Remove deprecated items from the agent (#544)

* 481 removed httpResponseCode and updated tests
to http.statusCode

* 479 removed whitelist and blacklist

* 480 removed deprecated disable_active_record_4
and disable_active_record_5

* removing bundled certs WIP

* updated test for cert_file_path

* removed deprecated option from notice_error

* removed deprecated option from notice error

* removed deprecated methods and tests for them

* removed test for removed deprecated option

* added changelog messages for each item removed

* fix formatting for changelog

* removed test for removed deprecated option
trace_only

* added info log on system certs

* fix changelog entry

Co-authored-by: Michael Lang <mlang@newrelic.com>

CHANGELOG.md

@@ -1,14 +1,42 @@
 # New Relic Ruby Agent Release Notes #
 
-  ## v7.0.0
 
+  ## 7.0.0
+
+  * **Removed Symantec cert bundle**
+
+    The agent will no longer ship this bundle and will rely on system certs. 
+
+  * **Removed deprecated config options**
+
+    The following config options were previously deprecated and are no longer available
+    - `disable_active_record_4`
+    - `disable_active_record_5`
+    - `autostart.blacklisted_constants`
+    - `autostart.blacklisted_executables`
+    - `autostart.blacklisted_rake_tasks`
+    - `strip_exception_messages.whitelist`
+
+  * **Removed deprecated attribute**
+
+    The attribute `httpResponseCode` was previously deprecated and replaced with `http.statusCode`. This deprecated attribute has now been removed.
+
+  * **Removed deprecated option in notice_error**
+
+    Previously, the `:trace_only` option to NewRelic::Agent.notice_error was deprecated and replaced with `:expected`. This deprecated option has been removed.
+
+  * **Removed deprecated api methods**
+
+    Previously the api methods `create_distributed_trace_payload` and `accept_distributed_trace_payload` were deprecated. These have now been removed. Instead, please see `insert_distributed_trace_headers` and `accept_distributed_trace_headers`, respectively.
+
   * **Bugfix: Prevent browser monitoring middleware from installing to middleware multiple times**
 
     In rare cases on jRuby, the BrowserMonitoring middleware could attempt to install itself
     multiple times at start up.  This bug fix addresses that by using a mutex to introduce
     thread safety to the operation.  Sintra in particular can have this race condition because
     its middleware stack is not installed until the first request is received.
 
+
   ## v6.15.0
 
   * **Official Ruby 3.0 support**

lib/new_relic/agent.rb

@@ -283,12 +283,6 @@ def ignore_error_filter(&block)
     def notice_error(exception, options={})
       record_api_supportability_metric(:notice_error)
 
-      if options.has_key?(:trace_only)
-        NewRelic::Agent.logger.log_once(:warn, :trace_only_deprecated,
-          'Passing the :trace_only option to NewRelic::Agent.notice_error is deprecated. Please use :expected instead.')
-        options[:expected] = options.delete(:trace_only)
-      end
-
       Transaction.notice_error(exception, options)
       nil # don't return a noticed error datastructure. it can only hurt.
     end

lib/new_relic/agent/autostart.rb

@@ -32,8 +32,7 @@ def agent_should_start?
       COMMA = ",".freeze
 
       def denylisted_constants?
-        # For backwards compatibility until :'autostart_blacklisted_constants' config option is removed
-        constants = NewRelic::Agent.config[:'autostart.denylisted_constants'] << COMMA << NewRelic::Agent.config[:'autostart.blacklisted_constants']
+        constants = NewRelic::Agent.config[:'autostart.denylisted_constants']
 
         denylisted?(constants) do |name|
           constant_is_defined?(name)

