Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Streamline sentry-trace, baggage and DSC handling #14364

Merged
merged 36 commits into from
Nov 26, 2024
Merged

Conversation

mydea
Copy link
Member

@mydea mydea commented Nov 19, 2024

As a first step for #12385, I looked though our current implementations, and tried to streamline this. We have a bunch of somewhat duplicate code there that handles sentry-trace & baggage headers mostly the same but not fully the same, as well as relatedly the DSC.

To streamline this, I added some new methods in core:

  • getTraceData already exists, but was extended to also allow to pass a specific span to it. I updated some code to use this method that hasn't used it before, and also added some more tests - also around the ACS and the otel-specific implementation for this.
  • For this and edge cases, there are new primitives getDynamicSamplingContextFromScope and getTraceContextFromScope which handle picking these things from given scope etc.

While working on this, I also noticed that captureCheckIn in ServerRuntimeClient was actually not properly working in Node (OTEL), as it relied on the core way of scope-span coupling. So I also updated this to actually work as expected.

@mydea mydea self-assigned this Nov 19, 2024
};

const trace = evt.contexts && evt.contexts.trace;
if (!trace && propagationContext) {
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These checks were not really necessary, I believe - first, propagationContext cannot be empty here. And second, we do not need to check for trace as this will be overwritten anyhow by ...evt.contexts if it already exists.

};

const sentryTraceHeader =
span && hasTracingEnabled() ? spanToTraceHeader(span) : generateSentryTraceHeader(traceId, spanId, sampled);
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Here, we have checked for span && hasTracingEnabled(), while in fetch we did not check for hasTracingEnabled(). I opted to use this logic (just check span) everywhere now...

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For browser, I think that's fine!

Copy link
Contributor

github-actions bot commented Nov 19, 2024

size-limit report 📦

Path Size % Change Change
@sentry/browser 23.1 KB -0.11% -26 B 🔽
@sentry/browser - with treeshaking flags 21.81 KB -0.02% -3 B 🔽
@sentry/browser (incl. Tracing) 35.68 KB +0.66% +237 B 🔺
@sentry/browser (incl. Tracing, Replay) 72.57 KB +0.3% +218 B 🔺
@sentry/browser (incl. Tracing, Replay) - with treeshaking flags 62.97 KB +0.38% +238 B 🔺
@sentry/browser (incl. Tracing, Replay with Canvas) 76.89 KB +0.29% +222 B 🔺
@sentry/browser (incl. Tracing, Replay, Feedback) 89.35 KB +0.25% +221 B 🔺
@sentry/browser (incl. Feedback) 39.83 KB -0.04% -14 B 🔽
@sentry/browser (incl. sendFeedback) 27.72 KB -0.04% -11 B 🔽
@sentry/browser (incl. FeedbackAsync) 32.5 KB -0.07% -20 B 🔽
@sentry/react 25.78 KB -0.11% -28 B 🔽
@sentry/react (incl. Tracing) 38.5 KB +0.46% +179 B 🔺
@sentry/vue 27.27 KB -0.05% -13 B 🔽
@sentry/vue (incl. Tracing) 37.49 KB +0.57% +215 B 🔺
@sentry/svelte 23.25 KB -0.12% -27 B 🔽
CDN Bundle 24.28 KB -0.06% -14 B 🔽
CDN Bundle (incl. Tracing) 37.3 KB +0.58% +218 B 🔺
CDN Bundle (incl. Tracing, Replay) 72.19 KB +0.3% +216 B 🔺
CDN Bundle (incl. Tracing, Replay, Feedback) 77.53 KB +0.25% +196 B 🔺
CDN Bundle - uncompressed 71.35 KB -0.04% -25 B 🔽
CDN Bundle (incl. Tracing) - uncompressed 110.67 KB +0.44% +493 B 🔺
CDN Bundle (incl. Tracing, Replay) - uncompressed 223.74 KB +0.22% +493 B 🔺
CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed 236.96 KB +0.21% +493 B 🔺
@sentry/nextjs (client) 38.83 KB +0.47% +184 B 🔺
@sentry/sveltekit (client) 36.18 KB +0.64% +232 B 🔺
@sentry/node 134.79 KB +0.04% +51 B 🔺
@sentry/node - without tracing 96.62 KB +0.05% +41 B 🔺
@sentry/aws-serverless 106.83 KB +0.04% +41 B 🔺

