appsec: register ASM_TRUSTED_IPS capability to RC
#2460
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ASM_TRUSTED_IPS is the Remote Config capability that signifies this library is compatible with trusted IPs; meaning it uses `libddwaf v1.12.0` or later. This is expected to produce additional data under the `ASM_DATA` RC product, which contains a set of trusted IPs. The merge strategy for this data is identical to that of other data currently received from RC, meaning if the same entry is provided multiple times, the library will retain the one with the latest expiration timestamp.
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
- Pre-allocating certain maps & slices for more efficient processing - Making `combineRCRulesUpdates` a method of `*rulesManager` - Extracting a duplicated []Capabilities slice into a shared variable
RomainMuller
changed the base branch from
main
to
romain.marcadier/prealloc-rc
…sted-ips/APPSEC-18230 # Conflicts: # internal/appsec/remoteconfig.go
BenchmarksBenchmark execution time: 2023-12-21 16:40:45 Comparing candidate commit 82220ea in PR branch Found 0 performance improvements and 0 performance regressions! Performance is the same for 39 metrics, 2 unstable metrics. |
Hellzy
approved these changes
Dec 21, 2023
RomainMuller
changed the title
ASM_TRUSTED_IPS capability to RC
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What does this PR do?
ASM_TRUSTED_IPS is the Remote Config capability that signifies this library is compatible with trusted IPs; meaning it uses
libddwaf v1.12.0or later.This is expected to produce additional data under the
ASM_DATARC product, which contains a set of trusted IPs. The merge strategy for this data is identical to that of other data currently received from RC, meaning if the same entry is provided multiple times, the library will retain the one with the latest expiration timestamp.Reviewer's Checklist
For Datadog employees:
@DataDog/security-design-and-guidance.Unsure? Have a question? Request a review!