From 4c9e40e9d88a44cf1338f9b2531ff9ecb2c3cc12 Mon Sep 17 00:00:00 2001 From: Jens Schulze Date: Thu, 5 Sep 2024 15:43:01 +0200 Subject: [PATCH 1/9] PHP sdk set up for Datadog --- .gitignore | 1 + examples/symfony-app/{.env => .env.sample} | 0 examples/symfony-app/.gitignore | 1 - examples/symfony-app/README.md | 16 +- examples/symfony-app/docker-compose.yml | 62 +- examples/symfony-app/docker/nginx/Dockerfile | 9 +- examples/symfony-app/docker/php/Dockerfile | 39 - .../symfony-app/docker/php/Dockerfile.datadog | 23 + .../docker/php/Dockerfile.newrelic | 32 + .../symfony-app/docker/php/conf.d/datadog.ini | 7 + .../symfony-app/docker/php/datadog-setup.php | 2383 +++++++++++++++++ 11 files changed, 2506 insertions(+), 67 deletions(-) rename examples/symfony-app/{.env => .env.sample} (100%) delete mode 100644 examples/symfony-app/docker/php/Dockerfile create mode 100644 examples/symfony-app/docker/php/Dockerfile.datadog create mode 100644 examples/symfony-app/docker/php/Dockerfile.newrelic create mode 100644 examples/symfony-app/docker/php/conf.d/datadog.ini create mode 100644 examples/symfony-app/docker/php/datadog-setup.php diff --git a/.gitignore b/.gitignore index bbee80e37a4..70f858085da 100644 --- a/.gitignore +++ b/.gitignore @@ -8,3 +8,4 @@ logs /lambda/.serverless/ .idea/ docs/ +.env \ No newline at end of file diff --git a/examples/symfony-app/.env b/examples/symfony-app/.env.sample similarity index 100% rename from examples/symfony-app/.env rename to examples/symfony-app/.env.sample diff --git a/examples/symfony-app/.gitignore b/examples/symfony-app/.gitignore index 362ab4df122..a67f91e25c2 100644 --- a/examples/symfony-app/.gitignore +++ b/examples/symfony-app/.gitignore @@ -7,5 +7,4 @@ /public/bundles/ /var/ /vendor/ -/.env ###< symfony/framework-bundle ### diff --git a/examples/symfony-app/README.md b/examples/symfony-app/README.md index 1cb6ed26688..dedb571bf72 100644 --- a/examples/symfony-app/README.md +++ b/examples/symfony-app/README.md @@ -1,13 +1,15 @@ # Symfony demo app for New Relic -This Demo is to show how PHP SDK can be used in a Symfony application for a Docker environment with NewRelic monitoring enabled. +This Demo is to show how PHP SDK can be used in a Symfony application for a Docker environment with monitoring tools enabled. + +For now, we configured the docker environment for Datadog and New Relic. ## Requirements - PHP at least 8.1 - Symfony 6 - Docker -- Registration in New Relic +- Registration in New Relic/Datadog ## Installation @@ -19,11 +21,7 @@ APP_CTP_CLIENT_ID= your CTP_CLIENT_ID APP_CTP_CLIENT_SECRET= your CTP_CLIENT_SECRET APP_CTP_PROJECT_KEY= your CTP_PROJECT_KEY ``` -4. In the [docker-compose.yml](https://github.com/commercetools/commercetools-sdk-php-v2/blob/622c664ef69b93d96f11ac2ed26d24446d45dd0c/examples/symfony-app/docker-compose.yml) add the New Relic license key in the NEWRELIC_KEY: "" field -```yaml - args: - NEWRELIC_KEY: "replace this field with your New Relic license key" -``` +4. Complete the .env file with your new relic or datadog credentials. ## Using the Symfony Demo app in a Docker Environment @@ -44,6 +42,6 @@ APP_CTP_PROJECT_KEY= your CTP_PROJECT_KEY 1. Navigate to [http://localhost:8080/products](http://localhost:8080/products) or [http://localhost:8080/categories](http://localhost:8080/categories) 2. The result would be an array objects containing products or categories. 3. If it's not please make sure that in Merchant Center in the project key selected (see the environment variable for the client credentials in the point 3 of the Installation section), there would be some data for products and categories. -4. Go in the New Relic UI to see the monitoring of the API calls. - +4. Go in the New Relic/Datadog UI to see the monitoring of the API calls. +The docker configuration files will be found in the `docker/php` folder and the `docker-compose.yml` in the `symfony-app/` folder so they can be used in your application. diff --git a/examples/symfony-app/docker-compose.yml b/examples/symfony-app/docker-compose.yml index 1c43fb37206..de88c72e114 100644 --- a/examples/symfony-app/docker-compose.yml +++ b/examples/symfony-app/docker-compose.yml @@ -1,28 +1,58 @@ -version: "3.4" - +version: '3.8' services: - application: + php-datadog: build: - context: docker/php - dockerfile: Dockerfile - args: - NEWRELIC_KEY: "" - NEWRELIC_APP_NAME: "PHP_SDK" - tty: true - ports: - - 9000:9000 + context: ./docker/php + dockerfile: Dockerfile.datadog volumes: - .:/var/www/symfony - - ./var/logs/newrelic:/var/log/newrelic + expose: + - "9000" + environment: + - DD_SERVICE=symfony-app + - DD_AGENT_HOST=datadog-agent + - DD_TRACE_AGENT_PORT=8126 + - DD_API_KEY=${DD_API_KEY} + - DD_TRACE_DEBUG=true + - DD_LOGS_ENABLED=true + - DD_PROCESS_AGENT_ENABLED=true + +# php-newrelic: +# build: +# context: ./docker/php +# dockerfile: Dockerfile.newrelic +# args: +# NEWRELIC_KEY: ${NEWRELIC_KEY} +# NEWRELIC_APP_NAME: "PHP_SDK" +# volumes: +# - .:/var/www/symfony +# expose: +# - "9001" + nginx: build: - context: docker/nginx + context: ./docker/nginx dockerfile: Dockerfile ports: - - 8080:80 - links: - - application + - "8080:80" + depends_on: + - php-datadog +# - php-newrelic volumes: - ./var/logs/nginx:/var/log/nginx - .:/var/www/symfony + + datadog-agent: + image: datadog/agent:latest + environment: + - DD_API_KEY=${DD_API_KEY} + - DD_SITE=datadoghq.com + - DD_APM_ENABLED=true + ports: + - "8126:8126/tcp" + volumes: + - "/var/run/docker.sock:/var/run/docker.sock" + - "/proc/:/host/proc/:ro" + - "/sys/fs/cgroup/:/host/sys/fs/cgroup:ro" + diff --git a/examples/symfony-app/docker/nginx/Dockerfile b/examples/symfony-app/docker/nginx/Dockerfile index c6daeecb58c..36cc9922cb7 100644 --- a/examples/symfony-app/docker/nginx/Dockerfile +++ b/examples/symfony-app/docker/nginx/Dockerfile @@ -2,6 +2,11 @@ FROM nginx COPY symfony.conf /etc/nginx/conf.d/default.conf -RUN echo "upstream php-upstream { server application:9000; }" > /etc/nginx/conf.d/upstream.conf +# Update the upstream configuration to point to the correct PHP service +RUN echo "upstream php-upstream { server php-datadog:9000; \ +# server php-newrelic:9001; \ + }" > /etc/nginx/conf.d/upstream.conf -RUN usermod -u 1000 www-data + +HEALTHCHECK --interval=30s --timeout=5s \ + CMD curl -f http://localhost/ || exit 1 diff --git a/examples/symfony-app/docker/php/Dockerfile b/examples/symfony-app/docker/php/Dockerfile deleted file mode 100644 index b5523cf7d52..00000000000 --- a/examples/symfony-app/docker/php/Dockerfile +++ /dev/null @@ -1,39 +0,0 @@ -FROM php:8.2-fpm - -ARG NEWRELIC_KEY -ARG NEWRELIC_APP_NAME - -RUN apt-get update \ - && apt-get install -y apt-utils \ - && apt-get install -y wget git curl libicu-dev zlib1g-dev libonig-dev libzip-dev gnupg2 \ - && docker-php-ext-install intl \ - && docker-php-ext-install mbstring \ - && docker-php-ext-install zip \ - && apt-get clean - -RUN echo 'deb http://apt.newrelic.com/debian/ newrelic non-free' | tee /etc/apt/sources.list.d/newrelic.list -RUN wget -qO - https://download.newrelic.com/548C16BF.gpg | apt-key add - -RUN apt-get update \ - && whoami \ - && apt-get install -y newrelic-php5 net-tools inetutils-ping inetutils-telnet newrelic-daemon \ - && apt-get clean \ - - - -RUN usermod -u 1000 www-data - -ADD conf.d/newrelic.ini /usr/local/etc/php/conf.d/ -ADD conf.d/60-user.ini /usr/local/etc/php/conf.d/ - -RUN sed -i \ - -e 's/"REPLACE_WITH_REAL_KEY"/'"$NEWRELIC_KEY"'/' \ - -e 's/newrelic.appname = "PHP Application"/newrelic.appname = '"$NEWRELIC_APP_NAME"'/' \ - -e 's/;newrelic.daemon.app_connect_timeout =.*/newrelic.daemon.app_connect_timeout=20s/' \ - -e 's/;newrelic.daemon.start_timeout =.*/newrelic.daemon.start_timeout=20s/' \ - /usr/local/etc/php/conf.d/newrelic.ini - -WORKDIR /var/www/symfony/public - -EXPOSE 9000 - -CMD ["php-fpm", "-F"] diff --git a/examples/symfony-app/docker/php/Dockerfile.datadog b/examples/symfony-app/docker/php/Dockerfile.datadog new file mode 100644 index 00000000000..8873d66f091 --- /dev/null +++ b/examples/symfony-app/docker/php/Dockerfile.datadog @@ -0,0 +1,23 @@ +FROM php:8.2-fpm + +# Install necessary packages and PHP extensions +RUN apt-get update \ + && apt-get install -y apt-utils wget git curl libicu-dev zlib1g-dev libonig-dev libzip-dev gnupg2 \ + && docker-php-ext-install intl mbstring zip \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* + +# Copy Datadog configuration and setup script +COPY conf.d/datadog.ini /usr/local/etc/php/conf.d/ +COPY datadog-setup.php /usr/local/bin/datadog-setup.php + +# Run the setup script +RUN php /usr/local/bin/datadog-setup.php --php-bin=all --enable-appsec --enable-profiling + +HEALTHCHECK --interval=30s --timeout=5s CMD curl -f http://localhost/ || exit 1 + +WORKDIR /var/www/symfony/public + +EXPOSE 9000 + +CMD ["php-fpm", "-F"] diff --git a/examples/symfony-app/docker/php/Dockerfile.newrelic b/examples/symfony-app/docker/php/Dockerfile.newrelic new file mode 100644 index 00000000000..c59be7b8b39 --- /dev/null +++ b/examples/symfony-app/docker/php/Dockerfile.newrelic @@ -0,0 +1,32 @@ +# Dockerfile for New Relic +FROM php:8.2-fpm + +ARG NEWRELIC_KEY +ARG NEWRELIC_APP_NAME + +# Install necessary packages and New Relic +RUN apt-get update \ + && apt-get install -y apt-utils wget git curl libicu-dev zlib1g-dev libonig-dev libzip-dev gnupg2 \ + && docker-php-ext-install intl mbstring zip \ + && echo 'deb http://apt.newrelic.com/debian/ newrelic non-free' | tee /etc/apt/sources.list.d/newrelic.list \ + && wget -qO - https://download.newrelic.com/548C16BF.gpg | apt-key add - \ + && apt-get update \ + && apt-get install -y newrelic-php5 \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* + +# Copy New Relic configuration files +COPY conf.d/newrelic.ini /usr/local/etc/php/conf.d/ +COPY conf.d/60-user.ini /usr/local/etc/php/conf.d/ + +# Configure New Relic +RUN sed -i \ + -e 's/"REPLACE_WITH_REAL_KEY"/'"$NEWRELIC_KEY"'/' \ + -e 's/newrelic.appname = "PHP Application"/newrelic.appname = '"$NEWRELIC_APP_NAME"'/' \ + /usr/local/etc/php/conf.d/newrelic.ini + +WORKDIR /var/www/symfony/public + +EXPOSE 9000 + +CMD ["php-fpm", "-F"] diff --git a/examples/symfony-app/docker/php/conf.d/datadog.ini b/examples/symfony-app/docker/php/conf.d/datadog.ini new file mode 100644 index 00000000000..fbc77e65497 --- /dev/null +++ b/examples/symfony-app/docker/php/conf.d/datadog.ini @@ -0,0 +1,7 @@ +[datadog] +ddtrace.request_init_hook=/opt/datadog-php/ddtrace-sources/bridge/dd_wrap_autoloader.php +ddtrace.enabled=true +ddtrace.agent_host=${DD_AGENT_HOST} +ddtrace.agent_port=${DD_TRACE_AGENT_PORT} +ddtrace.service=symfony-app +ddtrace.env=${DD_ENV} diff --git a/examples/symfony-app/docker/php/datadog-setup.php b/examples/symfony-app/docker/php/datadog-setup.php new file mode 100644 index 00000000000..21871f073a0 --- /dev/null +++ b/examples/symfony-app/docker/php/datadog-setup.php @@ -0,0 +1,2383 @@ + Install the library to the specified binary or + all php binaries in standard search paths. The + option can be provided multiple times. + --install-dir Install to a specific directory. Default: '$installdir' + --uninstall Uninstall the library from the specified binaries. + --extension-dir Specify the extension directory. Default: PHP's extension directory. + --ini Specify the INI file to use. Default: /98-ddtrace.ini + --enable-appsec Enable the application security monitoring module. + --enable-profiling Enable the profiling module. + -d setting[=value] Used in conjunction with `config ` + command to specify the INI setting to get or set. + +Available commands: + config list List Datadog's INI setting for the specified binaries. + config get Get INI setting for the specified binaries. + config set Set INI setting for the specified binaries. + +EOD; +} + +// phpcs:disable PSR1.Classes.ClassDeclaration.MissingNamespace +class IniRecord +{ + /** @var string */ + public $setting; + /** @var string */ + public $currentValue; + /** @var string */ + public $defaultValue; + /** @var string */ + public $iniFile; + /** @var string */ + public $binary; + + public function println() + { + // phpcs:disable Generic.Files.LineLength.TooLong + echo "$this->setting = $this->currentValue; default: $this->defaultValue, binary: $this->binary, INI file: $this->iniFile\n"; + // phpcs:disable Generic.Files.LineLength.TooLong + } +} + +/** + * @param array $options + * @return array + */ +function config_list(array $options) +{ + $iniSettings = get_ini_settings('', '', ''); + + // The first 3 are 'extension' type of settings. + $iniSettings = array_slice($iniSettings, CMD_CONFIG_NUM_SHIFT); + + // Build an index by unique names for filtering. + $indexByName = array_column($iniSettings, null, 'name'); + + $return = []; + + foreach (require_binaries_or_exit($options) as $command => $fullPath) { + $binaryForLog = ($command === $fullPath) ? $fullPath : "$command ($fullPath)"; + $iniFilePaths = find_all_ini_files(ini_values($fullPath)); + + foreach ($iniFilePaths as $iniFilePath) { + $iniFileSettings = parse_ini_file($iniFilePath, false, INI_SCANNER_RAW); + $settings = array_intersect_key($iniFileSettings, $indexByName); + + foreach ($settings as $iniFileSetting => $currentValue) { + $iniSetting = $indexByName[$iniFileSetting]; + $record = new IniRecord(); + $record->setting = $iniFileSetting; + $record->currentValue = $currentValue; + $record->defaultValue = $iniSetting['default']; + $record->iniFile = $iniFilePath; + $record->binary = $binaryForLog; + $return[$record->setting] = $record; + } + } + } + + return $return; +} + +/** + * This function will print out all Datadog specific PHP INI settings. The list + * of Datadog specific settings is retrieved by calling `get_ini_settings()`. It + * will also show the default and INI file this setting was found. + * The output will be grouped by PHP binary, example: + * + * $ php datadog-setup.php config list --php-bin all + * Searching for available php binaries, this operation might take a while. + * datadog.profiling.enabled = On; default: 1, binary: /opt/php/8.2/bin/php, INI file: /opt/php/etc/conf.d/98-ddtrace.ini + * datadog.profiling.experimental_allocation_enabled = On; default: 1, binary: /opt/php/8.2/bin/php, INI file: /opt/php/etc/conf.d/98-ddtrace.ini + * + * @see get_ini_settings + * @return void + */ +function cmd_config_list(array $options) +{ + foreach (config_list($options) as $record) { + $record->println(); + } +} + +/** + * This function will print the specified PHP INI settings. It only prints + * information for Datadog's own settings; it can't be used to parse opcache, + * xdebug, etc. + * The output will be grouped by PHP binary, example: + * + * $ php datadog-setup.php config get --php-bin all \ + * -ddatadog.profiling.experimental_allocation_enabled \ + * -ddatadog.profiling.experimental_cpu_time_enabled \ + * -dnonexisting \ + * -dopcache.preload + * datadog.profiling.experimental_allocation_enabled = On; binary: /opt/php/8.2/bin/php, INI file: /opt/php/etc/conf.d/98-ddtrace.ini + * datadog.profiling.experimental_cpu_time_enabled = On; binary: /opt/php/8.2/bin/php, INI file: /opt/php/etc/conf.d/98-ddtrace.ini + * nonexisting = undefined; is missing in INI files + * opcache.preload = undefined; is missing in INI files + * @return void + */ +function cmd_config_get(array $options) +{ + if (!isset($options['d'])) { + print_help(); + return; + } + /* A value could be set in multiple places: + * - /opt/php/8.1/etc/conf.d/98-ddtrace.ini + * - /opt/php/8.1/etc/conf.d/90-ddtrace-custom.ini + * So, a given setting like 'datadog.trace.enabled' is not necessarily + * unique in the iterator's keys. + */ + $records = []; + foreach (config_list($options) as $setting => $record) { + $records[$setting][] = $record; + } + + foreach ($options['d'] as $iniSetting) { + if (!isset($records[$iniSetting])) { + echo '; ', $iniSetting, ' = undefined; is missing in INI files', PHP_EOL; + } else { + foreach ($records[$iniSetting] as $record) { + $record->println(); + } + } + } +} + +/** + * This function will set the given INI settings for any given PHP binary + * + * 1. Scan all INI files for for this INI setting and update if found (updates + * in all INI files in case it finds in multiple places and warns about the + * mess it found). + * 2. In case it could not find, it searches for commented out versions of this + * INI setting, uncomments it and updates the value. It first checks this in + * the "default" INI file (the one that holds the `extension = ddtrace` line, + * then others and only promotes the first commented version found. + * 3. In case this INI setting is not there yet it creates a new entry in the + * "default" INI file (see above). + * + * $ php datadog-setup.php config set --php-bin all \ + * -ddatadog.profiling.experimental_allocation_enabled=On \ + * -ddatadog.profiling.experimental_cpu_time_enabled=On \ + * Setting configuration for binary: php (/opt/php/8.2/bin/php) + * Set 'datadog.profiling.experimental_allocation_enabled' to 'On' in INI file: /opt/php/etc/conf.d/98-ddtrace.ini + * Set 'datadog.profiling.experimental_cpu_time_enabled' to 'On' in INI file: /opt/php/etc/conf.d/98-ddtrace.ini + */ +function cmd_config_set(array $options) +{ + if (!isset($options['d'])) { + print_help(); + return; + } + $selectedBinaries = require_binaries_or_exit($options); + foreach ($selectedBinaries as $command => $fullPath) { + $binaryForLog = ($command === $fullPath) ? $fullPath : "$command ($fullPath)"; + echo "Setting configuration for binary: $binaryForLog", PHP_EOL; + + $phpProps = ini_values($fullPath); + + foreach ($options['d'] as $cliIniSetting) { + if (($setting = parse_ini_setting($cliIniSetting)) === false) { + echo "The given INI setting '", $cliIniSetting, + "' can't be converted to a valid INI setting, skipping.", PHP_EOL; + continue; + } + + $allIniFilePaths = find_all_ini_files($phpProps); + + $matchCount = 0; + // look for INI setting in INI files + foreach ($allIniFilePaths as $iniFile) { + $count = update_ini_setting($setting, $iniFile, false); + if ($count === 0) { + continue; + } + if ($count === false) { + echo "Could not set '", $setting[0], "' to '", $setting[1], + "' in INI file: ", $iniFile , PHP_EOL; + continue; + } + echo "Set '", $setting[0], "' to '", $setting[1], "' in INI file: ", $iniFile, PHP_EOL; + $matchCount += $count; + } + + if ($matchCount >= 1) { + // found and updated + if ($matchCount >= 2) { + echo "Warning: '$setting[0]' was found in multiple places, ", + "you might want to remove duplicates.", PHP_EOL; + } + continue; + } + + // If we are here, we could not find the INI setting in any files, so + // we try and look for commented versions + + $matchCount = 0; + // look for INI setting in INI files + foreach ($allIniFilePaths as $iniFile) { + $count = update_ini_setting($setting, $iniFile, true); + if ($count === 0) { + continue; + } + if ($count === false) { + echo "Could not set '", $setting[0], "' to '", $setting[1], + "' in INI file: ", $iniFile , PHP_EOL; + continue; + } + echo "Set '", $setting[0], "' to '", $setting[1], "' in INI file: ", $iniFile, PHP_EOL; + $matchCount += $count; + break; + } + + if ($matchCount >= 1) { + // found, promoted from comment and updated + continue; + } + + // Now we are here, meaning we could not find it, not in active nor in + // commented version, so we just add it to the default INI file(s) + + $mainIniFilePaths = find_main_ini_files($phpProps); + + $set = false; + foreach ($mainIniFilePaths as $iniFile) { + if (!file_exists($iniFile)) { + echo "File '$iniFile' does not exist. Trying to create it... "; + if (file_put_contents($iniFile, '') === false) { + echo "Could not set '{$setting[0]}' to '{$setting[1]}' in INI file: {$iniFile}.\n"; + $directory = dirname($iniFile); + if (!is_dir($directory)) { + echo "Directory '$directory' doesn't exist. Create it and try again if you want to use '$iniFile'.\n"; + } + continue; + } else { + echo "Success.\n"; + } + } + + $iniFileContent = file_get_contents($iniFile); + // check for "End of Line" symbol at the end of the file and + // add in case it is missing + if (strlen($iniFileContent) > 0 && substr($iniFileContent, -1, 1) !== PHP_EOL) { + $iniFileContent .= PHP_EOL; + } + $iniFileContent .= datadog - setup . phpimplode(' = ', $setting) . PHP_EOL; + if (file_put_contents($iniFile, $iniFileContent) === false) { + echo "Could not set '{$setting[0]}' to '{$setting[1]}' in INI file: {$iniFile}.\n"; + continue; + } + echo "Set '{$setting[0]}' to '{$setting[1]}' in INI file: $iniFile.\n"; + $set = true; + } + + if (!$set) { + echo "Unable to set '{$setting[0]}' to '{$setting[1]}' in any INI file for $binaryForLog.\n"; + exit(1); + } + } + } +} + +/** + * Parse a given INI setting (from CLI) into an array and return it. It also tries + * to parse the new setting with `parse_ini_string()` to validate it is actually + * working + * + * @param string $setting + * @return false|array{0:string, 1:string} + */ +function parse_ini_setting($setting) +{ + // `trim()` should not be needed, but better safe than sorry + $setting = array_map( + 'trim', + explode( + '=', + $setting, + 2 + ) + ); + if (count($setting) !