Skip to content

Commit f28115c

Browse files
yuanyuanzhao3yuanyuanzhao3
authored
Merge branch 'master' into yuanyuan.zhao/deterministic-sampler
2 parents 1794e21 + ea9e744 commit f28115c

894 files changed

Lines changed: 31187 additions & 6064 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

.circleci/config.continue.yml.j2

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -857,7 +857,13 @@ jobs:
857857
APPSEC_REQUEST_BLOCKING
858858
APPSEC_RASP
859859
APPSEC_RUNTIME_ACTIVATION
860+
APPSEC_API_SECURITY
861+
APPSEC_API_SECURITY_RC
862+
APPSEC_API_SECURITY_WITH_SAMPLING
860863
APPSEC_WAF_TELEMETRY
864+
APPSEC_STANDALONE_V2
865+
IAST_STANDALONE_V2
866+
SCA_STANDALONE_V2
861867
REMOTE_CONFIG_MOCKED_BACKEND_ASM_DD
862868
"
863869
fi

.github/CODEOWNERS

Lines changed: 11 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -57,9 +57,18 @@ dd-java-agent/instrumentation/spring-security-5/ @DataDog/asm-java
5757
**/Iast*.java @DataDog/asm-java
5858
**/Iast*.groovy @DataDog/asm-java
5959
**/rasp/ @Datadog/asm-java
60-
**/*Rasp*.java @DataDog/asm-java
61-
**/*Rasp*.groovy @DataDog/asm-java
60+
**/*Rasp*.java @DataDog/asm-java
61+
**/*Rasp*.groovy @DataDog/asm-java
62+
**/*Waf*.java @DataDog/asm-java
63+
**/*Waf*.groovy @DataDog/asm-java
6264

6365
# @DataDog/data-jobs-monitoring
6466
dd-java-agent/instrumentation/spark/ @DataDog/data-jobs-monitoring
6567
dd-java-agent/instrumentation/spark-executor/ @DataDog/data-jobs-monitoring
68+
69+
# @DataDog/data-streams-monitoring
70+
dd-java-agent/testing/src/main/groovy/datadog/trace/agent/test/datastreams @DataDog/data-streams-monitoring
71+
dd-trace-core/src/main/java/datadog/trace/core/datastreams @DataDog/data-streams-monitoring
72+
dd-trace-core/src/test/groovy/datadog/trace/core/datastreams @DataDog/data-streams-monitoring
73+
internal-api/src/main/java/datadog/trace/api/datastreams @DataDog/data-streams-monitoring
74+
internal-api/src/test/groovy/datadog/trace/api/datastreams @DataDog/data-streams-monitoring

.github/workflows/README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -87,7 +87,7 @@ _Recovery:_ Check at the milestone for the related issues and update them manual
8787

8888
### prune-github-container-registry [🔗](prune-github-container-registry.yaml)
8989

90-
_Trigger:_ Every week or manually.
90+
_Trigger:_ Every day or manually.
9191

9292
_Action:_ Clean up old lib-injection OCI images from GitHub Container Registry.
9393

.github/workflows/prune-github-container-registry.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -23,5 +23,5 @@ jobs:
2323
keep-tags: |
2424
latest_snapshot
2525
prune-tags-regexes: |
26-
^[a-z0-9]{40}$
26+
^[a-z0-9]{40}(-arm64|-amd64)?$
2727
prune-untagged: true

.gitlab-ci.yml

Lines changed: 111 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -23,15 +23,25 @@ variables:
2323
DEPENDENCY_CACHE_POLICY: pull
2424
BUILD_CACHE_POLICY: pull
2525
GRADLE_VERSION: "8.4" # must match gradle-wrapper.properties
26+
JAVA_BUILD_IMAGE_VERSION: "v25.01"
27+
REPO_NOTIFICATION_CHANNEL: "#apm-java-escalations"
2628

