dd-trace 2.32.0 → 2.34.0

package/packages/dd-trace/src/appsec/iast/vulnerability-reporter.js

@@ -1,5 +1,6 @@
 const { MANUAL_KEEP } = require('../../../../../ext/tags')
 const LRU = require('lru-cache')
+const vulnerabilitiesFormatter = require('./vulnerabilities-formatter')
 const VULNERABILITIES_KEY = 'vulnerabilities'
 const IAST_JSON_TAG_KEY = '_dd.iast.json'
 const VULNERABILITY_HASHES_MAX_SIZE = 1000
@@ -60,57 +61,6 @@ function isValidVulnerability (vulnerability) {
     vulnerability.location && vulnerability.location.spanId
 }
 
-function formatEvidence (evidence, sourcesIndexes) {
-  if (!evidence.ranges) {
-    return { value: evidence.value }
-  }
-
-  const valueParts = []
-  let fromIndex = 0
-  evidence.ranges.forEach((range, rangeIndex) => {
-    if (fromIndex < range.start) {
-      valueParts.push({ value: evidence.value.substring(fromIndex, range.start) })
-    }
-    valueParts.push({ value: evidence.value.substring(range.start, range.end), source: sourcesIndexes[rangeIndex] })
-    fromIndex = range.end
-  })
-  if (fromIndex < evidence.value.length) {
-    valueParts.push({ value: evidence.value.substring(fromIndex) })
-  }
-  return { valueParts }
-}
-
-function extractSourcesFromVulnerability (vulnerability) {
-  if (!vulnerability.evidence.ranges) {
-    return []
-  }
-  return vulnerability.evidence.ranges.map(range => (
-    {
-      origin: range.iinfo.type,
-      name: range.iinfo.parameterName,
-      value: range.iinfo.parameterValue
-    }
-  ))
-}
-
-function jsonVulnerabilityFromVulnerability (vulnerability, sourcesIndexes) {
-  const jsonVulnerability = {
-    type: vulnerability.type,
-    hash: vulnerability.hash,
-    evidence: formatEvidence(vulnerability.evidence, sourcesIndexes),
-    location: {
-      spanId: vulnerability.location.spanId
-    }
-  }
-  if (vulnerability.location.path) {
-    jsonVulnerability.location.path = vulnerability.location.path
-  }
-  if (vulnerability.location.line) {
-    jsonVulnerability.location.line = vulnerability.location.line
-  }
-  return jsonVulnerability
-}
-
 function sendVulnerabilities (vulnerabilities, rootSpan) {
   if (vulnerabilities && vulnerabilities.length) {
     let span = rootSpan
@@ -124,31 +74,8 @@ function sendVulnerabilities (vulnerabilities, rootSpan) {
     }
 
     if (span && span.addTags) {
-      const jsonToSend = {
-        sources: [],
-        vulnerabilities: []
-      }
-
-      deduplicateVulnerabilities(vulnerabilities).forEach((vulnerability) => {
-        if (isValidVulnerability(vulnerability)) {
-          const sourcesIndexes = []
-          const vulnerabilitySources = extractSourcesFromVulnerability(vulnerability)
-          vulnerabilitySources.forEach((source) => {
-            let sourceIndex = jsonToSend.sources.findIndex(
-              existingSource =>
-                existingSource.origin === source.origin &&
-                existingSource.name === source.name &&
-                existingSource.value === source.value
-            )
-            if (sourceIndex === -1) {
-              sourceIndex = jsonToSend.sources.length
-              jsonToSend.sources.push(source)
-            }
-            sourcesIndexes.push(sourceIndex)
-          })
-          jsonToSend.vulnerabilities.push(jsonVulnerabilityFromVulnerability(vulnerability, sourcesIndexes))
-        }
-      })
+      const validAndDedupVulnerabilities = deduplicateVulnerabilities(vulnerabilities).filter(isValidVulnerability)
+      const jsonToSend = vulnerabilitiesFormatter.toJson(validAndDedupVulnerabilities)
 
       if (jsonToSend.vulnerabilities.length > 0) {
         const tags = {}
@@ -194,6 +121,7 @@ function deduplicateVulnerabilities (vulnerabilities) {
 
 function start (config, _tracer) {
   deduplicationEnabled = config.iast.deduplicationEnabled
+  vulnerabilitiesFormatter.setRedactVulnerabilities(config.iast.redactionEnabled)
   if (deduplicationEnabled) {
     startClearCacheTimer()
   }

