contrast-agent 6.15.3 → 7.1.0

data/lib/contrast/config/{config.rb → diagnostics/config.rb}

@@ -1,24 +1,32 @@
 # Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
-require 'contrast/config/effective_config'
+require 'contrast/config/diagnostics/effective_config'
+require 'contrast/config/diagnostics/user_configuration_file'
+require 'contrast/config/diagnostics/environment_variables'
+require 'contrast/config/diagnostics/command_line'
+require 'contrast/config/diagnostics/contrast_ui'
 
 module Contrast
-  module Agent
-    module DiagnosticsConfig
+  module Config
+    module Diagnostics
       # This class is responsible for logging to file the effective Agent configurations after startup.
       class Config
+        # @return [Contrast::Config::Diagnostics::EffectiveConfig]
         attr_reader :effective_config
         # @return [String] Status message of the connection with TS.
         attr_accessor :config_status
+        # @return [Contrast::Config::Diagnostics::UserConfigurationFile]
+        attr_reader :user_configuration_file
 
         MESSAGE_FAIL = 'Unable to connect to Contrast, configuration details from the Contrast UI will not be included.'
         MESSAGE_SUCCESSFUL = 'Success'
         CONN_STATUS_MSG_FAILURE = 'Unable to connect to Contrast, insufficient connection properties provided.'
 
         def initialize
-          @effective_config = Contrast::Agent::DiagnosticsConfig::EffectiveConfig.new
+          @effective_config = Contrast::Config::Diagnostics::EffectiveConfig.new
           @config_status = Contrast::Utils::ObjectShare::EMPTY_STRING
+          @user_configuration_file = Contrast::Config::Diagnostics::UserConfigurationFile.new
         end
 
         # This method will set the status from the request/response cycles
@@ -31,7 +39,6 @@ module Contrast
                            else
                              MESSAGE_FAIL
                            end
-          true
         end
 
         # This method will set the status message from the config validation
@@ -40,7 +47,15 @@ module Contrast
         end
 
         def to_controlled_hash
-          @effective_config.to_controlled_hash.merge({ status: @config_status })
+          {
+              status: @config_status,
+              effective_config: effective_config.to_controlled_hash,
+              user_configuration_file: user_configuration_file.to_controlled_hash,
+              environment_variable: Contrast::Config::Diagnostics::EnvironmentVariables.environment_settings(ENV).
+                  map(&:to_controlled_hash),
+              command_line: Contrast::Config::Diagnostics::CommandLine.command_line_settings.map(&:to_controlled_hash),
+              contrast_ui: Contrast::Config::Diagnostics::ContrastUI.contrast_ui_settings.map(&:to_controlled_hash)
+          }.compact
         end
       end
     end

data/lib/contrast/config/diagnostics/contrast_ui.rb

@@ -0,0 +1,24 @@
+# Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+require 'contrast/config/diagnostics/effective_config_value'
+require 'contrast/config/diagnostics/tools'
+require 'contrast/utils/object_share'
+
+module Contrast
+  module Config
+    module Diagnostics
+      # Reads All ENV variables.
+      module ContrastUI
+        class << self
+          def contrast_ui_settings
+            ui = Contrast::Config::Diagnostics::Tools.flatten_settings(Contrast::CONFIG.sources.
+              for(Contrast::Components::Config::Sources::CONTRAST_UI))
+
+            Contrast::Config::Diagnostics::Tools.to_config_values(ui, source: true)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/contrast/config/diagnostics/effective_config.rb

@@ -0,0 +1,28 @@
+# Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+require 'contrast/config/diagnostics/effective_config_value'
+require 'contrast/config/diagnostics/tools'
+require 'contrast/utils/object_share'
+
+module Contrast
+  module Config
+    module Diagnostics
+      # The current effective config received from all authorized configuration channels.
+      class EffectiveConfig
+        # Value of effective agent configurations
+        #
+        # @return [Array]
+        attr_reader :values
+
+        def initialize
+          @values = []
+        end
+
+        def to_controlled_hash
+          { values: @values&.map(&:to_controlled_hash) }
+        end
+      end
+    end
+  end
+end

