Merge pull request #4023 from DataDog/appsec-55378-extract-waf-context

[APPSEC-55378] Extract AppSec processor context into separate file

* Update AppSec processor and context RBS files

Author: Strech

Diff for: lib/datadog/appsec/processor.rb

@@ -4,73 +4,6 @@ module Datadog
   module AppSec
     # Processor integrates libddwaf into datadog/appsec
     class Processor
-      # Context manages a sequence of runs
-      class Context
-        attr_reader :time_ns, :time_ext_ns, :timeouts, :events
-
-        def initialize(processor)
-          @context = Datadog::AppSec::WAF::Context.new(processor.send(:handle))
-          @time_ns = 0.0
-          @time_ext_ns = 0.0
-          @timeouts = 0
-          @events = []
-          @run_mutex = Mutex.new
-        end
-
-        def run(input, timeout = WAF::LibDDWAF::DDWAF_RUN_TIMEOUT)
-          @run_mutex.lock
-
-          start_ns = Core::Utils::Time.get_time(:nanosecond)
-
-          input.reject! do |_, v|
-            case v
-            when TrueClass, FalseClass
-              false
-            else
-              v.nil? ? true : v.empty?
-            end
-          end
-
-          _code, res = @context.run(input, timeout)
-
-          stop_ns = Core::Utils::Time.get_time(:nanosecond)
-
-          # these updates are not thread safe and should be protected
-          @time_ns += res.total_runtime
-          @time_ext_ns += (stop_ns - start_ns)
-          @timeouts += 1 if res.timeout
-
-          res
-        ensure
-          @run_mutex.unlock
-        end
-
-        def extract_schema
-          return unless extract_schema?
-
-          input = {
-            'waf.context.processor' => {
-              'extract-schema' => true
-            }
-          }
-
-          _code, res = @context.run(input, WAF::LibDDWAF::DDWAF_RUN_TIMEOUT)
-
-          res
-        end
-
-        def finalize
-          @context.finalize
-        end
-
-        private
-
-        def extract_schema?
-          Datadog.configuration.appsec.api_security.enabled &&
-            Datadog.configuration.appsec.api_security.sample_rate.sample?
-        end
-      end
-
       attr_reader :diagnostics, :addresses
 
       def initialize(ruleset:, telemetry:)

Diff for: lib/datadog/appsec/processor/context.rb

@@ -0,0 +1,74 @@
+# frozen_string_literal: true
+
+module Datadog
+  module AppSec
+    class Processor
+      # Context manages a sequence of runs
+      class Context
+        attr_reader :time_ns, :time_ext_ns, :timeouts, :events
+
+        def initialize(processor)
+          @context = Datadog::AppSec::WAF::Context.new(processor.send(:handle))
+          @time_ns = 0.0
+          @time_ext_ns = 0.0
+          @timeouts = 0
+          @events = []
+          @run_mutex = Mutex.new
+        end
+
+        def run(input, timeout = WAF::LibDDWAF::DDWAF_RUN_TIMEOUT)
+          @run_mutex.lock
+
+          start_ns = Core::Utils::Time.get_time(:nanosecond)
+
+          input.reject! do |_, v|
+            case v
+            when TrueClass, FalseClass
+              false
+            else
+              v.nil? ? true : v.empty?
+            end
+          end
+
+          _code, res = @context.run(input, timeout)
+
+          stop_ns = Core::Utils::Time.get_time(:nanosecond)
+
+          # these updates are not thread safe and should be protected
+          @time_ns += res.total_runtime
+          @time_ext_ns += (stop_ns - start_ns)
+          @timeouts += 1 if res.timeout
+
+          res
+        ensure
+          @run_mutex.unlock
+        end
+
+        def extract_schema
+          return unless extract_schema?
+
+          input = {
+            'waf.context.processor' => {
+              'extract-schema' => true
+            }
+          }
+
+          _code, res = @context.run(input, WAF::LibDDWAF::DDWAF_RUN_TIMEOUT)
+
+          res
+        end
+
+        def finalize
+          @context.finalize
+        end
+
+        private
+
+        def extract_schema?
+          Datadog.configuration.appsec.api_security.enabled &&
+            Datadog.configuration.appsec.api_security.sample_rate.sample?
+        end
+      end
+    end
+  end
+end

Diff for: lib/datadog/appsec/scope.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-require_relative 'processor'
+require_relative 'processor/context'
 
 module Datadog
   module AppSec

Diff for: sig/datadog/appsec/processor.rbs

@@ -1,40 +1,18 @@
 module Datadog
   module AppSec
     class Processor
-      class Context
-        type event = untyped
-        type data = WAF::data
-
-        attr_reader time_ns: ::Float
-        attr_reader time_ext_ns: ::Float
-        attr_reader timeouts: ::Integer
-        attr_reader events: ::Array[event]
-
-        @context: WAF::Context
-
-        @run_mutex: ::Thread::Mutex
-
-        def initialize: (Processor processor) -> void
-        def run: (Hash[untyped, untyped] input, ?::Integer timeout) -> WAF::Result
-        def extract_schema: () -> WAF::Result?
-        def finalize: () -> void
-
-        private
-        def extract_schema?: () -> bool
-      end
-
       def self.active_context: () -> Context
 
       private
 
-      attr_reader diagnostics: untyped
-      attr_reader addresses: untyped
+      attr_reader diagnostics: WAF::LibDDWAF::Object?
+      attr_reader addresses: ::Array[::String]
 
       @handle: WAF::Handle
       @ruleset: ::Hash[::String, untyped]
       @addresses: ::Array[::String]
 
-      def initialize: (ruleset: ::Hash[untyped, untyped], telemetry: Datadog::Core::Telemetry::Component) -> void
+      def initialize: (ruleset: ::Hash[untyped, untyped], telemetry: Core::Telemetry::Component) -> void
       def ready?: () -> bool
       def finalize: () -> void
 
@@ -44,7 +22,7 @@ module Datadog
 
       def require_libddwaf: () -> bool
       def libddwaf_provides_waf?: () -> bool
-      def create_waf_handle: (Datadog::Core::Configuration::Settings::_AppSec settings, ::Hash[String, untyped] ruleset) -> bool
+      def create_waf_handle: (Core::Configuration::Settings::_AppSec settings, ::Hash[String, untyped] ruleset) -> bool
       def libddwaf_platform: () -> ::String
       def ruby_platforms: () -> ::Array[::String]
     end

Diff for: sig/datadog/appsec/processor/context.rbs

@@ -0,0 +1,27 @@
+module Datadog
+  module AppSec
+    class Processor
+      class Context
+        type event = untyped
+        type data = WAF::data
+
+        attr_reader time_ns: ::Float
+        attr_reader time_ext_ns: ::Float
+        attr_reader timeouts: ::Integer
+        attr_reader events: ::Array[event]
+
+        @context: WAF::Context
+
+        @run_mutex: ::Thread::Mutex
+
+        def initialize: (Processor processor) -> void
+        def run: (Hash[untyped, untyped] input, ?::Integer timeout) -> WAF::Result
+        def extract_schema: () -> WAF::Result?
+        def finalize: () -> void
+
+        private
+        def extract_schema?: () -> bool
+      end
+    end
+  end
+end