contrast-agent 7.0.0 → 7.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (54) hide show
  1. checksums.yaml +4 -4
  2. data/lib/contrast/agent/assess/policy/policy.rb +1 -1
  3. data/lib/contrast/agent/deadzone/policy/policy.rb +1 -1
  4. data/lib/contrast/agent/patching/policy/policy.rb +2 -2
  5. data/lib/contrast/agent/protect/input_analyzer/worth_watching_analyzer.rb +3 -0
  6. data/lib/contrast/agent/protect/rule/no_sqli/no_sqli.rb +1 -1
  7. data/lib/contrast/agent/reporting/reporter.rb +19 -4
  8. data/lib/contrast/agent/reporting/reporting_events/agent_effective_config.rb +32 -0
  9. data/lib/contrast/agent/reporting/reporting_utilities/endpoints.rb +7 -0
  10. data/lib/contrast/agent/reporting/reporting_utilities/headers.rb +3 -1
  11. data/lib/contrast/agent/reporting/reporting_utilities/reporter_client.rb +11 -7
  12. data/lib/contrast/agent/reporting/reporting_utilities/reporter_client_utils.rb +15 -7
  13. data/lib/contrast/agent/reporting/reporting_utilities/response_handler_utils.rb +2 -1
  14. data/lib/contrast/agent/reporting/reporting_workers/application_server_worker.rb +3 -0
  15. data/lib/contrast/agent/reporting/reporting_workers/reporter_heartbeat.rb +3 -0
  16. data/lib/contrast/agent/reporting/reporting_workers/server_settings_worker.rb +3 -0
  17. data/lib/contrast/agent/telemetry/base.rb +37 -12
  18. data/lib/contrast/agent/telemetry/client.rb +1 -3
  19. data/lib/contrast/agent/telemetry/telemetry.rb +0 -7
  20. data/lib/contrast/agent/thread/thread_watcher.rb +2 -2
  21. data/lib/contrast/agent/version.rb +1 -1
  22. data/lib/contrast/components/agent.rb +1 -1
  23. data/lib/contrast/components/api.rb +2 -2
  24. data/lib/contrast/components/app_context.rb +1 -1
  25. data/lib/contrast/components/assess.rb +1 -1
  26. data/lib/contrast/components/assess_rules.rb +1 -1
  27. data/lib/contrast/components/base.rb +3 -3
  28. data/lib/contrast/components/config/sources.rb +12 -9
  29. data/lib/contrast/components/config.rb +2 -2
  30. data/lib/contrast/components/protect.rb +2 -2
  31. data/lib/contrast/components/sampling.rb +6 -4
  32. data/lib/contrast/components/settings.rb +1 -1
  33. data/lib/contrast/config/certification_configuration.rb +1 -1
  34. data/lib/contrast/config/configuration_files.rb +47 -0
  35. data/lib/contrast/config/diagnostics/command_line.rb +24 -0
  36. data/lib/contrast/config/{config.rb → diagnostics/config.rb} +21 -6
  37. data/lib/contrast/config/diagnostics/contrast_ui.rb +24 -0
  38. data/lib/contrast/config/diagnostics/effective_config.rb +28 -0
  39. data/lib/contrast/config/diagnostics/effective_config_value.rb +14 -0
  40. data/lib/contrast/config/diagnostics/environment_variables.rb +51 -0
  41. data/lib/contrast/config/{diagnostics.rb → diagnostics/monitor.rb} +10 -10
  42. data/lib/contrast/config/diagnostics/source_config_value.rb +51 -0
  43. data/lib/contrast/config/diagnostics/tools.rb +188 -0
  44. data/lib/contrast/config/diagnostics/user_configuration_file.rb +44 -0
  45. data/lib/contrast/config/request_audit_configuration.rb +1 -1
  46. data/lib/contrast/config/server_configuration.rb +1 -1
  47. data/lib/contrast/configuration.rb +90 -57
  48. data/lib/contrast/utils/hash_utils.rb +43 -0
  49. data/lib/contrast/utils/json.rb +46 -0
  50. data/lib/contrast/utils/net_http_base.rb +75 -26
  51. metadata +16 -7
  52. data/lib/contrast/config/diagnostics_tools.rb +0 -99
  53. data/lib/contrast/config/effective_config.rb +0 -131
  54. data/lib/contrast/config/effective_config_value.rb +0 -32
@@ -1,99 +0,0 @@
1
- # Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
2
- # frozen_string_literal: true
3
-
4
- require 'contrast/utils/object_share'
5
- require 'contrast/config/effective_config_value'
6
-
7
- module Contrast
8
- module Agent
9
- module DiagnosticsConfig
10
- # Diagnostics tools to be included in config components.
11
- module DiagnosticsTools
12
- CHECK = 'd'
13
-
14
- # Converts current configuration for array of values to effective config values class and appends them to
15
- # EffectiveConfig class. Must be used inside Config Components only.
