contrast-agent 7.0.0 → 7.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bc98145df7f08bc47cbff0f0416a7b43852b8075c6806bd38fbbe0aa27d94adb
-  data.tar.gz: 60885ba415f59b893a5da6101ddc3b9d6deeac5a9d41bb2eb7c459291873b08f
+  metadata.gz: 81222798666699f86b31b925d531d2ee2229eb7934582d2a502cc61de3ca4e0b
+  data.tar.gz: 7dd4d41a58600b7d57b5f57cf95c42bd2f6d198f5f1906e93751e33c09efa3e0
 SHA512:
-  metadata.gz: 4a6449786512d444818087fed5d880c061b1108b8e9fbe64e4fd0f3657bac3b53ffb60806a7767a50a9c7a910b5e62e223d6af84be51d8ca9b6e4e5b5ae67d07
-  data.tar.gz: 4f2cb9c1435fbe5fdfbccbc3cc69ba3823de97f617bcff63493087a70a0551852dbe09f7699089cd22dfc509e57c39525420290813cd12ac92ee91164e2910bc
+  metadata.gz: 02e5d3aa6b342e8c4277ad6cefde65819aed6f6b4a1079cfe7528fcce236ec702aa8a63fc756c403c0df6e3ef38d5d25dc9f1c6e5c450d272122d699b6fd9872
+  data.tar.gz: 9cc83b5f69edeea949784ae766be7e02c1d589e58b2af5b5c1bd7975dcee1450d294bc7de647f60a9a3f18a1ea05a43bfe452a52d4760ed1b1cfcb0a7339a6ab

data/lib/contrast/agent/assess/policy/policy.rb

@@ -58,7 +58,7 @@ module Contrast
             # can skip policy loading.
             return if disabled_globally?
 
-            policy_data = JSON.parse(string)
+            policy_data = Contrast::Utils::Json.parse(string)
 
             policy_data[SOURCES_KEY].each do |source_hash|
               source = Contrast::Agent::Assess::Policy::SourceNode.new(source_hash)

data/lib/contrast/agent/deadzone/policy/policy.rb

@@ -28,7 +28,7 @@ module Contrast
           end
 
           def from_hash_string string
-            policy_data = JSON.parse(string)
+            policy_data = Contrast::Utils::Json.parse(string)
 
             policy_data[DEADZONES_KEY].each do |deadzone_hash|
               add_node(node_type.new(deadzone_hash))

data/lib/contrast/agent/patching/policy/policy.rb

@@ -1,7 +1,7 @@
 # Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
-require 'json'
+require 'contrast/utils/json'
 require 'singleton'
 
 require 'contrast'
@@ -71,7 +71,7 @@ module Contrast
             # it, so in that case, we can skip policy loading.
             return if disabled_globally?
 
-            policy_data = JSON.parse(string)
+            policy_data = Contrast::Utils::Json.parse(string)
 
             policy_data[RULES_KEY].each do |rule_hash|
               rule_hash[TRIGGERS_KEY].each do |trigger_hash|

data/lib/contrast/agent/protect/input_analyzer/worth_watching_analyzer.rb

@@ -26,11 +26,14 @@ module Contrast
         # Thread that will process all the InputAnalysisResults that have a score level of WORTHWATCHING and
         # sends results to TeamServer
         def start_thread!
+          return unless attempt_to_start?
           return if running?
 
           @_thread = Contrast::Agent::Thread.new do
             logger.info('[WorthWatchingAnalyzer] Starting thread.')
             loop do
+              break unless attempt_to_start?
+
               sleep(REPORT_INTERVAL_SECOND)
               next if queue.empty?
 

