63468157fc
Fix latest dep tests after the recent Spring release ( #9947 )
2023-11-24 21:07:48 +00:00
6313391d71
Rewrite @Advice.Enter for indy advice ( #9887 )
2023-11-17 07:49:19 -08:00
81f8bf6231
Add `service.name` to MDC ( #9647 )
...
Co-authored-by: Lauri Tulmin <ltulmin@splunk.com>
2023-11-13 09:37:19 -08:00
6eb8ae19df
Allow injection of helper bytecode as resources ( #9752 )
2023-11-06 09:37:52 -08:00
5a2f52978f
Make kafka library and javaagent instrumentations more similar ( #9738 )
2023-10-24 09:08:03 -07:00
a2f01e577e
Make more tests run with indy ( #9729 )
2023-10-24 12:23:50 +03:00
93e0667816
Improve disableShadowRelocate ( #9715 )
...
Co-authored-by: Trask Stalnaker <trask.stalnaker@gmail.com>
2023-10-20 10:34:00 +03:00
2d4d010cb0
Add capability for invokedynamic InstrumentationModules to inject proxies ( #9565 )
2023-10-19 10:11:24 -07:00
76d0090f53
Define `url.scheme` in terms of logical operation in HTTP server semconv ( #9698 )
2023-10-17 11:04:39 -07:00
de7cdcc22b
Run tests with java 21 ( #9620 )
2023-10-09 17:07:46 +03:00
6e97851a0b
Minor cleanup after bytebuddy 1.14.8 release ( #9595 )
2023-10-02 09:46:20 -07:00
b464369253
Improve spring data reactive instrumentation ( #9561 )
2023-09-27 21:16:04 +03:00
7d2259742a
Transform inline advice to delegating advice and test indy modules ( #9508 )
2023-09-22 11:15:39 +03:00
446d9a28ae
Implemented factory for generating invokedynamic proxy classes ( #9502 )
2023-09-20 12:26:56 -07:00
10480adc64
Implement invokedynamic advice bootstrapping ( #9382 )
2023-09-13 17:44:47 -07:00
3b77cc4b2d
Semconv 1.21 ( #9408 )
...
Co-authored-by: Lauri Tulmin <ltulmin@splunk.com>
2023-09-13 19:20:23 +00:00
db7eb14384
Remove deprecated experimental config ( #9378 )
2023-09-04 08:59:49 +03:00
4855eeee73
Bytecode version upgrade for invokedynamic dispatch ( #9239 )
2023-08-25 09:16:39 -07:00
39574290c9
Fix build ( #9283 )
2023-08-23 05:49:48 +02:00
3dbb965e94
Fixed getDefinedPackage lookup for OpenJ9 (8) ( #9272 )
2023-08-22 11:12:25 +02:00
5abba34ade
Implemented InstrumentationModuleClassLoader for invokedynamic Advice dispatching ( #9177 )
...
Co-authored-by: Trask Stalnaker <trask.stalnaker@gmail.com>
2023-08-21 12:11:52 +00:00
56dfd1ee6a
Implement @WithSpan support for kotlin coroutines ( #8870 )
...
Co-authored-by: Trask Stalnaker <trask.stalnaker@gmail.com>
2023-08-16 14:51:30 -07:00
acbab58a46
Update the OpenTelemetry SDK version to 1.28.0 ( #8897 )
...
Co-authored-by: Lauri Tulmin <ltulmin@splunk.com>
2023-07-10 12:45:01 -07:00
bbb05276be
Update the OpenTelemetry SDK version to 1.27.0 ( #8688 )
...
Co-authored-by: Trask Stalnaker <trask.stalnaker@gmail.com>
Co-authored-by: Lauri Tulmin <ltulmin@splunk.com>
2023-06-13 12:02:11 +03:00
8cfacd5666
Fix flaky CacheProviderTest ( #8684 )
2023-06-11 09:13:22 +03:00
a2fd908d47
Disable the logging exporter by default ( #8647 )
...
Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com>
2023-06-05 20:04:03 +00:00
8ee63d4441
Implement new stable URL semantic conventions ( #8491 )
2023-06-05 15:22:22 +00:00
81f6a3a0c2
Faster type matching ( #8525 )
2023-06-02 18:35:31 +03:00
45fbf4b47b
Skip not decorator check for classes in boot loader ( #8594 )
2023-05-30 11:23:16 +02:00
c60d0a2673
Bump com.diffplug.spotless:spotless-plugin-gradle from 6.18.0 to 6.19.0 ( #8561 )
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Lauri Tulmin <ltulmin@splunk.com>
2023-05-24 12:23:07 -07:00
5627a15c29
Fix jetty context leak ( #8552 )
2023-05-23 12:42:17 -07:00
3122897b2e
Bump errorProneVersion from 2.18.0 to 2.19.0 ( #8459 )
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Lauri Tulmin <ltulmin@splunk.com>
2023-05-10 09:49:55 -07:00
43073e7df9
Allow transforming classes with missing field types ( #8393 )
2023-05-09 14:07:50 -07:00
9b82a01dd7
Set up EarlyInitAgentConfig even earlier ( #8413 )
2023-05-06 16:24:23 -07:00
2f0819ae20
Improve compatibility with SecurityManager ( #7983 )
...