View base workflow run

@mydea mydea force-pushed the fn/headers-unify branch 2 times, most recently from 63ab398 to 0d74e78 Compare November 19, 2024 14:24
@mydea mydea requested review from Lms24 and lforst November 19, 2024 15:47
@mydea mydea marked this pull request as ready for review November 19, 2024 15:47
Copy link
Member

@Lms24 Lms24 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe I'm missing something obvious but why do we need getSentryHeaders? Doesn't getTraceData already do this? I'd prefer we avoid adding another utility function if we don't strictly have to do it.

@mydea
Copy link
Member Author

mydea commented Nov 20, 2024

maybe I'm missing something obvious but why do we need getSentryHeaders? Doesn't getTraceData already do this? I'd prefer we avoid adding another utility function if we don't strictly have to do it.

Hmm, you are right that these are kind of similar 🤔 but getTraceData uses the new getTraceHeaders under the hood, but probably we can/should unify this some more. I'll do another pass and see if/how that makes sense! 👍

request,
client,
scope,
undefined,
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

these just remain for backwards compatibility, because addTracingHeadersToFetchRequest is exported :/

client.init();

return client;
}

describe('getTraceData', () => {
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

these tests relied a lot on mocks, and since the underlying implementation was changed a bunch of this broke. So I rewrote these tests to use "real" stuff as much as possible, but tried to keep the scenarios we want to cover intact.

Copy link

codecov bot commented Nov 20, 2024

❌ 15 Tests Failed:

Tests completed Failed Passed Skipped
660 15 645 26
View the top 3 failed tests by shortest run time
tracing/browserTracingIntegration/tracePropagationTargets/customTargets/test.ts should attach `sentry-trace` and `baggage` header to request matching tracePropagationTargets
Stack Traces | 0.154s run time
test.ts:6:11 should attach `sentry-trace` and `baggage` header to request matching tracePropagationTargets
tracing/request/fetch-relative-url/test.ts should attach `sentry-trace` header to fetch requests
Stack Traces | 0.173s run time
test.ts:42:11 should attach `sentry-trace` header to fetch requests
tracing/request/fetch/test.ts should attach `sentry-trace` header to fetch requests
Stack Traces | 0.189s run time
test.ts:46:11 should attach `sentry-trace` header to fetch requests

To view more test analytics, go to the Test Analytics Dashboard
📢 Thoughts on this report? Let us know!

@mydea
Copy link
Member Author

mydea commented Nov 21, 2024

@lforst & @Lms24 OK, Now for real I think it should work.

I had to change the custom getTraceData implementation in OTEL to not use the propagator directly, because this also ensured that we checked the active span's url for trace propagation targets and possibly skip the sentry headers 😬 So instead, we now call the getInjectionData method from the propagator directly in getTraceData, which should ensure we have the same implementation but without the checks.

Copy link
Member

@Lms24 Lms24 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is a good refactor! A bit concerned that bundle size is increasing although it looks like we removed more code than we added 😅

};

const sentryTraceHeader =
span && hasTracingEnabled() ? spanToTraceHeader(span) : generateSentryTraceHeader(traceId, spanId, sampled);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For browser, I think that's fine!

