diff --git a/instrumentation/resources/library/build.gradle.kts b/instrumentation/resources/library/build.gradle.kts index ec94154e0749..d8e1615a4bf5 100644 --- a/instrumentation/resources/library/build.gradle.kts +++ b/instrumentation/resources/library/build.gradle.kts @@ -84,6 +84,17 @@ testing { } tasks { + test { + dependsOn(jar) + doFirst { + // use the final jar instead of directories with built classes to test the mrjar functionality + classpath = jar.get().outputs.files + classpath + } + systemProperty("testSecret", "test") + systemProperty("testPassword", "test") + systemProperty("testNotRedacted", "test") + } + check { dependsOn(testing.suites) } diff --git a/instrumentation/resources/library/src/main/java/io/opentelemetry/instrumentation/resources/ProcessResource.java b/instrumentation/resources/library/src/main/java/io/opentelemetry/instrumentation/resources/ProcessResource.java index fe9b398abe79..244e4cf5e1cb 100644 --- a/instrumentation/resources/library/src/main/java/io/opentelemetry/instrumentation/resources/ProcessResource.java +++ b/instrumentation/resources/library/src/main/java/io/opentelemetry/instrumentation/resources/ProcessResource.java @@ -14,7 +14,6 @@ import java.lang.management.ManagementFactory; import java.lang.management.RuntimeMXBean; import java.util.ArrayList; -import java.util.Arrays; import java.util.List; import java.util.Locale; import java.util.regex.Pattern; @@ -35,6 +34,9 @@ public final class ProcessResource { // Important: This is statically used in buildResource, so must be declared/initialized first. private static final Pattern JAR_FILE_PATTERN = Pattern.compile("^\\S+\\.(jar|war)", Pattern.CASE_INSENSITIVE); + // scrub values for system properties containing "secret" or "password" in the name + private static final Pattern SCRUB_PATTERN = + Pattern.compile("(-D.*(password|secret).*=).*", Pattern.CASE_INSENSITIVE); private static final Resource INSTANCE = buildResource(); @@ -94,12 +96,14 @@ private static Resource doBuildResource() { if (args.length > 0) { List commandArgs = new ArrayList<>(args.length + 1); commandArgs.add(executablePath.toString()); - commandArgs.addAll(Arrays.asList(args)); + for (String arg : args) { + commandArgs.add(scrub(arg)); + } attributes.put(PROCESS_COMMAND_ARGS, commandArgs); } else { // Java 8 StringBuilder commandLine = new StringBuilder(executablePath); for (String arg : runtime.getInputArguments()) { - commandLine.append(' ').append(arg); + commandLine.append(' ').append(scrub(arg)); } // sun.java.command isn't well document and may not be available on all systems. String javaCommand = System.getProperty("sun.java.command"); @@ -118,5 +122,9 @@ private static Resource doBuildResource() { return Resource.create(attributes.build(), SchemaUrls.V1_24_0); } + private static String scrub(String argument) { + return SCRUB_PATTERN.matcher(argument).replaceFirst("$1***"); + } + private ProcessResource() {} } diff --git a/instrumentation/resources/library/src/test/java/io/opentelemetry/instrumentation/resources/ProcessResourceTest.java b/instrumentation/resources/library/src/test/java/io/opentelemetry/instrumentation/resources/ProcessResourceTest.java index c40429e147d3..6270ae391a66 100644 --- a/instrumentation/resources/library/src/test/java/io/opentelemetry/instrumentation/resources/ProcessResourceTest.java +++ b/instrumentation/resources/library/src/test/java/io/opentelemetry/instrumentation/resources/ProcessResourceTest.java @@ -19,32 +19,39 @@ class ProcessResourceTest { @Test @SetSystemProperty(key = "os.name", value = "Linux 4.12") void notWindows() { - Resource resource = ProcessResource.buildResource(); - assertThat(resource.getSchemaUrl()).isEqualTo(SchemaUrls.V1_24_0); - Attributes attributes = resource.getAttributes(); - - assertThat(attributes.get(ProcessIncubatingAttributes.PROCESS_PID)).isGreaterThan(1); - assertThat(attributes.get(ProcessIncubatingAttributes.PROCESS_EXECUTABLE_PATH)) - .matches(".