This pr gives classes defined in agent and extension class loaders all
permissions. Injected helper classes are also defined with all
permissions. Agent startup is altered so that we won't call methods that
require permission before we are able to get those permissions.
This pr does not attempt to address issues where agent code could allow
user code to circumvent security manager e.g.
https://github.com/open-telemetry/opentelemetry-java-instrumentation/blob/main/javaagent-bootstrap/src/main/java/io/opentelemetry/javaagent/bootstrap/InstrumentationHolder.java
gives access to `Instrumentation` that could be used to redefine classes
and remove security checks. Also this pr does not address failed
permission checks that could arise from user code calling agent code.
When user code, that does not have privileges, calls agent code, that
has the privileges, and agent code performs a sensitive operation then
permission check would fail because it is performed for all calling
classes, including the user classes. To fix this agent code should uses
`AccessController.doPrivileged` which basically means that, hey I have
done all the checks, run this call with my privileges and ignore the
privileges of my callers.
2023-04-05 15:41:37 +03:00
e0ecb56e8b
Codeql detects zipslip vulnerability ( #8209 )
...
I think that the only way zipslip could happen is when name contains
`..` but codeql isn't able to cope with that. Removing the `..` check
gets rid of the code scanning alert.
2023-04-04 16:14:19 -07:00
8fba02e391
Skip spotless and other checks in CI test step ( #8142 )
...
Currently we run spotless and other checks for each of the parallel test
steps which seems wasteful. Here is an attempt to run only the tests in
given partition without any extra checks in the `test` step and run all
the checks in the `build` step.
2023-04-04 10:43:12 -07:00
04f2e3e9e5
Bridge agent logs into application's slf4j logger ( #7339 )
...
Related discussion #7257
Resolves #3413
Resolves #5059
Resolves #6258
Resolves #7179
Adds a logging implementation that'll collect agent logs in memory until
slf4j is detected in the instrumented application; and when that happens
will dump all the logs into the application slf4j and log directly to
the application logger from that time on.
It's still in a POC state, unfortunately: while it works fine with an
app that uses & initializes slf4j directly, Spring Boot applications
actually reconfigure the logging implementation (e.g. logback) a while
after slf4j is loaded; which causes all the startup agent logs (debug
included) to be dumped with the default logback pattern.
Future work:
* ~~Make sure all logs produces by the agent are sent to loggers named
`io.opentelemetry...`
(https://github.com/open-telemetry/opentelemetry-java-instrumentation/pull/7446 )~~
DONE
* Make this work on Spring Boot
* Documentation
* Smoke test?
2023-04-04 17:29:43 +02:00
93d7dd7261
Ignore appd agent classes ( #8065 )
...
Related to
https://github.com/open-telemetry/opentelemetry-java-instrumentation/discussions/8060
2023-03-22 13:04:14 +01:00
a9788a22de
Provide ability to add HTTP server response headers, with Tomcat implementation ( #7990 )
...
This allows custom distributions of the agent to register
`HttpServerResponseCustomizer` implementations. When a supported HTTP
server instrumentation starts processing a response, the `onStart`
method of all registered implementations will be invoked with the
`Context` of the SERVER span, an instrumentation-specific response
object and `HttpServerResponseMutator` instance that allows appending
headers to that response.
The intent of this is to allow custom distributions to set a header
containing span context information, such as the trace and span IDs. As
such, the initial implementation only allows appending response headers
and nothing else.
The `HttpServerResponseCustomizer` and related classes are currently in
a subpackage of the `io.opentelemetry.javaagent.bootstrap` package in
`javaagent-extension-api`. This makes them get loaded in the bootstrap
classloader, thus directly accessible from instrumentations. I am not
aware if there is an elegant way to put it in the agent classloader
instead, yet have the same instance accessible from both
`AgentInstaller` and instrumentations.
This also includes Tomcat-specific implementation in order to be able to
demonstrate that it works, and add automated testing of this to
HttpServerTest including one implementation.
2023-03-13 17:46:39 +01:00
46861382e8
Check that extracting extension jar doesn't escape designated directory ( #7908 )
...
Mostly to appease code scanners.
2023-03-07 09:00:56 +02:00
dd32ff30f1
Improve compatibility with other agents ( #7916 )
...
