feat: Add auto-instrumentation support for AWS Secrets Manager SDK v1 #14027
Conversation
| @@ -64,6 +68,7 @@ public void onEnd( | |||
| @Nullable Throwable error) { | |||
| if (response != null) { | |||
| Object awsResp = response.getAwsResponse(); | |||
| setAttribute(attributes, AWS_SECRETSMANAGER_SECRET_ARN, awsResp, RequestAccess::getSecretArn); | |||
There was a problem hiding this comment.
Perhaps there should be a null check for awsResp so you wouldn't need to do it in RequestAccess.
One thing that is confusing for me is that in case of secret manager you test CreateSecretRequest so it is understandable that the arn is on the response. For step functions you test DescribeStateMachineRequest and DescribeActivityRequest there in a real application shouldn't the arn already be set on the request when running these agains real aws service? I guess there is also CreateStateMachineRequest where you'd need to read the arn from the response, but aws2 version doesn't seem to handle that. It would be nice to have all paths tested and aligned between aws1 and 2 sdks.
In this PR reading the secret arn from the request isn't really tested. And as far as I can tell it wouldn't work for DescribeSecretRequest since that one seems to use getSecretId instead of getARN.
There was a problem hiding this comment.
These are great feedback. Thank you @laurit.
- Added a null check at the awsResp level.
- Removed the call to getARN() from the request. In Secrets Manager, the request uses secretId, which is not necessarily an ARN. This change aligns with the V2 implementation. The ARN will now be retrieved from the response. A new test has been added using DescribeSecretRequest.
- Step Functions will be addressed in a separate PR.
This PR introduces auto-instrumentation support for the following AWS resource: AWS Secrets Manager SDK v1 Tests Run: ./gradlew spotlessCheck ./gradlew clean assemble ./gradlew instrumentation:check ./gradlew :smoke-tests:test All newly added tests pass, and no regression issues were found. Backward Compatibility: This change is backward compatible. It adds instrumentation for an additional AWS resource without modifying existing behavior in the auto-instrumentation library.
lukeina2z
force-pushed
the
xy-bar-2-secrets
branch
from
8120bdc to
87aae70
Compare
1. Added a null check at the awsResp level. 2. Removed the call to getARN() from the request. In Secrets Manager, the request uses secretId, which is not necessarily an ARN. This change aligns with the V2 implementation. The ARN will now be retrieved from the response. A new test has been added using DescribeSecretRequest.
|
🔧 The result from spotlessApply was committed to the PR branch. |
...-1.11/library/src/main/java/io/opentelemetry/instrumentation/awssdk/v1_11/RequestAccess.java
Outdated
Show resolved
Hide resolved
| dependencies { | ||
| implementation(project()) | ||
| implementation(project(":instrumentation:aws-sdk:aws-sdk-1.11:testing")) | ||
| implementation("com.amazonaws:aws-java-sdk-secretsmanager:1.12.80") |
There was a problem hiding this comment.
We have this slightly magical this where when you run tests with -PtestLatestDeps=true the version for dependencies in library scope (custom scope that is compileOnly + testImplementation) is bumped to latest available version. This doesn't work with test suites, there we can do this manually
diff --git a/instrumentation/aws-sdk/aws-sdk-1.11/library/build.gradle.kts b/instrumentation/aws-sdk/aws-sdk-1.11/library/build.gradle.kts
index d498072f24..104e260218 100644
--- a/instrumentation/aws-sdk/aws-sdk-1.11/library/build.gradle.kts
+++ b/instrumentation/aws-sdk/aws-sdk-1.11/library/build.gradle.kts
@@ -23,7 +23,8 @@ dependencies {
latestDepTestLibrary("com.amazonaws:aws-java-sdk-sqs:1.12.583") // documented limitation
}
-if (!(findProperty("testLatestDeps") as Boolean)) {
+val testLatestDeps = findProperty("testLatestDeps") as Boolean
+if (!testLatestDeps) {
configurations.testRuntimeClasspath {
resolutionStrategy {
eachDependency {
@@ -42,7 +43,8 @@ testing {
dependencies {
implementation(project())
implementation(project(":instrumentation:aws-sdk:aws-sdk-1.11:testing"))
- implementation("com.amazonaws:aws-java-sdk-secretsmanager:1.12.80")
+ val version = if (testLatestDeps) "latest.release" else "1.12.80"
+ implementation("com.amazonaws:aws-java-sdk-secretsmanager:$version")
}
}
}There was a problem hiding this comment.
Good to know. I will update and run both tests.
This is addressed in the latest iteration.
…ersion of AWS SDK v1.
This PR introduces auto-instrumentation support for the following AWS resource:
AWS Secrets Manager SDK v1
Tests Run:
./gradlew spotlessCheck
./gradlew clean assemble
./gradlew instrumentation:check
./gradlew :smoke-tests:test
All newly added tests pass, and no regression issues were found.
Backward Compatibility:
This change is backward compatible. It adds instrumentation for an additional AWS resource without modifying existing behavior in the auto-instrumentation library.