lib/new_relic/agent/configuration/default_source.rb

@@ -447,55 +447,22 @@ def self.enforce_fallback(allowed_values: nil, fallback: nil)
           :allowed_from_server => false,
           :description => 'Autodetected application framework used to enable framework-specific functionality.'
         },
-        :'autostart.blacklisted_constants' => {
-          :default => 'Rails::Console',
-          :public => true,
-          :type => String,
-          :allowed_from_server => false,
-          :description => 'Deprecated.  ' \
-              'For agent versions 6.8.0 or higher, ' \
-              'use <a href="#autostart-denylisted_constants"><code>' \
-                'autostart.denylisted_constants' \
-              '</code></a> instead.'
-        },
         :'autostart.denylisted_constants' => {
           :default => 'Rails::Console',
           :public => true,
           :type => String,
           :allowed_from_server => false,
           :description => 'Specify a list of constants that should prevent the agent from starting automatically. Separate individual constants with a comma <code>,</code>. For example, <code>Rails::Console,UninstrumentedBackgroundJob</code>.'
         },
-        :'autostart.blacklisted_executables' => {
-          :default => 'irb,rspec',
-          :public => true,
-          :type => String,
-          :allowed_from_server => false,
-          :description => 'Deprecated.  ' \
-              'For agent versions 6.8.0 or higher, ' \
-              'use <a href="#autostart-denylisted_executables"><code>' \
-                'autostart.denylisted_executables' \
-              '</code></a> instead.'
-        },
         :'autostart.denylisted_executables' => {
-          :default => value_of(:'autostart.blacklisted_executables'),
+          :default => 'irb,rspec',
           :public => true,
           :type => String,
           :allowed_from_server => false,
           :description => 'Defines a comma-delimited list of executables that the agent should not instrument. For example, <code>rake,my_ruby_script.rb</code>.'
         },
-        :'autostart.blacklisted_rake_tasks' => {
-          :default => AUTOSTART_DENYLISTED_RAKE_TASKS,
-          :public => true,
-          :type => String,
-          :allowed_from_server => false,
-          :description => 'Deprecated.  ' \
-              'For agent versions 6.8.0 or higher, ' \
-              'use <a href="#autostart-denylisted_rake_tasks"><code>' \
-                'autostart.denylisted_rake_tasks' \
-              '</code></a> instead.'
-        },
         :'autostart.denylisted_rake_tasks' => {
-          :default => value_of(:'autostart.blacklisted_rake_tasks'),
+          :default => AUTOSTART_DENYLISTED_RAKE_TASKS,
           :public => true,
           :type => String,
           :allowed_from_server => false,
@@ -545,19 +512,6 @@ def self.enforce_fallback(allowed_values: nil, fallback: nil)
           :allowed_from_server => false,
           :description => 'If true, the agent strips messages from all exceptions except those in the <a href="#strip_exception_messages-allowlist">allowlist</a>. Enabled automatically in <a href="https://docs.newrelic.com/docs/accounts-partnerships/accounts/security/high-security">high security mode</a>.'
         },
-        :'strip_exception_messages.whitelist' => {
-          :default => '',
-          :public => true,
-          :type => String,
-          :deprecated => true,
-          :allowed_from_server => false,
-          :transform => DefaultSource.method(:convert_to_constant_list),
-          :description => 'Deprecated.  ' \
-              'For agent versions 6.8.0 or higher, ' \
-              'use <a href="#strip_exception_messages.allowed_classes"><code>' \
-                'strip_exception_messages.allowed_classes' \
-              '</code></a> instead.'
-        },
         :'strip_exception_messages.allowed_classes' => {
           :default => '',
           :public => true,
@@ -1399,32 +1353,6 @@ def self.enforce_fallback(allowed_values: nil, fallback: nil)
           :allowed_from_server => false,
           :description  => 'If <code>true</code>, the agent won\'t measure the depth of Delayed Job queues.'
         },
-        :disable_active_record_4 => {
-          :default      => false,
-          :public       => true,
-          :type         => Boolean,
-          :dynamic_name => true,
-          :allowed_from_server => false,
-          :deprecated   => true,
-          :description  => 'Deprecated.  ' \
-              'For agent versions 6.3 or higher, ' \
-              'use <a href="#disable_active_record_notifications"><code>' \
-                'disable_active_record_notifications' \
-              '</code></a> instead.'
-        },
-        :disable_active_record_5 => {
-          :default      => false,
-          :public       => true,
-          :type         => Boolean,
-          :dynamic_name => true,
-          :allowed_from_server => false,
-          :deprecated   => true,
-          :description  => 'Deprecated.  ' \
-              'For agent versions 6.3 or higher, ' \
-              'use <a href="#disable_active_record_notifications"><code>' \
-                'disable_active_record_notifications' \
-              '</code></a> instead.'
-        },
         :disable_active_record_notifications => {
           :default      => false,
           :public       => true,

lib/new_relic/agent/distributed_tracing.rb

@@ -24,72 +24,6 @@ module DistributedTracing
       extend NewRelic::SupportabilityHelper
       extend self
 
