dd-trace 5.86.0 → 5.88.0

package/packages/dd-trace/src/config/index.js

@@ -62,7 +62,7 @@ module.exports = getConfig
 class Config {
   /**
    * parsed DD_TAGS, usable as a standalone tag set across products
-   * @type {Record<string, string> | undefined}
+   * @type {Record<string, string>}
    */
   #parsedDdTags = {}
   #envUnprocessed = {}
@@ -89,6 +89,8 @@ class Config {
 
     options = {
       ...options,
+      // TODO(BridgeAR): Remove the experimental prefix once we have a major version.
+      // That also applies to index.d.ts
       appsec: options.appsec == null ? options.experimental?.appsec : options.appsec,
       iast: options.iast == null ? options.experimental?.iast : options.iast,
     }
@@ -162,7 +164,7 @@ class Config {
    * Set the configuration with remote config settings.
    * Applies remote configuration, recalculates derived values, and merges all configuration sources.
    *
-   * @param {import('./config/remote_config').RemoteConfigOptions|null} options - Configurations received via Remote
+   * @param {import('./remote_config').RemoteConfigOptions|null} options - Configurations received via Remote
    *   Config or null to reset all remote configuration
    */
   setRemoteConfig (options) {
@@ -255,6 +257,8 @@ class Config {
       DD_API_SECURITY_SAMPLE_DELAY,
       DD_API_SECURITY_ENDPOINT_COLLECTION_ENABLED,
       DD_API_SECURITY_ENDPOINT_COLLECTION_MESSAGE_LIMIT,
+      DD_API_SECURITY_DOWNSTREAM_BODY_ANALYSIS_SAMPLE_RATE,
+      DD_API_SECURITY_MAX_DOWNSTREAM_REQUEST_BODY_ANALYSIS,
       DD_APM_TRACING_ENABLED,
       DD_APP_KEY,
       DD_APPSEC_AUTO_USER_INSTRUMENTATION_MODE,
@@ -281,6 +285,7 @@ class Config {
       DD_CODE_ORIGIN_FOR_SPANS_EXPERIMENTAL_EXIT_SPANS_ENABLED,
       DD_DATA_STREAMS_ENABLED,
       DD_DBM_PROPAGATION_MODE,
+      DD_DBM_INJECT_SQL_BASEHASH,
       DD_DOGSTATSD_HOST,
       DD_DOGSTATSD_PORT,
       DD_DYNAMIC_INSTRUMENTATION_CAPTURE_TIMEOUT_MS,
@@ -366,7 +371,6 @@ class Config {
       DD_TRACE_EXPERIMENTAL_GET_RUM_DATA_ENABLED,
       DD_RUNTIME_METRICS_RUNTIME_ID_ENABLED,
       DD_TRACE_GIT_METADATA_ENABLED,
-      DD_TRACE_GLOBAL_TAGS,
       DD_TRACE_GRAPHQL_ERROR_EXTENSIONS,
       DD_TRACE_HEADER_TAGS,
       DD_TRACE_LEGACY_BAGGAGE_ENABLED,
@@ -433,13 +437,11 @@ class Config {
 
     const tags = {}
 
-    const parsedDdTags = parseSpaceSeparatedTags(DD_TAGS)
-    tagger.add(this.#parsedDdTags, parsedDdTags)
-
     tagger.add(tags, parseSpaceSeparatedTags(handleOtel(OTEL_RESOURCE_ATTRIBUTES)))
-    tagger.add(tags, parsedDdTags)
+    tagger.add(tags, parseSpaceSeparatedTags(DD_TAGS))
     tagger.add(tags, DD_TRACE_TAGS)
-    tagger.add(tags, DD_TRACE_GLOBAL_TAGS)
+
+    Object.assign(this.#parsedDdTags, tags)
 