package/packages/dd-trace/src/config.js

@@ -2,13 +2,15 @@
 
 const fs = require('fs')
 const os = require('os')
+const uuid = require('crypto-randomuuid')
 const URL = require('url').URL
 const log = require('./log')
 const pkg = require('./pkg')
 const coalesce = require('koalas')
 const tagger = require('./tagger')
 const { isTrue, isFalse } = require('./util')
-const uuid = require('crypto-randomuuid')
+const { GIT_REPOSITORY_URL, GIT_COMMIT_SHA } = require('./plugins/util/tags')
+const { getGitMetadataFromGitProperties } = require('./git_properties')
 
 const fromEntries = Object.fromEntries || (entries =>
   entries.reduce((obj, [k, v]) => Object.assign(obj, { [k]: v }), {}))
@@ -31,19 +33,6 @@ function safeJsonParse (input) {
   }
 }
 
-const namingVersions = ['v0', 'v1']
-const defaultVersion = 'v0'
-
-function validateNamingVersion (versionString) {
-  if (!namingVersions.includes(versionString)) {
-    log.warn(
-      `Unexpected input for config.spanAttributeSchema, picked default ${defaultVersion}`
-    )
-    return defaultVersion
-  }
-  return versionString
-}
-
 // Shallow clone with property name remapping
 function remapify (input, mappings) {
   if (!input) return
@@ -169,6 +158,8 @@ class Config {
       process.env.DD_SERVICE_NAME ||
       this.tags.service ||
       process.env.AWS_LAMBDA_FUNCTION_NAME ||
+      process.env.FUNCTION_NAME || // Google Cloud Function Name set by deprecated runtimes
+      process.env.K_SERVICE || // Google Cloud Function Name set by newer runtimes
       pkg.name ||
       'node'
     const DD_SERVICE_MAPPING = coalesce(
@@ -193,9 +184,18 @@ class Config {
       process.env.DD_TRACE_STARTUP_LOGS,
       false
     )
+
+    const inAWSLambda = process.env.AWS_LAMBDA_FUNCTION_NAME !== undefined
+
+    const isDeprecatedGCPFunction = process.env.FUNCTION_NAME !== undefined && process.env.GCP_PROJECT !== undefined
+    const isNewerGCPFunction = process.env.K_SERVICE !== undefined && process.env.FUNCTION_TARGET !== undefined
+    const isGCPFunction = isDeprecatedGCPFunction || isNewerGCPFunction
+
+    const inServerlessEnvironment = inAWSLambda || isGCPFunction
+
     const DD_TRACE_TELEMETRY_ENABLED = coalesce(
       process.env.DD_TRACE_TELEMETRY_ENABLED,
-      !process.env.AWS_LAMBDA_FUNCTION_NAME
+      !inServerlessEnvironment
     )
     const DD_TELEMETRY_DEBUG_ENABLED = coalesce(
       process.env.DD_TELEMETRY_DEBUG_ENABLED,
@@ -270,9 +270,7 @@ class Config {
       process.env.DD_TRACE_EXPERIMENTAL_GET_RUM_DATA_ENABLED,
       false
     )
-    const DD_TRACE_SPAN_ATTRIBUTE_SCHEMA = validateNamingVersion(
-      process.env.DD_TRACE_SPAN_ATTRIBUTE_SCHEMA
-    )
+
     const DD_TRACE_X_DATADOG_TAGS_MAX_LENGTH = coalesce(
       process.env.DD_TRACE_X_DATADOG_TAGS_MAX_LENGTH,
       '512'
@@ -281,7 +279,7 @@ class Config {
     const DD_TRACE_STATS_COMPUTATION_ENABLED = coalesce(
       options.stats,
       process.env.DD_TRACE_STATS_COMPUTATION_ENABLED,
-      false
+      isGCPFunction
     )
 
     const DD_TRACE_128_BIT_TRACEID_GENERATION_ENABLED = coalesce(
@@ -348,12 +346,10 @@ ken|consumer_?(?:id|key|secret)|sign(?:ed|ature)?|auth(?:entication|orization)?)
       maybeFile(process.env.DD_APPSEC_HTTP_BLOCKED_TEMPLATE_JSON)
     )
 
