From 9a8813c608a92f54be0eae0a5d5213a4666314d2 Mon Sep 17 00:00:00 2001 From: Gustavo Lopes Date: Tue, 5 Nov 2024 18:48:35 +0000 Subject: [PATCH] Address PR comments --- appsec/src/extension/commands_helpers.c | 5 +- appsec/src/extension/request_abort.c | 2 - appsec/src/helper/.clang-tidy | 13 +++++ appsec/src/helper/client.cpp | 37 +++++++------- appsec/src/helper/engine.cpp | 6 +-- appsec/src/helper/engine.hpp | 8 ++-- appsec/src/helper/metrics.cpp | 11 ----- appsec/src/helper/metrics.hpp | 28 +++++------ appsec/src/helper/network/acceptor.cpp | 1 - appsec/src/helper/network/broker.cpp | 1 - appsec/src/helper/network/proto.hpp | 6 ++- appsec/src/helper/remote_config/client.cpp | 5 +- .../helper/remote_config/client_handler.cpp | 27 ++--------- .../helper/remote_config/client_handler.hpp | 7 ++- .../listeners/engine_listener.cpp | 5 +- .../listeners/engine_listener.hpp | 8 +--- appsec/src/helper/runner.cpp | 1 - appsec/src/helper/service.cpp | 4 +- appsec/src/helper/service.hpp | 34 ++++++------- appsec/src/helper/subscriber/base.hpp | 4 +- appsec/src/helper/subscriber/waf.cpp | 39 +++++++-------- appsec/src/helper/subscriber/waf.hpp | 14 +++--- appsec/tests/helper/engine_test.cpp | 27 +++++------ .../listeners/engine_listener_test.cpp | 48 +++++++++---------- appsec/tests/helper/remote_config/mocks.hpp | 4 +- appsec/tests/helper/tel_subm_mock.hpp | 8 ++-- appsec/tests/helper/waf_test.cpp | 26 +++++----- .../src/docker/apache2-mod/Dockerfile | 4 ++ .../php/integration/TelemetryTests.groovy | 16 +------ 29 files changed, 176 insertions(+), 223 deletions(-) create mode 100644 appsec/src/helper/.clang-tidy delete mode 100644 appsec/src/helper/metrics.cpp diff --git a/appsec/src/extension/commands_helpers.c b/appsec/src/extension/commands_helpers.c index 620fb0f4d4..c63f5d97dc 100644 --- a/appsec/src/extension/commands_helpers.c +++ b/appsec/src/extension/commands_helpers.c @@ -749,10 +749,9 @@ void _handle_telemetry_metric(const char *nonnull key_str, size_t key_len, { #define HANDLE_METRIC(name, type) \ do { \ - if (key_len == sizeof(name "") - 1 && \ - memcmp(key_str, name, key_len) == 0) { \ + if (key_len == LSTRLEN(name) && memcmp(key_str, name, key_len) == 0) { \ static zend_string *_Atomic key_zstr; \ - _init_zstr(&key_zstr, name, sizeof(name) - 1); \ + _init_zstr(&key_zstr, name, LSTRLEN(name)); \ zend_string *tags_zstr = zend_string_init(tags_str, tags_len, 1); \ ddtrace_metric_register_buffer( \ key_zstr, type, DDTRACE_METRIC_NAMESPACE_APPSEC); \ diff --git a/appsec/src/extension/request_abort.c b/appsec/src/extension/request_abort.c index af1a876891..77016b3e1d 100644 --- a/appsec/src/extension/request_abort.c +++ b/appsec/src/extension/request_abort.c @@ -12,10 +12,8 @@ #include "compatibility.h" #include "configuration.h" #include "ddappsec.h" -#include "dddefs.h" #include "ddtrace.h" #include "logging.h" -#include "php_compat.h" #include "php_helpers.h" #include "php_objects.h" #include "request_abort.h" diff --git a/appsec/src/helper/.clang-tidy b/appsec/src/helper/.clang-tidy new file mode 100644 index 0000000000..de8680d420 --- /dev/null +++ b/appsec/src/helper/.clang-tidy @@ -0,0 +1,13 @@ +Checks: 'readability-identifier-naming' + +CheckOptions: + - key: readability-identifier-naming.StructCase + value: lower_case + - key: readability-identifier-naming.StructPrefix + value: '' + - key: readability-identifier-naming.ClassCase + value: lower_case + - key: readability-identifier-naming.ClassPrefix + value: '' + +InheritParentConfig: true diff --git a/appsec/src/helper/client.cpp b/appsec/src/helper/client.cpp index c2706d689c..217ed193f8 100644 --- a/appsec/src/helper/client.cpp +++ b/appsec/src/helper/client.cpp @@ -497,14 +497,14 @@ void client::run(worker::queue_consumer &q) namespace { -struct RequestMetricsSubmitter : public metrics::TelemetrySubmitter { - RequestMetricsSubmitter() = default; - ~RequestMetricsSubmitter() override = default; - RequestMetricsSubmitter(const RequestMetricsSubmitter &) = delete; - RequestMetricsSubmitter &operator=( - const RequestMetricsSubmitter &) = delete; - RequestMetricsSubmitter(RequestMetricsSubmitter &&) = delete; - RequestMetricsSubmitter &operator=(RequestMetricsSubmitter &&) = delete; +struct request_metrics_submitter : public metrics::telemetry_submitter { + request_metrics_submitter() = default; + ~request_metrics_submitter() override = default; + request_metrics_submitter(const request_metrics_submitter &) = delete; + request_metrics_submitter &operator=( + const request_metrics_submitter &) = delete; + request_metrics_submitter(request_metrics_submitter &&) = delete; + request_metrics_submitter &operator=(request_metrics_submitter &&) = delete; void submit_metric( std::string_view name, double value, std::string tags) override @@ -513,29 +513,28 @@ struct RequestMetricsSubmitter : public metrics::TelemetrySubmitter { value, tags); tel_metrics[name].emplace_back(value, tags); }; - void submit_legacy_metric(std::string_view name, double value) override + void submit_span_metric(std::string_view name, double value) override { SPDLOG_TRACE( - "submit_legacy_metric [req]: name={}, value={}", name, value); + "submit_span_metric [req]: name={}, value={}", name, value); metrics[name] = value; }; - void submit_legacy_meta(std::string_view name, std::string value) override + void submit_span_meta(std::string_view name, std::string value) override { - SPDLOG_TRACE( - "submit_legacy_meta [req]: name={}, value={}", name, value); + SPDLOG_TRACE("submit_span_meta [req]: name={}, value={}", name, value); meta[std::string{name}] = value; }; - void submit_legacy_meta_copy_key( - std::string name, std::string value) override + void submit_span_meta_copy_key(std::string name, std::string value) override { - SPDLOG_TRACE("submit_legacy_meta_copy_key [req]: name={}, value={}", - name, value); + SPDLOG_TRACE( + "submit_span_meta_copy_key [req]: name={}, value={}", name, value); meta[name] = value; } std::map meta; std::map metrics; - std::map>> + std::unordered_map>> tel_metrics; }; @@ -543,7 +542,7 @@ template void collect_metrics_impl(Response &response, service &service, std::optional &context) { - RequestMetricsSubmitter