Exclude OTLP header configurations from configuration telemetry#5868
Conversation
Typing analysisNote: Ignored files are excluded from the next sections.
|
🎉 All green!🧪 All tests passed 🎯 Code Coverage (details) 🔗 Commit SHA: 35e3616 | Docs | Datadog PR Page | Give us feedback! |
… telemetry Mark the OTLP exporter header configurations and DD_API_KEY / DD_APP_KEY as `sensitive: true` in supported-configurations.json, and ensure the OTLP exporter header configurations are omitted from configuration telemetry through their `skip_telemetry` flag. Update the app_started specs to assert these values are absent from the telemetry configuration while keeping assertions for the non-sensitive OpenTelemetry exporter configurations. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
b444497 to
4b3ec95
Compare
BenchmarksBenchmark execution time: 2026-06-23 18:47:17 Comparing candidate commit 35e3616 in PR branch Found 0 performance improvements and 0 performance regressions! Performance is the same for 48 metrics, 1 unstable metrics.
|
… not reported Add a flag-driven invariant that walks the live settings tree, assigns a unique sentinel to every option declaring skip_telemetry true, and asserts no sentinel reaches any reported configuration value or name. This auto-covers future sensitive options without per-name enumeration. Add a drift guard asserting the env-backed skip_telemetry options match the entries marked sensitive in supported-configurations.json. Extend the sweep to the DD_API_KEY and AI-Guard DD_APP_KEY options and to the app-extended-heartbeat event, which inherits the same configuration builder. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
… generic sweep Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…options Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
vpellan
left a comment
There was a problem hiding this comment.
LGTM but I feel like the sensitive field in supported-configurations.json and the related checks/specs should be their own PR as they are different from the original intent of that PR
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
What does this PR do?
Excludes the OTLP exporter header configurations (
OTEL_EXPORTER_OTLP_HEADERS,OTEL_EXPORTER_OTLP_METRICS_HEADERS,OTEL_EXPORTER_OTLP_LOGS_HEADERS) from configuration telemetry, and marks themsensitive: trueinsupported-configurations.json.Motivation:
These configurations should not be included in configuration telemetry.
Change log entry
None.
Additional Notes:
—
How to test the change?
Specs in
spec/datadog/core/telemetry/event/app_started_spec.rbassert these values are absent from the configuration telemetry while keeping assertions for the non-sensitive OpenTelemetry exporter configurations.