Send Warm-up request in iisexpress integration tests (#7321)

## Summary of changes

We have identified some flaky tests when running under iisexpress. To
address part of the issue, we have already scrubbed certain connection
headers from the snapshots, as the presence of specific flags from a
given request may not be consistent. This inconsistency is influenced by
test execution order and cannot always be predicted.

Additionally, in ASM, certain tags, such as the WAF version, are sent
during the first request. In other frameworks, this is typically handled
by warm-up calls, which helps avoid such issues. However, iisexpress
tests currently do not include warm-up calls. Introducing a warm-up call
would help produce more predictable test results and resolve some of the
inconsistencies we have been encountering.

## Reason for change

## Implementation details

## Test coverage

## Other details
<!-- Fixes #{issue} -->

<!-- ⚠️ Note: where possible, please obtain 2 approvals prior to
merging. Unless CODEOWNERS specifies otherwise, for external teams it is
typically best to have one review from a team member, and one review
from apm-dotnet. Trivial changes do not require 2 reviews. -->

Author: NachoEchevarria

tracer/test/Datadog.Trace.ClrProfiler.IntegrationTests/AspNet/OwinIisWebApi2Tests.cs

@@ -145,7 +145,7 @@ await Verifier.Verify(spans, settings)
         }
 
         // OWIN can only run in integrated mode
-        public Task InitializeAsync() => _iisFixture.TryStartIis(this, IisAppType.AspNetIntegrated);
+        public Task InitializeAsync() => _iisFixture.TryStartIis(this, IisAppType.AspNetIntegrated, true, "/api/environment");
 
         public Task DisposeAsync() => Task.CompletedTask;
     }

tracer/test/Datadog.Trace.Security.IntegrationTests/AspNetWebForms.cs

@@ -40,6 +40,7 @@ public async Task TestBlockingRedirectInvalidStatusCode(int ruleTriggerStatusCod
             const string url = "/";
 
             var settings = VerifyHelper.GetSpanVerifierSettings(ruleTriggerStatusCode, returnedStatusCode);
+            FilterConnectionHeader(settings);
             var userAgent = "Canary/v3_" + ruleTriggerStatusCode;
 
             var minDateTime = DateTime.UtcNow;
@@ -112,6 +113,7 @@ public Task TestSecurity(string url, string body)
             // NOTE: by integrating the latest version of the WAF, blocking was disabled, as it does not support blocking yet
             var sanitisedUrl = VerifyHelper.SanitisePathsForVerify(url);
             var settings = VerifyHelper.GetSpanVerifierSettings(sanitisedUrl, body);
+            FilterConnectionHeader(settings);
             return TestAppSecRequestWithVerifyAsync(_iisFixture.Agent, url, body, 5, 1, settings, "application/x-www-form-urlencoded");
         }
 

tracer/test/Datadog.Trace.Security.IntegrationTests/Rcm/AspNetMvc5AsmBlockingActions.cs

@@ -89,6 +89,7 @@ public async Task TestBlockingAction(string type, int statusCode)
         var url = $"/health?arg=dummy_rule";
         var agent = _iisFixture.Agent;
         var settings = VerifyHelper.GetSpanVerifierSettings(type, statusCode);
+        FilterConnectionHeader(settings);
         var fileId = nameof(TestBlockingAction);
         // need to reset if the process is going to be reused
         await agent.SetupRcmAndWait(Output, []);

tracer/test/Datadog.Trace.Security.IntegrationTests/Rcm/AspNetMvc5AsmRulesToggle.cs

@@ -87,6 +87,7 @@ public async Task TestGlobalRulesToggling()
         var url = $"/health";
         var agent = _iisFixture.Agent;
         var settings = VerifyHelper.GetSpanVerifierSettings();
+        FilterConnectionHeader(settings);
         var fileId = nameof(TestGlobalRulesToggling);
         var userAgent = "(sql power injector)";
 

tracer/test/Datadog.Trace.TestHelpers.AutoInstrumentation/IisFixture.cs

@@ -7,6 +7,8 @@
 using System.Diagnostics;
 using System.IO;
 using System.Net;
+using System.Net.Http;
+using System.Net.Sockets;
 using System.Threading.Tasks;
 using Xunit;
 
@@ -27,7 +29,7 @@ public sealed class IisFixture : GacFixture, IDisposable
 
         public bool UseGac { get; set; } = true;
 
-        public async Task TryStartIis(TestHelper helper, IisAppType appType)
+        public async Task TryStartIis(TestHelper helper, IisAppType appType, bool sendHealthCheck = true, string url = "")
         {
             if (IisExpress.Process == null)
             {
@@ -41,6 +43,8 @@ public async Task TryStartIis(TestHelper helper, IisAppType appType)
 
