chore: Update tests and docs for sql limit message

open-telemetry · Sep 6, 2024 · e649508 · e649508
1 parent 6a13777
commit e649508
Show file tree

Hide file tree

Showing 6 changed files with 11 additions and 61 deletions.
diff --git a/helpers/sql-obfuscation/README.md b/helpers/sql-obfuscation/README.md
@@ -25,7 +25,7 @@ end
 
 Make sure the `Instrumentation` class for your gem contains configuration options for:
 
-- `:obfuscation_limit`: the length at which the obfuscated SQL string will be truncated.
+- `:obfuscation_limit`: the length at which the SQL string will not be obfuscated
   Example: `option :obfuscation_limit, default: 2000, validate: :integer`
 
 If you want to add support for a new adapter, update the following constants to include keys for your adapter:

diff --git a/helpers/sql-obfuscation/lib/opentelemetry/helpers/sql_obfuscation.rb b/helpers/sql-obfuscation/lib/opentelemetry/helpers/sql_obfuscation.rb
@@ -94,15 +94,15 @@ def generate_regex(dialect)
       # This is a SQL obfuscation utility intended for use in database adapter instrumentation.
       #
       # @param sql [String] The SQL to obfuscate.
-      # @param obfuscation_limit [optional Integer] The maximum length of an obfuscated sql statement.
+      # @param obfuscation_limit [optional Integer] the length at which the SQL string will not be obfuscated
       # @param adapter [optional Symbol] the type of database adapter calling the method. `:default`, `:mysql` and `:postgres` are supported.
       # @return [String] The SQL query string where the values are replaced with "?". When the sql statement exceeds the obufscation limit
       #  the first matched pair from the SQL statement will be returned, with an appended truncation message. If trunaction is unsuccessful,
       #  a string describing the error will be returned.
       #
       # @api public
       def obfuscate_sql(sql, obfuscation_limit: 2000, adapter: :default)
-        return "SQL truncated (> #{obfuscation_limit} characters)" if sql.size > obfuscation_limit
+        return "SQL not obfuscated, query exceeds #{obfuscation_limit} characters" if sql.size > obfuscation_limit
 
         regex = case adapter
                 when :mysql

diff --git a/helpers/sql-obfuscation/test/helpers/sql_obfuscation_test.rb b/helpers/sql-obfuscation/test/helpers/sql_obfuscation_test.rb
@@ -18,26 +18,9 @@ def test_named_arg_defaults_obfuscates
     assert_equal(expected, result)
   end
 
-  def test_obfuscation_limit_returns_truncation_message
+  def test_obfuscation_returns_message_when_limit_is_reached
     sql = "SELECT * from users where users.id = 1 and users.email = '[email protected]'"
-    expected = "SQL truncated (> 42 characters)"
-    result = OpenTelemetry::Helpers::SqlObfuscation.obfuscate_sql(sql, obfuscation_limit: 42)
-
-    assert_equal(expected, result)
-  end
-
-  def test_obfuscation_limit_returns_truncation_message_when_query_has_prepended_comment
-    comment = '/*service.name:foo,deployment.environtment:production,tracecontext:00-4bf92f3577b34da6a3ce929d0e0e4736-00f067aa0ba902b7-00,rails.route:examples/bars#index,host.name:baz-abc123.example.com*/'
-    sql = "#{comment} SELECT user.id FROM users where user.login = 'secretUserNameThatShouldBeObfuscated'"
-    expected = "SQL truncated (> 42 characters)"
-    result = OpenTelemetry::Helpers::SqlObfuscation.obfuscate_sql(sql, obfuscation_limit: 42)
-
-    assert_equal(expected, result)
-  end
-
-  def test_obfuscation_limit_returns_truncation_message_when_not_utf8
-    sql = "SELECT * from 😄 where users.id = 1 and users.😄 = '[email protected]'"
-    expected = "SQL truncated (> 42 characters)"
+    expected = "SQL not obfuscated, query exceeds 42 characters"
     result = OpenTelemetry::Helpers::SqlObfuscation.obfuscate_sql(sql, obfuscation_limit: 42)
 
