diff --git a/.github/workflows/apm-transport-stress-test.yml b/.github/workflows/apm-transport-stress-test.yml deleted file mode 100644 index c581629bbe7..00000000000 --- a/.github/workflows/apm-transport-stress-test.yml +++ /dev/null @@ -1,28 +0,0 @@ -name: 'Run Datadog APM Transport Stress Tests' -on: - workflow_dispatch: - schedule: - # Every hour - - cron: '0 * * * *' - -jobs: - run_stress_tests: - runs-on: ubuntu-latest - env: - AGENT_DOCKERFILE: realagent - DD_API_KEY: ${{ secrets.DD_SHARED_TESTS_API_KEY }} - TRACER: python - steps: - - uses: actions/checkout@v4 - with: - repository: DataDog/apm-transport-stress-tests - - name: Build - run: ./build.sh "${TRACER}" "${AGENT_DOCKERFILE}" - - name: Test TCPIP - run: ./run.sh tcpip - env: - RUN_ID: ${{ github.run_id }} - - name: Test UDS - run: ./run.sh uds - env: - RUN_ID: ${{ github.run_id }} diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml deleted file mode 100644 index 0c003c5dcc7..00000000000 --- a/.github/workflows/backport.yml +++ /dev/null @@ -1,31 +0,0 @@ -name: Backport -on: - pull_request_target: - types: - - closed - - labeled - -jobs: - backport: - name: Backport - runs-on: ubuntu-latest - # Only react to merged PRs for security reasons. - # See https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target. - if: > - github.event.pull_request.merged - && ( - github.event.action == 'closed' - || ( - github.event.action == 'labeled' - && contains(github.event.label.name, 'backport') - ) - ) - steps: - - uses: tibdex/backport@v2 - with: - github_token: ${{ secrets.GITHUB_TOKEN }} - body_template: "Backport <%= mergeCommitSha %> from #<%= number %> to <%= base %>.\n\n<%= body %>" - label_pattern: "^backport (?([0-9]+\\.[0-9]+))$" - # Include the original labels from the merged PR (minus any matching label_pattern) - labels_template: "<% print(JSON.stringify(labels)) %>" - title_template: "<%= title %> [backport <%= base %>]" diff --git a/.github/workflows/build-and-publish-image.yml b/.github/workflows/build-and-publish-image.yml deleted file mode 100644 index d015d0c5c3f..00000000000 --- a/.github/workflows/build-and-publish-image.yml +++ /dev/null @@ -1,49 +0,0 @@ -name: Build and publish image - -on: - workflow_call: - inputs: - tags: - required: true - type: string - platforms: - required: true - type: string - build-args: - required: true - type: string - context: - required: true - type: string - file: - required: false - type: string - default: Dockerfile - secrets: - token: - required: true - -jobs: - build_push: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - name: Set up Docker Buildx - id: buildx - uses: docker/setup-buildx-action@v2 - with: - # Images after this version (>=v0.10) are incompatible with gcr and aws. - version: v0.9.1 # https://github.com/docker/buildx/issues/1533 - - name: Login to Docker - run: docker login -u publisher -p ${{ secrets.token }} ghcr.io - - name: Docker Build - uses: docker/build-push-action@v4 - with: - push: true - tags: ${{ inputs.tags }} - platforms: ${{ inputs.platforms }} - build-args: ${{ inputs.build-args }} - context: ${{ inputs.context }} - file: ${{ inputs.context }}/${{ inputs.file }} diff --git a/.github/workflows/build_deploy.yml b/.github/workflows/build_deploy.yml index 50eeba62f62..e69de29bb2d 100644 --- a/.github/workflows/build_deploy.yml +++ b/.github/workflows/build_deploy.yml @@ -1,93 +0,0 @@ -name: Build - -on: - push: - pull_request: - release: - types: - - published - workflow_dispatch: - # Allow manually triggering, but do NOT upload the result - schedule: - # Nightly builds after weekdays - - cron: 0 2 * * 2-6 - -jobs: - build_wheels: - uses: ./.github/workflows/build_python_3.yml - with: - cibw_build: 'cp37* cp38* cp39* cp310* cp311* cp312*' - - build_sdist: - name: Build source distribution - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - # Include all history and tags - with: - fetch-depth: 0 - - uses: actions-rust-lang/setup-rust-toolchain@v1 - - uses: actions/setup-python@v5 - name: Install Python - with: - python-version: '3.7' - - name: Build sdist - run: | - pip install "setuptools_scm[toml]>=4" "cython" "cmake>=3.24.2,<3.28" "setuptools-rust" - python setup.py sdist - - uses: actions/upload-artifact@v4 - with: - name: source-dist - path: dist/*.tar.gz - - test_alpine_sdist: - # alpine is the only environment not built/tested by cibuildwheel - name: Test source distribution on Alpine Linux - needs: [build_sdist] - runs-on: ubuntu-latest - container: - image: python:3.9-alpine - steps: - - uses: actions/checkout@v4 - - uses: actions/download-artifact@v4 - with: - name: source-dist - path: dist - - - name: Install build dependencies - # Rust + Cargo are needed for Cryptography - run: apk add git gcc g++ musl-dev libffi-dev openssl-dev bash rust cargo make cmake - - - name: Check source package - run: | - pip install twine readme_renderer[md] - twine check dist/*.tar.gz - - name: Install source package - run: pip install dist/*.tar.gz - - - name: Test the source package - run: python $GITHUB_WORKSPACE/tests/smoke_test.py - # Move out of the workspace to avoid importing ddtrace from the source - working-directory: / - - upload_pypi: - needs: - - build_wheels - - test_alpine_sdist - runs-on: ubuntu-latest - if: (github.event_name == 'release' && github.event.action == 'published') - steps: - - uses: actions/download-artifact@v4 - with: - path: dist - merge-multiple: true - - - uses: pypa/gh-action-pypi-publish@release/v1 - with: - user: __token__ - password: ${{ secrets.PYPI_TOKEN }} - # To test: repository_url: https://test.pypi.org/legacy/ - # Setting skip_existing will prevent the deploy from erring out early - # due to a duplicate wheel being present which will ensure that the rest - # of the wheels will be uploaded if some are uploaded manually. - skip_existing: true diff --git a/.github/workflows/build_python_3.yml b/.github/workflows/build_python_3.yml deleted file mode 100644 index a88d4e85dff..00000000000 --- a/.github/workflows/build_python_3.yml +++ /dev/null @@ -1,163 +0,0 @@ -name: Build Python 3 - -on: - workflow_call: - inputs: - cibw_build: - required: true - type: string - cibw_skip: - required: false - type: string - cibw_prerelease_pythons: - required: false - type: string - -jobs: - build-wheels-matrix: - runs-on: ubuntu-latest - outputs: - include: ${{steps.set-matrix.outputs.include}} - steps: - - uses: actions/checkout@v4 - - uses: actions/setup-python@v5 - with: - python-version: '3.8' - - run: pip install cibuildwheel==2.16.5 - - id: set-matrix - env: - CIBW_BUILD: ${{ inputs.cibw_build }} - run: | - MATRIX_INCLUDE=$( - { - cibuildwheel --print-build-identifiers --platform linux --arch x86_64,i686 | jq -cR '{only: ., os: "ubuntu-latest"}' \ - && cibuildwheel --print-build-identifiers --platform linux --arch aarch64 | jq -cR '{only: ., os: "arm-4core-linux"}' \ - && cibuildwheel --print-build-identifiers --platform windows --arch AMD64,x86 | jq -cR '{only: ., os: "windows-latest"}' \ - && cibuildwheel --print-build-identifiers --platform macos --arch x86_64,universal2 | jq -cR '{only: ., os: "macos-12"}' - } | jq -sc - ) - echo $MATRIX_INCLUDE - echo "include=${MATRIX_INCLUDE}" >> $GITHUB_OUTPUT - - build: - needs: build-wheels-matrix - runs-on: ${{ matrix.os }} - name: Build ${{ matrix.only }} - strategy: - matrix: - include: ${{ fromJson(needs.build-wheels-matrix.outputs.include) }} - - steps: - - uses: actions/checkout@v4 - # Include all history and tags - with: - fetch-depth: 0 - - - uses: actions/setup-python@v5 - if: matrix.os != 'arm-4core-linux' - name: Install Python - with: - python-version: '3.8' - - - name: Install docker and pipx - if: matrix.os == 'arm-4core-linux' - # The ARM64 Ubuntu has less things installed by default - # We need docker, pip and venv for cibuildwheel - # acl allows us to use docker in the same session - run: | - curl -fsSL https://get.docker.com -o get-docker.sh - sudo sh get-docker.sh - sudo usermod -a -G docker $USER - sudo apt install -y acl python3.10-venv python3-pip - sudo setfacl --modify user:runner:rw /var/run/docker.sock - python3 -m pip install pipx - - - name: Set up QEMU - if: runner.os == 'Linux' && matrix.os != 'arm-4core-linux' - uses: docker/setup-qemu-action@v2 - with: - platforms: all - - - name: Build wheels arm64 - if: matrix.os == 'arm-4core-linux' - run: /home/runner/.local/bin/pipx run cibuildwheel==2.16.5 --only ${{ matrix.only }} - env: - CIBW_SKIP: ${{ inputs.cibw_skip }} - CIBW_PRERELEASE_PYTHONS: ${{ inputs.cibw_prerelease_pythons }} - CMAKE_BUILD_PARALLEL_LEVEL: 12 - CIBW_MUSLLINUX_I686_IMAGE: ghcr.io/datadog/dd-trace-py/pypa_musllinux_1_2_i686:latest - CIBW_BEFORE_ALL: > - if [[ "$(uname -m)-$(uname -i)-$(uname -o | tr '[:upper:]' '[:lower:]')-$(ldd --version 2>&1 | head -n 1 | awk '{print $1}')" != "i686-unknown-linux-musl" ]]; - then - curl -sSf https://sh.rustup.rs | sh -s -- -y; - fi - CIBW_BEFORE_ALL_WINDOWS: rustup target add i686-pc-windows-msvc - CIBW_BEFORE_ALL_MACOS: rustup target add aarch64-apple-darwin - CIBW_ENVIRONMENT_LINUX: "PATH=$HOME/.cargo/bin:$PATH" - CIBW_REPAIR_WHEEL_COMMAND_LINUX: | - mkdir ./tempwheelhouse && - unzip -l {wheel} | grep '\.so' && - auditwheel repair -w ./tempwheelhouse {wheel} && - for w in ./tempwheelhouse/*.whl; do - python scripts/zip_filter.py $w \*.c \*.cpp \*.cc \*.h \*.hpp \*.pyx - mv $w {dest_dir} - done && - rm -rf ./tempwheelhouse - CIBW_REPAIR_WHEEL_COMMAND_MACOS: | - zip -d {wheel} \*.c \*.cpp \*.cc \*.h \*.hpp \*.pyx && - delocate-wheel --require-archs {delocate_archs} -w {dest_dir} -v {wheel} - CIBW_REPAIR_WHEEL_COMMAND_WINDOWS: - choco install -y 7zip && - 7z d -r "{wheel}" *.c *.cpp *.cc *.h *.hpp *.pyx && - move "{wheel}" "{dest_dir}" - # DEV: Uncomment to debug MacOS - # CIBW_BUILD_VERBOSITY_MACOS: 3 - - - name: Build wheels - if: matrix.os != 'arm-4core-linux' - uses: pypa/cibuildwheel@v2.16.5 - with: - only: ${{ matrix.only }} - env: - CIBW_SKIP: ${{ inputs.cibw_skip }} - CIBW_PRERELEASE_PYTHONS: ${{ inputs.cibw_prerelease_pythons }} - CMAKE_BUILD_PARALLEL_LEVEL: 12 - CIBW_MUSLLINUX_I686_IMAGE: ghcr.io/datadog/dd-trace-py/pypa_musllinux_1_2_i686:latest - CIBW_BEFORE_ALL: > - if [[ "$(uname -m)-$(uname -i)-$(uname -o | tr '[:upper:]' '[:lower:]')-$(ldd --version 2>&1 | head -n 1 | awk '{print $1}')" != "i686-unknown-linux-musl" ]]; - then - curl -sSf https://sh.rustup.rs | sh -s -- -y; - fi - CIBW_BEFORE_ALL_WINDOWS: rustup target add i686-pc-windows-msvc - CIBW_BEFORE_ALL_MACOS: rustup target add aarch64-apple-darwin - CIBW_ENVIRONMENT_LINUX: "PATH=$HOME/.cargo/bin:$PATH" - CIBW_REPAIR_WHEEL_COMMAND_LINUX: | - mkdir ./tempwheelhouse && - unzip -l {wheel} | grep '\.so' && - auditwheel repair -w ./tempwheelhouse {wheel} && - for w in ./tempwheelhouse/*.whl; do - python scripts/zip_filter.py $w \*.c \*.cpp \*.cc \*.h \*.hpp \*.pyx - mv $w {dest_dir} - done && - rm -rf ./tempwheelhouse - CIBW_REPAIR_WHEEL_COMMAND_MACOS: | - zip -d {wheel} \*.c \*.cpp \*.cc \*.h \*.hpp \*.pyx && - delocate-wheel --require-archs {delocate_archs} -w {dest_dir} -v {wheel} - CIBW_REPAIR_WHEEL_COMMAND_WINDOWS: - choco install -y 7zip && - 7z d -r "{wheel}" *.c *.cpp *.cc *.h *.hpp *.pyx && - move "{wheel}" "{dest_dir}" - # DEV: Uncomment to debug MacOS - # CIBW_BUILD_VERBOSITY_MACOS: 3 - - - if: runner.os != 'Windows' - run: | - echo "ARTIFACT_NAME=${{ matrix.only }}" >> $GITHUB_ENV - - if: runner.os == 'Windows' - run: | - chcp 65001 #set code page to utf-8 - echo "ARTIFACT_NAME=${{ matrix.only }}" >> $env:GITHUB_ENV - - uses: actions/upload-artifact@v4 - with: - name: wheels-${{ env.ARTIFACT_NAME }} - path: ./wheelhouse/*.whl diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml deleted file mode 100644 index 5f9ac3ec1c7..00000000000 --- a/.github/workflows/changelog.yml +++ /dev/null @@ -1,50 +0,0 @@ -name: Changelog -on: - push: - branches: - - main - pull_request: - # Important that we run on `labeled` and `unlabeled` to pick up `changelog/no-changelog` being added/removed - # DEV: [opened, reopened, synchronize] is the default - types: [opened, reopened, synchronize, labeled, unlabeled, ready_for_review] -jobs: - validate: - name: Validate changelog - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - # Include all history and tags - with: - fetch-depth: 0 - - # Ensure a new reno release note was added in this PR. - # Use `reno new ` to add a new note to `releasenotes/notes`, - # or add `changelog/no-changelog` label if no release note is needed. - - name: Ensure release note added - # Only run this on pull requests - if: github.event_name == 'pull_request' - run: scripts/check-releasenotes - - - uses: actions/setup-python@v5 - name: Install Python - with: - python-version: '3.8' - - - name: Install Dependencies - run: pip install reno docutils - - - name: Lint changelog notes - run: reno lint - - - name: Generate changelog - run: | - reno report | tee CHANGELOG.rst - rst2html.py CHANGELOG.rst CHANGELOG.html - - - name: Upload CHANGELOG.rst - uses: actions/upload-artifact@v4 - with: - name: changelog - path: | - CHANGELOG.rst - CHANGELOG.html diff --git a/.github/workflows/codeowners.yml b/.github/workflows/codeowners.yml deleted file mode 100644 index 92f64888348..00000000000 --- a/.github/workflows/codeowners.yml +++ /dev/null @@ -1,39 +0,0 @@ -name: Codeowners - -on: - pull_request: - -jobs: - report_codeowners: - name: "Report codeowners" - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Get changed files - id: changed-files - uses: tj-actions/changed-files@v44 - - name: Setup go - uses: actions/setup-go@v5 - - name: Install codeowners - run: go install github.com/hmarr/codeowners/cmd/codeowners@latest - - name: List owners of all changed files - id: codeowners_resolved - run: | - codeowners ${{ steps.changed-files.outputs.all_changed_files }} - echo "results<> "$GITHUB_OUTPUT" - echo "$(codeowners ${{ steps.changed-files.outputs.all_changed_files }})" >> "$GITHUB_OUTPUT" - echo "EOF" >> "$GITHUB_OUTPUT" - - name: Comment PR - uses: thollander/actions-comment-pull-request@v2 - with: - filePath: resolved.txt - comment_tag: codeowners_resolved - mode: upsert - message: | - `CODEOWNERS` have been resolved as: - - ``` - ${{ steps.codeowners_resolved.outputs.results }} - ``` diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml deleted file mode 100644 index 960b2a21036..00000000000 --- a/.github/workflows/codeql-analysis.yml +++ /dev/null @@ -1,45 +0,0 @@ -name: "CodeQL" - -on: - push: - branches: - - main - pull_request: - # The branches below must be a subset of the branches above - branches: - - main - -jobs: - analyze: - name: Analyze - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - - strategy: - fail-fast: false - matrix: - language: [ 'python' ] - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v2 - with: - languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. - # queries: ./path/to/local/query, your-org/your-repo/queries@main - config-file: .github/codeql-config.yml - - - name: Autobuild - uses: github/codeql-action/autobuild@v2 - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 diff --git a/.github/workflows/django-overhead-profile.yml b/.github/workflows/django-overhead-profile.yml deleted file mode 100644 index 602d1302976..00000000000 --- a/.github/workflows/django-overhead-profile.yml +++ /dev/null @@ -1,40 +0,0 @@ -name: django-overhead-profile -on: - push: - branches: - - main - pull_request: - paths: - - 'ddtrace/**' - - 'scripts/profiles/django-simple/**' - - '.github/workflows/django-overhead-profile.yml' -jobs: - django-overhead-profile: - runs-on: ubuntu-latest - env: - PREFIX: ${{ github.workspace }}/prefix - defaults: - run: - working-directory: ddtrace - steps: - - uses: actions/checkout@v4 - with: - path: ddtrace - - - uses: actions/setup-python@v5 - with: - python-version: "3.10" - - - name: Setup - run: | - bash scripts/profiles/django-simple/setup.sh ${PREFIX} - - - name: Run - run: | - bash scripts/profiles/django-simple/run.sh ${PREFIX} - - - uses: actions/upload-artifact@v4 - with: - name: django-overhead-profile - path: ${{ github.workspace }}/prefix/artifacts - diff --git a/.github/workflows/encoders-profile.yml b/.github/workflows/encoders-profile.yml deleted file mode 100644 index d95612b43c7..00000000000 --- a/.github/workflows/encoders-profile.yml +++ /dev/null @@ -1,44 +0,0 @@ -name: encoders-profile -on: - push: - branches: - - main - pull_request: - paths: - - 'ddtrace/internal/_encoding.pyx' - - 'scripts/profiles/encoders/**' - - '.github/workflows/encoders-profile.yml' -jobs: - encoders-profile: - runs-on: ubuntu-latest - env: - PREFIX: ${{ github.workspace }}/prefix - defaults: - run: - working-directory: ddtrace - steps: - - uses: actions/checkout@v4 - with: - path: ddtrace - - - uses: actions/setup-python@v5 - with: - python-version: "3.10" - - - name: Setup - run: | - bash scripts/profiles/encoders/setup.sh ${PREFIX} - - - name: Run - run: | - bash scripts/profiles/encoders/run.sh ${PREFIX} - for a in `ls ${PREFIX}/artifacts` - do - sed -i 's|${{ github.workspace }}/ddtrace/||g' ${PREFIX}/artifacts/$a - done - - - uses: actions/upload-artifact@v4 - with: - name: encoders-profile - path: ${{ github.workspace }}/prefix/artifacts - diff --git a/.github/workflows/flask-overhead-profile.yml b/.github/workflows/flask-overhead-profile.yml deleted file mode 100644 index 4b9d6117701..00000000000 --- a/.github/workflows/flask-overhead-profile.yml +++ /dev/null @@ -1,40 +0,0 @@ -name: flask-overhead-profile -on: - push: - branches: - - main - pull_request: - paths: - - 'ddtrace/**' - - 'scripts/profiles/flask-simple/**' - - '.github/workflows/flask-overhead-profile.yml' -jobs: - flask-overhead-profile: - runs-on: ubuntu-latest - env: - PREFIX: ${{ github.workspace }}/prefix - defaults: - run: - working-directory: ddtrace - steps: - - uses: actions/checkout@v4 - with: - path: ddtrace - - - uses: actions/setup-python@v5 - with: - python-version: "3.10" - - - name: Setup - run: | - bash scripts/profiles/flask-simple/setup.sh ${PREFIX} - - - name: Run - run: | - bash scripts/profiles/flask-simple/run.sh ${PREFIX} - - - uses: actions/upload-artifact@v4 - with: - name: flask-overhead-profile - path: ${{ github.workspace }}/prefix/artifacts - diff --git a/.github/workflows/lib-inject-prune.yml