data/lib/contrast/config/diagnostics/effective_config_value.rb

@@ -0,0 +1,14 @@
+# Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+require 'contrast/config/diagnostics/source_config_value'
+
+module Contrast
+  module Config
+    module Diagnostics
+      # All In effect config values stored in a easy to write representation.
+      class EffectiveConfigValue < SourceConfigValue
+      end
+    end
+  end
+end

data/lib/contrast/config/diagnostics/environment_variables.rb

@@ -0,0 +1,51 @@
+# Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+require 'contrast/config/diagnostics/effective_config_value'
+require 'contrast/config/diagnostics/tools'
+require 'contrast/utils/object_share'
+
+module Contrast
+  module Config
+    module Diagnostics
+      # Reads All ENV variables.
+      module EnvironmentVariables
+        class << self
+          NON_COMMON_ENV = %w[CONTRAST_CONFIG_PATH CONTRAST_AGENT_TELEMETRY_OPTOUT].cs__freeze
+
+          # This method will fill the canonical name for each env var and will check for any uncommon ones.
+          #
+          # @param env [Hash]
+          # @return [Array] array of all the values needed to be written.
+          def environment_settings env
+            env_hash = env.select do |e|
+              e.to_s.start_with?(Contrast::Components::Config::CONTRAST_ENV_MARKER) || NON_COMMON_ENV.include?(e.to_s)
+            end
+            environment_settings = []
+            env_hash.each do |key, value|
+              efc_value = Contrast::Config::Diagnostics::EffectiveConfigValue.new.tap do |effective_value|
+                next unless value
+
+                effective_value.canonical_name = if NON_COMMON_ENV.include?(key)
+                                                   key.gsub(Contrast::Utils::ObjectShare::UNDERSCORE,
+                                                            Contrast::Utils::ObjectShare::PERIOD).downcase
+                                                 else
+                                                   key.gsub(Contrast::Utils::ObjectShare::DOUBLE_UNDERSCORE,
+                                                            Contrast::Utils::ObjectShare::PERIOD).downcase
+                                                 end
+                if effective_value.canonical_name
+                  effective_value.key =
+                    effective_value.canonical_name.gsub(Contrast::Utils::ObjectShare::CONTRAST_DOT,
+                                                        Contrast::Utils::ObjectShare::EMPTY_STRING)
+                end
+                effective_value.value = Contrast::Config::Diagnostics::Tools.value_to_s(value)
+              end
+              environment_settings << efc_value if efc_value
+            end
+            environment_settings
+          end
+        end
+      end
+    end
+  end
+end

data/lib/contrast/config/{diagnostics.rb → diagnostics/monitor.rb}

@@ -7,16 +7,16 @@ require 'contrast/utils/timer'
 require 'contrast/utils/log_utils'
 require 'contrast/components/logger'
 require 'contrast/utils/object_share'
-require 'contrast/config/config'
-require 'contrast/config/effective_config'
-require 'contrast/config/effective_config_value'
+require 'contrast/config/diagnostics/config'
+require 'contrast/config/diagnostics/effective_config'
+require 'contrast/config/diagnostics/effective_config_value'
 require 'contrast/utils/duck_utils'
 
 module Contrast
-  module Agent
-    module DiagnosticsConfig
+  module Config
+    module Diagnostics
       # This class is responsible for logging to file the effective Agent configurations after startup.
-      class Diagnostics
+      class Monitor
         include Contrast::Components::Logger::InstanceMethods
         include Contrast::Utils::LogUtils
 
@@ -30,7 +30,7 @@ module Contrast
 
         # @param path [String] path to write to file.
         def initialize path
-          @path = path if path && !path.empty?
+          @path = path unless Contrast::Utils::DuckUtils.empty_duck?(path)
         end
 
         # Write current settings to file.
@@ -71,9 +71,9 @@ module Contrast
 
         # Returns effective configurations of the agent.
         #
-        # @return [Contrast::Agent::DiagnosticsConfig::Config]
+        # @return [Contrast::Config::Diagnostics::Config]
         def config
-          @_config ||= Contrast::Agent::DiagnosticsConfig::Config.new
+          @_config ||= Contrast::Config::Diagnostics::Config.new
         end
 