-      # Create a payload object containing the current transaction's
-      # tracing properties (e.g., duration, priority).  You can use
-      # this object to generate headers to inject into a network
-      # request, so that the downstream service can participate in a
-      # distributed trace.
-      #
-      # @return [DistributedTracePayload] Payload for the current
-      #                                   transaction, or +nil+ if we
-      #                                   could not create the payload
-      #
-      # @api public
-      #
-      # @deprecated See {#insert_distributed_trace_headers} instead.
-      #
-      def create_distributed_trace_payload
-        Deprecator.deprecate :create_distributed_trace_payload, :insert_distributed_trace_headers
-
-        unless Agent.config[:'distributed_tracing.enabled']
-          NewRelic::Agent.logger.warn "Not configured to create New Relic distributed trace payload"
-          return nil
-        end
-
-        return unless transaction = Transaction.tl_current
-        transaction.distributed_tracer.create_distributed_trace_payload
-      rescue => e
-        NewRelic::Agent.logger.error 'error during create_distributed_trace_payload', e
-        nil
-      end
-
-      # Decode a JSON string containing distributed trace properties
-      # (e.g., calling application, priority) and apply them to the
-      # current transaction.  You can use it to receive distributed
-      # tracing information protocols the agent does not already
-      # support.
-      #
-      # This method will fail if you call it after calling
-      # {#create_distributed_trace_payload}.
-      #
-      # @param payload [String] Incoming distributed trace payload,
-      #                         either as a JSON string or as a
-      #                         header-friendly string returned from
-      #                         {DistributedTracePayload#http_safe}
-      #
-      # @return nil
-      #
-      # @api public
-      #
-      # @deprecated See {#accept_distributed_trace_headers} instead
-      #
-      def accept_distributed_trace_payload payload
-        Deprecator.deprecate :accept_distributed_trace_payload, :accept_distributed_trace_headers
-
-        unless Agent.config[:'distributed_tracing.enabled']
-          NewRelic::Agent.logger.warn "Not configured to accept New Relic distributed trace payload"
-          return nil
-        end
-
-        return unless transaction = Transaction.tl_current
-        transaction.distributed_tracer.accept_distributed_trace_payload(payload)
-        nil
-      rescue => e
-        NewRelic::Agent.logger.error 'error during accept_distributed_trace_payload', e
-        nil
-      end
-
-
       # Adds the Distributed Trace headers so that the downstream service can participate in a
       # distributed trace. This method should be called every time an outbound call is made
       # since the header payload contains a timestamp.

lib/new_relic/agent/instrumentation/active_record_notifications.rb

@@ -92,22 +92,6 @@ def log(sql, name = "SQL", binds = [], type_casted_binds = [], statement_name =
       !NewRelic::Agent::Instrumentation::ActiveRecordSubscriber.subscribed?
   end
 
-
-  depends_on do
-    # If the deprecated :disable_active_record_4 setting is true, and
-    # the active record version is four, disable!
-    NewRelic::Agent.config[:disable_active_record_4] == false \
-        || ::ActiveRecord::VERSION::MAJOR.to_i != 4
-  end
-
-  depends_on do
-    # If the deprecated :disable_active_record_5 setting is true, and
-    # the active record version is five, disable!
-    NewRelic::Agent.config[:disable_active_record_5] == false \
-        || ::ActiveRecord::VERSION::MAJOR.to_i  != 5
-  end
-
-
   executes do
     ::NewRelic::Agent.logger.info 'Installing notifications based Active Record instrumentation'
   end

lib/new_relic/agent/new_relic_service.rb

@@ -41,7 +41,6 @@ def initialize(license_key=nil, collector=control.server)
         @configured_collector = collector
         @request_timeout = Agent.config[:timeout]
         @ssl_cert_store = nil
-        @use_bundled_certs = false
         @in_session = nil
         @agent_id = nil
         @shared_tcp_connection = nil
@@ -299,7 +298,7 @@ def setup_connection_for_ssl(conn)
       end
 
       def set_cert_store(conn)
-        if @use_bundled_certs || NewRelic::Agent.config[:ca_bundle_path]
+        if NewRelic::Agent.config[:ca_bundle_path]
           conn.cert_store  = ssl_cert_store
         else
           ::NewRelic::Agent.logger.debug("Using default security certificates")
@@ -348,13 +347,8 @@ def create_and_start_http_connection
         start_connection(conn)
         conn
       rescue Timeout::Error
-        if @use_bundled_certs == false
-          ::NewRelic::Agent.logger.info("Unable to connect. Falling back to bundled security certificates")
-          @use_bundled_certs = true
-          retry
-        else
-          raise
-        end
+        ::NewRelic::Agent.logger.info ("Timeout while attempting to connect. You may need to install system-level CA Certificates, as the ruby agent no longer includes these.")
+        raise
       end
 
