Update appsec rules from Remote Config (#2654)

* Add rules update and refactor whole waf

* move appsec channels file

* Add changes to work with libddwaf update method and support more RC properties

* update waf bindings to 3.1.0

* simplify reporter

* remove unnecesary virtual addresses

* cleanup outdated comment

* simplify incomingHttpStartHandler

* simplify waf_manager.js

* add pre update hook to RC manager

* update rc manager

* batch all waf update RC subscriptions

* put apply_states codes in a constant file

* inline function

* add update to waf manager

* completely rework RC waf updates

* renamed a few things in tests

* fix dc path

* fix webpack not parsing class fields

* lazy load everything

* fix unapply configs not being emitted

---------

Co-authored-by: simon-id <[email protected]>
Co-authored-by: Julio Gonzalez <[email protected]>

package.json

@@ -65,7 +65,7 @@
     "node": ">=14"
   },
   "dependencies": {
-    "@datadog/native-appsec": "2.0.0",
+    "@datadog/native-appsec": "^3.1.0",
     "@datadog/native-iast-rewriter": "2.0.1",
     "@datadog/native-iast-taint-tracking": "^1.4.0",
     "@datadog/native-metrics": "^1.6.0",

packages/datadog-plugin-http/src/server.js

@@ -3,7 +3,7 @@
 const Plugin = require('../../dd-trace/src/plugins/plugin')
 const { storage } = require('../../datadog-core')
 const web = require('../../dd-trace/src/plugins/util/web')
-const { incomingHttpRequestStart, incomingHttpRequestEnd } = require('../../dd-trace/src/appsec/gateway/channels')
+const { incomingHttpRequestStart, incomingHttpRequestEnd } = require('../../dd-trace/src/appsec/channels')
 const { COMPONENT } = require('../../dd-trace/src/constants')
 
 class HttpServerPlugin extends Plugin {

packages/datadog-plugin-http/test/server.spec.js

@@ -1,9 +1,10 @@
 'use strict'
+
 const { AbortController } = require('node-abort-controller') // AbortController is not available in node <15
 const getPort = require('get-port')
 const agent = require('../../dd-trace/test/plugins/agent')
 const axios = require('axios')
-const { incomingHttpRequestStart } = require('../../dd-trace/src/appsec/gateway/channels')
+const { incomingHttpRequestStart } = require('../../dd-trace/src/appsec/channels')
 
 describe('Plugin', () => {
   let http
@@ -117,7 +118,7 @@ describe('Plugin', () => {
       })
 
       it('should run the request listener in the request scope', done => {
-        const spy = sinon.spy((...args) => {
+        const spy = sinon.spy(() => {
           expect(tracer.scope().active()).to.not.be.null
         })
 

packages/datadog-plugin-http2/src/server.js

@@ -5,7 +5,7 @@
 const Plugin = require('../../dd-trace/src/plugins/plugin')
 const { storage } = require('../../datadog-core')
 const web = require('../../dd-trace/src/plugins/util/web')
-const { incomingHttpRequestStart } = require('../../dd-trace/src/appsec/gateway/channels')
+const { incomingHttpRequestStart } = require('../../dd-trace/src/appsec/channels')
 const { COMPONENT } = require('../../dd-trace/src/constants')
 
 class Http2ServerPlugin extends Plugin {

packages/datadog-plugin-http2/test/server.spec.js

@@ -3,7 +3,7 @@
 const { EventEmitter } = require('events')
 const getPort = require('get-port')
 const agent = require('../../dd-trace/test/plugins/agent')
-const { incomingHttpRequestStart } = require('../../dd-trace/src/appsec/gateway/channels')
+const { incomingHttpRequestStart } = require('../../dd-trace/src/appsec/channels')
 
 class MockAbortController {
   constructor () {

packages/dd-trace/src/appsec/addresses.js

@@ -7,14 +7,11 @@ module.exports = {
   // TODO: 'server.request.trailers',
   HTTP_INCOMING_URL: 'server.request.uri.raw',
   HTTP_INCOMING_METHOD: 'server.request.method',
-  HTTP_INCOMING_ENDPOINT: 'server.request.framework_endpoint',
   HTTP_INCOMING_PARAMS: 'server.request.path_params',
   HTTP_INCOMING_COOKIES: 'server.request.cookies',
   HTTP_INCOMING_RESPONSE_CODE: 'server.response.status',
   HTTP_INCOMING_RESPONSE_HEADERS: 'server.response.headers.no_cookies',
   // TODO: 'server.response.trailers',
-  HTTP_INCOMING_REMOTE_IP: 'server.request.client_ip',
-  HTTP_INCOMING_REMOTE_PORT: 'server.request.client_port',
 
   HTTP_CLIENT_IP: 'http.client_ip',
 

packages/dd-trace/src/appsec/gateway/channels.js → packages/dd-trace/src/appsec/channels.js

@@ -1,10 +1,8 @@
 'use strict'
 
-const dc = require('../../../../diagnostics_channel')
+const dc = require('../../../diagnostics_channel')
 
 // TODO: use TBD naming convention
-//       or directly use http plugin's channels
-//       when it gets converted to new plugin system
 module.exports = {
   incomingHttpRequestStart: dc.channel('dd-trace:incomingHttpRequestStart'),
   incomingHttpRequestEnd: dc.channel('dd-trace:incomingHttpRequestEnd')