APMRP-360 flag cold cases (#3085)

DataDog · Sep 20, 2024 · 9039609 · 9039609
1 parent 9857349
commit 9039609
Show file tree

Hide file tree

Showing 7 changed files with 9 additions and 22 deletions.
diff --git a/pyproject.toml b/pyproject.toml
@@ -57,27 +57,19 @@ allow_no_jira_ticket_for_bugs = [
     "tests/appsec/iast/source/test_parameter_name.py::TestParameterName.test_source_post_reported",
     "tests/appsec/iast/source/test_parameter_name.py::TestParameterName.test_source_reported",
     "tests/appsec/iast/source/test_parameter_value.py::TestParameterValue.test_source_post_reported",
-    "tests/appsec/test_alpha.py::Test_Basic.test_headers",
     "tests/appsec/test_asm_standalone.py::Test_AppSecStandalone_UpstreamPropagation.test_any_upstream_propagation__with_attack__raises_priority_to_2__from_0",
     "tests/appsec/test_asm_standalone.py::Test_AppSecStandalone_UpstreamPropagation.test_any_upstream_propagation__with_attack__raises_priority_to_2__from_1",
     "tests/appsec/test_asm_standalone.py::Test_AppSecStandalone_UpstreamPropagation.test_any_upstream_propagation__with_attack__raises_priority_to_2__from_minus_1",
     "tests/appsec/test_asm_standalone.py::Test_AppSecStandalone_UpstreamPropagation.test_no_upstream_appsec_propagation__with_attack__is_kept_with_priority_2__from_0",
     "tests/appsec/test_asm_standalone.py::Test_AppSecStandalone_UpstreamPropagation.test_no_upstream_appsec_propagation__with_attack__is_kept_with_priority_2__from_minus_1",
     "tests/appsec/test_blocking_addresses.py::Test_Blocking_request_method.test_blocking_before",
     "tests/appsec/test_rate_limiter.py::Test_Main.test_main",
-    "tests/appsec/test_reports.py::Test_Info",
-    "tests/appsec/test_reports.py::Test_RequestHeaders",
-    "tests/appsec/test_reports.py::Test_StatusCode",
-    "tests/appsec/test_runtime_activation.py::Test_RuntimeActivation",
     "tests/appsec/test_shell_execution.py::Test_ShellExecution.test_truncate_1st_argument",
     "tests/appsec/test_shell_execution.py::Test_ShellExecution.test_truncate_blank_2nd_argument",
     "tests/appsec/test_traces.py::Test_AppSecEventSpanTags.test_header_collection",
-    "tests/appsec/test_traces.py::Test_RetainTraces",
     "tests/appsec/test_user_blocking_full_denylist.py::Test_UserBlocking_FullDenylist.test_blocking_test",
-    "tests/appsec/waf/test_addresses.py::Test_BodyUrlEncoded",
     "tests/appsec/waf/test_addresses.py::Test_BodyXml.test_xml_attr_value",
     "tests/appsec/waf/test_addresses.py::Test_BodyXml.test_xml_content",
-    "tests/appsec/waf/test_miscs.py::Test_404",
     "tests/appsec/waf/test_rules.py::Test_SQLI.test_sqli3",
     "tests/auto_inject/test_auto_inject_install.py::TestContainerAutoInjectInstallScript.test_install",
     "tests/auto_inject/test_auto_inject_install.py::TestInstallerAutoInjectManual.test_install_uninstall",

diff --git a/tests/appsec/test_alpha.py b/tests/appsec/test_alpha.py
@@ -22,7 +22,7 @@ def setup_headers(self):
         self.r_headers_1 = weblog.get("/waf/", headers={"MyHeader": "../../../secret.txt"})
         self.r_headers_2 = weblog.get("/waf/", headers={"User-Agent": "Arachni/v1"})
 
