Hello,

Here my how-to build a custom extension in a place without internet access, which is my case:

References

• https://docs.dynatrace.com/docs/ingest-from/extensions20/extensions-concepts
• https://docs.dynatrace.com/docs/ingest-from/extensions20/sign-extension
• https://community.dynatrace.com/t5/Extensions/Dynatrace-2-0-Extension-ActivationSchema/m-p/257483
• https://developer.dynatrace.com/develop/dynatrace-extensions-vscode/guides/create_extension 
• https://dynatrace-extensions.github.io/dt-extensions-python-sdk/
• https://dynatrace-extensions.github.io/dt-extensions-python-sdk/index.html 
• https://dynatrace-extensions.github.io/dt-extensions-python-sdk/guides/extension_structure.html
• https://dynatrace-extensions.github.io/dt-extensions-python-sdk/api/extension.html 
• https://github.com/dynatrace-oss/dt-cli
• https://www.python.org/downloads/source/ 
• https://github.com/python/cpython.git
• pip install - pip documentation v25.2

Prerequisites

Python distribution

The Python version must be the same than the one used by the ActiveGates: Python 3.10.15

 ./remotepluginmodule/agent/res/dsruntime/python3.10/bin/python3 --version

Python 3.10.15

Download the required Python source from https://github.com/python/cpython.git.

Compile it:

cd cpython

./configure --prefix=<path to your new Python> \

              --with-ensurepip=install

make -j$((`nproc`+1))

make install

<path to your new Python>/bin/python3 –version

Python 3.10.15

Now we need the Python packages. Download dt-cli and dt-extensions-sdk packages (see in the ref for where to download from) to be able to build your own extension. Download extra required extensions from the pypi web site.

Move the packages in a dedicated folder on your isolated machine.

Now, install the packages:

dnf install -y rust rust-toolset rust-srpm-macros libffi-devel

export PATH="<path to your new Python>/bin:${PATH}"

cd <path to your local package repo>

pip3 install --no-index --find-links=<path to your local package repo> <package name> 

dt-sdk --help

Usage: dt-sdk [OPTIONS] COMMAND [ARGS]

...

dt --help

Usage: dt [OPTIONS] COMMAND [ARGS]...

...

Signature

Extensions require to be signed with a certificate. This certificate must be present in the cluster and in targets (ActiveGate for remote extension, OneAgent for local extension). The extension is checked against the certificate before being executed, to prevent any intrusion of malicious code.

Generation of the certificate on your development machine:

cd <path to your certificate>

dt extension genca --no-ca-passphrase

Generating CA...

Wrote CA private key: ./ca.key

Wrote CA certificate: ./ca.pem

mv ca.pem custom_extension_ca.pem

mv ./ca.key custom_extension_ca.key

dt extension generate-developer-pem -o custom_extension_developer.pem --ca-crt custom_extension_ca.pem --ca-key custom_extension_ca.key --name DXC

Loading CA private key custom_extension_ca.key

Loading CA certificate custom_extension_ca.pem

Generating developer certificate...

Wrote developer certificate: custom_extension_developer.pem

Wrote developer private key: custom_extension_developer.pem

Extension build

After developing your extension according the documentation 

https://dynatrace-extensions.github.io/dt-extensions-python-sdk/

You need to compile

export PIP_NO_INDEX=1

export PATH="<path to your new Python>/bin:${PATH}"

cd <path to your custom extension>

dt-sdk build --find-links=<path to your local package repo> --private-key  <path to your certificate>/custom_extension_developer.pem

Regards,

Gautier