Fixes the issue described in
https://github.com/open-telemetry/opentelemetry-java-instrumentation/pull/7887
Hopefully resolves
https://github.com/open-telemetry/opentelemetry-java-instrumentation/issues/7594
We should not use cached `TypeDescription` for currently transformed
class as the cached description will not be the same as newly created
one if the class bytes were transformed. For example if another agent
adds an interface to the class then returning the cached description
that does not have that interface would result in bytebuddy removing
that interface, see
665a090c73/byte-buddy-dep/src/main/java/net/bytebuddy/dynamic/scaffold/TypeWriter.java (L5012)
2023-03-01 09:06:59 +02:00
7e187f78e7
Add additional groovy classloaders to ignore list. ( #7460 )
...
Groovy apps that parse a lot of scripts can generate a lot of
classloaders that will ultimately end up causing the agent to cache a
LOT of memory. For example, some java code that uses the Gremlin groovy
script engine to dynamically create and execute scripts can reproduce
this:
```
GremlinGroovyScriptEngine engine = new GremlinGroovyScriptEngine();
Bindings bindings = new SimpleBindings();
TinkerGraph graph = TinkerGraph.open();
GraphTraversalSource g = graph.traversal();
bindings.put("g", g);
for (int i = 0; i < 100000; i++) {
engine.eval("g.V(" + i + ")", bindings);
if(i % 250 == 0) System.out.println("Iteration " + i);
}
```
I have manually confirmed that ignoring the groovy classloaders (in this
PR) prevent the agent from exploding the cache and holding onto memory.
I could use another brain in deciding if there could be other unintended
consequences.
2023-02-23 09:39:54 -08:00
cde6c98666
Tests need to reset GlobalEventEmitterProvider ( #7810 )
...
After sdk update we have new flaky tests
https://ge.opentelemetry.io/s/qozoj3c4zxmge/tests/:javaagent-tooling:test/io.opentelemetry.javaagent.test.HelperInjectionTest/helpers%20injected%20on%20bootstrap%20classloader?top-execution=1
https://ge.opentelemetry.io/s/qozoj3c4zxmge/tests/:javaagent-tooling:test/io.opentelemetry.javaagent.tooling.OpenTelemetryInstallerTest/should%20initialize%20GlobalOpenTelemetry?top-execution=1
2023-02-14 16:43:55 +02:00
3d571c329a
Reformat comment ( #7713 )
2023-02-02 14:22:02 +00:00
00ae25b89c
Ignore janino classloader ( #7710 )
...
Fixes #7670
These obscure classloaders should be ignored completely, they process
in-line class creation and should not branch out to interactions that
are useful in distributed tracing. These two are responsible for outages
recently in many of our applications due to driving up memory usage from
WeakKey caching. In some cases, janino processing has ran wild and
stimulated over 5.7mil WeakKey objects accounting for close to 200MB of
heap.
2023-02-02 15:18:35 +01:00
d89932098a
Disable YodaCondition check and revert some of the changes ( #7596 )
...
Let's keep close to the SDK repo config.
I reverted some of the changes, only left those that I think make sense
anyway (e.g. comparing enums with `==`)
2023-01-17 19:44:15 -08:00
18cffb7aeb
Make config file available in early agent initialization phase ( #7550 )
...
Fixes #7540
I think this kind of early config might be useful in general -- for
instance, I think I'd like to use it for properties introduced in
https://github.com/open-telemetry/opentelemetry-java-instrumentation/pull/7339
2023-01-11 20:26:28 -08:00
f335861136
Bump errorProneVersion from 2.17.0 to 2.18.0 ( #7532 )
...
Bumps `errorProneVersion` from 2.17.0 to 2.18.0.
