Version 9.13.0 enhances support for AWS Lambda functions, adds experimental OpenSearch instrumentation, updates framework detection, silences a Bundler deprecation warning, fixes Falcon dispatcher detection, fixes a bug with Redis instrumentation installation, and addresses a JRuby-specific concurrency issue.
Feature: Enhance AWS Lambda function instrumentation
When utilized via the latest New Relic Ruby layer for AWS Lambda, the agent now offers enhanced support for AWS Lambda function instrumentation.
The agent's instrumentation for AWS Lambda functions now supports distributed tracing.
Web-triggered invocations are now identified as being "web"-based when an API Gateway call is involved, with support for both API Gateway versions 1.0 and 2.0.
Web-based calls have the HTTP method, URI, and status code recorded.
The agent now recognizes and reports on 12 separate AWS resources that are capable of triggering a Lambda function invocation: ALB, API Gateway V1, API Gateway V2, CloudFront, CloudWatch Scheduler, DynamoStreams, Firehose, Kinesis, S3, SES, SNS, and SQS.
The type of the triggering resource and its ARN will be recorded for each resource, and for many of them, extra resource-specific attributes will be recorded as well. For example, Lambda function invocations triggered by S3 bucket activity will now result in the S3 bucket name being recorded.
PR#2811
The agent will now automatically instrument the opensearch-ruby gem. We're marking this instrumentation as experimental because more work is needed to fully test it. OpenSearch instrumentation provides telemetry similar to Elasticsearch. Thank you, @Earlopain for reporting the issue and @praveen-ks for an initial draft of the instrumentation. Issue#2228PR#2796
Feature: Improve framework detection accuracy for Grape and Padrino
Previously, applications using the Grape framework would set ruby as their framework within the Environment Report. Now, Grape applications will be set to grape. Similarly, applications using the Padrino framework would be set to sinatra. Now, they will be set to padrino. This will help the New Relic security agent compatibility checks. Thank you, @prateeksen for making this change. Issue#2777PR#2789
Bundler.rubygems.all_specs was deprecated in favor of Bundler.rubygems.installed_specs in Bundler versions 2+, causing the agent to emit deprecation warnings. The method has been updated when Bundler 2+ is detected and warnings are now silenced. Thanks to @jcoyne for reporting this issue. Issue#2733PR#2823
Bugfix: Fix Falcon dispatcher detection
Previously, we tried to use the object space to determine whether the Falcon web server was in use. However, Falcon is not added to the object space until after the environment report is generated, resulting in a nil dispatcher. Now, we revert to an earlier strategy that discovered the dispatcher using File.basename. Thank you, @prateeksen for reporting this issue and researching the problem. Issue#2778PR#2795
Bugfix: Fix for a Redis instrumentation error when Redis::Cluster::Client is present
The Redis instrumentation previously contained a bug that would cause it to error out when Redis::Cluster::Client was present, owing to the use of a Ruby return outside of a method. Thanks very much to @jdelStrother for not only reporting this bug but pointing us to the root cause as well. Issue#2814PR#2816
Bugfix: Address JRuby concurrency issue with config hash accessing
The agent's internal configuration class maintains a hash that occassionally gets rebuilt. During the rebuild, certain previously dynamically determined instrumentation values are preserved for the benefit of the New Relic Ruby security agent. After reports from JRuby customers regarding concurrency issues related to the hash being accessed while being modified, two separate fixes went into the hash rebuild logic previously: a Hash#dup operation and a synchronize do block. But errors were still reported. We ourselves remain unable to reproduce these concurrency errors despite using the same exact versions of JRuby and all reported software. After confirming that the hash access code in question is only needed for the Ruby security agent (which operates only in non-production dedicated security testing environments), we have introduced a new fix for JRuby customers that will simply skip over the troublesome code when JRuby is in play but the security agent is not. PR#2798
v9.12.0
Version 9.12.0 adds support for the newrelic_security agent, introduces instrumentation for the LogStasher gem, improves instrumentation for the redis-clustering gem, and updates the Elasticsearch instrumentation to only attempt to get the cluster name once per client, even if it fails.
Feature: Add support for the newrelic_security agent
The newrelic_security gem provides this feature for Ruby. It depends on newrelic_rpm. This is the first version of newrelic_rpm compatible with newrelic_security.
At this time, the security agent is intended for use only within a dedicated security testing environment with data that can tolerate modification or deletion. The security agent is available as a separate Ruby gem, newrelic_security. It is recommended that this separate gem only be introduced to a security testing environment by leveraging Bundler grouping like so:
... (truncated)
Commits
454d61f Merge pull request #2827 from newrelic/prerelease_updates_9.13.0-pre
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot]
commented
1 month ago
Bumps newrelic_rpm from 4.7.1.340 to 9.13.0.
Release notes
Sourced from newrelic_rpm's releases.
... (truncated)
Changelog
Sourced from newrelic_rpm's changelog.
... (truncated)
Commits
454d61fMerge pull request #2827 from newrelic/prerelease_updates_9.13.0-predcc8ac0bump versionf016fd1Merge pull request #2825 from newrelic/bundler_changeloga50b328Update CHANGELOG.md7adc0dcAdd CHANGELOG for Bundler version updatea885001Add Bundler version conditions (#2823)77b0838Merge pull request #2822 from newrelic/two_kinds_of_koalasfff6656bring in the latest cross-agent AWS Lambda JSON7965561Merge pull request #2821 from newrelic/james_best_face_barney_kessel_handsc869cd9serverless handler tested: comment disambiguationDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show