Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

appsec: report http.client_ip only when appsec is enabled #1523

Merged
merged 7 commits into from Oct 24, 2022
Merged

appsec: report http.client_ip only when appsec is enabled #1523

merged 7 commits into from Oct 24, 2022

Conversation

Hellzy
Copy link
Contributor

@Hellzy Hellzy commented Oct 19, 2022
edited by Julio-Guerra

The span tag http.client_ip shouldn't be reported by default by APM alone, but rather be an ASM-only feature as part of the security monitoring data that ASM collects.

This PR completely removes http.client_ip from the APM contribs, and rather moves it back into the ASM's HTTP middlewares.

System-tests properly cover the following cases:

  1. AppSec is disabled: http.client_ip is never not reported: https://github.com/DataDog/system-tests/blob/main/scenarios/appsec/test_client_ip.py#L17
  2. AppSec is enabled: http.client_ip always reported - with or without an attack: https://github.com/DataDog/system-tests/blob/main/tests/test_standard_tags.py#L166

@Hellzy Hellzy added this to the v1.44.0 milestone Oct 20, 2022
@Julio-Guerra Julio-Guerra mentioned this pull request Oct 24, 2022
Closed
@Julio-Guerra Julio-Guerra marked this pull request as ready for review October 24, 2022 07:55
@Julio-Guerra Julio-Guerra requested a review from a team as a code owner October 24, 2022 07:55
@Julio-Guerra Julio-Guerra requested a review from a team October 24, 2022 07:55
@Julio-Guerra Julio-Guerra changed the title [WIP] internal/appsec: set http client IP before operation start appsec: report http.client_ip only when appsec is enabled Oct 24, 2022
@Julio-Guerra Julio-Guerra added bug unintended behavior that has to be fixed appsec tracer labels Oct 24, 2022
ajgajg1134
ajgajg1134 approved these changes Oct 24, 2022
View reviewed changes
Copy link
Contributor

@ajgajg1134 ajgajg1134 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good!

@Julio-Guerra Julio-Guerra merged commit 649fa0c into main Oct 24, 2022
@Julio-Guerra Julio-Guerra deleted the francois.mazeau/http-client-ip-rework branch October 24, 2022 19:17
Julio-Guerra added a commit that referenced this pull request Oct 25, 2022
@Hellzy @Julio-Guerra
appsec: report http.client_ip only when appsec is enabled (#1523)
b1c702e 
Co-authored-by: Julio Guerra <julio@datadog.com>
@Julio-Guerra
Copy link
Contributor

Now backported into release-v1.43.x

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Julio-Guerra Julio-Guerra Julio-Guerra approved these changes

@ajgajg1134 ajgajg1134 ajgajg1134 approved these changes

Assignees

@Julio-Guerra Julio-Guerra

Labels
appsec bug unintended behavior that has to be fixed tracer
Projects
None yet
Milestone
v1.44.0
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@Hellzy @Julio-Guerra @ajgajg1134