== 2) { + return false; + } + // safety: try out if parsing the generated ini setting is actually possible + if (parse_ini_string($setting[0] . '=' . $setting[1], false, INI_SCANNER_RAW) === false) { + return false; + } + return $setting; +} + + +/** + * This function will try and update a given `$setting` in the INI file given in + * `$iniFile`. First it tries to find an uncommented version of the setting in + * the file and replace this with the new value. In case no uncommented version + * was found it tries to find commented versions of this INI setting. + * + * In case `$promoteComment` is set to `true`, this function will replace and + * therefore promote only the first occurrence it finds from a comment to an INI + * setting in the given `$iniFile`. + * + * @param array{0: string, 1: string} $setting + * @param string $iniFile + * @param bool $promoteComment + * @return false|int + */ +function update_ini_setting($setting, $iniFile, $promoteComment) +{ + $iniFileContent = file_get_contents($iniFile); + if ($promoteComment) { + $regex = '/^[\h;]*' . preg_quote($setting[0]) . '\h*=\h*?[^;\n\r]*/mi'; + } else { + $regex = '/^\h*' . preg_quote($setting[0]) . '\h*=\h*?[^;\n\r]*/mi'; + } + $count = 0; + $iniFileContent = preg_replace($regex, implode(' = ', $setting), $iniFileContent, $promoteComment ? 1 : -1, $count); + if ($iniFileContent === null) { + // something wrong with the regex, the user should see a warning + // in the form of "Warning: preg_replace(): Compilation failed ..." + return false; + } + if ($count > 0) { + if (file_put_contents($iniFile, $iniFileContent) === false) { + return false; + } + } + return $count; +} + +function install($options) +{ + $architecture = get_architecture(); + $platform = "$architecture-" . (IS_WINDOWS ? "windows" : "linux-" . (is_alpine() ? 'musl' : 'gnu')); + + // Checking required libraries + check_library_prerequisite_or_exit('libcurl'); + check_library_prerequisite_or_exit('libgcc_s'); + if (!is_alpine()) { + if (is_truthy($options[OPT_ENABLE_PROFILING])) { + check_library_prerequisite_or_exit('libdl.so'); + check_library_prerequisite_or_exit('libpthread'); + check_library_prerequisite_or_exit('librt'); + } + } + + // Picking the right binaries to install the library + $selectedBinaries = require_binaries_or_exit($options); + $interactive = empty($options[OPT_PHP_BIN]); + + // Preparing clean tmp folder to extract files + $tmpDir = sys_get_temp_dir() . '/dd-install'; + $tmpDirTarGz = $tmpDir . "/dd-library-php-{$platform}.tar.gz"; + $tmpArchiveRoot = $tmpDir . '/dd-library-php'; + $tmpArchiveTraceRoot = $tmpDir . '/dd-library-php/trace'; + $tmpArchiveAppsecRoot = $tmpDir . '/dd-library-php/appsec'; + $tmpArchiveAppsecBin = "{$tmpArchiveAppsecRoot}/bin"; + $tmpArchiveAppsecEtc = "{$tmpArchiveAppsecRoot}/etc"; + $tmpArchiveProfilingRoot = $tmpDir . '/dd-library-php/profiling'; + $tmpSrcDir = $tmpArchiveTraceRoot . '/src'; + if (!file_exists($tmpDir)) { + execute_or_exit("Cannot create directory '$tmpDir'", "mkdir " . (IS_WINDOWS ? "" : "-p ") . escapeshellarg($tmpDir)); + } + register_shutdown_function(function () use ($tmpDir) { + execute_or_exit("Cannot remove temporary directory '$tmpDir'", (IS_WINDOWS ? "rd /s /q " : "rm -rf ") . escapeshellarg($tmpDir)); + }); + if (!IS_WINDOWS) { + execute_or_exit( + "Cannot clean '$tmpDir'", + "rm -rf " . escapeshellarg($tmpDir) . "/* " + ); + } + + // Retrieve and extract the archive to a tmp location + if (isset($options[OPT_FILE])) { + print_warning('--' . OPT_FILE . ' option is intended for internal usage and can be removed without notice'); + $tmpDirTarGz = $options[OPT_FILE]; + } else { + $url = RELEASE_URL_PREFIX . "dd-library-php-" . RELEASE_VERSION . "-{$platform}.tar.gz"; + download($url, $tmpDirTarGz); + } + if (!IS_WINDOWS || `where tar 2> nul` !== null) { + execute_or_exit( + "Cannot extract the archive", + "tar -xf " . escapeshellarg($tmpDirTarGz) . " -C " . escapeshellarg($tmpDir) + ); + } elseif (($defaultPath = `where 7z 2> nul`) !== null || @is_dir($installDir7z = getenv("PROGRAMFILES") . "\\7-Zip")) { + if ($defaultPath === null) { + putenv("PATH=" . getenv("PATH") . ";$installDir7z"); + } + execute_or_exit( + "Cannot extract the archive", + "7z x " . escapeshellarg($tmpDirTarGz) . " -so | 7z x -aoa -si -ttar -o" . escapeshellarg($tmpDir) + ); + } else { + die("ERROR: neither tar nor 7z are installed and available in %PATH%. Please install either to continue the installation.\n"); + } + + $releaseVersion = trim(file_get_contents("$tmpArchiveRoot/VERSION")); + + $installDir = $options[OPT_INSTALL_DIR] . '/' . $releaseVersion; + + // Tracer sources + $installDirSourcesDir = $installDir . '/dd-trace-sources'; + $installDirSrcDir = $installDirSourcesDir . '/src'; + // copying sources to the final destination + if (!file_exists($installDirSourcesDir)) { + execute_or_exit( + "Cannot create directory '$installDirSourcesDir'", + "mkdir " . (IS_WINDOWS ? "" : "-p ") . escapeshellarg($installDirSourcesDir) + ); + } + execute_or_exit( + "Cannot copy files from '$tmpSrcDir' to '$installDirSourcesDir'", + (IS_WINDOWS ? "echo d | xcopy /s /e /y /g /b /o /h " : "cp -r ") . escapeshellarg("$tmpSrcDir") . ' ' . escapeshellarg($installDirSrcDir) + ); + echo "Installed required source files to '$installDir'\n"; + + // Appsec helper and rules + if (file_exists($tmpArchiveAppsecRoot)) { + execute_or_exit( + "Cannot copy files from '$tmpArchiveAppsecBin' to '$installDir'", + (IS_WINDOWS ? "xcopy /s /e /y /g /b /o /h " : "cp -rf ") . escapeshellarg("$tmpArchiveAppsecBin") . ' ' . escapeshellarg($installDir) + ); + execute_or_exit( + "Cannot copy files from '$tmpArchiveAppsecEtc' to '$installDir'", + (IS_WINDOWS ? "xcopy /s /e /y /g /b /o /h " : "cp -r ") . escapeshellarg("$tmpArchiveAppsecEtc") . ' ' . escapeshellarg($installDir) + ); + } + $appSecRulesPath = $installDir . '/etc/recommended.json'; + + // Actual installation + foreach ($selectedBinaries as $command => $fullPath) { + $binaryForLog = ($command === $fullPath) ? $fullPath : "$command ($fullPath)"; + echo "Installing to binary: $binaryForLog\n"; + + check_php_ext_prerequisite_or_exit($fullPath, 'json'); + + $phpProperties = ini_values($fullPath); + if (!isset($phpProperties[INI_SCANDIR])) { + if (!isset($phpProperties[INI_MAIN])) { + if (IS_WINDOWS) { + $phpProperties[INI_MAIN] = dirname($fullPath) . "/php.ini"; + } else { + print_error_and_exit( + "It is not possible to perform installation on this " + . "system because there is no scan directory and no " + . "configuration file loaded." + ); + } + } + + print_warning( + "Performing an installation without a scan directory may " + . "result in fragile installations that are broken by normal " + . "system upgrades. It is advisable to use the configure " + . "switch --with-config-file-scan-dir when building PHP." + ); + } + + // Copying the extension + $extensionVersion = $phpProperties[PHP_API]; + + // Suffix (zts/debug/alpine) + $extensionSuffix = ''; + if (is_truthy($phpProperties[IS_DEBUG])) { + $extensionSuffix .= '-debug'; + } + if (is_truthy($phpProperties[THREAD_SAFETY])) { + $extensionSuffix .= '-zts'; + } + + $extDir = isset($options[OPT_EXTENSION_DIR]) ? $options[OPT_EXTENSION_DIR] : $phpProperties[EXTENSION_DIR]; + echo "Installing extension to $extDir\n"; + + // Trace + $extensionRealPath = "$tmpArchiveTraceRoot/ext/$extensionVersion/" + . EXTENSION_PREFIX . "ddtrace$extensionSuffix." . EXTENSION_SUFFIX; + if (!file_exists($extensionRealPath)) { + print_error_and_exit(substr($extensionSuffix ?: '-nts', 1) + . ' builds of PHP ' . $phpProperties[PHP_VER] . ' are currently not supported'); + } + + $extensionDestination = $extDir . '/' . EXTENSION_PREFIX . 'ddtrace.' . EXTENSION_SUFFIX; + safe_copy_extension($extensionRealPath, $extensionDestination); + + // Profiling + $profilingExtensionRealPath = "$tmpArchiveProfilingRoot/ext/$extensionVersion/" + . EXTENSION_PREFIX . "datadog-profiling$extensionSuffix." . EXTENSION_SUFFIX; + $shouldInstallProfiling = file_exists($profilingExtensionRealPath); + + if ($shouldInstallProfiling) { + $profilingExtensionDestination = $extDir . '/' . EXTENSION_PREFIX . 'datadog-profiling.' . EXTENSION_SUFFIX; + safe_copy_extension($profilingExtensionRealPath, $profilingExtensionDestination); + } + + // Appsec + $appsecExtensionRealPath = "{$tmpArchiveAppsecRoot}/ext/{$extensionVersion}/" + . EXTENSION_PREFIX . "ddappsec{$extensionSuffix}." . EXTENSION_SUFFIX; + $shouldInstallAppsec = file_exists($appsecExtensionRealPath); + + if ($shouldInstallAppsec) { + $appsecExtensionDestination = $extDir . '/' . EXTENSION_PREFIX . 'ddappsec.' . EXTENSION_SUFFIX; + safe_copy_extension($appsecExtensionRealPath, $appsecExtensionDestination); + } + $appSecHelperPath = $installDir . '/bin/ddappsec-helper'; + + if (isset($options[OPT_PHP_INI])) { + $iniFilePaths = $options[OPT_PHP_INI]; + } else { + $iniFilePaths = find_main_ini_files($phpProperties); + } + + foreach ($iniFilePaths as $iniFilePath) { + $replacements = []; + + if (!file_exists($iniFilePath)) { + $iniDir = dirname($iniFilePath); + if (!file_exists($iniDir)) { + execute_or_exit( + "Cannot create directory '$iniDir'", + "mkdir " . (IS_WINDOWS ? "" : "-p ") . escapeshellarg($iniDir) + ); + } + + if (false === file_put_contents($iniFilePath, '')) { + print_error_and_exit("Cannot create INI file $iniFilePath"); + } + echo "Created INI file '$iniFilePath'\n"; + } else { + echo "Updating existing INI file '$iniFilePath'"; + if (is_link($iniFilePath)) { + $iniFilePath = readlink($iniFilePath); + echo " which is a symlink to '$iniFilePath'"; + } + echo "\n"; + + $replacements += [ + // Old name is deprecated + '(ddtrace\.request_init_hook)' => 'datadog.trace.sources_path', + '(datadog\.trace\.request_init_hook)' => 'datadog.trace.sources_path', + '((datadog\.trace\.sources_path)\s*=\s*.*)' => "$1 = $installDirSrcDir", + ]; + } + + if (isset($options[OPT_EXTENSION_DIR])) { + $replacements += [ + '(^\s*;?\s*extension\s*=\s*.*ddtrace.*)m' => "extension = $extensionDestination", + ]; + } else { + $replacements += [ + /* In order to support upgrading from legacy installation method to new installation method, we + * replace "extension = /opt/datadog-php/xyz.so" with "extension = ddtrace.so" honoring trailing + * `;`, hence not automatically re-activating the extension if the user had commented it out. + */ + '(^\s*;?\s*extension\s*=\s*.*ddtrace.*)m' => "extension = ddtrace" . (IS_WINDOWS ? "" : "." . EXTENSION_SUFFIX), + // Support upgrading from the C based zend_extension. + '(zend_extension\s*=\s*.*datadog-profiling.*)' => "extension = datadog-profiling" . (IS_WINDOWS ? "" : "." . EXTENSION_SUFFIX), + ]; + } + + // Enabling profiling + if (is_truthy($options[OPT_ENABLE_PROFILING])) { + // phpcs:disable Generic.Files.LineLength.TooLong + if ($shouldInstallProfiling) { + if (isset($options[OPT_EXTENSION_DIR])) { + $replacements['(zend_extension\s*=\s*.*datadog-profiling.*)'] = "extension = $profilingExtensionDestination"; + $replacements['(^\s*;?\s*extension\s*=\s*.*datadog-profiling.*)m'] = "extension = $profilingExtensionDestination"; + } else { + $replacements['(^\s*;?\s*extension\s*=\s*.*datadog-profiling.*)m'] = "extension = datadog-profiling" . (IS_WINDOWS ? "" : "." . EXTENSION_SUFFIX); + } + } else { + $enableProfiling = OPT_ENABLE_PROFILING; + print_error_and_exit( + "Option --{$enableProfiling} was provided, but it is not supported on this PHP build or version.\n" + ); + } + // phpcs:enable Generic.Files.LineLength.TooLong + } + + // Load AppSec and enable/disable as required + + // phpcs:disable Generic.Files.LineLength.TooLong + if ($shouldInstallAppsec) { + $rulesPathRegex = preg_quote($options[OPT_INSTALL_DIR]) . "/[0-9\.]*/etc/recommended.json"; + $iniAppsecExtension = isset($options[OPT_EXTENSION_DIR]) + ? $appsecExtensionDestination + : ("ddappsec" . (IS_WINDOWS ? "" : "." . EXTENSION_SUFFIX)); + $replacements += [ + '(^\s*;?\s*extension\s*=\s*.*ddappsec.*)m' => "extension = $iniAppsecExtension", + // Update helper path + '(datadog.appsec.helper_path\s*=.*)' => "datadog.appsec.helper_path = $appSecHelperPath", + // Update and comment rules path + '(^[\s;]*datadog.appsec.rules\s*=\s*' . $rulesPathRegex . ')m' => "; datadog.appsec.rules = " . $appSecRulesPath, + ]; + if (is_truthy($options[OPT_ENABLE_APPSEC])) { + $replacements += ['(^[\s;]*datadog.appsec.enabled\s*=.*)m' => 'datadog.appsec.enabled = On']; + } + } else { + // Ensure AppSec isn't loaded if not compatible + $replacements['(^[\s;]*extension\s*=\s*.*ddappsec.*)m'] = "; extension = ddappsec" . (IS_WINDOWS ? "" : "." . EXTENSION_SUFFIX); + + if (is_truthy($options[OPT_ENABLE_APPSEC])) { + $enableAppsec = OPT_ENABLE_APPSEC; + print_error_and_exit( + "Option --{$enableAppsec} was provided, but it is not supported on this PHP build or version.\n" + ); + } + } + + add_missing_ini_settings( + $iniFilePath, + get_ini_settings($installDirSrcDir, $appSecHelperPath, $appSecRulesPath), + $replacements + ); + + // phpcs:enable Generic.Files.LineLength.TooLong + + echo "Installation to '$binaryForLog' was successful\n"; + } + } + + echo "--------------------------------------------------\n"; + echo "SUCCESS\n\n"; + if ($interactive) { + echo "To run this script in a non interactive mode, use the following options:\n"; + $args = array_merge( + $_SERVER["argv"], + array_map( + function ($el) { + return '--php-bin=' . $el; + }, + array_keys($selectedBinaries) + ) + ); + echo " php " . implode(" ", array_map("escapeshellarg", $args)) . "\n"; + } +} + +/** + * Returns a list of all INI files found for the `$phpProperties` given. + * + * Does so by scanning the INI scan directory for `.ini` files. Additionally we + * check if we are running on a Debian based distribution so we assume the INI + * files are split by SAPI, so we try and add the Apache SAPI INI files as + * well. In case it exists, we also add the default `php.ini` file to the list. + * + * The returned array is somewhat sorted to have the "default" INI file for + * Datadog (`98-ddtrace.ini`) in the beginning of the array. + * + * @see ini_values + * @return string[] + */ +function find_all_ini_files(array $phpProperties) +{ + $iniFilePaths = []; + + $addIniFiles = function ($path) use (&$iniFilePaths) { + if (!is_dir($path)) { + return; + } + foreach (scandir($path) as $ini) { + if (!is_file($path . '/' . $ini) || substr($ini, -4) !== '.ini') { + continue; + } + $iniFile = $path . '/' . $ini; + if (strpos($ini, '98-ddtrace.ini') !== false) { + array_unshift($iniFilePaths, $iniFile); + } else { + $iniFilePaths[] = $iniFile; + } + } + }; + + if ($phpProperties[INI_SCANDIR]) { + $addIniFiles($phpProperties[INI_SCANDIR]); + + if (strpos($phpProperties[INI_SCANDIR], '/cli/conf.d') !== false) { + /* debian based distros have INI folders split by SAPI, in a predefined way: + * - <...>/cli/conf.d <-- we know this from php -i + * - <...>/apache2/conf.d <-- we derive this from relative path + * - <...>/fpm/conf.d <-- we derive this from relative path + */ + $apacheConfd = str_replace('/cli/conf.d', '/apache2/conf.d', $phpProperties[INI_SCANDIR]); + $addIniFiles($apacheConfd); + } + } + + if (isset($phpProperties[INI_MAIN]) && is_file($phpProperties[INI_MAIN])) { + $iniFilePaths = [$phpProperties[INI_MAIN]]; + } + + return $iniFilePaths; +} + +/** + * This function will find the main INI file(s) for the given `$phpProperties`. + * + * The "main" or "default" INI file is either a `98-ddtrace.ini` file or + * another INI file that loads the extension (or rephrasing this as: the file + * the has the `extension = ddtrace` line in it). + * + * In most cases this function will return an array with exactly one element, + * only in case we detect a Debian based distribution, it might contain two + * elements, as debian based distributions split the INI folders based on SAPI + * and we include those as well. + * + * The `$phpProperties` can be retrieved by calling `ini_values($pathToPHPBinary)`. + * + * @see ini_values + * @return string[] + */ +function find_main_ini_files(array $phpProperties) +{ + if (isset($phpProperties[INI_SCANDIR])) { + $iniFileName = '98-ddtrace.ini'; + // Search for pre-existing files with extension = ddtrace.so to avoid conflicts + // See issue https://github.com/DataDog/dd-trace-php/issues/1833 + if (is_dir($phpProperties[INI_SCANDIR])) { + foreach (scandir($phpProperties[INI_SCANDIR]) as $ini) { + $path = "{$phpProperties[INI_SCANDIR]}/$ini"; + if (is_file($path)) { + // match /path/to/ddtrace.so, plain extension = ddtrace or future extensions like ddtrace.dll + if (preg_match("(^\s*extension\s*=\s*(\S*ddtrace)\b)m", file_get_contents($path), $res)) { + if (basename($res[1]) == "ddtrace") { + $iniFileName = $ini; + } + } + } + } + } + + $iniFilePaths = [$phpProperties[INI_SCANDIR] . '/' . $iniFileName]; + + if (strpos($phpProperties[INI_SCANDIR], '/cli/conf.d') !== false) { + /* debian based distros have INI folders split by SAPI, in a predefined way: + * - <...>/cli/conf.d <-- we know this from php -i + * - <...>/apache2/conf.d <-- we derive this from relative path + * - <...>/fpm/conf.d <-- we derive this from relative path + */ + $apacheConfd = str_replace('/cli/conf.d', '/apache2/conf.d', $phpProperties[INI_SCANDIR]); + if (is_dir($apacheConfd)) { + $iniFilePaths[] = "$apacheConfd/$iniFileName"; + } + } + } else { + $iniFileName = $phpProperties[INI_MAIN]; + $iniFilePaths = [$iniFileName]; + } + return $iniFilePaths; +} + +/** + * Copies an extension's file to a destination using copy+rename to avoid segfault if the file is loaded by php. + * + * @param string $source + * @param string $destination + * @return void + */ +function safe_copy_extension($source, $destination) +{ + /* Move - rename() - instead of copy() since copying does a fopen() and copies to the stream itself, causing a + * segfault in the PHP process that is running and had loaded the old shared object file. + */ + if (IS_WINDOWS && file_exists($destination)) { + // We have to blackhole it in tempdir because it is likely currently loaded and may not be replaced in place. + rename($destination, getenv("TEMP") . "\\" . time() . "-" . basename($destination)); + } + + $destinationDir = dirname($destination); + if (!file_exists($destinationDir)) { + execute_or_exit( + "Cannot create directory '$destinationDir'", + "mkdir " . (IS_WINDOWS ? "" : "-p ") . escapeshellarg($destinationDir) + ); + } + + $tmpName = $destination . '.tmp'; + copy($source, $tmpName); + rename($tmpName, $destination); + echo "Copied '$source' to '$destination'\n"; +} + +function uninstall($options) +{ + $selectedBinaries = require_binaries_or_exit($options); + + foreach ($selectedBinaries as $command => $fullPath) { + $binaryForLog = ($command === $fullPath) ? $fullPath : "$command ($fullPath)"; + echo "Uninstalling from binary: $binaryForLog\n"; + + $phpProperties = ini_values($fullPath); + $extensionDir = isset($options[OPT_EXTENSION_DIR]) ? $options[OPT_EXTENSION_DIR] : $phpProperties[EXTENSION_DIR]; + + $extensionDestinations = [ + $extensionDir . '/' . EXTENSION_PREFIX . 'ddtrace.' . EXTENSION_SUFFIX, + $extensionDir . '/' . EXTENSION_PREFIX . 'datadog-profiling.' . EXTENSION_SUFFIX, + $extensionDir . '/' . EXTENSION_PREFIX . 'ddappsec.' . EXTENSION_SUFFIX, + ]; + + $iniFileName = '98-ddtrace.ini'; + if (isset($phpProperties[INI_SCANDIR])) { + $iniFilePaths = [$phpProperties[INI_SCANDIR] . '/' . $iniFileName]; + + if (strpos('/cli/conf.d', $phpProperties[INI_SCANDIR]) >= 0) { + /* debian based distros have INI folders split by SAPI, in a predefined way: + * - <...>/cli/conf.d <-- we know this from php -i + * - <...>/apache2/conf.d <-- we derive this from relative path + * - <...>/fpm/conf.d <-- we derive this from relative path + */ + $apacheConfd = str_replace('/cli/conf.d', '/apache2/conf.d', $phpProperties[INI_SCANDIR]); + if (is_dir($apacheConfd)) { + $iniFilePaths[] = "$apacheConfd/$iniFileName"; + } + } + } else { + if (!isset($phpProperties[INI_MAIN])) { + print_error_and_exit( + "It is not possible to perform uninstallation on this " + . "system because there is no scan directory and no " + . "configuration file loaded." + ); + } + + $iniFilePaths = [$phpProperties[INI_MAIN]]; + } + + /* Actual uninstall + * 1) comment out extension=ddtrace.so + * 2) remove ddtrace.so + */ + foreach ($iniFilePaths as $iniFilePath) { + if (is_link($iniFilePath)) { + $iniFilePath = readlink($iniFilePath); + } + if (file_exists($iniFilePath)) { + $isDatadogIni = basename($iniFilePath) == $iniFileName; + modify_ini_file($iniFilePath, function ($iniFileContents) use ($isDatadogIni) { + // if it's not our own ini, we need to match for datadog extensions specifically + if ($isDatadogIni) { + return preg_replace("(^\s*?(zend_)?extension\s*=)m", "; $0", $iniFileContents); + } + return preg_replace("(^\s*?(zend_)?extension\s*=(?=.*(ddtrace|datadog-profiling|ddappsec)))m", "; $0", $iniFileContents); + }); + echo "Disabled all" . ($isDatadogIni ? "" : " Datadog") . " modules in INI file '$iniFilePath'. " + . "The file has not been removed to preserve custom settings.\n"; + } + } + $errors = false; + foreach ($extensionDestinations as $extensionDestination) { + if (file_exists($extensionDestination) && false === unlink($extensionDestination)) { + print_warning("Error while removing $extensionDestination. It can be manually removed."); + $errors = true; + } + } + if ($errors) { + echo "Uninstall from '$binaryForLog' was completed with warnings\n"; + } else { + echo "Uninstall from '$binaryForLog' was successful\n"; + } + } +} + +/** + * Returns a list of php binaries where the library will be installed. If not explicitly provided by the CLI options, + * then the list is retrieved using an interactive session. + * + * @param array $options + * @return array + */ +function require_binaries_or_exit($options) +{ + $selectedBinaries = []; + if (empty($options[OPT_PHP_BIN])) { + $selectedBinaries = pick_binaries_interactive($options, search_php_binaries()); + } else { + foreach ($options[OPT_PHP_BIN] as $command) { + if ($command == "all") { + foreach (search_php_binaries() as $command => $binaryinfo) { + if (!