b/.github/workflows/lib-inject-prune.yml deleted file mode 100644 index 02b7e6d1728..00000000000 --- a/.github/workflows/lib-inject-prune.yml +++ /dev/null @@ -1,57 +0,0 @@ -name: Prune Lib Injection images -on: - schedule: - - cron: '15 3 * * *' - workflow_dispatch: - -jobs: - prune-init-images: - name: Prune dd-lib-python-init docker images - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - steps: - - name: Prune registry - uses: vlaurin/action-ghcr-prune@0a539594d122b915e71c59733a5b115bfaaf5d52 #v0.5.0 - with: - token: ${{ secrets.GITHUB_TOKEN }} - organization: Datadog - container: dd-trace-py/dd-lib-python-init - keep-younger-than: 7 # days - keep-last: 10 - keep-tags: | - latest_snapshot - prune-tags-regexes: | - ^[a-z0-9]{40}$ - prune-untagged: true - - prune-init-test-app-images: - name: Prune test app docker images - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - strategy: - matrix: - image: - - 'dd-lib-python-init-test-django' - - 'dd-lib-python-init-test-django-gunicorn' - - 'dd-lib-python-init-test-django-uvicorn' - - 'dd-lib-python-init-test-django-uwsgi' - - 'dd-lib-python-init-test-app' - - 'dd-python-agent-init' - steps: - - name: Prune registry - uses: vlaurin/action-ghcr-prune@0a539594d122b915e71c59733a5b115bfaaf5d52 #v0.5.0 - with: - token: ${{ secrets.GITHUB_TOKEN }} - organization: Datadog - container: dd-trace-py/${{ matrix.image }} - keep-younger-than: 15 # days - keep-last: 5 - keep-tags: | - latest_snapshot - prune-tags-regexes: | - ^[a-z0-9]{40}$ - prune-untagged: true diff --git a/.github/workflows/pr-name.yml b/.github/workflows/pr-name.yml deleted file mode 100644 index 5a6e4bdfe80..00000000000 --- a/.github/workflows/pr-name.yml +++ /dev/null @@ -1,56 +0,0 @@ -name: pr-name -on: - pull_request: - types: ['opened', 'edited', 'reopened', 'synchronize'] - branches-ignore: - - "[0-9]+.[0-9]+" - -jobs: - pr_name_lint: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - uses: actions/setup-node@v4 - name: Install Node.js - with: - node-version: 16 - - name: Install dependencies - run: | - npm install @commitlint/lint@18.6.1 @commitlint/load@18.6.1 @commitlint/config-conventional@18.6.2 @actions/core - - name: Lint PR name - uses: actions/github-script@v6.4.1 - with: - script: | - const load = require('@commitlint/load').default; - const lint = require('@commitlint/lint').default; - - const CONFIG = { - extends: ['./commitlint.config.js'], - }; - - const title = context.payload.pull_request.title; - - core.info(`Linting: ${title}`); - - load(CONFIG) - .then((opts) => { - lint( - title, - opts.rules, - opts.parserPreset ? {parserOpts: opts.parserPreset.parserOpts} : {} - ).then((report) => { - report.warnings.forEach((warning) => { - core.warning(warning.message); - }); - - report.errors.forEach((error) => { - core.error(error.message); - }); - - if (!report.valid) { - core.setFailed("PR title linting failed"); - } - }); - }); diff --git a/.github/workflows/prune_workflow.yml b/.github/workflows/prune_workflow.yml deleted file mode 100644 index 1c8a8479a8c..00000000000 --- a/.github/workflows/prune_workflow.yml +++ /dev/null @@ -1,62 +0,0 @@ -name: Prune workflow runs -on: - schedule: - # Run monthly, at 00:00 on the 1st day of month. - - cron: '0 0 1 * *' - workflow_dispatch: - inputs: - days: - description: 'Number of days.' - required: true - default: 30 - minimum_runs: - description: 'The minimum runs to keep for each workflow.' - required: true - default: 6 - delete_workflow_pattern: - description: 'The name or filename of the workflow. if not set then it will target all workflows.' - required: false - delete_workflow_by_state_pattern: - description: 'Remove workflow by state: active, deleted, disabled_fork, disabled_inactivity, disabled_manually' - required: true - default: "All" - type: choice - options: - - "All" - - active - - deleted - - disabled_inactivity - - disabled_manually - delete_run_by_conclusion_pattern: - description: 'Remove workflow by conclusion: action_required, cancelled, failure, skipped, success' - required: true - default: "All" - type: choice - options: - - "All" - - action_required - - cancelled - - failure - - skipped - - success - dry_run: - description: 'Only log actions, do not perform any delete operations.' - required: false - -jobs: - del_runs: - runs-on: ubuntu-latest - permissions: - actions: write - steps: - - name: Delete workflow runs - uses: Mattraks/delete-workflow-runs@v2 - with: - token: ${{ github.token }} - repository: ${{ github.repository }} - retain_days: ${{ github.event.inputs.days }} - keep_minimum_runs: ${{ github.event.inputs.minimum_runs }} - delete_workflow_pattern: ${{ github.event.inputs.delete_workflow_pattern }} - delete_workflow_by_state_pattern: ${{ github.event.inputs.delete_workflow_by_state_pattern }} - delete_run_by_conclusion_pattern: ${{ github.event.inputs.delete_run_by_conclusion_pattern }} - dry_run: ${{ github.event.inputs.dry_run }} diff --git a/.github/workflows/pypa_musllinux_1_2_i686.yml b/.github/workflows/pypa_musllinux_1_2_i686.yml deleted file mode 100644 index 601f0fbff51..00000000000 --- a/.github/workflows/pypa_musllinux_1_2_i686.yml +++ /dev/null @@ -1,21 +0,0 @@ -name: PyPA i686 musl linux CI image - -on: - workflow_dispatch: - push: - branches: - - 'main' - paths: - - 'docker/**' - -jobs: - build-and-publish: - uses: ./.github/workflows/build-and-publish-image.yml - with: - tags: 'ghcr.io/datadog/dd-trace-py/pypa_musllinux_1_2_i686:${{ github.sha }},ghcr.io/datadog/dd-trace-py/pypa_musllinux_1_2_i686:latest' - platforms: 'linux/386' - build-args: '' - context: ./docker - file: Dockerfile.pypa_musllinux_1_2_i686 - secrets: - token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/require-checklist.yaml b/.github/workflows/require-checklist.yaml deleted file mode 100644 index 521e28573bb..00000000000 --- a/.github/workflows/require-checklist.yaml +++ /dev/null @@ -1,12 +0,0 @@ -name: Require Checklist -on: - pull_request: - types: [opened, edited, synchronize] -jobs: - require-checklist: - runs-on: ubuntu-latest - steps: - - uses: mheap/require-checklist-action@v2 - with: - # require a checklist to be present in the PR description - requireChecklist: true diff --git a/.github/workflows/rust-ci.yml b/.github/workflows/rust-ci.yml deleted file mode 100644 index 668aa507f89..00000000000 --- a/.github/workflows/rust-ci.yml +++ /dev/null @@ -1,30 +0,0 @@ -name: "Rust CI" -on: - push: - pull_request: - paths: - - src/** - -jobs: - check: - name: Rust CI - runs-on: ubuntu-latest - strategy: - matrix: - extension: ["src/core"] - steps: - - uses: actions/checkout@v4 - - name: Install latest stable toolchain and rustfmt - run: rustup update stable && rustup default stable && rustup component add rustfmt clippy - - name: Run cargo build - run: cargo build - working-directory: ${{ matrix.extension }} - - name: Run cargo fmt - run: cargo fmt --all -- --check - working-directory: ${{ matrix.extension }} - - name: Run cargo clippy - run: cargo clippy -- -D warnings - working-directory: ${{ matrix.extension }} - - name: Run cargo test - run: cargo test --no-fail-fast --locked - working-directory: ${{ matrix.extension }} diff --git a/.github/workflows/set-target-milestone.yml b/.github/workflows/set-target-milestone.yml deleted file mode 100644 index 6370a0a7d8b..00000000000 --- a/.github/workflows/set-target-milestone.yml +++ /dev/null @@ -1,57 +0,0 @@ -name: Add milestone to pull requests -on: - # Only run when a PR is closed - pull_request: - types: - - closed - -jobs: - add_milestone_to_pr: - # Only run if the PR was closed due to a merge - if: github.event.pull_request.merged == true - name: Add milestone to merged pull requests - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - # Include all history and tags - with: - fetch-depth: 0 - - uses: actions/setup-python@v5 - name: Install Python - with: - python-version: '3.8' - - name: Get target milestone - id: milestones - run: | - pip install -U pip - pip install packaging - scripts/get-target-milestone.py - - name: Update Pull Request - if: steps.milestones.outputs.milestone != null - uses: actions/github-script@v6.4.1 - with: - github-token: ${{secrets.GITHUB_TOKEN}} - script: | - const title = "${{ steps.milestones.outputs.milestone }}"; - - const milestones = await github.rest.issues.listMilestones({ - owner: context.repo.owner, - repo: context.repo.repo, - state: "open", - }); - - let milestone = milestones.data.find( (m) => m.title == title ); - if (milestone === undefined) { - milestone = await github.rest.issues.createMilestone({ - owner: context.repo.owner, - repo: context.repo.repo, - title: title, - }); - } - - await github.rest.issues.update({ - owner: context.repo.owner, - repo: context.repo.repo, - issue_number: ${{ github.event.pull_request.number }}, - milestone: milestone.number, - }); diff --git a/.github/workflows/setup-tox.sh b/.github/workflows/setup-tox.sh deleted file mode 100644 index 7f2c7b2b226..00000000000 --- a/.github/workflows/setup-tox.