         # Reset the state of the current effective config.
@@ -84,7 +84,7 @@ module Contrast
                    else
                      @_config.config_status
                    end
-          @_config = Contrast::Agent::DiagnosticsConfig::Config.new
+          @_config = Contrast::Config::Diagnostics::Config.new
           @_config.config_status = status if status
           @_config
         end

data/lib/contrast/config/diagnostics/source_config_value.rb

@@ -0,0 +1,51 @@
+# Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+module Contrast
+  module Config
+    module Diagnostics
+      # All config values from all sources, stored in a easy to write representation.
+      class SourceConfigValue
+        # @return [String] Name of the config starting form root of yaml config.
+        attr_accessor :canonical_name
+        # @return [String] Name of the config.
+        attr_accessor :key
+        # @return [String, Boolean, array<String>] Value set for the config. Current Effective Value
+        attr_accessor :value
+        # @return [String] The source for the entry in the config.
+        attr_accessor :source
+        # @return [String,nil] The filename for the source of the config, if the source was "yaml".
+        attr_accessor :filename
+
+        def to_controlled_hash
+          {
+              canonical_name: canonical_name,
+              name: key,
+              value: value.cs__is_a?(Array) ? value.map(&:to_s) : value.to_s,
+              source: source,
+              filename: filename
+          }.compact
+        end
+
+        def to_source_hash
+          {
+              canonical_name: canonical_name,
+              name: key,
+              value: value.cs__is_a?(Array) ? value.map(&:to_s) : value.to_s
+          }.compact
+        end
+
+        # Assigns file name of the config iv viable, Currently supported formats for config file are *.yaml
+        # and *.yml
+        #
+        # @param source [String] name of the source file yaml | yml
+        # @return [Array<String>, nil]
+        def assign_filename source
+          Contrast::Components::Config::Sources::APP_CONFIGURATION_FILE.each do |type|
+            instance_variable_set(:@filename, source) if source.include?(".#{ type.downcase }")
+          end
+        end
+      end
+    end
+  end
+end