Updates `error_prone_annotations` from 2.17.0 to 2.18.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google/error-prone/releases ">error_prone_annotations's
releases</a>.</em></p>
<blockquote>
<h2>Error Prone 2.18.0</h2>
<p>New Checkers:</p>
<ul>
<li><a
href="https://errorprone.info/bugpattern/InjectOnBugCheckers "><code>InjectOnBugCheckers</code></a></li>
<li><a
href="https://errorprone.info/bugpattern/LabelledBreakTarget "><code>LabelledBreakTarget</code></a></li>
<li><a
href="https://errorprone.info/bugpattern/UnusedLabel "><code>UnusedLabel</code></a></li>
<li><a
href="https://errorprone.info/bugpattern/YodaCondition "><code>YodaCondition</code></a></li>
</ul>
<p>Fixes issues: <a
href="https://github-redirect.dependabot.com/google/error-prone/issues/1650 ">#1650</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/2706 ">#2706</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3404 ">#3404</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3493 ">#3493</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3504 ">#3504</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3519 ">#3519</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3579 ">#3579</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3610 ">#3610</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3632 ">#3632</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3638 ">#3638</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3645 ">#3645</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3646 ">#3646</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3652 ">#3652</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3690 ">#3690</a></p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google/error-prone/compare/v2.17.0...v2.18.0 ">https://github.com/google/error-prone/compare/v2.17.0...v2.18.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="34730decfeee1e7778d3bb9ede9f257f459e14cda57309b018181f9918bc360ed99da2c06c7b8b6e0f5753f67bf36a502b5fhttps://github.com/google/error-prone/compare/v2.17.0...v2.18.0 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `error_prone_core` from 2.17.0 to 2.18.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google/error-prone/releases ">error_prone_core's
releases</a>.</em></p>
<blockquote>
<h2>Error Prone 2.18.0</h2>
<p>New Checkers:</p>
<ul>
<li><a
href="https://errorprone.info/bugpattern/InjectOnBugCheckers "><code>InjectOnBugCheckers</code></a></li>
<li><a
href="https://errorprone.info/bugpattern/LabelledBreakTarget "><code>LabelledBreakTarget</code></a></li>
<li><a
href="https://errorprone.info/bugpattern/UnusedLabel "><code>UnusedLabel</code></a></li>
<li><a
href="https://errorprone.info/bugpattern/YodaCondition "><code>YodaCondition</code></a></li>
</ul>
<p>Fixes issues: <a
href="https://github-redirect.dependabot.com/google/error-prone/issues/1650 ">#1650</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/2706 ">#2706</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3404 ">#3404</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3493 ">#3493</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3504 ">#3504</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3519 ">#3519</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3579 ">#3579</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3610 ">#3610</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3632 ">#3632</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3638 ">#3638</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3645 ">#3645</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3646 ">#3646</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3652 ">#3652</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3690 ">#3690</a></p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google/error-prone/compare/v2.17.0...v2.18.0 ">https://github.com/google/error-prone/compare/v2.17.0...v2.18.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="34730decfeee1e7778d3bb9ede9f257f459e14cda57309b018181f9918bc360ed99da2c06c7b8b6e0f5753f67bf36a502b5fhttps://github.com/google/error-prone/compare/v2.17.0...v2.18.0 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `error_prone_test_helpers` from 2.17.0 to 2.18.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google/error-prone/releases ">error_prone_test_helpers's
releases</a>.</em></p>
<blockquote>
<h2>Error Prone 2.18.0</h2>
<p>New Checkers:</p>
<ul>
<li><a
href="https://errorprone.info/bugpattern/InjectOnBugCheckers "><code>InjectOnBugCheckers</code></a></li>
<li><a
href="https://errorprone.info/bugpattern/LabelledBreakTarget "><code>LabelledBreakTarget</code></a></li>
<li><a
href="https://errorprone.info/bugpattern/UnusedLabel "><code>UnusedLabel</code></a></li>
<li><a
href="https://errorprone.info/bugpattern/YodaCondition "><code>YodaCondition</code></a></li>
</ul>
<p>Fixes issues: <a
href="https://github-redirect.dependabot.com/google/error-prone/issues/1650 ">#1650</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/2706 ">#2706</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3404 ">#3404</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3493 ">#3493</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3504 ">#3504</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3519 ">#3519</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3579 ">#3579</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3610 ">#3610</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3632 ">#3632</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3638 ">#3638</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3645 ">#3645</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3646 ">#3646</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3652 ">#3652</a>,
<a
href="https://github-redirect.dependabot.com/google/error-prone/issues/3690 ">#3690</a></p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google/error-prone/compare/v2.17.0...v2.18.0 ">https://github.com/google/error-prone/compare/v2.17.0...v2.18.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="34730decfeee1e7778d3bb9ede9f257f459e14cda57309b018181f9918bc360ed99da2c06c7b8b6e0f5753f67bf36a502b5fhttps://github.com/google/error-prone/compare/v2.17.0...v2.18.0 ">compare
view</a></li>
</ul>
</details>
<br />
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Mateusz Rzeszutek <mrzeszutek@splunk.com>
2023-01-11 20:25:46 -08:00
13be0e2307
Shade `application.io.opentelemetry` in agent extension class loader ( #7519 )
...
Related issue #7518
Add shade rule `application.io.opentelemetry` in
`io.opentelemetry.javaagent.tooling.RemappingUrlConnection` class.
Closed #7518
Co-authored-by: Mateusz Rzeszutek <mrzeszutek@splunk.com>
2023-01-11 20:25:22 -08:00
Mateusz Rzeszutek
Lauri Tulmin
cleverchuk
Jonas Kunz
SylvainJuge
Trask Stalnaker
Jonas Kunz
OpenTelemetry Bot
dependabot[bot]
Ago Allikmaa
jason plumb
Steve Dodge
wallezhang