Merge branch 'master' into ugaitz/rasp-blocking

DataDog · Jun 24, 2024 · cb6fd05 · cb6fd05
2 parents 5323576 + fec9a91
commit cb6fd05
Show file tree

Hide file tree

Showing 36 changed files with 1,278 additions and 894 deletions.
diff --git a/.github/workflows/datadog-static-analysis.yml b/.github/workflows/datadog-static-analysis.yml
@@ -0,0 +1,24 @@
+name: Datadog Static Analysis
+
+on:
+  pull_request:
+  push:
+    branches: [master]
+
+jobs:
+  static-analysis:
+    runs-on: ubuntu-latest
+    name: Datadog Static Analyzer
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v3
+    - name: Check code meets quality and security standards
+      id: datadog-static-analysis
+      uses: DataDog/datadog-static-analyzer-github-action@v1
+      with:
+        dd_api_key: ${{ secrets.DD_STATIC_ANALYSIS_API_KEY }}
+        dd_app_key: ${{ secrets.DD_STATIC_ANALYSIS_APP_KEY }}
+        dd_service: dd-trace-js
+        dd_env: ci
+        dd_site: datadoghq.com
+        cpu_count: 2
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
@@ -5,11 +5,13 @@ stages:
   - benchmarks-pr-comment
   - single-step-instrumentation-tests
   - manual_images
+  - macrobenchmarks
 
 include:
   - remote: https://gitlab-templates.ddbuild.io/apm/packaging.yml
   - local: ".gitlab/benchmarks.yml"
   - local: ".gitlab/single-step-instrumentation-tests.yml"
+  - local: ".gitlab/macrobenchmarks.yml"
 
 variables:
 

diff --git a/.gitlab/benchmarks.yml b/.gitlab/benchmarks.yml
@@ -1,5 +1,5 @@
 variables:
-  BASE_CI_IMAGE: 486234852809.dkr.ecr.us-east-1.amazonaws.com/ci/benchmarking-platform:dd-trace-js
+  MICROBENCHMARKS_CI_IMAGE: 486234852809.dkr.ecr.us-east-1.amazonaws.com/ci/benchmarking-platform:dd-trace-js
   SLS_CI_IMAGE: registry.ddbuild.io/ci/serverless-tools:1
 
   # Benchmark's env variables. Modify to tweak benchmark parameters.
@@ -10,7 +10,7 @@ variables:
   stage: benchmarks
   when: on_success
   tags: ["runner:apm-k8s-tweaked-metal"]
-  image: $BASE_CI_IMAGE
+  image: $MICROBENCHMARKS_CI_IMAGE
   interruptible: true
   timeout: 15m
   script:
@@ -31,7 +31,7 @@ benchmarks-pr-comment:
   stage: benchmarks-pr-comment
   when: on_success
   tags: ["arch:amd64"]
-  image: $BASE_CI_IMAGE
+  image: $MICROBENCHMARKS_CI_IMAGE
   script:
     - cd platform && (git init && git remote add origin https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.ddbuild.io/DataDog/benchmarking-platform && git pull origin dd-trace-js)
     - bp-runner bp-runner.pr-comment.yml --debug
@@ -44,7 +44,7 @@ check-big-regressions:
   stage: benchmarks-pr-comment
   when: on_success
   tags: ["arch:amd64"]
-  image: $BASE_CI_IMAGE
+  image: $MICROBENCHMARKS_CI_IMAGE
   script:
     - cd platform && (git init && git remote add origin https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.ddbuild.io/DataDog/benchmarking-platform && git pull origin dd-trace-js)
     - bp-runner bp-runner.fail-on-regression.yml --debug

