From 99660e5d6e834207e736157b7e7640de797ab2de Mon Sep 17 00:00:00 2001 From: Rafael Roquetto Date: Thu, 11 Dec 2025 17:32:24 -0700 Subject: [PATCH 1/2] Disable IP options by default --- .../workflow_integration_tests_vm.yml | 9 ++++----- internal/test/integration/multiprocess_test.go | 18 +----------------- pkg/config/ebpf_tracer.go | 4 ++-- pkg/config/ebpf_tracer_test.go | 12 ++++++------ 4 files changed, 13 insertions(+), 30 deletions(-) diff --git a/.github/workflows/workflow_integration_tests_vm.yml b/.github/workflows/workflow_integration_tests_vm.yml index fcabd3fc1f..c116416859 100644 --- a/.github/workflows/workflow_integration_tests_vm.yml +++ b/.github/workflows/workflow_integration_tests_vm.yml @@ -35,15 +35,14 @@ jobs: - name: build matrix id: build-matrix env: - # 6 partitions, one for each of: + # 5 partitions, one for each of: # 1. TestMultiProcess # 2. TestMultiProcessAppCP - # 3. TestMultiProcessAppCPNoIP + # 3. TestMultiProcessAppCPHeadersOnly # 4. TestMultiProcessAppCPTCPOnly - # 5. TestMultiProcessAppCPHeadersAndTCP - # 6. TestMultiProcessAppCPIPOnly + # 5. TestMultiProcessAppCPIPOnly - PARTITIONS: 6 + PARTITIONS: 5 TEST_TAGS: integration run: | echo -n "matrix=" >> $GITHUB_OUTPUT diff --git a/internal/test/integration/multiprocess_test.go b/internal/test/integration/multiprocess_test.go index 4855d10044..5e1cbc4eef 100644 --- a/internal/test/integration/multiprocess_test.go +++ b/internal/test/integration/multiprocess_test.go @@ -128,7 +128,7 @@ func TestMultiProcessAppCP(t *testing.T) { require.NoError(t, compose.Close()) } -func TestMultiProcessAppCPNoIP(t *testing.T) { +func TestMultiProcessAppCPHeadersOnly(t *testing.T) { compose, err := docker.ComposeSuite("docker-compose-multiexec-host.yml", path.Join(pathOutput, "test-suite-multiexec-app-cp-no-ip.log")) require.NoError(t, err) @@ -161,22 +161,6 @@ func TestMultiProcessAppCPTCPOnly(t *testing.T) { require.NoError(t, compose.Close()) } -func TestMultiProcessAppCPHeadersAndTCP(t *testing.T) { - compose, err := docker.ComposeSuite("docker-compose-multiexec-host.yml", path.Join(pathOutput, "test-suite-multiexec-app-cp-headers-tcp.log")) - require.NoError(t, err) - - // Test combined headers and TCP context propagation - compose.Env = append(compose.Env, `OTEL_EBPF_BPF_DISABLE_BLACK_BOX_CP=1`, `OTEL_EBPF_BPF_CONTEXT_PROPAGATION=headers,tcp`, `OTEL_EBPF_BPF_TRACK_REQUEST_HEADERS=1`) - - require.NoError(t, compose.Up()) - - t.Run("Nested traces with headers and TCP propagation", func(t *testing.T) { - testNestedHTTPTracesKProbes(t) - }) - - require.NoError(t, compose.Close()) -} - func TestMultiProcessAppCPIPOnly(t *testing.T) { compose, err := docker.ComposeSuite("docker-compose-multiexec-host.yml", path.Join(pathOutput, "test-suite-multiexec-app-cp-ip-only.log")) require.NoError(t, err) diff --git a/pkg/config/ebpf_tracer.go b/pkg/config/ebpf_tracer.go index 06aedc2fda..5ac97f44c9 100644 --- a/pkg/config/ebpf_tracer.go +++ b/pkg/config/ebpf_tracer.go @@ -20,10 +20,10 @@ const ( ContextPropagationDisabled ContextPropagationMode = 0 ContextPropagationHeaders ContextPropagationMode = 1 << 0 // HTTP headers ContextPropagationTCP ContextPropagationMode = 1 << 1 // TCP options - ContextPropagationIPOptions ContextPropagationMode = 1 << 2 // IP options + ContextPropagationIPOptions ContextPropagationMode = 1 << 2 // IP options (dangerous) // Convenience aliases - ContextPropagationAll = ContextPropagationHeaders | ContextPropagationTCP | ContextPropagationIPOptions + ContextPropagationAll = ContextPropagationHeaders | ContextPropagationTCP ) // EBPFTracer configuration for eBPF programs diff --git a/pkg/config/ebpf_tracer_test.go b/pkg/config/ebpf_tracer_test.go index a88b8e39f8..3913f1baf5 100644 --- a/pkg/config/ebpf_tracer_test.go +++ b/pkg/config/ebpf_tracer_test.go @@ -60,14 +60,14 @@ func TestContextPropagationMode_UnmarshalText(t *testing.T) { want: ContextPropagationHeaders | ContextPropagationIPOptions, }, { - name: "all three", - input: "headers,tcp,ip", + name: "all two", + input: "headers,tcp", want: ContextPropagationAll, }, { name: "with spaces", input: " headers , tcp , ip ", - want: ContextPropagationAll, + want: ContextPropagationHeaders | ContextPropagationTCP | ContextPropagationIPOptions, }, { name: "invalid value", @@ -133,7 +133,7 @@ func TestContextPropagationMode_MarshalText(t *testing.T) { { name: "headers and tcp", mode: ContextPropagationHeaders | ContextPropagationTCP, - want: "headers,tcp", + want: "all", }, { name: "tcp and ip", @@ -177,7 +177,7 @@ func TestContextPropagationMode_HasMethods(t *testing.T) { mode: ContextPropagationAll, wantHeaders: true, wantTCP: true, - wantIPOptions: true, + wantIPOptions: false, wantIsEnabled: true, }, { @@ -290,7 +290,7 @@ func TestContextPropagationMode_TracerLoading(t *testing.T) { name: "all", mode: ContextPropagationAll, wantTPInject: true, - wantTCTracer: true, + wantTCTracer: false, }, { name: "disabled", From 1609de4c645c73a0a67a467defb7d957b5bc42a6 Mon Sep 17 00:00:00 2001 From: Rafael Roquetto Date: Thu, 11 Dec 2025 18:35:47 -0700 Subject: [PATCH 2/2] Fix test --- pkg/obi/config_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/obi/config_test.go b/pkg/obi/config_test.go index 3ae211c6eb..77853a4591 100644 --- a/pkg/obi/config_test.go +++ b/pkg/obi/config_test.go @@ -589,7 +589,7 @@ func TestWillUseTC(t *testing.T) { env = envMap{"OTEL_EBPF_BPF_CONTEXT_PROPAGATION": "all"} cfg = loadConfig(t, env) - assert.True(t, cfg.willUseTC()) + assert.False(t, cfg.willUseTC()) env = envMap{"OTEL_EBPF_BPF_CONTEXT_PROPAGATION": "headers"} cfg = loadConfig(t, env)