@mydea
Copy link
Member Author

mydea commented Nov 22, 2024

I think this is a good refactor! A bit concerned that bundle size is increasing although it looks like we removed more code than we added 😅

yeah this is really weird 😬 not really sure where this is coming from... I think I'd still do this and hope that some follow up refactoring can safe a few bytes there. Sometimes, the ways of bundle size are not easy to understand 😬

@mydea mydea changed the title ref: Streamline sentry-trace, baggage and DSC handling feat: Streamline sentry-trace, baggage and DSC handling Nov 22, 2024
@mydea
Copy link
Member Author

mydea commented Nov 25, 2024

@Lms24 so, after digging some more into why this increases bundle size, I believe it is because of this code in getTraceData:

  const isValidSentryTraceHeader = TRACEPARENT_REGEXP.test(sentryTrace);
  if (!isValidSentryTraceHeader) {
    logger.warn('Invalid sentry-trace data. Cannot generate trace data');
    return {};
  }

  const validBaggage = isValidBaggageString(baggage);
  if (!validBaggage) {
    logger.warn('Invalid baggage data. Not returning "baggage" value');
  }

which basically checks some regexes. We have not checked this before, so now we have to include these regexes in the browser bundles which increases bundle size 😬

So IMHO either we accept this, or we only check these things in debug mode (?). I am not aware of any problems we had with this so far in browser land where we did not use to check this, so I am missing context for why we are checking this so defensively here.

@lforst
Copy link
Member

lforst commented Nov 25, 2024

Honestly checking for validity of shapes is a bit weird. Our parsing/writing logic should just have sensible defaults and there is no need to be so defensive. Can we remove this checking logic?

@Lms24
Copy link
Member

Lms24 commented Nov 25, 2024

I think it's fine to remove the validation logic!

For the record: We introduced the baggage validation logic because of XSS concerns (#9483 (comment)), originally in the Astro SDK. The Astro SDK code was later extracted to the core SDK for getTraceData.

I'm not sure though how valid the potential vector here is so chances are we were over-cautious back then.

@mydea
Copy link
Member Author

mydea commented Nov 26, 2024

I will merge this as is for now, and we can look into the validation in a follow up PR 👍

@mydea mydea merged commit b59ce07 into develop Nov 26, 2024
152 of 153 checks passed
@mydea mydea deleted the fn/headers-unify branch November 26, 2024 10:27
alexandresoro pushed a commit to alexandresoro/ouca that referenced this pull request Dec 8, 2024
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [@sentry/node](https://github.com/getsentry/sentry-javascript/tree/master/packages/node) ([source](https://github.com/getsentry/sentry-javascript)) | dependencies | minor | [`8.40.0` -> `8.42.0`](https://renovatebot.com/diffs/npm/@sentry%2fnode/8.40.0/8.42.0) |
| [@sentry/react](https://github.com/getsentry/sentry-javascript/tree/master/packages/react) ([source](https://github.com/getsentry/sentry-javascript)) | dependencies | minor | [`8.40.0` -> `8.42.0`](https://renovatebot.com/diffs/npm/@sentry%2freact/8.40.0/8.42.0) |

---

### Release Notes

<details>
<summary>getsentry/sentry-javascript (@&#8203;sentry/node)</summary>

### [`v8.42.0`](https://github.com/getsentry/sentry-javascript/blob/HEAD/CHANGELOG.md#8420)

[Compare Source](getsentry/sentry-javascript@8.41.0...8.42.0)

##### Important Changes

-   **feat(react): React Router v7 support (library) ([#&#8203;14513](getsentry/sentry-javascript#14513

    This release adds support for [React Router v7 (library mode)](https://reactrouter.com/home#react-router-as-a-library).
    Check out the docs on how to set up the integration: [Sentry React Router v7 Integration Docs](https://docs.sentry.io/platforms/javascript/guides/react/features/react-router/v7/)

##### Deprecations

-   **feat: Warn about source-map generation ([#&#8203;14533](getsentry/sentry-javascript#14533

    In the next major version of the SDK we will change how source maps are generated when the SDK is added to an application.
    Currently, the implementation varies a lot between different SDKs and can be difficult to understand.
    Moving forward, our goal is to turn on source maps for every framework, unless we detect that they are explicitly turned off.
    Additionally, if we end up enabling source maps, we will emit a log message that we did so.

    With this particular release, we are emitting warnings that source map generation will change in the future and we print instructions on how to prepare for the next major.