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash -eu - -# This script is used to setup tox in a GitHub Actions workflow. -# Usage: . .github/workflows/setup-tox.sh - -set -e -set -u - -ENV=${1} - -# Install tox -pip install tox - -# Create the environment without running it -tox -e ${ENV} --notest - -# Add pytest configuration for ddtrace -echo -e "[pytest]\nddtrace-patch-all = 1" > pytest.ini - -# Enable the environment -source .tox/${ENV}/bin/activate - -# Install ddtrace -pip install ../ddtrace diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml deleted file mode 100644 index 63a045d498b..00000000000 --- a/.github/workflows/stale.yml +++ /dev/null @@ -1,33 +0,0 @@ -name: 'Close stale issues and PRs' -on: - schedule: - # 00:00:000 UTC - - cron: '0 0 * * *' - -permissions: - issues: write - pull-requests: write - -jobs: - stale: - runs-on: ubuntu-latest - steps: - - uses: actions/stale@v8 - with: - # DEV: GitHub Actions have an API rate limit of 1000 operations per hour per repository - # This limit is shared across all actions - operations-per-run: 200 - days-before-pr-close: 30 - days-before-issue-close: 90 - exempt-issue-labels: 'proposal' - exempt-pr-labels: 'proposal' - close-issue-message: | - This issue has been automatically closed after a period of inactivity. If it's a - feature request, it has been added to the maintainers' internal backlog and will be - included in an upcoming round of feature prioritization. Please comment or reopen - if you think this issue was closed in error. - close-pr-message: | - This pull request has been automatically closed after a period of inactivity. - After this much time, it will likely be easier to open a new pull request with the - same changes than to update this one from the base branch. Please comment or reopen - if you think this pull request was closed in error. diff --git a/.github/workflows/system-tests-investigation.yml b/.github/workflows/system-tests-investigation.yml new file mode 100644 index 00000000000..aca888df501 --- /dev/null +++ b/.github/workflows/system-tests-investigation.yml @@ -0,0 +1,45 @@ +name: System Tests Investigation + +on: + push: + branches: + - main + pull_request: + workflow_dispatch: {} + +jobs: + build-artifact: + runs-on: ubuntu-latest + steps: + - run: mkdir binaries/ + - run: echo "git+https://github.com/DataDog/dd-trace-py.git@cbeauchesne/crash-investigation" > binaries/python-load-from-pip + - uses: actions/upload-artifact@v4 + with: + name: dd_trace_py + path: binaries/ + + system-tests: + needs: build-artifact + strategy: + matrix: + attempt: [1, 2, 3] # let's increase the crash probability + scenarios: # list of scenario knowns to have startup crashes + - name: set1 + list: APM_TRACING_E2E_OTEL,APPSEC_API_SECURITY,APPSEC_API_SECURITY_NO_RESPONSE_BODY,APPSEC_API_SECURITY_RC + - name: set2 + list: APPSEC_API_SECURITY_WITH_SAMPLING,APPSEC_CUSTOM_OBFUSCATION,APPSEC_CUSTOM_RULES,APPSEC_RATE_LIMITER + - name: set3 + list: APPSEC_RASP,APPSEC_REQUEST_BLOCKING,APPSEC_RUNTIME_ACTIVATION,DEBUGGER_PII_REDACTION,REMOTE_CONFIG_MOCKED_BACKEND_LIVE_DEBUGGING + - name: set4 + list: DEBUGGER_EXPRESSION_LANGUAGE,TELEMETRY_METRIC_GENERATION_DISABLED,TELEMETRY_LOG_GENERATION_DISABLED + - name: set5 + list: APM_TRACING_E2E_OTEL,REMOTE_CONFIG_MOCKED_BACKEND_ASM_FEATURES_NOCACHE,REMOTE_CONFIG_MOCKED_BACKEND_ASM_DD_NOCACHE,APPSEC_LOW_WAF_TIMEOUT + fail-fast: false + + uses: DataDog/system-tests/.github/workflows/system-tests.yml@main + secrets: inherit + with: + library: python + scenarios: ${{ matrix.scenarios.list }} + binaries_artifact: dd_trace_py + ci_environment: ${{ matrix.scenarios.name }}_${{ matrix.attempt }} # current reusable workflow does not allow artifact postfix. Let's hack diff --git a/.github/workflows/system-tests.yml b/.github/workflows/system-tests.yml deleted file mode 100644 index 06906b73f08..00000000000 --- a/.github/workflows/system-tests.yml +++ /dev/null @@ -1,280 +0,0 @@ -name: System Tests - -on: - push: - branches: - - main - pull_request: - workflow_dispatch: {} - schedule: - - cron: '00 04 * * 2-6' - -jobs: - needs-run: - runs-on: ubuntu-latest - outputs: - outcome: ${{ steps.run_needed.outcome }} - steps: - - uses: actions/checkout@v4 - - id: run_needed - name: Check if run is needed - run: | - git fetch origin ${{ github.event.pull_request.base.sha || github.sha }} - export PATHS=$(git diff --name-only HEAD ${{ github.event.pull_request.base.sha || github.sha }}) - python -c "import os,sys,fnmatch;sys.exit(not bool([_ for pattern in {'ddtrace/*', 'setup*', 'pyproject.toml', '.github/workflows/system-tests.yml'} for _ in fnmatch.filter(os.environ['PATHS'].splitlines(), pattern)]))" - continue-on-error: true - - system-tests-build: - runs-on: ubuntu-latest - needs: needs-run - strategy: - matrix: - include: - - weblog-variant: flask-poc - - weblog-variant: uwsgi-poc - - weblog-variant: django-poc - - weblog-variant: fastapi - # runs django-poc for 3.12 - - weblog-variant: python3.12 - fail-fast: false - env: - TEST_LIBRARY: python - WEBLOG_VARIANT: ${{ matrix.weblog-variant }} - # system-tests requires an API_KEY, but it does not have to be a valid key, as long as we don't run a scenario - # that make assertion on backend data. Using a fake key allow to run system tests on PR originating from forks. - # If ever it's needed, a valid key exists in the repo, using ${{ secrets.DD_API_KEY }} - DD_API_KEY: 1234567890abcdef1234567890abcdef - CMAKE_BUILD_PARALLEL_LEVEL: 12 - steps: - - name: Setup python 3.12 - if: needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule' - uses: actions/setup-python@v5 - with: - python-version: '3.12' - - - name: Checkout system tests - if: needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule' - uses: actions/checkout@v4 - with: - repository: 'DataDog/system-tests' - - - name: Checkout dd-trace-py - if: needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule' - uses: actions/checkout@v4 - with: - path: 'binaries/dd-trace-py' - fetch-depth: 0 - # NB this ref is necessary to keep the checkout out of detached HEAD state, which setuptools_scm requires for - # proper version guessing - ref: ${{ github.event.pull_request.head.sha || github.sha }} - - - name: Build - id: build - if: needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule' - run: ./build.sh - - - name: Save - id: save - if: needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule' - run: | - docker image save system_tests/weblog:latest | gzip > ${{ matrix.weblog-variant}}_weblog_${{ github.sha }}.tar.gz - docker image save system_tests/agent:latest | gzip > ${{ matrix.weblog-variant}}_agent_${{ github.sha }}.tar.gz - - - uses: actions/upload-artifact@v4 - if: needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule' - with: - name: ${{ matrix.weblog-variant }}_${{ github.sha }} - path: | - ${{ matrix.weblog-variant}}_weblog_${{ github.sha }}.tar.gz - ${{ matrix.weblog-variant}}_agent_${{ github.sha }}.tar.gz - venv - retention-days: 2 - - system-tests: - runs-on: ubuntu-latest - needs: [needs-run, system-tests-build] - strategy: - matrix: - weblog-variant: [flask-poc, uwsgi-poc , django-poc, fastapi, python3.12] - scenario: [remote-config, appsec, appsec-1, other] - - fail-fast: false - env: - TEST_LIBRARY: python - WEBLOG_VARIANT: ${{ matrix.weblog-variant }} - # system-tests requires an API_KEY, but it does not have to be a valid key, as long as we don't run a scenario - # that make assertion on backend data. Using a fake key allow to run system tests on PR originating from forks. - # If ever it's needed, a valid key exists in the repo, using ${{ secrets.DD_API_KEY }} - DD_API_KEY: 1234567890abcdef1234567890abcdef - CMAKE_BUILD_PARALLEL_LEVEL: 12 - steps: - - name: Setup python 3.12 - if: needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule' - uses: actions/setup-python@v5 - with: - python-version: '3.12' - - - name: Checkout system tests - if: needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule' - uses: actions/checkout@v4 - with: - repository: 'DataDog/system-tests' - - - uses: actions/download-artifact@v4 - if: needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule' - with: - name: ${{ matrix.weblog-variant }}_${{ github.sha }} - path: ${{ matrix.weblog-variant}}_${{ github.sha }}.tar.gz - - - name: docker load - if: needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule' - run: | - docker load < ${{ matrix.weblog-variant}}_${{ github.sha }}.tar.gz/${{ matrix.weblog-variant}}_weblog_${{ github.sha }}.tar.gz - docker load < ${{ matrix.weblog-variant}}_${{ github.sha }}.tar.gz/${{ matrix.weblog-variant}}_agent_${{ github.sha }}.tar.gz - - - name: move venv - if: needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule' - run: | - mv ${{ matrix.weblog-variant}}_${{ github.sha }}.tar.gz/venv venv - chmod -R +x venv/bin/* - - - name: Run DEFAULT - if: (needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule') && matrix.scenario == 'other' - run: ./run.sh DEFAULT - - - name: Run SAMPLING - if: (needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule') && matrix.scenario == 'other' - run: ./run.sh SAMPLING - - - name: Run INTEGRATIONS - if: (needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule') && matrix.scenario == 'other' - run: ./run.sh INTEGRATIONS - - - name: Run