$binaryinfo["shebang"]) { + $selectedBinaries[$command] = $binaryinfo["path"]; + } + } + } elseif ($resolvedPath = resolve_command_full_path($command)) { + $selectedBinaries[$command] = $resolvedPath; + } else { + print_error_and_exit("Provided PHP binary '$command' was not found.\n"); + } + } + } + + if (empty($selectedBinaries)) { + print_error_and_exit("At least one binary must be specified\n"); + } + + return $selectedBinaries; +} + +function search_for_working_ldconfig() +{ + static $path; + + if ($path) { + return $path; + } + + $paths = [ + "/sbin", /* this is most likely path */ + "/usr/sbin", + "/usr/local/sbin", + "/bin", + "/usr/bin", + "/usr/local/bin", + ]; + + $search = function (&$path) { + exec("find $path -name ldconfig", $found, $result); + + return $result == 0 + ? ($path = end($found)) + : null; + }; + + /* searching individual paths is much faster than searching + them all */ + foreach ($paths as $path) { + if ($search($path)) { + return $path; + } + } + + /* probably won't get this far, but just in case */ + foreach (explode(":", getenv("PATH")) as $path) { + if (!in_array($path, $paths)) { + if ($search($path)) { + return $path; + } + } + } + + /* + we cannot find a working ldconfig binary on this system, + fall back on previous behaviour: + + there is a slim outside chance that exec() expands ldconfig + */ + return $path = "ldconfig"; +} + +/** + * Checks if a library is available or not in an OS-independent way. + * + * @param string $requiredLibrary E.g. libcurl + * @return void + */ +function check_library_prerequisite_or_exit($requiredLibrary) +{ + if (IS_WINDOWS) { + // No particular requirements here + return; + } + + if (is_alpine()) { + $lastLine = execute_or_exit( + "Error while searching for library '$requiredLibrary'.", + "find /usr/local/lib /usr/lib -type f -name '*{$requiredLibrary}*.so*'" + ); + } else { + $ldconfig = search_for_working_ldconfig(); + $lastLine = execute_or_exit( + "Cannot find library '$requiredLibrary'", + "$ldconfig -p | grep $requiredLibrary" + ); + } + + if (empty($lastLine)) { + print_error_and_exit("Required library '$requiredLibrary' not found.\n"); + } +} + +/** + * Checks if an extension is enabled or not. + * + * @param string $binary + * @param string $extName E.g. json + * @return void + */ +function check_php_ext_prerequisite_or_exit($binary, $extName) +{ + $extensions = shell_exec("$binary -m"); + + if (!in_array($extName, array_map("trim", explode("\n", $extensions)))) { + print_error_and_exit("Required PHP extension '$extName' not found.\n"); + } +} + +/** + * @return bool + */ +function is_alpine() +{ + if (IS_WINDOWS) { + return false; + } + + $osInfoFile = '/etc/os-release'; + // if /etc/os-release is not readable then assume it's not alpine. + if (!is_readable($osInfoFile)) { + return false; + } + return false !== stripos(file_get_contents($osInfoFile), 'alpine'); +} + +/** + * Returns the host architecture, e.g. x86_64, aarch64 + * + * @return string + */ +function get_architecture() +{ + if (IS_WINDOWS) { + if (PHP_INT_SIZE === 4) { + // we don't support that one, but we include it so that the installer can properly fail + return "x86"; + } else { + if ($env = getenv("PROCESSOR_ARCHITECTURE")) { + return $env === "AMD64" ? "x86_64" : strtolower($env); + } + // fallback + return "x86_64"; + } + } + + return execute_or_exit( + "Cannot detect host architecture (uname -m)", + "uname -m" + ); +} + +/** + * @return array|false + */ +function parse_cli_arguments(array $argv = null) +{ + if (is_null($argv)) { + $argv = $_SERVER['argv']; + } + + // strip the application name + array_shift($argv); + + $arguments = [ + 'cmd' => null, + 'opts' => [], + ]; + + while (null !== $token = array_shift($argv)) { + if (substr($token, 0, 2) === '--') { + // parse long option + $key = substr($token, 2); + $value = false; + // --php-bin=php + if (strpos($key, '=') !== false) { + list($key, $value) = explode('=', $key, 2); + } else { + // look ahead to next $token + if (isset($argv[0]) && substr($argv[0], 0, 1) !== '-') { + $value = array_shift($argv); + if ($value === null) { + $value = false; + } + } + } + } elseif (substr($token, 0, 1) === '-') { + // parse short option + $key = $token[1]; + $value = false; + if (strlen($token) === 2) { + // -d datadog.profiling.enabled or -h + // look ahead to next $token + if (isset($argv[0]) && substr($argv[0], 0, 1) !== '-') { + $value = array_shift($argv); + if ($value === null) { + $value = false; + } + } + } else { + // -ddatadog.profiling.enabled + $value = substr($token, 2); + } + } else { + if (substr($token, 0, 2) === 'DD') { + // we do support using environment variables as well, all those + // start with DD_, so we make sure to check this and then map + // to an INI setting. Example + // php datadog-setup.php config set --php-bin all DD_ENV=prod + $key = 'd'; + list($env, $value) = explode('=', $token, 2); + $ini = map_env_to_ini($env); + if ($ini === null) { + echo "Parse error at token '$token', environment variable not recognized.", PHP_EOL; + return false; + } + $value = $ini . '=' . $value; + } else { + if (count($arguments['opts'])) { + // php datadog-setup.php --php-bin=all php6 + // The "php6" is a problem + echo "Parse error at token '$token'", PHP_EOL; + return false; + } + // parse command + if ($arguments['cmd'] === null) { + $arguments['cmd'] = $token; + } else { + $arguments['cmd'] .= ' ' . $token; + } + continue; + } + } + + if (!isset($arguments['opts'][$key])) { + $arguments['opts'][$key] = $value; + } elseif (is_string($arguments['opts'][$key])) { + $arguments['opts'][$key] = [ + $arguments['opts'][$key], + $value, + ]; + } else { + $arguments['opts'][$key][] = $value; + } + } + + if ($arguments['cmd'] === null) { + $arguments['cmd'] = 'install'; + } + + return $arguments; +} + +/** + * Parses command line options provided by the user and generate a normalized $options array. + * @return array + */ +function parse_validate_user_options() +{ + $args = parse_cli_arguments(); + + // Help and exit + if ($args === false || key_exists('h', $args['opts']) || key_exists(OPT_HELP, $args['opts'])) { + print_help(); + exit(0); + } + + $options = $args['opts']; + $normalizedOptions = []; + + $normalizedOptions[OPT_UNINSTALL] = isset($options[OPT_UNINSTALL]); + + if (!$normalizedOptions[OPT_UNINSTALL]) { + if (isset($options[OPT_FILE])) { + if (is_array($options[OPT_FILE])) { + print_error_and_exit('Only one --file can be provided', true); + } + $normalizedOptions[OPT_FILE] = $options[OPT_FILE]; + } + } + + if (isset($options[OPT_PHP_BIN])) { + if ($options[OPT_PHP_BIN] === false) { + print_error_and_exit('PHP binary needs to be provided when using --php-bin', true); + } + $normalizedOptions[OPT_PHP_BIN] = is_array($options[OPT_PHP_BIN]) + ? $options[OPT_PHP_BIN] + : [$options[OPT_PHP_BIN]]; + } + + if (isset($options[OPT_PHP_INI])) { + $normalizedOptions[OPT_PHP_INI] = is_array($options[OPT_PHP_INI]) + ? $options[OPT_PHP_INI] + : [$options[OPT_PHP_INI]]; + } + + $normalizedOptions[OPT_INSTALL_DIR] = isset($options[OPT_INSTALL_DIR]) + ? rtrim($options[OPT_INSTALL_DIR], '/') + : DEFAULT_INSTALL_DIR; + $normalizedOptions[OPT_INSTALL_DIR] = $normalizedOptions[OPT_INSTALL_DIR] . '/dd-library'; + + $normalizedOptions[OPT_EXTENSION_DIR] = isset($options[OPT_EXTENSION_DIR]) + ? rtrim($options[OPT_EXTENSION_DIR], '/') + : null; + + $normalizedOptions[OPT_ENABLE_APPSEC] = isset($options[OPT_ENABLE_APPSEC]); + $normalizedOptions[OPT_ENABLE_PROFILING] = isset($options[OPT_ENABLE_PROFILING]); + + if (isset($options[OPT_INI_SETTING])) { + $normalizedOptions[OPT_INI_SETTING] = is_array($options[OPT_INI_SETTING]) + ? $options[OPT_INI_SETTING] + : [$options[OPT_INI_SETTING]]; + } + + return [ + 'cmd' => $args['cmd'], + 'opts' => $normalizedOptions, + ]; +} + +function print_error_and_exit($message, $printHelp = false) +{ + echo "ERROR: $message\n"; + if ($printHelp) { + print_help(); + } + exit(1); +} + +function print_warning($message) +{ + echo "WARNING: $message\n"; +} + +/** + * Given a certain set of available PHP binaries, let users pick in an interactive way the ones where the library + * should be installed to. + * + * @param array $options + * @param array $php_binaries + * @return array + */ +function pick_binaries_interactive($options, array $php_binaries) +{ + echo sprintf( + "Multiple PHP binaries detected. Please select the binaries the datadog library will be %s:\n\n", + $options[OPT_UNINSTALL] ? "uninstalled from" : "installed to" + ); + $commands = array_keys($php_binaries); + for ($index = 0; $index < count($commands); $index++) { + $command = $commands[$index]; + $fullPath = $php_binaries[$command]["path"]; + echo " " + . str_pad($index + 1, 2, ' ', STR_PAD_LEFT) + . ". " + . ($command !== $fullPath ? "$command --> " : "") + . $fullPath + . ($php_binaries[$command]["shebang"] ? " (not a binary)" : "") + . "\n"; + } + echo "\n"; + flush(); + + echo "Select binaries using their number. Multiple binaries separated by space (example: 1 3): "; + $userInput = fgets(STDIN); + $choices = array_map('intval', array_filter(explode(' ', $userInput))); + + $pickedBinaries = []; + foreach ($choices as $choice) { + $index = $choice - 1; // we render to the user as 1-indexed + if (!isset($commands[$index])) { + echo "\nERROR: Wrong choice: $choice\n\n"; + return pick_binaries_interactive($options, $php_binaries); + } + $command = $commands[$index]; + $pickedBinaries[$command] = $php_binaries[$command]["path"]; + } + + return $pickedBinaries; +} + +function execute_or_exit($exitMessage, $command) +{ + $output = []; + $returnCode = 0; + $lastLine = exec($command, $output, $returnCode); + if (false === $lastLine || $returnCode > 0) { + print_error_and_exit( + $exitMessage + . "\nFailed command (return code $returnCode): $command\n" + . "---- Output ----\n" + . implode("\n", $output) + . "\n---- End of output ----\n" + ); + } + + return $lastLine; +} + +/** + * Downloads the library applying a number of fallback mechanisms if specific libraries/binaries are not available. + * + * @param string $url + * @param string $destination + */ +function download($url, $destination) +{ + echo "Downloading installable archive from $url.\n"; + echo "This operation might take a while.\n"; + + $okMessage = "\nDownload completed\n\n"; + + /* We try the following options, mostly to provide progress report, if possible: + * 1) `ext-curl` (with progress report); if 'ext-curl' is not installed... + * 2) `curl` from CLI (it shows progress); if `curl` is not installed... + * 3) `file_get_contents()` (no progress report); if `allow_url_fopen=0`... + * 4) exit with errror + */ + + // ext-curl + if (extension_loaded('curl')) { + if (false === $fp = fopen($destination, 'w+')) { + print_error_and_exit("Error while opening target file '$destination' for writing\n"); + } + global $progress_counter; + $ch = curl_init($url); + curl_setopt($ch, CURLOPT_TIMEOUT, 50); + curl_setopt($ch, CURLOPT_FILE, $fp); + curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); + curl_setopt($ch, CURLOPT_PROGRESSFUNCTION, 'on_download_progress'); + curl_setopt($ch, CURLOPT_NOPROGRESS, false); + $progress_counter = 0; + $return = curl_exec($ch); + curl_close($ch); + fclose($fp); + + if (false !== $return) { + echo $okMessage; + return; + } + // Otherwise we attempt other methods + } + + // curl + $statusCode = 0; + $output = []; + // on Windows curl is an alias for Invoke-WebRequest on powershell + if (!IS_WINDOWS && false !== exec('curl --version', $output, $statusCode) && $statusCode === 0) { + $curlInvocationStatusCode = 0; + system( + 'curl -L --output ' . escapeshellarg($destination) . ' ' . escapeshellarg($url), + $curlInvocationStatusCode + ); + + if ($curlInvocationStatusCode === 0) { + echo $okMessage; + return; + } + // Otherwise we attempt other methods + } + + // file_get_contents + if (is_truthy(ini_get('allow_url_fopen')) && extension_loaded('openssl')) { + ini_set("memory_limit", "1G"); // increase memory limit otherwise we may run OOM here. + $data = @file_get_contents($url); + // PHP doesn't like too long location headers, and on PHP 7.3 and older they weren't read at all. + // But this only really matters for CircleCI artifacts, so not too bad. + if ($data == "") { + foreach ($http_response_header as $header) { + if (stripos($header, "location: ") === 0) { + $data = file_get_contents(substr($header, 10)); + goto got_data; + } + } + if (PHP_VERSION_ID < 70400) { + goto next_method; // location redirects may not be read on 7.3 and older + } + } + got_data: ; + if ($data == "" || false === file_put_contents($destination, $data)) { + print_error_and_exit("Error while downloading the installable archive from $url\n"); + } + + echo $okMessage; + return; + + next_method: + } + + if (IS_WINDOWS) { + $webRequestInvocationStatusCode = 0; + system( + 'powershell ' . escapeshellarg('[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; Invoke-WebRequest -Out ' . escapeshellarg($destination) . ' ' . escapeshellarg($url)), + $webRequestInvocationStatusCode + ); + if ($webRequestInvocationStatusCode === 0) { + echo $okMessage; + return; + } + // Otherwise we attempt other methods + } + + + echo "Error: Cannot download the installable archive.\n"; + echo " One of the following prerequisites must be satisfied:\n"; + echo " - PHP ext-curl extension is installed\n"; + if (!IS_WINDOWS) { + echo " - curl CLI command is available\n"; + } else { + echo " - Invoke-WebRequest exists on the powershell\n"; + } + echo " - the INI setting 'allow_url_fopen=1' and the ext-openssl extension is installed\n"; + + exit(1); +} + +/** + * Progress callback as specified by the ext-curl documentation. + * see: https://www.php.net/manual/en/function.curl-setopt.php#:~:text=CURLOPT_PROGRESSFUNCTION + * + * @return int + */ +function on_download_progress($curlHandle, $download_size, $downloaded) +{ + global $progress_counter; + + if ($download_size === 0) { + return 0; + } + $ratio = $downloaded / $download_size; + if ($ratio == 1) { + return 0; + } + + // Max 20 dots to show progress + if ($ratio >= ($progress_counter + (1 / 20))) { + $progress_counter = $ratio; + echo "."; + } + + flush(); + return 0; +} + +/** + * Extracts and normalizes a set of properties from PHP's ini values. + * + * @param string $binary + * @return array + */ +function ini_values($binary) +{ + $properties = [PHP_VER, INI_MAIN, INI_SCANDIR, EXTENSION_DIR, THREAD_SAFETY, PHP_API, IS_DEBUG]; + $lines = []; + // Timezone is irrelevant to this script. Quick-and-dirty workaround to the PHP 5 warning with missing timezone + exec(escapeshellarg($binary) . " -d date.timezone=UTC -i", $lines); + $found = []; + foreach ($lines as $line) { + $parts = explode('=>', $line); + if (count($parts) === 2 || count($parts) === 3) { + $key = trim($parts[0]); + if (in_array($key, $properties)) { + $value = trim(count($parts) === 2 ? $parts[1] : $parts[2]); + + if ($value === "(none)") { + continue; + } + + $found[$key] = $value; + } + } + } + + if ($found[EXTENSION_DIR] == "") { + $found[EXTENSION_DIR] = dirname(PHP_BINARY); + } elseif ($found[EXTENSION_DIR][0] != "/" && (!IS_WINDOWS || !preg_match('~^([A-Z]:|\\\\)\\\\~i', $found[EXTENSION_DIR]))) { + $found[EXTENSION_DIR] = dirname(PHP_BINARY) . 'datadog-setup.php/' . $found[EXTENSION_DIR]; + } + + return $found; +} + +function is_truthy($value) +{ + if ($value === null) { + return false; + } + + $normalized = trim(strtolower($value)); + return in_array($normalized, ['1', 'true', 'yes', 'enabled']); +} + +/** + * @param string $prefix Default ''. Used for testing purposes only. + * @return array + */ +function search_php_binaries($prefix = '') +{ + echo "Searching for available php binaries, this operation might take a while.\n"; + + $resolvedPaths = []; + + $allPossibleCommands = build_known_command_names_matrix(); + + // First, we search in $PATH, for php, php7, php74, php7.4, php7.4-fpm, etc.... + foreach ($allPossibleCommands as $command) { + if ($resolvedPath = resolve_command_full_path($command)) { + $resolvedPaths[$command] = $resolvedPath; + } + } + + // Then we search in known possible locations for popular installable paths on different systems. + $pathsFound = []; + if (IS_WINDOWS) { + $bootDisk = realpath('/'); + + $standardPaths = [ + dirname(PHP_BINARY), + PHP_BINDIR, + $bootDisk . 'WINDOWS', + ]; + + foreach (scandir($bootDisk) as $file) { + if (stripos($file, "php") !== false) { + $standardPaths[] = "$bootDisk$file"; + } + } + + $chocolateyDir = getenv("ChocolateyToolsLocation") ?: $bootDisk . 'tools'; // chocolatey tools location + if (is_dir($chocolateyDir)) { + foreach (scandir($chocolateyDir) as $file) { + if (stripos($file, "php") !== false) { + $standardPaths[] = "$chocolateyDir/$file"; + } + } + } + + // Windows paths are case-insensitive + $standardPaths = array_intersect_key(array_map('strtolower', $standardPaths), array_unique($standardPaths)); + + foreach ($standardPaths as $standardPath) { + foreach ($allPossibleCommands as $command) { + $resolvedPath = $standardPath . '\\' . $command; + if (file_exists($resolvedPath)) { + $pathsFound[] = $resolvedPath; + } + } + } + } else { + $standardPaths = [ + $prefix . '/usr/bin', + $prefix . '/usr/sbin', + $prefix . '/usr/local/bin', + $prefix . '/usr/local/sbin', + ]; + + $remiSafePaths = array_map(function ($phpVersion) use ($prefix) { + list($major, $minor) = explode('.', $phpVersion); + /* php is installed to /usr/bin/php{$major}{$minor} so we do not need to do anything special, while php-fpm + * is installed to /opt/remi/php{$major}{$minor}/root/usr/sbin and it needs to be added to the searched + * locations. + */ + return "{$prefix}/opt/remi/php{$major}{$minor}/root/usr/sbin"; + }, get_supported_php_versions()); + + $pleskPaths = array_map(function ($phpVersion) use ($prefix) { + return "/opt/plesk/php/$phpVersion/bin"; + }, get_supported_php_versions()); + + $escapedSearchLocations = implode( + ' ', + array_map('escapeshellarg', array_merge($standardPaths, $remiSafePaths, $pleskPaths)) + ); + $escapedCommandNamesForFind = implode( + ' -o ', + array_map( + function ($cmd) { + return '-name ' . escapeshellarg($cmd); + }, + $allPossibleCommands + ) + ); + + exec( + "find -L $escapedSearchLocations -type f \( $escapedCommandNamesForFind \) 2>/dev/null", + $pathsFound + ); + } + + foreach ($pathsFound as $path) { + $resolved = realpath($path); + if (in_array($resolved, $resolvedPaths)) { + continue; + } + $resolvedPaths[$path] = $resolved; + } + + $results = []; + foreach ($resolvedPaths as $command => $realpath) { + $hasShebang = file_get_contents($realpath, false, null, 0, 2) === "#!"; + $results[$command] = [ + "shebang" => $hasShebang, + "path" => $realpath, + ]; + } + + return $results; +} + +/** + * @param mixed $command + * @return string|false + */ +function resolve_command_full_path($command) +{ + if (IS_WINDOWS) { + if (!strpbrk($command, "/\\")) { + $path = shell_exec("where " . escapeshellarg($command) . " 2>NUL"); + if ($path === null) { + // command is not defined + return false; + } + $path = ltrim($path, "\r\n"); + } elseif (!file_exists($command)) { + return false; + } else { + $path = $command; + } + } else { + $path = exec("command -v " . escapeshellarg($command)); + if (empty($path)) { + // command is not defined + return false; + } + } + + // Resolving symlinks + return realpath($path); +} + +function build_known_command_names_matrix() +{ + $results = ['php', 'php-fpm']; + + foreach (get_supported_php_versions() as $phpVersion) { + list($major, $minor) = explode('.', $phpVersion); + array_push( + $results, + "php{$major}", + "php{$major}{$minor}", + "php{$major}.{$minor}", + "php{$major}-fpm", + "php{$major}{$minor}-fpm", + "php{$major}.{$minor}-fpm", + "php-fpm{$major}", + "php-fpm{$major}{$minor}", + "php-fpm{$major}.{$minor}" + ); + } + + if (IS_WINDOWS) { + foreach ($results as &$result) { + $result .= ".exe"; + } + } + + return array_unique($results); +} + +/** + * Adds ini entries that are not present in the provided ini file. + * + * @param string $iniFilePath + */ +function add_missing_ini_settings($iniFilePath, $settings, $replacements) +{ + modify_ini_file($iniFilePath, function ($iniFileContent) use ($settings, $replacements) { + $formattedMissingProperties = ''; + + // Replace twice, so that some replacements can take effect on newly inserted missing inis too + // As well as missing ini detection must not find legacy names which we replace + foreach ($replacements as $from => $to) { + $iniFileContent = preg_replace($from, $to, $iniFileContent); + } + + foreach ($settings as $setting) { + // The extension setting is not unique, so make sure we check that the + // right extension setting is available. + $settingRegex = '(' . preg_quote($setting['name']) . '\s?=\s?'; + if ($setting['name'] === 'extension' || $setting['name'] == 'zend_extension') { + $settingRegex .= preg_quote($setting['default']); + } + $settingRegex .= ')'; + + $settingMightExist = 1 === preg_match($settingRegex, $iniFileContent); + + if ($settingMightExist) { + continue; + } + + // Formatting the setting to be added. + $description = is_string($setting['description']) + ? '; ' . $setting['description'] + : implode( + "\n", + array_map( + function ($line) { + return '; ' . $line; + }, + $setting['description'] + ) + ); + $setting = ($setting['commented'] ? ';' : '') . $setting['name'] . ' = ' . $setting['default']; + $formattedMissingProperties .= "\n$description\n$setting\n"; + } + + $iniFileContent .= $formattedMissingProperties; + + foreach ($replacements as $from => $to) { + $iniFileContent = preg_replace($from, $to, $iniFileContent); + } + + return $iniFileContent; + }); +} + +/** + * Changes a given ini file + */ +function modify_ini_file($iniFilePath, $callback) { + $iniFileContent = file_get_contents($iniFilePath); + + $newIniFileContent = $callback($iniFileContent); + + if ($iniFileContent !