Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

appsec: upgrade go-libddwaf/v3 #2670

Merged
merged 30 commits into from
May 22, 2024
Merged

appsec: upgrade go-libddwaf/v3 #2670

merged 30 commits into from
May 22, 2024

Conversation

Hellzy
Copy link
Contributor

@Hellzy Hellzy commented Apr 25, 2024
edited

What does this PR do?

JIRA: APPSEC-53057

Upgrades the go-libddwaf dependency to v3.
In v3, actions are now returned as a map[string]any mapping action types to their parameters.
Parameters, while technicaly described as a map[string]any, are actually map[string]string (i.e all param values are provided as strings).

Another important change is that actions are new more granular. When generating a block action, a GRPC and an HTTP
block action are now emitted, instead of a single monolithic block action.
Similarly, listeners can now listen for those actions individually.
This whole split removes a big layer of complexity.

Changes

  • Split actions between http/grpc instead of bundling everything.
  • Remove former action caching system which would embed actions in waf handles.
  • Remove waf handle wrapping which is not necessary anymore
  • Don't parse actions out of the ruleset, which is not necessary anymore since we don't cache them
  • After a WAF run, we now:
    • parse actions returned through WAF results (new)
    • generate the actions (new)
    • propagate actions through dyngo and execute them

Motivation

Reviewer's Checklist

  • Changed code has unit tests for its functionality at or near 100% coverage.
  • System-Tests covering this feature have been added and enabled with the va.b.c-dev version tag.
  • There is a benchmark for any new code, or changes to existing code.
  • If this interacts with the agent in a new way, a system test has been added.
  • Add an appropriate team label so this PR gets put in the right place for the release notes.
  • Non-trivial go.mod changes, e.g. adding new modules, are reviewed by @DataDog/dd-trace-go-guild.

Unsure? Have a question? Request a review!

@DataDog DataDog deleted a comment from github-actions bot May 6, 2024
@DataDog DataDog deleted a comment from github-actions bot May 6, 2024
@DataDog DataDog deleted a comment from github-actions bot May 6, 2024
@DataDog DataDog deleted a comment from github-actions bot May 6, 2024
@DataDog DataDog deleted a comment from github-actions bot May 6, 2024
@DataDog DataDog deleted a comment from github-actions bot May 6, 2024
@DataDog DataDog deleted a comment from github-actions bot May 6, 2024
@DataDog DataDog deleted a comment from github-actions bot May 6, 2024
@DataDog DataDog deleted a comment from github-actions bot May 6, 2024
@DataDog DataDog deleted a comment from github-actions bot May 6, 2024
@DataDog DataDog deleted a comment from github-actions bot May 6, 2024
@DataDog DataDog deleted a comment from github-actions bot May 6, 2024
@DataDog DataDog deleted a comment from github-actions bot May 6, 2024
@DataDog DataDog deleted a comment from github-actions bot May 6, 2024
@DataDog DataDog deleted a comment from github-actions bot May 6, 2024
@DataDog DataDog deleted a comment from github-actions bot May 6, 2024
@pr-commenter
Copy link

pr-commenter bot commented May 6, 2024
edited

Benchmarks

Benchmark execution time: 2024-05-21 14:10:46

Comparing candidate commit 5014170 in PR branch francois.mazeau/go-libddwaf-update with baseline commit d823db5 in branch main.

Found 0 performance improvements and 6 performance regressions! Performance is the same for 38 metrics, 0 unstable metrics.

scenario:BenchmarkPartialFlushing/Disabled-24

  • 🟥 execution_time [+10.554ms; +13.609ms] or [+3.765%; +4.855%]

scenario:BenchmarkPartialFlushing/Enabled-24

  • 🟥 execution_time [+9.236ms; +12.138ms] or [+3.335%; +4.383%]

scenario:BenchmarkSingleSpanRetention/no-rules-24

  • 🟥 execution_time [+10.040µs; +10.704µs] or [+4.186%; +4.463%]

scenario:BenchmarkSingleSpanRetention/with-rules/match-all-24

  • 🟥 execution_time [+9.195µs; +11.184µs] or [+3.789%; +4.608%]

scenario:BenchmarkSingleSpanRetention/with-rules/match-half-24

  • 🟥 execution_time [+9.402µs; +11.052µs] or [+3.868%; +4.546%]

scenario:BenchmarkStartSpan-24

  • 🟥 execution_time [+69.499ns; +117.101ns] or [+3.040%; +5.122%]

@Hellzy Hellzy force-pushed the francois.mazeau/go-libddwaf-update branch 3 times, most recently from 05ebeb2 to 3d7e973 Compare May 16, 2024 11:14
@DataDog DataDog deleted a comment from github-actions bot May 16, 2024
@DataDog DataDog deleted a comment from github-actions bot May 16, 2024
@DataDog DataDog deleted a comment from github-actions bot May 16, 2024
@Hellzy Hellzy force-pushed the francois.mazeau/go-libddwaf-update branch 3 times, most recently from a579afc to 8ec5ab2 Compare May 16, 2024 12:20
@Hellzy Hellzy marked this pull request as ready for review May 16, 2024 12:32
@Hellzy Hellzy requested review from a team as code owners May 16, 2024 12:32
Hellzy added 23 commits May 21, 2024 14:57
@Hellzy
appsec: increase WAF test timeouts
6e1515d
@Hellzy
appsec: actions: simplify
b1fc432
@Hellzy
appsec: actions: add copyright
83e57ed
@Hellzy
appsec: actions: add comments
7bece76
@Hellzy
appsec: move to libddwaf v3
545ffb6
@Hellzy
appsec: use new WAF v3 API
fc819bf
@Hellzy
go.mod: upgrade go-libddwaf to v3.1.0
c034b77
@Hellzy
go.mod: go-libddwaf v3.2.0
df26ca4
@Hellzy
appsec: actions: refactor
7133eb4
@Hellzy
sharedesec: normalize comments
cac1d7e
@Hellzy
sharedesec: add action struct descriptions
28c7e1e
@Hellzy
listener/grpc: better naming for actions processing
163360a
@Hellzy
appsec: actions: use mapstructure for actions decoding
ff876e1
@Hellzy
actions: add ID generation for stacktrace
0b69e2e
@Hellzy
actions: lint
a06e154
@Hellzy
actions: centralize in sharedsec
d665e9a
@Hellzy
go.mod: revert purego upgrade
90342a0
@Hellzy
mapstructure: use tags & weak decoding
fec5046
@Hellzy
actions: add EmitData to the interface
5b724e2
@Hellzy
actions: use stacktrace.Event and only rely on WAF-provided uuid
21cefdb
@Hellzy
waf_tests: set WAF timeout env var at init()
af26c34
@Hellzy
Review: comments, cast check, imports
84643c7
@Hellzy
stacktrace: use new Options API
0b0aced
@Hellzy Hellzy force-pushed the francois.mazeau/go-libddwaf-update branch from d72b505 to 0b0aced Compare May 21, 2024 13:04
@Hellzy Hellzy enabled auto-merge (squash) May 21, 2024 14:53
@Hellzy Hellzy merged commit d32a30c into main May 22, 2024
200 checks passed
@Hellzy Hellzy deleted the francois.mazeau/go-libddwaf-update branch May 22, 2024 07:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Julio-Guerra Julio-Guerra Julio-Guerra left review comments

@github-actions github-actions[bot] github-actions left review comments

@eliottness eliottness eliottness approved these changes

Assignees
No one assigned
Labels
apm:ecosystem contrib/* related feature requests or bugs appsec
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@Hellzy @Julio-Guerra @eliottness