Skip to content

feat: process the processor_overrides diagnostics #154

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Oct 27, 2025
Merged

feat: process the processor_overrides diagnostics #154

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
111ba56
feat: process the `processor_overrides` diagnostics
RomainMuller Oct 27, 2025
b5ebaff
Fix broken test
RomainMuller Oct 27, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion builder_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -317,7 +317,7 @@ func TestBuilder(t *testing.T) {
resp, err := http.DefaultClient.Do(req)
require.NoError(t, err)
defer resp.Body.Close()
require.Equal(t, http.StatusOK, resp.StatusCode)
require.Equal(t, http.StatusOK, resp.StatusCode, "failed to get latest release of DataDog/appsec-event-rules: %s", resp.Status)

var release struct {
TagName string `json:"tag_name"`
Expand Down
2 changes: 2 additions & 0 deletions decoder.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,8 @@ func decodeDiagnostics(obj *bindings.WAFObject) (Diagnostics, error) {
diags.RulesOverrides, err = decodeFeature(objElem)
case "processors":
diags.Processors, err = decodeFeature(objElem)
case "processor_overrides":
diags.ProcessorOverrides, err = decodeFeature(objElem)
case "scanners":
diags.Scanners, err = decodeFeature(objElem)
case "ruleset_version":
Expand Down
21 changes: 12 additions & 9 deletions diagnostics.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,8 @@ type Diagnostics struct {
ExclusionData *Feature
// Processors contains information about the loaded processors.
Processors *Feature
// ProcessorOverrides contains information about the loaded processor overrides.
ProcessorOverrides *Feature
// Scanners contains information about the loaded scanners.
Scanners *Feature
// Version is the version of the parsed ruleset if available.
Expand All @@ -38,15 +40,16 @@ type Diagnostics struct {
// EachFeature calls the provided callback for each (non-nil) feature in this diagnostics object.
func (d *Diagnostics) EachFeature(cb func(string, *Feature)) {
byName := map[string]*Feature{
"rules": d.Rules,
"custom_rules": d.CustomRules,
"actions": d.Actions,
"exclusions": d.Exclusions,
"rules_overrides": d.RulesOverrides,
"rules_data": d.RulesData,
"exclusion_data": d.ExclusionData,
"processors": d.Processors,
"scanners": d.Scanners,
"rules": d.Rules,
"custom_rules": d.CustomRules,
"actions": d.Actions,
"exclusions": d.Exclusions,
"rules_overrides": d.RulesOverrides,
"rules_data": d.RulesData,
"exclusion_data": d.ExclusionData,
"processors": d.Processors,
"processor_overrides": d.ProcessorOverrides,
"scanners": d.Scanners,
}

for name, feat := range byName {
Expand Down
20 changes: 20 additions & 0 deletions diagnostics_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,3 +33,23 @@ func TestDecodeDiagnosticsExclusionData(t *testing.T) {
require.NotNil(t, diags.ExclusionData)
require.Contains(t, diags.ExclusionData.Loaded, "id1")
}

func TestDecodeProcessorOverrides(t *testing.T) {
var pinner runtime.Pinner
defer pinner.Unpin()

encoder, err := newEncoder(newUnlimitedEncoderConfig(&pinner))
require.NoError(t, err)

obj, err := encoder.Encode(map[string]any{
"processor_overrides": map[string]any{
"loaded": []any{"id1"},
},
})
require.NoError(t, err)

diags, err := decodeDiagnostics(obj)
require.NoError(t, err)
require.NotNil(t, diags.ProcessorOverrides)
require.Contains(t, diags.ProcessorOverrides.Loaded, "id1")
}
55 changes: 55 additions & 0 deletions waf_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ import (
"github.com/DataDog/go-libddwaf/v4/internal/lib"
"github.com/DataDog/go-libddwaf/v4/timer"
"github.com/DataDog/go-libddwaf/v4/waferrors"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)

Expand Down Expand Up @@ -1286,3 +1287,57 @@ func BenchmarkEncoder(b *testing.B) {
})
}
}

func TestProcessorOverrides(t *testing.T) {
rules := `{
"processor_overrides": [
{
"target": [{ "id": "extract-content" }],
"scanners": {
"include": [
{ "id": "test-scanner-001" },
{ "id": "test-scanner-custom-001" }
],
"exclude": []
}
}
],
"scanners": [
{
"id": "test-scanner-custom-001",
"name": "Custom scanner",
"key": {
"operator": "match_regex",
"parameters": {
"regex": "\\btestcard\\b",
"options": { "case_sensitive": false, "min_length": 2 }
}
},
"value": {
"operator": "match_regex",
"parameters": {
"regex": "\\b1234567890\\b",
"options": { "case_sensitive": false, "min_length": 5 }
}
},
"tags": { "type": "card", "category": "testcategory" }
}
]
}`

builder, err := NewBuilder("", "")
require.NoError(t, err)

var parsed map[string]any
require.NoError(t, json.Unmarshal([]byte(rules), &parsed))
diag, err := builder.AddOrUpdateConfig("/", parsed)
require.NoError(t, err)
assert.Equal(t, &Feature{
Errors: nil,
Warnings: nil,
Error: "",
Loaded: []string{"index:0"},
Failed: nil,
Skipped: nil,
}, diag.ProcessorOverrides)
}