feat(tracing): Add user data/transaction name to tracestate value #1177
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
lobsterkatie
added a commit
that referenced
this pull request
Sep 2, 2021
) This adds user data (specifically `id` and `segment`) and transaction name to the `tracetate` value. Doing this has two known limitations, which, though we've discussed them, I'm adding here for posterity: 1) Adding this data puts us over the character limit for tracestate values [listed in the W3C spec](https://www.w3.org/TR/trace-context/#value) (256 characters). For reference: Tracestate data: ``` { "trace_id": "12312012123120121231201212312012", "environment": "dogpark", "release": "off.leash.park", "public_key": "dogsarebadatkeepingsecrets", "user": {"id": 12312013, "segment": "bigs"}, "transaction": "/interactions/other-dogs/new-dog/" } ``` `tracestate` with without either: 196 characters `tracestate` with user data: 256 characters `tracestate` with transaction name: 264 characters `tracestate` with both: 324 characters 2) This data may change and/or get added to the scope after the tracestate value has been calculated, making it impossible to sample based on those attributes. This is especially a problem for transaction name, which in some frameworks isn't set to its final value until the transaction ends. This poses the added problem that the transaction name in its raw, un-finalized form may contain PII, because it is often the raw URL as opposed to the parameterized one (so, `/users/maisey/tricks/` rather than `/users/:username/tricks/`). More work needs to be done to investigate whether the final transaction name can be set earlier in any/all of the frameworks where this poses a problem. (For instance, it is a known problem in our Express integration, but not yet clear if it is a problem in any Python frameworks.)
lobsterkatie
added a commit
that referenced
this pull request
Sep 13, 2021
) This adds user data (specifically `id` and `segment`) and transaction name to the `tracetate` value. Doing this has two known limitations, which, though we've discussed them, I'm adding here for posterity: 1) Adding this data puts us over the character limit for tracestate values [listed in the W3C spec](https://www.w3.org/TR/trace-context/#value) (256 characters). For reference: Tracestate data: ``` { "trace_id": "12312012123120121231201212312012", "environment": "dogpark", "release": "off.leash.park", "public_key": "dogsarebadatkeepingsecrets", "user": {"id": 12312013, "segment": "bigs"}, "transaction": "/interactions/other-dogs/new-dog/" } ``` `tracestate` with without either: 196 characters `tracestate` with user data: 256 characters `tracestate` with transaction name: 264 characters `tracestate` with both: 324 characters 2) This data may change and/or get added to the scope after the tracestate value has been calculated, making it impossible to sample based on those attributes. This is especially a problem for transaction name, which in some frameworks isn't set to its final value until the transaction ends. This poses the added problem that the transaction name in its raw, un-finalized form may contain PII, because it is often the raw URL as opposed to the parameterized one (so, `/users/maisey/tricks/` rather than `/users/:username/tricks/`). More work needs to be done to investigate whether the final transaction name can be set earlier in any/all of the frameworks where this poses a problem. (For instance, it is a known problem in our Express integration, but not yet clear if it is a problem in any Python frameworks.)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This adds user data (specifically
idandsegment) and transaction name to thetracetatevalue.Doing this has two known limitations, which, though we've discussed them, I'm adding here for posterity:
Adding this data puts us over the character limit for tracestate values listed in the W3C spec (256 characters). For reference:
Tracestate data:
tracestatewith without either: 196 characterstracestatewith user data: 256 characterstracestatewith transaction name: 264 characterstracestatewith both: 324 charactersThis data may change and/or get added to the scope after the tracestate value has been calculated, making it impossible to sample based on those attributes. This is especially a problem for transaction name, which in some frameworks isn't set to its final value until the transaction ends. This poses the added problem that the transaction name in its raw, un-finalized form may contain PII, because it is often the raw URL as opposed to the parameterized one (so,
/users/maisey/tricks/rather than/users/:username/tricks/). More work needs to be done to investigate whether the final transaction name can be set earlier in any/all of the frameworks where this poses a problem. (For instance, it is a known problem in our Express integration, but not yet clear if it is a problem in any Python frameworks.)