lmolkova · April 30, 2025 16:23
diff --git a/http_live_check.rego b/http_live_check.rego
 package live_check_advice

 import rego.v1

 required_attributes := [
    "http.request.method",
    "server.address",
    "server.port",
    "url.full",
 ]

 recommended_attributes := [
    "network.peer.address",
    "network.peer.port",
    "network.protocol.version"
 ]

 # no duplicated attribute keys
 deny contains http_client_span_violation(advice_type, advice_level, value, message) if {
    input.span

    attribute_name := input.span.attributes[_].name

    collisions := [ attr.name |
        attr := input.span.attributes[_]
        attr.name == attribute_name
    ]
    count(collisions) > 1

    advice_type := "duplicate_attributes"
    advice_level := "violation"
    value := attribute_name
    message := "Span contains multiple attributes with the same name."
 }

 # required attributes are mandatory for all HTTP client spans
 deny contains http_client_span_violation("required_attribute_missing", "violation", attribute_name, "HTTP client span MUST include all required attributes.") if {
    input.span
    input.span.kind == "client"

    attribute_name := required_attributes[_]
    get_attribute_value(input.span.attributes, attribute_name) == null
 }

 # recommended attributes are present on all HTTP client spans
 deny contains http_client_span_violation("recommended_attribute_missing", "improvement", attribute_name, "HTTP client span SHOULD include all recommended attributes.") if {
    input.span
    input.span.kind == "client"

    attribute_name := recommended_attributes[_]
    get_attribute_value(input.span.attributes, attribute_name) == null
 }

 # span name check
 deny contains http_client_span_violation(advice_type, advice_level, value, message) if {
    input.span
    input.span.kind == "client"
    method := get_attribute_value(input.span.attributes, "http.request.method")

    input.span.name != method

    advice_type := "span_name_invalid"
    advice_level := "violation"
    value := get_attribute_value(input.span.attributes, "http.request.method")
    message := "HTTP client span name should be equal to the HTTP method"
 }

 # Conditionally required attributes:
 # 1. status code must be set if there is no error.type
 deny contains http_client_span_violation(advice_type, advice_level, value, message) if {
    input.span
    input.span.kind == "client"
    error_type := get_attribute_value(input.span.attributes, "error.type")
    error_type == null

    http_response_status_code := get_attribute_value(input.span.attributes, "http.response.status_code")

    advice_type := "http_response_status_code_missing"
    advice_level := "violation"
    value := input.span
    message := "HTTP client span has neither http.response.status_code nor error.type."
 }

 # 2. network.protocol.name defaults to http
 deny contains http_client_span_violation(advice_type, advice_level, value, message) if {
    input.span
    input.span.kind == "client"
    network_protocol_name := get_attribute_value(input.span.attributes, "network.protocol.name")
    network_protocol_name == "http"

    advice_type := "network_protocol_name_is_http"
    advice_level := "information"
    value := network_protocol_name
    message := "HTTP client span has `network.protocol.name` attribute value set to `http` - the default value, consider removing it."
 }

 # 3. http.request.resend_count should not be set when 0
 deny contains http_client_span_violation(advice_type, advice_level, value, message) if {
    input.span
    input.span.kind == "client"
    http_request_resend_count := get_attribute_value(input.span.attributes, "http.request.resend_count")
    http_request_resend_count == 0

    advice_type := "http_request_resend_count_zero"
    advice_level := "improvement"
    value := http_request_resend_count
    message := "HTTP client span has `http.request.resend_count` attribute value set to `0` - the default value, consider removing it."
 }

 http_client_span_violation(advice_type, advice_level, value, message) := {
    "type": "advice",
    "advice_type": advice_type,
    "advice_level": advice_level,
    "value": value,
    "message": message,
 }

 get_attribute_value(attributes, name) := value if {
    attr := attributes[_]
    attr.name == name
    value := attr["value"]
 } else = null
	package live_check_advice

	import rego.v1

	required_attributes := [
	"http.request.method",
	"server.address",
	"server.port",
	"url.full",
	]

	recommended_attributes := [
	"network.peer.address",
	"network.peer.port",
	"network.protocol.version"
	]

	# no duplicated attribute keys
	deny contains http_client_span_violation(advice_type, advice_level, value, message) if {
	input.span

	attribute_name := input.span.attributes[_].name

	collisions := [ attr.name \|
	attr := input.span.attributes[_]
	attr.name == attribute_name
	]
	count(collisions) > 1

	advice_type := "duplicate_attributes"
	advice_level := "violation"
	value := attribute_name
	message := "Span contains multiple attributes with the same name."
	}

	# required attributes are mandatory for all HTTP client spans
	deny contains http_client_span_violation("required_attribute_missing", "violation", attribute_name, "HTTP client span MUST include all required attributes.") if {
	input.span
	input.span.kind == "client"

	attribute_name := required_attributes[_]
	get_attribute_value(input.span.attributes, attribute_name) == null
	}

	# recommended attributes are present on all HTTP client spans
	deny contains http_client_span_violation("recommended_attribute_missing", "improvement", attribute_name, "HTTP client span SHOULD include all recommended attributes.") if {
	input.span
	input.span.kind == "client"

	attribute_name := recommended_attributes[_]
	get_attribute_value(input.span.attributes, attribute_name) == null
	}

	# span name check
	deny contains http_client_span_violation(advice_type, advice_level, value, message) if {
	input.span
	input.span.kind == "client"
	method := get_attribute_value(input.span.attributes, "http.request.method")

	input.span.name != method

	advice_type := "span_name_invalid"
	advice_level := "violation"
	value := get_attribute_value(input.span.attributes, "http.request.method")
	message := "HTTP client span name should be equal to the HTTP method"
	}

	# Conditionally required attributes:
	# 1. status code must be set if there is no error.type
	deny contains http_client_span_violation(advice_type, advice_level, value, message) if {
	input.span
	input.span.kind == "client"
	error_type := get_attribute_value(input.span.attributes, "error.type")
	error_type == null

	http_response_status_code := get_attribute_value(input.span.attributes, "http.response.status_code")

	advice_type := "http_response_status_code_missing"
	advice_level := "violation"
	value := input.span
	message := "HTTP client span has neither http.response.status_code nor error.type."
	}

	# 2. network.protocol.name defaults to http
	deny contains http_client_span_violation(advice_type, advice_level, value, message) if {
	input.span
	input.span.kind == "client"
	network_protocol_name := get_attribute_value(input.span.attributes, "network.protocol.name")
	network_protocol_name == "http"

	advice_type := "network_protocol_name_is_http"
	advice_level := "information"
	value := network_protocol_name
	message := "HTTP client span has `network.protocol.name` attribute value set to `http` - the default value, consider removing it."
	}

	# 3. http.request.resend_count should not be set when 0
	deny contains http_client_span_violation(advice_type, advice_level, value, message) if {
	input.span
	input.span.kind == "client"
	http_request_resend_count := get_attribute_value(input.span.attributes, "http.request.resend_count")
	http_request_resend_count == 0

	advice_type := "http_request_resend_count_zero"
	advice_level := "improvement"
	value := http_request_resend_count
	message := "HTTP client span has `http.request.resend_count` attribute value set to `0` - the default value, consider removing it."
	}

	http_client_span_violation(advice_type, advice_level, value, message) := {
	"type": "advice",
	"advice_type": advice_type,
	"advice_level": advice_level,
	"value": value,
	"message": message,
	}

	get_attribute_value(attributes, name) := value if {
	attr := attributes[_]
	attr.name == name
	value := attr["value"]
	} else = null