fix!: Return message when sql is over the obfuscation limit

helpers/sql-obfuscation/lib/opentelemetry/helpers/sql_obfuscation.rb

@@ -62,6 +62,8 @@ module SqlObfuscation
                       hexadecimal_literals comments multi_line_comments]
       }.freeze
 
+      PREPENDED_COMMENT_REGEX = %r{^/\*.*\*/}
+
       PLACEHOLDER = '?'
 
       # We use these to check whether the query contains any quote characters
@@ -127,6 +129,8 @@ def obfuscate_sql(sql, obfuscation_limit: 2000, adapter: :default)
 
       # @api private
       def truncate_statement(sql, regex, limit)
+        sql = sql.gsub(PREPENDED_COMMENT_REGEX, PLACEHOLDER) if sql.match?(PREPENDED_COMMENT_REGEX)
+
         first_match_index = sql.index(regex)
         truncation_message = "SQL truncated (> #{limit} characters)"
         return truncation_message unless first_match_index

helpers/sql-obfuscation/test/helpers/sql_obfuscation_test.rb

@@ -26,6 +26,15 @@ def test_obfuscation_limit_truncates_query_after_first_match
     assert_equal(expected, result)
   end
 
+  def test_obfuscation_limit_obfuscates_and_truncates_when_query_has_prepended_comment
+    comment = '/*service.name:foo,deployment.environtment:production,tracecontext:00-4bf92f3577b34da6a3ce929d0e0e4736-00f067aa0ba902b7-00,rails.route:examples/bars#index,host.name:baz-abc123.example.com*/'
+    sql = "#{comment} SELECT user.id FROM users where user.login = 'secretUserNameThatShouldBeObfuscated'"
+    expected = "? SELECT user.id FROM users where user.login = ...\nSQL truncated (> 42 characters)"
+    result = OpenTelemetry::Helpers::SqlObfuscation.obfuscate_sql(sql, obfuscation_limit: 42)
+
+    assert_equal(expected, result)
+  end
+
   def test_obfuscation_limit_truncates_when_query_not_encoded_with_utf8
     sql = "SELECT * from 😄 where users.id = 1 and users.😄 = '[email protected]'"
     expected = "SELECT * from  where users.id = ...\nSQL truncated (> 42 characters)"