chore: add IAST smoke tests for common packages #9469

juanjux · 2024-06-03T19:59:46Z

Description

Adds smoke + small integration tests of the most used modules. Still in progress, will be split into several PRs. Originally by @avara1986

Changes since the previous reverted PR:

Run the install/tests inside a virtual environmnent (one for every package, cloned from an initial one to avoid re-installing all deps) to avoid side effects.
Small refactor to simplify things.

Checklist

Change(s) are motivated and described in the PR description
Testing strategy is described if automated tests are not included in the PR
Risks are described (performance impact, potential for breakage, maintainability)
Change is maintainable (easy to change, telemetry, documentation)
Library release note guidelines are followed or label changelog/no-changelog is set
Documentation is included (in-code, generated user docs, public corp docs)
Backport labels are set (if applicable)
If this PR changes the public interface, I've notified @DataDog/apm-tees.

Reviewer Checklist

Title is accurate
All changes are related to the pull request's stated goal
Description motivates each change
Avoids breaking API changes
Testing strategy adequately addresses listed risks
Change is maintainable (easy to change, telemetry, documentation)
Release note makes sense to a user of the library
Author has acknowledged and discussed the performance implications of this PR as reported in the benchmarks PR comment
Backport labels are set in a manner that is consistent with the release branch maintenance policy

…egration_tests

Signed-off-by: Juanjo Alvarez <juanjo.alvarezmartinez@datadoghq.com>

datadog-dd-trace-py-rkomorn · 2024-06-03T20:36:15Z

Datadog Report

Branch report: APPSEC-53118-iast_integration_tests
Commit report: 9345f50
Test service: dd-trace-py

✅ 0 Failed, 176131 Passed, 1252 Skipped, 11h 21m 50.01s Total duration (7m 16.54s time saved)

Signed-off-by: Juanjo Alvarez <juanjo.alvarezmartinez@datadoghq.com>

github-advanced-security

CodeQL found more than 20 potential problems in the proposed changes. Check the Files changed tab for more details.

Signed-off-by: Juanjo Alvarez <juanjo.alvarezmartinez@datadoghq.com>

pr-commenter · 2024-06-05T12:30:32Z

Benchmarks

Benchmark execution time: 2024-06-12 08:34:46

Comparing candidate commit 9345f50 in PR branch APPSEC-53118-iast_integration_tests with baseline commit ec67b2c in branch main.

Found 0 performance improvements and 0 performance regressions! Performance is the same for 221 metrics, 9 unstable metrics.

tests/appsec/iast_packages/inside_env_runner.py

tests/appsec/iast_packages/packages/pkg_s3transfer.py

tests/appsec/iast_packages/test_packages.py

Co-authored-by: Federico Mon <federico.mon@datadoghq.com>

Signed-off-by: Juanjo Alvarez <juanjo.alvarezmartinez@datadoghq.com>

tests/appsec/iast_packages/inside_env_runner.py

tests/appsec/iast_packages/packages/pkg_certifi.py

brettlangdon

riotfile changes lgtm

Signed-off-by: Juanjo Alvarez <juanjo.alvarezmartinez@datadoghq.com>

avara1986 and others added 7 commits May 29, 2024 15:29

chore(iast): add integration tests. add extra validations

43884f7

chore(iast): add integration tests. add extra validations

cbcdf28

chore(iast): add integration tests. add extra validations

01cfe63

chore(iast): add integration tests. add extra validations

fedb7b2

chore(iast): add integration tests. add extra validations

3c2411b

Merge remote-tracking branch 'origin/main' into APPSEC-53118-iast_int…

f06973c

…egration_tests

Run package tests inside pyenv + refactor

ac2d1a2

Signed-off-by: Juanjo Alvarez <juanjo.alvarezmartinez@datadoghq.com>

juanjux added the ASM Application Security Monitoring label Jun 3, 2024

juanjux self-assigned this Jun 3, 2024

juanjux requested review from a team as code owners June 3, 2024 19:59

juanjux requested review from P403n1x87, duncanista and erikayasuda June 3, 2024 19:59

juanjux added the changelog/no-changelog A changelog entry is not required for this PR. label Jun 3, 2024

juanjux changed the title ~~Appsec 53118 iast integration tests~~ chore: add smoke tests for common packages Jun 3, 2024

juanjux added 2 commits June 3, 2024 22:03

Merge branch 'main' into APPSEC-53118-iast_integration_tests

4047666

fmt

41a8b67

Signed-off-by: Juanjo Alvarez <juanjo.alvarezmartinez@datadoghq.com>

juanjux added 2 commits June 4, 2024 08:45

fix

df4f4e8

Signed-off-by: Juanjo Alvarez <juanjo.alvarezmartinez@datadoghq.com>

Merge branch 'main' into APPSEC-53118-iast_integration_tests

5c4631c

juanjux marked this pull request as draft June 4, 2024 08:26

juanjux added 2 commits June 4, 2024 10:31

Update the PACKAGES to the ones in the actual PR

7201794

Signed-off-by: Juanjo Alvarez <juanjo.alvarezmartinez@datadoghq.com>

Add missing files

87fcc70

Signed-off-by: Juanjo Alvarez <juanjo.alvarezmartinez@datadoghq.com>

github-advanced-security bot found potential problems Jun 4, 2024

View reviewed changes

juanjux added 4 commits June 4, 2024 11:12

use uuid to generate unique directories

b5b50ff

Signed-off-by: Juanjo Alvarez <juanjo.alvarezmartinez@datadoghq.com>

Use a subdir for cloned virtualenvs + fmt

4ea6d83

Signed-off-by: Juanjo Alvarez <juanjo.alvarezmartinez@datadoghq.com>

Rename flask test files

308b13f

Signed-off-by: Juanjo Alvarez <juanjo.alvarezmartinez@datadoghq.com>

fixes

1ab35a1

Signed-off-by: Juanjo Alvarez <juanjo.alvarezmartinez@datadoghq.com>

Merge branch 'main' into APPSEC-53118-iast_integration_tests

d8c0b2e

juanjux changed the title ~~chore: add smoke tests for common packages~~ chore: add IAST smoke tests for common packages Jun 5, 2024

Merge branch 'main' into APPSEC-53118-iast_integration_tests

092726c