Enable Datadog tracer, bump dependencies and align environment names

.github/workflows/sandbox.yml

@@ -104,4 +104,4 @@ jobs:
           api_key: ${{ secrets.DATADOG_API_KEY }}
           app_key: ${{ secrets.DATADOG_APP_KEY }}
           fail_on_critical_errors: true
-          test_search_query: "env:sb service:gke-info-go team:platform-google-cloud-kubernetes state:live"
+          test_search_query: "env:sandbox service:gke-info-go team:platform-google-cloud-kubernetes state:live"

.gitignore

@@ -36,6 +36,9 @@ plan.out
 # Ignore Infracost directories and files
 .infracost
 
+# Ignore Visual Studio Code directories
+.vscode
+
 # Other Files
 *.log
 *.bak

.pre-commit-config.yaml

@@ -9,7 +9,7 @@ repos:
 
 
   - repo: https://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.92.0
+    rev: v1.92.1
     hooks:
       - id: terraform_fmt
 
@@ -30,7 +30,7 @@ repos:
           - --hook-config=--create-file-if-not-exist=false
 
   - repo: https://github.com/bridgecrewio/checkov.git
-    rev: 3.2.174
+    rev: 3.2.219
     hooks:
       - id: checkov
         files: Dockerfile

Dockerfile

@@ -30,7 +30,8 @@ COPY internal/ /app/internal/
 
 # Build the application
 
-RUN GOOS=linux CGO_ENABLED=0 go build -o main cmd/http/main.go
+# For Datadog ASM the Go build tag appsec is not necessary if CGO is enabled with CGO_ENABLED=1
+RUN GOOS=linux CGO_ENABLED=0 go build -v -tags appsec -o main cmd/http/main.go
 
 # Expose the port your application listens on
 

cmd/http/main.go

@@ -10,11 +10,30 @@ import (
 	"time"
 
 	"gke-info/internal/metadata"
+
+	"gopkg.in/DataDog/dd-trace-go.v1/ddtrace/tracer"
+        "gopkg.in/DataDog/dd-trace-go.v1/profiler"
+
+        httptrace "gopkg.in/DataDog/dd-trace-go.v1/contrib/net/http"
 )
 
 // main initializes the HTTP server and sets up the routes.
 func main() {
-	mux := http.NewServeMux()
+        tracer.Start()
+        defer tracer.Stop()
+
+        err := profiler.Start(
+                profiler.WithProfileTypes(
+                        profiler.CPUProfile,
+                        profiler.HeapProfile,
+                ),
+        )
+        if err != nil {
+                log.Fatal(err)
+        }
+        defer profiler.Stop()
+
+	mux := httptrace.NewServeMux()
 	mux.HandleFunc("/gke-info-go/metadata/", metadata.MetadataHandler)
 	mux.HandleFunc("/gke-info-go/health", metadata.HealthCheckHandler)
 

deployments/regional/README.md

@@ -9,8 +9,8 @@ No requirements.
 
 | Name | Version |
 |------|---------|
-| <a name="provider_datadog"></a> [datadog](#provider\_datadog) | 3.40.0 |
-| <a name="provider_google"></a> [google](#provider\_google) | 5.36.0 |
+| <a name="provider_datadog"></a> [datadog](#provider\_datadog) | 3.42.0 |
+| <a name="provider_google"></a> [google](#provider\_google) | 5.40.0 |
 | <a name="provider_kubernetes"></a> [kubernetes](#provider\_kubernetes) | 2.31.0 |
 
 ## Modules
@@ -34,7 +34,7 @@ No modules.
 |------|-------------|------|---------|:--------:|
 | <a name="input_datadog_api_key"></a> [datadog\_api\_key](#input\_datadog\_api\_key) | Datadog API key | `string` | n/a | yes |
 | <a name="input_datadog_app_key"></a> [datadog\_app\_key](#input\_datadog\_app\_key) | Datadog APP key | `string` | n/a | yes |
-| <a name="input_env"></a> [env](#input\_env) | This is the environment suffix for example: sb (Sandbox), pre-prod (Pre-Production), prod (Production) | `string` | `"sb"` | no |
+| <a name="input_environment"></a> [environment](#input\_environment) | The full environment name for example: `sandbox`, `non-production`, `production` | `string` | `"sandbox"` | no |
 | <a name="input_gke_info_go_replicas"></a> [gke\_info\_go\_replicas](#input\_gke\_info\_go\_replicas) | The number of replicas for the gke-info deployment | `number` | `1` | no |
 | <a name="input_gke_info_go_version"></a> [gke\_info\_go\_version](#input\_gke\_info\_go\_version) | The version of the gke-info deployment | `string` | n/a | yes |
 | <a name="input_region"></a> [region](#input\_region) | The region to deploy the resources into | `string` | n/a | yes |