-    const inAWSLambda = process.env.AWS_LAMBDA_FUNCTION_NAME !== undefined
-
     const remoteConfigOptions = options.remoteConfig || {}
     const DD_REMOTE_CONFIGURATION_ENABLED = coalesce(
       process.env.DD_REMOTE_CONFIGURATION_ENABLED && isTrue(process.env.DD_REMOTE_CONFIGURATION_ENABLED),
-      !inAWSLambda
+      !inServerlessEnvironment
     )
     const DD_REMOTE_CONFIG_POLL_INTERVAL_SECONDS = coalesce(
       parseInt(remoteConfigOptions.pollInterval),
@@ -400,11 +396,22 @@ ken|consumer_?(?:id|key|secret)|sign(?:ed|ature)?|auth(?:entication|orization)?)
       true
     )
 
+    const DD_IAST_REDACTION_ENABLED = coalesce(
+      iastOptions && iastOptions.redactionEnabled,
+      !isFalse(process.env.DD_IAST_REDACTION_ENABLED),
+      true
+    )
+
     const DD_CIVISIBILITY_GIT_UPLOAD_ENABLED = coalesce(
       process.env.DD_CIVISIBILITY_GIT_UPLOAD_ENABLED,
       true
     )
 
+    const DD_TRACE_GIT_METADATA_ENABLED = coalesce(
+      process.env.DD_TRACE_GIT_METADATA_ENABLED,
+      true
+    )
+
     const ingestion = options.ingestion || {}
     const dogstatsd = coalesce(options.dogstatsd, {})
     const sampler = {
@@ -436,7 +443,7 @@ ken|consumer_?(?:id|key|secret)|sign(?:ed|ature)?|auth(?:entication|orization)?)
       })
     }
 
-    const defaultFlushInterval = inAWSLambda ? 0 : 2000
+    const defaultFlushInterval = inServerlessEnvironment ? 0 : 2000
 
     this.tracing = !isFalse(DD_TRACING_ENABLED)
     this.dbmPropagationMode = DD_DBM_PROPAGATION_MODE
@@ -479,7 +486,6 @@ ken|consumer_?(?:id|key|secret)|sign(?:ed|ature)?|auth(?:entication|orization)?)
       sourceMap: !isFalse(DD_PROFILING_SOURCE_MAP),
       exporters: DD_PROFILING_EXPORTERS
     }
-    this.spanAttributeSchema = DD_TRACE_SPAN_ATTRIBUTE_SCHEMA
     this.lookup = options.lookup
     this.startupLogs = isTrue(DD_TRACE_STARTUP_LOGS)
     // Disabled for CI Visibility's agentless
@@ -510,7 +516,8 @@ ken|consumer_?(?:id|key|secret)|sign(?:ed|ature)?|auth(?:entication|orization)?)
       requestSampling: DD_IAST_REQUEST_SAMPLING,
       maxConcurrentRequests: DD_IAST_MAX_CONCURRENT_REQUESTS,
       maxContextOperations: DD_IAST_MAX_CONTEXT_OPERATIONS,
-      deduplicationEnabled: DD_IAST_DEDUPLICATION_ENABLED
+      deduplicationEnabled: DD_IAST_DEDUPLICATION_ENABLED,
+      redactionEnabled: DD_IAST_REDACTION_ENABLED
     }
 
     this.isCiVisibility = isTrue(DD_IS_CIVISIBILITY)
@@ -519,6 +526,31 @@ ken|consumer_?(?:id|key|secret)|sign(?:ed|ature)?|auth(?:entication|orization)?)
     this.isGitUploadEnabled = this.isCiVisibility &&
       (this.isIntelligentTestRunnerEnabled && !isFalse(DD_CIVISIBILITY_GIT_UPLOAD_ENABLED))
 
