allow NewRelicQueryName to be specified for SQL, with unit tests #799
Conversation
|
|
|
Hi, @kevinpohlmeier! Thank you for submitting this PR, and for including unit tests. We should be able to review this before the end of the week. |
nr-ahemsath
added
community
|
@kevinpohlmeier Just to follow up - I have been reviewing this PR as time as allowed since last week; I've been experimenting with a few different tests and everything looks fine. We have a team design review meeting tomorrow where I plan to demo how your feature works to the rest of the team, and we should have a decision on whether or not to merge this PR after that. Thanks for your patience. |
|
Hello, @kevinpohlmeier: the conclusion from our design review meeting is that we do like this feature and want to get it integrated into our agent. There are a few things to take care of first:
You can take care of items 1 and 2, and 3 and 4 are on our plate. Thanks again! |
|
Will do, thanks! |
|
OK, I think I've taken care of those 2 items. Let me know if you need anything else. |
nr-ahemsath
changed the title
|
@kevinpohlmeier Hi, just wanted to let you know we haven't forgotten about this. Most people were out for the holiday last week. We're still doing our internal review process. I'll try to provide a more significant update soon. Thanks for your patience. |
|
Hello @kevinpohlmeier, part of our review process involved running this new feature past our security team. They're fine with the feature, but they would like to see the string pulled out for the query name run through an HTML encoding method for safety: https://docs.microsoft.com/en-us/dotnet/api/system.web.httputility.htmlencode?view=netframework-4.5 Would you be able to make this additional change, and maybe add another unit test or two to verify that behavior? |
|
@nr-ahemsath I actually did consider adding this originally, but I see the same potential issue from the existing code extracting a table name from the SQL text. In my opinion, it would be better to set the model raw within the SqlParser and handle the encoding when saving to the Metric table. That would be outside the scope of a change like I am proposing, where I am just extracting a different piece of the SQL text as the name instead of using the table name. If I add encoding within the SQLParser now and encoding is also added to a more centralized location later, it will end up being double-encoded and will not display correctly. I'm not familiar enough with the whole NewRelic codebase to know where the most appropriate place is for a centralized encoding. Possibly the DatastoreSegmentData constructor, or possibly even somewhere that is not SQL-specific? I would really prefer to leave that up to the NewRelic security team as a separate work item. For example, this SQL is valid and poses the same potential security issue when extracting a table name as the Model. |
|
@kevinpohlmeier Yeah...pretty much as soon as I hit save on my previous comment, I thought "wait a minute...shouldn't we already be doing this in some central place for ALL strings that come from external sources?" And since I don't have our entire codebase memorized, I wouldn't be surprised if we already do. I'll dig into it soon. |
|
This PR has been marked stale after 30 days with no activity. It will be closed in 5 days if there is no activity. |
|
@nr-ahemsath I saw the notice about this becoming stale, and wanted to make sure it wasn't forgotten. Since the security team's concern should be addressed in a more centralized manner, can this change be merged in without that change? Or will it have to wait until the centralized security concerns are addressed? |
|
@kevinpohlmeier, Thanks for noticing the stale label by the bot. I have removed the label. @nr-ahemsath will discuss with the team on next steps and we hope to close this soon. |
|
@kevinpohlmeier Sorry for the delay in getting this over the finish line. After further investigation and testing, we've concluded that no further changes are necessary on your PR re: the HTML encoding issue. I'm ready to approve and merge this PR. If you could update your fork from our repo to pick up the latest changes and fix the conflict in the CHANGELOG, I can do final testing and approve. |
|
@nr-ahemsath My fork is updated, please continue |
|
Thanks again for your contribution and your patience, @kevinpohlmeier. 👍 |
* Updating linux package build and test assets to use net6.0. work in progress * Make sure that we're installing the correct architecture agent - this is working now * Update smoke test to net6.0 * Remove stray file that got checked in, and update gitignore * Updating DebugDockerfile to ubuntu-20.04, newer clang/llvm and .net 6.0 * fix correctly report whether SSC is enabled. (#866) * work in progress * Fix path for signing keys (#867) * Update Changelog (#868) * Update Changelog * add release date. * allow NewRelicQueryName to be specified for SQL, with unit tests (#799) * allow NewRelicSegmentName to be specified for SQL, with unit tests * Add Changelog message * change NewRelicSegmentName to NewRelicQueryName * build container builds and profiler builds * Working (?) DebugDockerfile * build on ubuntu 18.04 with llvm 7 and coreclr 3.1 * CHANGELOG updates (#873) * Remove unused Linux profiler test containers/scripts/code * Fix issue where GC metrics were not being captured for .NET6 (#874) * Fix issue with GUID of dotnet event source changing for .net core applications in .NET 6 * Update integration tests to check the GC gen0 metric.. not happy with the amount of delay this adds, but this is what is working * Update integration tests to not add 1 hundred million seconds to all the performance tests * Context, context, context * Update changelog * Only run new assertion if this test case expects there to be GC metrics * Refactor (to avoid repetition) and add core 3.1 test case * 2.2->2.1; remove 2.2 console test app build * Re-enable .net core 2.2 ConsoleMF base class due to unbounded integration test usage Co-authored-by: Alex Hemsath <ahemsath@newrelic.com> Co-authored-by: Vu Tran <56414817+vuqtran88@users.noreply.github.com> Co-authored-by: kevinpohlmeier <kevinp@dpath.com> Co-authored-by: Josh Coleman <83677148+JcolemanNR@users.noreply.github.com> Co-authored-by: Basil Abusamrah <tehbio@gmail.com>
