v1.6.0

This version brings several improvements and fixes. Please review the breaking changes and updates below to ensure a smooth upgrade.

⚠️ Breaking Changes ⚠️

• Datadog Variable: The default format for datadog_trace_id and datadog_span_id has changed from 64-bit decimal to 128-bit hexadecimal. This may affect integrations relying on the previous format, please use datadog_trace_id_64bits_base10 and datadog_span_id_64bits_base10 to keep the old behaviour. See PR #180

New Features

• feature: datadog_* directives now resolves $-variables, enabling dynamic service name configuration based on ingress rules for example. PR #177

• feature: block based on response status or headers PR #171 by @cataphract
• feature: support for inferred services. PR #178 by @dmehala
• feature: otel drop in support. PR #182 by @dmehala
• feature: allow overriding default tags. PR #183 by @dmehala

What's Changed

• deprecated: sampling delegation is now deprecated. PR #179 by @dmehala.
• dependencies: upgraded libddwaf to 1.24.0 PR #175 by @cataphract
• updates: appsec rules updated to v1.14.2 PR #190 by @dmehala

New Contributors

• @agjmills made their first contribution in #186

Full Changelog: v1.5.0...v1.6.0

v1.5.0

What's Changed

• Add openresty support by @dubloom in #145
• Fix stall upon auth phase subrequest by @cataphract in #154
• chore: update appsec rules to 1.13.3 by @dmehala in #159
• feat: support unified service tagging directive in server block by @dmehala in #153
• fix: apply sampling rules on resources correctly by @dmehala in #157
• feat(ingress-nginx): avoid reporting health check by @dmehala in #158
• Bump version to 1.5.0, update waf and rules by @cataphract in #161
• chore(ingress-nginx): add support for v1.11.3 and v1.12.0 by @dmehala in #165

Full Changelog: v1.4.0...v1.5.0

v1.4.0

What's Changed

• refactor!: remove use of proxy directives in span resource names by @dmehala in #115
• feat: add datadog_tracing directive by @dubloom in #134
• feat: Support WAF address for request body by @cataphract in #137
• build: support ingress-nginx by @dmehala in #128
• Build ingress-nginx for WAF and arm64 by @cataphract in #138
• Bridge more musl/glibc diffs in aarch64 by @cataphract in #140

Full Changelog: v1.3.1...v1.4.0

v1.3.1

This release includes a quick fix to prevent unnecessary error logging for requests that lack tracing context.

What's Changed

• chore: avoid logging an error for requests without tracing context by @dmehala in #117

New Contributors

• @pablomartinezbernardo made their first contribution in #110

Full Changelog: v1.3.0...v1.3.1

v1.3.0

We are excited to announce the relesae of nginx-datadog v1.3.0. This version brings several improvements, important fixes, and introduces remote configuration support for Application Security (AppSec). Please review the breaking changes and updates below to ensure a smooth upgrade.

Known Issues

• Unexpected logs: Logs may be generated when there is no tracing context available. The frequency of these logs depends on how often the server initiates traces. Please upgrade to v1.3.1.

⚠️ Breaking Changes ⚠️

As of PR #101, trace-log correlation is no longer supported out-of-the-box.
Users who rely on this functionality must now manually configure a custom log format to include trace and span IDs in the logs. Here's an example configuration:

Plaintext format:

log_format datadog_text '$remote_addr - $http_x_forwarded_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" "$http_x_forwarded_for" "$datadog_trace_id" "$datadog_span_id"';

JSON format:

log_format datadog_json escape=json '{"remote_addr": "$remote_addr", "forwarded_user": "$http_x_forwarded_user", "time_local": "$time_local", "request": "$request", "status": $status, "body_bytes_sent": $body_bytes_sent, "referer": "$http_referer", "user_agent": "$http_user_agent", "forwarded_for": "$http_x_forwarded_for", "dd.trace_id": "$datadog_trace_id", "dd.span_id": "$datadog_span_id"}';

