Files
explorer-monorepo/backend/tracing/tracer.go

90 lines
1.8 KiB
Go
Raw Normal View History

package tracing
import (
"context"
"fmt"
"time"
)
chore(ci): align Go to 1.23.x, add staticcheck/govulncheck/gitleaks gates .github/workflows/ci.yml: - Go version: 1.22 -> 1.23.4 (matches go.mod's 'go 1.23.0' declaration). - Split into four jobs with explicit names: * test-backend: go vet + go build + go test * scan-backend: staticcheck + govulncheck (installed from pinned tags) * test-frontend: npm ci + eslint + tsc --noEmit + next build * gitleaks: full-history secret scan on every PR - Branches triggered: master + main + develop (master is the repo default; the previous workflow only triggered on main/develop and would never have run on the repo's actual PRs). - actions/checkout@v4, actions/setup-go@v5, actions/setup-node@v4. - Concurrency group cancels stale runs on the same ref. - Node and Go caches enabled for faster CI. .gitleaks.toml (new): - Extends gitleaks defaults. - Custom rule 'explorer-legacy-db-password-L@ker' keeps the historical password pattern L@kers?\$?2010 wedged in the detection set even after rotation, so any re-introduction (via copy-paste from old branches, stale docs, etc.) fails CI. - Allowlists docs/SECURITY.md and CHANGELOG.md where the string is cited in rotation context. backend/staticcheck.conf (new): - Enables the full SA* correctness set. - Temporarily disables ST1000/1003/1005/1020/1021/1022, U1000, S1016, S1031. These are stylistic/cosmetic checks; the project has a long tail of pre-existing hits there that would bloat every PR. Each is commented so the disable can be reverted in a dedicated cleanup. Legit correctness issues surfaced by staticcheck and fixed in this PR: - backend/analytics/token_distribution.go: 'best-effort MV refresh' block no longer dereferences a shadowed 'err'; scope-tight 'if err :=' used for the subsequent QueryRow. - backend/api/rest/middleware.go: compressionMiddleware() was parsing Accept-Encoding and doing nothing with it. Now it's a literal pass-through with a TODO comment pointing at gorilla/handlers. - backend/api/rest/mission_control.go: shadowed 'err' from json.Unmarshal was assigned to an ignored outer binding via fmt.Errorf; replaced with a scoped 'if uerr :=' that lets the RPC fallback run as intended. - backend/indexer/traces/tracer.go: best-effort CREATE TABLE no longer discards the error implicitly. - backend/indexer/track2/block_indexer.go: 'latestBlock - uint64(i) >= 0' was a tautology on uint64. Replaced with an explicit 'if uint64(i) > latestBlock { break }' guard so operators running count=1000 against a shallow chain don't underflow. - backend/tracing/tracer.go: introduces a local ctxKey type and two constants so WithValue calls stop tripping SA1029. Verification: - go build ./... clean. - go vet ./... clean. - go test ./... all existing tests PASS. - staticcheck ./... clean except for the SA1029 hits in api/middleware/auth.go and api/track4/operator_scripts_test.go, which are resolved by PR #4 once it merges to master. Advances completion criterion 4 (CI in good health).
2026-04-18 19:10:20 +00:00
// ctxKey is an unexported type for tracer context keys so they cannot
// collide with keys installed by any other package (staticcheck SA1029).
