Support changes for nginx-datadog/waf-rem-cfg

[cataphract]

Description

See individual commits

See DataDog/nginx-datadog#71

Motivation

The implemetation originally assumed that service_target was included in all configuration files. However,, this assumption is incorrect; for instance, Appsec configuration files does not include this field. This PR removes that unnecessary restriction.

[pr-commenter]

Benchmarks

Benchmark execution time: 2024-08-20 09:33:15

Comparing candidate commit 383400b in PR branch glopes/waf-rem-cfg with baseline commit dc5e762 in branch main.

Found 0 performance improvements and 0 performance regressions! Performance is the same for 1 metrics, 0 unstable metrics.

[dgoffredo]

Re: this commit...

It looks like Damien added src/datadog as an include directory to support his refactoring of remote config here. The structure of includes was no longer flat, so he chose to keep the #include "..." discipline flat by adding src/datadog to the compiler's list of include directories to search.

You then saw this causes problems with the POSIX header glob.h and so you removed src/datadog from the list of include directories (good idea) and started using relative includes instead, like #include "../glob.h".

Here's an alternative workaround that I like better: Change the #include style throughout all of dd-trace-cpp to use angle-bracketed "qualified" includes. For example, in src/datadog/remote_config/listener.h you have #include "../optional.h". Consider changing it instead to #include <datadog/optional.h>. In existing headers, everywhere there is #include "foo.h", it would instead be #include <datadog/foo.h> or possibly #include <datadog/remote_config/foo.h>. The relative locations of the headers and sources that include each other would no longer be relevant -- it would always be relative to the exposed include directory src/ and made unambiguous by the constant prefix datadog/.

This change would affect every file in the repository, but now that the structure of includes is not flat, I think it's The Right Way™.

The distinction really is just a matter of style. The advantage that comes to mind for what I propose is that someone interested in using the library programmatically can copy the include style without having to grok the examples. That and it makes clearer that the file included is relative to some build-configured search directory, rather than being that or relative to the current file (and not knowing which is the case).

[cataphract]

This change would affect every file in the repository, but now that the structure of includes is not flat, I think it's The Right Way™.

The distinction really is just a matter of style. The advantage that comes to mind for what I propose is that someone interested in using the library programmatically can copy the include style without having to grok the examples. That and it makes clearer that the file included is relative to some build-configured search directory, rather than being that or relative to the current file (and not knowing which is the case).

@dgoffredo I'm not sold on this being a good idea, style aside because angled includes privilege include directories over local files (and hence you will have problems building another version of the library if you have another version installed globally), but anyway I've added a commit for it.

[dmehala]

@cataphract don't mind fixing the include issue. This issue is being addressed in #144

EDIT: @cataphract I merged #144, the include issue is fixed. I have DataDog/nginx-datadog#106 pending to support changes introduced in dd-trace-cpp.

May I suggest you to rebase your branch?

[codecov-commenter]

Codecov Report

Attention: Patch coverage is 97.29730% with 1 line in your changes missing coverage. Please review.

Project coverage is 94.45%. Comparing base (d354e96) to head (1621fdb).
Report is 16 commits behind head on main.

Files with missing lines	Patch %	Lines
src/datadog/config_manager.cpp	88.88%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #143      +/-   ##
==========================================
- Coverage   94.46%   94.45%   -0.02%     
==========================================
  Files          72       72              
  Lines        3797     3805       +8     
==========================================
+ Hits         3587     3594       +7     
- Misses        210      211       +1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[cataphract]

I've rebased this and updated nginx-datadog to match. I didn't use your PR in nginx-datadog, though; removing nlhomann::json is a lot more work than you have there.

[dmehala]

Left a few comments. Thank you.

[dmehala]

TODO.
[genuine question] Are you planning to move the code to the listener?

[cataphract]

No, not really. It's not really trivial because the listener currently has no access to tracer_signature_.

[dmehala]

[question] Do you mind if I push a commit to remove that technical debt?

[cataphract]

sure go ahead

[dmehala]

done in d11cd52

[dmehala]

Can you confirm the change?

Before	After
"tracecontext,datadog"	["tracecontext", "datadog"]

If so, thank you—this is indeed an improvement. However, the best approach would be to leverage the JSON library.

The code should look something like:

void to_json(nlohmann::json& j, const PropagationStyle& style) {
   j = to_string_view(style);
}

And the usage:

...
{"injection_styles", injection_styles_},
...

[cataphract]

Yes, that's the change. This also fixes the test TestConfiguration.test_in_http in nginx. With the changes made in this PR it now looks normal:

{
  "collector": {
    "config": {
      "event_scheduler": {
        "type": "datadog::nginx::NgxEventScheduler"
      },
      "flush_interval_milliseconds": 2000,
      "http_client": {
        "type": "datadog::tracing::Curl"
      },
      "remote_configuration_url": "http://bogus:1234/v0.7/config",
      "request_timeout_milliseconds": 2000,
      "shutdown_timeout_milliseconds": 2000,
      "telemetry_url": "http://bogus:1234/telemetry/proxy/api/v2/apmtelemetry",
      "traces_url": "http://bogus:1234/v0.4/traces"
    },
    "type": "datadog::tracing::DatadogAgent"
  },
  "defaults": {
    "environment": "fooment",
    "service": "foosvc",
    "service_type": "web"
  },
  "environment_variables": {
    "DD_REMOTE_CONFIG_POLL_INTERVAL_SECONDS": "1"
  },
  "extraction_styles": [
    "B3",
    "Datadog"
  ],
  "injection_styles": [
    "B3",
    "Datadog"
  ],
  "report_traces": true,
  "runtime_id": "31998223-6dc3-4fd6-b4c2-cd1ded711143",
  "span_sampler": {
    "rules": []
  },
  "tags_header_size": 512,
  "trace_sampler": {
    "max_per_second": 200,
    "rules": []
  },
  "version": "[dd-trace-cpp version v0.2.2]"
}

[dmehala]

Indeed. Thanks, I appreciate.

[dmehala]

LGTM. Before merging, could you update the commit message to be more descriptive? Something like, "fix(remote_config): remove unnecessary restriction on configuration content" would be more appropriate.