UNPKG

autotel

Version:

Write Once, Observe Anywhere

github.com/jagreehal/autotel

jagreehal/autotel

76 lines (54 loc) 4.64 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
# OpenTelemetry code review checklist Run through this list when adding observability to a new service or auditing an existing one. ## Setup - [ ] **Service name set.** `service.name` resource attribute is unique per deployable unit (not just `"app"`). - [ ] **OTLP endpoint configured** via `OTLP_ENDPOINT` env var. Don't hard-code per-vendor URLs. - [ ] **No global SDK init in handlers.** Init runs once at module load (Next.js `instrumentation.ts`, Workers top of module, Node `--require`). - [ ] **Production redaction on.** `attributeRedactor: 'default'` (or `'strict'` / `'pci-dss'`) — autotel turns it on automatically when `NODE_ENV === 'production'`. - [ ] **Sampling configured.** Don't ship 100% in production unless volume is genuinely tiny. `sampling.rates: { server: 25 }` is a reasonable starting point. ## Spans - [ ] **One wide span per logical unit of work.** Avoid hundreds of trivial spans. - [ ] **Span names are low-cardinality.** `/users/:id`, not `/users/123`. Use `SpanNameNormalizingProcessor` if necessary. - [ ] **No raw bodies in attributes.** Pick fields explicitly: `{ user: { id, plan } }` not `{ user: requestBody }`. - [ ] **Status is set on errors.** `createStructuredError` does it; manual throws should set `span.status = ERROR`. - [ ] **Context propagation works end-to-end.** W3C `traceparent` headers on outbound requests (autotel's global fetch instrumentation handles this). - [ ] **Cross-service propagation works.** Browser → server, server → service, server → queue worker. ## Cloudflare Workers - [ ] **`defineWorkerFetch` (or `wrapModule`).** Async drains drop silently if `ctx.waitUntil` isn't wired. - [ ] **No SDK calls inside `addEventListener`.** Use the module worker style. - [ ] **Bindings instrumented.** `instrumentBindings: true` to get spans for KV / R2 / D1 / Service Bindings. - [ ] **Durable Objects wrapped.** `wrapDurableObject` for transactional state. ## Logs (structured events) - [ ] **`useLogger().set({ … })` instead of `console.log`.** Logger fields land on the active span automatically. - [ ] **No PII in attributes** (or rely on redactor). Don't log raw email / cards / phones / JWTs. - [ ] **Group fields with objects.** `{ user: { id, plan } }`, not flat `userId` / `userPlan`. - [ ] **Decisions captured.** Which branch, which fallback, which feature flag — not just inputs. - [ ] **Background work uses `log.fork()`** — gets its own span and `_parentCorrelationId` for correlation. ## Errors - [ ] **`createStructuredError({ message, status, why, fix })`.** No bare `new Error('…')`. - [ ] **`parseError()` at HTTP boundaries.** `internal` is stripped; clients only see safe fields. - [ ] **Validation errors include `details`.** Per-field problems for the client to render. - [ ] **No double-logging.** Don't `console.error(e); throw e`; the span will pick it up. ## Metrics - [ ] **Use OTel meter API**, not service-specific clients. - [ ] **Counters for events, histograms for durations, gauges for snapshots** — match the right type. - [ ] **Bounded label cardinality.** Don't put `userId` on a metric label. ## AI / LLM - [ ] **`withAiTelemetry()` from `autotel-edge`.** Captures `gen_ai.*` semantic attributes automatically. - [ ] **No bespoke `ai.tokens` attributes.** Use `gen_ai.usage.input_tokens`, etc. - [ ] **Cost tracking via the `cost` option** — outputs `gen_ai.cost.usd` on the span. - [ ] **Tool-call spans enabled.** `experimental_telemetry: { isEnabled: true }`. ## Testing - [ ] **`InMemorySpanExporter` in unit tests.** Assert spans + attributes. - [ ] **`autotel-vitest` matchers** (`toContainSpan`, `withSpans()`). - [ ] **One e2e smoke test against a real OTLP backend.** `pnpm test:e2e` template ships in `packages/autotel/test/e2e/`. - [ ] **Bundle-size baseline.** `pnpm bundle-size` runs on PRs; commit the baseline only on intentional growth. ## Pipeline / processors - [ ] **One source of composition.** `composeSpanProcessors` / `composeSubscribers` / `composePostProcessors` over hand-rolled tee logic. - [ ] **Tail sampling for noisy services.** Keep errors + slow + a sampled %. - [ ] **Filter health checks.** `FilteringSpanProcessor({ exclude: ['/healthz', '/ready'] })`. - [ ] **Baggage for cross-cutting context.** `BaggageSpanProcessor` lifts `feature_flags`, `tenant`, etc. onto every span automatically. ## Secrets - [ ] **No exporter tokens in client bundles.** Server-only env vars. - [ ] **No span attributes containing secrets.** Even with redaction on, prefer not to capture them at all. - [ ] **CI runs e2e with secret-protected workflow** (label `e2e`, never on fork PRs).