-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sanitize spans with null process or empty service name #3631
Conversation
Codecov Report
@@ Coverage Diff @@
## main #3631 +/- ##
==========================================
+ Coverage 96.49% 96.53% +0.03%
==========================================
Files 266 267 +1
Lines 15622 15653 +31
==========================================
+ Hits 15075 15111 +36
+ Misses 457 453 -4
+ Partials 90 89 -1
Continue to review full report at Codecov.
|
@codecov[bot] is not allowed to run commands |
97bc6f9
to
2a468b8
Compare
@albertteoh can you review, please? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good overall, just a question around the standard sanitizers variable.
"github.com/jaegertracing/jaeger/model" | ||
) | ||
|
||
var ( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why not const
?
cmd/collector/app/span_processor.go
Outdated
@@ -96,13 +96,18 @@ func newSpanProcessor(spanWriter spanstore.Writer, additional []ProcessSpan, opt | |||
} | |||
boundedQueue := queue.NewBoundedQueue(options.queueSize, droppedItemHandler) | |||
|
|||
sanitizers := append([]sanitizer.SanitizeSpan{}, sanitizer.StandardSanitizers...) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sanitizer.StandardSanitizers
is a globally accessible slice that can be mutated. What do you think about unexporting sanitizer.StandardSanitizers
and adding a sanitizer.GetStandardSanitizers()
func?
Then (I don't think we need to append to an empty slice?):
sanitizers := sanitizer.GetStandardSanitizers()
@yurishkuro, apologies for the late review, I've been away for a couple of weeks. |
@@ -68,7 +69,7 @@ wait_for_it() { | |||
''%{http_code}'' | |||
) | |||
local counter=0 | |||
while [[ "$(curl ${params[@]} ${url})" != "200" && ${counter} -le 30 ]]; do | |||
while [[ "$(curl ${params[@]} ${url})" != "200" && ${counter} -le 60 ]]; do |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
1min (2*30) seems insufficient sometimes, we can wait longer if it takes OS longer to start
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Seems some lines might need to be covered by tests though.
Signed-off-by: Yuri Shkuro <[email protected]>
Signed-off-by: Yuri Shkuro <[email protected]>
Signed-off-by: Yuri Shkuro <[email protected]>
Signed-off-by: Yuri Shkuro <[email protected]>
Signed-off-by: Yuri Shkuro <[email protected]>
…#3631) * Sanitize spans with null process or empty service name Signed-off-by: Yuri Shkuro <[email protected]> * cleanup Signed-off-by: Yuri Shkuro <[email protected]> * review comments Signed-off-by: Yuri Shkuro <[email protected]> * wait longer Signed-off-by: Yuri Shkuro <[email protected]> * add tests Signed-off-by: Yuri Shkuro <[email protected]> Signed-off-by: Albert Teoh <[email protected]>
Sanitize spans with empty service name or null process. This should protect the pipeline from malformed spans submitted externally, as reported in #3578. It will not protect against malformed spans written directly to Kafka - we could do that too, but it changes the expectations of the deployment that Kafka is a public API into ingester, which would be a new guarantee and will require ingester to run preprocessing logic similar to collector.