deployments/regional/locals.tf

@@ -2,9 +2,9 @@
 # https://www.terraform.io/docs/language/values/locals.html
 
 locals {
-  datadog_mci_synthetic_url          = var.env == "prod" ? "https://gcp.osinfra.io/${local.datadog_synthetic_service}" : "https://${var.env}.gcp.osinfra.io/${local.datadog_synthetic_service}"
-  datadog_synthetic_message_critical = var.env == "prod" ? "@hangouts-Platform-CriticalHighPriority" : ""
-  datadog_synthetic_message_medium   = var.env == "prod" ? "@hangouts-Platform-MediumLowInfoPriority" : ""
+  datadog_mci_synthetic_url          = var.environment == "production" ? "https://gcp.osinfra.io/${local.datadog_synthetic_service}" : "https://${local.env}.gcp.osinfra.io/${local.datadog_synthetic_service}"
+  datadog_synthetic_message_critical = var.environment == "production" ? "@hangouts-Platform-CriticalHighPriority" : ""
+  datadog_synthetic_message_medium   = var.environment == "production" ? "@hangouts-Platform-MediumLowInfoPriority" : ""
   datadog_synthetic_name             = "GKE Info"
   datadog_synthetic_service          = "gke-info-go"
 
@@ -64,10 +64,12 @@ locals {
       region           = "us-east1"
       service          = local.datadog_synthetic_service
       status           = "paused"
-      url              = var.env == "prod" ? "https://us-east1.gcp.osinfra.io/${local.datadog_synthetic_service}" : "https://us-east1.${var.env}.gcp.osinfra.io/${local.datadog_synthetic_service}"
+      url              = var.environment == "production" ? "https://us-east1.gcp.osinfra.io/${local.datadog_synthetic_service}" : "https://us-east1.${local.env}.gcp.osinfra.io/${local.datadog_synthetic_service}"
     }
   } : {}
 
-  registry           = var.env == "sb" ? "us-docker.pkg.dev/plt-lz-services-tf7f-sb/platform-docker-virtual" : "us-docker.pkg.dev/plt-lz-services-tf79-prod/platform-docker-virtual"
-  kubernetes_project = var.env == "sb" ? "plt-k8s-tf39-sb" : var.env == "prod" ? "plt-k8s-tf10-prod" : "plt-k8s-tf33-nonprod"
+  env = var.environment == "sandbox" ? "sb" : var.environment == "non-production" ? "non-prod" : var.environment == "production" ? "prod" : "none"
+
+  registry           = var.environment == "sandbox" ? "us-docker.pkg.dev/plt-lz-services-tf7f-sb/platform-docker-virtual" : "us-docker.pkg.dev/plt-lz-services-tf79-prod/platform-docker-virtual"
+  kubernetes_project = var.environment == "sandbox" ? "plt-k8s-tf39-sb" : var.environment == "production" ? "plt-k8s-tf10-prod" : "plt-k8s-tf33-nonprod"
 }

deployments/regional/main.tf

@@ -82,7 +82,7 @@ resource "datadog_synthetics_test" "this" {
 
   locations = each.value.locations
   message   = each.value.message
-  name      = "${each.value.name} on - region:${each.value.region} env:${var.env}"
+  name      = "${each.value.name} on - region:${each.value.region} env:${var.environment}"
 
   options_list {
     tick_every = 300
@@ -108,7 +108,7 @@ resource "datadog_synthetics_test" "this" {
   subtype = "http"
 
   tags = [
-    "env:${var.env}",
+    "env:${var.environment}",
     "service:${each.value.service}",
     "region:${each.value.region}",
     "team:platform-google-cloud-kubernetes"
@@ -140,7 +140,7 @@ resource "kubernetes_deployment_v1" "gke_info_go" {
 
   metadata {
     labels = {
-      "tags.datadoghq.com/env"     = var.env
+      "tags.datadoghq.com/env"     = var.environment
       "tags.datadoghq.com/service" = "gke-info-go"
       "tags.datadoghq.com/version" = var.gke_info_go_version
     }
@@ -162,7 +162,7 @@ resource "kubernetes_deployment_v1" "gke_info_go" {
       metadata {
         annotations = {
           "apm.datadoghq.com/env" = jsonencode({
-            "DD_ENV"     = var.env
+            "DD_ENV"     = var.environment
             "DD_SERVICE" = "gke-info-go"
             "DD_VERSION" = var.gke_info_go_version
           })
@@ -173,7 +173,7 @@ resource "kubernetes_deployment_v1" "gke_info_go" {
           # Enable Admission Controller to mutate new pods part of this deployment
           "admission.datadoghq.com/enabled" = "true"
           "app"                             = "gke-info-go"
-          "tags.datadoghq.com/env"          = var.env
+          "tags.datadoghq.com/env"          = var.environment
           "tags.datadoghq.com/service"      = "gke-info-go"
           "tags.datadoghq.com/version"      = var.gke_info_go_version
         }

deployments/regional/variables.tf

@@ -1,7 +1,7 @@
-variable "env" {
-  description = "This is the environment suffix for example: sb (Sandbox), pre-prod (Pre-Production), prod (Production)"
+variable "environment" {
+  description = "The full environment name for example: `sandbox`, `non-production`, `production`"
   type        = string
-  default     = "sb"
+  default     = "sandbox"
 }
 
 variable "datadog_api_key" {

entity.datadog.yaml

@@ -6,22 +6,41 @@ metadata:
   displayName: GKE Info Go
 
   links:
-    - name: Sandbox Global
+    - name: Sandbox
       type: other
-      url: "https://sb.gcp.osinfra.io/gke-info"
+      url: "https://sb.gcp.osinfra.io/gke-info/health"
 
