Skip to content

Gate process command attributes under v3 preview#19082

Open
trask wants to merge 11 commits into
open-telemetry:mainfrom
trask:process-command-attrs-v3-preview
Open

Gate process command attributes under v3 preview#19082
trask wants to merge 11 commits into
open-telemetry:mainfrom
trask:process-command-attrs-v3-preview

Conversation

@trask

@trask trask commented Jun 25, 2026

Copy link
Copy Markdown
Member

Resolves #10151

Gate process.command_args and process.command_line resource attributes under otel.instrumentation.common.v3-preview=true, while continuing to emit lower-risk process resource attributes such as process.pid and process.executable.path.

In 3.0, users can opt into command attributes with otel.instrumentation.resources.experimental.process-command-attributes.enabled=true.

The public ProcessResource.get() API is deprecated for removal in 3.0 in favor of ProcessResource.create(), with ProcessResource.create(boolean) available for callers that explicitly choose whether command attributes should be emitted.

Declarative users only receive process resource attributes when they explicitly list the process detector, for example:

file_format: "1.0"
tracer_provider:
  resource:
    detection/development:
      detectors:
        - process:

Note

The process detector does not emit process.command_args or process.command_line. There is currently no detector-local YAML option to enable those attributes; that follow-up is tracked in open-telemetry/opentelemetry-configuration#671.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR gates the process.command_args and process.command_line resource attributes behind the otel.instrumentation.common.v3-preview preview flag, addressing the privacy/security risk of capturing full command lines (which can contain secrets) by default. Lower-risk attributes (process.pid, process.executable.path) continue to be emitted unconditionally. When v3 preview is enabled, users can opt the command attributes back in with otel.instrumentation.resources.experimental.process-command-attributes.enabled=true. The gating is applied only in the autoconfigure ProcessResourceProvider SPI; the declarative config process detector path (via ProcessResource.get()) is intentionally left unchanged.

Changes:

  • Refactored ProcessResource to add a buildResource(boolean emitCommandAttributes) overload and extract command-attribute logic into addCommandAttributes(...).
  • ProcessResourceProvider now computes whether to emit command attributes based on the v3-preview flag and the new opt-in config key.
  • Added test coverage for all four flag/opt-in combinations, a new metadata config entry, and README documentation.

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated no comments.

Show a summary per file
File Description
instrumentation/resources/library/src/main/java/.../ProcessResource.java Adds buildResource(boolean) / doBuildResource(boolean) and extracts addCommandAttributes; preserves existing command-line/args logic.
instrumentation/resources/library/src/main/java/.../ProcessResourceProvider.java Gates command attributes via emitCommandAttributes(config) using v3-preview + opt-in config keys.
instrumentation/resources/library/src/test/java/.../ProcessResourceTest.java Adds tests for disabled, default-emit, opt-in-only, v3-suppressed, and v3+opt-in cases; refactors shared assertions.
instrumentation/resources/metadata.yaml Declares the new opt-in boolean config and its declarative name.
instrumentation/resources/library/README.md Documents process.command_args and the v3-preview gating behavior.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 7 out of 7 changed files in this pull request and generated 1 comment.

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 7 out of 7 changed files in this pull request and generated 2 comments.

: "process.command_args");
assertThat(attributeKeys).contains("process.executable.path", "process.pid");
assertThat(attributeKeys)
.doesNotContain("process.command_args", "process.command_line");

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

declarative configuration no longer emits these attributes, related to open-telemetry/opentelemetry-configuration#671

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 9 out of 9 changed files in this pull request and generated no new comments.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 9 out of 9 changed files in this pull request and generated no new comments.

@trask trask added this to the v2.30.0 milestone Jun 26, 2026
@trask trask marked this pull request as ready for review June 26, 2026 16:59
@trask trask requested a review from a team as a code owner June 26, 2026 16:59

@laurit laurit left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we are going to make this opt-in should we also stop attempting to sanitize it? Sanitizing probably won't hurt since it is unlikely that anybody really wants to send secrets to the backend.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Disable ProcessResourceProvider by default

3 participants