2729
default:
2830
tags: [ "arch:amd64" ]
2931

32+
.fan_in:
33+
stage: tests
34+
image: registry.ddbuild.io/images/base/gbi-ubuntu_2204-slim:release
35+
script:
36+
- echo "done"
37+
3038
.gradle_build: &gradle_build
31-
image: ghcr.io/datadog/dd-trace-java-docker-build:v25.01-base
39+
image: ghcr.io/datadog/dd-trace-java-docker-build:${JAVA_BUILD_IMAGE_VERSION}-base
40+
stage: build
3241
variables:
33-
GRADLE_OPTS: "-Dorg.gradle.jvmargs='-Xmx2560M -Xms2560M'"
34-
GRADLE_ARGS: " -PskipTests --build-cache --stacktrace --no-daemon --parallel --max-workers=2"
42+
GRADLE_OPTS: "-Dorg.gradle.jvmargs='-Xmx2560M -Xms2560M -XX:ErrorFile=/tmp/hs_err_pid%p.log -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/tmp'"
43+
MAVEN_OPTS: "-Xms64M -Xmx512M"
44+
GRADLE_WORKERS: 2
3545
KUBERNETES_CPU_REQUEST: 8
3646
KUBERNETES_MEMORY_REQUEST: 6Gi
3747
cache:
@@ -42,14 +52,15 @@ default:
4252
- .gradle/caches
4353
- .gradle/notifications
4454
policy: $DEPENDENCY_CACHE_POLICY
45-
- key: $CI_PIPELINE_ID # Incremental build cache. Shared by all jobs in the pipeline
55+
- key: $CI_PIPELINE_ID-$BUILD_CACHE_TYPE # Incremental build cache. Shared by all jobs in the pipeline of the same type
4656
paths:
4757
- .gradle/caches/$GRADLE_VERSION
4858
- .gradle/$GRADLE_VERSION/executionHistory
4959
- workspace
5060
policy: $BUILD_CACHE_POLICY
5161
before_script:
5262
- export GRADLE_USER_HOME=`pwd`/.gradle
63+
- export GRADLE_ARGS=" --build-cache --stacktrace --no-daemon --parallel --max-workers=$GRADLE_WORKERS"
5364
# for weird reasons, gradle will always "chmod 700" the .gradle folder
5465
# with Gitlab caching, .gradle is always owned by root and thus gradle's chmod invocation fails
5566
# This dance is a hack to have .gradle owned by the Gitlab runner user
@@ -61,21 +72,24 @@ default:
6172

6273
build:
6374
extends: .gradle_build
64-
stage: build
6575
variables:
6676
BUILD_CACHE_POLICY: push
77+
BUILD_CACHE_TYPE: lib
6778
DEPENDENCY_CACHE_POLICY: pull
6879
script:
69-
- ./gradlew clean :dd-java-agent:shadowJar :dd-trace-api:jar :dd-trace-ot:shadowJar $GRADLE_ARGS
80+
- if [ $CI_PIPELINE_SOURCE == "schedule" ] ; then ./gradlew resolveAndLockAll --write-locks; fi
81+
- ./gradlew clean :dd-java-agent:shadowJar :dd-trace-api:jar :dd-trace-ot:shadowJar -PskipTests $GRADLE_ARGS
7082
- echo UPSTREAM_TRACER_VERSION=$(java -jar workspace/dd-java-agent/build/libs/*.jar) >> upstream.env
7183
- echo "BUILD_JOB_NAME=$CI_JOB_NAME" >> build.env
7284
- echo "BUILD_JOB_ID=$CI_JOB_ID" >> build.env
7385
artifacts:
86+
when: always
7487
paths:
7588
- 'workspace/dd-java-agent/build/libs/*.jar'
7689
- 'workspace/dd-trace-api/build/libs/*.jar'
7790
- 'workspace/dd-trace-ot/build/libs/*.jar'
7891
- 'upstream.env'
92+
- '.gradle/daemon/*/*.out.log'
7993
reports:
8094
dotenv: build.env
8195

@@ -90,6 +104,94 @@ build_and_populate_dep_cache:
90104
- when: manual
91105
allow_failure: true
92106

