Merge pull request #1571 from CMSgov/QPPA-10859-install-datadog

QPPA-10859: Install Datadog for initial testing

Author: john-manack

.env

@@ -56,3 +56,11 @@ STRICT_EXTENSION=
 
 #Override for the default CPC+ contact email address
 CPC_PLUS_CONTACT_EMAIL=
+
+# Basic Datadog Configuration
+DD_API_KEY=
+DD_ENV=
+DD_SERVICE=
+DD_VERSION=
+DD_AGENT_HOST=
+DD_TRACE_AGENT_PORT=

README.md

@@ -133,6 +133,41 @@ cp newrelic-latest/newrelic/newrelic.jar tools/docker/docker-artifacts/newrelic/
 docker-compose -f ./docker-compose.test.yaml up --build
 ```
 
+### Updating the Datadog Java Agent
+
+**Step 1**: Check the Current Datadog Agent Version in Datadog dashboard
+
+* APM > Services or Infrastructure section
+
+**Step 2**: Download the Latest Datadog Java Agent
+
+```bash
+# Download the latest Datadog Java agent
+curl -Lo dd-java-agent.jar 'https://dtdg.co/latest-java-tracer'
+```
+
+**Step 3**: Replace the Existing Files
+
+```bash
+# Place the Datadog agent in the docker artifacts directory
+cp dd-java-agent.jar tools/docker/docker-artifacts/datadog/
+
+# Verify the file placement
+ls -la tools/docker/docker-artifacts/datadog/dd-java-agent.jar
+```
+
+**Step 4**: Restart the Application and Verify in Datadog
+
+```bash
+# Rebuild and restart the application
+docker-compose -f ./docker-compose.test.yaml up --build
+```
+
+**Step 5**: Deploy and Confirm Agent Status in Datadog Dashboard
+
+* APM > Services or Infrastructure section for version
+* APM > Services > qpp-conversion-tool for trace data
+
 ### Command Line
 
 For the examples below, make sure you're in the `qpp-conversion-tool` directory.

rest-api/pom.xml

@@ -33,7 +33,7 @@
 
         <!-- For documentation only; actual coordination is done by the BOMs below -->
         <spring-framework.version>6.2.11</spring-framework.version>
-        <tomcat.version>10.1.44</tomcat.version>
+        <tomcat.version>10.1.45</tomcat.version>
 
         <!-- Test stack kept explicit so CI is deterministic across JDK updates -->
         <junit.jupiter.version>5.10.3</junit.jupiter.version>
@@ -204,17 +204,17 @@
             <dependency>
                 <groupId>org.apache.tomcat.embed</groupId>
                 <artifactId>tomcat-embed-core</artifactId>
-                <version>10.1.44</version>
+                <version>10.1.45</version>
             </dependency>
             <dependency>
                 <groupId>org.apache.tomcat.embed</groupId>
                 <artifactId>tomcat-embed-el</artifactId>
-                <version>10.1.44</version>
+                <version>10.1.45</version>
             </dependency>
             <dependency>
                 <groupId>org.apache.tomcat.embed</groupId>
                 <artifactId>tomcat-embed-websocket</artifactId>
-                <version>10.1.44</version>
+                <version>10.1.45</version>
             </dependency>
 
             <dependency>

rest-api/src/main/resources/application.properties

@@ -8,3 +8,6 @@ server.port=8443
 server.ssl.key-store-type=PKCS12
 #logging.level.org.springframework.security=DEBUG
 #org.springframework.security.config.annotation.web.builders.WebSecurity.debugEnabled=true
+logging.pattern.console=%d{yyyy-MM-dd HH:mm:ss} - %msg%n
+logging.level.datadog.trace=INFO
+logging.level.com.datadoghq=INFO

tools/docker/docker-artifacts/datadog/dd-java-agent.jar

@@ -1,5 +1,40 @@
 #!/bin/bash
 
-sed -i -e "s/NEWRELIC_API_KEY/$NEWRELIC_API_KEY/g" ./newrelic/newrelic.yml
-sed -i -e "s/APP_ENV/$APP_ENV/g" ./newrelic/newrelic.yml
-exec java $JAVA_OPTS -javaagent:./newrelic/newrelic.jar -jar ./rest-api.jar
+# Configure New Relic
+if [ ! -z "$NEWRELIC_API_KEY" ]; then
+    sed -i -e "s/NEWRELIC_API_KEY/$NEWRELIC_API_KEY/g" ./newrelic/newrelic.yml
+    sed -i -e "s/APP_ENV/$APP_ENV/g" ./newrelic/newrelic.yml
+    NEW_RELIC_AGENT="-javaagent:./newrelic/newrelic.jar"
+fi
+
+# Datadog configuration with New Relic feature parity
+if [ ! -z "$DD_API_KEY" ]; then
+    DATADOG_AGENT="-javaagent:./datadog/dd-java-agent.jar"
+    # Tracing: enabled with 100% sampling and analytics
+    # Profiling: continuous profiling and traceId log injection for correlation
+    # HTTP monitoring: error status definitions for server/client
+    # JMX metrics: enabled for application monitoring
+    # Method tracing: auto-trace Spring web controllers
+    # Security: disable principal collection, enable obfuscation
+    # Performance: exclude query strings, set async timeout
+    DATADOG_OPTS="-Ddd.service.name=${DD_SERVICE:-qpp-conversion-tool} \
+        -Ddd.env=${APP_ENV:-test} \
+        -Ddd.version=${DD_VERSION:-unknown} \
+        -Ddd.trace.enabled=true \
+        -Ddd.trace.sample.rate=1.0 \
+        -Ddd.trace.analytics.enabled=true \
+        -Ddd.profiling.enabled=true \
+        -Ddd.logs.injection=true \
+        -Ddd.trace.http.server.error.statuses=500-599 \
+        -Ddd.trace.http.client.error.statuses=500-599 \
+        -Ddd.jmxfetch.enabled=true \
+        -Ddd.trace.methods=org.springframework.web.bind.annotation.*[*] \
+        -Ddd.trace.servlet.principal.enabled=false \
+        -Ddd.trace.obfuscation.enabled=true \
+        -Ddd.trace.http.client.tag.query-string=false \
+        -Ddd.trace.servlet.async-timeout=30000"
+fi
+
+# Start application with both agents during transition
+exec java $JAVA_OPTS $NEW_RELIC_AGENT $DATADOG_AGENT $DATADOG_OPTS \
+    -jar ./rest-api.jar