-    - name: Pre-Production Global
+    - name: "Sandbox: us-east1-b"
       type: other
-      url: "https://pre-prod.gcp.osinfra.io/gke-info"
+      url: "https://us-east1-b.sb.gcp.osinfra.io/gke-info-go/gke-info/health"
 
-    - name: Production Global
+    - name: "Sandbox: us-east4-a"
       type: other
-      url: "https://gcp.osinfra.io/gke-info"
+      url: "https://us-east4-a.sb.gcp.osinfra.io/gke-info-go/gke-info/health"
 
-    - name: osinfra-io/gke-info-go
-      type: repo
-      provider: github
-      url: https://github.com/osinfra-io/gke-info-go
+    - name: Pre-Production
+      type: other
+      url: "https://pre-prod.gcp.osinfra.io/gke-info/health"
+
+    - name: "Pre-Production: us-east1-b"
+      type: other
+      url: "https://us-east1-b.pre-prod.gcp.osinfra.io/gke-info/health"
+
+    - name: "Pre-Production: us-east4-a"
+      type: other
+      url: "https://us-east4-a.pre-prod.gcp.osinfra.io/gke-info/health"
+
+    - name: Production
+      type: other
+      url: "https://gcp.osinfra.io/gke-info/health"
+
+    - name: "Production: us-east1-b"
+      type: other
+      url: "https://us-east1-b.gcp.osinfra.io/gke-info/health"
+
+    - name: "Production: us-east4-a"
+      type: other
+      url: "https://us-east4-a.gcp.osinfra.io/gke-info/health"
 
   owner: platform-google-cloud-kubernetes
 
@@ -31,6 +50,7 @@ spec:
   type: web
   languages:
     - go
+
   dependsOn:
     - service:istio-gateway
 

go.mod

@@ -4,10 +4,46 @@ go 1.22.4
 
 require github.com/stretchr/testify v1.8.4
 
+require (
+	github.com/DataDog/appsec-internal-go v1.6.0 // indirect
+	github.com/DataDog/datadog-agent/pkg/obfuscate v0.48.0 // indirect
+	github.com/DataDog/datadog-agent/pkg/remoteconfig/state v0.48.1 // indirect
+	github.com/DataDog/datadog-go/v5 v5.3.0 // indirect
+	github.com/DataDog/go-libddwaf/v3 v3.2.1 // indirect
+	github.com/DataDog/go-tuf v1.0.2-0.5.2 // indirect
+	github.com/DataDog/gostackparse v0.7.0 // indirect
+	github.com/DataDog/sketches-go v1.4.5 // indirect
+	github.com/Microsoft/go-winio v0.6.1 // indirect
+	github.com/cespare/xxhash/v2 v2.2.0 // indirect
+	github.com/dustin/go-humanize v1.0.1 // indirect
+	github.com/eapache/queue/v2 v2.0.0-20230407133247-75960ed334e4 // indirect
+	github.com/ebitengine/purego v0.6.0-alpha.5 // indirect
+	github.com/google/pprof v0.0.0-20230817174616-7a8ec2ada47b // indirect
+	github.com/google/uuid v1.5.0 // indirect
+	github.com/hashicorp/go-secure-stdlib/parseutil v0.1.7 // indirect
+	github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 // indirect
+	github.com/hashicorp/go-sockaddr v1.0.2 // indirect
+	github.com/mitchellh/mapstructure v1.5.0 // indirect
+	github.com/outcaste-io/ristretto v0.2.3 // indirect
+	github.com/philhofer/fwd v1.1.2 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
+	github.com/richardartoul/molecule v1.0.1-0.20240531184615-7ca0df43c0b3 // indirect
+	github.com/ryanuber/go-glob v1.0.0 // indirect
+	github.com/secure-systems-lab/go-securesystemslib v0.7.0 // indirect
+	github.com/spaolacci/murmur3 v1.1.0 // indirect
+	github.com/tinylib/msgp v1.1.8 // indirect
+	go.uber.org/atomic v1.11.0 // indirect
+	golang.org/x/mod v0.14.0 // indirect
+	golang.org/x/sys v0.20.0 // indirect
+	golang.org/x/time v0.3.0 // indirect
+	golang.org/x/tools v0.16.1 // indirect
+	golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect
+	google.golang.org/protobuf v1.33.0 // indirect
+)
+
 require (
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
-	github.com/kr/text v0.2.0 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
-	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
+	gopkg.in/DataDog/dd-trace-go.v1 v1.66.0
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )