessor :metrics_engine
93
+ # @return [Sqreen::Deliveries::Simple]
87
94
  attr_reader :deliverer
95
+ # @return [Sqreen::Session]
88
96
  attr_reader :session
89
97
  attr_reader :instrumenter
90
98
  attr_accessor :running
@@ -108,16 +116,30 @@ module Sqreen
108
116
  @token = @configuration.get(:token)
109
117
  @app_name = @configuration.get(:app_name)
110
118
  @url = @configuration.get(:url)
119
+ @proxy_url = @configuration.get(:proxy_url)
111
120
  Sqreen.update_whitelisted_paths([])
112
121
  Sqreen.update_whitelisted_ips({})
113
122
  Sqreen.update_performance_budget(nil)
114
123
  raise(Sqreen::Exception, 'no url found') unless @url
115
124
  raise(Sqreen::TokenNotFoundException, 'no token found') unless @token
116
125
 
126
+ Sqreen::Kit::Configuration.logger = Sqreen.log
127
+ Sqreen::Kit::Configuration.ingestion_url = @configuration.get(:ingestion_url)
128
+ Sqreen::Kit::Configuration.proxy_url = @configuration.get(:proxy_url)
129
+
117
130
  register_exit_cb if set_at_exit
118
131
 
119
132
  self.metrics_engine = MetricsStore.new
120
- @instrumenter = Instrumentation.new(metrics_engine)
133
+
134
+ needs_weave = proc do
135
+ Gem::Specification.select { |s| s.name == 'scout_apm' && Gem::Requirement.new('>= 2.5.2').satisfied_by?(Gem::Version.new(s.version)) }.any?
136
+ end
137
+
138
+ if @configuration.get(:weave) || needs_weave.call
139
+ @instrumenter = Sqreen::Weave::Legacy::Instrumentation.new(metrics_engine)
140
+ else
141
+ @instrumenter = Sqreen::Legacy::Instrumentation.new(metrics_engine)
142
+ end
121
143
 
122
144
  Sqreen.log.debug "Using token #{@token}"
123
145
  response = create_session(session_class)
@@ -130,7 +152,7 @@ module Sqreen
130
152
  Sqreen.log.debug do
131
153
  "Override initial features with #{conf_features.inspect}"
132
154
  end
133
- wanted_features = conf_features
155
+ wanted_features = wanted_features.merge(conf_features)
134
156
  rescue
135
157
  Sqreen.log.warn do
136
158
  "NOT using invalid inital features #{conf_initial_features}"
@@ -149,7 +171,7 @@ module Sqreen
149
171
  end
150
172
 
151
173
  def create_session(session_class)
152
- @session = session_class.new(@url, @token, @app_name)
174
+ @session = session_class.new(@url, @token, @app_name, @proxy_url)
153
175
  session.login(@framework)
154
176
  end
155
177
 
@@ -158,8 +180,18 @@ module Sqreen
158
180
  @deliverer = new_deliverer
159
181
  end
160
182
 
161
- def batch_events(batch_size, max_staleness = nil)
183
+ def batch_events(batch_size, max_staleness = nil, use_signals = false)
162
184
  size = batch_size.to_i
185
+
186
+ if size <= 1 && use_signals
187
+ Sqreen.log.warn do
188
+ "Using signals with no delivery batching is unsupported. " \
189
+ "Using instead batching with batch size = 30, max_staleness = 60"
190
+ end
191
+ size = 30
192
+ max_staleness = 60
193
+ end
194
+
163
195
  self.deliverer = if size < 1
164
196
  Deliveries::Simple.new(session)
165
197
  else
@@ -235,7 +267,7 @@ module Sqreen
235
267
  def remove_instrumentation(_context_infos = {})
236
268
  Sqreen.log.debug 'Removing instrumentation'
237
269
  instrumenter.remove_all_callbacks
238
- Sqreen::Actions::Repository.instance.clear
270
+ Sqreen::Actions::Repository.clear
239
271
  Sqreen.log.debug 'Instrumentation removed'
240
272
  true
241
273
  end
@@ -244,7 +276,6 @@ module Sqreen
244
276
  Sqreen.log.debug 'Reloading rules'
245
277
  rulespack_id, rules = load_rules
246
278
  instrumenter.remove_all_callbacks
247
- Sqreen::Actions::Repository.instance.clear
248
279
 
