Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[APPSEC-55378] Rework Processor::Context logging and telemetry #4035

Merged
merged 3 commits into from
Oct 28, 2024
Merged

[APPSEC-55378] Rework Processor::Context logging and telemetry #4035

merged 3 commits into from
Oct 28, 2024

Conversation

Strech
Copy link
Member

@Strech Strech commented Oct 28, 2024
edited
Loading

What does this PR do?

This PR centralizes debug handling of the WAF execution into a single place Processor::Context

Motivation:

During upgrades we would like to know when we've made a mistake and be alerted about it upfront. We double-checked existing result codes of the WAF execution and removed outdated. At the same time if we use Telemetry error reporting to deliver unhandled errors such as:

  • DDWAF_ERR_INTERNAL (ruby: :err_internal)
  • DDWAF_ERR_INVALID_OBJECT (ruby: :err_invalid_object)
  • DDWAF_ERR_INVALID_ARGUMENT (ruby: :err_invalid_argument)

See full list

Change log entry

Not needed.

Additional Notes:

This PR could be released without libddwaf-rb upgrade

How to test the change?

CI is enough.

@codecov-commenter
Copy link

codecov-commenter commented Oct 28, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 97.85%. Comparing base (d77045d) to head (dc1b88f).

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #4035      +/-   ##
==========================================
- Coverage   97.86%   97.85%   -0.01%     
==========================================
  Files        1321     1321              
  Lines       79343    79318      -25     
  Branches     3936     3904      -32     
==========================================
- Hits        77647    77616      -31     
- Misses       1696     1702       +6

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@Strech Strech force-pushed the appsec-55378-restructure-context-logging-and-telemetry branch from f652db4 to fe27edb Compare October 28, 2024 12:00
@Strech Strech marked this pull request as ready for review October 28, 2024 12:31
@Strech Strech requested a review from a team as a code owner October 28, 2024 12:31
y9v
y9v reviewed Oct 28, 2024
View reviewed changes
lib/datadog/appsec/processor/context.rb
else
v.nil? ? true : v.empty?
end
next false if v.is_a?(TrueClass) || v.is_a?(FalseClass)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we actually don't need this line, and this whole reject! could be changed to:

input.compact!.reject(&:empty?)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the only thing I am not sure is whether we can expect that every non-nil value responds to empty??

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

and it's also fine to leave this block like it is, to reduce amount of changes in this PR

@pr-commenter
Copy link

pr-commenter bot commented Oct 28, 2024
edited
Loading

Benchmarks

Benchmark execution time: 2024-10-28 18:26:02

Comparing candidate commit dc1b88f in PR branch appsec-55378-restructure-context-logging-and-telemetry with baseline commit d77045d in branch master.

Found 0 performance improvements and 1 performance regressions! Performance is the same for 23 metrics, 2 unstable metrics.

scenario:library - Gem loading

  • 🟥 throughput [-0.153op/s; -0.147op/s] or [-5.496%; -5.299%]

Strech
Strech commented Oct 28, 2024
View reviewed changes
lib/datadog/appsec/processor/context.rb Outdated
if LIBDDWAF_SUCCESSFUL_EXECUTION_CODES.include?(result.status)
Datadog.logger.debug { "libddwaf execution result: #{result.inspect}" }
else
message = "libddwaf execution error: #{result.status.inspect} with #{result.inspect}"
Copy link
Member Author

@Strech Strech Oct 28, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

After discussion with @TonyCTHsu we agreed to change it into the following:

message = "libddwaf:1.14.0 execution error: #{result.status.inspect}"

we will drop result.inspect to balance cardinality and also it doesn't bring much value.

@Strech Strech force-pushed the appsec-55378-restructure-context-logging-and-telemetry branch from fe27edb to d1c7ee9 Compare October 28, 2024 14:39
@Strech Strech force-pushed the appsec-55378-restructure-context-logging-and-telemetry branch from d1c7ee9 to 0311964 Compare October 28, 2024 14:45
@Strech Strech requested a review from y9v October 28, 2024 15:11
@Strech Strech added dev/internal Other internal work that does not need to be included in the changelog appsec Application Security monitoring product labels Oct 28, 2024
@Strech Strech merged commit 7302d7b into master Oct 28, 2024
270 checks passed
@Strech Strech deleted the appsec-55378-restructure-context-logging-and-telemetry branch October 28, 2024 18:30
@github-actions github-actions bot added this to the 2.5.0 milestone Oct 28, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@datadog-datadog-prod-us1 datadog-datadog-prod-us1[bot] datadog-datadog-prod-us1[bot] left review comments

@y9v y9v y9v approved these changes

Assignees
No one assigned
Labels
appsec Application Security monitoring product dev/internal Other internal work that does not need to be included in the changelog
Projects
None yet
Milestone
2.5.0
Development

Successfully merging this pull request may close these issues.
3 participants
@Strech @codecov-commenter @y9v