-
Notifications
You must be signed in to change notification settings - Fork 332
Expand file tree
/
Copy pathAppSecActivationSmokeTest.groovy
More file actions
89 lines (76 loc) · 3.12 KB
/
AppSecActivationSmokeTest.groovy
File metadata and controls
89 lines (76 loc) · 3.12 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
package datadog.smoketest
import datadog.environment.JavaVirtualMachine
import datadog.remoteconfig.Capabilities
import datadog.remoteconfig.Product
import datadog.smoketest.dynamicconfig.AppSecApplication
import datadog.trace.test.util.Flaky
class AppSecActivationSmokeTest extends AbstractSmokeTest {
@Override
ProcessBuilder createProcessBuilder() {
def command = [javaPath()]
command += defaultJavaProperties.toList()
command += [
'-Ddd.remote_config.enabled=true',
"-Ddd.remote_config.url=http://localhost:${server.address.port}/v0.7/config".toString(),
'-Ddd.remote_config.poll_interval.seconds=1',
'-Ddd.profiling.enabled=false',
'-cp',
System.getProperty('datadog.smoketest.shadowJar.path'),
AppSecApplication.name
]
final processBuilder = new ProcessBuilder(command)
processBuilder.directory(new File(buildDirectory))
}
@Flaky(value = "Telemetry product change event flakes in oracle8", condition = () ->JavaVirtualMachine.isOracleJDK8())
void 'test activation via RC workflow'() {
given:
final asmRuleProducts = [Product.ASM, Product.ASM_DD, Product.ASM_DATA]
when: 'appsec is enabled but inactive'
final request = waitForRcClientRequest {
req ->
decodeProducts(req).find {
asmRuleProducts.contains(it)
} == null
}
final capabilities = decodeCapabilities(request)
then: 'only ASM_ACTIVATION capability should be reported'
assert hasCapability(capabilities, Capabilities.CAPABILITY_ASM_ACTIVATION)
assert !hasCapability(capabilities, Capabilities.CAPABILITY_ASM_CUSTOM_RULES)
when: 'appsec is enabled via RC'
setRemoteConfig('datadog/2/ASM_FEATURES/asm_features_activation/config', '{"asm":{"enabled":true}}')
then: 'we should receive a product change for appsec'
waitForTelemetryFlat {
final configurations = (List<Map<String, Object>>) it?.payload?.configuration ?: []
final enabledConfig = configurations.find {
it.name == 'DD_APPSEC_ENABLED'
}
if (!enabledConfig) {
return false
}
return enabledConfig.value == 'true' && enabledConfig .origin == 'remote_config'
}
and: 'we should have set the capabilities for ASM rules and data'
final newRequest = waitForRcClientRequest {
req ->
decodeProducts(req).containsAll(asmRuleProducts)
}
final newCapabilities = decodeCapabilities(newRequest)
assert hasCapability(newCapabilities, Capabilities.CAPABILITY_ASM_CUSTOM_RULES)
}
private static Set<Product> decodeProducts(final Map<String, Object> request) {
return request.client.products.collect {
Product.valueOf(it)
}
}
private static long decodeCapabilities(final Map<String, Object> request) {
final clientCapabilities = request.client.capabilities as byte[]
long capabilities = 0l
for (int i = 0; i < clientCapabilities.length; i++) {
capabilities |= (clientCapabilities[i] & 0xFFL) << ((clientCapabilities.length - i - 1) * 8)
}
return capabilities
}
private static boolean hasCapability(final long capabilities, final long test) {
return (capabilities & test) > 0
}
}