data/lib/contrast/agent/protect/rule/no_sqli/no_sqli.rb

@@ -94,7 +94,7 @@ module Contrast
           #
           # @return [Boolean]
           def json? string
-            return true if JSON.parse(string)
+            return true if Contrast::Utils::Json.parse(string)
           rescue StandardError
             false
           end

data/lib/contrast/agent/reporting/reporter.rb

@@ -10,10 +10,12 @@ require 'contrast/agent/telemetry/exception'
 module Contrast
   module Agent
     # This module will hold everything essential to reporting to TeamServer
-    class Reporter < WorkerThread
+    class Reporter < WorkerThread # rubocop:disable Metrics/ClassLength
       include Contrast::Components::Logger::InstanceMethods
       include Contrast::Utils::ObjectShare
 
+      # How many tries to reconnect the Reporter should make.
+      RETRY_ATTEMPTS = 10
       MAX_QUEUE_SIZE = 1000
 
       class << self
@@ -35,13 +37,17 @@ module Contrast
       end
 
       def start_thread!
+        return unless attempt_to_start?
         return if running?
 
+        @connection_attempts = 0
+
         client.startup!(connection)
         @_thread = Contrast::Agent::Thread.new do
           logger.debug('[Reporter] Starting background Reporter thread.')
           loop do
             next unless connected?
+            break unless attempt_to_start?
 
             process_event(queue.pop)
           rescue StandardError => e
@@ -124,10 +130,19 @@ module Contrast
       #
       # @return [Boolean]
       def connected?
-        return true if client && connection
+        if client && connection
+          # Try to resend startup messages now with connection:
+          client.startup!(connection) unless client.status.startup_messages_sent?
+          return true
+        end
 
-        logger.debug('[Reporter] No client/connection; sleeping...', client: client, connection: connection)
-        sleep(5)
+        logger.debug('[Reporter] No client/connection; sleeping...')
+        @connection_attempts += 1
+        if @connection_attempts >= RETRY_ATTEMPTS
+          logger.debug('[Reporter] shutting down..')
+          Contrast::AGENT.disable!
+        end
+        sleep(5) unless Contrast::AGENT.disabled?
         false
       end
 

data/lib/contrast/agent/reporting/reporting_events/agent_effective_config.rb

@@ -0,0 +1,32 @@
+# Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+require 'contrast/agent/reporting/reporting_events/reporting_event'
+require 'contrast/config'
+
+module Contrast
+  module Agent
+    module Reporting
+      #	AgentStartup Event which sends the agent data to TeamServer on the startup of a server or process,
+      # used to create a new Server entity there.
+      class AgentEffectiveConfig < Contrast::Agent::Reporting::ReportingEvent
+        # @param diagnostics [Contrast::Agent::DiagnosticsConfig::Diagnostics] current diagnostics
+        def initialize diagnostics
+          @event_method = :PUT
+          @event_endpoint = Contrast::Agent::Reporting::Endpoints.effective_config
+          @event_type = :effective_config
+          @diagnostics = diagnostics
+          super()
+        end
+
+        def file_name
+          'agent-effective-config'
+        end
+
+        def to_controlled_hash
+          @diagnostics.to_controlled_hash
+        end
+      end
+    end
+  end
+end

data/lib/contrast/agent/reporting/reporting_utilities/endpoints.rb

@@ -83,6 +83,13 @@ module Contrast
             end
           end
 
+          # @return [String, nil]
+          def effective_config
+            with_rescue do
+              "#{ application_endpoint }/effective-config".cs__freeze
+            end
+          end
+
           private
 
           # Returns the URL needed to connect to endpoints in TeamServer required for application related information.

data/lib/contrast/agent/reporting/reporting_utilities/headers.rb

@@ -11,7 +11,7 @@ module Contrast
       # This class will build the required headers for agent reporting to TS
       class Headers
         attr_reader :app_name, :api_key, :agent_version, :app_language, :app_path, :app_version, :authorization,
-                    :server_name, :server_path, :server_type, :content_type, :encoding, :compression
+                    :server_name, :server_path, :server_type, :content_type, :encoding, :compression, :session_id
 
