From 48847fc1fbd9729d637ef01938fec6966bad991c Mon Sep 17 00:00:00 2001 From: Alberto Vara Date: Mon, 23 Dec 2024 14:39:31 +0100 Subject: [PATCH 01/11] chore(iast): migrate test packages to gitlab --- .circleci/config.templ.yml | 13 ------------- hatch.toml | 22 ++++++++++++++++++++++ tests/appsec/suitespec.yml | 13 ------------- 3 files changed, 22 insertions(+), 26 deletions(-) diff --git a/.circleci/config.templ.yml b/.circleci/config.templ.yml index 73994eab222..05da52d643a 100644 --- a/.circleci/config.templ.yml +++ b/.circleci/config.templ.yml @@ -404,19 +404,6 @@ jobs: paths: - "." - appsec_iast_packages: - <<: *machine_executor - parallelism: 5 - steps: - - when: - condition: - matches: { pattern: "main", value: << pipeline.git.branch >> } - steps: - - run_test: - pattern: 'appsec_iast_packages' - snapshot: true - - run: echo "This test is skipped outside of main branch" - appsec_integrations: <<: *machine_executor parallelism: 13 diff --git a/hatch.toml b/hatch.toml index 614054dbfed..8a4a65751fa 100644 --- a/hatch.toml +++ b/hatch.toml @@ -299,6 +299,28 @@ test = [ [[envs.appsec_iast_native.matrix]] python = ["3.7", "3.8", "3.9", "3.10", "3.11", "3.12", "3.13"] +## ASM appsec_iast_packages + +[envs.appsec_iast_packages] +template = "appsec_iast_packages" +dependencies = [ + "requests", + "astunparse", + "flask", + "virtualenv-clone" +] + +[envs.appsec_iast_packages.scripts] +test = [ + "uname -a", + "pip freeze", + "DD_CIVISIBILITY_ITR_ENABLED=0 DD_IAST_REQUEST_SAMPLING=100 _DD_APPSEC_DEDUPLICATION_ENABLED=false python -m pytest tests/appsec/iast_packages", +] + +[[envs.appsec_iast_packages.matrix]] +python = ["3.8", "3.9", "3.10", "3.11", "3.12", "3.13"] + + ## ASM FastAPI [envs.appsec_threats_fastapi] diff --git a/tests/appsec/suitespec.yml b/tests/appsec/suitespec.yml index e2b15e2336c..5a02cbf907c 100644 --- a/tests/appsec/suitespec.yml +++ b/tests/appsec/suitespec.yml @@ -73,19 +73,6 @@ suites: - '@remoteconfig' retry: 2 runner: hatch - appsec_iast_packages: - parallelism: 5 - paths: - - '@bootstrap' - - '@core' - - '@tracing' - - '@appsec' - - '@appsec_iast' - - '@remoteconfig' - - tests/appsec/iast/* - - tests/appsec/iast_packages/* - runner: riot - snapshot: true appsec_integrations: parallelism: 7 paths: From 059f9c36fc9a2f8d035e15da1a78844eb355a3d1 Mon Sep 17 00:00:00 2001 From: Alberto Vara Date: Mon, 23 Dec 2024 14:49:07 +0100 Subject: [PATCH 02/11] chore(iast): migrate test packages to gitlab --- tests/appsec/suitespec.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/tests/appsec/suitespec.yml b/tests/appsec/suitespec.yml index 5a02cbf907c..c7bb807b792 100644 --- a/tests/appsec/suitespec.yml +++ b/tests/appsec/suitespec.yml @@ -73,6 +73,19 @@ suites: - '@remoteconfig' retry: 2 runner: hatch + appsec_iast_packages: + parallelism: 5 + paths: + - '@bootstrap' + - '@core' + - '@tracing' + - '@appsec' + - '@appsec_iast' + - '@remoteconfig' + - tests/appsec/iast/* + - tests/appsec/iast_packages/* + retry: 2 + runner: hatch appsec_integrations: parallelism: 7 paths: From dfd3f8817dc3a63534ba82c647f6bfa827fb6d09 Mon Sep 17 00:00:00 2001 From: Alberto Vara Date: Mon, 23 Dec 2024 15:02:21 +0100 Subject: [PATCH 03/11] chore(iast): migrate test packages to gitlab --- hatch.toml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/hatch.toml b/hatch.toml index 8a4a65751fa..96a842df601 100644 --- a/hatch.toml +++ b/hatch.toml @@ -304,6 +304,10 @@ python = ["3.7", "3.8", "3.9", "3.10", "3.11", "3.12", "3.13"] [envs.appsec_iast_packages] template = "appsec_iast_packages" dependencies = [ + "pytest", + "pytest-cov", + "requests", + "hypothesis", "requests", "astunparse", "flask", From 10733dd12d3d4e206aaf354558f74b99140fdaa1 Mon Sep 17 00:00:00 2001 From: Alberto Vara Date: Mon, 23 Dec 2024 15:59:54 +0100 Subject: [PATCH 04/11] chore(iast): improve iast startup time (cherry picked from commit aabf854955b9b7a2f69eff7571a2d060a4b784f8) --- .gitlab/testrunner.