diff --git a/.gitlab/macrobenchmarks.yml b/.gitlab/macrobenchmarks.yml
@@ -0,0 +1,67 @@
+.macrobenchmarks:
+  stage: macrobenchmarks
+  rules:
+    - if: ($NIGHTLY_BENCHMARKS || $CI_PIPELINE_SOURCE != "schedule") && $CI_COMMIT_REF_NAME == "master"
+      when: always
+    - when: manual
+  tags: ["runner:apm-k8s-same-cpu"]
+  needs: []
+  interruptible: true
+  timeout: 1h
+  image: 486234852809.dkr.ecr.us-east-1.amazonaws.com/ci/benchmarking-platform:js-hapi
+  script:
+    - git clone --branch js/hapi https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.ddbuild.io/DataDog/benchmarking-platform platform && cd platform
+    - bp-runner bp-runner.yml --debug -t
+  artifacts:
+    name: "artifacts"
+    when: always
+    paths:
+      - platform/artifacts/
+    expire_in: 3 months
+  variables:
+    FF_USE_LEGACY_KUBERNETES_EXECUTION_STRATEGY: "true"
+
+    K6_OPTIONS_WARMUP_RATE: 500
+    K6_OPTIONS_WARMUP_DURATION: 1m
+    K6_OPTIONS_WARMUP_GRACEFUL_STOP: 10s
+    K6_OPTIONS_WARMUP_PRE_ALLOCATED_VUS: 4
+    K6_OPTIONS_WARMUP_MAX_VUS: 4
+
+    K6_OPTIONS_NORMAL_OPERATION_RATE: 300
+    K6_OPTIONS_NORMAL_OPERATION_DURATION: 10m
+    K6_OPTIONS_NORMAL_OPERATION_GRACEFUL_STOP: 10s
+    K6_OPTIONS_NORMAL_OPERATION_PRE_ALLOCATED_VUS: 4
+    K6_OPTIONS_NORMAL_OPERATION_MAX_VUS: 4
+
+    K6_OPTIONS_HIGH_LOAD_RATE: 700
+    K6_OPTIONS_HIGH_LOAD_DURATION: 3m
+    K6_OPTIONS_HIGH_LOAD_GRACEFUL_STOP: 10s
+    K6_OPTIONS_HIGH_LOAD_PRE_ALLOCATED_VUS: 4
+    K6_OPTIONS_HIGH_LOAD_MAX_VUS: 4
+
+    DDTRACE_INSTALL_VERSION: "git://github.com/Datadog/dd-trace-js.git#${CI_COMMIT_SHA}"
+
+  # Workaround: Currently we're not running the benchmarks on every PR, but GitHub still shows them as pending.
+  # By marking the benchmarks as allow_failure, this should go away. (This workaround should be removed once the
+  # benchmarks get changed to run on every PR)
+  allow_failure: true
+
+  # Retry on Gitlab internal system failures
+  retry:
+    max: 2
+    when:
+      - unknown_failure
+      - data_integrity_failure
+      - runner_system_failure
+      - scheduler_failure
+      - api_failure
+
+baseline:
+  extends: .macrobenchmarks
+  variables:
+    DD_BENCHMARKS_CONFIGURATION: baseline
+
+only-tracing:
+  extends: .macrobenchmarks
+  variables:
+    DD_BENCHMARKS_CONFIGURATION: only-tracing
diff --git a/docs/test.ts b/docs/test.ts
@@ -139,6 +139,11 @@ tracer.init({
       redactionEnabled: true,
       redactionNamePattern: 'password',
       redactionValuePattern: 'bearer'
+    },
+    appsec: {
+      standalone: {
+        enabled: true
+      }
     }
   }
 })

diff --git a/index.d.ts b/index.d.ts
@@ -556,6 +556,19 @@ declare namespace tracer {
          */
         redactionValuePattern?: string
       }
+
+      appsec?: {
+        /**
+         * Configuration of Standalone ASM mode
+         */
+        standalone?: {
+          /**
+           * Whether to enable Standalone ASM.
+           * @default false
+           */
+          enabled?: boolean
+        }
+      }
     };
 
