Add Java support for AWS Lambdas

[claponcet]

Motivation

We are adding AppSec support for AWS Lambdas in Java and need system-tests to validate it.

Changes

A new library was created: java_lambda as it as been done for python_lambda, with 5 weblogs for each lambda trigger-type, and a new manifest.

Workflow

1. ⚠️ Create your PR as draft ⚠️
2. Work on you PR until the CI passes
3. Mark it as ready for review
   • Test logic is modified? -> Get a review from RFC owner.
   • Framework is modified, or non obvious usage of it -> get a review from R&P team

🚀 Once your PR is reviewed and the CI green, you can merge it!

🛟 #apm-shared-testing 🛟

Reviewer checklist

• Anything but tests/ or manifests/ is modified ? I have the approval from R&P team
• A docker base image is modified?
  • the relevant build-XXX-image label is present
• A scenario is added, removed or renamed?
  • Get a review from R&P team

[github-actions]

CODEOWNERS have been resolved as:

manifests/java_lambda.yml                                               @DataDog/system-tests-core
utils/build/docker/java_lambda/alb-multi.Dockerfile                     @DataDog/apm-java @DataDog/asm-java @DataDog/system-tests-core
utils/build/docker/java_lambda/alb.Dockerfile                           @DataDog/apm-java @DataDog/asm-java @DataDog/system-tests-core
utils/build/docker/java_lambda/apigw-http.Dockerfile                    @DataDog/apm-java @DataDog/asm-java @DataDog/system-tests-core
utils/build/docker/java_lambda/apigw-rest.Dockerfile                    @DataDog/apm-java @DataDog/asm-java @DataDog/system-tests-core
utils/build/docker/java_lambda/app.sh                                   @DataDog/apm-java @DataDog/asm-java @DataDog/system-tests-core
utils/build/docker/java_lambda/function-url.Dockerfile                  @DataDog/apm-java @DataDog/asm-java @DataDog/system-tests-core
utils/build/docker/java_lambda/pom.xml                                  @DataDog/apm-java @DataDog/asm-java @DataDog/system-tests-core
utils/build/docker/java_lambda/src/main/java/com/datadoghq/lambda/Handler.java  @DataDog/apm-java @DataDog/asm-java @DataDog/system-tests-core
conftest.py                                                             @DataDog/system-tests-core
utils/build/build.sh                                                    @DataDog/system-tests-core
utils/manifest/_internal/parser.py                                      @DataDog/system-tests-core

[datadog-datadog-prod-us1]

⚠️ Tests

✨ Fix all issues with Cursor

⚠️ Warnings

❄️ 18 New flaky tests detected

tests.appsec.test_blocking_addresses.Test_Blocking_client_ip.test_blocking_before[envoy] from system_tests_suite (Datadog) (Fix with Cursor)

ValueError: No appsec event validate this condition

self = <tests.appsec.test_blocking_addresses.Test_Blocking_client_ip object at 0x7f61084cb8c0>

    def test_blocking_before(self):
        """Test that blocked requests are blocked before being processed"""
        # second request should block and must not set the tag in span
        assert self.block_req2.status_code == 403
>       interfaces.library.assert_waf_attack(self.block_req2, rule="blk-001-001")

...

tests.appsec.test_blocking_addresses.Test_Blocking_client_ip.test_blocking[envoy] from system_tests_suite (Datadog) (Fix with Cursor)

ValueError: No appsec event validate this condition

self = <tests.appsec.test_blocking_addresses.Test_Blocking_client_ip object at 0x7f61084cb800>

    def test_blocking(self):
        """Can block the request forwarded for the ip"""
    
        assert self.rm_req_block.status_code == 403
>       interfaces.library.assert_waf_attack(self.rm_req_block, rule="blk-001-001")

...

tests.appsec.test_blocking_addresses.Test_Blocking_client_ip_with_forwarded.test_blocking_before[envoy] from system_tests_suite (Datadog) (Fix with Cursor)

ValueError: No appsec event validate this condition

self = <tests.appsec.test_blocking_addresses.Test_Blocking_client_ip_with_forwarded object at 0x7f61084cbc80>

    def test_blocking_before(self):
        """Test that blocked requests are blocked before being processed"""
        # second request should block and must not set the tag in span
        assert self.block_req2.status_code == 403
>       interfaces.library.assert_waf_attack(self.block_req2, rule="blk-001-001")

...

View all

ℹ️ Info

🧪 All tests passed

_{This comment will be updated automatically if new data arrives.
🔗 Commit SHA: 27d6239 | Docs | Datadog PR Page | Was this helpful? Give us feedback!}