Revert "send to RC and telemetry logs"

This reverts commit 01adbc1.

Author: sezen-datadog

dd-java-agent/appsec/build.gradle

@@ -11,7 +11,6 @@ apply from: "$rootDir/gradle/java.gradle"
 apply from: "$rootDir/gradle/version.gradle"
 
 dependencies {
-  api project(':remote-config:remote-config-core')
   api libs.slf4j
   implementation project(':internal-api')
   implementation project(':communication')

dd-java-agent/appsec/src/main/java/com/datadog/appsec/config/AppSecConfigServiceImpl.java

@@ -21,7 +21,6 @@
 import static datadog.remoteconfig.Capabilities.CAPABILITY_ASM_TRUSTED_IPS;
 import static datadog.remoteconfig.Capabilities.CAPABILITY_ASM_USER_BLOCKING;
 import static datadog.remoteconfig.Capabilities.CAPABILITY_ENDPOINT_FINGERPRINT;
-import static datadog.trace.logging.LogLevel.ERROR;
 
 import com.datadog.appsec.AppSecModule;
 import com.datadog.appsec.AppSecSystem;
@@ -48,7 +47,6 @@
 import datadog.trace.api.Config;
 import datadog.trace.api.ProductActivation;
 import datadog.trace.api.UserIdCollectionMode;
-import datadog.trace.api.telemetry.LogCollector;
 import java.io.ByteArrayInputStream;
 import java.io.FileInputStream;
 import java.io.FileNotFoundException;
@@ -62,6 +60,8 @@
 import java.util.Map;
 import java.util.Set;
 import java.util.concurrent.ConcurrentHashMap;
+
+import datadog.trace.api.telemetry.LogCollector;
 import okio.Okio;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -101,10 +101,6 @@ public class AppSecConfigServiceImpl implements AppSecConfigService {
   private final String DEFAULT_WAF_CONFIG_RULE = "DEFAULT_WAF_CONFIG";
   private String currentRuleVersion;
   private List<AppSecModule> modulesToUpdateVersionIn;
-  private final LogCollector telemetryLogger = LogCollector.get();
-
-  Moshi moshi = new Moshi.Builder().build();
-  JsonAdapter<Map> mapToJsonAdapter;
 
   public AppSecConfigServiceImpl(
       Config tracerConfig,
@@ -117,7 +113,6 @@ public AppSecConfigServiceImpl(
     if (tracerConfig.isAppSecWafMetrics()) {
       traceSegmentPostProcessors.add(statsReporter);
     }
-    mapToJsonAdapter = moshi.adapter(Map.class);
   }
 
   private void subscribeConfigurationPoller() {
@@ -161,11 +156,11 @@ private void subscribeConfigurationPoller() {
   }
 
   private void subscribeRulesAndData() {
-    this.configurationPoller.addListener(Product.ASM_DD, new AsmDDTypedListener(Product.ASM_DD));
+    this.configurationPoller.addListener(Product.ASM_DD, new AsmDDTypedListener());
     this.configurationPoller.addListener(
-        Product.ASM_DATA, new AppSecConfigConfigurationChangesTypedListener(Product.ASM_DATA));
+        Product.ASM_DATA, new AppSecConfigConfigurationChangesTypedListener());
     this.configurationPoller.addListener(
-        Product.ASM, new AppSecConfigConfigurationChangesTypedListener(Product.ASM));
+        Product.ASM, new AppSecConfigConfigurationChangesTypedListener());
   }
 
   public void modulesToUpdateVersionIn(List<AppSecModule> modules) {
@@ -177,12 +172,6 @@ public String getCurrentRuleVersion() {
   }
 
   private class AppSecConfigConfigurationChangesTypedListener implements ProductListener {
-    private Product productType;
-
-    public AppSecConfigConfigurationChangesTypedListener(Product product) {
-      this.productType = product;
-    }
-
     @Override
     public void accept(ConfigKey configKey, byte[] content, PollingRateHinter pollingRateHinter)
         throws IOException {
@@ -200,7 +189,7 @@ public void accept(ConfigKey configKey, byte[] content, PollingRateHinter pollin
         Map<String, Object> contentMap =
             ADAPTER.fromJson(Okio.buffer(Okio.source(new ByteArrayInputStream(content))));
         try {
-          handleWafUpdateResultReport(configKey.toString(), contentMap, productType);
+          handleWafUpdateResultReport(configKey.toString(), contentMap);
         } catch (AppSecModule.AppSecModuleActivationException e) {
           throw new RuntimeException(e);
         }
@@ -220,10 +209,6 @@ public void commit(PollingRateHinter pollingRateHinter) {
   }
 