== $newIniFileContent) { + if (false === file_put_contents($iniFilePath, $newIniFileContent)) { + print_error_and_exit("Cannot change the settings of the INI file $iniFilePath"); + } + } +} + +/** + * Maps a given environment variable name to an ini setting. Returns `null` in + * case the environment variable does not start with `DD` or is otherwise + * invalid. + * + * @param string $env + * @return string|null + */ +function map_env_to_ini($env) +{ + $setting = explode('_', $env, 3); + if (!isset($setting[0]) || $setting[0] !== 'DD' || !isset($setting[1])) { + return null; + } + $ini = 'datadog.'; + switch ($setting[1]) { + case 'PROFILING': + case 'TRACE': + case 'APPSEC': + if (!isset($setting[2])) { + // this would mean $env was DD_TRACE or DD_PROFILING or DD_APPSEC + return null; + } + $ini .= strtolower($setting[1]) . 'symfony-app' . strtolower($setting[2]); + break; + default: + // for cases like DD_ENV or DD_DOGSTATSD_URL, ... + $ini .= strtolower($setting[1]); + if (isset($setting[2])) { + $ini .= '_' . strtolower($setting[2]); + } + } + return $ini; +} + +/** + * Returns array of associative arrays with the following keys: + * - name (string): the setting name; + * - default (string): the default value; + * - commented (bool): whether this setting should be commented or not when added; + * - description (string|string[]): A string (or an array of strings, each representing a line) that describes + * the setting. + * + * @param string $sourcesDir + * @param string $appsecHelperPath + * @param string $appsecRulesPath + * @return array + */ +function get_ini_settings($sourcesDir, $appsecHelperPath, $appsecRulesPath) +{ + // phpcs:disable Generic.Files.LineLength.TooLong + return [ + [ + 'name' => 'extension', + 'default' => 'ddtrace' . (IS_WINDOWS ? "" : "." . EXTENSION_SUFFIX), + 'commented' => false, + 'description' => 'Enables or disables tracing (set by the installer, do not change it)', + ], + [ + 'name' => 'extension', + 'default' => 'datadog-profiling' . (IS_WINDOWS ? "" : "." . EXTENSION_SUFFIX), + 'commented' => true, + 'description' => 'Enables the profiling module', + ], + [ + 'name' => 'extension', + 'default' => 'ddappsec' . (IS_WINDOWS ? "" : "." . EXTENSION_SUFFIX), + 'commented' => false, + 'description' => 'Enables the appsec module', + ], + + /* IMPORTANT! These extension ones are shifted off for config commands. + * If the number of extension= things changes, change the constant + * CMD_CONFIG_NUM_SHIFT accordingly. + */ + + [ + 'name' => 'datadog.profiling.enabled', + 'default' => '1', + 'commented' => true, + 'description' => 'Enable the Datadog profiling module.', + ], + [ + 'name' => 'datadog.trace.endpoint_collection_enabled', + 'default' => '1', + 'commented' => true, + 'description' => 'Whether to enable the endpoint data collection in profiles.', + ], + [ + 'name' => 'datadog.profiling.experimental_cpu_time_enabled', + 'default' => '1', + 'commented' => true, + 'description' => 'Enable the CPU profile type.', + ], + [ + 'name' => 'datadog.profiling.allocation_enabled', + 'default' => '1', + 'commented' => true, + 'description' => 'Enable the allocation profile type.', + ], + [ + 'name' => 'datadog.profiling.experimental_allocation_enabled', + 'default' => '1', + 'commented' => true, + 'description' => 'Enable the allocation profile type. Superseded by `datadog.profiling.allocation_enabled`.', + ], + [ + 'name' => 'datadog.profiling.exception_enabled', + 'default' => '1', + 'commented' => true, + 'description' => 'Enable the exception profile type.', + ], + [ + 'name' => 'datadog.profiling.experimental_exception_enabled', + 'default' => '1', + 'commented' => true, + 'description' => 'Enable the exception profile type. Superseded by `datadog.profiling.exception_enabled`.', + ], + [ + 'name' => 'datadog.profiling.exception_sampling_distance', + 'default' => '100', + 'commented' => true, + 'description' => 'Sampling distance for exception profiling (the higher the distance, the fewer samples are created).', + ], + [ + 'name' => 'datadog.profiling.experimental_exception_sampling_distance', + 'default' => '100', + 'commented' => true, + 'description' => 'Sampling distance for exception profiling (the higher the distance, the fewer samples are created). Superseded by `datadog.profiling.exception_sampling_distance`.', + ], + [ + 'name' => 'datadog.profiling.log_level', + 'default' => 'off', + 'commented' => true, + 'description' => 'Set the profiler’s log level.' + . ' Acceptable values are off, error, warn, info, debug, and trace.' + . ' The profiler’s logs are written to the standard error stream of the process.', + ], + [ + 'name' => 'datadog.profiling.timeline_enabled', + 'default' => '1', + 'commented' => true, + 'description' => 'Enable the timeline profile type.', + ], + + [ + 'name' => 'datadog.trace.sources_path', + 'default' => $sourcesDir, + 'commented' => false, + 'description' => 'Path to the request init hook (set by the installer, do not change it)', + ], + [ + 'name' => 'datadog.trace.enabled', + 'default' => 'On', + 'commented' => true, + 'description' => 'Enables or disables tracing. On by default', + ], + [ + 'name' => 'datadog.trace.cli_enabled', + 'default' => 'Off', + 'commented' => true, + 'description' => 'Enable or disable tracing of CLI scripts. Off by default', + ], + [ + 'name' => 'datadog.trace.auto_flush_enabled', + 'default' => 'Off', + 'commented' => true, + 'description' => 'For long running processes, this setting has to be set to On', + ], + [ + 'name' => 'datadog.trace.generate_root_span', + 'default' => 'On', + 'commented' => true, + 'description' => 'For long running processes, this setting has to be set to Off', + ], + [ + 'name' => 'datadog.trace.debug', + 'default' => 'Off', + 'commented' => true, + 'description' => 'Enables or disables debug mode. When On logs are printed to the error_log', + ], + [ + 'name' => 'datadog.trace.startup_logs', + 'default' => 'On', + 'commented' => true, + 'description' => 'Enables startup logs, including diagnostic checks', + ], + [ + 'name' => 'datadog.service', + 'default' => 'unnamed-php-service', + 'commented' => true, + 'description' => 'Sets a custom service name for the application', + ], + [ + 'name' => 'datadog.env', + 'default' => 'my_env', + 'commented' => true, + 'description' => 'Sets a custom environment name for the application', + ], + [ + 'name' => 'datadog.version', + 'default' => '1.0.0', + 'commented' => true, + 'description' => 'Sets a version for the user application, not the datadog php library', + ], + [ + 'name' => 'datadog.agent_host', + 'default' => '127.0.0.1', + 'commented' => true, + 'description' => 'Configures the agent host. If you need more flexibility use `datadog.trace.agent_url` instead', + ], + [ + 'name' => 'datadog.trace.agent_port', + 'default' => '8126', + 'commented' => true, + 'description' => 'Configures the agent port. If you need more flexibility use `datadog.trace.agent_url` instead', + ], + [ + 'name' => 'datadog.dogstatsd_port', + 'default' => '8125', + 'commented' => true, + 'description' => 'Configures the dogstatsd agent port', + ], + [ + 'name' => 'datadog.trace.agent_url', + 'default' => 'http://127.0.0.1:8126', + 'commented' => true, + 'description' => 'When set, `datadog.trace.agent_url` has priority over `datadog.agent_host` and `datadog.trace.agent_port`', + ], + [ + 'name' => 'datadog.trace.http_client_split_by_domain', + 'default' => 'Off', + 'commented' => true, + 'description' => 'Sets the service name of spans generated for HTTP clients\' requests to host-', + ], + [ + 'name' => 'datadog.trace.url_as_resource_names_enabled', + 'default' => 'On', + 'commented' => true, + 'description' => [ + 'Enables URL to resource name normalization. For more details see:', + 'https://docs.datadoghq.com/tracing/setup_overview/setup/php/?tab=containers#map-resource-names-to-normalized-uri', + ], + ], + [ + 'name' => 'datadog.trace.resource_uri_fragment_regex', + 'default' => '', + 'commented' => true, + 'description' => [ + 'Configures obfuscation patterns based on regex. For more details see:', + 'https://docs.datadoghq.com/tracing/setup_overview/setup/php/?tab=containers#map-resource-names-to-normalized-uri', + ], + ], + [ + 'name' => 'datadog.trace.resource_uri_mapping_incoming', + 'default' => '', + 'commented' => true, + 'description' => [ + 'Configures obfuscation path fragments for incoming requests. For more details see:', + 'https://docs.datadoghq.com/tracing/setup_overview/setup/php/?tab=containers#map-resource-names-to-normalized-uri', + ], + ], + [ + 'name' => 'datadog.trace.resource_uri_mapping_outgoing', + 'default' => '', + 'commented' => true, + 'description' => [ + 'Configures obfuscation path fragments for outgoing requests. For more details see:', + 'https://docs.datadoghq.com/tracing/setup_overview/setup/php/?tab=containers#map-resource-names-to-normalized-uri', + ], + ], + [ + 'name' => 'datadog.service_mapping', + 'default' => '', + 'commented' => true, + 'description' => [ + 'Changes the default name of an APM integration. Rename one or more integrations at a time, for example:', + '"pdo:payments-db,mysqli:orders-db"', + ], + ], + [ + 'name' => 'datadog.tags', + 'default' => '', + 'commented' => true, + 'description' => 'Tags to be set on all spans, for example: "key1:value1,key2:value2"', + ], + [ + 'name' => 'datadog.trace.sample_rate', + 'default' => '1.0', + 'commented' => true, + 'description' => 'The sampling rate for the trace. Valid values are between 0.0 and 1.0', + ], + [ + 'name' => 'datadog.trace.sample_rate', + 'default' => '1.0', + 'commented' => true, + 'description' => 'The sampling rate for the trace. Valid values are between 0.0 and 1.0', + ], + [ + 'name' => 'datadog.trace.sampling_rules', + 'default' => '', + 'commented' => true, + 'description' => [ + 'A JSON encoded string to configure the sampling rate.', + 'Examples:', + ' - Set the sample rate to 20%: \'[{"sample_rate": 0.2}]\'.', + ' - Set the sample rate to 10% for services starting with `a` and span name `b` and set the sample rate to 20%', + ' for all other services: \'[{"service": "a.*", "name": "b", "sample_rate": 0.1}, {"sample_rate": 0.2}]\'', + '**Note** that the JSON object must be included in single quotes (\') to avoid problems with escaping of the', + 'double quote (") character.', + ], + ], + [ + 'name' => 'datadog.trace._enabled', + 'default' => 'On', + 'commented' => true, + 'description' => [ + 'Whether a specific integration is enabled.', + 'Integrations names available at: see https://docs.datadoghq.com/tracing/setup_overview/setup/php/?tab=containers#integration-names', + ], + ], + [ + 'name' => 'datadog.trace._analytics_enabled', + 'default' => 'Off', + 'commented' => true, + 'description' => [ + 'Whether analytics for the integration is enabled.', + 'Integrations names available at: see https://docs.datadoghq.com/tracing/setup_overview/setup/php/?tab=containers#integration-names', + ], + ], + [ + 'name' => 'datadog.trace._analytics_sample_rate', + 'default' => '1.0', + 'commented' => true, + 'description' => [ + 'Sampling rate for analyzed spans. Valid values are between 0.0 and 1.0.', + 'Integrations names available at: see https://docs.datadoghq.com/tracing/setup_overview/setup/php/?tab=containers#integration-names', + ], + ], + [ + 'name' => 'datadog.distributed_tracing', + 'default' => 'On', + 'commented' => true, + 'description' => 'Enables distributed tracing', + ], + [ + 'name' => 'datadog.trace.analytics_enabled', + 'default' => 'Off', + 'commented' => true, + 'description' => 'Global switch for trace analytics', + ], + [ + 'name' => 'datadog.trace.bgs_connect_timeout', + 'default' => '2000', + 'commented' => true, + 'description' => 'Set connection timeout in milliseconds while connecting to the agent', + ], + [ + 'name' => 'datadog.trace.bgs_timeout', + 'default' => '5000', + 'commented' => true, + 'description' => 'Set request timeout in milliseconds while sending payloads to the agent', + ], + [ + 'name' => 'datadog.trace.spans_limit', + 'default' => '1000', + 'commented' => true, + 'description' => 'datadog.trace.spans_limit = 1000', + ], + [ + 'name' => 'datadog.trace.retain_thread_capabilities', + 'default' => 'Off', + 'commented' => true, + 'description' => [ + 'Only for Linux. Set to `true` to retain capabilities on Datadog background threads when you change the effective', + 'user ID. This option does not affect most setups, but some modules - to date Datadog is only aware of Apache`s', + 'mod-ruid2 - may invoke `setuid()` or similar syscalls, leading to crashes or loss of functionality as it loses', + 'capabilities.', + '**Note** Enabling this option may compromise security. This option, standalone, does not pose a security risk.', + 'However, an attacker being able to exploit a vulnerability in PHP or web server may be able to escalate privileges', + 'with relative ease, if the web server or PHP were started with full capabilities, as the background threads will', + 'retain their original capabilities. Datadog recommends restricting the capabilities of the web server with the', + 'setcap utility.', + ], + ], + [ + 'name' => 'datadog.appsec.enabled', + 'default' => 'Off', + 'commented' => true, + 'description' => [ + 'Enables or disables the loaded dd-appsec extension.', + 'If disabled, the extension will do no work during the requests.', + 'If not present/commented out, appsec will be enabled/disabled by remote config', + ], + ], + [ + 'name' => 'datadog.appsec.log_level', + 'default' => 'warn', + 'commented' => true, + 'description' => [ + 'Sets the verbosity of the logs of the dd-appsec extension.', + 'The valid values are \'off\', \'error\', \'fatal\', \'warn\' (or \'warning\'), \'info\',', + '\'debug\' and \'trace\', in increasing order of verbosity', + ], + ], + [ + 'name' => 'datadog.appsec.log_file', + 'default' => 'php_error_reporting', + 'commented' => true, + 'description' => [ + 'The destination of the log messages. Valid values are \'php_error_reporting\'', + '(issues PHP notices or warnings), \'syslog\', \'stdout\', \'stderr\', or an', + 'arbitrary file name to which the messages will be appended', + ], + ], + [ + 'name' => 'datadog.appsec.helper_launch', + 'default' => 'On', + 'commented' => true, + 'description' => [ + 'The dd-appsec extension communicates with a helper process via UNIX sockets.', + 'This setting determines whether the extension should try to launch the daemon', + 'in case it cannot obtain a connection.', + 'If this is disabled, the helper should be launched through some other method.', + 'The extension expects the helper to run under the same user as the process', + 'where PHP is running, and will verify it.', + ], + ], + [ + 'name' => 'datadog.appsec.helper_path', + 'default' => $appsecHelperPath, + 'commented' => false, + 'description' => [ + 'If ddappsec.helper_launch is enabled, this setting determines which binary', + 'the extension should try to execute.', + 'Only relevant if ddappsec.helper_launch is enabled.', + 'This ini setting is configured by the installer', + ], + ], + [ + 'name' => 'datadog.appsec.helper_extra_args', + 'default' => '', + 'commented' => true, + 'description' => [ + 'Additional arguments that should be used when attempting to launch the helper', + 'process. The extension always passes \'--lock_path - --socket_path fd:\'', + 'The arguments should be space separated. Both single and double quotes can', + 'be used should an argument contain spaces. The backslash (\) can be used to', + 'escape spaces, quotes, and the backslash itself.', + 'Only relevant if ddappsec.helper_launch is enabled', + ], + ], + [ + 'name' => 'datadog.appsec.rules', + 'default' => $appsecRulesPath, + 'commented' => true, + 'description' => [ + 'The path to the rules json file. The helper process must be able to read the', + 'file. This ini setting is configured by the installer', + ], + ], + [ + 'name' => 'datadog.appsec.helper_runtime_path', + 'default' => '/tmp/', + 'commented' => true, + 'description' => [ + 'The location to the UNIX socket that extension uses to communicate with the', + 'helper and the lock file that the extension processes will use to', + 'synchronize the launching of the helper.', + 'Only relevant if datadog.appsec.helper_launch is enabled', + ], + ], + [ + 'name' => 'datadog.appsec.helper_log_file', + 'default' => '/dev/null', + 'commented' => true, + 'description' => [ + 'The location of the log file of the helper. This default to /dev/null (the log', + 'messages will be discarded). This file is opened by the extension just before', + 'launching the daemon and the file descriptor is passed to the helper as its', + 'stderr, to which it will write its messages; this setting is therefore only', + 'relevant if ddappsec.helper_launch is enabled', + ], + ], + [ + 'name' => 'datadog.remote_config_enabled', + 'default' => 'On', + 'commented' => true, + 'description' => 'Enables or disables remote configuration. On by default', + ], + [ + 'name' => 'datadog.remote_config_poll_interval', + 'default' => '1000', + 'commented' => true, + 'description' => 'In milliseconds, the period at which the agent is polled for new configurations', + ], + [ + 'name' => 'datadog.appsec.http_blocked_template_html', + 'default' => '', + 'commented' => true, + 'description' => 'Customises the HTML output provided on a blocked request', + ], + [ + 'name' => 'datadog.appsec.http_blocked_template_json', + 'default' => '', + 'commented' => true, + 'description' => 'Customises the JSON output provided on a blocked request', + ], + ]; + // phpcs:enable Generic.Files.LineLength.TooLong +} + +/** + * @return string[] + */ +function get_supported_php_versions() +{ + return ['5.4', '5.5', '5.6', '7.0', '7.1', '7.2', '7.3', '7.4', '8.0', '8.1', '8.2', '8.3']; +} + +main(); + +// polyfill for PHP 5.4 where the `array_column()` function did not exist, +// remove whenever we drop support for PHP 5.4 +if (!function_exists('array_column')) { + function array_column(array $input, $columnKey, $indexKey = null) + { + $result = array(); + foreach ($input as $subArray) { + if (!is_array($subArray)) { + continue; + } elseif (is_null($indexKey)) { + $result[] = $subArray[$columnKey]; + } else { + $result[$subArray[$indexKey]] = $subArray[$columnKey]; + } + } + return $result; + } +} From 79942f43410b42cad0aadbbbee22ec39456b5100 Mon Sep 17 00:00:00 2001 From: Palumbo <30956774+barbara79@users.noreply.github.com> Date: Tue, 10 Sep 2024 15:20:47 +0200 Subject: [PATCH 2/9] adding some configuration for datadog --- examples/symfony-app/.dockerignore | 2 +- examples/symfony-app/.env.sample | 34 - examples/symfony-app/.gitignore | 2 +- examples/symfony-app/README.md | 2 + examples/symfony-app/composer.json | 2 +- examples/symfony-app/docker-compose.yml | 32 +- .../symfony-app/docker/php/Dockerfile.datadog | 9 +- .../symfony-app/docker/php/datadog-setup.php | 2383 ----------------- 8 files changed, 17 insertions(+), 2449 deletions(-) delete mode 100644 examples/symfony-app/.env.sample delete mode 100644 examples/symfony-app/docker/php/datadog-setup.php diff --git a/examples/symfony-app/.dockerignore b/examples/symfony-app/.dockerignore index 3225cf9b38e..6ee9c5daec9 100644 --- a/examples/symfony-app/.dockerignore +++ b/examples/symfony-app/.dockerignore @@ -25,6 +25,6 @@ var/ vendor/ .editorconfig .env.*.local -.env.local +docker/php/.env.sample .env.local.php .env.test diff --git a/examples/symfony-app/.env.sample b/examples/symfony-app/.env.sample deleted file mode 100644 index 9478dcf831a..00000000000 --- a/examples/symfony-app/.env.sample +++ /dev/null @@ -1,34 +0,0 @@ -# In all environments, the following files are loaded if they exist, -# the latter taking precedence over the former: -# -# * .env contains default values for the environment variables needed by the app -# * .env.local uncommitted file with local overrides -# * .env.$APP_ENV committed environment-specific defaults -# * .env.$APP_ENV.local uncommitted environment-specific overrides -# -# Real environment variables win over .env files. -# -# DO NOT DEFINE PRODUCTION SECRETS IN THIS FILE NOR IN ANY OTHER COMMITTED FILES. -# https://symfony.com/doc/current/configuration/secrets.html -# -# Run "composer dump-env prod" to compile .env files for production use (requires symfony/flex >=1.2). -# https://symfony.com/doc/current/best_practices.html#use-environment-variables-for-infrastructure-configuration - -###> symfony/framework-bundle ### -APP_ENV=dev -APP_SECRET= -APP_CTP_CLIENT_ID= your CTP_CLIENT_ID -APP_CTP_CLIENT_SECRET= your CTP_CLIENT_SECRET -APP_CTP_PROJECT_KEY= your CTP_PROJECT_KEY -DD_AGENT_HOST=datadog-agent -DD_TRACE_AGENT_PORT=8126 -DD_SERVICE=symfony-app -DD_API_KEY= -DD_APM_ENABLED=true -DD_TRACE_CLI_ENABLED=true -DD_TRACE_ENABLED=true -NEWRELIC_KEY= -NEWRELIC_APP_NAME=PHP-SDK - -# APP_NAME=PHP-SDK -###< symfony/framework-bundle ### diff --git a/examples/symfony-app/.gitignore b/examples/symfony-app/.gitignore index a67f91e25c2..e80fb8bcdfa 100644 --- a/examples/symfony-app/.gitignore +++ b/examples/symfony-app/.gitignore @@ -1,6 +1,6 @@ ###> symfony/framework-bundle ### -/.env.local +/docker/php/.env.local /.env.local.php /.env.