data/lib/contrast/config/diagnostics/tools.rb

@@ -0,0 +1,188 @@
+# Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+require 'contrast/utils/object_share'
+require 'contrast/config/diagnostics/effective_config_value'
+require 'contrast/utils/duck_utils'
+
+module Contrast
+  module Config
+    module Diagnostics
+      # Diagnostics tools to be included in config components.
+      module Tools
+        CHECK = 'd'
+        class << self
+          # Creates new config instances for each read config entry from the flat generated configs.
+          #
+          # @param flats [Array] of flatten configs produced by #flatten_settings
+          # @param source [Boolean] flag to set the desired value class, it may be a effective or source value.
+          # @return [Array<Contrast::Config::Diagnostics::SourceConfigValue>]
+          def to_config_values flats, source: false
+            config_value_klass = if source
+                                   Contrast::Config::Diagnostics::SourceConfigValue
+                                 else
+                                   Contrast::Config::Diagnostics::EffectiveConfigValue
+                                 end
+            settings = []
+            flats.each do |entry|
+              entry.each do |key, value|
+                efc_value = config_value_klass.new.tap do |config_value|
+                  config_value.canonical_name = Contrast::Utils::ObjectShare::CONTRAST_DOT + key
+                  config_value.key = key
+                  config_value.value = value_to_s(value)
+                end
+                settings << efc_value if efc_value
+              end
+            end
+            settings
+          end
+
+          # Flattens out the read settings from file, env or contrast ui.
+          # example: {"agent.polling.server_settings_ms"=>"50000"}
+          #
+          #  @param data [Hash, nil]
+          #  @param path  [String] where to look for settings.
+          #  @param config [Hash] symbolized config to fetch keys from.
+          def flatten_settings data, path = [], config: Contrast::CONFIG.config.loaded_config
+            return [] unless data
+
+            data.each_with_object([]) do |(k, v), entries|
+              if v.cs__is_a?(Hash)
+                entries.concat(flatten_settings(v, path.dup.append(k.to_sym)))
+              else
+                entries << { "#{ path.join('.') }.#{ k }" => config.dig(*path, k).to_s }
+              end
+            end.flatten # rubocop:disable Style/MethodCalledOnDoEndBlock
+          end
+
+          # Recursively converts each value to string.
+          #
+          # @param value [Hash, nil]
+          def value_to_s value
+            return if value.nil?
+            return value if value.cs__is_a?(String)
+
+            value.each_with_object({}) do |(k, v), m| # rubocop:disable Style/HashTransformValues
+              m[k] = if v.cs__is_a?(Hash)
+                       value_to_s(v)
+                     elsif v.cs__is_a?(Array)
+                       v.map(&:to_s)
+                     else
+                       v.to_s
+                     end
+            end
+          end
+        end
+
+        # Converts current configuration from array of values to effective config values class and appends them to
+        # EffectiveConfig class. Must be used inside Config Components only.
+        #
+        # @param effective_config [Contrast::Config::Diagnostics::EffectiveConfig]
+        # @param config_values [] array of the names of values.
+        # @param canonical_prefix [String] starting of the path to config => api.proxy...
+        # @param name_prefix [String] the name of the config prefix => contrast.api_key, contrast.url
+        def add_effective_config_values effective_config, config_values, canonical_prefix, name_prefix
+          return if config_values.to_s.empty?
+
+          config_values.each do |config_value_name|
+            Contrast::Config::Diagnostics::EffectiveConfigValue.new.tap do |new_effective_value|
+              next if Contrast::Utils::DuckUtils.empty_duck?((config_value = send(config_value_name.to_sym)))
+
+              fill_effective_value(new_effective_value, config_value, config_value_name, canonical_prefix, name_prefix)
+              effective_config.values << new_effective_value
+            rescue StandardError => e
+              log_error(e)
+              next
+            end
+          end
+        end
+
+        # Converts current configuration from single value to effective config values class and appends them to
+        # EffectiveConfig class. Must be used inside Config Components only.
+        #
+        # @param effective_config [Contrast::Config::Diagnostics::EffectiveConfig]
+        # @param config_name [String] name of the config.
+        # @param config_value [String, Boolean] value of the config.
+        # @param canonical_prefix [String] starting of the path to config => api.proxy...
+        # @param name_prefix [String] the name of the config prefix => contrast.api_key, contrast.url
+        def add_single_effective_value effective_config, config_name, config_value, canonical_prefix, name_prefix
+          Contrast::Config::Diagnostics::EffectiveConfigValue.new.tap do |new_effective_value|
+            break if Contrast::Utils::DuckUtils.empty_duck?(config_value)
+
+            fill_effective_value(new_effective_value, config_value, config_name, canonical_prefix, name_prefix)
+            effective_config.values << new_effective_value
+          rescue StandardError => e
+            log_error(e)
+            next
+          end
+        end
+
+        private
+
+        # Fills instance of effective configuration value from read configuration.
+        #
+        # @param new_effective_value [Contrast::Config::Diagnostics::EffectiveConfigValue]
+        # @param config_value [String, Boolean] value of the config
+        # @param config_value_name [string] name of the value e.g. enabled?
+        # @param canonical_prefix [String] starting of the path to config => api.proxy...
+        # @param name_prefix [String] the name of the config prefix => contrast.api_key, contrast.url
+        # @return filled_new_effective_config [Contrast::Config::Diagnostics::EffectiveConfigValue]
+        def fill_effective_value new_effective_value, config_value, config_value_name, canonical_prefix, name_prefix
+          find_source(new_effective_value, canonical_prefix, assign_name(config_value_name), name_prefix)
+          new_effective_value.value = config_value
+          new_effective_value
+        end
+
+        # Assigns a proper name for the config removing '?' out of method names.
+        #
+        # @param config [String] name of the configuration
+        # @return [String]
+        def assign_name config
+          return Contrast::Utils::ObjectShare::EMPTY_STRING unless config
+
+          name = config.dup
+          if name.end_with?(Contrast::Utils::ObjectShare::QUESTION_MARK)
+            # check and remove '?' : start_bundled_service? => start_bundled_service
+            name.delete!(Contrast::Utils::ObjectShare::QUESTION_MARK)
+            # converts name e.g. enabled => enable
+            name.chop! if name.end_with?(CHECK)
+            name
+          end
+          name
+        end
+
+        # Retrieves the config value from sources by canonical name and sets the key value.
+        #
+        # @param new_effective_value [Contrast::Config::Diagnostics::EffectiveConfigValue]
+        # @param canonical_prefix [String] starting of the path to config => api.proxy...
+        # @param config_name [String] name of the config.
+        # @param name_prefix [String] the name of the config prefix => contrast.api_key, contrast.url
+        # @return [Contrast::Config::Diagnostics::EffectiveConfigValue]
+        def find_source new_effective_value, canonical_prefix, config_name, name_prefix
+          new_effective_value.key = "#{ name_prefix }.#{ config_name }"
+          new_effective_value.canonical_name = "#{ canonical_prefix }.#{ config_name }"
+          # For files we keep the whole path as source.
+          source = Contrast::CONFIG.sources.get(new_effective_value.canonical_name)
+          new_effective_value.assign_filename(source)
+          new_source = if source.include?(Contrast::Config::LocalSourceValue::YAML_EXT)
+                         Contrast::Components::Config::Sources::APP_CONFIGURATION_FILE[0]
+                       elsif source.include?(Contrast::Config::LocalSourceValue::YML_EXT)
+                         Contrast::Components::Config::Sources::APP_CONFIGURATION_FILE[1]
+                       else
+                         Contrast::Components::Config::Sources::DEFAULT_VALUE
+                       end
+          new_effective_value.source = new_source
+          new_effective_value
+        end
+
+        # Logs any caught error.
+        #
+        # @param error [StandardError]
+        def log_error error
+          Contrast::CONFIG.proto_logger.warn(Contrast::Config::Diagnostics::Monitor::ERROR_MESSAGE,
+                                             error: error, backtrace: error.backtrace)
+        end
+      end
+    end
+  end
+end