   private class AsmDDTypedListener extends AppSecConfigConfigurationChangesTypedListener {
-    public AsmDDTypedListener(Product product) {
-      super(product);
-    }
-
     @Override
     public void accept(ConfigKey configKey, byte[] content, PollingRateHinter pollingRateHinter)
         throws IOException {
@@ -237,11 +222,7 @@ public void accept(ConfigKey configKey, byte[] content, PollingRateHinter pollin
         defaultConfigActivated = false;
       }
       super.accept(configKey, content, pollingRateHinter);
-      if (content == null) {
-        usedDDWafConfigKeys.remove(configKey.toString());
-      } else {
-        usedDDWafConfigKeys.add(configKey.toString());
-      }
+      usedDDWafConfigKeys.add(configKey.toString());
     }
 
     @Override
@@ -252,8 +233,7 @@ public void remove(ConfigKey configKey, PollingRateHinter pollingRateHinter)
     }
   }
 
-  private void handleWafUpdateResultReport(
-      String configKey, Map<String, Object> rawConfig, Product productType)
+  private void handleWafUpdateResultReport(String configKey, Map<String, Object> rawConfig)
       throws AppSecModule.AppSecModuleActivationException {
     wafBuilder = getWafBuilder();
     if (modulesToUpdateVersionIn != null
@@ -267,6 +247,9 @@ private void handleWafUpdateResultReport(
         StandardizedLogging.numLoadedRules(log, configKey, countRules(rawConfig));
       }
 
+      // TODO: Send diagnostics via telemetry
+      final LogCollector telemetryLogger = LogCollector.get();
+
       initReporter.setReportForPublication(wafDiagnostics);
       if (wafDiagnostics.rulesetVersion != null
           && !wafDiagnostics.rulesetVersion.isEmpty()
@@ -278,17 +261,13 @@ private void handleWafUpdateResultReport(
           modulesToUpdateVersionIn.forEach(module -> module.setRuleVersion(currentRuleVersion));
         }
       }
-      if (wafDiagnostics.getNumConfigError() > 0) {
-        addTelemetryErrorLog(wafDiagnostics);
-      }
     } catch (InvalidRuleSetException e) {
       log.debug(
           "Invalid rule during waf config update for config key {}: {}",
           configKey,
           e.wafDiagnostics);
 
-      addTelemetryErrorLog(e.wafDiagnostics);
-      sendErrorToRemoteConfig(e.wafDiagnostics, productType);
+      // TODO: Propagate diagostics back to remote config apply_error
 
       initReporter.setReportForPublication(e.wafDiagnostics);
       throw new RuntimeException(e);
@@ -298,117 +277,6 @@ private void handleWafUpdateResultReport(
     }
   }
 