Ensure that the custom log format is defined in your NGINX configuration file. For more details, you can view an example in our repository

New Features

• feature: Add trace and span IDs 128-bit hexadecimal representation by @dmehala in #103. Please use$datadog_trace_id_hex and $datadog_parent_id_hex variables.
• feature: Added remote configuration support for AppSec by @cataphract in #71

What's Changed

• fix: Resolved an issue with Datadog script execution by @dmehala in #95
• improvements: Improved logging to include module information by @dmehala in #96
• build: bump dd-trace-cpp from v0.2.2 to v1.0.0 by @dmehala in #111

New Contributors

• @HadrienPatte made their first contribution in #99
• @Anilm3 made their first contribution in #105
• @smola made their first contribution in #108

Full Changelog: v1.2.1...v1.3.0

v1.2.1

What's Changed

• fix: propagation header value adding up by @dmehala in #88
• deps: upgrade dd-trace-cpp to v0.2.2 containing several important security fixes.

New Contributors

• @cbeauchesne made their first contribution in #84
• @bm1549 made their first contribution in #89

Full Changelog: v1.2.0...v1.2.1

v1.2.0

What's Changed

• AppSec support (separate builds; see below) without Remote Configuration (#65). See details on how to enable.
• New header injection mechanism (#79)
• Upgrade to [email protected]

Full Changelog: v1.1.0...v1.2.0

Release Artifacts

The artifact names have changed: they are now two (with and without AppSec) binaries per architecture and nginx version; no longer are there any image specific builds. The binaries work on both glibc and musl. More information on the README

Additionally, the debug (dwarf) data of the provided binaries is now published in separate artifacts.

Finally, the signatures on this release are made with a different key: 5D98E7264E3F3D89463B314B12229434A9F003C9.

v1.1.0

What's Changed

• Upgrade to [email protected]
  • APM Remote Configuration.
  • Report more telemetry data.

Known Incompatibilities

• OpenResty is not supported.

Release Artifacts

Each .tgz file contains the Datadog nginx module ngx_http_datadog_module.so.
The builds are for the x86_64 (amd64) and ARM64 (arm64) architecture.

• nginx_1.18.0-alpine-[...].tgz is compatible with nginx:1.18.0-alpine.
• nginx_1.19.1-[...].tgz is compatible with nginx:1.19.1.
• amazonlinux_2.0.20220121.0-[...].tgz is compatible with amazonlinux:2.0.20220121.0
• etc.

Full Changelog: v1.0.5...v1.1.0

v1.0.5

Changes

• NGINX 1.25.3 and 1.25.4 are now supported.
• A newer snapshot of dd-trace-cpp is now used.

Known Incompatibilities

• OpenResty is not supported.

Release Artifacts

Each .tgz file contains the Datadog nginx module ngx_http_datadog_module.so.
The builds are for the x86_64 (amd64) and ARM64 (arm64) architecture.

• nginx_1.18.0-alpine-[...].tgz is compatible with nginx:1.18.0-alpine.
• nginx_1.19.1-[...].tgz is compatible with nginx:1.19.1.
• amazonlinux_2.0.20220121.0-[...].tgz is compatible with amazonlinux:2.0.20220121.0
• etc.

v1.0.4

Platforms

• We now produce modules for arm64.

Behavior Changes

• Use [email protected]

Known Incompatibilities

• OpenResty is not supported.

Release Artifacts

Each .tgz file contains the Datadog nginx module ngx_http_datadog_module.so.
The builds are for the x86_64 and arm64 architecture.

• nginx_1.18.0-alpine-[...].tgz is compatible with nginx:1.18.0-alpine.
• nginx_1.19.1-[...].tgz is compatible with nginx:1.19.1.
• amazonlinux_2.0.20220121.0-[...].tgz is compatible with amazonlinux:2.0.20220121.0
• etc.