Merge pull request #4025 from DataDog/shatzi/DEBUG-1115/sanitize-env-…

…version-rc-requests

Sanitize env version in remote config request

dd-java-agent/agent-debugger/src/main/java/com/datadog/debugger/agent/ConfigurationUpdater.java

@@ -3,11 +3,11 @@
 import com.datadog.debugger.instrumentation.InstrumentationResult;
 import com.datadog.debugger.sink.DebuggerSink;
 import com.datadog.debugger.util.ExceptionHelper;
-import com.datadog.debugger.util.TagsHelper;
 import datadog.trace.api.Config;
 import datadog.trace.bootstrap.debugger.DebuggerContext;
 import datadog.trace.bootstrap.debugger.ProbeRateLimiter;
 import datadog.trace.bootstrap.debugger.Snapshot;
+import datadog.trace.util.TagsHelper;
 import java.lang.instrument.Instrumentation;
 import java.util.ArrayList;
 import java.util.Arrays;

dd-java-agent/agent-debugger/src/main/java/com/datadog/debugger/agent/EnvironmentAndVersionChecker.java

@@ -1,6 +1,7 @@
 package com.datadog.debugger.agent;
 
 import datadog.trace.api.Config;
+import datadog.trace.util.TagsHelper;
 import java.util.Arrays;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -14,8 +15,8 @@ public class EnvironmentAndVersionChecker {
   private final String version;
 
   public EnvironmentAndVersionChecker(Config config) {
-    environment = config.getEnv();
-    version = config.getVersion();
+    environment = TagsHelper.sanitize(config.getEnv());
+    version = TagsHelper.sanitize(config.getVersion());
   }
 
   public boolean isEnvAndVersionMatch(ProbeDefinition definition) {

dd-java-agent/agent-debugger/src/main/java/com/datadog/debugger/agent/ProbeStatus.java

@@ -1,13 +1,13 @@
 package com.datadog.debugger.agent;
 
-import com.datadog.debugger.util.TagsHelper;
 import com.squareup.moshi.Json;
 import com.squareup.moshi.JsonAdapter;
 import com.squareup.moshi.JsonReader;
 import com.squareup.moshi.JsonWriter;
 import com.squareup.moshi.Moshi;
 import datadog.trace.api.Config;
 import datadog.trace.bootstrap.debugger.CapturedStackFrame;
+import datadog.trace.util.TagsHelper;
 import java.io.IOException;
 import java.lang.annotation.Annotation;
 import java.lang.reflect.Type;

dd-java-agent/agent-debugger/src/main/java/com/datadog/debugger/sink/SnapshotSink.java

@@ -1,10 +1,10 @@
 package com.datadog.debugger.sink;
 
 import com.datadog.debugger.util.ExceptionHelper;
-import com.datadog.debugger.util.TagsHelper;
 import datadog.trace.api.Config;
 import datadog.trace.bootstrap.debugger.DebuggerContext;
 import datadog.trace.bootstrap.debugger.Snapshot;
+import datadog.trace.util.TagsHelper;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.concurrent.ArrayBlockingQueue;

dd-java-agent/agent-debugger/src/test/java/com/datadog/debugger/agent/EnvironmentAndVersionCheckerTest.java