*.local /config/secrets/prod/prod.decrypt.private.php diff --git a/examples/symfony-app/README.md b/examples/symfony-app/README.md index dedb571bf72..5478359aca8 100644 --- a/examples/symfony-app/README.md +++ b/examples/symfony-app/README.md @@ -30,6 +30,8 @@ APP_CTP_PROJECT_KEY= your CTP_PROJECT_KEY 1. Open the Terminal 2. Run `composer dump-env prod` 3. Run `composer install` or `composer update` +4. Copy the [.env.sample](docker/php/.env.sample) file to the root folder renaming it `.env`. +5. Please fill the `.env` file with the missing data. ### Preparing the Docker environment diff --git a/examples/symfony-app/composer.json b/examples/symfony-app/composer.json index 7267ff3d860..19f1d0628ca 100644 --- a/examples/symfony-app/composer.json +++ b/examples/symfony-app/composer.json @@ -7,7 +7,7 @@ "php": ">=8.1", "ext-ctype": "*", "ext-iconv": "*", - "commercetools/commercetools-sdk": "^9.1", + "commercetools/commercetools-sdk": "^10.6.0", "symfony/console": "6.2.*", "symfony/dotenv": "6.2.*", "symfony/flex": "^2", diff --git a/examples/symfony-app/docker-compose.yml b/examples/symfony-app/docker-compose.yml index de88c72e114..e3afdd848ce 100644 --- a/examples/symfony-app/docker-compose.yml +++ b/examples/symfony-app/docker-compose.yml @@ -7,28 +7,9 @@ services: dockerfile: Dockerfile.datadog volumes: - .:/var/www/symfony + - ./docker/php/.env.sample:/var/www/symfony/.env expose: - "9000" - environment: - - DD_SERVICE=symfony-app - - DD_AGENT_HOST=datadog-agent - - DD_TRACE_AGENT_PORT=8126 - - DD_API_KEY=${DD_API_KEY} - - DD_TRACE_DEBUG=true - - DD_LOGS_ENABLED=true - - DD_PROCESS_AGENT_ENABLED=true - -# php-newrelic: -# build: -# context: ./docker/php -# dockerfile: Dockerfile.newrelic -# args: -# NEWRELIC_KEY: ${NEWRELIC_KEY} -# NEWRELIC_APP_NAME: "PHP_SDK" -# volumes: -# - .:/var/www/symfony -# expose: -# - "9001" nginx: build: @@ -38,21 +19,16 @@ services: - "8080:80" depends_on: - php-datadog -# - php-newrelic volumes: - ./var/logs/nginx:/var/log/nginx - - .:/var/www/symfony + - .:/var/www/symfony" datadog-agent: image: datadog/agent:latest - environment: - - DD_API_KEY=${DD_API_KEY} - - DD_SITE=datadoghq.com - - DD_APM_ENABLED=true ports: - - "8126:8126/tcp" + - "127.0.0.1:8126:8126/tcp" volumes: - - "/var/run/docker.sock:/var/run/docker.sock" + - "/var/run/docker.sock:/var/run/docker.sock:ro" - "/proc/:/host/proc/:ro" - "/sys/fs/cgroup/:/host/sys/fs/cgroup:ro" diff --git a/examples/symfony-app/docker/php/Dockerfile.datadog b/examples/symfony-app/docker/php/Dockerfile.datadog index 8873d66f091..6f3cab7a864 100644 --- a/examples/symfony-app/docker/php/Dockerfile.datadog +++ b/examples/symfony-app/docker/php/Dockerfile.datadog @@ -7,9 +7,16 @@ RUN apt-get update \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* +# Download Datadog setup script from the latest release and move it in /usr/local/bin +RUN curl -LO https://github.com/DataDog/dd-trace-php/releases/latest/download/datadog-setup.php \ + && mv datadog-setup.php /usr/local/bin/datadog-setup.php \ + && chmod +x /usr/local/bin/datadog-setup.php + # Copy Datadog configuration and setup script COPY conf.d/datadog.ini /usr/local/etc/php/conf.d/ -COPY datadog-setup.php /usr/local/bin/datadog-setup.php + +# Copy the .env.sample file from host to the container +COPY .env.sample /var/www/symfony/.env.sample # Run the setup script RUN php /usr/local/bin/datadog-setup.php --php-bin=all --enable-appsec --enable-profiling diff --git a/examples/symfony-app/docker/php/datadog-setup.php b/examples/symfony-app/docker/php/datadog-setup.php deleted file mode 100644 index 21871f073a0..00000000000 --- a/examples/symfony-app/docker/php/datadog-setup.php +++ /dev/null @@ -1,2383 +0,0 @@ - Install the library to the specified binary or - all php binaries in standard search paths. The - option can be provided multiple times. - --install-dir Install to a specific directory. Default: '$installdir' - --uninstall Uninstall the library from the specified binaries. - --extension-dir Specify the extension directory. Default: PHP's extension directory. - --ini Specify the INI file to use. Default: /98-ddtrace.ini - --enable-appsec Enable the application security monitoring module. - --enable-profiling Enable the profiling module. - -d setting[=value] Used in conjunction with `config ` - command to specify the INI setting to get or set. - -Available commands: - config list List Datadog's INI setting for the specified binaries. - config get Get INI setting for the specified binaries. - config set Set INI setting for the specified binaries. - -EOD; -} - -// phpcs:disable PSR1.Classes.ClassDeclaration.MissingNamespace -class IniRecord -{ - /** @var string */ - public $setting; - /** @var string */ - public $currentValue; - /** @var string */ - public $defaultValue; - /** @var string */ - public $iniFile; - /** @var string */ - public $binary; - - public function println() - { - // phpcs:disable Generic.Files.LineLength.TooLong - echo "$this->setting = $this->currentValue; default: $this->defaultValue, binary: $this->binary, INI file: $this->iniFile\n"; - // phpcs:disable Generic.Files.LineLength.TooLong - } -} - -/** - * @param array $options - * @return array - */ -function config_list(array $options) -{ - $iniSettings = get_ini_settings('', '', ''); - - // The first 3 are 'extension' type of settings. - $iniSettings = array_slice($iniSettings, CMD_CONFIG_NUM_SHIFT); - - // Build an index by unique names for filtering. - $indexByName = array_column($iniSettings, null, 'name'); - - $return = []; - - foreach (require_binaries_or_exit($options) as $command => $fullPath) { - $binaryForLog = ($command === $fullPath) ? $fullPath : "$command ($fullPath)"; - $iniFilePaths = find_all_ini_files(ini_values($fullPath)); - - foreach ($iniFilePaths as $iniFilePath) { - $iniFileSettings = parse_ini_file($iniFilePath, false, INI_SCANNER_RAW); - $settings = array_intersect_key($iniFileSettings, $indexByName); - - foreach ($settings as $iniFileSetting => $currentValue) { - $iniSetting = $indexByName[$iniFileSetting]; - $record = new IniRecord(); - $record->setting = $iniFileSetting; - $record->currentValue = $currentValue; - $record->defaultValue = $iniSetting['default']; - $record->iniFile = $iniFilePath; - $record->binary = $binaryForLog; - $return[$record->setting] = $record; - } - } - } - - return $return; -} - -/** - * This function will print out all Datadog specific PHP INI settings. The list - * of Datadog specific settings is retrieved by calling `get_ini_settings()`. It - * will also show the default and INI file this setting was found. - * The output will be grouped by PHP binary, example: - * - * $ php datadog-setup.php config list --php-bin all - * Searching for available php binaries, this operation might take a while. - * datadog.profiling.enabled = On; default: 1, binary: /opt/php/8.2/bin/php, INI file: /opt/php/etc/conf.d/98-ddtrace.ini - * datadog.profiling.experimental_allocation_enabled = On; default: 1, binary: /opt/php/8.2/bin/php, INI file: /opt/php/etc/conf.d/98-ddtrace.ini - * - * @see get_ini_settings - * @return void - */ -function cmd_config_list(array $options) -{ - foreach (config_list($options) as $record) { - $record->println(); - } -} - -/** - * This function will print the specified PHP INI settings. It only prints - * information for Datadog's own settings; it can't be used to parse opcache, - * xdebug, etc. - * The output will be grouped by PHP binary, example: - * - * $ php datadog-setup.php config get --php-bin all \ - * -ddatadog.profiling.experimental_allocation_enabled \ - * -ddatadog.profiling.experimental_cpu_time_enabled \ - * -dnonexisting \ - * -dopcache.preload - * datadog.profiling.experimental_allocation_enabled = On; binary: /opt/php/8.2/bin/php, INI file: /opt/php/etc/conf.d/98-ddtrace.ini - * datadog.profiling.experimental_cpu_time_enabled = On; binary: /opt/php/8.2/bin/php, INI file: /opt/php/etc/conf.d/98-ddtrace.ini - * nonexisting = undefined; is missing in INI files - * opcache.preload = undefined; is missing in INI files - * @return void - */ -function cmd_config_get(array $options) -{ - if (!isset($options['d'])) { - print_help(); - return; - } - /* A value could be set in multiple places: - * - /opt/php/8.1/etc/conf.d/98-ddtrace.ini - * - /opt/php/8.1/etc/conf.d/90-ddtrace-custom.ini - * So, a given setting like 'datadog.trace.enabled' is not necessarily - * unique in the iterator's keys. - */ - $records = []; - foreach (config_list($options) as $setting => $record) { - $records[$setting][] = $record; - } - - foreach ($options['d'] as $iniSetting) { - if (!isset($records[$iniSetting])) { - echo '; ', $iniSetting, ' = undefined; is missing in INI files', PHP_EOL; - } else { - foreach ($records[$iniSetting] as $record) { - $record->println(); - } - } - } -} - -/** - * This function will set the given INI settings for any given PHP binary - * - * 1. Scan all INI files for for this INI setting and update if found (updates - * in all INI files in case it finds in multiple places and warns about the - * mess it found). - * 2. In case it could not find, it searches for commented out versions of this - * INI setting, uncomments it and updates the value. It first checks this in - * the "default" INI file (the one that holds the `extension = ddtrace` line, - * then others and only promotes the first commented version found. - * 3. In case this INI setting is not there yet it creates a new entry in the - * "default" INI file (see above). - * - * $ php datadog-setup.php config set --php-bin all \ - * -ddatadog.profiling.experimental_allocation_enabled=On \ - * -ddatadog.profiling.experimental_cpu_time_enabled=On \ - * Setting configuration for binary: php (/opt/php/8.2/bin/php) - * Set 'datadog.profiling.experimental_allocation_enabled' to 'On' in INI file: /opt/php/etc/conf.d/98-ddtrace.ini - * Set 'datadog.profiling.experimental_cpu_time_enabled' to 'On' in INI file: /opt/php/etc/conf.d/98-ddtrace.ini - */ -function cmd_config_set(array $options) -{ - if (!isset($options['d'])) { - print_help(); - return; - } - $selectedBinaries = require_binaries_or_exit($options); - foreach ($selectedBinaries as $command => $fullPath) { - $binaryForLog = ($command === $fullPath) ? $fullPath : "$command ($fullPath)"; - echo "Setting configuration for binary: $binaryForLog", PHP_EOL; - - $phpProps = ini_values($fullPath); - - foreach ($options['d'] as $cliIniSetting) { - if (($setting = parse_ini_setting($cliIniSetting)) === false) { - echo "The given INI setting '", $cliIniSetting, - "' can't be converted to a valid INI setting, skipping.", PHP_EOL; - continue; - } - - $allIniFilePaths = find_all_ini_files($phpProps); - - $matchCount = 0; - // look for INI setting in INI files - foreach ($allIniFilePaths as $iniFile) { - $count = update_ini_setting($setting, $iniFile, false); - if ($count === 0) { - continue; - } - if ($count === false) { - echo "Could not set '", $setting[0], "' to '", $setting[1], - "' in INI file: ", $iniFile , PHP_EOL; - continue; - } - echo "Set '", $setting[0], "' to '", $setting[1], "' in INI file: ", $iniFile, PHP_EOL; - $matchCount += $count; - } - - if ($matchCount >= 1) { - // found and updated - if ($matchCount >= 2) { - echo "Warning: '$setting[0]' was found in multiple places, ", - "you might want to remove duplicates.", PHP_EOL; - } - continue; - } - - // If we are here, we could not find the INI setting in any files, so - // we try and look for commented versions - - $matchCount = 0; - // look for INI setting in INI files - foreach ($allIniFilePaths as $iniFile) { - $count = update_ini_setting($setting, $iniFile, true); - if ($count === 0) { - continue; - } - if ($count === false) { - echo "Could not set '", $setting[0], "' to '", $setting[1], - "' in INI file: ", $iniFile , PHP_EOL; - continue; - } - echo "Set '", $setting[0], "' to '", $setting[1], "' in INI file: ", $iniFile, PHP_EOL; - $matchCount += $count; - break; - } - - if ($matchCount >= 1) { - // found, promoted from comment and updated - continue; - } - - // Now we are here, meaning we could not find it, not in active nor in - // commented version, so we just add it to the default INI file(s) - - $mainIniFilePaths = find_main_ini_files($phpProps); - - $set = false; - foreach ($mainIniFilePaths as $iniFile) { - if (!file_exists($iniFile)) { - echo "File '$iniFile' does not exist. Trying to create it... "; - if (file_put_contents($iniFile, '') === false) { - echo "Could not set '{$setting[0]}' to '{$setting[1]}' in INI file: {$iniFile}.\n"; - $directory = dirname($iniFile); - if (!is_dir($directory)) { - echo "Directory '$directory' doesn't exist. Create it and try again if you want to use '$iniFile'.\n"; - } - continue; - } else { - echo "Success.\n"; - } - } - - $iniFileContent = file_get_contents($iniFile); - // check for "End of Line" symbol at the end of the file and - // add in case it is missing - if (strlen($iniFileContent) > 0 && substr($iniFileContent, -1, 1) !== PHP_EOL) { - $iniFileContent .= PHP_EOL; - } - $iniFileContent .= datadog - setup . phpimplode(' = ', $setting) . PHP_EOL; - if (file_put_contents($iniFile, $iniFileContent) === false) { - echo "Could not set '{$setting[0]}' to '{$setting[1]}' in INI file: {$iniFile}.\n"; - continue; - } - echo "Set '{$setting[0]}' to '{$setting[1]}' in INI file: $iniFile.\n"; - $set = true; - } - - if (!$set) { - echo "Unable to set '{$setting[0]}' to '{$setting[1]}' in any INI file for $binaryForLog.\n"; - exit(1); - } - } - } -} - -/** - * Parse a given INI setting (from CLI) into an array and return it. It also tries - * to parse the new setting with `parse_ini_string()` to validate it is actually - * working - * - * @param string $setting - * @return false|array{0:string, 1:string} - */ -function parse_ini_setting($setting) -{ - // `trim()` should not be needed, but better safe than sorry - $setting = array_map( - 'trim', - explode( - '=', - $setting, - 2 - ) - ); - if (count($setting) !== 2) { - return false; - } - // safety: try out if parsing the generated ini setting is actually possible - if (parse_ini_string($setting[0] . '=' . $setting[1], false, INI_SCANNER_RAW) === false) { - return false; - } - return $setting; -} - - -/** - * This function will try and update a given `$setting` in the INI file given in - * `$iniFile`. First it tries to find an uncommented version of the setting in - * the file and replace this with the new value. In case no uncommented version - * was found it tries to find commented versions of this INI setting. - * - * In case `$promoteComment` is set to `true`, this function will replace and - * therefore promote only the first occurrence it finds from a comment to an INI - * setting in the given `$iniFile`. - * - * @param array{0: string, 1: string} $setting - * @param string $iniFile - * @param bool $promoteComment - * @return false|int - */ -function update_ini_setting($setting, $iniFile, $promoteComment) -{ - $iniFileContent = file_get_contents($iniFile); - if ($promoteComment) { - $regex = '/^[\h;]*' . preg_quote($setting[0]) . '\h*=\h*?[^;\n\r]*/mi'; - } else { - $regex = '/^\h*' . preg_quote($setting[0]) . '\h*=\h*?[^;\n\r]*/mi'; - } - $count = 0; - $iniFileContent = preg_replace($regex, implode(' = ', $setting), $iniFileContent, $promoteComment ? 1 : -1, $count); - if ($iniFileContent === null) { - // something wrong with the regex, the user should see a warning - // in the form of "Warning: preg_replace(): Compilation failed ..." - return false; - } - if ($count > 0) { - if (file_put_contents($iniFile, $iniFileContent) === false) { - return false; - } - } - return $count; -} - -function install($options) -{ - $architecture = get_architecture(); - $platform = "$architecture-" . (IS_WINDOWS ? "windows" : "linux-" . (is_alpine() ? 'musl' : 'gnu')); - - // Checking required libraries - check_library_prerequisite_or_exit('libcurl'); - check_library_prerequisite_or_exit('libgcc_s'); - if (!is_alpine()) { - if (is_truthy($options[OPT_ENABLE_PROFILING])) { - check_library_prerequisite_or_exit('libdl.so'); - check_library_prerequisite_or_exit('libpthread'); - check_library_prerequisite_or_exit('librt'); - } - } - - // Picking the right binaries to install the library - $selectedBinaries = require_binaries_or_exit($options); - $interactive = empty($options[OPT_PHP_BIN]); - - // Preparing clean tmp folder to extract files - $tmpDir = sys_get_temp_dir() . '/dd-install'; - $tmpDirTarGz = $tmpDir . "/dd-library-php-{$platform}.tar.gz"; - $tmpArchiveRoot = $tmpDir . '/dd-library-php'; - $tmpArchiveTraceRoot = $tmpDir . '/dd-library-php/trace'; - $tmpArchiveAppsecRoot = $tmpDir . '/dd-library-php/appsec'; - $tmpArchiveAppsecBin = "{$tmpArchiveAppsecRoot}/bin"; - $tmpArchiveAppsecEtc = "{$tmpArchiveAppsecRoot}/etc"; - $tmpArchiveProfilingRoot = $tmpDir . '/dd-library-php/profiling'; - $tmpSrcDir = $tmpArchiveTraceRoot . '/src'; - if (!file_exists($tmpDir)) { - execute_or_exit("Cannot create directory '$tmpDir'", "mkdir " . (IS_WINDOWS ? "" : "-p ") . escapeshellarg($tmpDir)); - } - register_shutdown_function(function () use ($tmpDir) { - execute_or_exit("Cannot remove temporary directory '$tmpDir'", (IS_WINDOWS ? "rd /s /q " : "rm -rf ") . escapeshellarg($tmpDir)); - }); - if (!IS_WINDOWS) { - execute_or_exit( - "Cannot clean '$tmpDir'", - "rm -rf " . escapeshellarg($tmpDir) . "/* " - ); - } - - // Retrieve and extract the archive to a tmp location - if (isset($options[OPT_FILE])) { - print_warning('--' . OPT_FILE . ' option is intended for internal usage and can be removed without notice'); - $tmpDirTarGz = $options[OPT_FILE]; - } else { - $url = RELEASE_URL_PREFIX . "dd-library-php-" . RELEASE_VERSION . "-{$platform}.tar.gz"; - download($url, $tmpDirTarGz); - } - if (!IS_WINDOWS || `where tar 2> nul` !== null) { - execute_or_exit( - "Cannot extract the archive", - "tar -xf " . escapeshellarg($tmpDirTarGz) . " -C " . escapeshellarg($tmpDir) - ); - } elseif (($defaultPath = `where 7z 2> nul`) !== null || @is_dir($installDir7z = getenv("PROGRAMFILES") . "\\7-Zip")) { - if ($defaultPath === null) { - putenv("PATH=" . getenv("PATH") . ";$installDir7z"); - } - execute_or_exit( - "Cannot extract the archive", - "7z x " . escapeshellarg($tmpDirTarGz) . " -so | 7z x -aoa -si -ttar -o" . escapeshellarg($tmpDir) - ); - } else { - die("ERROR: neither tar nor 7z are installed and available in %PATH%. Please install either to continue the installation.\n"); - } - - $releaseVersion = trim(file_get_contents("$tmpArchiveRoot/VERSION")); - - $installDir = $options[OPT_INSTALL_DIR] . '/' . $releaseVersion; - - // Tracer sources - $installDirSourcesDir = $installDir . '/dd-trace-sources'; - $installDirSrcDir = $installDirSourcesDir . '/src'; - // copying sources to the final destination - if (!file_exists($installDirSourcesDir)) { - execute_or_exit( - "Cannot create directory '$installDirSourcesDir'", - "mkdir " . (IS_WINDOWS ? "" : "-p ") . escapeshellarg($installDirSourcesDir) - ); - } - execute_or_exit( - "Cannot copy files from '$tmpSrcDir' to '$installDirSourcesDir'", - (IS_WINDOWS ? "echo d | xcopy /s /e /y /g /b /o /h " : "cp -r ") . escapeshellarg("$tmpSrcDir") . ' ' . escapeshellarg($installDirSrcDir) - ); - echo "Installed required source files to '$installDir'\n"; - - // Appsec helper and rules - if (file_exists($tmpArchiveAppsecRoot)) { - execute_or_exit( - "Cannot copy files from '$tmpArchiveAppsecBin' to '$installDir'", - (IS_WINDOWS ? "xcopy /s /e /y /g /b /o /h " : "cp -rf ") . escapeshellarg("$tmpArchiveAppsecBin") . ' ' . escapeshellarg($installDir) - ); - execute_or_exit( - "Cannot copy files from '$tmpArchiveAppsecEtc' to '$installDir'", - (IS_WINDOWS ? "xcopy /s /e /y /g /b /o /h " : "cp -r ") . escapeshellarg("$tmpArchiveAppsecEtc") . ' ' . escapeshellarg($installDir) - ); - } - $appSecRulesPath = $installDir . '/etc/recommended.json'; - - // Actual installation - foreach ($selectedBinaries as $command => $fullPath) { - $binaryForLog = ($command === $fullPath) ? $fullPath : "$command ($fullPath)"; - echo "Installing to binary: $binaryForLog\n"; - - check_php_ext_prerequisite_or_exit($fullPath, 'json'); - - $phpProperties = ini_values($fullPath); - if (!isset($phpProperties[INI_SCANDIR])) { - if (!isset($phpProperties[INI_MAIN])) { - if (IS_WINDOWS) { - $phpProperties[INI_MAIN] = dirname($fullPath) . "/php.ini"; - } else { - print_error_and_exit( - "It is not possible to perform installation on this " - . "system because there is no scan directory and no " - . "configuration file loaded." - ); - } - } - - print_warning( - "Performing an installation without a scan directory may " - . "result in fragile installations that are broken by normal " - . "system upgrades. It is advisable to use the configure " - . "switch --with-config-file-scan-dir when building PHP." - ); - } - - // Copying the extension - $extensionVersion = $phpProperties[PHP_API]; - - // Suffix (zts/debug/alpine) - $extensionSuffix = ''; - if (is_truthy($phpProperties[IS_DEBUG])) { - $extensionSuffix .= '-debug'; - } - if (is_truthy($phpProperties[THREAD_SAFETY])) { - $extensionSuffix .= '-zts'; - } - - $extDir = isset($options[OPT_EXTENSION_DIR]) ? $options[OPT_EXTENSION_DIR] : $phpProperties[EXTENSION_DIR]; - echo "Installing extension to $extDir\n"; - - // Trace - $extensionRealPath = "$tmpArchiveTraceRoot/ext/$extensionVersion/" - . EXTENSION_PREFIX . "ddtrace$extensionSuffix." . EXTENSION_SUFFIX; - if (!file_exists($extensionRealPath)) { - print_error_and_exit(substr($extensionSuffix ?: '-nts', 1) - . ' builds of PHP ' . $phpProperties[PHP_VER] . ' are currently not supported'); - } - - $extensionDestination = $extDir . '/' . EXTENSION_PREFIX . 'ddtrace.' . EXTENSION_SUFFIX; - safe_copy_extension($extensionRealPath, $extensionDestination); - - // Profiling - $profilingExtensionRealPath = "$tmpArchiveProfilingRoot/ext/$extensionVersion/" - . EXTENSION_PREFIX . "datadog-profiling$extensionSuffix." . EXTENSION_SUFFIX; - $shouldInstallProfiling = file_exists($profilingExtensionRealPath); - - if ($shouldInstallProfiling) { - $profilingExtensionDestination = $extDir . '/' . EXTENSION_PREFIX . 