CROSSED_TRACING_LIBRARIES - if: (needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule') && matrix.scenario == 'other' - run: ./run.sh CROSSED_TRACING_LIBRARIES - - - name: Run REMOTE_CONFIG_MOCKED_BACKEND_ASM_FEATURES - if: (needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule') && matrix.scenario == 'remote-config' - run: ./run.sh REMOTE_CONFIG_MOCKED_BACKEND_ASM_FEATURES - - - name: Run REMOTE_CONFIG_MOCKED_BACKEND_LIVE_DEBUGGING - if: (needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule') && matrix.scenario == 'remote-config' - run: ./run.sh REMOTE_CONFIG_MOCKED_BACKEND_LIVE_DEBUGGING - - - name: Run REMOTE_CONFIG_MOCKED_BACKEND_ASM_DD - if: (needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule') && matrix.scenario == 'remote-config' - run: ./run.sh REMOTE_CONFIG_MOCKED_BACKEND_ASM_DD - - - name: Run APPSEC_MISSING_RULES - if: (needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule') && matrix.scenario == 'appsec' - run: ./run.sh APPSEC_MISSING_RULES - - - name: Run APPSEC_CUSTOM_RULES - if: (needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule') && matrix.scenario == 'appsec' - run: ./run.sh APPSEC_CUSTOM_RULES - - - name: Run APPSEC_CORRUPTED_RULES - if: (needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule') && matrix.scenario == 'appsec' - run: ./run.sh APPSEC_CORRUPTED_RULES - - - name: Run APPSEC_RULES_MONITORING_WITH_ERRORS - if: (needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule') && matrix.scenario == 'appsec' - run: ./run.sh APPSEC_RULES_MONITORING_WITH_ERRORS - - - name: Run APPSEC_LOW_WAF_TIMEOUT - if: (needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule') && matrix.scenario == 'appsec' - run: ./run.sh APPSEC_LOW_WAF_TIMEOUT - - - name: Run APPSEC_CUSTOM_OBFUSCATION - if: (needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule') && matrix.scenario == 'appsec' - run: ./run.sh APPSEC_CUSTOM_OBFUSCATION - - - name: Run APPSEC_RATE_LIMITER - if: (needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule') && matrix.scenario == 'appsec' - run: ./run.sh APPSEC_RATE_LIMITER - - - name: Run APPSEC_RUNTIME_ACTIVATION - if: (needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule') && matrix.scenario == 'appsec-1' - run: ./run.sh APPSEC_RUNTIME_ACTIVATION - - - name: Run APPSEC_WAF_TELEMETRY - if: (needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule') && matrix.scenario == 'appsec-1' - run: ./run.sh APPSEC_WAF_TELEMETRY - - - name: Run APPSEC_DISABLED - if: (needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule') && matrix.scenario == 'appsec-1' - run: ./run.sh APPSEC_DISABLED - - - name: Run APPSEC_BLOCKING - if: (needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule') && matrix.scenario == 'appsec-1' - run: ./run.sh APPSEC_BLOCKING - - - name: Run APPSEC_BLOCKING_FULL_DENYLIST - if: (needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule') && matrix.scenario == 'appsec-1' - run: ./run.sh APPSEC_BLOCKING_FULL_DENYLIST - - - name: Run APPSEC_REQUEST_BLOCKING - if: (needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule') && matrix.scenario == 'appsec-1' - run: ./run.sh APPSEC_REQUEST_BLOCKING - - - name: Run APPSEC_RASP - if: (needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule') && matrix.scenario == 'appsec-1' - run: ./run.sh APPSEC_RASP - - # The compress step speed up a lot the upload artifact process - - name: Compress artifact - if: needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule' - id: compress-artifact - run: tar -czvf artifact.tar.gz $(ls | grep logs) - - - name: Upload artifact - uses: actions/upload-artifact@v4 - if: steps.compress-artifact.outcome == 'success' || github.event_name == 'schedule' - with: - name: logs_${{ matrix.weblog-variant }}_${{ matrix.scenario }} - path: artifact.tar.gz - - - parametric: - runs-on: ubuntu-latest - needs: needs-run - env: - TEST_LIBRARY: python - steps: - - name: Checkout system tests - if: needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule' - uses: actions/checkout@v4 - with: - repository: 'DataDog/system-tests' - - name: Checkout dd-trace-py - if: needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule' - uses: actions/checkout@v4 - with: - path: 'binaries/dd-trace-py' - fetch-depth: 0 - ref: ${{ github.event.pull_request.head.sha || github.sha }} - - uses: actions/setup-python@v5 - if: needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule' - with: - python-version: '3.12' - - - name: Build - if: needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule' - run: ./build.sh -i runner - - - name: Run - if: needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule' - run: ./run.sh PARAMETRIC - - - name: Compress artifact - if: needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule' - run: tar -czvf artifact.tar.gz $(ls | grep logs) - - - name: Upload artifact - uses: actions/upload-artifact@v4 - if: needs.needs-run.outputs.outcome == 'success' || github.event_name == 'schedule' - with: - name: logs_parametric - path: artifact.tar.gz - diff --git a/.github/workflows/test_frameworks.yml b/.github/workflows/test_frameworks.yml deleted file mode 100644 index fc7f0e30b5a..00000000000 --- a/.github/workflows/test_frameworks.yml +++ /dev/null @@ -1,995 +0,0 @@ -name: Framework tests - -on: - push: - branches: - - main - pull_request: - -concurrency: - group: ${{ github.workflow }}-${{ github.ref }} - cancel-in-progress: true - -jobs: - needs-run: - runs-on: ubuntu-latest - outputs: - outcome: ${{ steps.run_needed.outcome }} - steps: - - uses: actions/checkout@v4 - - id: run_needed - name: Check if run is needed - run: | - git fetch origin ${{ github.event.pull_request.base.sha }} - export PATHS=$(git diff --name-only HEAD ${{ github.event.pull_request.base.sha }}) - python -c "import os,sys,fnmatch;sys.exit(not bool([_ for pattern in {'ddtrace/*', 'setup*', 'pyproject.toml', '.github/workflows/test_frameworks.yml', 'tests/debugging/exploration/*'} for _ in fnmatch.filter(os.environ['PATHS'].splitlines(), pattern)]))" - continue-on-error: true - - bottle-testsuite-0_12_19: - strategy: - matrix: - include: - - suffix: Profiling - profiling: 1 - iast: 0 - appsec: 0 - - suffix: IAST - profiling: 0 - iast: 1 - appsec: 0 - - suffix: APPSEC - profiling: 0 - iast: 0 - appsec: 1 - - suffix: Tracer only - profiling: 0 - iast: 0 - appsec: 0 - name: Bottle 0.12.19 (with ${{ matrix.suffix }}) - runs-on: ubuntu-latest - needs: needs-run - env: - DD_PROFILING_ENABLED: ${{ matrix.profiling }} - DD_IAST_ENABLED: ${{ matrix.iast }} - DD_APPSEC_ENABLED: ${{ matrix.appsec }} - DD_TESTING_RAISE: true - CMAKE_BUILD_PARALLEL_LEVEL: 12 - DD_DEBUGGER_EXPL_OUTPUT_FILE: debugger-expl.txt - - defaults: - run: - working-directory: bottle - steps: - - uses: actions/setup-python@v5 - if: needs.needs-run.outputs.outcome == 'success' - with: - python-version: '3.9' - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - path: ddtrace - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - repository: bottlepy/bottle - ref: master - path: bottle - - name: Install Dependencies - if: needs.needs-run.outputs.outcome == 'success' - run: sudo apt-get install -y libev-dev - - name: Test dependencies (Server back-ends and template engines) - if: needs.needs-run.outputs.outcome == 'success' - # Taken from install script inside of .github/workflows of test suite (https://github.com/bottlepy/bottle/blob/master/.github/workflows/run_tests.yml) - run: | - pip install -U pip pytest==8.0.2 coverage==7.5.3 - pip install mako jinja2 - for name in waitress "cherrypy<9" cheroot paste tornado twisted diesel meinheld\ - gunicorn eventlet flup bjoern gevent aiohttp-wsgi uvloop; do - pip install $name || echo "Failed to install $name with $(python -V 2>&1)" 1>&2 - done - - name: Inject ddtrace - if: needs.needs-run.outputs.outcome == 'success' - run: pip install ../ddtrace - # Allows tests to continue through deprecation warnings for jinja2 and mako - - name: Run tests - if: needs.needs-run.outputs.outcome == 'success' - # Disable all test_simple tests because they check for - # log output and it contains phony error messages. - run: PYTHONPATH=../ddtrace/tests/debugging/exploration/ ddtrace-run pytest test --continue-on-collection-errors -v -k 'not test_simple' - - name: Debugger exploration result - if: needs.needs-run.outputs.outcome == 'success' - run: cat debugger-expl.txt - - sanic-testsuite-24_6: - strategy: - matrix: - include: - # TODO: profiling fails with a timeout error - #- suffix: Profiling - # profiling: 1 - # iast: 0 - # appsec: 0 - - suffix: IAST - profiling: 0 - iast: 1 - appsec: 0 - - suffix: APPSEC - profiling: 0 - iast: 0 - appsec: 1 - - suffix: Tracer only - profiling: 0 - iast: 0 - appsec: 0 - name: Sanic 24.6 (with ${{ matrix.suffix }}) - runs-on: ubuntu-20.04 - needs: needs-run - env: - DD_PROFILING_ENABLED: ${{ matrix.profiling }} - DD_IAST_ENABLED: ${{ matrix.iast }} - DD_APPSEC_ENABLED: ${{ matrix.appsec }} - DD_TESTING_RAISE: true - CMAKE_BUILD_PARALLEL_LEVEL: 12 - DD_DEBUGGER_EXPL_OUTPUT_FILE: debugger-expl.txt - defaults: - run: - working-directory: sanic - steps: - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - path: ddtrace - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - repository: sanic-org/sanic - ref: v24.6.0 - path: sanic - - uses: actions/setup-python@v5 - if: needs.needs-run.outputs.outcome == 'success' - with: - python-version: "3.11" - - name: Install sanic and dependencies required to run tests - if: needs.needs-run.outputs.outcome == 'success' - run: pip3 install '.