Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[tracing] Separate span creation from header propagation #5285

Closed
7 of 9 tasks
lobsterkatie opened this issue Jun 20, 2022 · 12 comments
Closed
7 of 9 tasks

[tracing] Separate span creation from header propagation #5285

lobsterkatie opened this issue Jun 20, 2022 · 12 comments
Assignees
@timfish
Labels
Type: Improvement
Milestone
8.0.0

Comments

@lobsterkatie
Copy link
Member

lobsterkatie commented Jun 20, 2022
edited by AbhiPrasad

Note: This description has been rewritten to reflect changes since it was first created. The original version is included below for context.

Background:

Faced with an outgoing HTTP request, our SDKs have to make two decisions when tracing is enabled:

  • Should a span be created to track this request? and
  • Should sentry-trace and baggage headers be added to it?

Right now, we have three different options which affect the answers to those questions, and they behave differently in node and browser. The ultimate goal is to have consistent options across platforms, and - as much as possible - have each option only affect the things it says it affects.

Browser:

Currently, for browser, there are two options, tracingOrigins and shouldCreateSpanForRequest, and the behavior is as follows:

                                               | `tracingOrigins` match               | no `tracingOrigins` match            |
|----------------------------------------------|--------------------------------------|--------------------------------------|
| `shouldCreateSpanForRequest` returns `true`  | headers attached, span created       | no headers attached, no span created |
| `shouldCreateSpanForRequest` returns `false` | no headers attached, no span created | no headers attached, no span created |
| `shouldCreateSpanForRequest` is undefined    | headers attached, span created       | no headers attached, no span created |

The top right and bottom right cells are wrong - a span should be created, but it currently isn't. In other words, tracingOrigins is controlling span creation when it shouldn't. (It might appear that the middle left cell is also wrong - that headers should be attached in that case, because there's a tracingOrigins match - but headers without a parent span id make no sense, because their whole purpose is to help link transactions within a trace, so it is in fact correct.)

Because fixing the behavior of tracingOrigins would be a breaking change, and because its name has always been unnecessarily confusing (in tech speak, "origins" = "web domains," but in English, "origins" = "where things come from," which makes no sense in the context of outgoing requests), we decided to deprecate rather than fix it, in favor of introducing a new tracePropagationTargets option with the correct behavior.

So the changes needed on the browser side are:

Node:

Currently, for node, there is one option, tracePropagationTargets, and the behavior is as follows:

| `tracePropagationTargets` match      | no `tracePropagationTargets` match   |
|--------------------------------------|--------------------------------------|
| headers attached, span created       | no headers attached, span created    |

So the changes needed on the node side are:

Ultimate Goal:

In the end, in both browser and node, the table should look like this:

                                               | `tracePropagationTargets` match      | no `tracePropagationTargets` match   |
|----------------------------------------------|--------------------------------------|--------------------------------------|
| `shouldCreateSpanForRequest` returns `true`  | headers attached, span created       | no headers attached, span created    |
| `shouldCreateSpanForRequest` returns `false` | no headers attached, no span created | no headers attached, no span created |
| `shouldCreateSpanForRequest` is undefined    | headers attached, span created       | no headers attached, span created    |

In browser, tracePropagationTargets should default to ['localhost', /^\//], whereas in node it should default to ['.*'].

While we're here, it might be nice to unify the implementation, both between options and between platforms, so that either

  • both options have a default value on both platforms, and the undefined case therefore never needs to be handled at runtime, or
  • neither option has a default value on either platform, and the undefined case is always handled (and the default value applied) at runtime.

Potentially related to getsentry/develop#611.

Original version of this issue, now outdated:

Click to expand

Note: Whether or not we actually implement this change immediately, we need to make a decision here quite soon, before other SDKs start implementing this. It turns out no other SDKs had these two concerns intertwined, and therefore the changes coming down the pike at that point fortunately didn't include trying to replicate this broken behavior. So this is just an issue for the JS SDK.

Current Situation:

Currently, the tracingOrigins and shouldCreateSpanForRequest options for the BrowserTracing integration control two things about outgoing http requests, based on the request destination: whether to create a span, and whether to send tracing data in the sentry-trace and baggage headers. (The difference between the two is that shouldCrateSpanForRequest is stricter - it always filters out requests filtered by tracingOrigins, but can also filter out others.)

The problem with this is that there may be outgoing requests which should be represented by a span, but which shouldn't have headers attached (for CORS reasons, for example), and right now that's not possible. We should divorce these two concerns, and allow those decisions to be made separately by the SDK, based on two different options set by the user. We should also bring this functionality to the Node SDK, where nothing similar currently exists.

Known constraint:

We don't want span creation and header attachment be wholly independent, because span creation makes sense as a prerequisite for header attachment. (The alternative is a situation where it's possible to propagate headers but not create a span. In that case, the headers would have no parent span to use, and that would break the link between the parent transaction making the http request and the child transaction handling that request.)

Proposal:

- Add a shouldAttachTracingHeadersToRequest option, which will allow control over which outgoing requests traced with a span should include tracing headers.
- Make it clear that shouldCreateSpanForRequest, while it has an influence on header attachment, is not actually for controlling headers. (The default would be to attach headers to any outgoing request for which there's a span, but that would be a default for shouldAttachTracingHeadersToRequest behavior, not for shouldCreateSpanForRequest behavior.)
- Think about deprecating tracingOrigins, because
_- it's not clear which of these concerns it's meant to address, and _
- though I get where the name comes from ("origin" = "domain" in tech-speak), as a way to filter on destination, any name involving "origin" is awfully confusing, given that in regular English, "origin" = where something comes from, not where it's going.
- Make all of this work in @sentry/node as well as @sentry/browser.
@souredoutlook
Copy link
Member

Hi @lobsterkatie

Just want to add the following problem statement and suggestion to the thread for visibility:

**** Problem Statement****

We are trying to implement a preload hint for our site with a <link rel="preload" as="fetch"> hint.

Unfortunately, Chrome will not use a preloaded asset unless the request headers match, and the Sentry Tracing Integration adds a sentry-trace header to the eventual real fetch request. The request is otherwise identical, so it should consume the fetch preload, but because of the added sentry-trace header, the match fails, the browser issues a warning that a matching preload was found, but could not be used; and an additional fetch request is made anyway.

Feedback

It would be great if the BrowserTracing configuration object accepted something like shouldAddTracing: (url) => ... similar to the shouldCreateSpanForRequest configuration option, to allow passing a function to determine when to include tracing headers, in addition to the tracingOrigins array.

@timfish
Copy link
Collaborator

timfish commented Oct 23, 2022

Just to clarify and make sure I've understood correctly...

An optional shouldAttachTracingHeadersToRequest function gets added to RequestInstrumentationOptions and if users supply this function, tracingOrigins should be ignored and shouldAttachTracingHeadersToRequest becomes the sole means of determining if tracing headers should be attached?

@lobsterkatie
Copy link
Member Author

lobsterkatie commented Oct 25, 2022
edited

Just to clarify and make sure I've understood correctly...

An optional shouldAttachTracingHeadersToRequest function gets added to RequestInstrumentationOptions and if users supply this function, tracingOrigins should be ignored and shouldAttachTracingHeadersToRequest becomes the sole means of determining if tracing headers should be attached?

Thank you for clarifying! It's a good thing you did, because things have changed quite a bit since I first wrote up the issue, and I didn't know until now that it had been revived. I've rewritten the description so that it's hopefully clearer and so it reflects the new goals of this project. LMK if you still have questions after reading the updated version.

@timfish
Copy link
Collaborator

timfish commented Oct 25, 2022

so that it's hopefully clearer and so it reflects the new goals of this project

Wow, thanks. That's a pretty comprehensive summary!

@Lms24 Lms24 mentioned this issue Oct 25, 2022
Closed
3 tasks
@timfish
Copy link
Collaborator

timfish commented Oct 25, 2022
edited

Default to always creating a span, regardless of tracingOrigins, unless shouldCreateSpanForRequest is defined and returns

Is this considered a non-breaking change since it fixes broken behaviour?

Rather than edit your long post, I've copied the tasks here and I'll create a PR for each and add the references:

Browser

Node

This was referenced Oct 25, 2022
Merged
Closed
@lobsterkatie
Copy link
Member Author

Default to always creating a span, regardless of tracingOrigins, unless shouldCreateSpanForRequest is defined and returns

Is this considered a non-breaking change since it fixes broken behaviour?

Hmmm, yeah, good question. I said, "We decided not to fix tracingOrigins because it'd be breaking" and then promptly added to the top of the todo list a change which does exactly that. My statement was "it's breaking" because that's what we'd discussed at the time, but upon second thought, I don't think it is, because a) as you say, it should have worked this way from the beginning, and so this is really just fixing broken behavior, and b) in general we don't consider it breaking when we start sending extra information we didn't used to send, which is really all this does. At that point, the effect of the v8 change would really just be to rename the by-that-point-correctly-behaving tracingOrigins option to tracePropagationTargets, rather than to create a new option with new behavior.

Lemme confirm with the team whether we want to change this now or wait until v8.

Rather than edit your long post, I've copied the tasks here and I'll create a PR for each and add the references.

Honestly, I think it's nice to be able to see right up top what's been done and hasn't, so feel free to continue to edit your comment above, but I will probably also copy the PR links into the main issue description. And thank you for pointing out that there should be an associated docs here. I'll add that, too!

@timfish timfish mentioned this issue Oct 26, 2022
Merged
@timfish
Copy link
Collaborator

timfish commented Oct 26, 2022

I think it's nice to be able to see right up top what's been done and hasn't

Ohhh yes, much better at the top! I think since I'm not doing exactly one PR per checkbox I wanted to rejig the bullet points around but chickened out from modifying your carefully crafted summary. I've started this now so I shall endeavour to keep both updated 😂

@lobsterkatie
Copy link
Member Author

Default to always creating a span, regardless of tracingOrigins, unless shouldCreateSpanForRequest is defined and returns

Is this considered a non-breaking change since it fixes broken behaviour?

Hmmm, yeah, good question. I said, "We decided not to fix tracingOrigins because it'd be breaking" and then promptly added to the top of the todo list a change which does exactly that. My statement was "it's breaking" because that's what we'd discussed at the time, but upon second thought, I don't think it is, because a) as you say, it should have worked this way from the beginning, and so this is really just fixing broken behavior, and b) in general we don't consider it breaking when we start sending extra information we didn't used to send, which is really all this does. At that point, the effect of the v8 change would really just be to rename the by-that-point-correctly-behaving tracingOrigins option to tracePropagationTargets, rather than to create a new option with new behavior.

Lemme confirm with the team whether we want to change this now or wait until v8.

Okay, just saw Abhi's comment on your first PR. I'm also on team "let's change it now," so I say we do it. 🚀

@lobsterkatie
Copy link
Member Author

Welp. We should have moved those tests after all - it would have caught #6077, which comes from the fact that we released a new version in between merging #6039 and #6041.

I'll pull the part that's the fix out so we can release it tomorrow and leave #6041 as purely a "add the new option" PR.

This was referenced Oct 28, 2022
Merged
Merged
Lms24 pushed a commit that referenced this issue Oct 28, 2022
@lobsterkatie @timfish
fix(tracing): Fix tracingOrigins not applying (#6079)
fecdc3e 
In the process of working on #5285, we missed the fact that the first two PRs (#6039 and #6041) were interdependent, in that the former accidentally introduced a bug (#6077) which the latter then inadvertently fixed. This would have been fine, except that we published a release after merging the bug-creating PR but before merging the bug-fixing PR. Whoops.

This patch pulls just the bug-fixing part out of the second PR. It also adds tests to cover the buggy cases, using `it.each` to cover all of the different combinations of outcomes for `shouldCreateSpanForRequest` and `shouldAttachHeaders`. Finally, since I was already in the test file, I reorganized it a little:
- `it('does not create span if shouldCreateSpan returns false')` -> absorbed into the `it.each()`
- `it('does not create span if there is no fetch data in handler data')` -> added header check, became `it('adds neither fetch request spans nor fetch request headers if there is no fetch data in handler data')`
- `it('does not add fetch request spans if tracing is disabled')` and `it('does not add fetch request headers if tracing is disabled` -> combined into `it('adds neither fetch request spans nor fetch request headers if tracing is disabled')`
- `it('adds sentry-trace header to fetch requests')` -> absorbed into the `it.each()`
- Similar changes made to XHR tests

Co-authored-by: Tim Fish <tim@timfish.uk>
lobsterkatie pushed a commit that referenced this issue Nov 4, 2022
@timfish
feat(node): Add shouldCreateSpanForRequest option (#6055)
24e2a27 
As per the summary here in #5285 (comment)) this PR adds support for an optional `shouldCreateSpanForRequest` function in the options. When it's defined and returns false, spans will not be attached.
lobsterkatie added a commit that referenced this issue Nov 8, 2022
@lobsterkatie
feat(tracing): Add tracePropagationTargets option to browser routin…
59047ec 
…g instrumentation (#6080)

As part of the work on #5285, this adds a new option, `tracePropagationTargets`, to our browser-side tracing instrumentation, to live alongside (and eventually take the place of) `tracingOrigins`. Its behavior matches that of `tracingOrigins`, but it has a much clearer name.

Switching from internal use of `tracingOrigins` to `tracePropagationTargets` to come in future PRs.

Note: This is what remained of #6041 after the fix in #6079 was split off. h/t @timfish for the initial work in that PR.
@Lms24 Lms24 mentioned this issue Nov 8, 2022
Merged
@timfish timfish mentioned this issue Nov 9, 2022
Merged
@AbhiPrasad AbhiPrasad added this to the 8.0.0 milestone Nov 10, 2022
@timfish
Copy link
Collaborator

timfish commented Nov 10, 2022

For node.js:

  • Ensure both options are documented
  • In v8, consider moving both options into the Http integration

I was just about to document these additions.

How about:

  • Add these settings to the Http integration now
  • Deprecate them in BaseNodeOptions
  • Prefer the integrations options but fallback to BaseNodeOptions so it not a breaking change
  • Add docs for these as integration options

This would get the changes in motion and mean not doing the docs changes twice.

@lobsterkatie
Copy link
Member Author

Sounds good, @timfish! Thanks!

@timfish timfish mentioned this issue Nov 11, 2022
Merged
@AbhiPrasad
Copy link
Member

Considering #6230 tracks the deprecations for v8, closing this as the docs/sdk work is done for now. Thanks for the :shipit: @timfish!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@timfish timfish

Labels
Type: Improvement
Projects
None yet
Milestone
8.0.0
Development

No branches or pull requests
4 participants
@timfish @lobsterkatie @AbhiPrasad @souredoutlook