'datadog-profiling.' . EXTENSION_SUFFIX; - safe_copy_extension($profilingExtensionRealPath, $profilingExtensionDestination); - } - - // Appsec - $appsecExtensionRealPath = "{$tmpArchiveAppsecRoot}/ext/{$extensionVersion}/" - . EXTENSION_PREFIX . "ddappsec{$extensionSuffix}." . EXTENSION_SUFFIX; - $shouldInstallAppsec = file_exists($appsecExtensionRealPath); - - if ($shouldInstallAppsec) { - $appsecExtensionDestination = $extDir . '/' . EXTENSION_PREFIX . 'ddappsec.' . EXTENSION_SUFFIX; - safe_copy_extension($appsecExtensionRealPath, $appsecExtensionDestination); - } - $appSecHelperPath = $installDir . '/bin/ddappsec-helper'; - - if (isset($options[OPT_PHP_INI])) { - $iniFilePaths = $options[OPT_PHP_INI]; - } else { - $iniFilePaths = find_main_ini_files($phpProperties); - } - - foreach ($iniFilePaths as $iniFilePath) { - $replacements = []; - - if (!file_exists($iniFilePath)) { - $iniDir = dirname($iniFilePath); - if (!file_exists($iniDir)) { - execute_or_exit( - "Cannot create directory '$iniDir'", - "mkdir " . (IS_WINDOWS ? "" : "-p ") . escapeshellarg($iniDir) - ); - } - - if (false === file_put_contents($iniFilePath, '')) { - print_error_and_exit("Cannot create INI file $iniFilePath"); - } - echo "Created INI file '$iniFilePath'\n"; - } else { - echo "Updating existing INI file '$iniFilePath'"; - if (is_link($iniFilePath)) { - $iniFilePath = readlink($iniFilePath); - echo " which is a symlink to '$iniFilePath'"; - } - echo "\n"; - - $replacements += [ - // Old name is deprecated - '(ddtrace\.request_init_hook)' => 'datadog.trace.sources_path', - '(datadog\.trace\.request_init_hook)' => 'datadog.trace.sources_path', - '((datadog\.trace\.sources_path)\s*=\s*.*)' => "$1 = $installDirSrcDir", - ]; - } - - if (isset($options[OPT_EXTENSION_DIR])) { - $replacements += [ - '(^\s*;?\s*extension\s*=\s*.*ddtrace.*)m' => "extension = $extensionDestination", - ]; - } else { - $replacements += [ - /* In order to support upgrading from legacy installation method to new installation method, we - * replace "extension = /opt/datadog-php/xyz.so" with "extension = ddtrace.so" honoring trailing - * `;`, hence not automatically re-activating the extension if the user had commented it out. - */ - '(^\s*;?\s*extension\s*=\s*.*ddtrace.*)m' => "extension = ddtrace" . (IS_WINDOWS ? "" : "." . EXTENSION_SUFFIX), - // Support upgrading from the C based zend_extension. - '(zend_extension\s*=\s*.*datadog-profiling.*)' => "extension = datadog-profiling" . (IS_WINDOWS ? "" : "." . EXTENSION_SUFFIX), - ]; - } - - // Enabling profiling - if (is_truthy($options[OPT_ENABLE_PROFILING])) { - // phpcs:disable Generic.Files.LineLength.TooLong - if ($shouldInstallProfiling) { - if (isset($options[OPT_EXTENSION_DIR])) { - $replacements['(zend_extension\s*=\s*.*datadog-profiling.*)'] = "extension = $profilingExtensionDestination"; - $replacements['(^\s*;?\s*extension\s*=\s*.*datadog-profiling.*)m'] = "extension = $profilingExtensionDestination"; - } else { - $replacements['(^\s*;?\s*extension\s*=\s*.*datadog-profiling.*)m'] = "extension = datadog-profiling" . (IS_WINDOWS ? "" : "." . EXTENSION_SUFFIX); - } - } else { - $enableProfiling = OPT_ENABLE_PROFILING; - print_error_and_exit( - "Option --{$enableProfiling} was provided, but it is not supported on this PHP build or version.\n" - ); - } - // phpcs:enable Generic.Files.LineLength.TooLong - } - - // Load AppSec and enable/disable as required - - // phpcs:disable Generic.Files.LineLength.TooLong - if ($shouldInstallAppsec) { - $rulesPathRegex = preg_quote($options[OPT_INSTALL_DIR]) . "/[0-9\.]*/etc/recommended.json"; - $iniAppsecExtension = isset($options[OPT_EXTENSION_DIR]) - ? $appsecExtensionDestination - : ("ddappsec" . (IS_WINDOWS ? "" : "." . EXTENSION_SUFFIX)); - $replacements += [ - '(^\s*;?\s*extension\s*=\s*.*ddappsec.*)m' => "extension = $iniAppsecExtension", - // Update helper path - '(datadog.appsec.helper_path\s*=.*)' => "datadog.appsec.helper_path = $appSecHelperPath", - // Update and comment rules path - '(^[\s;]*datadog.appsec.rules\s*=\s*' . $rulesPathRegex . ')m' => "; datadog.appsec.rules = " . $appSecRulesPath, - ]; - if (is_truthy($options[OPT_ENABLE_APPSEC])) { - $replacements += ['(^[\s;]*datadog.appsec.enabled\s*=.*)m' => 'datadog.appsec.enabled = On']; - } - } else { - // Ensure AppSec isn't loaded if not compatible - $replacements['(^[\s;]*extension\s*=\s*.*ddappsec.*)m'] = "; extension = ddappsec" . (IS_WINDOWS ? "" : "." . EXTENSION_SUFFIX); - - if (is_truthy($options[OPT_ENABLE_APPSEC])) { - $enableAppsec = OPT_ENABLE_APPSEC; - print_error_and_exit( - "Option --{$enableAppsec} was provided, but it is not supported on this PHP build or version.\n" - ); - } - } - - add_missing_ini_settings( - $iniFilePath, - get_ini_settings($installDirSrcDir, $appSecHelperPath, $appSecRulesPath), - $replacements - ); - - // phpcs:enable Generic.Files.LineLength.TooLong - - echo "Installation to '$binaryForLog' was successful\n"; - } - } - - echo "--------------------------------------------------\n"; - echo "SUCCESS\n\n"; - if ($interactive) { - echo "To run this script in a non interactive mode, use the following options:\n"; - $args = array_merge( - $_SERVER["argv"], - array_map( - function ($el) { - return '--php-bin=' . $el; - }, - array_keys($selectedBinaries) - ) - ); - echo " php " . implode(" ", array_map("escapeshellarg", $args)) . "\n"; - } -} - -/** - * Returns a list of all INI files found for the `$phpProperties` given. - * - * Does so by scanning the INI scan directory for `.ini` files. Additionally we - * check if we are running on a Debian based distribution so we assume the INI - * files are split by SAPI, so we try and add the Apache SAPI INI files as - * well. In case it exists, we also add the default `php.ini` file to the list. - * - * The returned array is somewhat sorted to have the "default" INI file for - * Datadog (`98-ddtrace.ini`) in the beginning of the array. - * - * @see ini_values - * @return string[] - */ -function find_all_ini_files(array $phpProperties) -{ - $iniFilePaths = []; - - $addIniFiles = function ($path) use (&$iniFilePaths) { - if (!is_dir($path)) { - return; - } - foreach (scandir($path) as $ini) { - if (!is_file($path . '/' . $ini) || substr($ini, -4) !== '.ini') { - continue; - } - $iniFile = $path . '/' . $ini; - if (strpos($ini, '98-ddtrace.ini') !== false) { - array_unshift($iniFilePaths, $iniFile); - } else { - $iniFilePaths[] = $iniFile; - } - } - }; - - if ($phpProperties[INI_SCANDIR]) { - $addIniFiles($phpProperties[INI_SCANDIR]); - - if (strpos($phpProperties[INI_SCANDIR], '/cli/conf.d') !== false) { - /* debian based distros have INI folders split by SAPI, in a predefined way: - * - <...>/cli/conf.d <-- we know this from php -i - * - <...>/apache2/conf.d <-- we derive this from relative path - * - <...>/fpm/conf.d <-- we derive this from relative path - */ - $apacheConfd = str_replace('/cli/conf.d', '/apache2/conf.d', $phpProperties[INI_SCANDIR]); - $addIniFiles($apacheConfd); - } - } - - if (isset($phpProperties[INI_MAIN]) && is_file($phpProperties[INI_MAIN])) { - $iniFilePaths = [$phpProperties[INI_MAIN]]; - } - - return $iniFilePaths; -} - -/** - * This function will find the main INI file(s) for the given `$phpProperties`. - * - * The "main" or "default" INI file is either a `98-ddtrace.ini` file or - * another INI file that loads the extension (or rephrasing this as: the file - * the has the `extension = ddtrace` line in it). - * - * In most cases this function will return an array with exactly one element, - * only in case we detect a Debian based distribution, it might contain two - * elements, as debian based distributions split the INI folders based on SAPI - * and we include those as well. - * - * The `$phpProperties` can be retrieved by calling `ini_values($pathToPHPBinary)`. - * - * @see ini_values - * @return string[] - */ -function find_main_ini_files(array $phpProperties) -{ - if (isset($phpProperties[INI_SCANDIR])) { - $iniFileName = '98-ddtrace.ini'; - // Search for pre-existing files with extension = ddtrace.so to avoid conflicts - // See issue https://github.com/DataDog/dd-trace-php/issues/1833 - if (is_dir($phpProperties[INI_SCANDIR])) { - foreach (scandir($phpProperties[INI_SCANDIR]) as $ini) { - $path = "{$phpProperties[INI_SCANDIR]}/$ini"; - if (is_file($path)) { - // match /path/to/ddtrace.so, plain extension = ddtrace or future extensions like ddtrace.dll - if (preg_match("(^\s*extension\s*=\s*(\S*ddtrace)\b)m", file_get_contents($path), $res)) { - if (basename($res[1]) == "ddtrace") { - $iniFileName = $ini; - } - } - } - } - } - - $iniFilePaths = [$phpProperties[INI_SCANDIR] . '/' . $iniFileName]; - - if (strpos($phpProperties[INI_SCANDIR], '/cli/conf.d') !== false) { - /* debian based distros have INI folders split by SAPI, in a predefined way: - * - <...>/cli/conf.d <-- we know this from php -i - * - <...>/apache2/conf.d <-- we derive this from relative path - * - <...>/fpm/conf.d <-- we derive this from relative path - */ - $apacheConfd = str_replace('/cli/conf.d', '/apache2/conf.d', $phpProperties[INI_SCANDIR]); - if (is_dir($apacheConfd)) { - $iniFilePaths[] = "$apacheConfd/$iniFileName"; - } - } - } else { - $iniFileName = $phpProperties[INI_MAIN]; - $iniFilePaths = [$iniFileName]; - } - return $iniFilePaths; -} - -/** - * Copies an extension's file to a destination using copy+rename to avoid segfault if the file is loaded by php. - * - * @param string $source - * @param string $destination - * @return void - */ -function safe_copy_extension($source, $destination) -{ - /* Move - rename() - instead of copy() since copying does a fopen() and copies to the stream itself, causing a - * segfault in the PHP process that is running and had loaded the old shared object file. - */ - if (IS_WINDOWS && file_exists($destination)) { - // We have to blackhole it in tempdir because it is likely currently loaded and may not be replaced in place. - rename($destination, getenv("TEMP") . "\\" . time() . "-" . basename($destination)); - } - - $destinationDir = dirname($destination); - if (!file_exists($destinationDir)) { - execute_or_exit( - "Cannot create directory '$destinationDir'", - "mkdir " . (IS_WINDOWS ? "" : "-p ") . escapeshellarg($destinationDir) - ); - } - - $tmpName = $destination . '.tmp'; - copy($source, $tmpName); - rename($tmpName, $destination); - echo "Copied '$source' to '$destination'\n"; -} - -function uninstall($options) -{ - $selectedBinaries = require_binaries_or_exit($options); - - foreach ($selectedBinaries as $command => $fullPath) { - $binaryForLog = ($command === $fullPath) ? $fullPath : "$command ($fullPath)"; - echo "Uninstalling from binary: $binaryForLog\n"; - - $phpProperties = ini_values($fullPath); - $extensionDir = isset($options[OPT_EXTENSION_DIR]) ? $options[OPT_EXTENSION_DIR] : $phpProperties[EXTENSION_DIR]; - - $extensionDestinations = [ - $extensionDir . '/' . EXTENSION_PREFIX . 'ddtrace.' . EXTENSION_SUFFIX, - $extensionDir . '/' . EXTENSION_PREFIX . 'datadog-profiling.' . EXTENSION_SUFFIX, - $extensionDir . '/' . EXTENSION_PREFIX . 'ddappsec.' . EXTENSION_SUFFIX, - ]; - - $iniFileName = '98-ddtrace.ini'; - if (isset($phpProperties[INI_SCANDIR])) { - $iniFilePaths = [$phpProperties[INI_SCANDIR] . '/' . $iniFileName]; - - if (strpos('/cli/conf.d', $phpProperties[INI_SCANDIR]) >= 0) { - /* debian based distros have INI folders split by SAPI, in a predefined way: - * - <...>/cli/conf.d <-- we know this from php -i - * - <...>/apache2/conf.d <-- we derive this from relative path - * - <...>/fpm/conf.d <-- we derive this from relative path - */ - $apacheConfd = str_replace('/cli/conf.d', '/apache2/conf.d', $phpProperties[INI_SCANDIR]); - if (is_dir($apacheConfd)) { - $iniFilePaths[] = "$apacheConfd/$iniFileName"; - } - } - } else { - if (!isset($phpProperties[INI_MAIN])) { - print_error_and_exit( - "It is not possible to perform uninstallation on this " - . "system because there is no scan directory and no " - . "configuration file loaded." - ); - } - - $iniFilePaths = [$phpProperties[INI_MAIN]]; - } - - /* Actual uninstall - * 1) comment out extension=ddtrace.so - * 2) remove ddtrace.so - */ - foreach ($iniFilePaths as $iniFilePath) { - if (is_link($iniFilePath)) { - $iniFilePath = readlink($iniFilePath); - } - if (file_exists($iniFilePath)) { - $isDatadogIni = basename($iniFilePath) == $iniFileName; - modify_ini_file($iniFilePath, function ($iniFileContents) use ($isDatadogIni) { - // if it's not our own ini, we need to match for datadog extensions specifically - if ($isDatadogIni) { - return preg_replace("(^\s*?(zend_)?extension\s*=)m", "; $0", $iniFileContents); - } - return preg_replace("(^\s*?(zend_)?extension\s*=(?=.*(ddtrace|datadog-profiling|ddappsec)))m", "; $0", $iniFileContents); - }); - echo "Disabled all" . ($isDatadogIni ? "" : " Datadog") . " modules in INI file '$iniFilePath'. " - . "The file has not been removed to preserve custom settings.\n"; - } - } - $errors = false; - foreach ($extensionDestinations as $extensionDestination) { - if (file_exists($extensionDestination) && false === unlink($extensionDestination)) { - print_warning("Error while removing $extensionDestination. It can be manually removed."); - $errors = true; - } - } - if ($errors) { - echo "Uninstall from '$binaryForLog' was completed with warnings\n"; - } else { - echo "Uninstall from '$binaryForLog' was successful\n"; - } - } -} - -/** - * Returns a list of php binaries where the library will be installed. If not explicitly provided by the CLI options, - * then the list is retrieved using an interactive session. - * - * @param array $options - * @return array - */ -function require_binaries_or_exit($options) -{ - $selectedBinaries = []; - if (empty($options[OPT_PHP_BIN])) { - $selectedBinaries = pick_binaries_interactive($options, search_php_binaries()); - } else { - foreach ($options[OPT_PHP_BIN] as $command) { - if ($command == "all") { - foreach (search_php_binaries() as $command => $binaryinfo) { - if (!$binaryinfo["shebang"]) { - $selectedBinaries[$command] = $binaryinfo["path"]; - } - } - } elseif ($resolvedPath = resolve_command_full_path($command)) { - $selectedBinaries[$command] = $resolvedPath; - } else { - print_error_and_exit("Provided PHP binary '$command' was not found.\n"); - } - } - } - - if (empty($selectedBinaries)) { - print_error_and_exit("At least one binary must be specified\n"); - } - - return $selectedBinaries; -} - -function search_for_working_ldconfig() -{ - static $path; - - if ($path) { - return $path; - } - - $paths = [ - "/sbin", /* this is most likely path */ - "/usr/sbin", - "/usr/local/sbin", - "/bin", - "/usr/bin", - "/usr/local/bin", - ]; - - $search = function (&$path) { - exec("find $path -name ldconfig", $found, $result); - - return $result == 0 - ? ($path = end($found)) - : null; - }; - - /* searching individual paths is much faster than searching - them all */ - foreach ($paths as $path) { - if ($search($path)) { - return $path; - } - } - - /* probably won't get this far, but just in case */ - foreach (explode(":", getenv("PATH")) as $path) { - if (!in_array($path, $paths)) { - if ($search($path)) { - return $path; - } - } - } - - /* - we cannot find a working ldconfig binary on this system, - fall back on previous behaviour: - - there is a slim outside chance that exec() expands ldconfig - */ - return $path = "ldconfig"; -} - -/** - * Checks if a library is available or not in an OS-independent way. - * - * @param string $requiredLibrary E.g. libcurl - * @return void - */ -function check_library_prerequisite_or_exit($requiredLibrary) -{ - if (IS_WINDOWS) { - // No particular requirements here - return; - } - - if (is_alpine()) { - $lastLine = execute_or_exit( - "Error while searching for library '$requiredLibrary'.", - "find /usr/local/lib /usr/lib -type f -name '*{$requiredLibrary}*.so*'" - ); - } else { - $ldconfig = search_for_working_ldconfig(); - $lastLine = execute_or_exit( - "Cannot find library '$requiredLibrary'", - "$ldconfig -p | grep $requiredLibrary" - ); - } - - if (empty($lastLine)) { - print_error_and_exit("Required library '$requiredLibrary' not found.\n"); - } -} - -/** - * Checks if an extension is enabled or not. - * - * @param string $binary - * @param string $extName E.g. json - * @return void - */ -function check_php_ext_prerequisite_or_exit($binary, $extName) -{ - $extensions = shell_exec("$binary -m"); - - if (!in_array($extName, array_map("trim", explode("\n", $extensions)))) { - print_error_and_exit("Required PHP extension '$extName' not found.\n"); - } -} - -/** - * @return bool - */ -function is_alpine() -{ - if (IS_WINDOWS) { - return false; - } - - $osInfoFile = '/etc/os-release'; - // if /etc/os-release is not readable then assume it's not alpine. - if (!is_readable($osInfoFile)) { - return false; - } - return false !== stripos(file_get_contents($osInfoFile), 'alpine'); -} - -/** - * Returns the host architecture, e.g. x86_64, aarch64 - * - * @return string - */ -function get_architecture() -{ - if (IS_WINDOWS) { - if (PHP_INT_SIZE === 4) { - // we don't support that one, but we include it so that the installer can properly fail - return "x86"; - } else { - if ($env = getenv("PROCESSOR_ARCHITECTURE")) { - return $env === "AMD64" ? "x86_64" : strtolower($env); - } - // fallback - return "x86_64"; - } - } - - return execute_or_exit( - "Cannot detect host architecture (uname -m)", - "uname -m" - ); -} - -/** - * @return array|false - */ -function parse_cli_arguments(array $argv = null) -{ - if (is_null($argv)) { - $argv = $_SERVER['argv']; - } - - // strip the application name - array_shift($argv); - - $arguments = [ - 'cmd' => null, - 'opts' => [], - ]; - - while (null !== $token = array_shift($argv)) { - if (substr($token, 0, 2) === '--') { - // parse long option - $key = substr($token, 2); - $value = false; - // --php-bin=php - if (strpos($key, '=') !== false) { - list($key, $value) = explode('=', $key, 2); - } else { - // look ahead to next $token - if (isset($argv[0]) && substr($argv[0], 0, 1) !== '-') { - $value = array_shift($argv); - if ($value === null) { - $value = false; - } - } - } - } elseif (substr($token, 0, 1) === '-') { - // parse short option - $key = $token[1]; - $value = false; - if (strlen($token) === 2) { - // -d datadog.profiling.enabled or -h - // look ahead to next $token - if (isset($argv[0]) && substr($argv[0], 0, 1) !== '-') { - $value = array_shift($argv); - if ($value === null) { - $value = false; - } - } - } else { - // -ddatadog.profiling.enabled - $value = substr($token, 2); - } - } else { - if (substr($token, 0, 2) === 'DD') { - // we do support using environment variables as well, all those - // start with DD_, so we make sure to check this and then map - // to an INI setting. Example - // php datadog-setup.php config set --php-bin all DD_ENV=prod - $key = 'd'; - list($env, $value) = explode('=', $token, 2); - $ini = map_env_to_ini($env); - if ($ini === null) { - echo "Parse error at token '$token', environment variable not recognized.", PHP_EOL; - return false; - } - $value = $ini . '=' . $value; - } else { - if (count($arguments['opts'])) { - // php datadog-setup.php --php-bin=all php6 - // The "php6" is a problem - echo "Parse error at token '$token'", PHP_EOL; - return false; - } - // parse command - if ($arguments['cmd'] === null) { - $arguments['cmd'] = $token; - } else { - $arguments['cmd'] .= ' ' . $token; - } - continue; - } - } - - if (!isset($arguments['opts'][$key])) { - $arguments['opts'][$key] = $value; - } elseif (is_string($arguments['opts'][$key])) { - $arguments['opts'][$key] = [ - $arguments['opts'][$key], - $value, - ]; - } else { - $arguments['opts'][$key][] = $value; - } - } - - if ($arguments['cmd'] === null) { - $arguments['cmd'] = 'install'; - } - - return $arguments; -} - -/** - * Parses command line options provided by the user and generate a normalized $options array. - * @return array - */ -function parse_validate_user_options() -{ - $args = parse_cli_arguments(); - - // Help and exit - if ($args === false || key_exists('h', $args['opts']) || key_exists(OPT_HELP, $args['opts'])) { - print_help(); - exit(0); - } - - $options = $args['opts']; - $normalizedOptions = []; - - $normalizedOptions[OPT_UNINSTALL] = isset($options[OPT_UNINSTALL]); - - if (!$normalizedOptions[OPT_UNINSTALL]) { - if (isset($options[OPT_FILE])) { - if (is_array($options[OPT_FILE])) { - print_error_and_exit('Only one --file can be provided', true); - } - $normalizedOptions[OPT_FILE] = $options[OPT_FILE]; - } - } - - if (isset($options[OPT_PHP_BIN])) { - if ($options[OPT_PHP_BIN] === false) { - print_error_and_exit('PHP binary needs to be provided when using --php-bin', true); - } - $normalizedOptions[OPT_PHP_BIN] = is_array($options[OPT_PHP_BIN]) - ? $options[OPT_PHP_BIN] - : [$options[OPT_PHP_BIN]]; - } - - if (isset($options[OPT_PHP_INI])) { - $normalizedOptions[OPT_PHP_INI] = is_array($options[OPT_PHP_INI]) - ? $options[OPT_PHP_INI] - : [$options[OPT_PHP_INI]]; - } - - $normalizedOptions[OPT_INSTALL_DIR] = isset($options[OPT_INSTALL_DIR]) - ? rtrim($options[OPT_INSTALL_DIR], '/') - : DEFAULT_INSTALL_DIR; - $normalizedOptions[OPT_INSTALL_DIR] = $normalizedOptions[OPT_INSTALL_DIR] . '/dd-library'; - - $normalizedOptions[OPT_EXTENSION_DIR] = isset($options[OPT_EXTENSION_DIR]) - ? rtrim($options[OPT_EXTENSION_DIR], '/') - : null; - - $normalizedOptions[OPT_ENABLE_APPSEC] = isset($options[OPT_ENABLE_APPSEC]); - $normalizedOptions[OPT_ENABLE_PROFILING] = isset($options[OPT_ENABLE_PROFILING]); - - if (isset($options[OPT_INI_SETTING])) { - $normalizedOptions[OPT_INI_SETTING] = is_array($options[OPT_INI_SETTING]) - ? $options[OPT_INI_SETTING] - : [$options[OPT_INI_SETTING]]; - } - - return [ - 'cmd' => $args['cmd'], - 'opts' => $normalizedOptions, - ]; -} - -function print_error_and_exit($message, $printHelp = false) -{ - echo "ERROR: $message\n"; - if ($printHelp) { - print_help(); - } - exit(1); -} - -function print_warning($message) -{ - echo "WARNING: $message\n"; -} - -/** - * Given a certain set of available PHP binaries, let users pick in an interactive way the ones where the library - * should be installed to. - * - * @param array $options - * @param array $php_binaries - * @return array - */ -function pick_binaries_interactive($options, array $php_binaries) -{ - echo sprintf( - "Multiple PHP binaries detected. Please select the binaries the datadog library will be %s:\n\n", - $options[OPT_UNINSTALL] ? "uninstalled from" : "installed to" - ); - $commands = array_keys($php_binaries); - for ($index = 0; $index < count($commands); $index++) { - $command = $commands[$index]; - $fullPath = $php_binaries[$command]["path"]; - echo " " - . str_pad($index + 1, 2, ' ', STR_PAD_LEFT) - . ". " - . ($command !