*[/\\\\]java"); - assertThat(attributes.get(ProcessIncubatingAttributes.PROCESS_COMMAND_LINE)) - .contains(attributes.get(ProcessIncubatingAttributes.PROCESS_EXECUTABLE_PATH)); - // With Java 9+ and a compiled jar, ResourceAttributes.PROCESS_COMMAND_ARGS - // will be set instead of ResourceAttributes.PROCESS_COMMAND_LINE + assertResource(false); } @Test @SetSystemProperty(key = "os.name", value = "Windows 10") void windows() { + assertResource(true); + } + + private static void assertResource(boolean windows) { Resource resource = ProcessResource.buildResource(); assertThat(resource.getSchemaUrl()).isEqualTo(SchemaUrls.V1_24_0); Attributes attributes = resource.getAttributes(); assertThat(attributes.get(ProcessIncubatingAttributes.PROCESS_PID)).isGreaterThan(1); assertThat(attributes.get(ProcessIncubatingAttributes.PROCESS_EXECUTABLE_PATH)) - .matches(".*[/\\\\]java\\.exe"); - assertThat(attributes.get(ProcessIncubatingAttributes.PROCESS_COMMAND_LINE)) - .contains(attributes.get(ProcessIncubatingAttributes.PROCESS_EXECUTABLE_PATH)); + .matches(windows ? ".*[/\\\\]java\\.exe" : ".*[/\\\\]java"); + // With Java 9+ and a compiled jar, ResourceAttributes.PROCESS_COMMAND_ARGS // will be set instead of ResourceAttributes.PROCESS_COMMAND_LINE + boolean java8 = "1.8".equals(System.getProperty("java.specification.version")); + if (java8) { + assertThat(attributes.get(ProcessIncubatingAttributes.PROCESS_COMMAND_LINE)) + .contains(attributes.get(ProcessIncubatingAttributes.PROCESS_EXECUTABLE_PATH)) + .contains("-DtestSecret=***") + .contains("-DtestPassword=***") + .contains("-DtestNotRedacted=test"); + } else { + assertThat(attributes.get(ProcessIncubatingAttributes.PROCESS_COMMAND_ARGS)) + .contains(attributes.get(ProcessIncubatingAttributes.PROCESS_EXECUTABLE_PATH)) + .contains("-DtestSecret=***") + .contains("-DtestPassword=***") + .contains("-DtestNotRedacted=test"); + } } } diff --git a/instrumentation/resources/library/src/test/java/io/opentelemetry/instrumentation/resources/internal/DeclarativeConfigTest.java b/instrumentation/resources/library/src/test/java/io/opentelemetry/instrumentation/resources/internal/DeclarativeConfigTest.java index c6dfe036c25b..424c25d59b4b 100644 --- a/instrumentation/resources/library/src/test/java/io/opentelemetry/instrumentation/resources/internal/DeclarativeConfigTest.java +++ b/instrumentation/resources/library/src/test/java/io/opentelemetry/instrumentation/resources/internal/DeclarativeConfigTest.java @@ -31,6 +31,7 @@ void endToEnd() { + " value: my-service\n" + "tracer_provider:\n"; + boolean java8 = "1.8".equals(System.getProperty("java.specification.version")); OpenTelemetrySdk openTelemetrySdk = FileConfiguration.parseAndCreate( new ByteArrayInputStream(yaml.getBytes(StandardCharsets.UTF_8))); @@ -56,7 +57,8 @@ void endToEnd() { assertThat(attributeKeys).contains("os.description"); assertThat(attributeKeys).contains("os.type"); // ProcessResourceComponentProvider - assertThat(attributeKeys).contains("process.command_line"); + assertThat(attributeKeys) + .contains(java8 ? "process.command_line" : "process.command_args"); assertThat(attributeKeys).contains("process.executable.path"); assertThat(attributeKeys).contains("process.pid"); // ProcessRuntimeResourceComponentProvider