* Added CoreCLR flag. * Automatically detect CLR type. (#870) * Better naming. * Add logic to detect CoreCLR during the profiler Initialization. * combine ShouldInstrument methods. * Move _systemCalls initialization to beginning of the Initialize(). Manually set the New Relic home and install path env variables after detecting the clr type. * fix build failure in Linux. * Refactored SystemCalls. Co-authored-by: Basil Abusamrah <tehbio@gmail.com> * One CorProfilerCallbackImpl for NetCore and Framework (#876) * Better naming. * Add logic to detect CoreCLR during the profiler Initialization. * combine ShouldInstrument methods. * Move _systemCalls initialization to beginning of the Initialize(). Manually set the New Relic home and install path env variables after detecting the clr type. * Merges ModuleLoadFinished() implementation. * combines different implementation of ConfigureEventMask(), OverrideEventMask() and GetRuntimeExtensionsDirectoryName() into ones. * removes CoreCLRCorProfilerCallbackImpl.h and FrameworkCorProfilerCallbackImpl.h * fix build failure in Linux. * disable code that uses _moduleInjector in Linux environment. * fix a mistake from merging. * removes unnecessary include. removes unnecessary _systemCalls initialization. refactoring. * Refresh profiler build Dockerfiles (#877) * Updating linux package build and test assets to use net6.0. work in progress * Make sure that we're installing the correct architecture agent - this is working now * Update smoke test to net6.0 * Remove stray file that got checked in, and update gitignore * Updating DebugDockerfile to ubuntu-20.04, newer clang/llvm and .net 6.0 * fix correctly report whether SSC is enabled. (#866) * work in progress * Fix path for signing keys (#867) * Update Changelog (#868) * Update Changelog * add release date. * allow NewRelicQueryName to be specified for SQL, with unit tests (#799) * allow NewRelicSegmentName to be specified for SQL, with unit tests * Add Changelog message * change NewRelicSegmentName to NewRelicQueryName * build container builds and profiler builds * Working (?) DebugDockerfile * build on ubuntu 18.04 with llvm 7 and coreclr 3.1 * CHANGELOG updates (#873) * Remove unused Linux profiler test containers/scripts/code * Fix issue where GC metrics were not being captured for .NET6 (#874) * Fix issue with GUID of dotnet event source changing for .net core applications in .NET 6 * Update integration tests to check the GC gen0 metric.. not happy with the amount of delay this adds, but this is what is working * Update integration tests to not add 1 hundred million seconds to all the performance tests * Context, context, context * Update changelog * Only run new assertion if this test case expects there to be GC metrics * Refactor (to avoid repetition) and add core 3.1 test case * 2.2->2.1; remove 2.2 console test app build * Re-enable .net core 2.2 ConsoleMF base class due to unbounded integration test usage Co-authored-by: Alex Hemsath <ahemsath@newrelic.com> Co-authored-by: Vu Tran <56414817+vuqtran88@users.noreply.github.com> Co-authored-by: kevinpohlmeier <kevinp@dpath.com> Co-authored-by: Josh Coleman <83677148+JcolemanNR@users.noreply.github.com> Co-authored-by: Basil Abusamrah <tehbio@gmail.com> * refactoring ShouldInstrument method. (#881) * Remove unnecessary GUID check (#882) * Removed now unnecessary guid check. * Refactor to reduce code duplication. * Added new guid configuration integration test. * Minor documentation update. * Fixt indent. * Included new integration tests in CI, and re-alphabetized them. * Removed unused constants. * More clarity to readme. * Better test comments. * Added new pre-build dev binaries. Co-authored-by: Vu Tran <56414817+vuqtran88@users.noreply.github.com> Co-authored-by: Alex Hemsath <57361211+nr-ahemsath@users.noreply.github.com> Co-authored-by: kevinpohlmeier <kevinp@dpath.com> Co-authored-by: Josh Coleman <83677148+JcolemanNR@users.noreply.github.com>
Description
This discussion suggested that it should be possible to name SQL queries. This is helpful if there are multiple queries that touch the same table, or if queries are only listed as "MSSQL (subquery)".
The feature was not added to the roadmap, but it would really help me. I tested this by adding unit tests, and by deploying the dlls to my local NewRelic instance and verifying that they display properly in the UI. Doing that actually revealed a bug in my original code when my segment contained a slash character.
My proposed changes do not remove any of the text that the code originally calculated. It should work exactly the same as before, unless the SQL text contains a comment of the form
/* NewRelicSegmentName: myNewRelicSegmentName */. If that is done, it will add thatmyNewRelicSegmentNameto the name in brackets.In my particular case, I am using Entity Framework to generate my SQL text. I am intercepting the SQL commands as explained here and adding comments at the top of each query.
Author Checklist
Reviewer Checklist