fix(py): implement SigV4 signing for AWS X-Ray OTLP exporter

[yesudeep]

The AwsXRayOtlpExporter was not signing requests with AWS SigV4, which would cause authentication failures when sending traces to AWS X-Ray endpoints without a collector.

This PR implements proper SigV4 signing logic:

• Adds SigV4SigningAdapter that intercepts HTTP requests and signs them with AWS SigV4 authentication using botocore
• Creates _create_sigv4_session() helper that builds a requests Session with the signing adapter mounted for HTTPS
• Passes the signing session to OTLPSpanExporter so all requests are automatically signed
• Removes the unused _sign_request() method

Tests added to verify:

• SigV4SigningAdapter initialization and signing
• Session creation with adapter mounting
• Exporter session configuration verification

This fixes the issue reported in PR #4390 code review.

[gemini-code-assist]

Summary of Changes

Hello @yesudeep, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request addresses a critical authentication gap in the AWS X-Ray OTLP exporter. Previously, the exporter failed to sign requests with AWS SigV4, leading to authentication errors when traces were sent directly to X-Ray. The changes introduce a robust mechanism using a custom requests HTTP adapter to automatically sign all outgoing OTLP requests, ensuring seamless and secure trace submission to AWS X-Ray.

Highlights

• SigV4 Signing Implementation: The AwsXRayOtlpExporter now correctly signs HTTP requests using AWS SigV4 authentication, resolving issues when sending traces directly to AWS X-Ray endpoints without a collector.
• New SigV4SigningAdapter: A custom SigV4SigningAdapter (inheriting from requests.adapters.HTTPAdapter) has been introduced to intercept and apply SigV4 signatures to outgoing HTTP requests.
• Session Management: A helper function, _create_sigv4_session, was added to construct a requests.Session instance with the SigV4SigningAdapter mounted for HTTPS traffic, including retry logic.
• Exporter Integration: The AwsXRayOtlpExporter now utilizes this SigV4-enabled requests.Session for its underlying OTLPSpanExporter, ensuring all trace exports are properly authenticated.
• Code Refinement and Testing: The unused _sign_request method has been removed, and comprehensive unit tests have been added for the SigV4SigningAdapter and _create_sigv4_session to validate their functionality.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request effectively implements AWS SigV4 signing for the X-Ray OTLP exporter, which is a crucial fix for direct-to-endpoint tracing without a collector. The approach of using a custom requests.HTTPAdapter is clean and well-integrated with the existing OTLPSpanExporter. The new SigV4SigningAdapter and _create_sigv4_session helper are well-designed and documented. The accompanying tests are comprehensive, covering initialization, signing logic, and session creation, which provides good confidence in the change. I have one minor suggestion regarding import style in the test file to align with PEP 8 conventions. Overall, this is an excellent contribution that significantly improves the AWS telemetry plugin.