     setString(target, 'apiKey', DD_API_KEY)
     setBoolean(target, 'otelLogsEnabled', DD_LOGS_OTEL_ENABLED)
@@ -540,9 +542,13 @@ class Config {
     unprocessedTarget['appsec.stackTrace.maxStackTraces'] = DD_APPSEC_MAX_STACK_TRACES
     target['appsec.wafTimeout'] = maybeInt(DD_APPSEC_WAF_TIMEOUT)
     unprocessedTarget['appsec.wafTimeout'] = DD_APPSEC_WAF_TIMEOUT
+    target['appsec.apiSecurity.downstreamBodyAnalysisSampleRate'] =
+      maybeFloat(DD_API_SECURITY_DOWNSTREAM_BODY_ANALYSIS_SAMPLE_RATE)
+    target['appsec.apiSecurity.maxDownstreamRequestBodyAnalysis'] =
+      maybeInt(DD_API_SECURITY_MAX_DOWNSTREAM_REQUEST_BODY_ANALYSIS)
     target.baggageMaxBytes = DD_TRACE_BAGGAGE_MAX_BYTES
     target.baggageMaxItems = DD_TRACE_BAGGAGE_MAX_ITEMS
-    target.baggageTagKeys = DD_TRACE_BAGGAGE_TAG_KEYS
+    setArray(target, 'baggageTagKeys', DD_TRACE_BAGGAGE_TAG_KEYS)
     setBoolean(target, 'clientIpEnabled', DD_TRACE_CLIENT_IP_ENABLED)
     setString(target, 'clientIpHeader', DD_TRACE_CLIENT_IP_HEADER?.toLowerCase())
     if (DD_TRACE_CLOUD_REQUEST_PAYLOAD_TAGGING || DD_TRACE_CLOUD_RESPONSE_PAYLOAD_TAGGING) {
@@ -568,6 +574,7 @@ class Config {
       DD_CODE_ORIGIN_FOR_SPANS_EXPERIMENTAL_EXIT_SPANS_ENABLED
     )
     setString(target, 'dbmPropagationMode', DD_DBM_PROPAGATION_MODE)
+    setBoolean(target, 'dbm.injectSqlBaseHash', DD_DBM_INJECT_SQL_BASEHASH)
     setString(target, 'dogstatsd.hostname', DD_DOGSTATSD_HOST)
     setString(target, 'dogstatsd.port', DD_DOGSTATSD_PORT)
     setBoolean(target, 'dsmEnabled', DD_DATA_STREAMS_ENABLED)
@@ -642,6 +649,7 @@ class Config {
     setString(target, 'installSignature.id', DD_INSTRUMENTATION_INSTALL_ID)
     setString(target, 'installSignature.time', DD_INSTRUMENTATION_INSTALL_TIME)
     setString(target, 'installSignature.type', DD_INSTRUMENTATION_INSTALL_TYPE)
+    // TODO: Why is DD_INJECTION_ENABLED a comma separated list?
     setArray(target, 'injectionEnabled', DD_INJECTION_ENABLED)
     if (DD_INJECTION_ENABLED !== undefined) {
       setString(target, 'instrumentationSource', DD_INJECTION_ENABLED ? 'ssi' : 'manual')
@@ -701,8 +709,11 @@ class Config {
       maybeJsonFile(DD_SPAN_SAMPLING_RULES_FILE) ??
       safeJsonParse(DD_SPAN_SAMPLING_RULES)
     ))
-    setUnit(target, 'sampleRate', DD_TRACE_SAMPLE_RATE ||
-    getFromOtelSamplerMap(OTEL_TRACES_SAMPLER, OTEL_TRACES_SAMPLER_ARG))
+    setUnit(
+      target,
+      'sampleRate',
+      DD_TRACE_SAMPLE_RATE || getFromOtelSamplerMap(OTEL_TRACES_SAMPLER, OTEL_TRACES_SAMPLER_ARG)
+    )
     target['sampler.rateLimit'] = DD_TRACE_RATE_LIMIT
     setSamplingRule(target, 'sampler.rules', safeJsonParse(DD_TRACE_SAMPLING_RULES))
     unprocessedTarget['sampler.rules'] = DD_TRACE_SAMPLING_RULES
@@ -743,7 +754,7 @@ class Config {
     setBoolean(target, 'telemetry.debug', DD_TELEMETRY_DEBUG)
     setBoolean(target, 'telemetry.dependencyCollection', DD_TELEMETRY_DEPENDENCY_COLLECTION_ENABLED)
     target['telemetry.heartbeatInterval'] = maybeInt(Math.floor(DD_TELEMETRY_HEARTBEAT_INTERVAL * 1000))
-    unprocessedTarget['telemetry.heartbeatInterval'] = DD_TELEMETRY_HEARTBEAT_INTERVAL * 1000
+    unprocessedTarget['telemetry.heartbeatInterval'] = DD_TELEMETRY_HEARTBEAT_INTERVAL
     setBoolean(target, 'telemetry.logCollection', DD_TELEMETRY_LOG_COLLECTION_ENABLED)
     setBoolean(target, 'telemetry.metrics', DD_TELEMETRY_METRICS_ENABLED)
     setBoolean(target, 'traceId128BitGenerationEnabled', DD_TRACE_128_BIT_TRACEID_GENERATION_ENABLED)
@@ -886,7 +897,7 @@ class Config {
     opts['cloudPayloadTagging.maxDepth'] = maybeInt(options.cloudPayloadTagging?.maxDepth)
     opts.baggageMaxBytes = options.baggageMaxBytes
     opts.baggageMaxItems = options.baggageMaxItems
-    opts.baggageTagKeys = options.baggageTagKeys
+    setArray(opts, 'baggageTagKeys', options.baggageTagKeys)
     setBoolean(opts, 'codeOriginForSpans.enabled', options.codeOriginForSpans?.enabled)
     setBoolean(
       opts,
@@ -894,6 +905,7 @@ class Config {
       options.codeOriginForSpans?.experimental?.exit_spans?.enabled
     )
     setString(opts, 'dbmPropagationMode', options.dbmPropagationMode)
+    setBoolean(opts, 'dbm.injectSqlBaseHash', options.dbm?.injectSqlBaseHash)
     if (options.dogstatsd) {
       setString(opts, 'dogstatsd.hostname', options.dogstatsd.hostname)
       setString(opts, 'dogstatsd.port', options.dogstatsd.port)
@@ -1091,6 +1103,21 @@ class Config {
       ? new URL(DD_CIVISIBILITY_AGENTLESS_URL)
       : getAgentUrl(this.#getTraceAgentUrl(), this.#optionsArg)
 