                 HttpPort = TcpPortProvider.GetOpenPort();
                 IisExpress = await helper.StartIISExpress(Agent, HttpPort, appType, VirtualApplicationPath);
+
+                await EnsureServerStarted(sendHealthCheck, url);
             }
         }
 
@@ -95,5 +99,84 @@ public void Dispose()
                 }
             }
         }
+
+        private async Task EnsureServerStarted(bool sendHealthCheck, string url)
+        {
+            var maxMillisecondsToWait = 30_000;
+            var intervalMilliseconds = 500;
+            var intervals = maxMillisecondsToWait / intervalMilliseconds;
+            var serverReady = false;
+
+            // if we end up retrying, accept spans from previous attempts
+            var dateTime = DateTime.UtcNow;
+
+            // wait for server to be ready to receive requests
+            while (intervals-- > 0)
+            {
+                DateTime startTime = DateTime.Now;
+                try
+                {
+                    if (sendHealthCheck)
+                    {
+                        var request = WebRequest.CreateHttp($"http://localhost:{HttpPort}{url}");
+                        var response = request.GetResponse();
+                        var responseCode = ((HttpWebResponse)response).StatusCode;
+                        response.Close();
+
+                        if (responseCode == HttpStatusCode.OK)
+                        {
+                            await Agent.WaitForSpansAsync(1, minDateTime: dateTime);
+                            serverReady = true;
+                        }
+                    }
+                    else
+                    {
+                        serverReady = await IsPortListeningAsync(HttpPort);
+                    }
+                }
+                catch
+                {
+                    // ignore
+                }
+
+                if (serverReady)
+                {
+                    break;
+                }
+
+                var milisecondsElapsed = (DateTime.Now - startTime).TotalMilliseconds;
+
+                if (milisecondsElapsed < intervalMilliseconds)
+                {
+                    await Task.Delay((int)(intervalMilliseconds - milisecondsElapsed));
+                }
+            }
+
+            if (!serverReady)
+            {
+                throw new Exception("Couldn't verify the application is ready to receive requests.");
+            }
+        }
+
+        private async Task<bool> IsPortListeningAsync(int port)
+        {
+            try
+            {
+                using (var client = new TcpClient())
+                {
+                    var task = client.ConnectAsync("127.0.0.1", port);
+                    if (await Task.WhenAny(task, Task.Delay(1000)) == task)
+                    {
+                        return client.Connected;
+                    }
+                }
+            }
+            catch
+            {
+                // If there's an exception, the server is not listening on this port
+            }
+
+            return false;
+        }
     }
 }

tracer/test/Datadog.Trace.Tools.dd_dotnet.ArtifactTests/Checks/IisCheckTests.cs

@@ -230,7 +230,7 @@ private async Task<IisFixture> StartIis(IisAppType appType)
 
         try
         {
-            await fixture.TryStartIis(this, appType);
+            await fixture.TryStartIis(this, appType, false);
         }
         catch (Exception)
         {

tracer/test/Datadog.Trace.Tools.dd_dotnet.IntegrationTests/Checks/IisCheckTests.cs

@@ -286,7 +286,7 @@ private async Task<IisFixture> StartIis(IisAppType appType, bool sendRequest = t
 
         try
         {
-            await fixture.TryStartIis(this, appType);
+            await fixture.TryStartIis(this, appType, false);
         }
         catch (Exception)
         {

tracer/test/snapshots/Security.AspNetMvc5AsmBlockingActions.Classic.enableSecurity=True.__type=block_request_statusCode=200.verified.txt

@@ -24,7 +24,7 @@
       runtime-id: Guid_1,
       span.kind: server,
       _dd.appsec.fp.http.endpoint: http-get-0587c50e-b25f03de-,
-      _dd.appsec.fp.http.header: hdr-0000000000-3626b5f8-1-4740ae63,
+      _dd.appsec.fp.http.header: hdr-0X00000000-3626b5f8-1-4740ae63,
       _dd.appsec.fp.http.network: net-1-1000000000,
       _dd.appsec.json: {"triggers":[{"rule":{"id":"test-dummy-rule","name":"Dummy rule to test blocking","tags":{"category":"attack_attempt","type":"security_scanner"}},"rule_matches":[{"operator":"phrase_match","operator_value":"","parameters":[{"address":"server.request.query","highlight":["dummy_rule"],"key_path":["arg","0"],"value":"dummy_rule"}]}]}]},
       _dd.origin: appsec,
@@ -68,7 +68,7 @@
       runtime-id: Guid_1,
       span.kind: server,
       _dd.appsec.fp.http.endpoint: http-get-0587c50e-b25f03de-,
-      _dd.appsec.fp.http.header: hdr-0000000000-3626b5f8-1-4740ae63,
+      _dd.appsec.fp.http.header: hdr-0X00000000-3626b5f8-1-4740ae63,
       _dd.appsec.fp.http.network: net-1-1000000000,
       _dd.appsec.json: {"triggers":[{"rule":{"id":"test-dummy-rule","name":"Dummy rule to test blocking","tags":{"category":"attack_attempt","type":"security_scanner"}},"rule_matches":[{"operator":"phrase_match","operator_value":"","parameters":[{"address":"server.request.query","highlight":["dummy_rule"],"key_path":["arg","0"],"value":"dummy_rule"}]}]}]},
       _dd.origin: appsec,