+    this.gitMetadataEnabled = isTrue(DD_TRACE_GIT_METADATA_ENABLED)
+
+    if (this.gitMetadataEnabled) {
+      this.repositoryUrl = coalesce(
+        process.env.DD_GIT_REPOSITORY_URL,
+        this.tags[GIT_REPOSITORY_URL]
+      )
+      this.commitSHA = coalesce(
+        process.env.DD_GIT_COMMIT_SHA,
+        this.tags[GIT_COMMIT_SHA]
+      )
+      if (!this.repositoryUrl || !this.commitSHA) {
+        const DD_GIT_PROPERTIES_FILE = coalesce(
+          process.env.DD_GIT_PROPERTIES_FILE,
+          `${process.cwd()}/git.properties`
+        )
+        const gitPropertiesString = maybeFile(DD_GIT_PROPERTIES_FILE)
+        if (gitPropertiesString) {
+          const { commitSHA, repositoryUrl } = getGitMetadataFromGitProperties(gitPropertiesString)
+          this.commitSHA = this.commitSHA || commitSHA
+          this.repositoryUrl = this.repositoryUrl || repositoryUrl
+        }
+      }
+    }
+
     this.stats = {
       enabled: isTrue(DD_TRACE_STATS_COMPUTATION_ENABLED)
     }
@@ -526,6 +558,8 @@ ken|consumer_?(?:id|key|secret)|sign(?:ed|ature)?|auth(?:entication|orization)?)
     this.traceId128BitGenerationEnabled = isTrue(DD_TRACE_128_BIT_TRACEID_GENERATION_ENABLED)
     this.traceId128BitLoggingEnabled = isTrue(DD_TRACE_128_BIT_TRACEID_LOGGING_ENABLED)
 
+    this.isGCPFunction = isGCPFunction
+
     tagger.add(this.tags, {
       service: this.service,
       env: this.env,

package/packages/dd-trace/src/constants.js

@@ -25,5 +25,7 @@ module.exports = {
   ERROR_MESSAGE: 'error.message',
   ERROR_STACK: 'error.stack',
   COMPONENT: 'component',
-  CLIENT_PORT_KEY: 'network.destination.port'
+  CLIENT_PORT_KEY: 'network.destination.port',
+  SCI_REPOSITORY_URL: '_dd.git.repository_url',
+  SCI_COMMIT_SHA: '_dd.git.commit.sha'
 }

package/packages/dd-trace/src/encode/agentless-ci-visibility.js

@@ -129,12 +129,17 @@ class AgentlessCiVisibilityEncoder extends AgentEncoder {
   _encodeEventContent (bytes, content) {
     const keysLength = Object.keys(content).length
 
+    let totalKeysLength = keysLength
     if (content.meta.test_session_id) {
-      this._encodeMapPrefix(bytes, keysLength + 3)
-    } else {
-      this._encodeMapPrefix(bytes, keysLength)
+      totalKeysLength = totalKeysLength + 1
     }
-
+    if (content.meta.test_module_id) {
+      totalKeysLength = totalKeysLength + 1
+    }
+    if (content.meta.test_suite_id) {
+      totalKeysLength = totalKeysLength + 1
+    }
+    this._encodeMapPrefix(bytes, totalKeysLength)
     if (content.type) {
       this._encodeString(bytes, 'type')
       this._encodeString(bytes, content.type)
@@ -170,15 +175,20 @@ class AgentlessCiVisibilityEncoder extends AgentEncoder {
       this._encodeString(bytes, 'test_session_id')
       this._encodeId(bytes, id(content.meta.test_session_id, 10))
       delete content.meta.test_session_id
+    }
 
+    if (content.meta.test_module_id) {
       this._encodeString(bytes, 'test_module_id')
       this._encodeId(bytes, id(content.meta.test_module_id, 10))
       delete content.meta.test_module_id
+    }
 
+    if (content.meta.test_suite_id) {
       this._encodeString(bytes, 'test_suite_id')
       this._encodeId(bytes, id(content.meta.test_suite_id, 10))
       delete content.meta.test_suite_id
     }
+
     this._encodeString(bytes, 'meta')
     this._encodeMap(bytes, content.meta)
     this._encodeString(bytes, 'metrics')

package/packages/dd-trace/src/git_metadata_tagger.js

@@ -0,0 +1,17 @@
+const { SCI_COMMIT_SHA, SCI_REPOSITORY_URL } = require('./constants')
+
+class GitMetadataTagger {
+  constructor (config) {
+    this._config = config
+  }
+
+  tagGitMetadata (spanContext) {
+    if (this._config.gitMetadataEnabled) {
+      // These tags are added only to the local root span
+      spanContext._trace.tags[SCI_COMMIT_SHA] = this._config.commitSHA
+      spanContext._trace.tags[SCI_REPOSITORY_URL] = this._config.repositoryUrl
+    }
+  }
+}
+
+module.exports = GitMetadataTagger