msubmitter{}; + request_metrics_submitter msubmitter{}; if (context) { context->get_metrics(msubmitter); } diff --git a/appsec/src/helper/engine.cpp b/appsec/src/helper/engine.cpp index 4d684416d8..01057df313 100644 --- a/appsec/src/helper/engine.cpp +++ b/appsec/src/helper/engine.cpp @@ -25,7 +25,7 @@ void engine::subscribe(std::unique_ptr sub) } void engine::update( - engine_ruleset &ruleset, metrics::TelemetrySubmitter &submit_metric) + engine_ruleset &ruleset, metrics::telemetry_submitter &submit_metric) { std::vector> new_subscribers; auto old_common = @@ -114,7 +114,7 @@ std::optional engine::context::publish(parameter &¶m) return res; } -void engine::context::get_metrics(metrics::TelemetrySubmitter &msubmitter) +void engine::context::get_metrics(metrics::telemetry_submitter &msubmitter) { for (const auto &[subscriber, listener] : listeners_) { listener->submit_metrics(msubmitter); @@ -123,7 +123,7 @@ void engine::context::get_metrics(metrics::TelemetrySubmitter &msubmitter) std::unique_ptr engine::from_settings( const dds::engine_settings &eng_settings, - metrics::TelemetrySubmitter &msubmitter) + metrics::telemetry_submitter &msubmitter) { auto &&rules_path = eng_settings.rules_file_or_default(); auto ruleset = engine_ruleset::from_path(rules_path); diff --git a/appsec/src/helper/engine.hpp b/appsec/src/helper/engine.hpp index e4e904de2f..dd41b4c70c 100644 --- a/appsec/src/helper/engine.hpp +++ b/appsec/src/helper/engine.hpp @@ -68,7 +68,7 @@ class engine { std::optional publish(parameter &¶m); // NOLINTNEXTLINE(google-runtime-references) - void get_metrics(metrics::TelemetrySubmitter &msubmitter); + void get_metrics(metrics::telemetry_submitter &msubmitter); protected: std::shared_ptr common_; @@ -87,7 +87,7 @@ class engine { static std::unique_ptr from_settings( const dds::engine_settings &eng_settings, - metrics::TelemetrySubmitter &msubmitter); + metrics::telemetry_submitter &msubmitter); static auto create( uint32_t trace_rate_limit = engine_settings::default_trace_rate_limit) @@ -103,7 +103,7 @@ class engine { // Should not be called concurrently but safely publishes changes to common_ // the rc client has a lock that ensures this virtual void update( - engine_ruleset &ruleset, metrics::TelemetrySubmitter &submit_metric); + engine_ruleset &ruleset, metrics::telemetry_submitter &submit_metric); protected: explicit engine(uint32_t trace_rate_limit) @@ -114,7 +114,7 @@ class engine { // should use only atomic operations (pre-c++20 // std::atomic) std::shared_ptr common_; - std::shared_ptr msubmitter_; + std::shared_ptr msubmitter_; rate_limiter limiter_; }; diff --git a/appsec/src/helper/metrics.cpp b/appsec/src/helper/metrics.cpp deleted file mode 100644 index 5fbd863862..0000000000 --- a/appsec/src/helper/metrics.cpp +++ /dev/null @@ -1,11 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are -// dual-licensed under the Apache-2.0 License or BSD-3-Clause License. -// -// This product includes software developed at Datadog -// (https://www.datadoghq.com/). Copyright 2022 Datadog, Inc. - -#include "metrics.hpp" - -namespace dds::metrics { -TelemetrySubmitter::~TelemetrySubmitter() = default; -} // namespace dds::metrics diff --git a/appsec/src/helper/metrics.hpp b/appsec/src/helper/metrics.hpp index f90820de32..662720b448 100644 --- a/appsec/src/helper/metrics.hpp +++ b/appsec/src/helper/metrics.hpp @@ -6,25 +6,28 @@ #pragma once -#include #include #include namespace dds::metrics { -struct TelemetrySubmitter { - TelemetrySubmitter() = default; - TelemetrySubmitter(const TelemetrySubmitter &) = delete; - TelemetrySubmitter &operator=(const TelemetrySubmitter &) = delete; - TelemetrySubmitter(TelemetrySubmitter &&) = delete; - TelemetrySubmitter &operator=(TelemetrySubmitter &&) = delete; +struct telemetry_submitter { + telemetry_submitter() = default; + telemetry_submitter(const telemetry_submitter &) = delete; + telemetry_submitter &operator=(const telemetry_submitter &) = delete; + telemetry_submitter(telemetry_submitter &&) = delete; + telemetry_submitter &operator=(telemetry_submitter &&) = delete; - virtual ~TelemetrySubmitter() = 0; + virtual ~telemetry_submitter() = 0; + // first arguments of type string_view should have static storage virtual void submit_metric(std::string_view, double, std::string) = 0; - virtual void submit_legacy_metric(std::string_view, double) = 0; - virtual void submit_legacy_meta(std::string_view, std::string) = 0; - virtual void submit_legacy_meta_copy_key(std::string, std::string) = 0; + virtual void submit_span_metric(std::string_view, double) = 0; + virtual void submit_span_meta(std::string_view, std::string) = 0; + void submit_span_meta(std::string, std::string) = delete; + virtual void submit_span_meta_copy_key(std::string, std::string) = 0; + void submit_span_meta_copy_key(std::string_view, std::string) = delete; }; +inline telemetry_submitter::~telemetry_submitter() = default; constexpr std::string_view waf_init = "waf.init"; constexpr std::string_view waf_updates = "waf.updates"; @@ -38,9 +41,6 @@ constexpr std::string_view waf_truncated_value_size = constexpr std::string_view waf_duration_tel = "waf.duration"; constexpr std::string_view waf_duration_ext = "waf.duration_ext"; -constexpr std::string_view rc_first_pull = "remote_config.first_pull"; -constexpr std::string_view rc_last_success = "remote_config.last_success"; - // not implemented (difficult to count requests on the helper) constexpr std::string_view rc_requests_before_running = "remote_config.requests_before_running"; diff --git a/appsec/src/helper/network/acceptor.cpp b/appsec/src/helper/network/acceptor.cpp index c5f2e57db4..2cb714c617 100644 --- a/appsec/src/helper/network/acceptor.cpp +++ b/appsec/src/helper/network/acceptor.cpp @@ -4,7 +4,6 @@ // This product includes software developed at Datadog // (https://www.datadoghq.com/). Copyright 2021 Datadog, Inc. #include "acceptor.hpp" -#include "../exception.hpp" #include "socket.hpp" #include #include diff --git a/appsec/src/helper/network/broker.cpp b/appsec/src/helper/network/broker.cpp index 48405c44b1..94154576c7 100644 --- a/appsec/src/helper/network/broker.cpp +++ b/appsec/src/helper/network/broker.cpp @@ -7,7 +7,6 @@ #include "../exception.hpp" #include "proto.hpp" #include -#include #include #include #include diff --git a/appsec/src/helper/network/proto.hpp b/appsec/src/helper/network/proto.hpp index b202623177..e6205392dc 100644 --- a/appsec/src/helper/network/proto.hpp +++ b/appsec/src/helper/network/proto.hpp @@ -130,7 +130,8 @@ struct client_init { std::map meta; std::map metrics; - std::map>> + std::unordered_map>> tel_metrics; MSGPACK_DEFINE(status, version, errors, meta, metrics, tel_metrics); @@ -291,7 +292,8 @@ struct request_shutdown { std::map meta; std::map metrics; - std::map>> + std::unordered_map>> tel_metrics; MSGPACK_DEFINE( diff --git a/appsec/src/helper/remote_config/client.cpp b/appsec/src/helper/remote_config/client.cpp index 5b851b4bb3..df22dcf001 100644 --- a/appsec/src/helper/remote_config/client.cpp +++ b/appsec/src/helper/remote_config/client.cpp @@ -4,10 +4,7 @@ // This product includes software developed at Datadog // (https://www.datadoghq.com/). Copyright 2021 Datadog, Inc. #include "client.hpp" -#include "exception.hpp" #include "product.hpp" -#include -#include #include #include #include @@ -18,7 +15,7 @@ extern "C" { } namespace { -struct ddog_CharSlice { +struct ddog_CharSlice { // NOLINT(readability-identifier-naming) const char *ptr; uintptr_t len; }; diff --git a/appsec/src/helper/remote_config/client_handler.cpp b/appsec/src/helper/remote_config/client_handler.cpp index 090a109a74..8a6652e06e 100644 --- a/appsec/src/helper/remote_config/client_handler.cpp +++ b/appsec/src/helper/remote_config/client_handler.cpp @@ -19,7 +19,7 @@ static constexpr std::chrono::milliseconds default_max_interval = 5min; client_handler::client_handler(std::unique_ptr &&rc_client, std::shared_ptr service_config, - std::shared_ptr msubmitter) + std::shared_ptr msubmitter) : rc_client_{std::move(rc_client)}, service_config_{std::move(service_config)}, msubmitter_{std::move(msubmitter)} @@ -30,7 +30,7 @@ std::unique_ptr client_handler::from_settings( std::shared_ptr service_config, const remote_config::settings &rc_settings, const std::shared_ptr &engine_ptr, - std::shared_ptr msubmitter, + std::shared_ptr msubmitter, bool dynamic_enablement) { if (!rc_settings.enabled) { @@ -73,28 +73,7 @@ void client_handler::poll() const std::lock_guard lock{mutex_}; try { - if (last_success_ != empty_time) { - auto now = std::chrono::steady_clock::now(); - auto elapsed = - std::chrono::duration_cast( - now - last_success_); - msubmitter_->submit_metric(metrics::rc_last_success, - static_cast(elapsed.count()), {}); - } - - const bool result = rc_client_->poll(); - - auto now = std::chrono::steady_clock::now(); - last_success_ = now; - - if (result && creation_time_ != empty_time) { - auto elapsed = - std::chrono::duration_cast( - now - creation_time_); - msubmitter_->submit_metric(metrics::rc_first_pull, - static_cast(elapsed.count()), {}); - creation_time_ = empty_time; - } + rc_client_->poll(); } catch (const std::exception &e) { SPDLOG_WARN("Error polling remote config: {}", e.what()); } diff --git a/appsec/src/helper/remote_config/client_handler.hpp b/appsec/src/helper/remote_config/client_handler.hpp index b85cfc6285..e265b364f9 100644 --- a/appsec/src/helper/remote_config/client_handler.hpp +++ b/appsec/src/helper/remote_config/client_handler.hpp @@ -21,7 +21,7 @@ class client_handler { public: client_handler(std::unique_ptr &&rc_client, std::shared_ptr service_config, - std::shared_ptr msubmitter); + std::shared_ptr msubmitter); ~client_handler() = default; client_handler(const client_handler &) = delete; @@ -35,7 +35,7 @@ class client_handler { std::shared_ptr service_config, const remote_config::settings &rc_settings, const std::shared_ptr &engine_ptr, - std::shared_ptr msubmitter, + std::shared_ptr msubmitter, bool dynamic_enablement); void poll(); @@ -51,12 +51,11 @@ class client_handler { std::shared_ptr service_config_; std::unique_ptr rc_client_; - std::shared_ptr msubmitter_; + std::shared_ptr msubmitter_; std::mutex mutex_{}; std::chrono::steady_clock::time_point creation_time_{ std::chrono::steady_clock::now()}; // def value after first poll() done - std::chrono::steady_clock::time_point last_success_{}; }; } // namespace dds::remote_config diff --git a/appsec/src/helper/remote_config/listeners/engine_listener.cpp b/appsec/src/helper/remote_config/listeners/engine_listener.cpp index c6510f2665..2a6f099290 100644 --- a/appsec/src/helper/remote_config/listeners/engine_listener.cpp +++ b/appsec/src/helper/remote_config/listeners/engine_listener.cpp @@ -4,23 +4,20 @@ // This product includes software developed at Datadog // (https://www.datadoghq.com/). Copyright 2021 Datadog, Inc. #include "engine_listener.hpp" -#include "../../json_helper.hpp" #include "../exception.hpp" #include "../product.hpp" #include "config_aggregators/asm_aggregator.hpp" #include "config_aggregators/asm_data_aggregator.hpp" #include "config_aggregators/asm_dd_aggregator.hpp" -#include #include #include #include -#include #include namespace dds::remote_config { engine_listener::engine_listener(std::shared_ptr engine, - std::shared_ptr msubmitter, + std::shared_ptr msubmitter, const std::string &rules_file) : engine_{std::move(engine)}, msubmitter_{std::move(msubmitter)} { diff --git a/appsec/src/helper/remote_config/listeners/engine_listener.hpp b/appsec/src/helper/remote_config/listeners/engine_listener.hpp index 3ca0fcfa8b..d58828bf35 100644 --- a/appsec/src/helper/remote_config/listeners/engine_listener.hpp +++ b/appsec/src/helper/remote_config/listeners/engine_listener.hpp @@ -5,15 +5,11 @@ // (https://www.datadoghq.com/). Copyright 2021 Datadog, Inc. #pragma once -#include "../../config.hpp" #include "../../engine.hpp" -#include "../../parameter.hpp" #include "../product.hpp" #include "config_aggregators/config_aggregator.hpp" #include "listener.hpp" -#include #include -#include namespace dds::remote_config { @@ -21,7 +17,7 @@ namespace dds::remote_config { class engine_listener : public listener_base { public: explicit engine_listener(std::shared_ptr engine, - std::shared_ptr msubmitter, + std::shared_ptr msubmitter, const std::string &rules_file = {}); engine_listener(const