tracer/test/snapshots/Security.AspNetMvc5AsmBlockingActions.Classic.enableSecurity=True.__type=redirect_request_statusCode=302.verified.txt

@@ -24,7 +24,7 @@
       runtime-id: Guid_1,
       span.kind: server,
       _dd.appsec.fp.http.endpoint: http-get-0587c50e-b25f03de-,
-      _dd.appsec.fp.http.header: hdr-0100000000-3626b5f8-1-4740ae63,
+      _dd.appsec.fp.http.header: hdr-0X00000000-3626b5f8-1-4740ae63,
       _dd.appsec.fp.http.network: net-1-1000000000,
       _dd.appsec.json: {"triggers":[{"rule":{"id":"test-dummy-rule","name":"Dummy rule to test blocking","tags":{"category":"attack_attempt","type":"security_scanner"}},"rule_matches":[{"operator":"phrase_match","operator_value":"","parameters":[{"address":"server.request.query","highlight":["dummy_rule"],"key_path":["arg","0"],"value":"dummy_rule"}]}]}]},
       _dd.origin: appsec,
@@ -68,7 +68,7 @@
       runtime-id: Guid_1,
       span.kind: server,
       _dd.appsec.fp.http.endpoint: http-get-0587c50e-b25f03de-,
-      _dd.appsec.fp.http.header: hdr-0000000000-3626b5f8-1-4740ae63,
+      _dd.appsec.fp.http.header: hdr-0X00000000-3626b5f8-1-4740ae63,
       _dd.appsec.fp.http.network: net-1-1000000000,
       _dd.appsec.json: {"triggers":[{"rule":{"id":"test-dummy-rule","name":"Dummy rule to test blocking","tags":{"category":"attack_attempt","type":"security_scanner"}},"rule_matches":[{"operator":"phrase_match","operator_value":"","parameters":[{"address":"server.request.query","highlight":["dummy_rule"],"key_path":["arg","0"],"value":"dummy_rule"}]}]}]},
       _dd.origin: appsec,

tracer/test/snapshots/Security.AspNetMvc5AsmBlockingActions.Integrated.enableSecurity=True.__type=block_request_statusCode=200.verified.txt

@@ -25,7 +25,7 @@
       runtime-id: Guid_1,
       span.kind: server,
       _dd.appsec.fp.http.endpoint: http-get-0587c50e-b25f03de-,
-      _dd.appsec.fp.http.header: hdr-0100000000-3626b5f8-3-98425651,
+      _dd.appsec.fp.http.header: hdr-0X00000000-3626b5f8-3-98425651,
       _dd.appsec.fp.http.network: net-1-1000000000,
       _dd.appsec.json: {"triggers":[{"rule":{"id":"test-dummy-rule","name":"Dummy rule to test blocking","tags":{"category":"attack_attempt","type":"security_scanner"}},"rule_matches":[{"operator":"phrase_match","operator_value":"","parameters":[{"address":"server.request.query","highlight":["dummy_rule"],"key_path":["arg","0"],"value":"dummy_rule"}]}]}]},
       _dd.origin: appsec,
@@ -70,7 +70,7 @@
       runtime-id: Guid_1,
       span.kind: server,
       _dd.appsec.fp.http.endpoint: http-get-0587c50e-b25f03de-,
-      _dd.appsec.fp.http.header: hdr-0000000000-3626b5f8-3-98425651,
+      _dd.appsec.fp.http.header: hdr-0X00000000-3626b5f8-3-98425651,
       _dd.appsec.fp.http.network: net-1-1000000000,
       _dd.appsec.json: {"triggers":[{"rule":{"id":"test-dummy-rule","name":"Dummy rule to test blocking","tags":{"category":"attack_attempt","type":"security_scanner"}},"rule_matches":[{"operator":"phrase_match","operator_value":"","parameters":[{"address":"server.request.query","highlight":["dummy_rule"],"key_path":["arg","0"],"value":"dummy_rule"}]}]}]},
       _dd.origin: appsec,