package/packages/dd-trace/src/git_properties.js

@@ -0,0 +1,32 @@
+const commitSHARegex = /git\.commit\.sha=([a-f\d]{40})/
+const repositoryUrlRegex = /git\.repository_url=([\w\d:@/.-]+)/
+
+function getGitMetadataFromGitProperties (gitPropertiesString) {
+  if (!gitPropertiesString) {
+    return {}
+  }
+  const commitSHAMatch = gitPropertiesString.match(commitSHARegex)
+  const repositoryUrlMatch = gitPropertiesString.match(repositoryUrlRegex)
+
+  const repositoryUrl = repositoryUrlMatch ? repositoryUrlMatch[1] : undefined
+  let parsedUrl = repositoryUrl
+
+  if (repositoryUrl) {
+    try {
+      // repository URLs can contain username and password, so we want to filter those out
+      parsedUrl = new URL(repositoryUrl)
+      if (parsedUrl.password) {
+        parsedUrl = `${parsedUrl.origin}${parsedUrl.pathname}`
+      }
+    } catch (e) {
+      // if protocol isn't https, no password will be used
+    }
+  }
+
+  return {
+    commitSHA: commitSHAMatch ? commitSHAMatch[1] : undefined,
+    repositoryUrl: parsedUrl
+  }
+}
+
+module.exports = { getGitMetadataFromGitProperties }

package/packages/dd-trace/src/plugin_manager.js

@@ -4,7 +4,6 @@ const { channel } = require('../../diagnostics_channel')
 const { isFalse } = require('./util')
 const plugins = require('./plugins')
 const log = require('./log')
-const Nomenclature = require('./service-naming')
 
 const loadChannel = channel('dd-trace:instrumentation:load')
 
@@ -97,7 +96,6 @@ module.exports = class PluginManager {
   // like instrumenter.enable()
   configure (config = {}) {
     this._tracerConfig = config
-    Nomenclature.configure(config)
 
     for (const name in pluginClasses) {
       this.loadPlugin(name)

package/packages/dd-trace/src/plugins/client.js

@@ -1,10 +1,9 @@
 'use strict'
 
-const OutboundPlugin = require('./outbound')
+const OutgoingPlugin = require('./outgoing')
 
-class ClientPlugin extends OutboundPlugin {
+class ClientPlugin extends OutgoingPlugin {
   static get operation () { return 'request' }
-  static get kind () { return 'client' }
 }
 
 module.exports = ClientPlugin

package/packages/dd-trace/src/plugins/consumer.js

@@ -1,24 +1,9 @@
 'use strict'
 
-const InboundPlugin = require('./inbound')
+const IncomingPlugin = require('./incoming')
 
-class ConsumerPlugin extends InboundPlugin {
+class ConsumerPlugin extends IncomingPlugin {
   static get operation () { return 'receive' }
-  static get kind () { return 'consumer' }
-  static get type () { return 'messaging' }
-
-  startSpan (options) {
-    const spanDefaults = {
-      service: this.config.service || this.serviceName(),
-      kind: this.constructor.kind
-    }
-    Object.keys(spanDefaults).forEach(
-      key => {
-        if (!options[key]) options[key] = spanDefaults[key]
-      }
-    )
-    return super.startSpan(this.operationName(), options)
-  }
 }
 
 module.exports = ConsumerPlugin

package/packages/dd-trace/src/plugins/incoming.js

@@ -0,0 +1,7 @@
+'use strict'
+
+const TracingPlugin = require('./tracing')
+
+class IncomingPlugin extends TracingPlugin {}
+
+module.exports = IncomingPlugin

package/packages/dd-trace/src/plugins/{outbound.js → outgoing.js}

@@ -4,7 +4,7 @@ const { CLIENT_PORT_KEY } = require('../constants')
 const TracingPlugin = require('./tracing')
 
 // TODO: Exit span on finish when AsyncResource instances are removed.
-class OutboundPlugin extends TracingPlugin {
+class OutgoingPlugin extends TracingPlugin {
   constructor (...args) {
     super(...args)
 
@@ -29,4 +29,4 @@ class OutboundPlugin extends TracingPlugin {
   }
 }
 
-module.exports = OutboundPlugin
+module.exports = OutgoingPlugin

package/packages/dd-trace/src/plugins/producer.js

@@ -1,24 +1,9 @@
 'use strict'
 
-const OutboundPlugin = require('./outbound')
+const OutgoingPlugin = require('./outgoing')
 
-class ProducerPlugin extends OutboundPlugin {
+class ProducerPlugin extends OutgoingPlugin {
   static get operation () { return 'publish' }
-  static get kind () { return 'producer' }
-  static get type () { return 'messaging' }
-
-  startSpan (options) {
-    const spanDefaults = {
-      service: this.config.service || this.serviceName(),
-      kind: this.constructor.kind
-    }
-    Object.keys(spanDefaults).forEach(
-      key => {
-        if (!options[key]) options[key] = spanDefaults[key]
-      }
-    )
-    return super.startSpan(this.operationName(), options)
-  }
 }
 
 module.exports = ProducerPlugin

package/packages/dd-trace/src/plugins/server.js

@@ -1,8 +1,8 @@
 'use strict'
 
-const InboundPlugin = require('./inbound')
+const IncomingPlugin = require('./incoming')
 
-class ServerPlugin extends InboundPlugin {
+class ServerPlugin extends IncomingPlugin {
   static get operation () { return 'request' }
 }
 

package/packages/dd-trace/src/plugins/tracing.js

@@ -4,7 +4,6 @@ const Plugin = require('./plugin')
 const { storage } = require('../../../datadog-core')
 const analyticsSampler = require('../analytics_sampler')
 const { COMPONENT } = require('../constants')
-const Nomenclature = require('../service-naming')
 
 class TracingPlugin extends Plugin {
   constructor (...args) {
@@ -32,16 +31,6 @@ class TracingPlugin extends Plugin {
     return store && store.span
   }
 
-  serviceName (serviceArgs) {
-    const { type, id, kind } = this.constructor
-    return Nomenclature.serviceName(type, kind, id, serviceArgs)
-  }
-
-  operationName (opNameArgs) {
-    const { type, id, kind } = this.constructor
-    return Nomenclature.opName(type, kind, id, opNameArgs)
-  }
-
   configure (config) {
     return super.configure({
       ...config,

package/packages/dd-trace/src/plugins/util/ci.js

@@ -20,7 +20,9 @@ const {
   CI_STAGE_NAME,
   CI_ENV_VARS,
   GIT_COMMIT_COMMITTER_NAME,
-  GIT_COMMIT_COMMITTER_EMAIL
+  GIT_COMMIT_COMMITTER_EMAIL,
+  CI_NODE_LABELS,
+  CI_NODE_NAME
 } = require('./tags')
 
 // Receives a string with the form 'John Doe <john.doe@gmail.com>'
@@ -108,7 +110,9 @@ module.exports = {
         GIT_COMMIT: JENKINS_GIT_COMMIT,
         GIT_URL: JENKINS_GIT_REPOSITORY_URL,
         GIT_URL_1: JENKINS_GIT_REPOSITORY_URL_1,
-        DD_CUSTOM_TRACE_ID
+        DD_CUSTOM_TRACE_ID,
+        NODE_NAME,
+        NODE_LABELS
       } = env
 
       tags = {
@@ -119,7 +123,18 @@ module.exports = {
         [GIT_COMMIT_SHA]: JENKINS_GIT_COMMIT,
         [GIT_REPOSITORY_URL]: JENKINS_GIT_REPOSITORY_URL || JENKINS_GIT_REPOSITORY_URL_1,
         [CI_WORKSPACE_PATH]: WORKSPACE,
-        [CI_ENV_VARS]: JSON.stringify({ DD_CUSTOM_TRACE_ID })
+        [CI_ENV_VARS]: JSON.stringify({ DD_CUSTOM_TRACE_ID }),
+        [CI_NODE_NAME]: NODE_NAME
+      }
+
+      if (NODE_LABELS) {
+        let nodeLabels
+        try {
+          nodeLabels = JSON.stringify(NODE_LABELS.split(' '))
+          tags[CI_NODE_LABELS] = nodeLabels
+        } catch (e) {
+          // ignore errors
+        }
       }
 
       const isTag = JENKINS_GIT_BRANCH && JENKINS_GIT_BRANCH.includes('tags/')
@@ -159,7 +174,9 @@ module.exports = {
         CI_COMMIT_TIMESTAMP,
         CI_COMMIT_AUTHOR,
         CI_PROJECT_URL: GITLAB_PROJECT_URL,
-        CI_JOB_ID: GITLAB_CI_JOB_ID
+        CI_JOB_ID: GITLAB_CI_JOB_ID,
+        CI_RUNNER_ID,
+        CI_RUNNER_TAGS
       } = env
 