         include Contrast::Utils::ObjectShare
         ENCODING = 'base64'
@@ -29,6 +29,7 @@ module Contrast
           @server_name = Base64.strict_encode64(Contrast::APP_CONTEXT.server_name)
           @server_path = Base64.strict_encode64(Contrast::APP_CONTEXT.server_path)
           @server_type = Base64.strict_encode64(Contrast::APP_CONTEXT.server_type)
+          @session_id = Contrast::CONFIG.session_id
           @content_type = CONTENT_TYPE
           @encoding = ENCODING
           @compression = COMPRESSION
@@ -46,6 +47,7 @@ module Contrast
               server_name: @server_name,
               server_path: @server_path,
               server_type: @server_type,
+              'Session-ID': @session_id,
               content_type: @content_type,
               encoding: @encoding,
               compression: @compression

data/lib/contrast/agent/reporting/reporting_utilities/reporter_client.rb

@@ -5,14 +5,15 @@ require 'json'
 require 'net/http'
 require 'contrast/components/logger'
 require 'contrast/utils/net_http_base'
+require 'contrast/config/diagnostics/monitor'
 require 'contrast/agent/reporting/connection_status'
-require 'contrast/agent/reporting/reporting_utilities/response_handler'
-require 'contrast/agent/reporting/reporting_utilities/reporter_client_utils'
-require 'contrast/agent/reporting/reporting_utilities/endpoints'
 require 'contrast/agent/reporting/reporting_utilities/headers'
+require 'contrast/agent/reporting/reporting_utilities/endpoints'
 require 'contrast/agent/reporting/reporting_events/server_settings'
+require 'contrast/agent/reporting/reporting_utilities/response_handler'
 require 'contrast/agent/reporting/reporting_events/application_settings'
-require 'contrast/config/diagnostics'
+require 'contrast/agent/reporting/reporting_events/agent_effective_config'
+require 'contrast/agent/reporting/reporting_utilities/reporter_client_utils'
 
 module Contrast
   module Agent
@@ -57,6 +58,7 @@ module Contrast
         # @param connection [Net::HTTP] open connection
         def startup! connection
           return if status.startup_messages_sent?
+          return unless connection
 
           send_agent_startup(connection)
         end
@@ -76,7 +78,7 @@ module Contrast
           response = connection.request(request)
           audit&.audit_event(event, response) if ::Contrast::API.request_audit_enable
           process_settings_response(response, event)
-          record_configuration(response, event)
+          report_configuration(response, event)
           process_preflight_response(event, response, connection)
           response
         rescue StandardError => e
@@ -90,7 +92,7 @@ module Contrast
         #
         # @param response [Contrast::Agent::Reporting::Response, nil]
         # @param event [Contrast::Agent::Reporting::ReportingEvent]
-        def record_configuration response, event
+        def report_configuration response, event
           return unless response
 
           diagnostics.config.determine_config_status(response_handler.last_response_code || response.code)
@@ -99,6 +101,8 @@ module Contrast
 
           logger.info('[Reporter Diagnostics] last response code:', response_code: response_handler.last_response_code)
           diagnostics.write_to_file
+          config_event = Contrast::Agent::Reporting::AgentEffectiveConfig.new(diagnostics)
+          Contrast::Agent.reporter.send_event(config_event)
         end
 
         def status
@@ -110,7 +114,7 @@ module Contrast
         end
 
         def diagnostics
-          @_diagnostics ||= Contrast::Agent::DiagnosticsConfig::Diagnostics.new(Contrast::LOGGER.path)
+          @_diagnostics ||= Contrast::Config::Diagnostics::Monitor.new(Contrast::LOGGER.path)
         end
 
         def sleep?