data/lib/contrast/config/diagnostics/user_configuration_file.rb

@@ -0,0 +1,44 @@
+# Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+require 'contrast/config/diagnostics/effective_config_value'
+require 'contrast/config/diagnostics/tools'
+require 'contrast/utils/object_share'
+
+module Contrast
+  module Config
+    module Diagnostics
+      # Reads all config files
+      class UserConfigurationFile
+        # Returns all source values from all configuration files read from the Agent int {path => values} format.
+        #
+        # @return source_values [Hash<String =>Contrast::Config::Diagnostics::SourceConfigValue>]
+        def source_values
+          @_source_values ||= begin
+            sources = {}
+            Contrast::CONFIG.config.origin.source_files.each do |file|
+              config = Contrast::Utils::HashUtils.deep_symbolize_all_keys(file.values)
+              # Assign each source to it's file path
+              sources[file.path] = Contrast::Config::Diagnostics::Tools.
+                  to_config_values(Contrast::Config::Diagnostics::Tools.
+                  flatten_settings(Contrast::Config::Diagnostics::Tools.
+                    value_to_s(config), config: config), source: true)
+            end
+            sources
+          end
+        end
+
+        def to_controlled_hash
+          arr = []
+          source_values.each do |k, v|
+            hsh = {}
+            hsh[:path] = k
+            hsh[:values] = v.map(&:to_source_hash)
+            arr << hsh
+          end
+          arr
+        end
+      end
+    end
+  end
+end

data/lib/contrast/config/request_audit_configuration.rb

@@ -48,7 +48,7 @@ module Contrast
       # Converts current configuration to effective config values class and appends them to
       # EffectiveConfig class.
       #
-      # @param effective_config [Contrast::Agent::DiagnosticsConfig::EffectiveConfig]
+      # @param effective_config [Contrast::Config::Diagnostics::EffectiveConfig]
       def to_effective_config effective_config
         add_effective_config_values(effective_config, CONFIG_VALUES, CANON_NAME, "#{ CONTRAST }.#{ CANON_NAME }")
       end

data/lib/contrast/config/server_configuration.rb

@@ -51,7 +51,7 @@ module Contrast
       # Converts current configuration to effective config values class and appends them to
       # EffectiveConfig class.
       #
-      # @param effective_config [Contrast::Agent::DiagnosticsConfig::EffectiveConfig]
+      # @param effective_config [Contrast::Config::Diagnostics::EffectiveConfig]
       def to_effective_config effective_config
         super
         add_single_effective_value(effective_config,