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab/testrunner.yml b/.gitlab/testrunner.yml index fe9fb34bec6..25d166aabda 100644 --- a/.gitlab/testrunner.yml +++ b/.gitlab/testrunner.yml @@ -2,7 +2,7 @@ image: registry.ddbuild.io/images/mirror/dd-trace-py/testrunner:0a50e839f4b1600f02157518b8d016451b346578@sha256:5dae9bc7872f69b31b612690f0748c7ad71ab90ef28a754b2ae93d0ba505837b # DEV: we have a larger pool of amd64 runners, prefer that over arm64 tags: [ "arch:amd64" ] - timeout: 20m + timeout: 35m before_script: - ulimit -c unlimited - pyenv global 3.12 3.7 3.8 3.9 3.10 3.11 3.13 From 32d87a8b610bbc3f4e0f4e560c4c066fb452ce35 Mon Sep 17 00:00:00 2001 From: Alberto Vara Date: Mon, 23 Dec 2024 17:17:16 +0100 Subject: [PATCH 05/11] chore(iast): migrate test packages to gitlab --- .gitlab/testrunner.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab/testrunner.yml b/.gitlab/testrunner.yml index 25d166aabda..5a8dde07792 100644 --- a/.gitlab/testrunner.yml +++ b/.gitlab/testrunner.yml @@ -2,7 +2,7 @@ image: registry.ddbuild.io/images/mirror/dd-trace-py/testrunner:0a50e839f4b1600f02157518b8d016451b346578@sha256:5dae9bc7872f69b31b612690f0748c7ad71ab90ef28a754b2ae93d0ba505837b # DEV: we have a larger pool of amd64 runners, prefer that over arm64 tags: [ "arch:amd64" ] - timeout: 35m + timeout: 45m before_script: - ulimit -c unlimited - pyenv global 3.12 3.7 3.8 3.9 3.10 3.11 3.13 From 5e6b2ab535c30e35addb27fa8a47fe2d78178e11 Mon Sep 17 00:00:00 2001 From: Alberto Vara Date: Tue, 24 Dec 2024 09:57:52 +0100 Subject: [PATCH 06/11] chore(iast): migrate test packages to gitlab --- .gitlab/testrunner.yml | 2 +- scripts/gen_gitlab_config.py | 6 ++++++ tests/appsec/suitespec.yml | 4 ++++ 3 files changed, 11 insertions(+), 1 deletion(-) diff --git a/.gitlab/testrunner.yml b/.gitlab/testrunner.yml index 5a8dde07792..afc4a077142 100644 --- a/.gitlab/testrunner.yml +++ b/.gitlab/testrunner.yml @@ -2,7 +2,7 @@ image: registry.ddbuild.io/images/mirror/dd-trace-py/testrunner:0a50e839f4b1600f02157518b8d016451b346578@sha256:5dae9bc7872f69b31b612690f0748c7ad71ab90ef28a754b2ae93d0ba505837b # DEV: we have a larger pool of amd64 runners, prefer that over arm64 tags: [ "arch:amd64" ] - timeout: 45m + timeout: 5m before_script: - ulimit -c unlimited - pyenv global 3.12 3.7 3.8 3.9 3.10 3.11 3.13 diff --git a/scripts/gen_gitlab_config.py b/scripts/gen_gitlab_config.py index 8dc9e5b178f..96dfd5a4ff0 100644 --- a/scripts/gen_gitlab_config.py +++ b/scripts/gen_gitlab_config.py @@ -22,6 +22,7 @@ class JobSpec: timeout: t.Optional[int] = None skip: bool = False paths: t.Optional[t.Set[str]] = None # ignored + only: t.Optional[t.Set[str]] = None # ignored def __str__(self) -> str: lines = [] @@ -60,6 +61,11 @@ def __str__(self) -> str: for key, value in env.items(): lines.append(f" {key}: {value}") + if self.only: + lines.append(" only:") + for value in self.only: + lines.append(f" - {value}") + if self.parallelism is not None: lines.append(f" parallel: {self.parallelism}") diff --git a/tests/appsec/suitespec.yml b/tests/appsec/suitespec.yml index c7bb807b792..50dcd9de519 100644 --- a/tests/appsec/suitespec.yml +++ b/tests/appsec/suitespec.yml @@ -86,6 +86,10 @@ suites: - tests/appsec/iast_packages/* retry: 2 runner: hatch + timeout: 45m + only: + - 'main' + - 'avara1986/migrate_test_packages_to_gitlab' appsec_integrations: parallelism: 7 paths: From 94076e1a4246abe8574abbde4885f22425639b11 Mon Sep 17 00:00:00 2001 From: Alberto Vara Date: Tue, 24 Dec 2024 10:17:45 +0100 Subject: [PATCH 07/11] chore(iast): migrate test packages to gitlab --- .gitlab/testrunner.yml | 2 +- hatch.toml | 2 +- tests/appsec/suitespec.yml | 3 +-- 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/.gitlab/testrunner.yml b/.gitlab/testrunner.yml index afc4a077142..fe9fb34bec6 100644 --- a/.gitlab/testrunner.yml +++ b/.gitlab/testrunner.yml @@ -2,7 +2,7 @@ image: registry.ddbuild.io/images/mirror/dd-trace-py/testrunner:0a50e839f4b1600f02157518b8d016451b346578@sha256:5dae9bc7872f69b31b612690f0748c7ad71ab90ef28a754b2ae93d0ba505837b # DEV: we have a larger pool of amd64 runners, prefer that over arm64 tags: [ "arch:amd64" ] - timeout: 5m + timeout: 20m before_script: - ulimit -c unlimited - pyenv global 3.12 3.7 3.8 3.9 3.10 3.11 3.13 diff --git a/hatch.toml b/hatch.toml index 96a842df601..0ceade3793a 100644 --- a/hatch.toml +++ b/hatch.toml @@ -322,7 +322,7 @@ test = [ ] [[envs.appsec_iast_packages.matrix]] -python = ["3.8", "3.9", "3.10", "3.11", "3.12", "3.13"] +python = ["3.9", "3.10", "3.11", "3.12", "3.13"] ## ASM FastAPI diff --git a/tests/appsec/suitespec.yml b/tests/appsec/suitespec.yml index 50dcd9de519..d761b8c5274 100644 --- a/tests/appsec/suitespec.yml +++ b/tests/appsec/suitespec.yml @@ -86,10 +86,9 @@ suites: - tests/appsec/iast_packages/* retry: 2 runner: hatch - timeout: 45m + timeout: 50m only: - 'main' - - 'avara1986/migrate_test_packages_to_gitlab' appsec_integrations: parallelism: 7 paths: From 0cec96425b95379ea339aa405d5fcee8e5e5cb2b Mon Sep 17 00:00:00 2001 From: Alberto Vara Date: Tue, 24 Dec 2024 10:41:58 +0100 Subject: [PATCH 08/11] chore(iast): migrate test packages to gitlab --- tests/appsec/suitespec.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/appsec/suitespec.yml b/tests/appsec/suitespec.yml index d761b8c5274..db442eae65e 100644 --- a/tests/appsec/suitespec.yml +++ b/tests/appsec/suitespec.yml @@ -89,6 +89,7 @@ suites: timeout: 50m only: - 'main' + - 'avara1986/migrate_test_packages_to_gitlab' appsec_integrations: parallelism: 7 paths: From 1cf265b374b91ab630ad38d6f86bdf091ba4a2e9 Mon Sep 17 00:00:00 2001 From: Alberto Vara Date: Tue, 24 Dec 2024 11:04:50 +0100 Subject: [PATCH 09/11] itr:noskip circleci:all From faeb3883d4aa0f239a8adc0fab97bda787c168c6 Mon Sep 17 00:00:00 2001 From: Alberto Vara Date: Tue, 24 Dec 2024 11:54:09 +0100 Subject: [PATCH 10/11] Revert "chore(iast): migrate test packages to gitlab" This reverts commit 0cec96425b95379ea339aa405d5fcee8e5e5cb2b. --- tests/appsec/suitespec.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/appsec/suitespec.yml b/tests/appsec/suitespec.yml index db442eae65e..d761b8c5274 100644 --- a/tests/appsec/suitespec.yml +++ b/tests/appsec/suitespec.yml @@ -89,7 +89,6 @@ suites: timeout: 50m only: - 'main' - - 'avara1986/migrate_test_packages_to_gitlab' appsec_integrations: parallelism: 7 paths: From 000c5832dae183fbac4e820a43bec19406d5b00e Mon Sep 17 00:00:00 2001 From: Alberto Vara Date: Tue, 24 Dec 2024 12:02:39 +0100 Subject: [PATCH 11/11] chore(iast): migrate test packages to gitlab --- hatch.toml | 2 +- tests/appsec/suitespec.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/hatch.toml b/hatch.toml index 0ceade3793a..17db9324623 100644 --- a/hatch.toml +++ b/hatch.toml @@ -322,7 +322,7 @@ test = [ ] [[envs.appsec_iast_packages.matrix]] -python = ["3.9", "3.10", "3.11", "3.12", "3.13"] +python = ["3.9", "3.10", "3.11", "3.12"] ## ASM FastAPI diff --git a/tests/appsec/suitespec.yml b/tests/appsec/suitespec.yml index d761b8c5274..867a1a46d54 100644 --- a/tests/appsec/suitespec.yml +++ b/tests/appsec/suitespec.yml @@ -74,7 +74,7 @@ suites: retry: 2 runner: hatch appsec_iast_packages: - parallelism: 5 + parallelism: 4 paths: - '@bootstrap' - '@core'