feat(asm): standalone asm

[gnufede]

Description

This PR allows ASM customers to disable APM, and use only ASM features.

Details

It involves changes when opting out from APM with DD_TRACE_ENABLED=false, while DD_APPSEC_ENABLED=true:

• Doesn't disable Span Processors.
• Rate limiting of APM traces is reduced to minimal levels (1 trace per minute).
• Datadog-Client-Computed-Stats header is sent to the agent so it doesn't compute stats on its end, but they aren't computed on the library side either.
• Sends dd.apm.enabled:0 metric in top span.

Checklist

• Change(s) are motivated and described in the PR description
• Testing strategy is described if automated tests are not included in the PR
• Risks are described (performance impact, potential for breakage, maintainability)
• Change is maintainable (easy to change, telemetry, documentation)
• Library release note guidelines are followed or label changelog/no-changelog is set
• Documentation is included (in-code, generated user docs, public corp docs)
• Backport labels are set (if applicable)
• If this PR changes the public interface, I've notified @DataDog/apm-tees.

Reviewer Checklist

• Title is accurate
• All changes are related to the pull request's stated goal
• Description motivates each change
• Avoids breaking API changes
• Testing strategy adequately addresses listed risks
• Change is maintainable (easy to change, telemetry, documentation)
• Release note makes sense to a user of the library
• Author has acknowledged and discussed the performance implications of this PR as reported in the benchmarks PR comment
• Backport labels are set in a manner that is consistent with the release branch maintenance policy

[datadog-dd-trace-py-rkomorn]

Datadog Report

Branch report: gnufede/APPSEC-53002-standalone-asm-billing
Commit report: 1ac9b8d
Test service: dd-trace-py

❌ 37 Failed (1 Known Flaky), 142439 Passed, 30676 Skipped, 10h 22m 31.04s Total duration (49m 12.21s time saved)

❌ Failed Tests (37)

This report shows up to 5 failed tests.

• test_send_timed - test_logger.py - ❄️ Known flaky - Details

  Expand for error

   Calls not found.
   Expected: [call('sent %d logs to %r', 2, 'https://http-intake.logs.datadoghq.com/api/v2/logs')]
  

• test_app_started_event_configuration_override[DD_APPSEC_SCA_ENABLED-0-false] - test_writer.py - Details

  Expand for error

   assert [{'name': 'DD...': True}, ...] == [{'name': 'DD...': True}, ...]
     At index 30 diff: {'name': 'DD_TRACE_COMPUTE_STATS', 'origin': 'unknown', 'value': False} != {'name': 'DD_TRACE_COMPUTE_STATS', 'origin': 'unknown', 'value': True}
     Use -v to get more diff
  

• test_app_started_event_configuration_override[DD_APPSEC_SCA_ENABLED-0-false] - test_writer.py - Details

  Expand for error

   assert [{'name': 'DD...': True}, ...] == [{'name': 'DD...': True}, ...]
     At index 30 diff: {'name': 'DD_TRACE_COMPUTE_STATS', 'origin': 'unknown', 'value': False} != {'name': 'DD_TRACE_COMPUTE_STATS', 'origin': 'unknown', 'value': True}
     Use -v to get more diff
  

• test_app_started_event_configuration_override[DD_APPSEC_SCA_ENABLED-0-false] - test_writer.py - Details

  Expand for error

   assert [{'name': 'DD...': True}, ...] == [{'name': 'DD...': True}, ...]
     At index 30 diff: {'name': 'DD_TRACE_COMPUTE_STATS', 'origin': 'unknown', 'value': False} != {'name': 'DD_TRACE_COMPUTE_STATS', 'origin': 'unknown', 'value': True}
     Use -v to get more diff
  

• test_app_started_event_configuration_override[DD_APPSEC_SCA_ENABLED-0-false] - test_writer.py - Details

  Expand for error

   assert [{'name': 'DD...': True}, ...] == [{'name': 'DD...': True}, ...]
     At index 30 diff: {'name': 'DD_TRACE_COMPUTE_STATS', 'origin': 'unknown', 'value': False} != {'name': 'DD_TRACE_COMPUTE_STATS', 'origin': 'unknown', 'value': True}
     Use -v to get more diff
  

[pr-commenter]

Benchmarks

Benchmark execution time: 2024-05-17 13:52:05

Comparing candidate commit 1ac9b8d in PR branch gnufede/APPSEC-53002-standalone-asm-billing with baseline commit 05fb6fb in branch main.

Found 0 performance improvements and 0 performance regressions! Performance is the same for 209 metrics, 9 unstable metrics.

[codecov-commenter]

Codecov Report

Attention: Patch coverage is 28.57143% with 15 lines in your changes are missing coverage. Please review.

Project coverage is 6.78%. Comparing base (567b713) to head (d918ba4).
Report is 13 commits behind head on main.

Files	Patch %	Lines
tests/tracer/test_processors.py	0.00%	7 Missing ⚠️
ddtrace/_trace/processor/__init__.py	20.00%	4 Missing ⚠️
ddtrace/_trace/tracer.py	62.50%	3 Missing ⚠️
ddtrace/constants.py	0.00%	1 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff             @@
##             main    #9211       +/-   ##
===========================================
- Coverage   78.55%    6.78%   -71.77%     
===========================================
  Files        1277     1247       -30     
  Lines      120316   118546     -1770     
===========================================
- Hits        94511     8044    -86467     
- Misses      25805   110502    +84697     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[ZStriker19]

Technically we can't rely on the _sampler always having a rate limiter in the event that customers set their own custom sampler (deprecated and is going to be removed in next major release). So we may want to try except around this and log something.

[ZStriker19]

Why do we need to disable compute stats?

[gnufede]

Well, it's part of the RFC. I think because we're disabling "APM" features basically