     assert_equal(expected, result)

diff --git a/instrumentation/mysql2/test/opentelemetry/instrumentation/mysql2/instrumentation_test.rb b/instrumentation/mysql2/test/opentelemetry/instrumentation/mysql2/instrumentation_test.rb
@@ -236,20 +236,9 @@
       describe 'with obfuscation_limit' do
         let(:config) { { db_statement: :obfuscate, obfuscation_limit: 10 } }
 
-        it 'truncates SQL using config limit' do
+        it 'returns a message when the limit is reached' do
           sql = "SELECT * from users where users.id = 1 and users.email = '[email protected]'"
-          obfuscated_sql = "SELECT * from users where users.id = ...\nSQL truncated (> 10 characters)"
-          expect do
-            client.query(sql)
-          end.must_raise Mysql2::Error
-
-          _(span.attributes['db.statement']).must_equal obfuscated_sql
-        end
-
-        it 'handles regex non-matches' do
-          sql = 'ALTER TABLE my_table DISABLE TRIGGER ALL;'
-          obfuscated_sql = 'SQL truncated (> 10 characters)'
-
+          obfuscated_sql = "SQL not obfuscated, query exceeds 10 characters"
           expect do
             client.query(sql)
           end.must_raise Mysql2::Error

diff --git a/instrumentation/pg/test/opentelemetry/instrumentation/pg/instrumentation_test.rb b/instrumentation/pg/test/opentelemetry/instrumentation/pg/instrumentation_test.rb
@@ -297,20 +297,9 @@
       describe 'with obfuscation_limit' do
         let(:config) { { db_statement: :obfuscate, obfuscation_limit: 10 } }
 
-        it 'truncates SQL using config limit' do
+        it 'returns a message when the limit is reached' do
           sql = "SELECT * from users where users.id = 1 and users.email = '[email protected]'"
-          obfuscated_sql = "SELECT * from users where users.id = ...\nSQL truncated (> 10 characters)"
-          expect do
-            client.exec(sql)
-          end.must_raise PG::UndefinedTable
-
-          _(span.attributes['db.statement']).must_equal obfuscated_sql
-        end
-
-        it 'handles regex non-matches' do
-          sql = 'ALTER TABLE my_table DISABLE TRIGGER ALL;'
-          obfuscated_sql = 'SQL truncated (> 10 characters)'
-
+          obfuscated_sql = "SQL not obfuscated, query exceeds 10 characters"
           expect do
             client.exec(sql)
           end.must_raise PG::UndefinedTable

diff --git a/instrumentation/trilogy/test/opentelemetry/instrumentation/trilogy/instrumentation_test.rb b/instrumentation/trilogy/test/opentelemetry/instrumentation/trilogy/instrumentation_test.rb
@@ -323,20 +323,9 @@
       describe 'with obfuscation_limit' do
         let(:config) { { db_statement: :obfuscate, obfuscation_limit: 10 } }
 
-        it 'truncates SQL using config limit' do
+        it 'returns a message when the limit is reached' do
           sql = "SELECT * from users where users.id = 1 and users.email = '[email protected]'"
-          obfuscated_sql = "SELECT * from users where users.id = ...\nSQL truncated (> 10 characters)"
-          expect do
-            client.query(sql)
-          end.must_raise Trilogy::Error
-
-          _(span.attributes['db.statement']).must_equal obfuscated_sql
-        end
-
-        it 'handles regex non-matches' do
-          sql = 'ALTER TABLE my_table DISABLE TRIGGER ALL;'
-          obfuscated_sql = 'SQL truncated (> 10 characters)'
-
+          obfuscated_sql = "SQL not obfuscated, query exceeds 10 characters"
           expect do
             client.query(sql)
           end.must_raise Trilogy::Error