Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: add opentelemetry for bio-api #589

Draft
wants to merge 2 commits into
base: master
Choose a base branch
from
Draft

chore: add opentelemetry for bio-api #589

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
103174b
chore: add opentelemetry for bio-api
Jul 16, 2024
64dd54d
refactor: 🫧 cleanup
Aug 8, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions bundestag.io/api/manifests/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,8 @@ spec:
value: mongodb://democracy-mongo:27017/bundestagio
- name: BIO_EDIT_TOKEN
value: ${var.BIO_EDIT_TOKEN}
- name: OTEL_EXPORTER_OTLP_TRACES_URL
value: http://signoz-otel-collector:4318/v1/traces

ports:
- containerPort: 4000
Expand Down
7 changes: 0 additions & 7 deletions bundestag.io/api/nodemon.json
View file
Open in desktop

This file was deleted.

10 changes: 8 additions & 2 deletions bundestag.io/api/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,8 @@
"scripts": {
"build": "tsc",
"prebuild": "pnpm run generate",
"start": "node build/index.js",
"dev": "tsx watch src/index.ts",
"start": "node -r ./src/tracing.ts build/index.js",
"dev": "tsx watch --env-file=.env -r ./src/tracing.ts src/index.ts",
"predev": "pnpm run generate",
"lint": "pnpm lint:ts && pnpm lint:exports",
"lint:es": "eslint src --ext .js,.jsx,.ts,.tsx",
Expand All @@ -27,6 +27,12 @@
"@graphql-tools/merge": "^9.0.4",
"@graphql-tools/schema": "^10.0.4",
"@graphql-tools/utils": "^10.2.1",
"@opentelemetry/api": "^1.9.0",
"@opentelemetry/auto-instrumentations-node": "^0.48.0",
"@opentelemetry/exporter-trace-otlp-http": "^0.52.1",
"@opentelemetry/resources": "^1.25.1",
"@opentelemetry/sdk-node": "^0.52.1",
"@opentelemetry/semantic-conventions": "^1.25.1",
"axios": "1.6.0",
"body-parser": "^1.20.2",
"cors": "^2.8.5",
Expand Down
41 changes: 41 additions & 0 deletions bundestag.io/api/src/tracing.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
const { NodeSDK } = require('@opentelemetry/sdk-node');
const { getNodeAutoInstrumentations } = require('@opentelemetry/auto-instrumentations-node');
const { OTLPTraceExporter } = require('@opentelemetry/exporter-trace-otlp-http');
const { Resource } = require('@opentelemetry/resources');
const { SemanticResourceAttributes } = require('@opentelemetry/semantic-conventions');

if (!process.env.OTEL_EXPORTER_OTLP_TRACES_URL) {
console.warn('OTEL_EXPORTER_OTLP_TRACES_URL is not set, tracing will not be enabled');
} else {
// do not set headers in exporterOptions, the OTel spec recommends setting headers through ENV variables
// https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/protocol/exporter.md#specifying-headers-via-environment-variables

// highlight-start
const exporterOptions = {
url: process.env.OTEL_EXPORTER_OTLP_TRACES_URL,
};
// highlight-end

const traceExporter = new OTLPTraceExporter(exporterOptions);
const sdk = new NodeSDK({
traceExporter,
instrumentations: [getNodeAutoInstrumentations()],
resource: new Resource({
// highlight-next-line
[SemanticResourceAttributes.SERVICE_NAME]: 'bundestag-io-api',
}),
});

// initialize the SDK and register with the OpenTelemetry API
// this enables the API to record telemetry
sdk.start();

// gracefully shut down the SDK on process exit
process.on('SIGTERM', () => {
sdk
.shutdown()
.then(() => console.log('Tracing terminated'))
.catch((error) => console.log('Error terminating tracing', error))
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚫 [Bearer] <javascript_lang_logger_leak> reported by reviewdog 🐶

Leakage of information in logger message

Description

Information leakage through logger messages can compromise sensitive data. This vulnerability arises when dynamic data or variables, which may contain sensitive information, are included in log messages.

Remediations

  • Do not include sensitive data directly in logger messages. This can lead to the exposure of such data in log files, which might be accessible to unauthorized individuals. 
    logger.info(`Results: ${data}`) // unsafe
  • Do use logging levels appropriately to control the verbosity of log output and minimize the risk of leaking sensitive information in production environments.

.finally(() => process.exit(0));
});
}
62 changes: 62 additions & 0 deletions infra/opentelemetry/garden.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
kind: Deploy
type: helm
name: cert-manager

spec:
chart:
name: cert-manager
repo: https://charts.jetstack.io
version: v1.15.1
values:
installCRDs: true
---
kind: Deploy
type: helm
name: opentelemetry

dependencies:
- deploy.cert-manager

spec:
chart:
name: opentelemetry-operator
repo: https://open-telemetry.github.io/opentelemetry-helm-charts
version: '0.64.2'
values:
manager:
collectorImage:
repository: otel/opentelemetry-collector
---
kind: Deploy
type: helm
name: signoz

dependencies:
- deploy.opentelemetry

spec:
chart:
name: signoz
repo: https://charts.signoz.io
version: 0.47.0
values:
frontend:
ingress:
enabled: true
hosts:
- host: 'signoz.${var.hostname}'
paths:
- path: /
pathType: Prefix
port: 3301
otelCollector:
ingress:
enabled: true
hosts:
- host: 'otelcollector.${var.hostname}'
paths:
- path: /
pathType: Prefix
port: 4318
schemaMigrator:
enabled: false
Loading
Loading