From dd275f407128e58eb5a876696fea72aa67d65f8b Mon Sep 17 00:00:00 2001 From: Liudmila Molkova Date: Mon, 2 Dec 2024 11:02:56 -0800 Subject: [PATCH 1/2] relax collision detection policy to allow collisions between deprecated namespaces and attributes ro deprecated attributes and namespaces --- policies/attribute_name_collisions.rego | 20 ++++++++++++++----- .../attribute_name_collisions_test.rego | 12 +++++++++++ 2 files changed, 27 insertions(+), 5 deletions(-) diff --git a/policies/attribute_name_collisions.rego b/policies/attribute_name_collisions.rego index c52f0267fc..870e42c60b 100644 --- a/policies/attribute_name_collisions.rego +++ b/policies/attribute_name_collisions.rego @@ -6,7 +6,7 @@ import rego.v1 attribute_names := { obj | group := input.groups[_]; attr := group.attributes[_]; - obj := { "name": attr.name, "const_name": to_const_name(attr.name), "namespace_prefix": to_namespace_prefix(attr.name) } + obj := { "name": attr.name, "const_name": to_const_name(attr.name), "namespace_prefix": to_namespace_prefix(attr.name), "deprecated": get_or_null(attr, "deprecated") } } # check that attribute constant names do not collide @@ -29,11 +29,17 @@ deny contains attr_registry_collision(description, name) if { # check that attribute names do not collide with namespaces deny contains attr_registry_collision(description, name) if { some i + + # ignore deprecated attributes + attribute_names[i].deprecated == null + name := attribute_names[i].name prefix := attribute_names[i].namespace_prefix - not excluded_namespace_collisions[name] + collisions := [other.name | other := attribute_names[_] + other.deprecated == null + other.name != name startswith(other.name, prefix) ] @@ -72,7 +78,13 @@ to_const_name(name) = const_name if { const_name := replace(name, ".", "_") } -# These lists contain exceptions for existing collisions that were introduced unintentionally. +get_or_null(obj, key) = value if { + value := obj[key] +} else = null if { + not obj[key] +} + +# This list contain exceptions for existing collisions that were introduced unintentionally. # We'll have a way to specify how collision resolution happens in the schema - # see phase 2 in https://github.com/open-telemetry/semantic-conventions/issues/1118#issuecomment-2173803006 # For now we'll exclude existing collisions from the checks. @@ -80,5 +92,3 @@ to_const_name(name) = const_name if { # DO NOT ADD ATTRIBUTES TO THIS LIST excluded_const_collisions := {"messaging.client_id"} -# DO NOT ADD ATTRIBUTES TO THIS LIST -excluded_namespace_collisions := {"messaging.operation", "db.operation", "deployment.environment"} diff --git a/policies_test/attribute_name_collisions_test.rego b/policies_test/attribute_name_collisions_test.rego index b86e79fece..2d09beb7c4 100644 --- a/policies_test/attribute_name_collisions_test.rego +++ b/policies_test/attribute_name_collisions_test.rego @@ -17,3 +17,15 @@ test_fails_on_namespace_collision if { ]} count(deny) == 1 with input as collision } + +test_does_not_fail_on_deprecated_namespace_collision if { + collision := {"groups": [ + {"id": "test1", "attributes": [{"name": "test.namespace.id"}]}, + {"id": "test2", "attributes": [{"name": "test.namespace", "deprecated": "replaced by foo.bar.baz"}]}, + + {"id": "test3", "attributes": [{"name": "another_test.namespace.id", "deprecated": "replaced by another_test.namespace"}]}, + {"id": "test4", "attributes": [{"name": "another_test.namespace"}]}, + ]} + count(deny) == 0 with input as collision +} + From 4868d6c6b33e035982f32b144089101a46c4029f Mon Sep 17 00:00:00 2001 From: Liudmila Molkova Date: Mon, 2 Dec 2024 13:15:59 -0800 Subject: [PATCH 2/2] review comments --- policies/attribute_name_collisions.rego | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/policies/attribute_name_collisions.rego b/policies/attribute_name_collisions.rego index 870e42c60b..0aa7bb506e 100644 --- a/policies/attribute_name_collisions.rego +++ b/policies/attribute_name_collisions.rego @@ -6,7 +6,7 @@ import rego.v1 attribute_names := { obj | group := input.groups[_]; attr := group.attributes[_]; - obj := { "name": attr.name, "const_name": to_const_name(attr.name), "namespace_prefix": to_namespace_prefix(attr.name), "deprecated": get_or_null(attr, "deprecated") } + obj := { "name": attr.name, "const_name": to_const_name(attr.name), "namespace_prefix": to_namespace_prefix(attr.name), "deprecated": is_property_set(attr, "deprecated") } } # check that attribute constant names do not collide @@ -31,14 +31,14 @@ deny contains attr_registry_collision(description, name) if { some i # ignore deprecated attributes - attribute_names[i].deprecated == null + not attribute_names[i].deprecated name := attribute_names[i].name prefix := attribute_names[i].namespace_prefix collisions := [other.name | other := attribute_names[_] - other.deprecated == null + not other.deprecated other.name != name startswith(other.name, prefix) @@ -78,13 +78,11 @@ to_const_name(name) = const_name if { const_name := replace(name, ".", "_") } -get_or_null(obj, key) = value if { - value := obj[key] -} else = null if { - not obj[key] -} +is_property_set(obj, property) = true if { + obj[property] != null +} else = false -# This list contain exceptions for existing collisions that were introduced unintentionally. +# This list contains exceptions for existing collisions that were introduced unintentionally. # We'll have a way to specify how collision resolution happens in the schema - # see phase 2 in https://github.com/open-telemetry/semantic-conventions/issues/1118#issuecomment-2173803006 # For now we'll exclude existing collisions from the checks.