[test]' aioquic - - name: Install ddtrace - if: needs.needs-run.outputs.outcome == 'success' - run: pip3 install ../ddtrace - - name: Run tests - if: needs.needs-run.outputs.outcome == 'success' - run: ddtrace-run pytest -k "not test_no_exceptions_when_cancel_pending_request and not test_add_signal and not test_ode_removes and not test_skip_touchup and not test_dispatch_signal_triggers and not test_keep_alive_connection_context and not test_redirect_with_params and not test_keep_alive_client_timeout and not test_logger_vhosts and not test_ssl_in_multiprocess_mode" - - django-testsuite-3_1: - strategy: - matrix: - include: - - suffix: DI profiler - expl_profiler: 1 - expl_coverage: 0 - profiling: 1 - iast: 0 - appsec: 0 - - suffix: DI coverage - expl_profiler: 0 - expl_coverage: 1 - profiling: 1 - iast: 0 - appsec: 0 - # Disabled while the bug is investigated: APPSEC-53222 - # - suffix: IAST - # expl_profiler: 0 - # expl_coverage: 0 - # profiling: 0 - # iast: 1 - # appsec: 0 - - suffix: APPSEC - expl_profiler: 0 - expl_coverage: 0 - profiling: 0 - iast: 0 - appsec: 1 - - suffix: Tracer only - expl_profiler: 0 - expl_coverage: 0 - profiling: 0 - iast: 0 - appsec: 0 - runs-on: ubuntu-latest - needs: needs-run - timeout-minutes: 15 - name: Django 3.1 (with ${{ matrix.suffix }}) - env: - DD_PROFILING_ENABLED: ${{ matrix.profiling }} - DD_IAST_ENABLED: ${{ matrix.iast }} - DD_APPSEC_ENABLED: ${{ matrix.appsec }} - DD_APPSEC_AUTOMATED_USER_EVENTS_TRACKING: disabled # To avoid a couple failures due to the extra query - DD_APPSEC_AUTOMATED_USER_EVENTS_TRACKING_ENABLED: false # To avoid a couple failures due to the extra query - DD_TESTING_RAISE: true - DD_DEBUGGER_EXPL_ENCODE: 0 # Disabled to speed up - DD_DEBUGGER_EXPL_PROFILER_ENABLED: ${{ matrix.expl_profiler }} - DD_DEBUGGER_EXPL_PROFILER_DELETE_FUNCTION_PROBES: 1 # Delete to speed up - DD_DEBUGGER_EXPL_COVERAGE_ENABLED: ${{ matrix.expl_coverage }} - DD_DEBUGGER_EXPL_COVERAGE_DELETE_LINE_PROBES: 1 # Delete to speed up - DD_DEBUGGER_EXPL_CONSERVATIVE: 1 - DD_DEBUGGER_EXPL_OUTPUT_FILE: debugger-expl.txt - PYTHONPATH: ../ddtrace/tests/debugging/exploration/:. - CMAKE_BUILD_PARALLEL_LEVEL: 12 - defaults: - run: - working-directory: django - steps: - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - path: ddtrace - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - repository: django/django - ref: stable/3.1.x - path: django - - uses: actions/setup-python@v5 - if: needs.needs-run.outputs.outcome == 'success' - with: - python-version: "3.8" - - name: Install pylibmc libmemcached package - if: needs.needs-run.outputs.outcome == 'success' - # Django-specific: pylibmc in Ubuntu requires libmemcached package - run: | - sudo apt update -qq - sudo apt install --no-install-recommends -qqyf libmemcached-dev zlib1g - - name: Install dependencies - if: needs.needs-run.outputs.outcome == 'success' - # Django-specific: separate dependencies for tests - run: pip install -r tests/requirements/py3.txt - - name: Install ddtrace - if: needs.needs-run.outputs.outcome == 'success' - run: | - pip install envier Cython cmake - pip install ../ddtrace - - name: Install django - if: needs.needs-run.outputs.outcome == 'success' - run: pip install -e . - - name: Disable unsupported tests - if: needs.needs-run.outputs.outcome == 'success' - run: | - # Note: test_supports_json_field_operational_error will fail with the tracer - # DEV: Insert @skipUnless before the test definition - # DEV: We need to escape the space indenting - sed -i'' '/def test_supports_json_field_operational_error/i \ \ \ \ @skipUnless(False, "test not supported by dd-trace-py")' tests/backends/sqlite/test_features.py - sed -i'' 's/if not filename.startswith(os.path.dirname(django.__file__))/if False/' django/conf/__init__.py - sed -i'' 's/test_paginating_unordered_queryset_raises_warning/paginating_unordered_queryset_raises_warning/' tests/pagination/tests.py - sed -i'' 's/test_access_warning/access_warning/' tests/auth_tests/test_password_reset_timeout_days.py - sed -i'' 's/test_get_or_set_version/get_or_set_version/' tests/cache/tests.py - sed -i'' 's/test_avoid_infinite_loop_on_too_many_subqueries/avoid_infinite_loop_on_too_many_subqueries/' tests/queries/tests.py - sed -i'' 's/test_multivalue_dict_key_error/multivalue_dict_key_error/' tests/view_tests/tests/test_debug.py # Sensitive data leak - sed -i'' 's/test_db_table/db_table/' tests/schema/tests.py - sed -i'' 's/test_django_admin_py_equivalent_main/django_admin_py_equivalent_main/' tests/admin_scripts/test_django_admin_py.py - sed -i'' 's/test_custom_fields/custom_fields/' tests/inspectdb/tests.py - - - name: Run tests - if: needs.needs-run.outputs.outcome == 'success' - # django.tests.requests module interferes with requests library patching in the tracer -> disable requests patch - run: DD_PATCH_MODULES=unittest:no DD_TRACE_REQUESTS_ENABLED=0 ddtrace-run tests/runtests.py --parallel 1 - - - name: Debugger exploration results - if: needs.needs-run.outputs.outcome == 'success' - run: cat debugger-expl.txt - - graphene-testsuite-3_0: - strategy: - matrix: - include: - - suffix: Profiling - profiling: 1 - iast: 0 - appsec: 0 - - suffix: IAST - profiling: 0 - iast: 1 - appsec: 0 - - suffix: APPSEC - profiling: 0 - iast: 0 - appsec: 1 - - suffix: Tracer only - profiling: 0 - iast: 0 - appsec: 0 - name: Graphene 3.0 (with ${{ matrix.suffix }}) - runs-on: ubuntu-latest - needs: needs-run - env: - DD_PROFILING_ENABLED: ${{ matrix.profiling }} - DD_IAST_ENABLED: ${{ matrix.iast }} - DD_APPSEC_ENABLED: ${{ matrix.appsec }} - PYTHONPATH: ../ddtrace/tests/debugging/exploration/:. - DD_DEBUGGER_EXPL_OUTPUT_FILE: debugger-expl.txt - CMAKE_BUILD_PARALLEL_LEVEL: 12 - defaults: - run: - working-directory: graphene - steps: - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - path: ddtrace - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - repository: graphql-python/graphene - # TODO: bump ref to `graphene>3.0.0`. - # Unreleased CI fix: https://github.com/graphql-python/graphene/pull/1412 - ref: 03277a55123fd2f8a8465c5fa671f7fb0d004c26 - path: graphene - - uses: actions/setup-python@v5 - if: needs.needs-run.outputs.outcome == 'success' - with: - python-version: "3.9" - - name: Install graphene - if: needs.needs-run.outputs.outcome == 'success' - run: pip install -e "../graphene[test]" - - name: "Upgrade pytest_asyncio" - if: needs.needs-run.outputs.outcome == 'success' - # pytest_asyncio==0.17 raises `assert type in (None, "pathlist", "args", "linelist", "bool")` - # https://github.com/graphql-python/graphene/blob/03277a55123fd2f8a8465c5fa671f7fb0d004c26/setup.py#L52 - run: pip install "pytest-asyncio>0.17,<2" - - name: Install ddtrace - if: needs.needs-run.outputs.outcome == 'success' - run: pip install ../ddtrace - - name: Run tests - if: needs.needs-run.outputs.outcome == 'success' - run: ddtrace-run pytest graphene - - name: Debugger exploration results - if: needs.needs-run.outputs.outcome == 'success' - run: cat debugger-expl.txt - - fastapi-testsuite-0_92: - strategy: - matrix: - include: - - suffix: Profiling - profiling: 1 - iast: 0 - appsec: 0 - - suffix: IAST - profiling: 0 - iast: 1 - appsec: 0 - - suffix: APPSEC - profiling: 0 - iast: 0 - appsec: 1 - - suffix: Tracer only - profiling: 0 - iast: 0 - appsec: 0 - name: FastAPI 0.92 (with ${{ matrix.suffix }}) - runs-on: ubuntu-latest - needs: needs-run - env: - DD_TESTING_RAISE: true - DD_PROFILING_ENABLED: ${{ matrix.profiling }} - DD_IAST_ENABLED: ${{ matrix.iast }} - DD_APPSEC_ENABLED: ${{ matrix.appsec }} - CMAKE_BUILD_PARALLEL_LEVEL: 12 - DD_DEBUGGER_EXPL_OUTPUT_FILE: debugger-expl.txt - defaults: - run: - working-directory: fastapi - steps: - - uses: actions/setup-python@v5 - if: needs.needs-run.outputs.outcome == 'success' - with: - python-version: '3.9' - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - path: ddtrace - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - repository: tiangolo/fastapi - ref: 0.92.0 - path: fastapi - - uses: actions/cache@v3.3.1 - if: needs.needs-run.outputs.outcome == 'success' - id: cache - with: - path: ${{ env.pythonLocation }} - key: ${{ runner.os }}-python-${{ env.pythonLocation }}-fastapi - - name: Install Dependencies - if: steps.cache.outputs.cache-hit != 'true' && needs.needs-run.outputs.outcome == 'success' - run: pip install -e .