16
- #
17
- # @param effective_config [Contrast::Agent::DiagnosticsConfig::EffectiveConfig]
18
- # @param config_values [Array<String>] array of the names of values.
19
- # @param canonical_prefix [String] starting of the path to config => api.proxy...
20
- # @param name_prefix [String] the name of the config prefix => contrast.api_key, contrast.url
21
- def add_effective_config_values effective_config, config_values, canonical_prefix, name_prefix
22
- return if config_values.to_s.empty?
23
-
24
- config_values.each do |config|
25
- Contrast::Agent::DiagnosticsConfig::EffectiveConfigValue.new.tap do |value|
26
- next if (config_val = send(config.to_sym)).to_s.empty?
27
-
28
- config_name = assign_name(config)
29
- value.canonical_name = "#{ canonical_prefix }.#{ config_name }"
30
- value.name = "#{ name_prefix }.#{ config_name }"
31
- value.value = config_val
32
- value.source = Contrast::CONFIG.sources.get(value.canonical_name)
33
- if value.source == Contrast::Components::Config::Sources::YAML
34
- value.filename = Contrast::CONFIG.config_file_path
35
- end
36
- effective_config.values << value
37
- rescue StandardError => e
38
- log_error(e)
39
- next
40
- end
41
- end
42
- end
43
-
44
- # Converts current configuration for single value to effective config values class and appends them to
45
- # EffectiveConfig class. Must be used inside Config Components only.
46
- #
47
- # @param effective_config [Contrast::Agent::DiagnosticsConfig::EffectiveConfig]
48
- # @param config_name [String] name of the config.
49
- # @param config_value [String, Boolean] value of the config.
50
- # @param canonical_prefix [String] starting of the path to config => api.proxy...
51
- # @param name_prefix [String] the name of the config prefix => contrast.api_key, contrast.url
52
- def add_single_effective_value effective_config, config_name, config_value, canonical_prefix, name_prefix
53
- Contrast::Agent::DiagnosticsConfig::EffectiveConfigValue.new.tap do |value|
54
- break if config_value.to_s.empty?
55
-
56
- value.value = config_value
57
- value.canonical_name = "#{ canonical_prefix }.#{ config_name }"
58
- value.name = "#{ name_prefix }.#{ config_name }"
59
- value.source = Contrast::CONFIG.sources.get(value.canonical_name)
60
- if value.source == Contrast::Components::Config::Sources::YAML
61
- value.filename = Contrast::CONFIG.config_file_path
62
- end
63
- effective_config.values << value
64
- rescue StandardError => e
65
- log_error(e)
66
- next
67
- end
68
- end
69
-
70
- private
71
-
72
- # Assigns a proper name for the config removing '?' out of method names.
73
- #
74
- # @param config [String] name of the configuration
75
- # @return [String]
76
- def assign_name config
77
- return Contrast::Utils::ObjectShare::EMPTY_STRING unless config
78
-
79
- name = config.dup
80
- if name.end_with?(Contrast::Utils::ObjectShare::QUESTION_MARK)
81
- # check and remove '?' : start_bundled_service? => start_bundled_service
82
- name.delete!(Contrast::Utils::ObjectShare::QUESTION_MARK)
83
- name.chop! if name.end_with?(CHECK)
84
- name
85
- end
86
- name
87
- end
88
-
89
- # Logs any caught error.
90
- #
91
- # @param error [StandardError]
92
- def log_error error
93
- Contrast::CONFIG.proto_logger.warn('Could not write effective config to file: ',
94
- error: error, backtrace: error.backtrace)
95
- end
96
- end
97
- end
98
- end
99
- end
@@ -1,131 +0,0 @@
1
- # Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
2
- # frozen_string_literal: true
3
-
4
- require 'contrast/config/effective_config_value'
5
- require 'contrast/config/diagnostics_tools'
6
- require 'contrast/utils/object_share'
7
-
8
- module Contrast
9
- module Agent
10
- module DiagnosticsConfig
11
- # The current effective config received from all authorized configuration channels.
