Update the TraceState key validations to more closely match the w3c spec

[jkwatson]

Resolves #1027

[codecov]

Codecov Report

Merging #1561 into master will increase coverage by 0.06%.
The diff coverage is 88.88%.

@@             Coverage Diff              @@
##             master    #1561      +/-   ##
============================================
+ Coverage     86.71%   86.78%   +0.06%     
- Complexity     1394     1401       +7     
============================================
  Files           162      162              
  Lines          5353     5365      +12     
  Branches        513      519       +6     
============================================
+ Hits           4642     4656      +14     
+ Misses          525      524       -1     
+ Partials        186      185       -1     

Impacted Files	Coverage Δ	Complexity Δ
...c/main/java/io/opentelemetry/trace/TraceState.java	89.18% <88.88%> (+2.09%)	37.00 <23.00> (+7.00)
...try/sdk/metrics/aggregator/LongMinMaxSumCount.java	100.00% <0.00%> (+3.92%)	6.00% <0.00%> (ø%)

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 3a8ed95...585922d. Read the comment docs.

[anuraaga]

I'm having trouble grokking this code.

[anuraaga]

Sorry accidentally hit Add single comment, continuing below

[anuraaga]

Instead of having atPosition is it ok to do something like this in this branch?

// remaining is vendor id, must be 13 characters or less
if (key.length() - i > 13) {
  return false;
}

[anuraaga]

I may just be misgrokking, but isn't atPosition 0 for most of the loop rather than the actual atPosition? If my reading is right, my above suggestion would probably solve it but it also means there's a unit test missing for the current buggy state.

[thisthat]

atSeenCount is incremented only when atPosition changes to i. This way, this if is checked only for atPosition > 0.

[anuraaga]

Yeah but atPosition is declared inside the loop, which I think is the original bug. So except for when key[i] == '@', atPosition == 0 for the remainder of the loop since it's initialized to 0. Sorry if I'm missing it though I've tried to stare long and this is what I came up with.

[thisthat]

Oh! You are totally right! I miss that bit! We are indeed missing a test here!

[jkwatson]

I'm not following the problem. Can you give me a key that we're not handling correctly, so I can add a unit test for the issue?

[jkwatson]

Note, I'm rewriting this chunk of code to make it clearer. But, having an example key that we're not handling correctly would be very useful (because I don't see the issue).

[jkwatson]

I've pushed the rewrite. Let me know if that helps at all with understanding what's going on in here.

And, please give me a concrete key example case we're not handling correctly if there is one. :)

[anuraaga]

I'm pretty sure 12345678901234567890@nr is valid but fails when I added this to your branch. Basically any time the tenant id is longer than 13 characters, since the current logic is resetting the atPosition to the beinning of the string.

My suggestion of not bothering with atPosition still stands :)

  @Test
  void testValidLongVendorKey() {
    TraceState result = EMPTY.toBuilder().set("12345678901234567890@nr", FIRST_VALUE).build();
    assertThat(result.get("12345678901234567890@nr")).isEqualTo(FIRST_VALUE);
  }

[jkwatson]

doh! I know you said it like 5 times, but I totally missed that we were resetting the atPosition inside the loop. 🤦

[jkwatson]

fixed and pushed.

[anuraaga]

Also, guess we should avoid unicode comparisons like this and stick with simple ones we implement

[jkwatson]

that's fair. I'll extract the digit logic into a separate method and us that.

[jkwatson]

done

[anuraaga]

Thanks!

[Oberon00]

I think we should revert this change. We should follow the "be liberal in what you accept" guideline here, otherwise any deployed opentelemetry-java SDK will break tracestate entries that make use of the relaxed grammar in the current draft spec (once it graduates from being a draft).

[jkwatson]

I think we should revert this change. We should follow the "be liberal in what you accept" guideline here, otherwise any deployed opentelemetry-java SDK will break tracestate entries that make use of the relaxed grammar in the current draft spec (once it graduates from being a draft).

If we want to truly "be liberal in what we accept", we should drop all validations of the trace state entries and just pass them through un-molested. See this issue: #876