Skip to content

Create activation origin config for telemetry #9064

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Jul 16, 2025
Merged

Create activation origin config for telemetry #9064

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
35f4f61
Create activation origin config for telemetry
sezen-datadog Jun 30, 2025
9df1e99
Add smoke test
manuel-alvarez-alvarez Jul 11, 2025
1a8ee07
Fix failing remote config test
manuel-alvarez-alvarez Jul 16, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions dd-java-agent/appsec/src/main/java/com/datadog/appsec/config/AppSecConfigServiceImpl.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
import static datadog.remoteconfig.Capabilities.CAPABILITY_ASM_TRUSTED_IPS;
import static datadog.remoteconfig.Capabilities.CAPABILITY_ASM_USER_BLOCKING;
import static datadog.remoteconfig.Capabilities.CAPABILITY_ENDPOINT_FINGERPRINT;
import static datadog.trace.api.config.AppSecConfig.APPSEC_ENABLED;

import com.datadog.appsec.AppSecModule;
import com.datadog.appsec.AppSecSystem;
Expand All @@ -45,6 +46,8 @@
import datadog.remoteconfig.state.ConfigKey;
import datadog.remoteconfig.state.ProductListener;
import datadog.trace.api.Config;
import datadog.trace.api.ConfigCollector;
import datadog.trace.api.ConfigOrigin;
import datadog.trace.api.ProductActivation;
import datadog.trace.api.UserIdCollectionMode;
import datadog.trace.api.telemetry.LogCollector;
Expand Down Expand Up @@ -517,6 +520,8 @@ private void setAppSecActivation(final AppSecFeatures.Asm asm) {
newState = tracerConfig.getAppSecActivation() == ProductActivation.FULLY_ENABLED;
} else {
newState = asm.enabled;
// Report AppSec activation change via telemetry when modified via remote config
ConfigCollector.get().put(APPSEC_ENABLED, asm.enabled, ConfigOrigin.REMOTE);
}
if (AppSecSystem.isActive() != newState) {
log.info("AppSec {} (runtime)", newState ? "enabled" : "disabled");
Expand Down
14 changes: 14 additions & 0 deletions ...tests/dynamic-config/src/main/java/datadog/smoketest/dynamicconfig/AppSecApplication.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
package datadog.smoketest.dynamicconfig;

import java.util.concurrent.TimeUnit;

public class AppSecApplication {

public static final long TIMEOUT_IN_SECONDS = 10;

public static void main(String[] args) throws InterruptedException {
// just wait as we want to test RC payloads
Thread.sleep(TimeUnit.SECONDS.toMillis(TIMEOUT_IN_SECONDS));
System.exit(0);
}
}
42 changes: 42 additions & 0 deletions ...e-tests/dynamic-config/src/test/groovy/datadog/smoketest/AppSecActivationSmokeTest.groovy
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
package datadog.smoketest

import datadog.smoketest.dynamicconfig.AppSecApplication

class AppSecActivationSmokeTest extends AbstractSmokeTest {

@Override
ProcessBuilder createProcessBuilder() {
def command = [javaPath()]
command += defaultJavaProperties.toList()
command += [
'-Ddd.remote_config.enabled=true',
"-Ddd.remote_config.url=http://localhost:${server.address.port}/v0.7/config".toString(),
'-Ddd.remote_config.poll_interval.seconds=1',
'-Ddd.profiling.enabled=false',
'-cp',
System.getProperty('datadog.smoketest.shadowJar.path'),
AppSecApplication.name
]

final processBuilder = new ProcessBuilder(command)
processBuilder.directory(new File(buildDirectory))
}

void 'test activation config change is sent via RC'() {
when:
setRemoteConfig('datadog/2/ASM_FEATURES/asm_features_activation/config', '{"asm":{"enabled":true}}')

then:
waitForTelemetryFlat {
if (it['request_type'] != 'app-client-configuration-change') {
return false
}
final configurations = (List<Map<String, Object>>) it?.payload?.configuration ?: []
final enabledConfig = configurations.find { it.name == 'appsec_enabled' }
if (!enabledConfig) {
return false
}
return enabledConfig.value == 'true' && enabledConfig .origin == 'remote_config'
}
}
}