type ctxKey string
const (
ctxKeyTraceID ctxKey = "trace_id"
ctxKeySpanID ctxKey = "span_id"
)
// Tracer provides distributed tracing
type Tracer struct {
serviceName string
}
// NewTracer creates a new tracer
func NewTracer(serviceName string) *Tracer {
return &Tracer{serviceName: serviceName}
}
// Span represents a trace span
type Span struct {
TraceID string
SpanID string
ParentID string
Name string
StartTime time.Time
EndTime time.Time
Tags map[string]string
Logs []LogEntry
}
// LogEntry represents a log entry in a span
type LogEntry struct {
Timestamp time.Time
Fields map[string]interface{}
}
// StartSpan starts a new span
func (t *Tracer) StartSpan(ctx context.Context, name string) (*Span, context.Context) {
traceID := generateID()
spanID := generateID()
span := &Span{
TraceID: traceID,
SpanID: spanID,
Name: name,
StartTime: time.Now(),
Tags: make(map[string]string),
Logs: []LogEntry{},
}
chore(ci): align Go to 1.23.x, add staticcheck/govulncheck/gitleaks gates .github/workflows/ci.yml: - Go version: 1.22 -> 1.23.4 (matches go.mod's 'go 1.23.0' declaration). - Split into four jobs with explicit names: * test-backend: go vet + go build + go test * scan-backend: staticcheck + govulncheck (installed from pinned tags) * test-frontend: npm ci + eslint + tsc --noEmit + next build * gitleaks: full-history secret scan on every PR - Branches triggered: master + main + develop (master is the repo default; the previous workflow only triggered on main/develop and would never have run on the repo's actual PRs). - actions/checkout@v4, actions/setup-go@v5, actions/setup-node@v4. - Concurrency group cancels stale runs on the same ref. - Node and Go caches enabled for faster CI. .gitleaks.toml (new): - Extends gitleaks defaults. - Custom rule 'explorer-legacy-db-password-L@ker' keeps the historical password pattern L@kers?\$?2010 wedged in the detection set even after rotation, so any re-introduction (via copy-paste from old branches, stale docs, etc.) fails CI. - Allowlists docs/SECURITY.md and CHANGELOG.md where the string is cited in rotation context. backend/staticcheck.conf (new): - Enables the full SA* correctness set. - Temporarily disables ST1000/1003/1005/1020/1021/1022, U1000, S1016, S1031. These are stylistic/cosmetic checks; the project has a long tail of pre-existing hits there that would bloat every PR. Each is commented so the disable can be reverted in a dedicated cleanup. Legit correctness issues surfaced by staticcheck and fixed in this PR: - backend/analytics/token_distribution.go: 'best-effort MV refresh' block no longer dereferences a shadowed 'err'; scope-tight 'if err :=' used for the subsequent QueryRow. - backend/api/rest/middleware.go: compressionMiddleware() was parsing Accept-Encoding and doing nothing with it. Now it's a literal pass-through with a TODO comment pointing at gorilla/handlers. - backend/api/rest/mission_control.go: shadowed 'err' from json.Unmarshal was assigned to an ignored outer binding via fmt.Errorf; replaced with a scoped 'if uerr :=' that lets the RPC fallback run as intended. - backend/indexer/traces/tracer.go: best-effort CREATE TABLE no longer discards the error implicitly. - backend/indexer/track2/block_indexer.go: 'latestBlock - uint64(i) >= 0' was a tautology on uint64. Replaced with an explicit 'if uint64(i) > latestBlock { break }' guard so operators running count=1000 against a shallow chain don't underflow. - backend/tracing/tracer.go: introduces a local ctxKey type and two constants so WithValue calls stop tripping SA1029. Verification: - go build ./... clean. - go vet ./... clean. - go test ./... all existing tests PASS. - staticcheck ./... clean except for the SA1029 hits in api/middleware/auth.go and api/track4/operator_scripts_test.go, which are resolved by PR #4 once it merges to master. Advances completion criterion 4 (CI in good health).
2026-04-18 19:10:20 +00:00
ctx = context.WithValue(ctx, ctxKeyTraceID, traceID)
ctx = context.WithValue(ctx, ctxKeySpanID, spanID)
return span, ctx
}
// Finish finishes a span
func (s *Span) Finish() {
s.EndTime = time.Now()
// In production, this would send span to tracing backend
}
// SetTag sets a tag on the span
func (s *Span) SetTag(key, value string) {
s.Tags[key] = value
}
// Log adds a log entry to the span
func (s *Span) Log(fields map[string]interface{}) {
s.Logs = append(s.Logs, LogEntry{
Timestamp: time.Now(),
Fields: fields,
})
}
// generateID generates a random ID
func generateID() string {
return fmt.Sprintf("%x", time.Now().UnixNano())
}