     /**

diff --git a/package.json b/package.json
@@ -37,7 +37,7 @@
     "test:integration:cypress": "mocha --colors --timeout 30000 -r \"packages/dd-trace/test/setup/core.js\" \"integration-tests/cypress/*.spec.js\"",
     "test:integration:playwright": "mocha --colors --timeout 30000 -r \"packages/dd-trace/test/setup/core.js\" \"integration-tests/playwright/*.spec.js\"",
     "test:integration:selenium": "mocha --colors --timeout 30000 -r \"packages/dd-trace/test/setup/core.js\" \"integration-tests/selenium/*.spec.js\"",
-    "test:integration:profiler": "mocha --colors --timeout 90000 -r \"packages/dd-trace/test/setup/core.js\" \"integration-tests/profiler/*.spec.js\"",
+    "test:integration:profiler": "mocha --colors --timeout 180000 -r \"packages/dd-trace/test/setup/core.js\" \"integration-tests/profiler/*.spec.js\"",
     "test:integration:serverless": "mocha --colors --timeout 30000 -r \"packages/dd-trace/test/setup/core.js\" \"integration-tests/serverless/*.spec.js\"",
     "test:integration:plugins": "mocha --colors --exit -r \"packages/dd-trace/test/setup/mocha.js\" \"packages/datadog-plugin-@($(echo $PLUGINS))/test/integration-test/**/*.spec.js\"",
     "test:unit:plugins": "mocha --colors --exit -r \"packages/dd-trace/test/setup/mocha.js\" \"packages/datadog-instrumentations/test/@($(echo $PLUGINS)).spec.js\" \"packages/datadog-plugin-@($(echo $PLUGINS))/test/**/*.spec.js\" --exclude \"packages/datadog-plugin-@($(echo $PLUGINS))/test/integration-test/**/*.spec.js\"",
@@ -81,7 +81,7 @@
     "crypto-randomuuid": "^1.0.0",
     "dc-polyfill": "^0.1.4",
     "ignore": "^5.2.4",
-    "import-in-the-middle": "^1.7.4",
+    "import-in-the-middle": "^1.8.1",
     "int64-buffer": "^0.1.9",
     "istanbul-lib-coverage": "3.2.0",
     "jest-docblock": "^29.7.0",

diff --git a/packages/datadog-plugin-aws-sdk/test/integration-test/client.spec.js b/packages/datadog-plugin-aws-sdk/test/integration-test/client.spec.js
@@ -15,7 +15,7 @@ describe('esm', () => {
 
   withVersions('aws-sdk', ['aws-sdk'], version => {
     before(async function () {
-      this.timeout(20000)
+      this.timeout(60000)
       sandbox = await createSandbox([`'aws-sdk@${version}'`], false, [
         './packages/datadog-plugin-aws-sdk/test/integration-test/*'])
     })

diff --git a/packages/datadog-plugin-child_process/src/index.js b/packages/datadog-plugin-child_process/src/index.js
@@ -54,7 +54,7 @@ class ChildProcessPlugin extends TracingPlugin {
     }
 
     this.startSpan('command_execution', {
-      service: this.config.service,
+      service: this.config.service || this._tracerConfig.service,
       resource: (shell === true) ? 'sh' : cmdFields[0],
       type: 'system',
       meta

diff --git a/packages/datadog-plugin-child_process/test/index.spec.js b/packages/datadog-plugin-child_process/test/index.spec.js
@@ -34,6 +34,10 @@ describe('Child process plugin', () => {
       tracerStub = {
         startSpan: sinon.stub()
       }
+
+      configStub = {
+        service: 'test-service'
+      }
     })
 
     afterEach(() => {
@@ -52,7 +56,7 @@ describe('Child process plugin', () => {
             childOf: undefined,
             tags: {
               component: 'subprocess',
-              'service.name': undefined,
+              'service.name': 'test-service',
               'resource.name': 'ls',
               'span.kind': undefined,
               'span.type': 'system',
@@ -74,7 +78,7 @@ describe('Child process plugin', () => {
             childOf: undefined,
             tags: {
               component: 'subprocess',
-              'service.name': undefined,
+              'service.name': 'test-service',
               'resource.name': 'sh',
               'span.kind': undefined,
               'span.type': 'system',
@@ -98,7 +102,7 @@ describe('Child process plugin', () => {
             childOf: undefined,
             tags: {
               component: 'subprocess',
-              'service.name': undefined,
+              'service.name': 'test-service',
               'resource.name': 'echo',
               'span.kind': undefined,
               'span.type': 'system',
@@ -123,7 +127,7 @@ describe('Child process plugin', () => {
             childOf: undefined,
             tags: {
               component: 'subprocess',
-              'service.name': undefined,
+              'service.name': 'test-service',
               'resource.name': 'sh',
               'span.kind': undefined,
               'span.type': 'system',
@@ -149,7 +153,7 @@ describe('Child process plugin', () => {
             childOf: undefined,
             tags: {
               component: 'subprocess',
-              'service.name': undefined,
+              'service.name': 'test-service',
               'resource.name': 'ls',
               'span.kind': undefined,
               'span.type': 'system',
@@ -175,7 +179,7 @@ describe('Child process plugin', () => {
             childOf: undefined,
             tags: {
               component: 'subprocess',
-              'service.name': undefined,
+              'service.name': 'test-service',
               'resource.name': 'sh',
               'span.kind': undefined,
               'span.type': 'system',