249
280
  @framework.instrument_when_ready!(instrumenter, rules)
250
281
  Sqreen.log.debug 'Rules reloaded'
@@ -290,31 +321,55 @@ module Sqreen
290
321
  def do_heartbeat
291
322
  @last_heartbeat_request = Time.now
292
323
  @next_metrics.concat(metrics_engine.publish(false)) if metrics_engine
293
- res = session.heartbeat(next_command_results, next_metrics)
324
+ metrics_in_hb = use_signals? ? nil : next_metrics
325
+
326
+ res = session.heartbeat(next_command_results, metrics_in_hb)
294
327
  next_command_results.clear
328
+
329
+ deliver_metrics_as_event if use_signals?
295
330
  next_metrics.clear
331
+
296
332
  process_commands(res['commands'])
297
333
  end
298
334
 
335
+ def deliver_metrics_as_event
336
+ # this is disastrous withe simple delivery strategy,
337
+ # as each aggregated metric would trigger an http request
338
+ # Sending of metrics is therefore not supported with simple delivery strategy
339
+ # TODO: Confirm that only batch is used in production
340
+ next_metrics.each { |x| deliverer.post_event(x) }
341
+ end
342
+
299
343
  def features(_context_infos = {})
300
344
  Sqreen.features
301
345
  end
302
346
 
347
+ def use_signals?
348
+ features.fetch('use_signals', DEFAULT_USE_SIGNALS)
349
+ end
350
+
303
351
  def features=(features)
304
352
  Sqreen.update_features(features)
305
353
  session.request_compression = features['request_compression'] if session
354
+ session.use_signals = use_signals?
306
355
  self.performance_metrics_period = features['performance_metrics_period']
356
+
357
+ unless @configuration.get(:weave)
358
+
307
359
  config_binned_metrics(features['perf_level'] || DEFAULT_PERF_LEVEL,
308
360
  features['perf_base'] || PerformanceNotifications::BinnedMetrics::DEFAULT_PERF_BASE,
309
361
  features['perf_unit'] || PerformanceNotifications::BinnedMetrics::DEFAULT_PERF_UNIT,
310
362
  features['perf_pct_base'] || PerformanceNotifications::BinnedMetrics::DEFAULT_PERF_PCT_BASE,
311
363
  features['perf_pct_unit'] || PerformanceNotifications::BinnedMetrics::DEFAULT_PERF_PCT_UNIT,
312
364
  )
365
+
366
+ end
367
+
313
368
  self.call_counts_metrics_period = features['call_counts_metrics_period']
314
369
  hd = features['heartbeat_delay'].to_i
315
370
  self.heartbeat_delay = hd if hd > 0
316
371
  return if features['batch_size'].nil?
317
- batch_events(features['batch_size'], features['max_staleness'])
372
+ batch_events(features['batch_size'], features['max_staleness'], use_signals?)
318
373
  end
319
374
 
320
375
  def change_whitelisted_paths(paths, _context_infos = {})
@@ -456,13 +511,12 @@ module Sqreen
456
511
  def load_actions(hashes)
457
512
  unsupported = Set.new
458
513
 
459
- repos = Sqreen::Actions::Repository.instance
460
- repos.clear
514
+ new_repos = Sqreen::Actions::Repository.new
461
515
 
462
516
  actions = hashes.map do |h|
463
517
  begin
464
518
  act = Sqreen::Actions.deserialize_action(h)
465
- repos.add h['parameters'], act
519
+ new_repos.add h['parameters'], act
466
520
  act
467
521
  rescue Sqreen::Actions::UnknownActionType => e
468
522
  Sqreen.log.warn("Unsupported action type: #{e.action_type}")
@@ -476,6 +530,8 @@ module Sqreen
476
530
  actions = actions.reject(&:nil?)
477
531
  Sqreen.log.debug("Added #{actions.size} valid actions")
478
532
 
533
+ Sqreen::Actions::Repository.current = new_repos
534
+
479
535
  unsupported
480
536
  end
481
537
  end
data/lib/sqreen/runtime_infos.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # typed: ignore
2
+
1
3
  # Copyright (c) 2015 Sqreen. All Rights Reserved.
2
4
  # Please refer to our terms for more information: https://www.sqreen.com/terms.html
3
5
 
data/lib/sqreen/safe_json.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # typed: true
2
+
1
3
  # Copyright (c) 2015 Sqreen. All Rights Reserved.
2
4
  # Please refer to our terms for more information: https://www.sqreen.com/terms.html
3
5
 
data/lib/sqreen/sdk.rb CHANGED
@@ -1,6 +1,10 @@
1
+ # typed: ignore
2
+
1
3
  # Copyright (c) 2015 Sqreen. All Rights Reserved.
2
4
  # Please refer to our terms for more information: https://www.sqreen.com/terms.html
3
5
 
6
+ require 'sqreen/frameworks'
7
+
4
8
  # Sqreen Namespace
5
9
  module Sqreen
6
10