data/lib/contrast/agent/reporting/reporting_utilities/reporter_client_utils.rb

@@ -53,19 +53,15 @@ module Contrast
         # @param request [Net::HTTPRequest]
         # @return [Net::HTTPRequest]
         def build_headers request
-          app_version = @headers.app_version
-          request['API-Key'] = @headers.api_key
-          request['Application-Language'] = @headers.app_language
-          request['Application-Name'] = @headers.app_name
-          request['Application-Path'] = @headers.app_path
-          request['Application-Version'] = app_version if app_version
+          build_application_headers(request)
+          build_encode_and_compress_headers(request)
           request['Authorization'] = @headers.authorization
           request['Server-Name'] = @headers.server_name
           request['Server-Path'] = @headers.server_path
           request['Server-Type'] = @headers.server_type
           request['X-Contrast-Agent'] = @headers.agent_version
           request['X-Contrast-Header-Encoding'] = @headers.encoding
-          build_encode_and_compress_headers(request)
+          request['Session-ID'] = @headers.session_id
           request
         end
 
@@ -155,6 +151,18 @@ module Contrast
           request['X-Contrast-Encoding'] = @headers.compression
           request['Content-Encoding'] = @headers.compression
         end
+
+        # Adds corresponding application headers to request.
+        #
+        # @param request [Net::HTTPRequest]
+        def build_application_headers request
+          app_version = @headers.app_version
+          request['API-Key'] = @headers.api_key
+          request['Application-Language'] = @headers.app_language
+          request['Application-Name'] = @headers.app_name
+          request['Application-Path'] = @headers.app_path
+          request['Application-Version'] = app_version if app_version
+        end
       end
     end
   end

data/lib/contrast/agent/reporting/reporting_utilities/response_handler_utils.rb

@@ -4,6 +4,7 @@
 require 'contrast/agent/reporting/reporting_utilities/ng_response_extractor'
 require 'contrast/agent/reporting/reporting_utilities/response_extractor'
 require 'contrast/agent/reactions/disable_reaction'
+require 'contrast/utils/json'
 
 module Contrast
   module Agent
@@ -257,7 +258,7 @@ module Contrast
           response_body = response&.body
           return unless response_body
 
-          response_data = JSON.parse(response_body, symbolize_names: true)
+          response_data = Contrast::Utils::Json.parse(response_body, deep_symbolize: true)
           return unless response_data.cs__is_a?(Hash)
 
           extract_response_last_modified(response, event)

data/lib/contrast/agent/reporting/reporting_workers/application_server_worker.rb

@@ -13,11 +13,14 @@ module Contrast
         RESEND_INTERVAL_MS = 30_000.cs__freeze
 
         def start_thread!
+          return unless attempt_to_start?
           return if running?
 
           @_thread = Contrast::Agent::Thread.new do
             logger.info('[ApplicationSettingsWorker] Starting thread.', sending_interval: application_server_ms)
             loop do
+              break unless attempt_to_start?
+
               logger.info('[ApplicationSettingsWorker] Fetching Settings', sending_interval: application_server_ms)
               Contrast::Agent.reporter&.send_event(application_settings_message)
               sleep(application_server_ms / 1000)

data/lib/contrast/agent/reporting/reporting_workers/reporter_heartbeat.rb

@@ -19,11 +19,14 @@ module Contrast
         REFRESH_INTERVAL_SEC = 60
 
         def start_thread!
+          return unless attempt_to_start?
           return if running?
 
           @_thread = Contrast::Agent::Thread.new do
             logger.info('[Heartbeat] Starting thread.')
             loop do
+              break unless attempt_to_start?
+
               polling_events.each do |event|
                 Contrast::Agent.reporter&.send_event(event)
               end

data/lib/contrast/agent/reporting/reporting_workers/server_settings_worker.rb

@@ -13,11 +13,14 @@ module Contrast
         RESEND_INTERVAL_MS = 60_000.cs__freeze
 
         def start_thread!
+          return unless attempt_to_start?
           return if running?
 