-   **feat(nuxt): Deprecate `tracingOptions` in favor of `vueIntegration` ([#&#8203;14530](getsentry/sentry-javascript#14530

    Currently it is possible to configure tracing options in two places in the Sentry Nuxt SDK:

    -   In `Sentry.init()`
    -   Inside `tracingOptions` in `Sentry.init()`

    For tree-shaking purposes and alignment with the Vue SDK, it is now recommended to instead use the newly exported `vueIntegration()` and its `tracingOptions` option to configure tracing options in the Nuxt SDK:

    ```ts
    // sentry.client.config.ts
    import * as Sentry from '@&#8203;sentry/nuxt';

    Sentry.init({
      // ...
      integrations: [
        Sentry.vueIntegration({
          tracingOptions: {
            trackComponents: true,
          },
        }),
      ],
    });
    ```

##### Other Changes

-   feat(browser-utils): Update `web-vitals` to v4.2.4 ([#&#8203;14439](getsentry/sentry-javascript#14439))
-   feat(nuxt): Expose `vueIntegration` ([#&#8203;14526](getsentry/sentry-javascript#14526))
-   fix(feedback): Handle css correctly in screenshot mode ([#&#8203;14535](getsentry/sentry-javascript#14535))

### [`v8.41.0`](https://github.com/getsentry/sentry-javascript/blob/HEAD/CHANGELOG.md#8410)

[Compare Source](getsentry/sentry-javascript@8.40.0...8.41.0)

##### Important Changes

-   **meta(nuxt): Require minimum Nuxt v3.7.0 ([#&#8203;14473](getsentry/sentry-javascript#14473

    We formalized that the Nuxt SDK is at minimum compatible with Nuxt version 3.7.0 and above.
    Additionally, the SDK requires the implicit `nitropack` dependency to satisfy version `^2.10.0` and `ofetch` to satisfy `^1.4.0`.
    It is recommended to check your lock-files and manually upgrade these dependencies if they don't match the version ranges.

##### Deprecations

We are deprecating a few APIs which will be removed in the next major.

The following deprecations will *potentially* affect you:

-   **feat(core): Update & deprecate `undefined` option handling ([#&#8203;14450](getsentry/sentry-javascript#14450

    In the next major version we will change how passing `undefined` to `tracesSampleRate` / `tracesSampler` / `enableTracing` will behave.

    Currently, doing the following:

    ```ts
    Sentry.init({
      tracesSampleRate: undefined,
    });
    ```

    Will result in tracing being *enabled* (although no spans will be generated) because the `tracesSampleRate` key is present in the options object.
    In the next major version, this behavior will be changed so that passing `undefined` (or rather having a `tracesSampleRate` key) will result in tracing being disabled, the same as not passing the option at all.
    If you are currently relying on `undefined` being passed, and and thus have tracing enabled, it is recommended to update your config to set e.g. `tracesSampleRate: 0` instead, which will also enable tracing in v9.

    The same applies to `tracesSampler` and `enableTracing`.

-   **feat(core): Log warnings when returning `null` in `beforeSendSpan` ([#&#8203;14433](getsentry/sentry-javascript#14433

    Currently, the `beforeSendSpan` option in `Sentry.init()` allows you to drop individual spans from a trace by returning `null` from the hook.
    Since this API lends itself to creating "gaps" inside traces, we decided to change how this API will work in the next major version.

    With the next major version the `beforeSendSpan` API can only be used to mutate spans, but no longer to drop them.
    With this release the SDK will warn you if you are using this API to drop spans.
    Instead, it is recommended to configure instrumentation (i.e. integrations) directly to control what spans are created.

    Additionally, with the next major version, root spans will also be passed to `beforeSendSpan`.

-   **feat(utils): Deprecate `@sentry/utils` ([#&#8203;14431](getsentry/sentry-javascript#14431

    With the next major version the `@sentry/utils` package will be merged into the `@sentry/core` package.
    It is therefore no longer recommended to use the `@sentry/utils` package.