+    // Experimental agentless APM span intake
+    // When enabled, sends spans directly to Datadog intake without an agent
+    const agentlessEnabled = isTrue(getEnv('_DD_APM_TRACING_AGENTLESS_ENABLED'))
+    if (agentlessEnabled) {
+      setString(calc, 'experimental.exporter', 'agentless')
+      // Disable rate limiting - server-side sampling will be used
+      calc['sampler.rateLimit'] = -1
+      // Disable client-side stats computation
+      setBoolean(calc, 'stats.enabled', false)
+      // Enable hostname reporting
+      setBoolean(calc, 'reportHostname', true)
+      // Clear sampling rules - server-side sampling handles this
+      calc['sampler.rules'] = []
+    }
+
     if (this.#isCiVisibility()) {
       setBoolean(calc, 'isEarlyFlakeDetectionEnabled',
         getEnv('DD_CIVISIBILITY_EARLY_FLAKE_DETECTION_ENABLED') ?? true)
@@ -1123,6 +1150,7 @@ class Config {
     calc.otelLogsUrl = `http://${agentHostname}:${DEFAULT_OTLP_PORT}`
     calc.otelMetricsUrl = `http://${agentHostname}:${DEFAULT_OTLP_PORT}/v1/metrics`
     calc.otelUrl = `http://${agentHostname}:${DEFAULT_OTLP_PORT}`
+    calc['telemetry.heartbeatInterval'] = maybeInt(Math.floor(this.#defaults['telemetry.heartbeatInterval'] * 1000))
 
     setBoolean(calc, 'isGitUploadEnabled',
       calc.isIntelligentTestRunnerEnabled && !isFalse(getEnv('DD_CIVISIBILITY_GIT_UPLOAD_ENABLED')))
@@ -1150,7 +1178,7 @@ class Config {
   /**
    * Applies remote configuration options from APM_TRACING configs.
    *
-   * @param {import('./config/remote_config').RemoteConfigOptions} options - Configurations received via Remote Config
+   * @param {import('./remote_config').RemoteConfigOptions} options - Configurations received via Remote Config
    */
   #applyRemoteConfig (options) {
     const opts = this.#remote