-  private void sendErrorToRemoteConfig(WafDiagnostics wafDiagnostics, Product productType) {
-    if (wafDiagnostics.rules != null) {
-      getRemoteConfigErrorLogFor("rules", wafDiagnostics.rules.getErrors(), productType);
-    }
-    if (wafDiagnostics.customRules != null) {
-      getRemoteConfigErrorLogFor(
-          "customRules", wafDiagnostics.customRules.getErrors(), productType);
-    }
-    if (wafDiagnostics.rulesData != null) {
-      getRemoteConfigErrorLogFor("rulesData", wafDiagnostics.rulesData.getErrors(), productType);
-    }
-    if (wafDiagnostics.rulesOverride != null) {
-      getRemoteConfigErrorLogFor(
-          "rulesOverride", wafDiagnostics.rulesOverride.getErrors(), productType);
-    }
-    if (wafDiagnostics.exclusions != null) {
-      getRemoteConfigErrorLogFor("exclusions", wafDiagnostics.exclusions.getErrors(), productType);
-    }
-    if (wafDiagnostics.exclusionData != null) {
-      getRemoteConfigErrorLogFor(
-          "exclusionData", wafDiagnostics.exclusionData.getErrors(), productType);
-    }
-    if (wafDiagnostics.actions != null) {
-      getRemoteConfigErrorLogFor("actions", wafDiagnostics.actions.getErrors(), productType);
-    }
-    if (wafDiagnostics.processors != null) {
-      getRemoteConfigErrorLogFor("processors", wafDiagnostics.processors.getErrors(), productType);
-    }
-    if (wafDiagnostics.scanners != null) {
-      getRemoteConfigErrorLogFor("scanners", wafDiagnostics.scanners.getErrors(), productType);
-    }
-  }
-
-  private void getRemoteConfigErrorLogFor(
-      String configType, Map<String, List<String>> errors, Product productType) {
-    if (productType == null) {
-      return; // no need for RC error upon initialization
-    }
-
-    String error = "{";
-    Set<String> messageKeySet = errors.keySet();
-    for (String key : messageKeySet) {
-      error = error + "\"message\": \"" + key + "\" : [";
-      List<String> errorsPerKey = errors.get(key);
-      for (int i = 0; i < errorsPerKey.size(); i++) {
-        error = error + "\"" + errorsPerKey.get(i) + "\"";
-        if (i < errorsPerKey.size() - 1) {
-          error = error + ",";
-        }
-      }
-      error = error + "],";
-
-      error = error + "\"level\": \"ERROR\",";
-
-      error =
-          error
-              + "\"tags\" : {"
-              + "\"log_type\": \"rc::"
-              + productType.name().toLowerCase()
-              + "::diagnostic\""
-              + "\"appsec_config_key\": \""
-              + configType
-              + "\""
-              + "\"rc_config_id\": \"\"}";
-      error = error + "},";
-    }
-
-    error = error.substring(0, error.length() - 1); // remove last comma
-
-    throw new RuntimeException(error);
-  }
-
-  private void addTelemetryErrorLog(WafDiagnostics wafDiagnostics) {
-    if (wafDiagnostics.rules != null) {
-      addTelemetryErrorLogFor("rules", wafDiagnostics.rules.getErrors());
-    }
-    if (wafDiagnostics.customRules != null) {
-      addTelemetryErrorLogFor("customRules", wafDiagnostics.customRules.getErrors());
-    }
-    if (wafDiagnostics.rulesData != null) {
-      addTelemetryErrorLogFor("rulesData", wafDiagnostics.rulesData.getErrors());
-    }
-    if (wafDiagnostics.rulesOverride != null) {
-      addTelemetryErrorLogFor("rulesOverride", wafDiagnostics.rulesOverride.getErrors());
-    }
-    if (wafDiagnostics.exclusions != null) {
-      addTelemetryErrorLogFor("exclusions", wafDiagnostics.exclusions.getErrors());
-    }
-    if (wafDiagnostics.exclusionData != null) {
-      addTelemetryErrorLogFor("exclusionData", wafDiagnostics.exclusionData.getErrors());
-    }
-    if (wafDiagnostics.actions != null) {
-      addTelemetryErrorLogFor("actions", wafDiagnostics.actions.getErrors());
-    }
-    if (wafDiagnostics.processors != null) {
-      addTelemetryErrorLogFor("processors", wafDiagnostics.processors.getErrors());
-    }
-    if (wafDiagnostics.scanners != null) {
-      addTelemetryErrorLogFor("scanners", wafDiagnostics.scanners.getErrors());
-    }
-  }
-
-  private void addTelemetryErrorLogFor(String section, Map<String, List<String>> errors) {
-    if (!errors.isEmpty()) {
-      String error =
-          "{\"" + section + "\" : {\"errors\" :" + mapToJsonAdapter.toJson(errors) + "}}";
-      telemetryLogger.addLogMessage(
-          ERROR.name(), error, new AppSecModule.AppSecModuleActivationException(error));
-    }
-  }
-
   private void subscribeAsmFeatures() {
     this.configurationPoller.addListener(
         Product.ASM_FEATURES,
@@ -480,7 +348,10 @@ public void init() {
       throw new IllegalStateException("Expected default waf config to be available");
     }
     try {
-      handleWafUpdateResultReport(DEFAULT_WAF_CONFIG_RULE, wafConfig, null);
+      handleWafUpdateResultReport(
+          DEFAULT_WAF_CONFIG_RULE,
+          wafConfig,
+          defaultConfigActivated ? DEFAULT_CONFIG_LOCATION : tracerConfig.getAppSecRulesFile());
     } catch (AppSecModule.AppSecModuleActivationException e) {
       throw new RuntimeException(e);
     }

dd-java-agent/appsec/src/test/groovy/com/datadog/appsec/config/AppSecConfigServiceImplSpecification.groovy

@@ -122,7 +122,7 @@ class AppSecConfigServiceImplSpecification extends DDSpecification {
     when:
     appSecConfigService.init()
     then:
-    1 * config.getAppSecRulesFile() >> (p as String)
+    2 * config.getAppSecRulesFile() >> (p as String)
 
     when:
     appSecConfigService.maybeSubscribeConfigPolling()