           @_thread = Contrast::Agent::Thread.new do
             logger.info('[ServerSettingsWorker] Starting thread.', sending_interval: server_settings_resend_ms)
             loop do
+              break unless attempt_to_start?
+
               logger.info('[ServerSettingsWorker] Fetching Settings', sending_interval: server_settings_resend_ms)
               Contrast::Agent.reporter&.send_event(settings_message)
               sleep(server_settings_resend_ms / 1000)

data/lib/contrast/agent/telemetry/base.rb

@@ -46,6 +46,39 @@ module Contrast
             @enabled
           end
 
+          # In case of connection error, do not create the background thread or queue,
+          # as if the opt-out env var was set.
+          #
+          # @return [Boolean]
+          def ip_opt_out?
+            @_ip_opt_out ||= begin
+              test_conn = Contrast::Agent::Telemetry::Client.new.initialize_connection(URL)
+
+              if test_conn.nil? || Contrast::Utils::NetHttpBase.last_error
+                # log if error:
+                if defined?(Contrast) && defined?(Contrast::CONFIG) && defined?(Contrast::CONFIG)
+                  Contrast::CONFIG.proto_logger.warn('[Telemetry] connection error disabling...',
+                                                     error: Contrast::Utils::NetHttpBase.last_error)
+
+                end
+                # Disable telemetry:
+                @enabled = false
+                true
+              else
+                # Close the connection
+                test_conn.finish if test_conn.started?
+                false
+              end
+            end
+          rescue StandardError
+            @enabled = false
+            true
+          end
+
+          def disable!
+            @enabled = false
+          end
+
           private
 
           def telemetry_enabled?
@@ -56,15 +89,7 @@ module Contrast
 
             # In case of connection error, do not create the background thread or queue,
             # as if the opt-out env var was set
-            @_client = Contrast::Agent::Telemetry::Client.new
-            ip_opt_out_telemetry = @_client.initialize_connection(URL)
-            if ip_opt_out_telemetry.nil?
-              # TODO: RUBY-2033 we cannot log the error above debug level here b/c it results in
-              #   an infinite loop w/ telemetry
-              logger.debug("[Telemetry] Connection was not established properly!!! \n
-                          Telemetry reporting will be disabled!")
-              return false
-            end
+            return false if ip_opt_out?
 
             true
           end
@@ -91,6 +116,7 @@ module Contrast
         end
 
         def start_thread!
+          return unless attempt_to_start?
           return if running?
 
           logger.debug('[Telemetry] Starting background telemetry thread.')
@@ -140,6 +166,7 @@ module Contrast
           Contrast::Agent::Thread.new do
             loop do
               next unless client && connection
+              break unless attempt_to_start?
 
               # Start pushing exceptions to queue for reporting.
               Contrast::TELEMETRY_EXCEPTIONS.each_value { |value| queue << value }
@@ -155,9 +182,7 @@ module Contrast
                     sleep(retry_sleep_time) unless retry_sleep_time.nil?
                   end
                 rescue StandardError => e
-                  # TODO: RUBY-2033 we cannot log the error above debug level here b/c it results in
-                  #   an infinite loop w/ telemetry
-                  logger.debug('[Telemetry] Could not send message to service from telemetry queue.', e)
+                  logger.error('[Telemetry] Could not send message to service from telemetry queue.', e)
                   stop!
                 end
               end

data/lib/contrast/agent/telemetry/client.rb

@@ -100,9 +100,7 @@ module Contrast
         def get_event_json event
           Array(event.to_controlled_hash).to_json
         rescue Exception => e # rubocop:disable Lint/RescueException
-          # TODO: RUBY-2033 we cannot log the error above debug level here b/c it results in
-          #   an infinite loop w/ telemetry
-          logger.debug('[Telemetry] Unable to convert TelemetryEvent to JSON string', e, hsh)
+          logger.error('[Telemetry] Unable to convert TelemetryEvent to JSON string', e, hsh)
           raise(e)
         end
       end

data/lib/contrast/agent/telemetry/telemetry.rb

@@ -92,13 +92,6 @@ module Contrast
         #
         # @return [Boolean]
         def telemetry_exceptions_enabled?
-          opts_out_telemetry = return_value(:telemetry_opt_outs).to_s
-          return false if opts_out_telemetry.casecmp?('true') || opts_out_telemetry == '1'
-          # Double check if telemetry is enabled, this includes a check for Agent enable setting in the
-          # config. In case of disabled Agent the queue won't be created and the Telemetry would not
-          # be enabled. This check is here to prevent a loop of error creations that could no be added
-          # to a queue ( because the client cannot be initialized if the Agent is disabled or settings are
-          # missing).
           return false unless Contrast::Agent::Telemetry::Base.enabled?
 