[all,dev,doc,test] - - name: Inject ddtrace - if: needs.needs-run.outputs.outcome == 'success' - run: pip install ../ddtrace - - name: Test - if: needs.needs-run.outputs.outcome == 'success' - # https://github.com/tiangolo/fastapi/pull/10876 - run: PYTHONPATH=../ddtrace/tests/debugging/exploration/ ddtrace-run pytest -p no:warnings tests -k 'not test_warn_duplicate_operation_id' - - name: Debugger exploration results - if: needs.needs-run.outputs.outcome == 'success' - run: cat debugger-expl.txt - - flask-testsuite-1_1_4: - strategy: - matrix: - include: - - suffix: Profiling - profiling: 1 - iast: 0 - appsec: 0 - - suffix: IAST - profiling: 0 - iast: 1 - appsec: 0 - - suffix: APPSEC - profiling: 0 - iast: 0 - appsec: 1 - - suffix: Tracer only - profiling: 0 - iast: 0 - appsec: 0 - name: Flask 1.1.4 (with ${{ matrix.suffix }}) - runs-on: ubuntu-latest - needs: needs-run - env: - TOX_TESTENV_PASSENV: DD_TESTING_RAISE DD_PROFILING_ENABLED - DD_TESTING_RAISE: true - DD_PROFILING_ENABLED: ${{ matrix.profiling }} - DD_IAST_ENABLED: ${{ matrix.iast }} - DD_APPSEC_ENABLED: ${{ matrix.appsec }} - PYTHONPATH: ../ddtrace/tests/debugging/exploration/ - DD_DEBUGGER_EXPL_OUTPUT_FILE: debugger-expl.txt - CMAKE_BUILD_PARALLEL_LEVEL: 12 - defaults: - run: - working-directory: flask - steps: - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - path: ddtrace - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - repository: pallets/flask - ref: 1.1.4 - path: flask - - uses: actions/setup-python@v5 - if: needs.needs-run.outputs.outcome == 'success' - with: - python-version: '3.8' - - name: Install tox - if: needs.needs-run.outputs.outcome == 'success' - run: pip install tox - - name: Create tox env - if: needs.needs-run.outputs.outcome == 'success' - run: tox -e py38 --notest - - name: Add pytest configuration for ddtrace - if: needs.needs-run.outputs.outcome == 'success' - run: echo -e "[pytest]\nddtrace-patch-all = 1" > pytest.ini - - name: Run tests - if: needs.needs-run.outputs.outcome == 'success' - # test_exception_propagation is broken upstream - run: | - source .tox/py38/bin/activate - pip install "pytest<8.1" - pip install ../ddtrace - pip install -e . - pip install --upgrade MarkupSafe==2.0.1 - pytest -p no:warnings -k 'not test_exception_propagation and not test_memory_consumption' tests/ - - name: Debugger exploration results - if: needs.needs-run.outputs.outcome == 'success' - run: cat debugger-expl.txt - - httpx-testsuite-0_22_0: - strategy: - matrix: - include: - - suffix: IAST - iast: 1 - appsec: 0 - - suffix: APPSEC - iast: 0 - appsec: 1 - - suffix: Tracer only - iast: 0 - appsec: 0 - name: Httpx 0.22.0 (with ${{ matrix.suffix }}) - runs-on: ubuntu-latest - needs: needs-run - defaults: - run: - working-directory: httpx - steps: - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - path: ddtrace - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - repository: encode/httpx - ref: 0.22.0 - path: httpx - - uses: actions/setup-python@v5 - if: needs.needs-run.outputs.outcome == 'success' - with: - python-version: '3.9' - - name: Install dependencies - if: needs.needs-run.outputs.outcome == 'success' - run: | - pip install pip==24.0 - pip install -r requirements.txt - - name: Inject ddtrace - if: needs.needs-run.outputs.outcome == 'success' - run: pip install ../ddtrace - - name: Add pytest configuration for ddtrace - if: needs.needs-run.outputs.outcome == 'success' - run: echo -e "[pytest]\nddtrace-patch-all = 1" > pytest.ini - - name: Run tests - if: needs.needs-run.outputs.outcome == 'success' - env: - # Disabled distributed tracing since there are a lot of tests that assert on headers - DD_HTTPX_DISTRIBUTED_TRACING: "false" - # Debugger exploration testing does not work in CI - # PYTHONPATH: ../ddtrace/tests/debugging/exploration/ - DD_IAST_ENABLED: ${{ matrix.iast }} - DD_APPSEC_ENABLED: ${{ matrix.appsec }} - # test_pool_timeout raises RuntimeError: The connection pool was closed while 1 HTTP requests/responses were still in-flight - run: pytest -k 'not test_pool_timeout' - - mako-testsuite-1_3_0: - strategy: - matrix: - include: - - suffix: Profiling - profiling: 1 - iast: 0 - appsec: 0 - - suffix: IAST - profiling: 0 - iast: 1 - appsec: 0 - - suffix: APPSEC - profiling: 0 - iast: 0 - appsec: 1 - - suffix: Tracer only - profiling: 0 - iast: 0 - appsec: 0 - name: Mako 1.3.0 (with ${{ matrix.suffix }}) - runs-on: ubuntu-latest - needs: needs-run - env: - TOX_TESTENV_PASSENV: DD_TESTING_RAISE DD_PROFILING_ENABLED - DD_TESTING_RAISE: true - DD_PROFILING_ENABLED: ${{ matrix.profiling }} - DD_IAST_ENABLED: ${{ matrix.iast }} - DD_APPSEC_ENABLED: ${{ matrix.appsec }} - PYTHONPATH: ../ddtrace/tests/debugging/exploration/ - DD_DEBUGGER_EXPL_OUTPUT_FILE: debugger-expl.txt - CMAKE_BUILD_PARALLEL_LEVEL: 12 - defaults: - run: - working-directory: mako - steps: - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - path: ddtrace - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - repository: sqlalchemy/mako - ref: rel_1_3_0 - path: mako - - uses: actions/setup-python@v5 - if: needs.needs-run.outputs.outcome == 'success' - with: - python-version: '3.8' - - name: Install tox - if: needs.needs-run.outputs.outcome == 'success' - run: pip install tox - - name: Pin pygments to avoid breaking test - if: needs.needs-run.outputs.outcome == 'success' - run: sed -i 's/pygments/pygments~=2.11.0/' tox.ini - - name: Create tox env - if: needs.needs-run.outputs.outcome == 'success' - run: tox -e py --notest - - name: Add pytest configuration for ddtrace - if: needs.needs-run.outputs.outcome == 'success' - run: echo -e "[pytest]\nddtrace-patch-all = 1" > pytest.ini - - name: Run tests - if: needs.needs-run.outputs.outcome == 'success' - run: | - source .tox/py/bin/activate - pip install ../ddtrace - pip install -e . - pytest -p no:warnings - - name: Debugger exploration results - if: needs.needs-run.outputs.outcome == 'success' - run: cat debugger-expl.txt - - starlette-testsuite-0_37_1: - strategy: - matrix: - include: - - suffix: Profiling - profiling: 1 - iast: 0 - appsec: 0 - - suffix: IAST - profiling: 0 - iast: 1 - appsec: 0 - - suffix: Tracer only - profiling: 0 - iast: 0 - appsec: 0 - # Disabled while the bug is investigated: APPSEC-53221 - # - suffix: APPSEC - # profiling: 0 - # iast: 0 - # appsec: 1 - name: Starlette 0.37.1 (with ${{ matrix.suffix }}) - runs-on: "ubuntu-latest" - needs: needs-run - env: - DD_TESTING_RAISE: true - DD_PROFILING_ENABLED: ${{ matrix.profiling }} - DD_IAST_ENABLED: ${{ matrix.iast }} - DD_APPSEC_ENABLED: ${{ matrix.appsec }} - PYTHONPATH: ../ddtrace/tests/debugging/exploration/ - DD_DEBUGGER_EXPL_OUTPUT_FILE: debugger-expl.txt - CMAKE_BUILD_PARALLEL_LEVEL: 12 - defaults: - run: - working-directory: starlette - steps: - - uses: actions/setup-python@v5 - if: needs.needs-run.outputs.outcome == 'success' - with: - python-version: '3.9' - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - path: ddtrace - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - repository: encode/starlette - ref: 0.37.1 - path: starlette - - name: Install ddtrace - if: needs.needs-run.outputs.outcome == 'success' - run: | - pip install envier Cython cmake - pip install ../ddtrace - - name: Install dependencies - if: needs.needs-run.outputs.outcome == 'success' - run: pip install -r requirements.txt - #Parameters for keyword expression skip 3 failing tests that are expected due to asserting on headers. The errors are because our context propagation headers are being added - #test_staticfiles_with_invalid_dir_permissions_returns_401 fails with and without ddtrace enabled - - name: Run tests - if: needs.needs-run.outputs.outcome == 'success' - run: pytest -W ignore --ddtrace-patch-all tests -k 'not test_request_headers and not test_subdomain_route and not test_websocket_headers and not test_staticfiles_with_invalid_dir_permissions_returns_401 and not test_contextvars[asyncio-CustomMiddlewareUsingBaseHTTPMiddleware]' - - name: Debugger exploration results - if: needs.needs-run.outputs.outcome == 'success' - run: cat debugger-expl.txt - - requests-testsuite-2_26_0: - strategy: - matrix: - include: - - suffix: Profiling - profiling: 1 - iast: 0 - appsec: 0 - - suffix: IAST - profiling: 0 - iast: 1 - appsec: 0 - - suffix: APPSEC - profiling: 0 - iast: 0 - appsec: 1 - - suffix: Tracer only - profiling: 0 - iast: 0 - appsec: 0 - name: Requests 2.26.0 (with ${{ matrix.suffix }}) - runs-on: "ubuntu-latest" - needs: needs-run - env: - DD_TESTING_RAISE: true - DD_PROFILING_ENABLED: ${{ matrix.profiling }} - DD_IAST_ENABLED: ${{ matrix.iast }} - DD_APPSEC_ENABLED: ${{ matrix.appsec }} - CMAKE_BUILD_PARALLEL_LEVEL: 12 - DD_DEBUGGER_EXPL_OUTPUT_FILE: debugger-expl.txt - defaults: - run: - working-directory: requests - steps: - - uses: actions/setup-python@v5 - if: needs.needs-run.outputs.outcome == 'success' - with: - python-version: '3.9' - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - path: ddtrace - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - repository: psf/requests - ref: v2.26.0 - path: requests - - name: Install ddtrace - if: needs.needs-run.outputs.outcome == 'success' - run: pip install ../ddtrace - - name: Install dependencies - if: needs.needs-run.outputs.outcome == 'success' - run: "make init" - - name: MarkupSafe fix - if: needs.needs-run.outputs.outcome == 'success' - run: pip install --upgrade MarkupSafe==2.0.1 - - name: Pytest fix - if: needs.needs-run.outputs.outcome == 'success' - run: pip install --upgrade pytest==5.4.3 - - name: Run tests - if: needs.needs-run.outputs.outcome == 'success' - run: PYTHONPATH=../ddtrace/tests/debugging/exploration/ ddtrace-run pytest -p no:warnings tests - - name: Debugger exploration results - if: needs.needs-run.outputs.outcome == 'success' - run: cat debugger-expl.txt - - asyncpg-testsuite-0_27_0: - # https://github.com/MagicStack/asyncpg/blob/v0.25.0/.github/workflows/tests.yml#L125 - strategy: - matrix: - include: - - suffix: Profiling - profiling: 1 - iast: 0 - appsec: 0 - - suffix: IAST - profiling: 0 - iast: 1 - appsec: 0 - - suffix: APPSEC - profiling: 0 - iast: 0 - appsec: 1 - - suffix: Tracer only - profiling: 0 - iast: 0 - appsec: 0 - name: AsyncPG 0.27.0 (with ${{ matrix.suffix }}) - runs-on: "ubuntu-latest" - needs: needs-run - env: - DD_TESTING_RAISE: true - DD_PROFILING_ENABLED: ${{ matrix.profiling }} - DD_IAST_ENABLED: ${{ matrix.iast }} - DD_APPSEC_ENABLED: ${{ matrix.appsec }} - CMAKE_BUILD_PARALLEL_LEVEL: 12 - defaults: - run: - working-directory: asyncpg - steps: - - uses: actions/setup-python@v5 - if: needs.needs-run.outputs.outcome == 'success' - with: - python-version: '3.9' - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - path: ddtrace - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - repository: magicstack/asyncpg - ref: v0.27.0 - path: asyncpg - fetch-depth: 50 - submodules: true - - name: Install ddtrace - if: needs.needs-run.outputs.outcome == 'success' - run: pip install ../ddtrace - - name: Install dependencies - if: needs.needs-run.outputs.outcome == 'success' - run: | - python -m pip install -U pip setuptools wheel pytest - python -m pip install -e .[test] - - name: Run tests - if: needs.needs-run.outputs.outcome == 'success' - # Disable tests checking GC references since profiling can interfere - run: ddtrace-run python -m pytest -k 'not test_record_gc and not test_record_get and not test_record_items and not test_record_iter' tests - - gunicorn-testsuite-20_1_0: - strategy: - matrix: - include: - - suffix: IAST - iast: 1 - appsec: 0 - - suffix: APPSEC - iast: 0 - appsec: 1 - - suffix: Tracer only - iast: 0 - appsec: 0 - name: gunicorn 20.1.0 (with ${{ matrix.suffix }}) - runs-on: "ubuntu-latest" - needs: needs-run - env: - DD_TESTING_RAISE: true - DD_IAST_ENABLED: ${{ matrix.iast }} - DD_APPSEC_ENABLED: ${{ matrix.appsec }} - # PYTHONPATH: ../ddtrace/tests/debugging/exploration/ - CMAKE_BUILD_PARALLEL_LEVEL: 12 - defaults: - run: - working-directory: gunicorn - steps: - - uses: actions/setup-python@v5 - if: needs.needs-run.outputs.outcome == 'success' - with: - python-version: '3.9' - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - path: ddtrace - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - repository: benoitc/gunicorn - ref: 20.1.0 - path: gunicorn - - name: Run tests - if: needs.needs-run.outputs.outcome == 'success' - run: | - . ../ddtrace/.github/workflows/setup-tox.sh py39 - - pip install -e . - pytest -p no:warnings -k "not test_import" tests/ - - uwsgi-testsuite-2_0_21: - strategy: - matrix: - include: - - suffix: Profiling - profiling: 1 - iast: 0 - appsec: 0 - - suffix: IAST - profiling: 0 - iast: 1 - appsec: 0 - - suffix: APPSEC - profiling: 0 - iast: 0 - appsec: 1 - - suffix: Tracer only - profiling: 0 - iast: 0 - appsec: 0 - name: uwsgi 2.0.21 (with ${{ matrix.suffix }}) - runs-on: "ubuntu-latest" - needs: needs-run - env: - DD_TESTING_RAISE: true - DD_PROFILING_ENABLED: ${{ matrix.profiling }} - DD_IAST_ENABLED: ${{ matrix.iast }} - DD_APPSEC_ENABLED: ${{ matrix.appsec }} - PYTHONPATH: ../ddtrace/tests/debugging/exploration/ - DD_DEBUGGER_EXPL_OUTPUT_FILE: debugger-expl.txt - CMAKE_BUILD_PARALLEL_LEVEL: 12 - defaults: - run: - working-directory: uwsgi - steps: - - uses: actions/setup-python@v5 - if: needs.needs-run.outputs.outcome == 'success' - with: - python-version: '3.9' - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - path: ddtrace - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - repository: unbit/uwsgi - ref: 2.0.21 - path: uwsgi - - name: Install dependencies - if: needs.needs-run.outputs.outcome == 'success' - run: | - sudo apt update -qq - sudo apt install --no-install-recommends -qqyf python3-dev \ - libpcre3-dev libjansson-dev libcap2-dev \ - curl check - - name: Install distutils - if: needs.needs-run.outputs.outcome == 'success' - run: sudo apt install --no-install-recommends -qqyf python3-distutils - - name: Install ddtrace - if: needs.needs-run.outputs.outcome == 'success' - run: pip install ../ddtrace - - name: Build uwsgi binary - if: needs.needs-run.outputs.outcome == 'success' - run: make - - name: Build Python plugin - if: needs.needs-run.outputs.outcome == 'success' - run: | - python -V - python uwsgiconfig.py --plugin plugins/python base python39 - - name: Run Python tests - if: needs.needs-run.outputs.outcome == 'success' - run: ddtrace-run ./tests/gh-python.sh python39 - - name: Run deadlock tests - if: needs.needs-run.outputs.outcome == 'success' - run: ddtrace-run ./tests/gh-deadlocks.sh python39 - - name: Debugger exploration results - if: needs.needs-run.outputs.outcome == 'success' - run: cat debugger-expl.txt - - beautifulsoup-testsuite-4_12_3: - strategy: - matrix: - include: - # TODO: profiling is disabled due to a bug in the profiler paths - # - suffix: Profiling - # profiling: 1 - # iast: 0 - # appsec: 0 - - suffix: IAST - profiling: 0 - iast: 1 - appsec: 0 - - suffix: APPSEC - profiling: 0 - iast: 0 - appsec: 1 - - suffix: Tracer only - profiling: 0 - iast: 0 - appsec: 0 - name: Beautifulsoup 4.12.3 (with ${{ matrix.suffix }}) - runs-on: "ubuntu-latest" - needs: needs-run - env: - DD_TESTING_RAISE: true - DD_PROFILING_ENABLED: ${{ matrix.profiling }} - DD_IAST_ENABLED: ${{ matrix.iast }} - DD_APPSEC_ENABLED: ${{ matrix.appsec }} - CMAKE_BUILD_PARALLEL_LEVEL: 12 - DD_DEBUGGER_EXPL_OUTPUT_FILE: debugger-expl.txt - steps: - - uses: actions/setup-python@v5 - if: needs.needs-run.outputs.outcome == 'success' - with: - python-version: '3.9' - - uses: actions/checkout@v4 - if: needs.needs-run.outputs.outcome == 'success' - with: - path: ddtrace - - name: Checkout beautifulsoup - if: needs.needs-run.outputs.outcome == 'success' - run: | - git clone -b 4.12.3 https://git.launchpad.net/beautifulsoup - - name: Install ddtrace - if: needs.needs-run.outputs.outcome == 'success' - run: pip install ddtrace - - name: Pytest fix - if: needs.needs-run.outputs.outcome == 'success' - run: pip install pytest==8.2.1 - - name: Run tests - if: needs.needs-run.outputs.outcome == 'success' - run: cd beautifulsoup && ddtrace-run pytest diff --git a/.github/workflows/testrunner.yml b/.github/workflows/testrunner.yml deleted file mode 100644 index 80b5dbbadb6..00000000000 --- a/.github/workflows/testrunner.yml +++ /dev/null @@ -1,19 +0,0 @@ -name: Testrunner - -on: - push: - branches: - - 'main' - paths: - - 'docker/**' - -jobs: - build-and-publish: - uses: ./.github/workflows/build-and-publish-image.yml - with: - tags: 'ghcr.io/datadog/dd-trace-py/testrunner:${{ github.sha }},ghcr.io/datadog/dd-trace-py/testrunner:latest' - platforms: 'linux/amd64,linux/arm64/v8' - build-args: '' - context: ./docker - secrets: - token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/unit_tests.yml b/.github/workflows/unit_tests.yml deleted file mode 100644 index c0a6986ee42..00000000000 --- a/.github/workflows/unit_tests.yml +++ /dev/null @@ -1,44 +0,0 @@ -name: UnitTests - -on: - push: - branches: - - main - pull_request: - workflow_dispatch: {} - -jobs: - unit-tests: - runs-on: ${{ matrix.os }} - strategy: - fail-fast: false - matrix: - include: - - os: ubuntu-latest - archs: x86_64 i686 - #- os: arm-4core-linux - # archs: aarch64 - - os: windows-latest - archs: AMD64 x86 - - os: macos-latest - archs: arm64 - steps: - - uses: actions/checkout@v4 - # Include all history and tags - with: - fetch-depth: 0 - - - uses: actions/setup-python@v5 - name: Install Python - with: - python-version: '3.12' - - - uses: actions-rust-lang/setup-rust-toolchain@v1 - - name: Install latest stable toolchain and rustfmt - run: rustup update stable && rustup default stable && rustup component add rustfmt clippy - - - name: Install hatch - run: pip install hatch - - - name: Run tests - run: hatch run ddtrace_unit_tests:test diff --git a/.github/workflows/upstream-issues.yml b/.github/workflows/upstream-issues.yml deleted file mode 100644 index 1ea1f31264f..00000000000 --- a/.github/workflows/upstream-issues.yml +++ /dev/null @@ -1,14 +0,0 @@ -name: Upstream issue notifier -on: - schedule: - # run at 8am EST every day - - cron: "0 13 * * *" -jobs: - upstream-issues: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - uses: Kyle-Verhoog/upstream-issue-notifier@v0.1.3 - env: - GITHUB_TOKEN: ${{ github.token }} - IGNORE_DIRS: ddtrace/vendor diff --git a/ddtrace/appsec/_iast/_ast/ast_patching.py b/ddtrace/appsec/_iast/_ast/ast_patching.py index 22d8b345938..fcd02f522f7 100644 --- a/ddtrace/appsec/_iast/_ast/ast_patching.py +++ b/ddtrace/appsec/_iast/_ast/ast_patching.py @@ -19,7 +19,7 @@ _VISITOR = AstVisitor() - +# JJJ retry # Prefixes for modules where IAST patching is allowed IAST_ALLOWLIST: Tuple[Text, ...] = ("tests.appsec.iast",)