[Bug]: Warning logs on environment read in latest version

DataDog / kong-plugin-ddtrace

Datadog APM Plugin for Kong Gateway

Apache License 2.0

15 stars 7 forks source link

[Bug]: Warning logs on environment read in latest version #53

Open lays147 opened 2 months ago

lays147 commented 2 months ago

Kong Version

3.6.1

Plugin Version

0.2.0-1

On which environment your Kong instance is running?

ECS

Plugin Configuration

_format_version: "3.0"

_info:
  defaults: {}
  select_tags:
    - ddtrace

plugins:
  - name: ddtrace
    tags:
      - ddtrace
    config:
      service_name: my-api-gateway
      environment: production
      static_tags:
        - name: app
          value: my-api-gateway

What happened?

Within this latest version, I'm getting several warning logs from the plugin about errors on reading the env configs from a vault:

2024/04/16 16:33:48 [warn] 1363#0: *2487 [kong] vault.lua:1255 could not retrieve value for reference {vault://env/DD_TRACE_PROPAGATION_STYLE_EXTRACT} (could not get value from external vault (no value found)), context: ngx.timer

I don't even have a vault configured within this Kong.

This is not impacting the availability of the Kong Gateway, but it's a very verbose log that's being triggered all the time.

dmehala commented 2 months ago

Hey!

These warnings occur during the initialization phase or when a new configuration is received. The plugin attempts to resolve Datadog environment variable (DD_SERVICE, DD_ENV, etc).

The warning is generated by kong.vault. Unfortunately, there isn't much I can do about it, aside from possibly using os.getenv. However, I'd prefer kong vault caching mechanism instead of making N syscalls per environment variable to resolve.

I apologize for not having a more satisfactory solution for you. I'll continue to brainstorm and see if I can come up with a better approach.

lays147 commented 2 months ago

@dmehala no problem.

Adding one more thing: This plugin searches the values under the env prefix. based on the kong docs, it retrieves the values from the environment variables on the container, but it can be also set through the Vault API, but the API does not accept the env prefix, despite the docs using the envprefix.

So, if someone tries to set these variables in a new prefix(as I was trying to get rid of the warnings), this plugin does not support a custom path for it, so it won't work.

cuotos commented 2 months ago

could the plugin be made to not be configurable by env var and defer that to the user to use env vars in their config / deck yaml file?

I dont know of any other plugin that makes direct calls to get_env(), it seems like this possibly isn't intended to be used by external code?

These warnings occur during the initialization phase or when a new configuration is received

Thanks for pointing to this. Just to add, its then every 1min after that as I believe kong is doing it own secret rotation