           true

data/lib/contrast/agent/thread/thread_watcher.rb

@@ -6,7 +6,7 @@ require 'contrast/agent/reporting/report'
 require 'contrast/agent/reporting/reporting_workers/reporting_workers'
 require 'contrast/agent/telemetry/base'
 require 'contrast/agent/protect/input_analyzer/worth_watching_analyzer'
-require 'contrast/config/diagnostics'
+require 'contrast/config/diagnostics/monitor'
 require 'contrast/utils/job_servers_running'
 
 module Contrast
@@ -114,7 +114,7 @@ module Contrast
       def check_before_start
         return if Contrast::CONFIG.send(:validate)
 
-        @_diagnostics = Contrast::Agent::DiagnosticsConfig::Diagnostics.new(Contrast::AGENT.logger.path ||
+        @_diagnostics = Contrast::Config::Diagnostics::Monitor.new(Contrast::AGENT.logger.path ||
                                                                             Contrast::Components::Config::CONTRAST_LOG)
         @_diagnostics.config.populate_fail_connection
         @_diagnostics.write_to_file_logic(false, reset: false)

data/lib/contrast/agent/version.rb

@@ -3,6 +3,6 @@
 
 module Contrast
   module Agent
-    VERSION = '7.0.0'
+    VERSION = '7.1.0'
   end
 end

data/lib/contrast/components/agent.rb

@@ -137,7 +137,7 @@ module Contrast
         # Converts current configuration to effective config values class and appends them to
         # EffectiveConfig class.
         #
-        # @param effective_config [Contrast::Agent::DiagnosticsConfig::EffectiveConfig]
+        # @param effective_config [Contrast::Config::Diagnostics::EffectiveConfig]
         def to_effective_config effective_config
           super
           logger&.to_effective_config(effective_config)

data/lib/contrast/components/api.rb

@@ -127,7 +127,7 @@ module Contrast
         # Converts current configuration to effective config values class and appends them to
         # EffectiveConfig class.
         #
-        # @param effective_config [Contrast::Agent::DiagnosticsConfig::EffectiveConfig]
+        # @param effective_config [Contrast::Config::Diagnostics::EffectiveConfig]
         def to_effective_config effective_config
           add_effective_config_values(effective_config, CONFIG_VALUES, CANON_NAME, CONTRAST)
           effective_proxy(effective_config)
@@ -137,7 +137,7 @@ module Contrast
 
         private
 
-        # @param effective_config [Contrast::Agent::DiagnosticsConfig::EffectiveConfig]
+        # @param effective_config [Contrast::Config::Diagnostics::EffectiveConfig]
         def effective_proxy effective_config
           add_single_effective_value(effective_config, ENABLE, proxy_enable.to_s, PROXY_NAME, "#{ CONTRAST }.proxy")
           return unless proxy_url && proxy_enable

data/lib/contrast/components/app_context.rb

@@ -161,7 +161,7 @@ module Contrast
         # Converts current configuration to effective config values class and appends them to
         # EffectiveConfig class.
         #
-        # @param effective_config [Contrast::Agent::DiagnosticsConfig::EffectiveConfig]
+        # @param effective_config [Contrast::Config::Diagnostics::EffectiveConfig]
         def to_effective_config effective_config
           super
           Contrast::CONFIG.server.to_effective_config(effective_config)

data/lib/contrast/components/assess.rb

@@ -218,7 +218,7 @@ module Contrast
         # Converts current configuration to effective config values class and appends them to
         # EffectiveConfig class.
         #
-        # @param effective_config [Contrast::Agent::DiagnosticsConfig::EffectiveConfig]
+        # @param effective_config [Contrast::Config::Diagnostics::EffectiveConfig]
         def to_effective_config effective_config
           super
           sampling&.to_effective_config(effective_config)