       # The path to the certificate file used to verify the SSL
@@ -363,9 +357,6 @@ def cert_file_path
         if path_override = NewRelic::Agent.config[:ca_bundle_path]
           NewRelic::Agent.logger.warn("Couldn't find CA bundle from configured ca_bundle_path: #{path_override}") unless File.exist? path_override
           path_override
-        else
-          ::NewRelic::Agent.increment_metric("Supportability/Ruby/Certificate/BundleRequired")
-          File.expand_path(File.join(control.newrelic_root, 'cert', 'cacert.pem'))
         end
       end
 

lib/new_relic/agent/transaction.rb

@@ -571,9 +571,6 @@ def assign_agent_attributes
                                AttributeFilter::DST_ERROR_COLLECTOR
 
         if http_response_code
-          add_agent_attribute(:httpResponseCode, http_response_code.to_s, default_destinations)
-          # Sending status code as an int with http.statusCode key is correct
-          # The above attribute is deprecated and should be removed in agent version 7.0.0
           add_agent_attribute(:'http.statusCode', http_response_code, default_destinations)
         end
 

lib/new_relic/noticed_error.rb

@@ -70,11 +70,7 @@ def ==(other)
   end
 
   def self.passes_message_allowlist(exception_class)
-    # For backwards compatibility until we remove :'strip_exception_messages.whitelist' config option
-
-    allowed = NewRelic::Agent.config[:'strip_exception_messages.allowed_classes'].concat(NewRelic::Agent.config[:'strip_exception_messages.whitelist'])
-
-    allowed.any? do |klass|
+    NewRelic::Agent.config[:'strip_exception_messages.allowed_classes'].any? do |klass|
       exception_class <= klass
     end
   end

test/multiverse/suites/agent_only/agent_attributes_test.rb

@@ -13,12 +13,11 @@ def test_http_response_code_default_destinations
       txn.http_response_code = 418
     end
 
-    assert_transaction_trace_has_agent_attribute("httpResponseCode", "418")
-    assert_event_has_agent_attribute("httpResponseCode", "418")
+    assert_transaction_trace_has_agent_attribute("http.statusCode", 418)
     assert_event_has_agent_attribute("http.statusCode", 418)
-    assert_error_has_agent_attribute("httpResponseCode", "418")
+    assert_error_has_agent_attribute("http.statusCode", 418)
 
-    refute_browser_monitoring_has_agent_attribute("httpResponseCode")
+    refute_browser_monitoring_has_agent_attribute("http.statusCode")
   end
 
   def test_response_content_type_default_destinations
@@ -277,15 +276,15 @@ def test_request_uri_can_be_disabled_by_global_attributes_config
   end
 
   def test_http_response_code_excluded_in_txn_events_when_disabled
-    with_config(:'transaction_events.attributes.exclude' => 'httpResponseCode') do
+    with_config(:'transaction_events.attributes.exclude' => 'http.statusCode') do
       in_web_transaction do |txn|
         txn.http_response_code = 200
       end
     end
 
     run_harvest
 
-    refute_event_has_attribute('httpResponseCode')
+    refute_event_has_attribute('http.statusCode')
   end
 
   def test_host_display_name_included_when_enabled_and_set

test/multiverse/suites/high_security/high_security_test.rb

@@ -171,7 +171,7 @@ def test_doesnt_block_agent_attributes_to_transaction_traces
 
     run_harvest
 
-    expected = { "httpResponseCode" => "200", "http.statusCode" => 200 }
+    expected = { "http.statusCode" => 200 }
     assert_equal expected, single_transaction_trace_posted.agent_attributes
   end
 
@@ -185,7 +185,7 @@ def test_doesnt_block_agent_attributes_to_errors
 
     run_harvest
 
-    expected = { "httpResponseCode" => "500", "http.statusCode" => 500 }
+    expected = {"http.statusCode" => 500 }
     assert_equal expected, single_error_posted.agent_attributes
   end