       const { name, email } = parseEmailAndName(CI_COMMIT_AUTHOR)
@@ -186,7 +203,9 @@ module.exports = {
           CI_PROJECT_URL: GITLAB_PROJECT_URL,
           CI_PIPELINE_ID: GITLAB_PIPELINE_ID,
           CI_JOB_ID: GITLAB_CI_JOB_ID
-        })
+        }),
+        [CI_NODE_LABELS]: CI_RUNNER_TAGS,
+        [CI_NODE_NAME]: CI_RUNNER_ID
       }
     }
 
@@ -448,9 +467,17 @@ module.exports = {
         BUILDKITE_BUILD_CHECKOUT_PATH,
         BUILDKITE_BUILD_AUTHOR,
         BUILDKITE_BUILD_AUTHOR_EMAIL,
-        BUILDKITE_MESSAGE
+        BUILDKITE_MESSAGE,
+        BUILDKITE_AGENT_ID
       } = env
 
+      const extraTags = Object.keys(env).filter(envVar =>
+        envVar.startsWith('BUILDKITE_AGENT_META_DATA_')
+      ).map((metadataKey) => {
+        const key = metadataKey.replace('BUILDKITE_AGENT_META_DATA_', '').toLowerCase()
+        return `${key}:${env[metadataKey]}`
+      })
+
       tags = {
         [CI_PROVIDER_NAME]: 'buildkite',
         [CI_PIPELINE_ID]: BUILDKITE_BUILD_ID,
@@ -469,7 +496,9 @@ module.exports = {
         [CI_ENV_VARS]: JSON.stringify({
           BUILDKITE_BUILD_ID,
           BUILDKITE_JOB_ID
-        })
+        }),
+        [CI_NODE_NAME]: BUILDKITE_AGENT_ID,
+        [CI_NODE_LABELS]: JSON.stringify(extraTags)
       }
     }
 
@@ -546,6 +575,32 @@ module.exports = {
       }
     }
 
+    if (env.CF_BUILD_ID) {
+      const {
+        CF_BUILD_ID,
+        CF_PIPELINE_NAME,
+        CF_BUILD_URL,
+        CF_STEP_NAME,
+        CF_BRANCH
+      } = env
+      tags = {
+        [CI_PROVIDER_NAME]: 'codefresh',
+        [CI_PIPELINE_ID]: CF_BUILD_ID,
+        [CI_PIPELINE_NAME]: CF_PIPELINE_NAME,
+        [CI_PIPELINE_URL]: CF_BUILD_URL,
+        [CI_JOB_NAME]: CF_STEP_NAME,
+        [CI_ENV_VARS]: JSON.stringify({
+          CF_BUILD_ID
+        })
+      }
+
+      const isTag = CF_BRANCH && CF_BRANCH.includes('tags/')
+      const refKey = isTag ? GIT_TAG : GIT_BRANCH
+      const ref = normalizeRef(CF_BRANCH)
+
+      tags[refKey] = ref
+    }
+
     normalizeTag(tags, CI_WORKSPACE_PATH, resolveTilde)
     normalizeTag(tags, GIT_REPOSITORY_URL, filterSensitiveInfoFromRepository)
     normalizeTag(tags, GIT_BRANCH, normalizeRef)

package/packages/dd-trace/src/plugins/util/tags.js

@@ -19,6 +19,8 @@ const CI_WORKSPACE_PATH = 'ci.workspace_path'
 const CI_JOB_URL = 'ci.job.url'
 const CI_JOB_NAME = 'ci.job.name'
 const CI_STAGE_NAME = 'ci.stage.name'
+const CI_NODE_NAME = 'ci.node.name'
+const CI_NODE_LABELS = 'ci.node.labels'
 
 const CI_ENV_VARS = '_dd.ci.env_vars'
 
@@ -43,5 +45,7 @@ module.exports = {
   CI_JOB_URL,
   CI_JOB_NAME,
   CI_STAGE_NAME,
-  CI_ENV_VARS
+  CI_ENV_VARS,
+  CI_NODE_NAME,
+  CI_NODE_LABELS
 }