12
- class EffectiveConfig
13
- NON_COMMON_ENV = %w[CONTRAST_CONFIG_PATH CONTRAST_AGENT_TELEMETRY_OPTOUT].cs__freeze
14
-
15
- # Value of effective agent configurations
16
- #
17
- # @return [Array]
18
- attr_reader :values
19
-
20
- def initialize
21
- @values = []
22
- end
23
-
24
- def to_controlled_hash
25
- {
26
- effective_config: { values: @values&.map(&:to_controlled_hash) },
27
- user_configuration_file: yaml_config_settings,
28
- environment_variable: environment_settings(ENV).map(&:to_controlled_hash),
29
- command_line: command_line_settings.map(&:to_controlled_hash),
30
- contrast_ui: contrast_ui_settings.map(&:to_controlled_hash)
31
- }
32
- end
33
-
34
- private
35
-
36
- def yaml_config_settings
37
- {
38
- path: Contrast::CONFIG.config_file_path,
39
- values: value_to_s(Contrast::CONFIG.sources.for(Contrast::Components::Config::Sources::YAML))
40
- }
41
- end
42
-
43
- def command_line_settings
44
- cli = flatten_settings(Contrast::CONFIG.sources.for(Contrast::Components::Config::Sources::CLI))
45
- flat_settings(cli)
46
- end
47
-
48
- def contrast_ui_settings
49
- ui = flatten_settings(Contrast::CONFIG.sources.for(Contrast::Components::Config::Sources::CONTRASTUI))
50
- flat_settings(ui)
51
- end
52
-
53
- # @param flats [Array] of flatten configs produced by #flatten_settings
54
- # @return [Array]
55
- def flat_settings flats
56
- ui_settings = []
57
- flats.each do |entry|
58
- entry.each do |key, value|
59
- efc_value = Contrast::Agent::DiagnosticsConfig::EffectiveConfigValue.new.tap do |effective_value|
60
- effective_value.canonical_name = Contrast::Utils::ObjectShare::CONTRAST_DOT + key
61
- effective_value.name = key
62
- effective_value.value = value_to_s(value)
63
- end
64
- ui_settings << efc_value if efc_value
65
- end
66
- end
67
- ui_settings
68
- end
69
-
70
- def flatten_settings data, path = []
71
- data.each_with_object([]) do |(k, v), entries|
72
- if v.cs__is_a?(Hash)
73
- entries.concat(flatten_settings(v, path.dup.append(k.to_sym)))
74
- else
75
- entries << { "#{ path.join('.') }.#{ k }" => Contrast::CONFIG.config.loaded_config.dig(*path, k).to_s }
76
- end
77
- end.flatten # rubocop:disable Style/MethodCalledOnDoEndBlock
78
- end
79
-
80
- # This method will fill the canonical name for each env var and will check for any uncommon ones.
81
- #
82
- # @param env [Hash]
83
- # @return [Array] array of all the values needed to be written.
84
- def environment_settings env
85
- env_hash = env.select do |e|
86
- e.to_s.start_with?(Contrast::Components::Config::CONTRAST_ENV_MARKER) || NON_COMMON_ENV.include?(e.to_s)
87
- end
88
- environment_settings = []
89
- env_hash.each do |key, value|
90
- efc_value = Contrast::Agent::DiagnosticsConfig::EffectiveConfigValue.new.tap do |effective_value|
91
- next unless value
92
-
93
- effective_value.canonical_name = if NON_COMMON_ENV.include?(key)
94
- key.gsub(Contrast::Utils::ObjectShare::UNDERSCORE,
95
- Contrast::Utils::ObjectShare::PERIOD).downcase
96
- else
97
- key.gsub(Contrast::Utils::ObjectShare::DOUBLE_UNDERSCORE,
98
- Contrast::Utils::ObjectShare::PERIOD).downcase
99
- end
100
- if effective_value.canonical_name
101
- effective_value.name =
102
- effective_value.canonical_name.gsub(Contrast::Utils::ObjectShare::CONTRAST_DOT,
103
- Contrast::Utils::ObjectShare::EMPTY_STRING)
104
- end
105
- effective_value.value = value_to_s(value)
106
- end
107
- environment_settings << efc_value if efc_value
108
- end
109
- environment_settings
110
- end
111
-
112
- # Recursively converts each value to string.
113
- #
114
- # @param value [Hash]
115
- def value_to_s value
116
- return value if value.cs__is_a?(String)
117
-
118
- value.each_with_object({}) do |(k, v), m| # rubocop:disable Style/HashTransformValues
119
- m[k] = if v.cs__is_a?(Hash)
120
- value_to_s(v)
121
- elsif v.cs__is_a?(Array)
122
- v.map(&:to_s)
123
- else
124
- v.to_s
125
- end
126
- end
127
- end
128
- end
129
- end
130
- end
131
- end
@@ -1,32 +0,0 @@
1
- # Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
2
- # frozen_string_literal: true
3
-
4
- module Contrast
5
- module Agent
6
- module DiagnosticsConfig
7
- # All In effect config values stored in a easy to write representation.
8
- class EffectiveConfigValue
9
- # @return [String] Name of the config starting form root of yaml config.
10
- attr_accessor :canonical_name
11
- # @return [String] Name of the config.
12
- attr_accessor :name
13
- # @return [String] Value set for the config.
14
- attr_accessor :value
15
- # @return [String] The source for the entry in the config.
16
- attr_accessor :source
17
- # @return [String,nil] The filename for the source of the config, if the source was "yaml".
18
- attr_accessor :filename
19
-
20
- def to_controlled_hash
21
- {
22
- canonical_name: canonical_name,
23
- name: name, # rubocop:disable Security/Module/Name
24
- value: value&.cs__is_a?(Array) ? value.map(&:to_s) : value.to_s,
25
- source: source,
26
- filename: filename
27
- }.compact
28
- end
29
- end
30
- end
31
- end
32
- end