-   **feat(vue): Deprecate configuring Vue tracing options anywhere else other than through the `vueIntegration`'s `tracingOptions` option ([#&#8203;14385](getsentry/sentry-javascript#14385

    Currently it is possible to configure tracing options in various places in the Sentry Vue SDK:

    -   In `Sentry.init()`
    -   Inside `tracingOptions` in `Sentry.init()`
    -   In the `vueIntegration()` options
    -   Inside `tracingOptions` in the `vueIntegration()` options

    Because this is a bit messy and confusing to document, the only recommended way to configure tracing options going forward is through the `tracingOptions` in the `vueIntegration()`.
    The other means of configuration will be removed in the next major version of the SDK.

-   **feat: Deprecate `registerEsmLoaderHooks.include` and `registerEsmLoaderHooks.exclude` ([#&#8203;14486](getsentry/sentry-javascript#14486

    Currently it is possible to define `registerEsmLoaderHooks.include` and `registerEsmLoaderHooks.exclude` options in `Sentry.init()` to only apply ESM loader hooks to a subset of modules.
    This API served as an escape hatch in case certain modules are incompatible with ESM loader hooks.

    Since this API was introduced, a way was found to only wrap modules that there exists instrumentation for (meaning a vetted list).
    To only wrap modules that have instrumentation, it is recommended to instead set `registerEsmLoaderHooks.onlyIncludeInstrumentedModules` to `true`.

    Note that `onlyIncludeInstrumentedModules: true` will become the default behavior in the next major version and the `registerEsmLoaderHooks` will no longer accept fine-grained options.

The following deprecations will *most likely* not affect you unless you are building an SDK yourself:

-   feat(core): Deprecate `arrayify` ([#&#8203;14405](getsentry/sentry-javascript#14405))
-   feat(core): Deprecate `flatten` ([#&#8203;14454](getsentry/sentry-javascript#14454))
-   feat(core): Deprecate `urlEncode` ([#&#8203;14406](getsentry/sentry-javascript#14406))
-   feat(core): Deprecate `validSeverityLevels` ([#&#8203;14407](getsentry/sentry-javascript#14407))
-   feat(core/utils): Deprecate `getNumberOfUrlSegments` ([#&#8203;14458](getsentry/sentry-javascript#14458))
-   feat(utils): Deprecate `memoBuilder`, `BAGGAGE_HEADER_NAME`, and `makeFifoCache` ([#&#8203;14434](getsentry/sentry-javascript#14434))
-   feat(utils/core): Deprecate `addRequestDataToEvent` and `extractRequestData` ([#&#8203;14430](getsentry/sentry-javascript#14430))

##### Other Changes

-   feat: Streamline `sentry-trace`, `baggage` and DSC handling ([#&#8203;14364](getsentry/sentry-javascript#14364))
-   feat(core): Further optimize debug ID parsing ([#&#8203;14365](getsentry/sentry-javascript#14365))
-   feat(node): Add `openTelemetryInstrumentations` option ([#&#8203;14484](getsentry/sentry-javascript#14484))
-   feat(nuxt): Add filter for not found source maps (devtools) ([#&#8203;14437](getsentry/sentry-javascript#14437))
-   feat(nuxt): Only delete public source maps ([#&#8203;14438](getsentry/sentry-javascript#14438))
-   fix(nextjs): Don't report `NEXT_REDIRECT` from browser ([#&#8203;14440](getsentry/sentry-javascript#14440))
-   perf(opentelemetry): Bucket spans for cleanup ([#&#8203;14154](getsentry/sentry-javascript#14154))

Work in this release was contributed by [@&#8203;NEKOYASAN](https://github.com/NEKOYASAN) and [@&#8203;fmorett](https://github.com/fmorett). Thank you for your contributions!

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these updates again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4xNDIuNyIsInVwZGF0ZWRJblZlciI6IjM4LjE0Mi43IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=-->

Reviewed-on: https://git.tristess.app/alexandresoro/ouca/pulls/374
Reviewed-by: Alexandre Soro <code@soro.dev>
Co-authored-by: renovate <renovate@git.tristess.app>
Co-committed-by: renovate <renovate@git.tristess.app>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants