Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[PHP] Support unified package #1862

Merged
merged 2 commits into from
Nov 23, 2023
Merged

[PHP] Support unified package #1862

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
eecfc96
[PHP] Support unified package
Anilm3 Nov 22, 2023
7023dbf
Merge branch 'main' into anilm3/support-unified-php-package
Anilm3 Nov 22, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 4 additions & 1 deletion utils/build/docker/php/apache-mod/build.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,4 +52,7 @@ sed -i s/80/7777/ /etc/apache2/ports.conf
/install_ddtrace.sh 1

SYSTEM_TESTS_LIBRARY_VERSION=$(cat /binaries/SYSTEM_TESTS_LIBRARY_VERSION)
grep datadog.trace.request_init_hook /etc/php/98-ddtrace.ini >> /etc/php/php.ini

if [[ -f "/etc/php/98-ddtrace.ini" ]]; then
grep datadog.trace.request_init_hook /etc/php/98-ddtrace.ini >> /etc/php/php.ini
fi
96 changes: 61 additions & 35 deletions utils/build/docker/php/common/install_ddtrace.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,47 +1,68 @@
#!/bin/bash

set -eu
set -eux

IS_APACHE=$1

echo "Loading install script"
curl -Lf -o /tmp/dd-library-php-setup.php \
https://raw.githubusercontent.com/DataDog/dd-appsec-php/installer/dd-library-php-setup.php

cd /binaries

BINARIES_APPSEC_N=$(find . -name 'dd-appsec-php-*.tar.gz' | wc -l)
BINARIES_TRACER_N=$(find . -name 'datadog-php-tracer*.tar.gz' | wc -l)
INSTALLER_ARGS=()
if [[ $BINARIES_APPSEC_N -eq 1 ]]; then
INSTALLER_ARGS+=(--appsec-file /binaries/dd-appsec-php-*.tar.gz)
elif [[ $BINARIES_APPSEC_N -gt 1 ]]; then
echo "Too many appsec packages in /binaries" >&2
exit 1
else
INSTALLER_ARGS+=(--appsec-version $APPSEC_VERSION)
fi
if [[ -f "datadog-setup.php" ]]; then
INSTALLER_ARGS=()

if [[ $BINARIES_TRACER_N -eq 1 ]]; then
INSTALLER_ARGS+=(--tracer-file /binaries/datadog-php-tracer*.tar.gz)
elif [[ $BINARIES_TRACER_N -gt 1 ]]; then
echo "Too many appsec packages in /binaries" >&2
exit 1
else
INSTALLER_ARGS+=(--tracer-version $TRACER_VERSION)
fi
BINARIES_COMBINED_N=$(find . -name 'dd-library-php-*-x86_64-linux-gnu.tar.gz' | wc -l)
if [[ $BINARIES_COMBINED_N -eq 1 ]]; then
INSTALLER_ARGS+=(--file dd-library-php-*-x86_64-linux-gnu.tar.gz)
elif [[ $BINARIES_COMBINED_N -gt 1 ]]; then
echo "Too many appsec packages in /binaries" >&2
exit 1
fi

echo "Install args are ${INSTALLER_ARGS[@]}"
echo "Install args are ${INSTALLER_ARGS[@]}"

export DD_APPSEC_ENABLED=0
if [[ $IS_APACHE -eq 0 ]]; then
php /tmp/dd-library-php-setup.php \
"${INSTALLER_ARGS[@]}"\
--php-bin all
export DD_APPSEC_ENABLED=0
if [[ $IS_APACHE -eq 0 ]]; then
php datadog-setup --php-bin all "${INSTALLER_ARGS[@]}"
else
PHP_INI_SCAN_DIR="/etc/php" php datadog-setup.php --php-bin all "${INSTALLER_ARGS[@]}"
fi
else
PHP_INI_SCAN_DIR="/etc/php" php /tmp/dd-library-php-setup.php \
"${INSTALLER_ARGS[@]}"\
--php-bin all
echo "Loading install script"
curl -Lf -o /tmp/dd-library-php-setup.php \
https://raw.githubusercontent.com/DataDog/dd-appsec-php/installer/dd-library-php-setup.php

BINARIES_APPSEC_N=$(find . -name 'dd-appsec-php-*.tar.gz' | wc -l)
BINARIES_TRACER_N=$(find . -name 'datadog-php-tracer*.tar.gz' | wc -l)
INSTALLER_ARGS=()
if [[ $BINARIES_APPSEC_N -eq 1 ]]; then
INSTALLER_ARGS+=(--appsec-file /binaries/dd-appsec-php-*.tar.gz)
elif [[ $BINARIES_APPSEC_N -gt 1 ]]; then
echo "Too many appsec packages in /binaries" >&2
exit 1
else
INSTALLER_ARGS+=(--appsec-version $APPSEC_VERSION)
fi

if [[ $BINARIES_TRACER_N -eq 1 ]]; then
INSTALLER_ARGS+=(--tracer-file /binaries/datadog-php-tracer*.tar.gz)
elif [[ $BINARIES_TRACER_N -gt 1 ]]; then
echo "Too many appsec packages in /binaries" >&2
exit 1
else
INSTALLER_ARGS+=(--tracer-version $TRACER_VERSION)
fi

echo "Install args are ${INSTALLER_ARGS[@]}"

export DD_APPSEC_ENABLED=0
if [[ $IS_APACHE -eq 0 ]]; then
php /tmp/dd-library-php-setup.php \
"${INSTALLER_ARGS[@]}"\
--php-bin all
else
PHP_INI_SCAN_DIR="/etc/php" php /tmp/dd-library-php-setup.php \
"${INSTALLER_ARGS[@]}"\
--php-bin all
fi
fi

php -d error_reporting='' -d extension=ddtrace.so -d extension=ddappsec.so -r 'echo phpversion("ddtrace");' > \
Expand All @@ -52,8 +73,13 @@ php -d error_reporting='' -d extension=ddtrace.so -d extension=ddappsec.so -r 'e

touch SYSTEM_TESTS_LIBDDWAF_VERSION

appsec_version=$(<./SYSTEM_TESTS_PHP_APPSEC_VERSION)
rule_file="/opt/datadog/dd-library/appsec-${appsec_version}/etc/dd-appsec/recommended.json"
library_version=$(<././SYSTEM_TESTS_LIBRARY_VERSION)
rule_file="/opt/datadog/dd-library/${library_version}/etc/recommended.json"
if [[ ! -f "${rule_file}" ]]; then
appsec_version=$(<./SYSTEM_TESTS_PHP_APPSEC_VERSION)
rule_file="/opt/datadog/dd-library/appsec-${appsec_version}/etc/dd-appsec/recommended.json"
fi

jq -r '.metadata.rules_version // "1.2.5"' "${rule_file}" > SYSTEM_TESTS_APPSEC_EVENT_RULES_VERSION

find /opt -name ddappsec-helper -exec ln -s '{}' /usr/local/bin/ \;
Expand Down