Merge branch 'master' into dudik/multi-config

Author: dudikeleti

tracer/src/Datadog.Trace/AppSec/ApiSec/ApiSecurity.cs

@@ -32,7 +32,7 @@ public ApiSecurity(SecuritySettings securitySettings, int maxRouteSize = 4096)
         _apmTracingEnabled = securitySettings.ApmTracingEnabled;
         _minTimeBetweenReprocessTimeSpan = TimeSpan.FromSeconds(securitySettings.ApiSecuritySampleDelay);
         _maxRoutesSize = maxRouteSize;
-        _endpointsCollectionEnabled = securitySettings.ApiSecurityEndpointCollectionEnabled;
+        _endpointsCollectionEnabled = securitySettings is { ApiSecurityEndpointCollectionEnabled: true, AppsecEnabled: true };
         _endpointsCollectionMessageLimit = securitySettings.ApiSecurityEndpointCollectionMessageLimit;
     }
 

tracer/src/Datadog.Trace/AppSec/SecuritySettings.cs

@@ -132,7 +132,7 @@ public SecuritySettings(IConfigurationSource? source, IConfigurationTelemetry te
                                            .Value;
 
             ApiSecurityEndpointCollectionEnabled = config.WithKeys(ConfigurationKeys.AppSec.ApiSecurityEndpointCollectionEnabled)
-                                           .AsBool(false);
+                                           .AsBool(true);
 
             ApiSecurityEndpointCollectionMessageLimit = config.WithKeys(ConfigurationKeys.AppSec.ApiSecurityEndpointCollectionMessageLimit)
                                            .AsInt32(300, val => val >= 0)

tracer/src/Datadog.Trace/Configuration/ConfigurationKeys.AppSec.cs

@@ -122,7 +122,7 @@ internal class AppSec
             internal const string ApiSecuritySampleDelay = "DD_API_SECURITY_SAMPLE_DELAY";
 
             /// <summary>
-            /// with a default value of false, it allows a customer to disable the collection of endpoints for API Security.
+            /// with a default value of true, it allows a customer to disable the collection of endpoints for API Security.
             /// </summary>
             internal const string ApiSecurityEndpointCollectionEnabled = "DD_API_SECURITY_ENDPOINT_COLLECTION_ENABLED";
 

tracer/src/Datadog.Trace/Debugger/ExceptionAutoInstrumentation/ExceptionReplaySettings.cs

@@ -22,7 +22,9 @@ public ExceptionReplaySettings(IConfigurationSource? source, IConfigurationTelem
             source ??= NullConfigurationSource.Instance;
             var config = new ConfigurationBuilder(source, telemetry);
 
-            var erEnabledResult = config.WithKeys(ConfigurationKeys.Debugger.ExceptionReplayEnabled).AsBoolResult();
+#pragma warning disable CS0612 // Type or member is obsolete
+            var erEnabledResult = config.WithKeys(ConfigurationKeys.Debugger.ExceptionReplayEnabled, fallbackKey: ConfigurationKeys.Debugger.ExceptionDebuggingEnabled).AsBoolResult();
+#pragma warning restore CS0612 // Type or member is obsolete
             Enabled = erEnabledResult.WithDefault(false);
             CanBeEnabled = erEnabledResult.ConfigurationResult is not { IsValid: true, Result: false };
 

tracer/test/Datadog.Trace.Security.IntegrationTests/ApiSecurity/AspNetCoreEndpoints.cs

@@ -33,8 +33,7 @@ protected AspNetCoreEndpoints(AspNetCoreTestFixture fixture, ITestOutputHelper o
         _fixture = fixture;
         _fixture.SetOutput(outputHelper);
 
-        // Endpoints collection is a feature independent of AppSec and the main API Security feature
-        SetEnvironmentVariable(ConfigurationKeys.AppSec.Enabled, "0");
+        SetEnvironmentVariable(ConfigurationKeys.AppSec.Enabled, "1");
         SetEnvironmentVariable(ConfigurationKeys.AppSec.ApiSecurityEnabled, "0");
         SetEnvironmentVariable(ConfigurationKeys.AppSec.ApiSecurityEndpointCollectionEnabled, enableEndpointsCollection.ToString());
 

tracer/test/Datadog.Trace.Security.Unit.Tests/ApiSec/EndpointsCollectionTests.cs

@@ -20,6 +20,7 @@ public void GivenConfiguration_WhenApiSecEnabledAndEndpointsCollectionEnabled_Is
     {
         var settings = new CustomSettingsForTests(new Dictionary<string, object>
         {
+            { ConfigurationKeys.AppSec.Enabled, true },
             { ConfigurationKeys.AppSec.ApiSecurityEnabled, true },
             { ConfigurationKeys.AppSec.ApiSecurityEndpointCollectionEnabled, true }
         });
@@ -35,6 +36,7 @@ public void GivenConfiguration_WhenApiSecDisabledAndEndpointsCollectionEnabled_I
     {
         var settings = new CustomSettingsForTests(new Dictionary<string, object>
         {
+            { ConfigurationKeys.AppSec.Enabled, true },
             { ConfigurationKeys.AppSec.ApiSecurityEnabled, false },
             { ConfigurationKeys.AppSec.ApiSecurityEndpointCollectionEnabled, true }
         });
@@ -44,11 +46,25 @@ public void GivenConfiguration_WhenApiSecDisabledAndEndpointsCollectionEnabled_I
         apisec.CanCollectEndpoints().Should().BeTrue();
     }
 
+    [Fact]
+    public void GivenConfiguration_WhenAppsecDisabled_IsEndpointsNotCollected()
+    {
+        var settings = new CustomSettingsForTests(new Dictionary<string, object>
+        {
+            { ConfigurationKeys.AppSec.Enabled, false },
+        });
+        var security = new SecuritySettings(settings, NullConfigurationTelemetry.Instance);
+        var apisec = new ApiSecurity(security);
+
+        apisec.CanCollectEndpoints().Should().BeFalse();
+    }
+
     [Fact]
     public void GivenConfiguration_WhenEndpointsCollectionDisabled_IsEndpointsNotCollected()
     {
         var settings = new CustomSettingsForTests(new Dictionary<string, object>
         {
+            { ConfigurationKeys.AppSec.Enabled, true },
             { ConfigurationKeys.AppSec.ApiSecurityEndpointCollectionEnabled, false }
         });
         var security = new SecuritySettings(settings, NullConfigurationTelemetry.Instance);