data/lib/contrast/components/assess_rules.rb

@@ -34,7 +34,7 @@ module Contrast
         # Converts current configuration to effective config values class and appends them to
         # EffectiveConfig class.
         #
-        # @param effective_config [Contrast::Agent::DiagnosticsConfig::EffectiveConfig]
+        # @param effective_config [Contrast::Config::Diagnostics::EffectiveConfig]
         def to_effective_config effective_config
           add_single_effective_value(effective_config, SPEC_KEY.to_s, disabled_rules, canon_name, NAME_PREFIX)
         end

data/lib/contrast/components/base.rb

@@ -1,7 +1,7 @@
 # Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
-require 'contrast/config/diagnostics_tools'
+require 'contrast/config/diagnostics/tools'
 require 'contrast/utils/object_share'
 
 module Contrast
@@ -9,7 +9,7 @@ module Contrast
     # All components should inherit from this,
     # whether Interfaces, InstanceMethods or ClassMethods.
     module ComponentBase
-      include Contrast::Agent::DiagnosticsConfig::DiagnosticsTools
+      include Contrast::Config::Diagnostics::Tools
 
       CONTRAST = 'contrast'
       ENABLE = 'enable'
@@ -84,7 +84,7 @@ module Contrast
       # Converts current configuration to effective config values class and appends them to
       # EffectiveConfig class.
       #
-      # @param effective_config [Contrast::Agent::DiagnosticsConfig::EffectiveConfig]
+      # @param effective_config [Contrast::Config::Diagnostics::EffectiveConfig]
       def to_effective_config effective_config
         add_effective_config_values(effective_config, config_values, canon_name, "#{ CONTRAST }.#{ canon_name }")
       end

data/lib/contrast/components/config/sources.rb

@@ -11,11 +11,14 @@ module Contrast
       # This component encapsulates storing the source for each entry in the config,
       # so that we can report on where the value was set from.
       class Sources
-        ENVIRONMENT = 'ENV'
-        CLI = 'CLI'
-        CONTRASTUI = 'ContrastUI'
-        DEFAULT = 'Default'
-        YAML = 'YAML'
+        ENVIRONMENT_VARIABLE = 'ENV'
+        COMMAND_LINE = 'CLI'
+        CONTRAST_UI = 'ContrastUI'
+        DEFAULT_VALUE = 'Default'
+        # Order matters for the Configurations files. This is read when Agent starts up and will always go
+        # through the YAML as priority.
+        # Do not change the order!
+        APP_CONFIGURATION_FILE = %w[YAML YML].cs__freeze
 
         # @return [Hash]
         attr_reader :data
@@ -30,15 +33,15 @@ module Contrast
         # @param path [String] the canonical name for the config entry (such as api.proxy.enable)
         # @return [String] the source for the entry
         def get path
-          data.dig(*parts_for(path)) || DEFAULT
+          data.dig(*parts_for(path)) || DEFAULT_VALUE
         rescue TypeError
-          DEFAULT
+          DEFAULT_VALUE
         end
 
         # Assigns the config source for a specified config path.
         #
         # @param path [String] the canonical name for the config entry (such as api.proxy.enable)
-        # @param [String] the source for the entry
+        # @param source[String] the source for the entry
         # @return [String] the source type for the entry
         def set path, source
           assign_value(data, parts_for(path), source)
@@ -64,7 +67,7 @@ module Contrast
         # @param current_level [Hash] all, or some of, the config source information
         # @param parts [Array] the parts for canonical name of the config entry
         # @param source [String] the source to be set for the specified entry
-        # @return [Array] the path split on periods, and converted to symbols
+        # @return [String] the path split on periods, and converted to symbols
         def assign_value current_level, parts, source
           parts[0...-1].each do |segment|
             current_level[segment] ||= {}