107+
spotless:
108+
extends: .gradle_build
109+
stage: tests
110+
needs: []
111+
script:
112+
- export JAVA_HOME=$JAVA_11_HOME
113+
- ./gradlew spotlessCheck $GRADLE_ARGS
114+
115+
test_published_artifacts:
116+
extends: .gradle_build
117+
image: ghcr.io/datadog/dd-trace-java-docker-build:${JAVA_BUILD_IMAGE_VERSION}-7 # Needs Java7 for some tests
118+
stage: tests
119+
needs: [ build ]
120+
rules:
121+
- if: '$POPULATE_CACHE'
122+
when: never
123+
- when: on_success
124+
variables:
125+
BUILD_CACHE_TYPE: lib
126+
script:
127+
- mvn_local_repo=$(./mvnw help:evaluate -Dexpression=settings.localRepository -q -DforceStdout)
128+
- rm -rf "${mvn_local_repo}/com/datadoghq"
129+
- export GPG_PRIVATE_KEY=$(aws ssm get-parameter --region us-east-1 --name ci.dd-trace-java.signing.gpg_private_key --with-decryption --query "Parameter.Value" --out text)
130+
- export GPG_PASSWORD=$(aws ssm get-parameter --region us-east-1 --name ci.dd-trace-java.signing.gpg_passphrase --with-decryption --query "Parameter.Value" --out text)
131+
- export GRADLE_OPTS="-Dorg.gradle.jvmargs='-Xmx2G -Xms2G -XX:ErrorFile=/tmp/hs_err_pid%p.log -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/tmp'"
132+
- ./gradlew publishToMavenLocal $GRADLE_ARGS
133+
- cd test-published-dependencies
134+
- export GRADLE_OPTS="-Dorg.gradle.jvmargs='-Xmx512M -Xms512M -XX:ErrorFile=/tmp/hs_err_pid%p.log -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/tmp'"
135+
- ./gradlew check --info $GRADLE_ARGS
136+
after_script:
137+
- .circleci/collect_reports.sh
138+
artifacts:
139+
when: always
140+
paths:
141+
- ./check_reports
142+
143+
muzzle:
144+
extends: .gradle_build
145+
needs: [ build ]
146+
stage: tests
147+
parallel: 8
148+
rules:
149+
- if: '$POPULATE_CACHE'
150+
when: never
151+
- when: on_success
152+
variables:
153+
BUILD_CACHE_TYPE: test
154+
script:
155+
- export SKIP_BUILDSCAN="true"
156+
- echo CI_NODE_INDEX=$CI_NODE_INDEX
157+
- echo CI_NODE_TOTAL=CI_NODE_TOTAL
158+
- ./gradlew writeMuzzleTasksToFile $GRADLE_ARGS
159+
- sort workspace/build/muzzleTasks > sortedMuzzleTasks
160+
- split --number=l/$CI_NODE_TOTAL --suffix-length=1 --numeric-suffixes sortedMuzzleTasks muzzleSplit
161+
- export NODE_ZERO_INDEX=$((CI_NODE_INDEX - 1))
162+
- ./gradlew `cat muzzleSplit${NODE_ZERO_INDEX} | xargs` $GRADLE_ARGS
163+
after_script:
164+
- .circleci/collect_reports.sh
165+
artifacts:
166+
when: always
167+
paths:
168+
- ./reports
169+
- '.gradle/daemon/*/*.out.log'
170+
171+
muzzle-dep-report:
172+
extends: .gradle_build
173+
needs: [ build ]
174+
stage: tests
175+
variables:
176+
BUILD_CACHE_TYPE: test
177+
script:
178+
- export SKIP_BUILDSCAN="true"
179+
- ./gradlew generateMuzzleReport muzzleInstrumentationReport $GRADLE_ARGS
180+
after_script:
181+
- .circleci/collect_muzzle_deps.sh
182+
artifacts:
183+
when: always
184+
paths:
185+
- ./reports
186+
- '.gradle/daemon/*/*.out.log'
187+
188+
required:
189+
extends: .fan_in
190+
needs:
191+
- spotless
192+
- muzzle
193+
- test_published_artifacts
194+
93195
deploy_to_profiling_backend:
94196
stage: publish
95197
needs: [ build ]
@@ -165,6 +267,8 @@ deploy_to_sonatype:
165267
extends: .gradle_build
166268
stage: publish
167269
needs: [ build ]
270+
variables:
271+
BUILD_CACHE_TYPE: lib
168272
rules:
169273
- if: '$POPULATE_CACHE'
170274
when: never
@@ -180,7 +284,7 @@ deploy_to_sonatype:
180284
- export SONATYPE_PASSWORD=$(aws ssm get-parameter --region us-east-1 --name ci.dd-trace-java.sonatype_password --with-decryption --query "Parameter.Value" --out text)
181285
- export GPG_PRIVATE_KEY=$(aws ssm get-parameter --region us-east-1 --name ci.dd-trace-java.signing.gpg_private_key --with-decryption --query "Parameter.Value" --out text)
182286
- export GPG_PASSWORD=$(aws ssm get-parameter --region us-east-1 --name ci.dd-trace-java.signing.gpg_passphrase --with-decryption --query "Parameter.Value" --out text)
183-
- ./gradlew -PbuildInfo.build.number=$CI_JOB_ID publishToSonatype closeSonatypeStagingRepository $GRADLE_ARGS
287+
- ./gradlew -PbuildInfo.build.number=$CI_JOB_ID publishToSonatype closeSonatypeStagingRepository -PskipTests $GRADLE_ARGS
184288
artifacts:
185289
paths:
186290
- 'workspace/dd-java-agent/build/libs/*.jar'

benchmark/load/petclinic/benchmark.json

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,12 @@
4141
"VARIANT": "iast",
4242
"JAVA_OPTS": "-javaagent:${TRACER} -Ddd.iast.enabled=true"
4343
}
44+
},
45+
"code_origins": {
46+
"env": {
47+
"VARIANT": "code_origins",
48+
"JAVA_OPTS": "-javaagent:${TRACER} -Ddd.code.origin.for.spans.enabled=true"
49+
}
4450
}
4551
}
4652
}

communication/src/main/java/datadog/communication/ddagent/DDAgentFeaturesDiscovery.java