== $fullPath ? "$command --> " : "") - . $fullPath - . ($php_binaries[$command]["shebang"] ? " (not a binary)" : "") - . "\n"; - } - echo "\n"; - flush(); - - echo "Select binaries using their number. Multiple binaries separated by space (example: 1 3): "; - $userInput = fgets(STDIN); - $choices = array_map('intval', array_filter(explode(' ', $userInput))); - - $pickedBinaries = []; - foreach ($choices as $choice) { - $index = $choice - 1; // we render to the user as 1-indexed - if (!isset($commands[$index])) { - echo "\nERROR: Wrong choice: $choice\n\n"; - return pick_binaries_interactive($options, $php_binaries); - } - $command = $commands[$index]; - $pickedBinaries[$command] = $php_binaries[$command]["path"]; - } - - return $pickedBinaries; -} - -function execute_or_exit($exitMessage, $command) -{ - $output = []; - $returnCode = 0; - $lastLine = exec($command, $output, $returnCode); - if (false === $lastLine || $returnCode > 0) { - print_error_and_exit( - $exitMessage - . "\nFailed command (return code $returnCode): $command\n" - . "---- Output ----\n" - . implode("\n", $output) - . "\n---- End of output ----\n" - ); - } - - return $lastLine; -} - -/** - * Downloads the library applying a number of fallback mechanisms if specific libraries/binaries are not available. - * - * @param string $url - * @param string $destination - */ -function download($url, $destination) -{ - echo "Downloading installable archive from $url.\n"; - echo "This operation might take a while.\n"; - - $okMessage = "\nDownload completed\n\n"; - - /* We try the following options, mostly to provide progress report, if possible: - * 1) `ext-curl` (with progress report); if 'ext-curl' is not installed... - * 2) `curl` from CLI (it shows progress); if `curl` is not installed... - * 3) `file_get_contents()` (no progress report); if `allow_url_fopen=0`... - * 4) exit with errror - */ - - // ext-curl - if (extension_loaded('curl')) { - if (false === $fp = fopen($destination, 'w+')) { - print_error_and_exit("Error while opening target file '$destination' for writing\n"); - } - global $progress_counter; - $ch = curl_init($url); - curl_setopt($ch, CURLOPT_TIMEOUT, 50); - curl_setopt($ch, CURLOPT_FILE, $fp); - curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); - curl_setopt($ch, CURLOPT_PROGRESSFUNCTION, 'on_download_progress'); - curl_setopt($ch, CURLOPT_NOPROGRESS, false); - $progress_counter = 0; - $return = curl_exec($ch); - curl_close($ch); - fclose($fp); - - if (false !== $return) { - echo $okMessage; - return; - } - // Otherwise we attempt other methods - } - - // curl - $statusCode = 0; - $output = []; - // on Windows curl is an alias for Invoke-WebRequest on powershell - if (!IS_WINDOWS && false !== exec('curl --version', $output, $statusCode) && $statusCode === 0) { - $curlInvocationStatusCode = 0; - system( - 'curl -L --output ' . escapeshellarg($destination) . ' ' . escapeshellarg($url), - $curlInvocationStatusCode - ); - - if ($curlInvocationStatusCode === 0) { - echo $okMessage; - return; - } - // Otherwise we attempt other methods - } - - // file_get_contents - if (is_truthy(ini_get('allow_url_fopen')) && extension_loaded('openssl')) { - ini_set("memory_limit", "1G"); // increase memory limit otherwise we may run OOM here. - $data = @file_get_contents($url); - // PHP doesn't like too long location headers, and on PHP 7.3 and older they weren't read at all. - // But this only really matters for CircleCI artifacts, so not too bad. - if ($data == "") { - foreach ($http_response_header as $header) { - if (stripos($header, "location: ") === 0) { - $data = file_get_contents(substr($header, 10)); - goto got_data; - } - } - if (PHP_VERSION_ID < 70400) { - goto next_method; // location redirects may not be read on 7.3 and older - } - } - got_data: ; - if ($data == "" || false === file_put_contents($destination, $data)) { - print_error_and_exit("Error while downloading the installable archive from $url\n"); - } - - echo $okMessage; - return; - - next_method: - } - - if (IS_WINDOWS) { - $webRequestInvocationStatusCode = 0; - system( - 'powershell ' . escapeshellarg('[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; Invoke-WebRequest -Out ' . escapeshellarg($destination) . ' ' . escapeshellarg($url)), - $webRequestInvocationStatusCode - ); - if ($webRequestInvocationStatusCode === 0) { - echo $okMessage; - return; - } - // Otherwise we attempt other methods - } - - - echo "Error: Cannot download the installable archive.\n"; - echo " One of the following prerequisites must be satisfied:\n"; - echo " - PHP ext-curl extension is installed\n"; - if (!IS_WINDOWS) { - echo " - curl CLI command is available\n"; - } else { - echo " - Invoke-WebRequest exists on the powershell\n"; - } - echo " - the INI setting 'allow_url_fopen=1' and the ext-openssl extension is installed\n"; - - exit(1); -} - -/** - * Progress callback as specified by the ext-curl documentation. - * see: https://www.php.net/manual/en/function.curl-setopt.php#:~:text=CURLOPT_PROGRESSFUNCTION - * - * @return int - */ -function on_download_progress($curlHandle, $download_size, $downloaded) -{ - global $progress_counter; - - if ($download_size === 0) { - return 0; - } - $ratio = $downloaded / $download_size; - if ($ratio == 1) { - return 0; - } - - // Max 20 dots to show progress - if ($ratio >= ($progress_counter + (1 / 20))) { - $progress_counter = $ratio; - echo "."; - } - - flush(); - return 0; -} - -/** - * Extracts and normalizes a set of properties from PHP's ini values. - * - * @param string $binary - * @return array - */ -function ini_values($binary) -{ - $properties = [PHP_VER, INI_MAIN, INI_SCANDIR, EXTENSION_DIR, THREAD_SAFETY, PHP_API, IS_DEBUG]; - $lines = []; - // Timezone is irrelevant to this script. Quick-and-dirty workaround to the PHP 5 warning with missing timezone - exec(escapeshellarg($binary) . " -d date.timezone=UTC -i", $lines); - $found = []; - foreach ($lines as $line) { - $parts = explode('=>', $line); - if (count($parts) === 2 || count($parts) === 3) { - $key = trim($parts[0]); - if (in_array($key, $properties)) { - $value = trim(count($parts) === 2 ? $parts[1] : $parts[2]); - - if ($value === "(none)") { - continue; - } - - $found[$key] = $value; - } - } - } - - if ($found[EXTENSION_DIR] == "") { - $found[EXTENSION_DIR] = dirname(PHP_BINARY); - } elseif ($found[EXTENSION_DIR][0] != "/" && (!IS_WINDOWS || !preg_match('~^([A-Z]:|\\\\)\\\\~i', $found[EXTENSION_DIR]))) { - $found[EXTENSION_DIR] = dirname(PHP_BINARY) . 'datadog-setup.php/' . $found[EXTENSION_DIR]; - } - - return $found; -} - -function is_truthy($value) -{ - if ($value === null) { - return false; - } - - $normalized = trim(strtolower($value)); - return in_array($normalized, ['1', 'true', 'yes', 'enabled']); -} - -/** - * @param string $prefix Default ''. Used for testing purposes only. - * @return array - */ -function search_php_binaries($prefix = '') -{ - echo "Searching for available php binaries, this operation might take a while.\n"; - - $resolvedPaths = []; - - $allPossibleCommands = build_known_command_names_matrix(); - - // First, we search in $PATH, for php, php7, php74, php7.4, php7.4-fpm, etc.... - foreach ($allPossibleCommands as $command) { - if ($resolvedPath = resolve_command_full_path($command)) { - $resolvedPaths[$command] = $resolvedPath; - } - } - - // Then we search in known possible locations for popular installable paths on different systems. - $pathsFound = []; - if (IS_WINDOWS) { - $bootDisk = realpath('/'); - - $standardPaths = [ - dirname(PHP_BINARY), - PHP_BINDIR, - $bootDisk . 'WINDOWS', - ]; - - foreach (scandir($bootDisk) as $file) { - if (stripos($file, "php") !== false) { - $standardPaths[] = "$bootDisk$file"; - } - } - - $chocolateyDir = getenv("ChocolateyToolsLocation") ?: $bootDisk . 'tools'; // chocolatey tools location - if (is_dir($chocolateyDir)) { - foreach (scandir($chocolateyDir) as $file) { - if (stripos($file, "php") !== false) { - $standardPaths[] = "$chocolateyDir/$file"; - } - } - } - - // Windows paths are case-insensitive - $standardPaths = array_intersect_key(array_map('strtolower', $standardPaths), array_unique($standardPaths)); - - foreach ($standardPaths as $standardPath) { - foreach ($allPossibleCommands as $command) { - $resolvedPath = $standardPath . '\\' . $command; - if (file_exists($resolvedPath)) { - $pathsFound[] = $resolvedPath; - } - } - } - } else { - $standardPaths = [ - $prefix . '/usr/bin', - $prefix . '/usr/sbin', - $prefix . '/usr/local/bin', - $prefix . '/usr/local/sbin', - ]; - - $remiSafePaths = array_map(function ($phpVersion) use ($prefix) { - list($major, $minor) = explode('.', $phpVersion); - /* php is installed to /usr/bin/php{$major}{$minor} so we do not need to do anything special, while php-fpm - * is installed to /opt/remi/php{$major}{$minor}/root/usr/sbin and it needs to be added to the searched - * locations. - */ - return "{$prefix}/opt/remi/php{$major}{$minor}/root/usr/sbin"; - }, get_supported_php_versions()); - - $pleskPaths = array_map(function ($phpVersion) use ($prefix) { - return "/opt/plesk/php/$phpVersion/bin"; - }, get_supported_php_versions()); - - $escapedSearchLocations = implode( - ' ', - array_map('escapeshellarg', array_merge($standardPaths, $remiSafePaths, $pleskPaths)) - ); - $escapedCommandNamesForFind = implode( - ' -o ', - array_map( - function ($cmd) { - return '-name ' . escapeshellarg($cmd); - }, - $allPossibleCommands - ) - ); - - exec( - "find -L $escapedSearchLocations -type f \( $escapedCommandNamesForFind \) 2>/dev/null", - $pathsFound - ); - } - - foreach ($pathsFound as $path) { - $resolved = realpath($path); - if (in_array($resolved, $resolvedPaths)) { - continue; - } - $resolvedPaths[$path] = $resolved; - } - - $results = []; - foreach ($resolvedPaths as $command => $realpath) { - $hasShebang = file_get_contents($realpath, false, null, 0, 2) === "#!"; - $results[$command] = [ - "shebang" => $hasShebang, - "path" => $realpath, - ]; - } - - return $results; -} - -/** - * @param mixed $command - * @return string|false - */ -function resolve_command_full_path($command) -{ - if (IS_WINDOWS) { - if (!strpbrk($command, "/\\")) { - $path = shell_exec("where " . escapeshellarg($command) . " 2>NUL"); - if ($path === null) { - // command is not defined - return false; - } - $path = ltrim($path, "\r\n"); - } elseif (!file_exists($command)) { - return false; - } else { - $path = $command; - } - } else { - $path = exec("command -v " . escapeshellarg($command)); - if (empty($path)) { - // command is not defined - return false; - } - } - - // Resolving symlinks - return realpath($path); -} - -function build_known_command_names_matrix() -{ - $results = ['php', 'php-fpm']; - - foreach (get_supported_php_versions() as $phpVersion) { - list($major, $minor) = explode('.', $phpVersion); - array_push( - $results, - "php{$major}", - "php{$major}{$minor}", - "php{$major}.{$minor}", - "php{$major}-fpm", - "php{$major}{$minor}-fpm", - "php{$major}.{$minor}-fpm", - "php-fpm{$major}", - "php-fpm{$major}{$minor}", - "php-fpm{$major}.{$minor}" - ); - } - - if (IS_WINDOWS) { - foreach ($results as &$result) { - $result .= ".exe"; - } - } - - return array_unique($results); -} - -/** - * Adds ini entries that are not present in the provided ini file. - * - * @param string $iniFilePath - */ -function add_missing_ini_settings($iniFilePath, $settings, $replacements) -{ - modify_ini_file($iniFilePath, function ($iniFileContent) use ($settings, $replacements) { - $formattedMissingProperties = ''; - - // Replace twice, so that some replacements can take effect on newly inserted missing inis too - // As well as missing ini detection must not find legacy names which we replace - foreach ($replacements as $from => $to) { - $iniFileContent = preg_replace($from, $to, $iniFileContent); - } - - foreach ($settings as $setting) { - // The extension setting is not unique, so make sure we check that the - // right extension setting is available. - $settingRegex = '(' . preg_quote($setting['name']) . '\s?=\s?'; - if ($setting['name'] === 'extension' || $setting['name'] == 'zend_extension') { - $settingRegex .= preg_quote($setting['default']); - } - $settingRegex .= ')'; - - $settingMightExist = 1 === preg_match($settingRegex, $iniFileContent); - - if ($settingMightExist) { - continue; - } - - // Formatting the setting to be added. - $description = is_string($setting['description']) - ? '; ' . $setting['description'] - : implode( - "\n", - array_map( - function ($line) { - return '; ' . $line; - }, - $setting['description'] - ) - ); - $setting = ($setting['commented'] ? ';' : '') . $setting['name'] . ' = ' . $setting['default']; - $formattedMissingProperties .= "\n$description\n$setting\n"; - } - - $iniFileContent .= $formattedMissingProperties; - - foreach ($replacements as $from => $to) { - $iniFileContent = preg_replace($from, $to, $iniFileContent); - } - - return $iniFileContent; - }); -} - -/** - * Changes a given ini file - */ -function modify_ini_file($iniFilePath, $callback) { - $iniFileContent = file_get_contents($iniFilePath); - - $newIniFileContent = $callback($iniFileContent); - - if ($iniFileContent !== $newIniFileContent) { - if (false === file_put_contents($iniFilePath, $newIniFileContent)) { - print_error_and_exit("Cannot change the settings of the INI file $iniFilePath"); - } - } -} - -/** - * Maps a given environment variable name to an ini setting. Returns `null` in - * case the environment variable does not start with `DD` or is otherwise - * invalid. - * - * @param string $env - * @return string|null - */ -function map_env_to_ini($env) -{ - $setting = explode('_', $env, 3); - if (!isset($setting[0]) || $setting[0] !== 'DD' || !isset($setting[1])) { - return null; - } - $ini = 'datadog.'; - switch ($setting[1]) { - case 'PROFILING': - case 'TRACE': - case 'APPSEC': - if (!isset($setting[2])) { - // this would mean $env was DD_TRACE or DD_PROFILING or DD_APPSEC - return null; - } - $ini .= strtolower($setting[1]) . 'symfony-app' . strtolower($setting[2]); - break; - default: - // for cases like DD_ENV or DD_DOGSTATSD_URL, ... - $ini .= strtolower($setting[1]); - if (isset($setting[2])) { - $ini .= '_' . strtolower($setting[2]); - } - } - return $ini; -} - -/** - * Returns array of associative arrays with the following keys: - * - name (string): the setting name; - * - default (string): the default value; - * - commented (bool): whether this setting should be commented or not when added; - * - description (string|string[]): A string (or an array of strings, each representing a line) that describes - * the setting. - * - * @param string $sourcesDir - * @param string $appsecHelperPath - * @param string $appsecRulesPath - * @return array - */ -function get_ini_settings($sourcesDir, $appsecHelperPath, $appsecRulesPath) -{ - // phpcs:disable Generic.Files.LineLength.TooLong - return [ - [ - 'name' => 'extension', - 'default' => 'ddtrace' . (IS_WINDOWS ? "" : "." . EXTENSION_SUFFIX), - 'commented' => false, - 'description' => 'Enables or disables tracing (set by the installer, do not change it)', - ], - [ - 'name' => 'extension', - 'default' => 'datadog-profiling' . (IS_WINDOWS ? "" : "." . EXTENSION_SUFFIX), - 'commented' => true, - 'description' => 'Enables the profiling module', - ], - [ - 'name' => 'extension', - 'default' => 'ddappsec' . (IS_WINDOWS ? "" : "." . EXTENSION_SUFFIX), - 'commented' => false, - 'description' => 'Enables the appsec module', - ], - - /* IMPORTANT! These extension ones are shifted off for config commands. - * If the number of extension= things changes, change the constant - * CMD_CONFIG_NUM_SHIFT accordingly. - */ - - [ - 'name' => 'datadog.profiling.enabled', - 'default' => '1', - 'commented' => true, - 'description' => 'Enable the Datadog profiling module.', - ], - [ - 'name' => 'datadog.trace.endpoint_collection_enabled', - 'default' => '1', - 'commented' => true, - 'description' => 'Whether to enable the endpoint data collection in profiles.', - ], - [ - 'name' => 'datadog.profiling.experimental_cpu_time_enabled', - 'default' => '1', - 'commented' => true, - 'description' => 'Enable the CPU profile type.', - ], - [ - 'name' => 'datadog.profiling.allocation_enabled', - 'default' => '1', - 'commented' => true, - 'description' => 'Enable the allocation profile type.', - ], - [ - 'name' => 'datadog.profiling.experimental_allocation_enabled', - 'default' => '1', - 'commented' => true, - 'description' => 'Enable the allocation profile type. Superseded by `datadog.profiling.allocation_enabled`.', - ], - [ - 'name' => 'datadog.profiling.exception_enabled', - 'default' => '1', - 'commented' => true, - 'description' => 'Enable the exception profile type.', - ], - [ - 'name' => 'datadog.profiling.experimental_exception_enabled', - 'default' => '1', - 'commented' => true, - 'description' => 'Enable the exception profile type. Superseded by `datadog.profiling.exception_enabled`.', - ], - [ - 'name' => 'datadog.profiling.exception_sampling_distance', - 'default' => '100', - 'commented' => true, - 'description' => 'Sampling distance for exception profiling (the higher the distance, the fewer samples are created).', - ], - [ - 'name' => 'datadog.profiling.experimental_exception_sampling_distance', - 'default' => '100', - 'commented' => true, - 'description' => 'Sampling distance for exception profiling (the higher the distance, the fewer samples are created). Superseded by `datadog.profiling.exception_sampling_distance`.', - ], - [ - 'name' => 'datadog.profiling.log_level', - 'default' => 'off', - 'commented' => true, - 'description' => 'Set the profiler’s log level.' - . ' Acceptable values are off, error, warn, info, debug, and trace.' - . ' The profiler’s logs are written to the standard error stream of the process.', - ], - [ - 'name' => 'datadog.profiling.timeline_enabled', - 'default' => '1', - 'commented' => true, - 'description' => 'Enable the timeline profile type.', - ], - - [ - 'name' => 'datadog.trace.sources_path', - 'default' => $sourcesDir, - 'commented' => false, - 'description' => 'Path to the request init hook (set by the installer, do not change it)', - ], - [ - 'name' => 'datadog.trace.enabled', - 'default' => 'On', - 'commented' => true, - 'description' => 'Enables or disables tracing. On by default', - ], - [ - 'name' => 'datadog.trace.cli_enabled', - 'default' => 'Off', - 'commented' => true, - 'description' => 'Enable or disable tracing of CLI scripts. Off by default', - ], - [ - 'name' => 'datadog.trace.auto_flush_enabled', - 'default' => 'Off', - 'commented' => true, - 'description' => 'For long running processes, this setting has to be set to On', - ], - [ - 'name' => 'datadog.trace.generate_root_span', - 'default' => 'On', - 'commented' => true, - 'description' => 'For long running processes, this setting has to be set to Off', - ], - [ - 'name' => 'datadog.trace.debug', - 'default' => 'Off', - 'commented' => true, - 'description' => 'Enables or disables debug mode. When On logs are printed to the error_log', - ], - [ - 'name' => 'datadog.trace.startup_logs', - 'default' => 'On', - 'commented' => true, - 'description' => 'Enables startup logs, including diagnostic checks', - ], - [ - 'name' => 'datadog.service', - 'default' => 'unnamed-php-service', - 'commented' => true, - 'description' => 'Sets a custom service name for the application', - ], - [ - 'name' => 'datadog.env', - 'default' => 'my_env', - 'commented' => true, - 'description' => 'Sets a custom environment name for the application', - ], - [ - 'name' => 'datadog.version', - 'default' => '1.0.0', - 'commented' => true, - 'description' => 'Sets a version for the user application, not the datadog php library', - ], - [ - 'name' => 'datadog.agent_host', - 'default' => '127.0.0.1', - 'commented' => true, - 'description' => 'Configures the agent host. If you need more flexibility use `datadog.trace.agent_url` instead', - ], - [ - 'name' => 'datadog.trace.agent_port', - 'default' => '8126', - 'commented' => true, - 'description' => 'Configures the agent port. If you need more flexibility use `datadog.trace.agent_url` instead', - ], - [ - 'name' => 'datadog.dogstatsd_port', - 'default' => '8125', - 'commented' => true, - 'description' => 'Configures the dogstatsd agent port', - ], - [ - 'name' => 'datadog.trace.agent_url', - 'default' => 'http://127.0.0.1:8126', - 'commented' => true, - 'description' => 'When set, `datadog.trace.agent_url` has priority over `datadog.agent_host` and `datadog.trace.agent_port`', - ], - [ - 'name' => 'datadog.trace.http_client_split_by_domain', - 'default' => 'Off', - 'commented' => true, - 'description' => 'Sets the service name of spans generated for HTTP clients\' requests to host-', - ], - [ - 'name' => 'datadog.trace.url_as_resource_names_enabled', - 'default' => 'On', - 'commented' => true, - 'description' => [ - 'Enables URL to resource name normalization. For more details see:', - 'https://docs.datadoghq.com/tracing/setup_overview/setup/php/?tab=containers#map-resource-names-to-normalized-uri', - ], - ], - [ - 'name' => 'datadog.trace.resource_uri_fragment_regex', - 'default' => '', - 'commented' => true, - 'description' => [ - 'Configures obfuscation patterns based on regex. For more details see:', - 'https://docs.datadoghq.com/tracing/setup_overview/setup/php/?tab=containers#map-resource-names-to-normalized-uri', - ], - ], - [ - 'name' => 'datadog.trace.resource_uri_mapping_incoming', - 'default' => '', - 'commented' => true, - 'description' => [ - 'Configures obfuscation path fragments for incoming requests. For more details see:', - 'https://docs.datadoghq.com/tracing/setup_overview/setup/php/?tab=containers#map-resource-names-to-normalized-uri', - ], - ], - [ - 'name' => 'datadog.trace.resource_uri_mapping_outgoing', - 'default' => '', - 'commented' => true, - 'description' => [ - 'Configures obfuscation path fragments for outgoing requests. For more details see:', - 'https://docs.datadoghq.com/tracing/setup_overview/setup/php/?tab=containers#map-resource-names-to-normalized-uri', - ], - ], - [ - 'name' => 'datadog.service_mapping', - 'default' => '', - 'commented' => true, - 'description' => [ - 'Changes the default name of an APM integration. Rename one or more integrations at a time, for example:', - '"pdo:payments-db,mysqli:orders-db"', - ], - ], - [ - 'name' => 'datadog.tags', - 'default' => '', - 'commented' => true, - 'description' => 'Tags to be set on all spans, for example: "key1:value1,key2:value2"', - ], - [ - 'name' => 'datadog.trace.sample_rate', - 'default' => '1.0', - 'commented' => true, - 'description' => 'The sampling rate for the trace. Valid values are between 0.0 and 1.0', - ], - [ - 'name' => 'datadog.trace.sample_rate', - 'default' => '1.0', - 'commented' => true, - 'description' => 'The sampling rate for the trace. Valid values are between 0.0 and 1.0', - ], - [ - 'name' => 'datadog.trace.sampling_rules', - 'default' => '', - 'commented' => true, - 'description' => [ - 'A JSON encoded string to configure the sampling rate.', - 'Examples:', - ' - Set the sample rate to 20%: \'[{"sample_rate": 0.2}]\'.', - ' - Set the sample rate to 10% for services starting with `a` and span name `b` and set the sample rate to 20%', - ' for all other services: \'[{"service": "a.*", "name": "b", "sample_rate": 0.1}, {"sample_rate": 0.2}]\'', - '**Note** that the JSON object must be included in single quotes (\') to avoid problems with escaping of the', - 'double quote (") character.', - ], - ], - [ - 'name' => 'datadog.trace._enabled', - 'default' => 'On', - 'commented' => true, - 'description' => [ - 'Whether a specific integration is enabled.', - 'Integrations names available at: see https://docs.datadoghq.com/tracing/setup_overview/setup/php/?tab=containers#integration-names', - ], - ], - [ - 'name' => 'datadog.trace._analytics_enabled', - 'default' => 'Off', - 'commented' => true, - 'description' => [ - 'Whether analytics for the integration is enabled.', - 'Integrations names available at: see https://docs.datadoghq.com/tracing/setup_overview/setup/php/?tab=containers#integration-names', - ], - ], - [ - 'name' => 'datadog.trace._analytics_sample_rate', - 'default' => '1.0', - 'commented' => true, - 'description' => [ - 'Sampling rate for analyzed spans. Valid values are between 0.0 and 1.0.', - 'Integrations names available at: see https://docs.datadoghq.com/tracing/setup_overview/setup/php/?tab=containers#integration-names', - ], - ], - [ - 'name' => 'datadog.distributed_tracing', - 'default' => 'On', - 'commented' => true, - 'description' => 'Enables distributed tracing', - ], - [ - 'name' => 'datadog.trace.analytics_enabled', - 'default' => 'Off', - 'commented' => true, - 'description' => 'Global switch for trace analytics', - ], - [ - 'name' => 'datadog.trace.bgs_connect_timeout', - 'default' => '2000', - 'commented' => true, - 'description' => 'Set connection timeout in milliseconds while connecting to the agent', - ], - [ - 'name' => 'datadog.trace.bgs_timeout', - 'default' => '5000', - 'commented' => true, - 'description' => 'Set request timeout in milliseconds while sending payloads to the agent', - ], - [ - 'name' => 'datadog.trace.spans_limit', - 'default' => '1000', - 'commented' => true, - 'description' => 'datadog.trace.spans_limit = 1000', - ], - [ - 'name' => 'datadog.trace.retain_thread_capabilities', - 'default' => 'Off', - 'commented' => true, - 'description' => [ - 'Only for Linux. Set to `true` to retain capabilities on Datadog background threads when you change the effective', - 'user ID. This option does not affect most setups, but some modules - to date Datadog is only aware of Apache`s', - 'mod-ruid2 - may invoke `setuid()` or similar syscalls, leading to crashes or loss of functionality as it loses', - 'capabilities.', - '**Note** Enabling this option may compromise security. This option, standalone, does not pose a security risk.', - 'However, an attacker being able to exploit a vulnerability in PHP or web server may be able to escalate privileges', - 'with relative ease, if the web server or PHP were started with full capabilities, as the background threads will', - 'retain their original capabilities. Datadog recommends restricting the capabilities of the web server with the', - 'setcap utility.', - ], - ], - [ - 'name' => 'datadog.appsec.enabled', - 'default' => 'Off', - 'commented' => true, - 'description' => [ - 'Enables or disables the loaded dd-appsec extension.', - 'If disabled, the extension will do no work during the requests.', - 'If not present/commented out, appsec will be enabled/disabled by remote config', - ], - ], - [ - 'name' => 'datadog.appsec.log_level', - 'default' => 'warn', - 'commented' => true, - 'description' => [ - 'Sets the verbosity of the logs of the dd-appsec extension.', - 'The valid values are \'off\', \'error\', \'fatal\', \'warn\' (or \'warning\'), \'info\',', - '\'debug\' and \'trace\', in increasing order of verbosity', - ], - ], - [ - 'name' => 'datadog.appsec.log_file', - 'default' => 'php_error_reporting', - 'commented' => true, - 'description' => [ - 'The destination of the log messages. Valid values are \'php_error_reporting\'', - '(issues PHP notices or warnings), \'syslog\', \'stdout\', \'stderr\', or an', - 'arbitrary file name to which the messages will be appended', - ], - ], - [ - 'name' => 'datadog.appsec.helper_launch', - 'default' => 'On', - 'commented' => true, - 'description' => [ - 'The dd-appsec extension communicates with a helper process via UNIX sockets.', - 'This setting determines whether the extension should try to launch the daemon', - 'in case it cannot obtain a connection.', - 'If this is disabled, the helper should be launched through some other method.', - 'The extension expects the helper to run under the same user as the process', - 'where PHP is running, and will verify it.', - ], - ], - [ - 'name' => 'datadog.appsec.helper_path', - 'default' => $appsecHelperPath, - 'commented' => false, - 'description' => [ - 'If ddappsec.helper_launch is enabled, this setting determines which binary', - 'the extension should try to execute.', - 'Only relevant if ddappsec.helper_launch is enabled.', - 'This ini setting is configured by the installer', - ], - ], - [ - 'name' => 'datadog.appsec.helper_extra_args', - 'default' => '', - 'commented' => true, - 'description' => [ - 'Additional arguments that should be used when attempting to launch the helper', - 'process. The extension always passes \'--lock_path - --socket_path fd:\'', - 'The arguments should be space separated. Both single and double quotes can', - 'be used should an argument contain spaces. The backslash (\) can be used to', - 'escape spaces, quotes, and the backslash itself.', - 'Only relevant if ddappsec.helper_launch is enabled', - ], - ], - [ - 'name' => 'datadog.appsec.rules', - 'default' => $appsecRulesPath, - 'commented' => true, - 'description' => [ - 'The path to the rules json file. The helper process must be able to read the', - 'file. This ini setting is configured by the installer', - ], - ], - [ - 'name' => 'datadog.appsec.helper_runtime_path', - 'default' => '/tmp/', - 'commented' => true, - 'description' => [ - 'The location to the UNIX socket that extension uses to communicate with the', - 'helper and the lock file that the extension processes will use to', - 'synchronize the launching of the helper.', - 'Only relevant if datadog.appsec.helper_launch is enabled', - ], - ], - [ - 'name' => 'datadog.appsec.helper_log_file', - 'default' => '/dev/null', - 'commented' => true, - 'description' => [ - 'The location of the log file of the helper. This default to /dev/null (the log', - 'messages will be discarded). This file is opened by the extension just before', - 'launching the daemon and the file descriptor is passed to the helper as its', - 'stderr, to which it will write its messages; this setting is therefore only', - 'relevant if ddappsec.helper_launch is enabled', - ], - ], - [ - 'name' => 'datadog.remote_config_enabled', - 'default' => 'On', - 'commented' => true, - 'description' => 'Enables or disables remote configuration. On by default', - ], - [ - 'name' => 'datadog.remote_config_poll_interval', - 'default' => '1000', - 'commented' => true, - 'description' => 'In milliseconds, the period at which the agent is polled for new configurations', - ], - [ - 'name' => 'datadog.appsec.http_blocked_template_html', - 'default' => '', - 'commented' => true, - 'description' => 'Customises the HTML output provided on a blocked request', - ], - [ - 'name' => 'datadog.appsec.http_blocked_template_json', - 'default' => '', - 'commented' => true, - 'description' => 'Customises the JSON output provided on a blocked request', - ], - ]; - // phpcs:enable Generic.Files.LineLength.TooLong -} - -/** - * @return string[] - */ -function get_supported_php_versions() -{ - return ['5.4', '5.5', '5.6', '7.0', '7.1', '7.2', '7.3', '7.4', '8.0', '8.1', '8.2', '8.3']; -} - -main(); - -// polyfill for PHP 5.4 where the `array_column()` function did not exist, -// remove whenever we drop support for PHP 5.4 -if (!function_exists('array_column')) { - function array_column(array $input, $columnKey, $indexKey = null) - { - $result = array(); - foreach ($input as $subArray) { - if (!is_array($subArray)) { - continue; - } elseif (is_null($indexKey)) { - $result[] = $subArray[$columnKey]; - } else { - $result[$subArray[$indexKey]] = $subArray[$columnKey]; - } - } - return $result; - } -} From c594123eb459168509f88857796fcf53a09e32b9 Mon Sep 17 00:00:00 2001 From: Palumbo <30956774+barbara79@users.noreply.github.com> Date: Tue, 10 Sep 2024 15:23:49 +0200 Subject: [PATCH 3/9] adding an example about how to create .env file --- examples/symfony-app/docker/php/.env.sample | 35 +++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 examples/symfony-app/docker/php/.env.sample diff --git a/examples/symfony-app/docker/php/.env.sample b/examples/symfony-app/docker/php/.env.sample new file mode 100644 index 00000000000..abff87123fa --- /dev/null +++ b/examples/symfony-app/docker/php/.env.sample @@ -0,0 +1,35 @@ +# In all environments, the following files are loaded if they exist, +# the latter taking precedence over the former: +# +# * .env contains default values for the environment variables needed by the app +# * .env.local uncommitted file with local overrides +# * .env.$APP_ENV committed environment-specific defaults +# * .env.$APP_ENV.local uncommitted environment-specific overrides +# +# Real environment variables win over .env files. +# +# DO NOT DEFINE PRODUCTION SECRETS IN THIS FILE NOR IN ANY OTHER COMMITTED FILES. +# https://symfony.com/doc/current/configuration/secrets.html +# +# Run "composer dump-env prod" to compile .env files for production use (requires symfony/flex >=1.2). +# https://symfony.com/doc/current/best_practices.html#use-environment-variables-for-infrastructure-configuration + +###> symfony/framework-bundle ### +APP_ENV=dev +APP_CTP_CLIENT_ID=your client id +APP_CTP_CLIENT_SECRET=your client secret +APP_CTP_PROJECT_KEY=your project key +DD_AGENT_HOST=datadog-agent +DD_TRACE_AGENT_PORT=8126 +DD_SERVICE=symfony-app +DD_API_KEY=your datadog api key +DD_APM_ENABLED=true +DD_TRACE_CLI_ENABLED=true +DD_TRACE_ENABLED=true +DD_SITE=datadoghq # It changes in base of the area +NEWRELIC_KEY=your new relic key +NEWRELIC_APP_NAME=PHP-SDK +NEW_RELIC_AGENT_VERSION= # Specify the New Relic agent version you want + + +###< symfony/framework-bundle ### From f27f48cbe1d9ab71c2291c44ee9c4e1814d0f33c Mon Sep 17 00:00:00 2001 From: Palumbo <30956774+barbara79@users.noreply.github.com> Date: Tue, 10 Sep 2024 15:29:08 +0200 Subject: [PATCH 4/9] adding an example about how to create .env file --- examples/symfony-app/docker/php/.env.sample | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/symfony-app/docker/php/.env.sample b/examples/symfony-app/docker/php/.env.sample index abff87123fa..20574dfbe8d 100644 --- a/examples/symfony-app/docker/php/.env.sample +++ b/examples/symfony-app/docker/php/.env.sample @@ -26,7 +26,7 @@ DD_API_KEY=your datadog api key DD_APM_ENABLED=true DD_TRACE_CLI_ENABLED=true DD_TRACE_ENABLED=true -DD_SITE=datadoghq # It changes in base of the area +DD_SITE=datadoghq # It changes in base of the region NEWRELIC_KEY=your new relic key NEWRELIC_APP_NAME=PHP-SDK NEW_RELIC_AGENT_VERSION= # Specify the New Relic agent version you want From 2b46de3b0bfc5ac8587ce47cfdaf0bb8f0767f4a Mon Sep 17 00:00:00 2001 From: Palumbo <30956774+barbara79@users.noreply.github.com> Date: Wed, 11 Sep 2024 11:23:38 +0200 Subject: [PATCH 5/9] setup handling everything through .env file --- examples/symfony-app/README.md | 8 ++++---- examples/symfony-app/composer.json | 2 +- examples/symfony-app/docker-compose.yml | 15 +++++++++++++-- examples/symfony-app/docker/php/.env.sample | 4 ++-- 4 files changed, 20 insertions(+), 9 deletions(-) diff --git a/examples/symfony-app/README.md b/examples/symfony-app/README.md index 5478359aca8..6a45289a97a 100644 --- a/examples/symfony-app/README.md +++ b/examples/symfony-app/README.md @@ -28,10 +28,10 @@ APP_CTP_PROJECT_KEY= your CTP_PROJECT_KEY ### Configuring the Demo App 1. Open the Terminal -2. Run `composer dump-env prod` -3. Run `composer install` or `composer update` -4. Copy the [.env.sample](docker/php/.env.sample) file to the root folder renaming it `.env`. -5. Please fill the `.env` file with the missing data. +2. Run `composer install` or `composer update` +3. Copy the [.env.sample](docker/php/.env.sample) file to the root folder renaming it `.env`. So in the root folder run `cp docker/php/.env.sample .env`. +4. Please fill the `.env` file with the missing data. +5. Run `composer dump-env prod` ### Preparing the Docker environment diff --git a/examples/symfony-app/composer.json b/examples/symfony-app/composer.json index 19f1d0628ca..7267ff3d860 100644 --- a/examples/symfony-app/composer.json +++ b/examples/symfony-app/composer.json @@ -7,7 +7,7 @@ "php": ">=8.1", "ext-ctype": "*", "ext-iconv": "*", - "commercetools/commercetools-sdk": "^10.6.0", + "commercetools/commercetools-sdk": "^9.1", "symfony/console": "6.2.*", "symfony/dotenv": "6.2.*", "symfony/flex": "^2", diff --git a/examples/symfony-app/docker-compose.yml b/examples/symfony-app/docker-compose.yml index e3afdd848ce..61bb5ff82d7 100644 --- a/examples/symfony-app/docker-compose.yml +++ b/examples/symfony-app/docker-compose.yml @@ -5,6 +5,14 @@ services: build: context: ./docker/php dockerfile: Dockerfile.datadog + environment: + - DD_SERVICE=symfony-app + - DD_AGENT_HOST=datadog-agent + - DD_TRACE_AGENT_PORT=8126 + - DD_API_KEY=${DD_API_KEY} + - DD_TRACE_DEBUG=true + - DD_LOGS_ENABLED=true + - DD_PROCESS_AGENT_ENABLED=true volumes: - .:/var/www/symfony - ./docker/php/.env.sample:/var/www/symfony/.env @@ -21,14 +29,17 @@ services: - php-datadog volumes: - ./var/logs/nginx:/var/log/nginx - - .:/var/www/symfony" + - .:/var/www/symfony datadog-agent: image: datadog/agent:latest + environment: + - DD_API_KEY=${DD_API_KEY} + - DD_SITE=datadoghq.com + - DD_APM_ENABLED=true ports: - "127.0.0.1:8126:8126/tcp" volumes: - "/var/run/docker.sock:/var/run/docker.sock:ro" - "/proc/:/host/proc/:ro" - "/sys/fs/cgroup/:/host/sys/fs/cgroup:ro" - diff --git a/examples/symfony-app/docker/php/.env.sample b/examples/symfony-app/docker/php/.env.sample index 20574dfbe8d..7a42e00227b 100644 --- a/examples/symfony-app/docker/php/.env.sample +++ b/examples/symfony-app/docker/php/.env.sample @@ -26,10 +26,10 @@ DD_API_KEY=your datadog api key DD_APM_ENABLED=true DD_TRACE_CLI_ENABLED=true DD_TRACE_ENABLED=true -DD_SITE=datadoghq # It changes in base of the region +DD_SITE=datadoghq.com NEWRELIC_KEY=your new relic key NEWRELIC_APP_NAME=PHP-SDK NEW_RELIC_AGENT_VERSION= # Specify the New Relic agent version you want - +# APP_NAME=PHP-SDK ###< symfony/framework-bundle ### From e2a0af8114a21ad836d4fd309f1c1fdc3480d677 Mon Sep 17 00:00:00 2001 From: Barbara Palumbo <30956774+barbara79@users.noreply.github.com> Date: Thu, 12 Sep 2024 11:32:04 +0200 Subject: [PATCH 6/9] Update examples/symfony-app/README.md Co-authored-by: Lam Tran --- examples/symfony-app/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/symfony-app/README.md b/examples/symfony-app/README.md index 6a45289a97a..47c81f16d9a 100644 --- a/examples/symfony-app/README.md +++ b/examples/symfony-app/README.md @@ -21,7 +21,7 @@ APP_CTP_CLIENT_ID= your CTP_CLIENT_ID APP_CTP_CLIENT_SECRET= your CTP_CLIENT_SECRET APP_CTP_PROJECT_KEY= your CTP_PROJECT_KEY ``` -4. Complete the .env file with your new relic or datadog credentials. +4. Complete the .env file with your New Relic or Datadog credentials. ## Using the Symfony Demo app in a Docker Environment From e67208f597cf49bc4431badf35b8bb456bdbe991 Mon Sep 17 00:00:00 2001 From: Barbara Palumbo <30956774+barbara79@users.noreply.github.com> Date: Thu, 12 Sep 2024 11:32:28 +0200 Subject: [PATCH 7/9] Update examples/symfony-app/README.md Co-authored-by: Lam Tran --- examples/symfony-app/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/symfony-app/README.md b/examples/symfony-app/README.md index 47c81f16d9a..7cfa692ffbd 100644 --- a/examples/symfony-app/README.md +++ b/examples/symfony-app/README.md @@ -29,7 +29,7 @@ APP_CTP_PROJECT_KEY= your CTP_PROJECT_KEY 1. Open the Terminal 2. Run `composer install` or `composer update` -3. Copy the [.env.sample](docker/php/.env.sample) file to the root folder renaming it `.env`. So in the root folder run `cp docker/php/.env.sample .env`. +3. Copy the [.env.sample](docker/php/.env.sample) file to the root folder renaming it to `.env`. So in the root folder run `cp docker/php/.env.sample .env`. 4. Please fill the `.env` file with the missing data. 5. Run `composer dump-env prod` From 732de1f69571231361c891a44d7897b5d76fcca6 Mon Sep 17 00:00:00 2001 From: Barbara Palumbo <30956774+barbara79@users.noreply.github.com> Date: Thu, 12 Sep 2024 11:32:54 +0200 Subject: [PATCH 8/9] Update examples/symfony-app/README.md Co-authored-by: Lam Tran --- examples/symfony-app/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/symfony-app/README.md b/examples/symfony-app/README.md index 7cfa692ffbd..a026a5fe010 100644 --- a/examples/symfony-app/README.md +++ b/examples/symfony-app/README.md @@ -30,7 +30,7 @@ APP_CTP_PROJECT_KEY= your CTP_PROJECT_KEY 1. Open the Terminal 2. Run `composer install` or `composer update` 3. Copy the [.env.sample](docker/php/.env.sample) file to the root folder renaming it to `.env`. So in the root folder run `cp docker/php/.env.sample .env`. -4. Please fill the `.env` file with the missing data. +4. Fill the `.env` file with the missing data. 5. Run `composer dump-env prod` ### Preparing the Docker environment From 6397a94506962bcffcc3adccc1b61a929d7df371 Mon Sep 17 00:00:00 2001 From: Barbara Palumbo <30956774+barbara79@users.noreply.github.com> Date: Thu, 12 Sep 2024 11:33:06 +0200 Subject: [PATCH 9/9] Update examples/symfony-app/README.md Co-authored-by: Lam Tran --- examples/symfony-app/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/symfony-app/README.md b/examples/symfony-app/README.md index a026a5fe010..47ab7a0bb81 100644 --- a/examples/symfony-app/README.md +++ b/examples/symfony-app/README.md @@ -43,7 +43,7 @@ APP_CTP_PROJECT_KEY= your CTP_PROJECT_KEY 1. Navigate to [http://localhost:8080/products](http://localhost:8080/products) or [http://localhost:8080/categories](http://localhost:8080/categories) 2. The result would be an array objects containing products or categories. -3. If it's not please make sure that in Merchant Center in the project key selected (see the environment variable for the client credentials in the point 3 of the Installation section), there would be some data for products and categories. +3. If it's not make sure that in Merchant Center in the project key selected (see the environment variable for the client credentials in the point 3 of the Installation section), there would be some data for products and categories. 4. Go in the New Relic/Datadog UI to see the monitoring of the API calls. The docker configuration files will be found in the `docker/php` folder and the `docker-compose.yml` in the `symfony-app/` folder so they can be used in your application.