From eecfc96a7058de0e955055e2d7782b42603b6e47 Mon Sep 17 00:00:00 2001 From: Anil Mahtani <929854+Anilm3@users.noreply.github.com> Date: Wed, 22 Nov 2023 15:17:26 +0000 Subject: [PATCH] [PHP] Support unified package --- utils/build/docker/php/apache-mod/build.sh | 5 +- .../docker/php/common/install_ddtrace.sh | 96 ++++++++++++------- 2 files changed, 65 insertions(+), 36 deletions(-) diff --git a/utils/build/docker/php/apache-mod/build.sh b/utils/build/docker/php/apache-mod/build.sh index 13080c5dc8..d2923839d1 100755 --- a/utils/build/docker/php/apache-mod/build.sh +++ b/utils/build/docker/php/apache-mod/build.sh @@ -52,4 +52,7 @@ sed -i s/80/7777/ /etc/apache2/ports.conf /install_ddtrace.sh 1 SYSTEM_TESTS_LIBRARY_VERSION=$(cat /binaries/SYSTEM_TESTS_LIBRARY_VERSION) -grep datadog.trace.request_init_hook /etc/php/98-ddtrace.ini >> /etc/php/php.ini + +if [[ -f "/etc/php/98-ddtrace.ini" ]]; then + grep datadog.trace.request_init_hook /etc/php/98-ddtrace.ini >> /etc/php/php.ini +fi diff --git a/utils/build/docker/php/common/install_ddtrace.sh b/utils/build/docker/php/common/install_ddtrace.sh index 3a820e1514..08278cb084 100755 --- a/utils/build/docker/php/common/install_ddtrace.sh +++ b/utils/build/docker/php/common/install_ddtrace.sh @@ -1,47 +1,68 @@ #!/bin/bash -set -eu +set -eux IS_APACHE=$1 -echo "Loading install script" -curl -Lf -o /tmp/dd-library-php-setup.php \ - https://raw.githubusercontent.com/DataDog/dd-appsec-php/installer/dd-library-php-setup.php - cd /binaries -BINARIES_APPSEC_N=$(find . -name 'dd-appsec-php-*.tar.gz' | wc -l) -BINARIES_TRACER_N=$(find . -name 'datadog-php-tracer*.tar.gz' | wc -l) -INSTALLER_ARGS=() -if [[ $BINARIES_APPSEC_N -eq 1 ]]; then - INSTALLER_ARGS+=(--appsec-file /binaries/dd-appsec-php-*.tar.gz) -elif [[ $BINARIES_APPSEC_N -gt 1 ]]; then - echo "Too many appsec packages in /binaries" >&2 - exit 1 -else - INSTALLER_ARGS+=(--appsec-version $APPSEC_VERSION) -fi +if [[ -f "datadog-setup.php" ]]; then + INSTALLER_ARGS=() -if [[ $BINARIES_TRACER_N -eq 1 ]]; then - INSTALLER_ARGS+=(--tracer-file /binaries/datadog-php-tracer*.tar.gz) -elif [[ $BINARIES_TRACER_N -gt 1 ]]; then - echo "Too many appsec packages in /binaries" >&2 - exit 1 -else - INSTALLER_ARGS+=(--tracer-version $TRACER_VERSION) -fi + BINARIES_COMBINED_N=$(find . -name 'dd-library-php-*-x86_64-linux-gnu.tar.gz' | wc -l) + if [[ $BINARIES_COMBINED_N -eq 1 ]]; then + INSTALLER_ARGS+=(--file dd-library-php-*-x86_64-linux-gnu.tar.gz) + elif [[ $BINARIES_COMBINED_N -gt 1 ]]; then + echo "Too many appsec packages in /binaries" >&2 + exit 1 + fi -echo "Install args are ${INSTALLER_ARGS[@]}" + echo "Install args are ${INSTALLER_ARGS[@]}" -export DD_APPSEC_ENABLED=0 -if [[ $IS_APACHE -eq 0 ]]; then - php /tmp/dd-library-php-setup.php \ - "${INSTALLER_ARGS[@]}"\ - --php-bin all + export DD_APPSEC_ENABLED=0 + if [[ $IS_APACHE -eq 0 ]]; then + php datadog-setup --php-bin all "${INSTALLER_ARGS[@]}" + else + PHP_INI_SCAN_DIR="/etc/php" php datadog-setup.php --php-bin all "${INSTALLER_ARGS[@]}" + fi else - PHP_INI_SCAN_DIR="/etc/php" php /tmp/dd-library-php-setup.php \ - "${INSTALLER_ARGS[@]}"\ - --php-bin all + echo "Loading install script" + curl -Lf -o /tmp/dd-library-php-setup.php \ + https://raw.githubusercontent.com/DataDog/dd-appsec-php/installer/dd-library-php-setup.php + + BINARIES_APPSEC_N=$(find . -name 'dd-appsec-php-*.tar.gz' | wc -l) + BINARIES_TRACER_N=$(find . -name 'datadog-php-tracer*.tar.gz' | wc -l) + INSTALLER_ARGS=() + if [[ $BINARIES_APPSEC_N -eq 1 ]]; then + INSTALLER_ARGS+=(--appsec-file /binaries/dd-appsec-php-*.tar.gz) + elif [[ $BINARIES_APPSEC_N -gt 1 ]]; then + echo "Too many appsec packages in /binaries" >&2 + exit 1 + else + INSTALLER_ARGS+=(--appsec-version $APPSEC_VERSION) + fi + + if [[ $BINARIES_TRACER_N -eq 1 ]]; then + INSTALLER_ARGS+=(--tracer-file /binaries/datadog-php-tracer*.tar.gz) + elif [[ $BINARIES_TRACER_N -gt 1 ]]; then + echo "Too many appsec packages in /binaries" >&2 + exit 1 + else + INSTALLER_ARGS+=(--tracer-version $TRACER_VERSION) + fi + + echo "Install args are ${INSTALLER_ARGS[@]}" + + export DD_APPSEC_ENABLED=0 + if [[ $IS_APACHE -eq 0 ]]; then + php /tmp/dd-library-php-setup.php \ + "${INSTALLER_ARGS[@]}"\ + --php-bin all + else + PHP_INI_SCAN_DIR="/etc/php" php /tmp/dd-library-php-setup.php \ + "${INSTALLER_ARGS[@]}"\ + --php-bin all + fi fi php -d error_reporting='' -d extension=ddtrace.so -d extension=ddappsec.so -r 'echo phpversion("ddtrace");' > \ @@ -52,8 +73,13 @@ php -d error_reporting='' -d extension=ddtrace.so -d extension=ddappsec.so -r 'e touch SYSTEM_TESTS_LIBDDWAF_VERSION -appsec_version=$(<./SYSTEM_TESTS_PHP_APPSEC_VERSION) -rule_file="/opt/datadog/dd-library/appsec-${appsec_version}/etc/dd-appsec/recommended.json" +library_version=$(<././SYSTEM_TESTS_LIBRARY_VERSION) +rule_file="/opt/datadog/dd-library/${library_version}/etc/recommended.json" +if [[ ! -f "${rule_file}" ]]; then + appsec_version=$(<./SYSTEM_TESTS_PHP_APPSEC_VERSION) + rule_file="/opt/datadog/dd-library/appsec-${appsec_version}/etc/dd-appsec/recommended.json" +fi + jq -r '.metadata.rules_version // "1.2.5"' "${rule_file}" > SYSTEM_TESTS_APPSEC_EVENT_RULES_VERSION find /opt -name ddappsec-helper -exec ln -s '{}' /usr/local/bin/ \;