Create activation origin config for telemetry (#9064)

Author: sezen-datadog

dd-java-agent/appsec/src/main/java/com/datadog/appsec/config/AppSecConfigServiceImpl.java

@@ -21,6 +21,7 @@
 import static datadog.remoteconfig.Capabilities.CAPABILITY_ASM_TRUSTED_IPS;
 import static datadog.remoteconfig.Capabilities.CAPABILITY_ASM_USER_BLOCKING;
 import static datadog.remoteconfig.Capabilities.CAPABILITY_ENDPOINT_FINGERPRINT;
+import static datadog.trace.api.config.AppSecConfig.APPSEC_ENABLED;
 
 import com.datadog.appsec.AppSecModule;
 import com.datadog.appsec.AppSecSystem;
@@ -45,6 +46,8 @@
 import datadog.remoteconfig.state.ConfigKey;
 import datadog.remoteconfig.state.ProductListener;
 import datadog.trace.api.Config;
+import datadog.trace.api.ConfigCollector;
+import datadog.trace.api.ConfigOrigin;
 import datadog.trace.api.ProductActivation;
 import datadog.trace.api.UserIdCollectionMode;
 import datadog.trace.api.telemetry.LogCollector;
@@ -517,6 +520,8 @@ private void setAppSecActivation(final AppSecFeatures.Asm asm) {
       newState = tracerConfig.getAppSecActivation() == ProductActivation.FULLY_ENABLED;
     } else {
       newState = asm.enabled;
+      // Report AppSec activation change via telemetry when modified via remote config
+      ConfigCollector.get().put(APPSEC_ENABLED, asm.enabled, ConfigOrigin.REMOTE);
     }
     if (AppSecSystem.isActive() != newState) {
       log.info("AppSec {} (runtime)", newState ? "enabled" : "disabled");

dd-smoke-tests/dynamic-config/src/main/java/datadog/smoketest/dynamicconfig/AppSecApplication.java

@@ -0,0 +1,14 @@
+package datadog.smoketest.dynamicconfig;
+
+import java.util.concurrent.TimeUnit;
+
+public class AppSecApplication {
+
+  public static final long TIMEOUT_IN_SECONDS = 10;
+
+  public static void main(String[] args) throws InterruptedException {
+    // just wait as we want to test RC payloads
+    Thread.sleep(TimeUnit.SECONDS.toMillis(TIMEOUT_IN_SECONDS));
+    System.exit(0);
+  }
+}

dd-smoke-tests/dynamic-config/src/test/groovy/datadog/smoketest/AppSecActivationSmokeTest.groovy

@@ -0,0 +1,42 @@
+package datadog.smoketest
+
+import datadog.smoketest.dynamicconfig.AppSecApplication
+
+class AppSecActivationSmokeTest extends AbstractSmokeTest {
+
+  @Override
+  ProcessBuilder createProcessBuilder() {
+    def command = [javaPath()]
+    command += defaultJavaProperties.toList()
+    command += [
+      '-Ddd.remote_config.enabled=true',
+      "-Ddd.remote_config.url=http://localhost:${server.address.port}/v0.7/config".toString(),
+      '-Ddd.remote_config.poll_interval.seconds=1',
+      '-Ddd.profiling.enabled=false',
+      '-cp',
+      System.getProperty('datadog.smoketest.shadowJar.path'),
+      AppSecApplication.name
+    ]
+
+    final processBuilder = new ProcessBuilder(command)
+    processBuilder.directory(new File(buildDirectory))
+  }
+
+  void 'test activation config change is sent via RC'() {
+    when:
+    setRemoteConfig('datadog/2/ASM_FEATURES/asm_features_activation/config', '{"asm":{"enabled":true}}')
+
+    then:
+    waitForTelemetryFlat {
+      if (it['request_type'] != 'app-client-configuration-change') {
+        return false
+      }
+      final configurations = (List<Map<String, Object>>) it?.payload?.configuration ?: []
+      final enabledConfig = configurations.find { it.name == 'appsec_enabled' }
+      if (!enabledConfig) {
+        return false
+      }
+      return enabledConfig.value == 'true' && enabledConfig .origin == 'remote_config'
+    }
+  }
+}