Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: create span for mysql2 execute #1221

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -28,10 +28,12 @@ class Instrumentation < OpenTelemetry::Instrumentation::Base

def require_dependencies
require_relative 'patches/client'
require_relative 'patches/statement'
end

def patch_client
::Mysql2::Client.prepend(Patches::Client)
::Mysql2::Statement.prepend(Patches::Statement)
end
end
end
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
# frozen_string_literal: true

# Copyright The OpenTelemetry Authors
#
# SPDX-License-Identifier: Apache-2.0

module OpenTelemetry
module Instrumentation
module Mysql2
module Patches
# Module to prepend to Mysql2::Client for instrumentation
module Statement
def execute(*args, **kwargs)
tracer.in_span(
'execute',
attributes: _otel_execute_attributes(args, kwargs),
kind: :client
) do
super
end
end

private

def _otel_execute_attributes(args, kwargs)
if config[:db_statement] == :include
{'args' => args.to_s, 'kwargs' => kwargs.to_s}
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I do agree that we should amend all attributes without using explicit mappings for semantic conventions especially if it opens up a risk to exposing sensitive data.

E.g. auth token or password would be exposed through telemetry collection, with a safeguards to remove them.

I do realize we allow this to happen today with our existing include statement but I am leaning more and more each day to deleting that option all together and only allowing sanitized, obfuscate, or omit in the future.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does sanitized mean specifically removing the sensitive data (e.g. token, password, ssn, health_id, etc.), but not other binding parameters such as address?

I believe most password stored in table should be hashed.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does sanitized mean specifically removing the sensitive data (e.g. token, password, ssn, health_id, etc.), but not other binding parameters such as address?

I think our current instrumentation uses the wrong vocabulary to describe what it does. Our current instrumentations use the word obfuscate, when I think we really mean is to sanitize, i.e. remove all user provided values.

I do not mean only targeting specific sensitive attributes when I use the word sanitize.

I now think of obfuscation as meaning that the entire query is hashed as opposed to just the parameters or values.

I brought up a request to change our vocabulary at a SIG meeting and the result #1194

Related to this topic, there was a recent OTEP submitted to around sensitive data redaction but I have not taken the time to digest it all just yet:

open-telemetry/oteps#255

else
{}
end
end

def tracer
Mysql2::Instrumentation.instance.tracer
end

def config
Mysql2::Instrumentation.instance.config
end
end
end
end
end
end
Original file line number Diff line number Diff line change
Expand Up @@ -133,6 +133,27 @@

_(span.events[0].attributes['exception.message'].slice(0, 37)).must_equal 'You have an error in your SQL syntax;'
end

describe 'execute statement' do
it 'simple execute statement' do
stmt = client.prepare('SELECT ?')

args = ['abc']
kwargs = {'foo' => 'bar'}

stmt.execute(*args, **kwargs)
finished_spans = exporter.finished_spans

_(finished_spans[0].name).must_equal 'select'
_(finished_spans[0].attributes['db.system']).must_equal 'mysql'
_(finished_spans[0].attributes['db.name']).must_equal 'mysql'
_(finished_spans[0].attributes['db.statement']).must_equal 'SELECT ?'

_(finished_spans[1].name).must_equal 'execute'
_(finished_spans[1].attributes['args']).must_equal '["abc"]'
_(finished_spans[1].attributes['kwargs']).must_equal '{"foo"=>"bar"}'
end
end
end

it 'after requests' do
Expand Down
Loading