securenow 3.0.5 → 3.0.6

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "securenow",
-  "version": "3.0.5",
+  "version": "3.0.6",
   "type": "commonjs",
   "main": "register.js",
   "exports": { ".": "./register.js", "./register": "./register.js", "./tracing": "./tracing.js" },

package/tracing.js

@@ -1,84 +1,84 @@
 'use strict';
 
 /**
- * securenow/tracing.js
- * Preload with: NODE_OPTIONS="--require securenow/register"  (or -r securenow/register via PM2)
- * Env you can use:
- *   - SECURENOW_INSTANCE=http://host:4318         # base OTLP/HTTP endpoint (defaults to http://46.62.173.237:4318)
- *   - OTEL_EXPORTER_OTLP_ENDPOINT=...             # alt base (will be used if securenow_instance not set)
- *   - OTEL_EXPORTER_OTLP_TRACES_ENDPOINT=...      # full traces URL (overrides base)
- *   - OTEL_EXPORTER_OTLP_HEADERS="authorization=Bearer abc123,foo=bar"
- *   - OTEL_SERVICE_NAME=your-service              # logical name (UUID suffix auto-appended)
- *   - SECURENOW_APPID=your-appid                  # fallback logical name (UUID suffix auto-appended)
- *   - SECURENOW_NO_UUID=1                         # disable UUID suffix
- *   - SECURENOW_DISABLE_INSTRUMENTATIONS="@opentelemetry/instrumentation-mongodb,@opentelemetry/instrumentation-redis"
- *   - OTEL_LOG_LEVEL=info|debug                   # OTel internal diagnostics
- *   - SECURENOW_TEST_SPAN=1                       # emit a smoke-test span on startup
+ * Preload with: NODE_OPTIONS="-r securenow/register"
+ *
+ * Env:
+ *   SECURENOW_INSTANCE=http://host:4318
+ *   OTEL_EXPORTER_OTLP_ENDPOINT=...
+ *   OTEL_EXPORTER_OTLP_TRACES_ENDPOINT=...
+ *   OTEL_EXPORTER_OTLP_HEADERS="authorization=Bearer abc123,foo=bar"
+ *   OTEL_SERVICE_NAME=logical-name
+ *   SECURENOW_APPID=logical-name
+ *   SECURENOW_NO_UUID=1                 # one service.name across all workers
+ *   SECURENOW_DISABLE_INSTRUMENTATIONS="@opentelemetry/instrumentation-mongodb,@opentelemetry/instrumentation-redis"
+ *   OTEL_LOG_LEVEL=info|debug
+ *   SECURENOW_TEST_SPAN=1               # emit a smoke test span on startup
  */
 
 const { diag, DiagConsoleLogger, DiagLogLevel } = require('@opentelemetry/api');
+const { NodeSDK } = require('@opentelemetry/sdk-node');
+const { OTLPTraceExporter } = require('@opentelemetry/exporter-trace-otlp-http');
+const { Resource } = require('@opentelemetry/resources');
+const { SemanticResourceAttributes } = require('@opentelemetry/semantic-conventions');
+const { getNodeAutoInstrumentations } = require('@opentelemetry/auto-instrumentations-node');
+const { v4: uuidv4 } = require('uuid');
+
+// -------------------- helpers --------------------
 const env = k => process.env[k] ?? process.env[k.toUpperCase()] ?? process.env[k.toLowerCase()];
+const parseHeaders = (str) => {
+  const out = {};
+  if (!str) return out;
+  for (const raw of str.split(',')) {
+    const s = raw.trim();
+    if (!s) continue;
+    const i = s.indexOf('=');
+    if (i === -1) continue;
+    out[s.slice(0, i).trim().toLowerCase()] = s.slice(i + 1).trim();
+  }
+  return out;
+};
 
