Skip to content

Harden local telemetry export: routes, span logs, schema, manifest#990

Open
EhabY wants to merge 1 commit into
mainfrom
feat/issue-983-harden-telemetry-export
Open

Harden local telemetry export: routes, span logs, schema, manifest#990
EhabY wants to merge 1 commit into
mainfrom
feat/issue-983-harden-telemetry-export

Conversation

@EhabY
Copy link
Copy Markdown
Collaborator

@EhabY EhabY commented Jun 3, 2026
edited
Loading

What

Hardening pass on the local telemetry export path, following the audit in #953 / #903.

Stacked on top of feat/issue-903-export-telemetry (PR #953) — please review/merge that first; this PR targets that branch, not main.

Changes

Audit point Summary
#3 Route/cardinality guardrails New normalizeRoute(): strips query+fragment, collapses UUID/integer segments to {id}, keeps curated templates, and buckets unknown routes to the first 3 segments + {*}. Applied to HTTP and websocket route telemetry.
#4 OTLP span-log routing Span.log() / Span.logError() events export as OTLP log records linked to their parent span (traceId/spanId) instead of zero-duration spans. Timed spans (those with a framework result) still route to traces.
#9 Schema versioning Per-row schema_version (CURRENT_TELEMETRY_SCHEMA_VERSION = 1), required in the Zod schema and stamped at emit time.
#6 / #7 Flush reporting flush() returns a structured FlushStatus; the sink rejects on a write failure, so a failed pre-export flush surfaces a non-blocking warning that the export may be missing the latest events.
#8 OTLP manifest OTLP zip includes manifest.json describing the export: format, telemetry + manifest schema versions, date range, source-file count, source-event count, and per-signal record counts.
#10 / #11 Cancellation + save destination JSON writer accepts an AbortSignal (mirrors the OTLP writer); export rejects non-file save destinations with a clear error.
#5 OTLP provenance Regression test: the OTLP resource describes the exporter while each record keeps its own producer context, so multi-session/historical exports aren't misattributed.

Deliberately not included (with rationale)

  • #1 command activation — no-op. The ^1.105 engine auto-generates onCommand:* activation for contributed commands, so coder.exportTelemetry already activates from a cold session.
  • #2 privacy confirmation modal — dropped. The export logs no path/contents, and the existing coder support bundle exports more-sensitive data with no modal.
  • Manifest privacy flags — dropped. Inconsistent with coder support bundle (which redacts specific keys rather than flagging categories), low signal (deployment URL and machine id appear on nearly every event), and not a standard manifest concern.
  • Manifest sink-health counters — dropped. They were session-cumulative and could not be scoped to the export's date range, so they implied an accuracy the export couldn't deliver. Flush and buffer-overflow failures are still logged, and a failed pre-export flush still warns.

Testing

pnpm test (1880 passing, 1 skipped), pnpm typecheck, pnpm lint, pnpm format:check all green. Unit tests cover route normalization, span-log routing, schema version, flush-failure surfacing, manifest contents, JSON cancellation, non-file save URIs, and OTLP provenance.

Closes #983.

🤖 Generated by Coder Agents.

@EhabY EhabY self-assigned this Jun 3, 2026
@EhabY EhabY changed the title Harden local telemetry export: routes, span logs, schema, health, manifest Harden local telemetry export: routes, span logs, schema, manifest Jun 3, 2026
@EhabY EhabY requested a review from mtojek June 3, 2026 15:02
@EhabY EhabY linked an issue Jun 3, 2026 that may be closed by this pull request
Telemetry: harden local export activation, privacy, and OTLP output #983
Open
@EhabY EhabY force-pushed the feat/issue-903-export-telemetry branch from 1d897e9 to 738d19a Compare June 4, 2026 08:15
@EhabY EhabY force-pushed the feat/issue-983-harden-telemetry-export branch from 3e01527 to 8671eeb Compare June 4, 2026 08:18
Base automatically changed from feat/issue-903-export-telemetry to main June 4, 2026 12:43
@EhabY
feat(telemetry): harden the telemetry export command
6f54d99 
Follow-up hardening on top of the Coder telemetry export command (#953):

- Surface a non-blocking warning when the pre-export flush does not fully
  succeed, so a successful-looking export no longer hides missing events.
- Add a self-describing manifest.json to OTLP/JSON exports: manifest and
  telemetry schema versions, date range, source file and event counts, and
  per-signal record counts.
- Make JSON exports cancellable and reject non-file save destinations.
- Version telemetry rows with schema_version and export span logs as linked
  OTLP log records.
- Harden HTTP route normalization for telemetry.
- Assert the exporter resource carries per-event provenance, tighten
  comments, and remove em-dashes from comments and test names.
@EhabY EhabY force-pushed the feat/issue-983-harden-telemetry-export branch from 8671eeb to 6f54d99 Compare June 4, 2026 14:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mtojek mtojek Awaiting requested review from mtojek

At least 1 approving review is required to merge this pull request.

Assignees

@EhabY EhabY

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Telemetry: harden local export activation, privacy, and OTLP output

1 participant

@EhabY