-    @bug(context.library == "python@1.1.0", reason="a PR was not included in the release")
+    @bug(context.library == "python@1.1.0", reason="APMRP-360")
     def test_headers(self):
         """ Via server.request.headers.no_cookies """
         # Note: we do not check the returned key_path nor rule_id for the alpha version

diff --git a/tests/appsec/test_reports.py b/tests/appsec/test_reports.py
@@ -1,14 +1,10 @@
 # Unless explicitly stated otherwise all files in this repository are licensed under the the Apache License Version 2.0.
 # This product includes software developed at Datadog (https://www.datadoghq.com/).
 # Copyright 2021 Datadog, Inc.
-
-import socket
-
-
 from utils import weblog, context, interfaces, bug, missing_feature, rfc, features
 
 
-@bug(context.library == "python@1.1.0", reason="a PR was not included in the release")
+@bug(context.library == "python@1.1.0", reason="APMRP-360")
 @features.security_events_metadata
 class Test_StatusCode:
     """Appsec reports good status code"""
@@ -38,7 +34,7 @@ def check_http_code(span, appsec_data):
         interfaces.library.validate_appsec(self.r, validator=check_http_code, legacy_validator=check_http_code_legacy)
 
 
-@bug(context.library == "python@1.1.0", reason="a PR was not included in the release")
+@bug(context.library == "python@1.1.0", reason="APMRP-360")
 @features.security_events_metadata
 class Test_Info:
     """Environment (production, staging) from DD_ENV variable"""
@@ -70,7 +66,7 @@ def _check_service(span, appsec_data):
 
 @rfc("https://datadoghq.atlassian.net/wiki/spaces/APS/pages/2186870984/HTTP+header+collection")
 @missing_feature(context.library == "ruby" and context.libddwaf_version is None)
-@bug(context.library == "python@1.1.0", reason="a PR was not included in the release")
+@bug(context.library == "python@1.1.0", reason="APMRP-360")
 @features.security_events_metadata
 class Test_RequestHeaders:
     """Request Headers for IP resolution"""

diff --git a/tests/appsec/test_runtime_activation.py b/tests/appsec/test_runtime_activation.py
@@ -25,10 +25,9 @@ def _send_config(config):
 
 @scenarios.appsec_runtime_activation
 @bug(
-    context.library < "java@1.8.0" and context.appsec_rules_file is not None,
-    reason="ASM_FEATURES was not subscribed when a custom rules file was present",
+    context.library < "java@1.8.0" and context.appsec_rules_file is not None, reason="APMRP-360",
 )
-@bug(context.library == "java@1.6.0", reason="https://github.com/DataDog/dd-trace-java/pull/4614")
+@bug(context.library == "java@1.6.0", reason="APMRP-360")
 @features.changing_rules_using_rc
 class Test_RuntimeActivation:
     """A library should block requests after AppSec is activated via remote config."""

diff --git a/tests/appsec/test_traces.py b/tests/appsec/test_traces.py
@@ -10,7 +10,7 @@
 RUNTIME_FAMILIES = ["nodejs", "ruby", "jvm", "dotnet", "go", "php", "python"]
 
 
-@bug(context.library == "python@1.1.0", reason="a PR was not included in the release")
+@bug(context.library == "python@1.1.0", reason="APMRP-360")
 @features.security_events_metadata
 class Test_RetainTraces:
     """Retain trace (manual keep & appsec.event = true)"""

diff --git a/tests/appsec/waf/test_addresses.py b/tests/appsec/waf/test_addresses.py
@@ -245,7 +245,7 @@ def test_raw_body(self):
         interfaces.library.assert_waf_attack(self.r, address="server.request.body.raw")
 
 
-@bug(context.library == "nodejs@2.8.0", reason="Capability to read body content is broken")
+@bug(context.library == "nodejs@2.8.0", reason="APMRP-360")
 @features.appsec_request_blocking
 class Test_BodyUrlEncoded:
     """Appsec supports <url encoded body>"""

diff --git a/tests/appsec/waf/test_miscs.py b/tests/appsec/waf/test_miscs.py
@@ -5,7 +5,7 @@
 from utils import context, weblog, interfaces, bug, scenarios, features, waf_rules
 
 
-@bug(context.library == "python@1.1.0", reason="a PR was not included in the release")
+@bug(context.library == "python@1.1.0", reason="APMRP-360")
 @features.appsec_response_blocking
 class Test_404:
     """Appsec WAF misc tests"""