-// ---------- Diagnostics level ----------
+// -------------------- diagnostics --------------------
 (() => {
   const L = (env('OTEL_LOG_LEVEL') || '').toLowerCase();
   const level =
     L === 'debug' ? DiagLogLevel.DEBUG :
     L === 'info'  ? DiagLogLevel.INFO  :
     L === 'warn'  ? DiagLogLevel.WARN  :
-    L === 'error' ? DiagLogLevel.ERROR :
-    DiagLogLevel.NONE;
+    L === 'error' ? DiagLogLevel.ERROR : DiagLogLevel.NONE;
   diag.setLogger(new DiagConsoleLogger(), level);
-  console.log('[securenow] preload loaded');
+  console.log('[securenow] preload loaded pid=', process.pid);
 })();
 
-const { NodeSDK } = require('@opentelemetry/sdk-node');
-const { OTLPTraceExporter } = require('@opentelemetry/exporter-trace-otlp-http');
-const { Resource } = require('@opentelemetry/resources');
-const { SemanticResourceAttributes } = require('@opentelemetry/semantic-conventions');
-const { getNodeAutoInstrumentations } = require('@opentelemetry/auto-instrumentations-node');
-const { v4: uuidv4 } = require('uuid');
+// -------------------- endpoints --------------------
+const endpointBase = (env('SECURENOW_INSTANCE') || env('OTEL_EXPORTER_OTLP_ENDPOINT') || 'http://46.62.173.237:4318').replace(/\/$/, '');
+const tracesUrl = env('OTEL_EXPORTER_OTLP_TRACES_ENDPOINT') || `${endpointBase}/v1/traces`;
+const headers = parseHeaders(env('OTEL_EXPORTER_OTLP_HEADERS'));
 
-// ---------- Show actual loaded OTel versions (helpful for debugging) ----------
-try {
-  const vApi = require('@opentelemetry/api/package.json').version;
-  const vSdk = require('@opentelemetry/sdk-node/package.json').version;
-  console.log('[securenow] otel versions → api:', vApi, 'sdk-node:', vSdk);
-} catch (e) {
-  console.log('[securenow] could not read otel versions', e && e.message);
-}
+// -------------------- naming rules --------------------
+const rawBase =
+  (env('OTEL_SERVICE_NAME') || env('SECURENOW_APPID') || '').trim().replace(/^['"]|['"]$/g, '');
+const baseName = rawBase || null;
 
-// ---------- Endpoint config (HTTP/4318) ----------
-const endpointBase = (env('SECURENOW_INSTANCE') || env('OTEL_EXPORTER_OTLP_ENDPOINT') || 'http://46.62.173.237:4318').replace(/\/$/, '');
-const tracesUrl = (env('OTEL_EXPORTER_OTLP_TRACES_ENDPOINT') || `${endpointBase}/v1/traces`);
+// SECURENOW_NO_UUID=1  -> keep one service.name for all workers (baseName), but unique instance ids
+const noUuid = String(env('SECURENOW_NO_UUID')) === '1' || String(env('SECURENOW_NO_UUID')).toLowerCase() === 'true';
 
-// ---------- Headers parsing ----------
-function parseOtelHeaders(str) {
-  const headers = {};
-  if (!str) return headers;
-  // split on comma; tolerate spaces
-  for (const raw of str.split(',')) {
-    const piece = raw.trim();
-    if (!piece) continue;
-    const eq = piece.indexOf('=');
-    if (eq === -1) continue;
-    const k = piece.slice(0, eq).trim();
-    const v = piece.slice(eq + 1).trim();
-    if (k) headers[k.toLowerCase()] = v;
-  }
-  return headers;
-}
-const headers = parseOtelHeaders(env('OTEL_EXPORTER_OTLP_HEADERS'));
-// ---------- Service name with UUID rules ----------
 let serviceName;
-if (env('SECURENOW_APPID')) {
-  serviceName = env('SECURENOW_APPID');
+if (baseName) {
+  serviceName = noUuid ? baseName : `${baseName}-${uuidv4()}`;
 } else {
-  // default can also be unique to avoid collisions
+  // No provided name: safe fallback, unique per process
   serviceName = `securenow-free-${uuidv4()}`;
 }
 