@@ -0,0 +1,112 @@
+package com.datadog.debugger.agent;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.mockito.Mockito.lenient;
+
+import datadog.trace.api.Config;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.Mock;
+import org.mockito.junit.jupiter.MockitoExtension;
+
+@ExtendWith(MockitoExtension.class)
+public class EnvironmentAndVersionCheckerTest {
+
+  private static final String SERVICE_ENV_PROD = "prod";
+  private static final String SERVICE_ENV_PROD_CAP = "PROD";
+  private static final String SERVICE_VERSION_1 = "v1.0.0";
+  private static final String SERVICE_VERSION_2 = "v1.0.0-SNAPSHOT";
+
+  @Mock private Config config;
+
+  @Test
+  public void EmptyTagsPassValidation() {
+    lenient().when(config.getEnv()).thenReturn(SERVICE_ENV_PROD);
+    lenient().when(config.getVersion()).thenReturn(SERVICE_VERSION_1);
+
+    EnvironmentAndVersionChecker checker = new EnvironmentAndVersionChecker(config);
+
+    assertEquals(true, checker.isEnvAndVersionMatch(getProbeWithTags()));
+  }
+
+  @Test
+  public void EnvironmentTagPassValidation() {
+    lenient().when(config.getEnv()).thenReturn(SERVICE_ENV_PROD);
+    lenient().when(config.getVersion()).thenReturn(SERVICE_VERSION_1);
+
+    EnvironmentAndVersionChecker checker = new EnvironmentAndVersionChecker(config);
+
+    assertEquals(true, checker.isEnvAndVersionMatch(getProbeWithTags("env:" + SERVICE_ENV_PROD)));
+  }
+
+  @Test
+  public void EnvironmentTagFailedValidation() {
+    lenient().when(config.getEnv()).thenReturn(SERVICE_ENV_PROD);
+    lenient().when(config.getVersion()).thenReturn(SERVICE_VERSION_1);
+
+    EnvironmentAndVersionChecker checker = new EnvironmentAndVersionChecker(config);
+
+    assertEquals(false, checker.isEnvAndVersionMatch(getProbeWithTags("env:staging")));
+    assertEquals(
+        false,
+        checker.isEnvAndVersionMatch(
+            getProbeWithTags("env:staging", "version:" + SERVICE_VERSION_1)));
+  }
+
+  @Test
+  public void EnvironmentTagPassValidationAfterSanitization() {
+    lenient().when(config.getEnv()).thenReturn(SERVICE_ENV_PROD_CAP);
+    lenient().when(config.getVersion()).thenReturn(SERVICE_VERSION_1);
+
+    EnvironmentAndVersionChecker checker = new EnvironmentAndVersionChecker(config);
+
+    assertEquals(true, checker.isEnvAndVersionMatch(getProbeWithTags("env:" + SERVICE_ENV_PROD)));
+  }
+
+  @Test
+  public void VersionTagFailedValidation() {
+    lenient().when(config.getEnv()).thenReturn(SERVICE_ENV_PROD);
+    lenient().when(config.getVersion()).thenReturn(SERVICE_VERSION_1);
+
+    EnvironmentAndVersionChecker checker = new EnvironmentAndVersionChecker(config);
+
+    assertEquals(false, checker.isEnvAndVersionMatch(getProbeWithTags("version:1.2.3")));
+    assertEquals(
+        false,
+        checker.isEnvAndVersionMatch(getProbeWithTags("env:" + SERVICE_ENV_PROD, "version:1.2.3")));
+  }
+
+  @Test
+  public void VersionTagPassValidation() {
+    lenient().when(config.getEnv()).thenReturn(SERVICE_ENV_PROD);
+    lenient().when(config.getVersion()).thenReturn(SERVICE_VERSION_1);
+
+    EnvironmentAndVersionChecker checker = new EnvironmentAndVersionChecker(config);
+
+    assertEquals(
+        true, checker.isEnvAndVersionMatch(getProbeWithTags("version:" + SERVICE_VERSION_1)));
+    assertEquals(
+        true,
+        checker.isEnvAndVersionMatch(
+            getProbeWithTags("env:" + SERVICE_ENV_PROD, "version:" + SERVICE_VERSION_1)));
+  }
+
+  @Test
+  public void VersionTagPassValidationAfterSanitization() {
+    lenient().when(config.getEnv()).thenReturn(SERVICE_ENV_PROD_CAP);
+    lenient().when(config.getVersion()).thenReturn(SERVICE_VERSION_2);
+
+    EnvironmentAndVersionChecker checker = new EnvironmentAndVersionChecker(config);
+
+    assertEquals(
+        true,
+        checker.isEnvAndVersionMatch(
+            getProbeWithTags("version:" + SERVICE_VERSION_2.toLowerCase())));
+  }
+
+  private com.datadog.debugger.agent.ProbeDefinition getProbeWithTags(String... tags) {
+    SnapshotProbe probe = new SnapshotProbe("java", "1", true, tags, null, null, null, null);
+
+    return probe;
+  }
+}

dd-smoke-tests/debugger-integration-tests/src/test/java/datadog/smoketest/DebuggerIntegrationTest.java

@@ -8,10 +8,10 @@
 
 import com.datadog.debugger.agent.JsonSnapshotSerializer;
 import com.datadog.debugger.agent.SnapshotProbe;
-import com.datadog.debugger.util.TagsHelper;
 import com.squareup.moshi.JsonAdapter;
 import datadog.trace.api.Platform;
 import datadog.trace.bootstrap.debugger.Snapshot;
+import datadog.trace.util.TagsHelper;
 import java.io.IOException;
 import java.nio.file.Files;
 import java.nio.file.Path;

dd-smoke-tests/debugger-integration-tests/src/test/java/datadog/smoketest/ServerDebuggerIntegrationTest.java

@@ -9,9 +9,9 @@
 import com.datadog.debugger.agent.JsonSnapshotSerializer;
 import com.datadog.debugger.agent.ProbeStatus;
 import com.datadog.debugger.agent.SnapshotProbe;
-import com.datadog.debugger.util.TagsHelper;
 import com.squareup.moshi.JsonAdapter;
 import datadog.trace.bootstrap.debugger.Snapshot;
+import datadog.trace.util.TagsHelper;
 import java.io.EOFException;
 import java.io.IOException;
 import java.util.Collections;

dd-smoke-tests/debugger-integration-tests/src/test/java/datadog/smoketest/TracerDebuggerIntegrationTest.java

@@ -7,10 +7,10 @@
 
 import com.datadog.debugger.agent.JsonSnapshotSerializer;
 import com.datadog.debugger.agent.SnapshotProbe;
-import com.datadog.debugger.util.TagsHelper;
 import com.squareup.moshi.JsonAdapter;
 import datadog.trace.agent.test.utils.PortUtils;
 import datadog.trace.bootstrap.debugger.Snapshot;
+import datadog.trace.util.TagsHelper;
 import java.io.IOException;
 import java.nio.file.Files;
 import java.nio.file.Path;

dd-trace-core/src/main/java/datadog/trace/core/StatusLogger.java

@@ -101,6 +101,10 @@ public void toJson(JsonWriter writer, Config config) throws IOException {
     writer.value(config.isLogsInjectionEnabled());
     writer.name("profiling_enabled");
     writer.value(config.isProfilingEnabled());
+    writer.name("remote_config_enabled");
+    writer.value(config.isRemoteConfigEnabled());
+    writer.name("debugger_enabled");
+    writer.value(config.isDebuggerEnabled());
     writer.name("appsec_enabled");
     writer.value(config.getAppSecEnabledConfig().toString());
     writer.name("appsec_rules_file_path");