Lines changed: 12 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,8 @@
11
package datadog.communication.ddagent;
22

3+
import static datadog.communication.serialization.msgpack.MsgPackWriter.FIXARRAY;
4+
import static java.util.Collections.singletonList;
5+
36
import com.squareup.moshi.JsonAdapter;
47
import com.squareup.moshi.Moshi;
58
import com.squareup.moshi.Types;
@@ -11,7 +14,6 @@
1114
import datadog.trace.util.Strings;
1215
import java.nio.ByteBuffer;
1316
import java.security.NoSuchAlgorithmException;
14-
import java.util.Collections;
1517
import java.util.HashSet;
1618
import java.util.List;
1719
import java.util.Map;
@@ -32,6 +34,12 @@ public class DDAgentFeaturesDiscovery implements DroppingPolicy {
3234
.build()
3335
.adapter(Types.newParameterizedType(Map.class, String.class, Object.class));
3436

37+
// Currently all the endpoints that we probe expect a msgpack body of an array of arrays, v3/v4
38+
// arbitrary size and v5 two elements, so let's give them a two element array of empty arrays
39+
private static final byte[] PROBE_MESSAGE = {
40+
(byte) FIXARRAY | 2, (byte) FIXARRAY, (byte) FIXARRAY
41+
};
42+
3543
public static final String V3_ENDPOINT = "v0.3/traces";
3644
public static final String V4_ENDPOINT = "v0.4/traces";
3745
public static final String V5_ENDPOINT = "v0.5/traces";
@@ -191,7 +199,9 @@ private String probeTracesEndpoint(String[] endpoints) {
191199
client
192200
.newCall(
193201
new Request.Builder()
194-
.put(OkHttpUtils.msgpackRequestBodyOf(Collections.<ByteBuffer>emptyList()))
202+
.put(
203+
OkHttpUtils.msgpackRequestBodyOf(
204+
singletonList(ByteBuffer.wrap(PROBE_MESSAGE))))
195205
.url(agentBaseUrl.resolve(candidate))
196206
.build())
197207
.execute()) {

dd-java-agent/agent-bootstrap/gradle.lockfile

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -133,17 +133,17 @@ org.ow2.asm:asm-analysis:7.2=jacocoAnt
133133
org.ow2.asm:asm-analysis:9.2=jmhRuntimeClasspath,testRuntimeClasspath
134134
org.ow2.asm:asm-analysis:9.4=spotbugs
135135
org.ow2.asm:asm-commons:7.2=jacocoAnt
136-
org.ow2.asm:asm-commons:9.2=jmhRuntimeClasspath,testRuntimeClasspath
137136
org.ow2.asm:asm-commons:9.4=spotbugs
137+
org.ow2.asm:asm-commons:9.7.1=jmhRuntimeClasspath,testRuntimeClasspath
138138
org.ow2.asm:asm-tree:7.2=jacocoAnt
139-
org.ow2.asm:asm-tree:9.2=jmhRuntimeClasspath,testRuntimeClasspath
140139
org.ow2.asm:asm-tree:9.4=spotbugs
140+
org.ow2.asm:asm-tree:9.7.1=jmhRuntimeClasspath,testRuntimeClasspath
141141
org.ow2.asm:asm-util:9.2=jmhRuntimeClasspath,testRuntimeClasspath
142142
org.ow2.asm:asm-util:9.4=spotbugs
143143
org.ow2.asm:asm:7.2=jacocoAnt
144144
org.ow2.asm:asm:9.0=jmh,jmhCompileClasspath
145-
org.ow2.asm:asm:9.2=jmhRuntimeClasspath,testRuntimeClasspath
146145
org.ow2.asm:asm:9.4=spotbugs
146+
org.ow2.asm:asm:9.7.1=jmhRuntimeClasspath,testRuntimeClasspath
147147
org.pitest:pitest-command-line:1.9.11=pitest
148148
org.pitest:pitest-entry:1.9.11=pitest
149149
org.pitest:pitest:1.9.11=pitest

0 commit comments

Comments
 (0)