[Discussion] Enable the ability to filter attributes for use with third party libraries

[wildefires]

Problem Statement

I'm attempting to use the otelredis package to trace our redis connections with OTel. There's a security issue with this in the general case where it probably shouldn't set a specific attribute so long as it has sensitive information.

I'd like to be able to apply some sort of filterer to the Tracer and/or Span to prevent this attribute from ever being saved. In the general case, this could be used to prevent the accidental addition of other sensitive attributes, e.g. password by the end users.

I attempted to implement this in my service with the existing code with a wrapper around the Tracer Provider, Tracer, and Span, but was unable to figure out a clever way to do this, aside from overriding the AddAtributes call (especially because the SpanStartOption interface requires an unexported func on the struct, so I couldn't create my own StartSpanOption-compliant struct)

For this specific issue I've put up a PR on the third party library, but there's chance that this would be impossible/more difficult with other third party libraries.

Proposed Solution

TBD pending discussion - maybe an AttributeFilter exported interface that can hook in at attribute creation / span export time?

[MrAlias]

Please take a look at this discussion

[wildefires]

Please take a look at this discussion

Perfect, thank you!

[MrAlias]

Please take a look at this discussion

Perfect, thank you!

👍