engine_listener &) = delete; engine_listener(engine_listener &&) = default; @@ -47,7 +43,7 @@ class engine_listener : public listener_base { std::shared_ptr engine_; rapidjson::Document ruleset_; std::unordered_set to_commit_; - std::shared_ptr msubmitter_; + std::shared_ptr msubmitter_; }; } // namespace dds::remote_config diff --git a/appsec/src/helper/runner.cpp b/appsec/src/helper/runner.cpp index 8e45c02f9d..efd8e116b8 100644 --- a/appsec/src/helper/runner.cpp +++ b/appsec/src/helper/runner.cpp @@ -6,7 +6,6 @@ #include "runner.hpp" #include "client.hpp" -#include "subscriber/waf.hpp" #include #include #include diff --git a/appsec/src/helper/service.cpp b/appsec/src/helper/service.cpp index 835b52e6dc..21f554a5c2 100644 --- a/appsec/src/helper/service.cpp +++ b/appsec/src/helper/service.cpp @@ -12,7 +12,7 @@ namespace dds { service::service(std::shared_ptr engine, std::shared_ptr service_config, std::unique_ptr &&client_handler, - std::shared_ptr msubmitter, std::string rc_path, + std::shared_ptr msubmitter, std::string rc_path, const schema_extraction_settings &schema_extraction_settings) : engine_{std::move(engine)}, service_config_{std::move(service_config)}, client_handler_{std::move(client_handler)}, @@ -40,7 +40,7 @@ std::shared_ptr service::from_settings( const dds::engine_settings &eng_settings, const remote_config::settings &rc_settings, bool dynamic_enablement) { - std::shared_ptr msubmitter = std::make_shared(); + std::shared_ptr msubmitter = std::make_shared(); const std::shared_ptr engine_ptr = engine::from_settings(eng_settings, *msubmitter); diff --git a/appsec/src/helper/service.hpp b/appsec/src/helper/service.hpp index 71b5d28c3a..48c53c38ea 100644 --- a/appsec/src/helper/service.hpp +++ b/appsec/src/helper/service.hpp @@ -25,7 +25,7 @@ using namespace std::chrono_literals; class service { protected: - class MetricsImpl : public metrics::TelemetrySubmitter { + class metrics_impl : public metrics::telemetry_submitter { struct tel_metric { tel_metric(std::string_view name, double value, std::string tags) : name{name}, value{value}, tags{std::move(tags)} @@ -36,13 +36,13 @@ class service { }; public: - MetricsImpl() = default; - MetricsImpl(const MetricsImpl &) = delete; - MetricsImpl &operator=(const MetricsImpl &) = delete; - MetricsImpl(MetricsImpl &&) = delete; - MetricsImpl &operator=(MetricsImpl &&) = delete; + metrics_impl() = default; + metrics_impl(const metrics_impl &) = delete; + metrics_impl &operator=(const metrics_impl &) = delete; + metrics_impl(metrics_impl &&) = delete; + metrics_impl &operator=(metrics_impl &&) = delete; - ~MetricsImpl() override = default; + ~metrics_impl() override = default; void submit_metric(std::string_view metric_name, double value, std::string tags) override @@ -52,24 +52,24 @@ class service { pending_metrics_.emplace_back(metric_name, value, std::move(tags)); } - void submit_legacy_metric(std::string_view name, double value) override + void submit_span_metric(std::string_view name, double value) override { - SPDLOG_TRACE("submit_legacy_metric: {} {}", name, value); + SPDLOG_TRACE("submit_span_metric: {} {}", name, value); const std::lock_guard lock{legacy_metrics_mutex_}; legacy_metrics_[name] = value; } - void submit_legacy_meta( - std::string_view name, std::string value) override + void submit_span_meta(std::string_view name, std::string value) override { - SPDLOG_TRACE("submit_legacy_meta: {} {}", name, value); + SPDLOG_TRACE("submit_span_meta: {} {}", name, value); const std::lock_guard lock{meta_mutex_}; meta_[std::string{name}] = std::move(value); } // NOLINTNEXTLINE(bugprone-easily-swappable-parameters) - void submit_legacy_meta_copy_key( + void submit_span_meta_copy_key( std::string name, std::string value) override { + SPDLOG_TRACE("submit_span_meta_copy_key: {} {}", name, value); const std::lock_guard lock{meta_mutex_}; meta_[std::move(name)] = std::move(value); } @@ -108,15 +108,15 @@ class service { std::mutex meta_mutex_; }; - static std::shared_ptr create_shared_metrics() + static std::shared_ptr create_shared_metrics() { - return std::make_shared(); + return std::make_shared(); } service(std::shared_ptr engine, std::shared_ptr service_config, std::unique_ptr &&client_handler, - std::shared_ptr msubmitter, std::string rc_path, + std::shared_ptr msubmitter, std::string rc_path, const schema_extraction_settings &schema_extraction_settings = {}); template @@ -194,7 +194,7 @@ class service { std::unique_ptr client_handler_{}; std::shared_ptr schema_sampler_; std::string rc_path_; - std::shared_ptr msubmitter_; + std::shared_ptr msubmitter_; }; } // namespace dds diff --git a/appsec/src/helper/subscriber/base.hpp b/appsec/src/helper/subscriber/base.hpp index 6c539cde52..b3e7999332 100644 --- a/appsec/src/helper/subscriber/base.hpp +++ b/appsec/src/helper/subscriber/base.hpp @@ -32,7 +32,7 @@ class subscriber { // NOLINTNEXTLINE(google-runtime-references) virtual void submit_metrics( - metrics::TelemetrySubmitter &msubmitter) = 0; + metrics::telemetry_submitter &msubmitter) = 0; }; subscriber() = default; @@ -47,7 +47,7 @@ class subscriber { virtual std::unordered_set get_subscriptions() = 0; virtual std::unique_ptr get_listener() = 0; virtual std::unique_ptr update( - parameter &rule, metrics::TelemetrySubmitter &submit_metric) = 0; + parameter &rule, metrics::telemetry_submitter &submit_metric) = 0; }; } // namespace dds diff --git a/appsec/src/helper/subscriber/waf.cpp b/appsec/src/helper/subscriber/waf.cpp index db40d4fe2b..13ec23466e 100644 --- a/appsec/src/helper/subscriber/waf.cpp +++ b/appsec/src/helper/subscriber/waf.cpp @@ -142,14 +142,14 @@ std::string waf_update_init_report_tags( return tags; } -void waf_init_report(metrics::TelemetrySubmitter &msubmitter, bool success, +void waf_init_report(metrics::telemetry_submitter &msubmitter, bool success, std::optional rules_version) { msubmitter.submit_metric(metrics::waf_init, 1.0, waf_update_init_report_tags(success, std::move(rules_version))); } -void waf_update_report(metrics::TelemetrySubmitter &msubmitter, bool success, +void waf_update_report(metrics::telemetry_submitter &msubmitter, bool success, std::optional rules_version) { msubmitter.submit_metric(metrics::waf_updates, 1.0, @@ -157,7 +157,7 @@ void waf_update_report(metrics::TelemetrySubmitter &msubmitter, bool success, } void load_result_report( - parameter_view diagnostics, metrics::TelemetrySubmitter &msubmitter) + parameter_view diagnostics, metrics::telemetry_submitter &msubmitter) { const auto info = static_cast(diagnostics); @@ -228,7 +228,7 @@ void load_result_report( } void load_result_report_legacy(parameter_view diagnostics, std::string &version, - metrics::TelemetrySubmitter &msubmitter) + metrics::telemetry_submitter &msubmitter) { try { const parameter_view diagnostics_view{diagnostics}; @@ -239,25 +239,24 @@ void load_result_report_legacy(parameter_view diagnostics, std::string &version, auto rules = static_cast(rules_it->second); auto it = rules.find("loaded"); if (it != rules.end()) { - msubmitter.submit_legacy_metric(metrics::event_rules_loaded, + msubmitter.submit_span_metric(metrics::event_rules_loaded, static_cast(it->second.size())); } it = rules.find("failed"); if (it != rules.end()) { - msubmitter.submit_legacy_metric(metrics::event_rules_failed, + msubmitter.submit_span_metric(metrics::event_rules_failed, static_cast(it->second.size())); } it = rules.find("errors"); if (it != rules.end()) { - msubmitter.submit_legacy_meta( + msubmitter.submit_span_meta( metrics::event_rules_errors, parameter_to_json(it->second)); } } - msubmitter.submit_legacy_meta( - metrics::waf_version, ddwaf_get_version()); + msubmitter.submit_span_meta(metrics::waf_version, ddwaf_get_version()); auto version_it = info.find("ruleset_version"); if (version_it != info.end()) { @@ -382,7 +381,8 @@ void instance::listener::call(dds::parameter_view &data, event &event) } } -void instance::listener::submit_metrics(metrics::TelemetrySubmitter &msubmitter) +void instance::listener::submit_metrics( + metrics::telemetry_submitter &msubmitter) { std::string tags = base_tags_; if (rule_triggered_) { @@ -400,9 +400,9 @@ void instance::listener::submit_metrics(metrics::TelemetrySubmitter &msubmitter) msubmitter.submit_metric(metrics::waf_requests, 1.0, std::move(tags)); // legacy - msubmitter.submit_legacy_meta( + msubmitter.submit_span_meta( metrics::event_rules_version, std::string{ruleset_version_}); - msubmitter.submit_legacy_metric(metrics::waf_duration, total_runtime_); + msubmitter.submit_span_metric(metrics::waf_duration, total_runtime_); for (const auto &[key, value] : schemas_) { std::string schema = value; @@ -414,12 +414,12 @@ void instance::listener::submit_metrics(metrics::TelemetrySubmitter &msubmitter) } if (schema.length() <= max_schema_size) { - msubmitter.submit_legacy_meta_copy_key(key, std::move(schema)); + msubmitter.submit_span_meta_copy_key(key, std::move(schema)); } } } -instance::instance(parameter &rule, metrics::TelemetrySubmitter &msubmit, +instance::instance(parameter &rule, metrics::telemetry_submitter &msubmit, std::uint64_t waf_timeout_us, std::string_view key_regex, std::string_view value_regex) : waf_timeout_{waf_timeout_us}, msubmitter_{msubmit} @@ -450,8 +450,9 @@ instance::instance(parameter &rule, metrics::TelemetrySubmitter &msubmit, for (uint32_t i = 0; i < size; i++) { addresses_.emplace(addrs[i]); } } -instance::instance(ddwaf_handle handle, metrics::TelemetrySubmitter &msubmitter, - std::chrono::microseconds timeout, std::string version) +instance::instance(ddwaf_handle handle, + metrics::telemetry_submitter &msubmitter, std::chrono::microseconds timeout, + std::string version) : handle_{handle}, msubmitter_{msubmitter}, waf_timeout_{timeout}, ruleset_version_{std::move(version)} { @@ -500,7 +501,7 @@ std::unique_ptr instance::get_listener() } std::unique_ptr instance::update( - parameter &rule, metrics::TelemetrySubmitter &msubmitter) + parameter &rule, metrics::telemetry_submitter &msubmitter) { ddwaf_object diagnostics; auto *new_handle = ddwaf_update(handle_, rule, &diagnostics); @@ -528,7 +529,7 @@ std::unique_ptr instance::update( std::unique_ptr instance::from_settings( const engine_settings &settings, const engine_ruleset &ruleset, - metrics::TelemetrySubmitter &msubmitter) + metrics::telemetry_submitter &msubmitter) { dds::parameter param = json_to_parameter(ruleset.get_document()); return std::make_unique(param, msubmitter, @@ -537,7 +538,7 @@ std::unique_ptr instance::from_settings( } std::unique_ptr instance::from_string(std::string_view rule, - metrics::TelemetrySubmitter &msubmitter, std::uint64_t waf_timeout_us, + metrics::telemetry_submitter &msubmitter, std::uint64_t waf_timeout_us, std::string_view key_regex, std::string_view value_regex) { engine_ruleset const ruleset{rule}; diff --git a/appsec/src/helper/subscriber/waf.hpp b/appsec/src/helper/subscriber/waf.hpp index 86558a7a2b..ff952c20e2 100644 --- a/appsec/src/helper/subscriber/waf.hpp +++ b/appsec/src/helper/subscriber/waf.hpp @@ -39,7 +39,7 @@ class instance : public dds::subscriber { void call(dds::parameter_view &data, event &event) override; // NOLINTNEXTLINE(google-runtime-references) - void submit_metrics(metrics::TelemetrySubmitter &msubmitter) override; + void submit_metrics(metrics::telemetry_submitter &msubmitter) override; protected: ddwaf_context handle_{}; @@ -55,7 +55,7 @@ class instance : public dds::subscriber { }; // NOLINTNEXTLINE(google-runtime-references) - instance(dds::parameter &rule, metrics::TelemetrySubmitter &msubmit, + instance(dds::parameter &rule, metrics::telemetry_submitter &msubmit, std::uint64_t waf_timeout_us, std::string_view key_regex = std::string_view(), std::string_view value_regex = std::string_view()); @@ -75,28 +75,28 @@ class instance : public dds::subscriber { std::unique_ptr get_listener() override; std::unique_ptr update( - parameter &rule, metrics::TelemetrySubmitter &msubmitter) override; + parameter &rule, metrics::telemetry_submitter &msubmitter) override; static std::unique_ptr from_settings( const engine_settings &settings, const engine_ruleset &ruleset, - metrics::TelemetrySubmitter &msubmitter); + metrics::telemetry_submitter &msubmitter); // testing only static std::unique_ptr from_string(std::string_view rule, - metrics::TelemetrySubmitter &msubmitter, + metrics::telemetry_submitter &msubmitter, std::uint64_t waf_timeout_us = default_waf_timeout_us, std::string_view key_regex = std::string_view(), std::string_view value_regex = std::string_view()); protected: - instance(ddwaf_handle handle, metrics::TelemetrySubmitter &msubmitter, + instance(ddwaf_handle handle, metrics::telemetry_submitter &msubmitter, std::chrono::microseconds timeout, std::string version); ddwaf_handle handle_{nullptr}; std::chrono::microseconds waf_timeout_; std::string ruleset_version_; std::unordered_set addresses_; - metrics::TelemetrySubmitter &msubmitter_; // NOLINT + metrics::telemetry_submitter &msubmitter_; // NOLINT }; parameter parse_file(std::string_view filename); diff --git a/appsec/tests/helper/engine_test.cpp b/appsec/tests/helper/engine_test.cpp index 5b308e1cb2..a41052d82a 100644 --- a/appsec/tests/helper/engine_test.cpp +++ b/appsec/tests/helper/engine_test.cpp @@ -25,7 +25,7 @@ namespace mock { class listener : public dds::subscriber::listener { public: MOCK_METHOD2(call, void(dds::parameter_view &, dds::event &)); - MOCK_METHOD1(submit_metrics, void(metrics::TelemetrySubmitter &)); + MOCK_METHOD1(submit_metrics, void(metrics::telemetry_submitter &)); }; class subscriber : public dds::subscriber { @@ -34,18 +34,18 @@ class subscriber : public dds::subscriber { MOCK_METHOD0(get_listener, std::unique_ptr()); MOCK_METHOD0(get_subscriptions, std::unordered_set()); MOCK_METHOD2(update, std::unique_ptr( - dds::parameter &, metrics::TelemetrySubmitter &)); + dds::parameter &, metrics::telemetry_submitter &)); }; -class tel_submitter : public metrics::TelemetrySubmitter { +class tel_submitter : public metrics::telemetry_submitter { public: MOCK_METHOD(void, submit_metric, (std::string_view, double, std::string), (override)); MOCK_METHOD( - void, submit_legacy_metric, (std::string_view, double), (override)); + void, submit_span_metric, (std::string_view, double), (override)); MOCK_METHOD( - void, submit_legacy_meta, (std::string_view, std::string), (override)); - MOCK_METHOD(void, submit_legacy_meta_copy_key, (std::string, std::string), + void, submit_span_meta, (std::string_view, std::string), (override)); + MOCK_METHOD(void, submit_span_meta_copy_key, (std::string, std::string), (override)); }; } // namespace mock @@ -356,14 +356,13 @@ TEST(EngineTest, WafSubscriptorBasic) auto e{engine::create()}; auto msubmitter = mock::tel_submitter{}; + EXPECT_CALL( + msubmitter, submit_span_metric("_dd.appsec.event_rules.loaded"sv, 1.0)); EXPECT_CALL(msubmitter, - submit_legacy_metric("_dd.appsec.event_rules.loaded"sv, 1.0)); + submit_span_metric("_dd.appsec.event_rules.error_count"sv, 0.0)); EXPECT_CALL(msubmitter, - submit_legacy_metric("_dd.appsec.event_rules.error_count"sv, 0.0)); - EXPECT_CALL( - msubmitter, submit_legacy_meta( - "_dd.appsec.event_rules.errors"sv, std::string{"{}"})); - EXPECT_CALL(msubmitter, submit_legacy_meta("_dd.appsec.waf.version"sv, _)); + submit_span_meta("_dd.appsec.event_rules.errors"sv, std::string{"{}"})); + EXPECT_CALL(msubmitter, submit_span_meta("_dd.appsec.waf.version"sv, _)); EXPECT_CALL(msubmitter, submit_metric("waf.init"sv, 1, _)); auto waf_uptr = waf::instance::from_string(waf_rule, msubmitter); @@ -536,7 +535,7 @@ TEST(EngineTest, WafSubscriptorUpdateRuleData) { EXPECT_CALL( - msubmitter, submit_legacy_meta("_dd.appsec.waf.version"sv, _)); + msubmitter, submit_span_meta("_dd.appsec.waf.version"sv, _)); EXPECT_CALL(msubmitter, submit_metric("waf.updates"sv, 1, std::string{"success:true,event_rules_version:,waf_version:"} + @@ -563,7 +562,7 @@ TEST(EngineTest, WafSubscriptorUpdateRuleData) { EXPECT_CALL( - msubmitter, submit_legacy_meta("_dd.appsec.waf.version"sv, _)); + msubmitter, submit_span_meta("_dd.appsec.waf.version"sv, _)); EXPECT_CALL(msubmitter, submit_metric("waf.updates"sv, 1, std::string{"success:true,event_rules_version:,waf_version:"} + diff --git a/appsec/tests/helper/remote_config/listeners/engine_listener_test.cpp b/appsec/tests/helper/remote_config/listeners/engine_listener_test.cpp index 12cc59f6ec..1f1bf0504a 100644 --- a/appsec/tests/helper/remote_config/listeners/engine_listener_test.cpp +++ b/appsec/tests/helper/remote_config/listeners/engine_listener_test.cpp @@ -45,7 +45,7 @@ TEST(RemoteConfigEngineListener, NoUpdates) EXPECT_CALL(*engine, update(_, _)).Times(0); auto msubmitter = - std::shared_ptr(new tel_submitter()); + std::shared_ptr(new tel_submitter()); remote_config::engine_listener listener(engine, msubmitter); listener.init(); listener.commit(); @@ -54,7 +54,7 @@ TEST(RemoteConfigEngineListener, NoUpdates) TEST(RemoteConfigEngineListener, UnknownConfig) { auto msubmitter = - std::shared_ptr(new tel_submitter()); + std::shared_ptr(new tel_submitter()); auto engine = mock::engine::create(); rapidjson::Document doc; @@ -71,7 +71,7 @@ TEST(RemoteConfigEngineListener, UnknownConfig) TEST(RemoteConfigEngineListener, RuleUpdate) { auto msubmitter = - std::shared_ptr(new tel_submitter()); + std::shared_ptr(new tel_submitter()); auto engine = mock::engine::create(); rapidjson::Document doc; @@ -103,7 +103,7 @@ TEST(RemoteConfigEngineListener, RuleUpdate) TEST(RemoteConfigEngineListener, RuleUpdateFallback) { auto msubmitter = - std::shared_ptr(new tel_submitter()); + std::shared_ptr(new tel_submitter()); auto engine = mock::engine::create(); rapidjson::Document doc; @@ -136,7 +136,7 @@ TEST(RemoteConfigEngineListener, RuleUpdateFallback) TEST(RemoteConfigEngineListener, RulesOverrideUpdate) { auto msubmitter = - std::shared_ptr(new tel_submitter()); + std::shared_ptr(new tel_submitter()); auto engine = mock::engine::create(); rapidjson::Document doc; @@ -179,7 +179,7 @@ TEST(RemoteConfigEngineListener, RulesOverrideUpdate) TEST(RemoteConfigEngineListener, RulesAndRulesOverrideUpdate) { auto msubmitter = - std::shared_ptr(new tel_submitter()); + std::shared_ptr(new tel_submitter()); auto engine = mock::engine::create(); rapidjson::Document doc; @@ -230,7 +230,7 @@ TEST(RemoteConfigEngineListener, RulesAndRulesOverrideUpdate) TEST(RemoteConfigEngineListener, ExclusionsUpdate) { auto msubmitter = - std::shared_ptr(new tel_submitter()); + std::shared_ptr(new tel_submitter()); auto engine = mock::engine::create(); rapidjson::Document doc; @@ -274,7 +274,7 @@ TEST(RemoteConfigEngineListener, ExclusionsUpdate) TEST(RemoteConfigEngineListener, RulesAndExclusionsUpdate) { auto msubmitter = - std::shared_ptr(new tel_submitter()); + std::shared_ptr(new tel_submitter()); auto engine = mock::engine::create(); rapidjson::Document doc; @@ -325,7 +325,7 @@ TEST(RemoteConfigEngineListener, RulesAndExclusionsUpdate) TEST(RemoteConfigEngineListener, ActionsUpdate) { auto msubmitter = - std::shared_ptr(new tel_submitter()); + std::shared_ptr(new tel_submitter()); auto engine = mock::engine::create(); rapidjson::Document doc; @@ -370,7 +370,7 @@ TEST(RemoteConfigEngineListener, ActionsUpdate) TEST(RemoteConfigEngineListener, RulesAndActionsUpdate) { auto msubmitter = - std::shared_ptr(new tel_submitter()); + std::shared_ptr(new tel_submitter()); auto engine = mock::engine::create(); rapidjson::Document doc; @@ -422,7 +422,7 @@ TEST(RemoteConfigEngineListener, RulesAndActionsUpdate) TEST(RemoteConfigEngineListener, CustomRulesUpdate) { auto msubmitter = - std::shared_ptr(new tel_submitter()); + std::shared_ptr(new tel_submitter()); auto engine = mock::engine::create(); rapidjson::Document doc; @@ -469,7 +469,7 @@ TEST(RemoteConfigEngineListener, CustomRulesUpdate) TEST(RemoteConfigEngineListener, RulesAndCustomRulesUpdate) { auto msubmitter = - std::shared_ptr(new tel_submitter()); + std::shared_ptr(new tel_submitter()); auto engine = mock::engine::create(); rapidjson::Document doc; @@ -523,7 +523,7 @@ TEST(RemoteConfigEngineListener, RulesAndCustomRulesUpdate) TEST(RemoteConfigEngineListener, RulesDataUpdate) { auto msubmitter = - std::shared_ptr(new tel_submitter()); + std::shared_ptr(new tel_submitter()); auto engine = mock::engine::create(); rapidjson::Document doc; @@ -559,7 +559,7 @@ TEST(RemoteConfigEngineListener, RulesDataUpdate) TEST(RemoteConfigEngineListener, RulesAndRuleDataUpdate) { auto msubmitter = - std::shared_ptr(new tel_submitter()); + std::shared_ptr(new tel_submitter()); auto engine = mock::engine::create(); rapidjson::Document doc; @@ -603,7 +603,7 @@ TEST(RemoteConfigEngineListener, RulesAndRuleDataUpdate) TEST(RemoteConfigEngineListener, FullUpdate) { auto msubmitter = - std::shared_ptr(new tel_submitter()); + std::shared_ptr(new tel_submitter()); auto engine = mock::engine::create(); rapidjson::Document doc; @@ -660,7 +660,7 @@ TEST(RemoteConfigEngineListener, FullUpdate) TEST(RemoteConfigEngineListener, MultipleInitCommitUpdates) { auto msubmitter = - std::shared_ptr(new tel_submitter()); + std::shared_ptr(new tel_submitter()); auto engine = mock::engine::create(); rapidjson::Document doc; @@ -813,7 +813,7 @@ TEST(RemoteConfigEngineListener, EngineRuleUpdate) {"inputs": [{"address": "server.request.query"} ], "list": ["/other/url"] }, "operator": "phrase_match"} ], "on_match": ["block"] } ] })"; - auto msubmitter = std::shared_ptr( + auto msubmitter = std::shared_ptr( new NiceMock()); std::map meta; std::map metrics; @@ -862,7 +862,7 @@ TEST(RemoteConfigEngineListener, EngineRuleUpdateFallback) {"inputs": [{"address": "server.request.query"} ], "list": ["/a/url"] }, "operator": "phrase_match"} ], "on_match": ["block"] } ] })"; - auto msubmitter = std::shared_ptr( + auto msubmitter = std::shared_ptr( new NiceMock()); std::map meta; @@ -901,7 +901,7 @@ TEST(RemoteConfigEngineListener, EngineRuleUpdateFallback) TEST(RemoteConfigEngineListener, EngineRuleOverrideUpdateDisableRule) { - auto msubmitter = std::shared_ptr( + auto msubmitter = std::shared_ptr( new NiceMock()); std::shared_ptr engine{dds::engine::create()}; @@ -948,7 +948,7 @@ TEST(RemoteConfigEngineListener, EngineRuleOverrideUpdateDisableRule) TEST(RemoteConfigEngineListener, RuleOverrideUpdateSetOnMatch) { - auto msubmitter = std::shared_ptr( + auto msubmitter = std::shared_ptr( new NiceMock()); std::shared_ptr engine{dds::engine::create()}; @@ -999,7 +999,7 @@ TEST(RemoteConfigEngineListener, RuleOverrideUpdateSetOnMatch) TEST(RemoteConfigEngineListener, EngineRuleOverrideAndActionsUpdate) { - auto msubmitter = std::shared_ptr( + auto msubmitter = std::shared_ptr( new NiceMock()); std::shared_ptr engine{dds::engine::create()}; @@ -1052,7 +1052,7 @@ TEST(RemoteConfigEngineListener, EngineRuleOverrideAndActionsUpdate) TEST(RemoteConfigEngineListener, EngineExclusionsUpdatePasslistRule) { - auto msubmitter = std::shared_ptr( + auto msubmitter = std::shared_ptr( new NiceMock()); std::shared_ptr engine{dds::engine::create()}; @@ -1100,7 +1100,7 @@ TEST(RemoteConfigEngineListener, EngineExclusionsUpdatePasslistRule) TEST(RemoteConfigEngineListener, EngineCustomRulesUpdate) { - auto msubmitter = std::shared_ptr( + auto msubmitter = std::shared_ptr( new NiceMock()); std::shared_ptr engine{dds::engine::create()}; @@ -1211,7 +1211,7 @@ TEST(RemoteConfigEngineListener, EngineRuleDataUpdate) [{"parameters":{"inputs":[{"address":"http.client_ip"}],"data":"blocked_ips"}, "operator":"ip_match"}],"transformers":[],"on_match":["block"]}]})"; - auto msubmitter = std::shared_ptr( + auto msubmitter = std::shared_ptr( new NiceMock()); std::shared_ptr e{engine::create()}; e->subscribe(waf::instance::from_string(waf_rule_with_data, *msubmitter)); diff --git a/appsec/tests/helper/remote_config/mocks.hpp b/appsec/tests/helper/remote_config/mocks.hpp index e2cf102336..32cbd2d52f 100644 --- a/appsec/tests/helper/remote_config/mocks.hpp +++ b/appsec/tests/helper/remote_config/mocks.hpp @@ -23,8 +23,8 @@ class engine : public dds::engine { action_map &&actions = {}) : dds::engine(trace_rate_limit) {} - MOCK_METHOD(void, update, (engine_ruleset &, metrics::TelemetrySubmitter &), - (override)); + MOCK_METHOD(void, update, + (engine_ruleset &, metrics::telemetry_submitter &), (override)); static auto create() { return std::shared_ptr(new engine()); } }; diff --git a/appsec/tests/helper/tel_subm_mock.hpp b/appsec/tests/helper/tel_subm_mock.hpp index 00c023d90f..b34e180d0b 100644 --- a/appsec/tests/helper/tel_subm_mock.hpp +++ b/appsec/tests/helper/tel_subm_mock.hpp @@ -2,15 +2,15 @@ #include namespace dds::mock { -class tel_submitter : public dds::metrics::TelemetrySubmitter { +class tel_submitter : public dds::metrics::telemetry_submitter { public: MOCK_METHOD(void, submit_metric, (std::string_view, double, std::string), (override)); MOCK_METHOD( - void, submit_legacy_metric, (std::string_view, double), (override)); + void, submit_span_metric, (std::string_view, double), (override)); MOCK_METHOD( - void, submit_legacy_meta, (std::string_view, std::string), (override)); - MOCK_METHOD(void, submit_legacy_meta_copy_key, (std::string, std::string), + void, submit_span_meta, (std::string_view, std::string), (override)); + MOCK_METHOD(void, submit_span_meta_copy_key, (std::string, std::string), (override)); }; } // namespace dds::mock diff --git a/appsec/tests/helper/waf_test.cpp b/appsec/tests/helper/waf_test.cpp index 7984bfd2d8..787bceb2ac 100644 --- a/appsec/tests/helper/waf_test.cpp +++ b/appsec/tests/helper/waf_test.cpp @@ -46,16 +46,14 @@ TEST(WafTest, InitWithInvalidRules) auto ruleset = engine_ruleset::from_path(cs.rules_file); mock::tel_submitter submitm{}; - EXPECT_CALL(submitm, submit_legacy_meta(metrics::waf_version, + EXPECT_CALL(submitm, submit_span_meta(metrics::waf_version, std::string{ddwaf_get_version()})); std::string rules_errors; - EXPECT_CALL(submitm, submit_legacy_meta(metrics::event_rules_errors, _)) + EXPECT_CALL(submitm, submit_span_meta(metrics::event_rules_errors, _)) .WillOnce(SaveArg<1>(&rules_errors)); - EXPECT_CALL( - submitm, submit_legacy_metric(metrics::event_rules_loaded, 1.0)); - EXPECT_CALL( - submitm, submit_legacy_metric(metrics::event_rules_failed, 4.0)); + EXPECT_CALL(submitm, submit_span_metric(metrics::event_rules_loaded, 1.0)); + EXPECT_CALL(submitm, submit_span_metric(metrics::event_rules_failed, 4.0)); EXPECT_CALL(submitm, submit_metric("waf.init"sv, 1, _)); EXPECT_CALL(submitm, submit_metric("waf.config_errors", 4., @@ -120,9 +118,9 @@ TEST(WafTest, ValidRunGood) ctx->call(pv, e); EXPECT_CALL(submitm, - submit_legacy_meta(metrics::event_rules_version, std::string{"1.2.3"})); + submit_span_meta(metrics::event_rules_version, std::string{"1.2.3"})); double duration; - EXPECT_CALL(submitm, submit_legacy_metric(metrics::waf_duration, _)) + EXPECT_CALL(submitm, submit_span_metric(metrics::waf_duration, _)) .WillOnce(SaveArg<1>(&duration)); EXPECT_CALL( submitm, submit_metric("waf.requests"sv, 1, @@ -158,14 +156,14 @@ TEST(WafTest, ValidRunMonitor) EXPECT_TRUE(e.actions.empty()); EXPECT_CALL(submitm, - submit_legacy_meta(metrics::event_rules_version, std::string{"1.2.3"})); - EXPECT_CALL(submitm, submit_legacy_metric(metrics::waf_duration, _)); + submit_span_meta(metrics::event_rules_version, std::string{"1.2.3"})); + EXPECT_CALL(submitm, submit_span_metric(metrics::waf_duration, _)); EXPECT_CALL( submitm, submit_metric("waf.requests"sv, 1, std::string{"event_rules_version:1.2.3,waf_version:"} + ddwaf_get_version() + ",rule_triggered:true")); EXPECT_CALL( - submitm, submit_legacy_meta_copy_key( + submitm, submit_span_meta_copy_key( std::string{"_dd.appsec.s.arg2"}, std::string{"[8]"})); ctx->submit_metrics(submitm); Mock::VerifyAndClearExpectations(&submitm); @@ -349,10 +347,10 @@ TEST(WafTest, SchemasAreAdded) std::string{"event_rules_version:1.2.3,waf_version:"} + ddwaf_get_version() + ",rule_triggered:true")); EXPECT_CALL( - submitm, submit_legacy_meta("_dd.appsec.event_rules.version", "1.2.3")); - EXPECT_CALL(submitm, submit_legacy_metric("_dd.appsec.waf.duration"sv, _)); + submitm, submit_span_meta("_dd.appsec.event_rules.version", "1.2.3")); + EXPECT_CALL(submitm, submit_span_metric("_dd.appsec.waf.duration"sv, _)); EXPECT_CALL( - submitm, submit_legacy_meta_copy_key( + submitm, submit_span_meta_copy_key( std::string{"_dd.appsec.s.arg2"}, std::string{"[8]"})); ctx->submit_metrics(submitm); Mock::VerifyAndClearExpectations(&submitm); diff --git a/appsec/tests/integration/src/docker/apache2-mod/Dockerfile b/appsec/tests/integration/src/docker/apache2-mod/Dockerfile index 9d9e1ae252..6383a38c21 100644 --- a/appsec/tests/integration/src/docker/apache2-mod/Dockerfile +++ b/appsec/tests/integration/src/docker/apache2-mod/Dockerfile @@ -24,6 +24,10 @@ RUN if echo $VARIANT | grep -q zts; \ else sed -i "s/%MPM/prefork/" /etc/apache2/mods-available/php.load; \ fi RUN if ! { echo $VARIANT | grep -q zts; }; then a2dismod mpm_event; a2enmod mpm_prefork; fi + +RUN sed -i 's/MaxRequestWorkers.*/MaxRequestWorkers 1/' /etc/apache2/mods-available/mpm_prefork.conf +RUN sed -i 's/MaxRequestWorkers.*/MaxRequestWorkers 1/' /etc/apache2/mods-available/mpm_worker.conf + RUN a2enmod php RUN chmod a+rx /root diff --git a/appsec/tests/integration/src/test/groovy/com/datadog/appsec/php/integration/TelemetryTests.groovy b/appsec/tests/integration/src/test/groovy/com/datadog/appsec/php/integration/TelemetryTests.groovy index 93c215b18b..5e532b2b34 100644 --- a/appsec/tests/integration/src/test/groovy/com/datadog/appsec/php/integration/TelemetryTests.groovy +++ b/appsec/tests/integration/src/test/groovy/com/datadog/appsec/php/integration/TelemetryTests.groovy @@ -95,18 +95,14 @@ class TelemetryTests { TelemetryHelpers.Metric wafInit TelemetryHelpers.Metric wafReq1 TelemetryHelpers.Metric wafReq2 - TelemetryHelpers.Metric rcFirstPull - TelemetryHelpers.Metric rcLastSuccess waitForMetrics(30) { List messages -> def allSeries = messages.collectMany { it.series } wafInit = allSeries.find { it.name == 'waf.init' } wafReq1 = allSeries.find { it.name == 'waf.requests' && it.tags.size() == 2 } wafReq2 = allSeries.find { it.name == 'waf.requests' && it.tags.size() == 3 } - rcFirstPull = allSeries.find { it.name == 'remote_config.first_pull' } - rcLastSuccess = allSeries.find { it.name == 'remote_config.last_success' } - wafInit && wafReq1 && wafReq2 && rcFirstPull && rcLastSuccess + wafInit && wafReq1 && wafReq2 } assert wafInit != null @@ -128,16 +124,6 @@ class TelemetryTests { assert 'rule_triggered:true' in wafReq2.tags assert wafReq2.points[0][1] == 1.0 - assert rcFirstPull != null - assert rcFirstPull.namespace == 'appsec' - assert rcFirstPull.points[0][1] > 0 - assert rcFirstPull.type == 'gauge' - - assert rcLastSuccess != null - assert rcLastSuccess.namespace == 'appsec' - assert rcLastSuccess.points[0][1] > 0 - assert rcLastSuccess.type == 'gauge' - // no error for data, it seems }