-// ---------- Disable instrumentations via env ----------
+// Always make a unique instance id (appID + uuid if available; else “securenow” + uuid)
+const instancePrefix = baseName || 'securenow';
+const serviceInstanceId = `${instancePrefix}-${uuidv4()}`;
+
+console.log('[securenow] resolved names →', { serviceName, serviceInstanceId });
+
+// -------------------- instrumentations --------------------
 const disabledList = (env('SECURENOW_DISABLE_INSTRUMENTATIONS') || '')
   .split(',')
   .map(s => s.trim())
@@ -86,33 +86,27 @@ const disabledList = (env('SECURENOW_DISABLE_INSTRUMENTATIONS') || '')
 const disabledMap = {};
 for (const name of disabledList) disabledMap[name] = { enabled: false };
 
-// ---------- Build exporter & SDK ----------
+// -------------------- SDK --------------------
 const traceExporter = new OTLPTraceExporter({ url: tracesUrl, headers });
-const serviceInstanceId = `${serviceName}-${uuidv4()}`;
 
 const sdk = new NodeSDK({
   traceExporter,
-  instrumentations: getNodeAutoInstrumentations({
-    // Merge disabled flags (keys must match package names)
-    ...disabledMap,
-  }),
+  instrumentations: getNodeAutoInstrumentations({ ...disabledMap }),
   resource: new Resource({
     [SemanticResourceAttributes.SERVICE_NAME]: serviceName,
-    [SemanticResourceAttributes.DEPLOYMENT_ENVIRONMENT]: env('NODE_ENV') || 'development',
     [SemanticResourceAttributes.SERVICE_INSTANCE_ID]: serviceInstanceId,
-    [SemanticResourceAttributes.SERVICE_VERSION]: env('npm_package_version') || undefined,
+    [SemanticResourceAttributes.DEPLOYMENT_ENVIRONMENT]: env('NODE_ENV') || 'development',
+    [SemanticResourceAttributes.SERVICE_VERSION]: process.env.npm_package_version || undefined,
   }),
 });
 
-// ---------- Start (supports both sync/async start()) ----------
+// -------------------- start (sync/async safe) --------------------
 (async () => {
   try {
-    const res = sdk.start?.();          // may be undefined or a Promise
-    await Promise.resolve(res);         // normalize to Promise
+    await Promise.resolve(sdk.start?.());
     console.log('[securenow] OTel SDK started →', tracesUrl);
 
-    // Optional smoke test to verify export path
-    if ((env('SECURENOW_TEST_SPAN') || '') === '1') {
+    if (String(env('SECURENOW_TEST_SPAN')) === '1') {
       const api = require('@opentelemetry/api');
       const tracer = api.trace.getTracer('securenow-smoke');
       const span = tracer.startSpan('securenow.startup.smoke');
@@ -121,15 +115,14 @@ const sdk = new NodeSDK({
       console.log('[securenow] emitted startup smoke span');
     }
   } catch (err) {
-    console.error('[securenow] OTel start failed:', (err && err.stack) || err);
+    console.error('[securenow] OTel start failed:', err && err.stack || err);
   }
 })();
 
-// ---------- Graceful shutdown (supports both sync/async shutdown()) ----------
+// -------------------- graceful shutdown --------------------
 async function safeShutdown(sig) {
   try {
-    const r = sdk.shutdown?.();         // may be undefined or a Promise
-    await Promise.resolve(r);
+    await Promise.resolve(sdk.shutdown?.());
     console.log(`[securenow] Tracing terminated on ${sig}`);
   } catch (err) {
     console.error('[securenow] Tracing shutdown error:', err);