Merge branch 'main' into tobz/add-hamr-support-logs

DataDog · Mar 13, 2024 · df4621f · df4621f
2 parents 41bd69e + f9ae7f4
commit df4621f
Show file tree

Hide file tree

Showing 57 changed files with 769 additions and 290 deletions.
diff --git a/.gitlab/JOBOWNERS b/.gitlab/JOBOWNERS
@@ -70,7 +70,6 @@ kitchen_*_system_probe*                        @DataDog/ebpf-platform
 kitchen_*_system_probe_windows*                @DataDog/windows-kernel-integrations
 kitchen_*_security_agent*                      @DataDog/agent-security
 kitchen_*_process_agent*                       @DataDog/processes
-pull_test_dockers*                             @DataDog/universal-service-monitoring
 cleanup_kitchen_functional_test                @DataDog/ebpf-platform @DataDog/agent-security
 serverless_cold_start_performance-deb_x64      @DataDog/serverless
 
@@ -88,16 +87,22 @@ new-e2e-language-detection*       @DataDog/processes
 new-e2e-process*                  @DataDog/processes
 new-e2e-agent-platform*           @DataDog/agent-platform
 new-e2e-aml*                      @DataDog/agent-metrics-logs
+new-e2e-apm*                      @DataDog/agent-apm
 new-e2e-npm*                      @DataDog/Networks
 new-e2e-cws*                      @DataDog/agent-security
 new-e2e-windows-agent*            @DataDog/windows-agent
 new-e2e-orchestrator*             @DataDog/container-app
 e2e_pre_test*                     @DataDog/agent-platform
 new-e2e-remote-config*            @DataDog/remote-config
+new-e2e-updater*                  @DataDog/fleet
 
-# Kernel version testing
-package_dependencies*             @DataDog/ebpf-platform
+# Kernel matrix testing
+upload_dependencies*              @DataDog/ebpf-platform
+upload_minimized_btfs*            @DataDog/ebpf-platform
 kernel_matrix_testing*            @DataDog/ebpf-platform
+upload_security_agent_tests*      @DataDog/ebpf-platform
+upload_system_probe_tests*        @DataDog/ebpf-platform
+pull_test_dockers*                @DataDog/universal-service-monitoring
 
 # Single machine performance
 single_machine_performance*       @DataDog/single-machine-performance

diff --git a/cmd/agent/gui/checks_test.go b/cmd/agent/gui/checks_test.go
@@ -14,7 +14,7 @@ import (
 
 func TestReadConfDir(t *testing.T) {
 	files, err := readConfDir("testdata")
-	assert.Nil(t, err)
+	assert.NoError(t, err)
 
 	sort.Strings(files)
 	expected := []string{
@@ -32,7 +32,7 @@ func TestReadConfDir(t *testing.T) {
 
 func TestConfigsInPath(t *testing.T) {
 	files, err := getConfigsInPath("testdata")
-	assert.Nil(t, err)
+	assert.NoError(t, err)
 
 	sort.Strings(files)
 	expected := []string{

diff --git a/cmd/agent/subcommands/integrations/integrations_test.go b/cmd/agent/subcommands/integrations/integrations_test.go
@@ -56,7 +56,7 @@ func TestMoveConfigurationsFilesProfiles(t *testing.T) {
 
 	moveConfigurationFiles(srcFolder, dstFolder)
 	_, err = os.Stat(filepath.Join(dstFolder, "profiles", "device.yaml"))
-	assert.Nil(t, err)
+	assert.NoError(t, err)
 }
 
 func TestGetVersionFromReqLine(t *testing.T) {
@@ -97,7 +97,7 @@ func TestValidateArgs(t *testing.T) {
 	assert.NotNil(t, err)
 	args = []string{"datadog-foo"}
 	err = validateArgs(args, false)
-	assert.Nil(t, err)
+	assert.NoError(t, err)
 }
 
 func TestValidateRequirement(t *testing.T) {

diff --git a/cmd/cws-instrumentation/subcommands/tracecmd/trace.go b/cmd/cws-instrumentation/subcommands/tracecmd/trace.go
@@ -9,7 +9,9 @@
 package tracecmd
 
 import (
+	"fmt"
 	"os"
+	"time"
 
 	"github.com/spf13/cobra"
 
@@ -19,8 +21,12 @@ import (
 )
 
 const (
-	// envDisableStats defines the environ variable to set to disable aviodable stats
+	// envDisableStats defines the environment variable to set to disable avoidable stats
 	envDisableStats = "DD_CWS_INSTRUMENTATION_DISABLE_STATS"
+	// envDisableProcScan defines the environment variable to disable procfs scan
+	envDisableProcScan = "DD_CWS_INSTRUMENTATION_DISABLE_PROC_SCAN"
+	// envProcScanRate defines the rate of the prodfs scan
+	envProcScanRate = "DD_CWS_INSTRUMENTATION_PROC_SCAN_RATE"
 )
 
 const (
@@ -36,15 +42,21 @@ const (
 	async = "async"
 	// disableStats -if set- disable the avoidable use of stats to fill more files properties
 	disableStats = "disable-stats"
+	// disableProcScan disable the procfs scan
+	disableProcScan = "disable-proc-scan"
+	// scanProcEvery procfs scan rate
+	scanProcEvery = "proc-scan-rate"
 )
 
 type traceCliParams struct {
-	ProbeAddr    string
-	Verbose      bool
-	UID          int32
-	GID          int32
-	Async        bool
-	DisableStats bool
+	ProbeAddr       string
+	Verbose         bool
+	UID             int32
+	GID             int32
+	Async           bool
+	DisableStats    bool
+	DisableProcScan bool
+	ScanProcEvery   string
 }
 
 // Command returns the commands for the trace subcommand
@@ -64,7 +76,24 @@ func Command() []*cobra.Command {
 				gid := uint32(params.GID)
 				creds.GID = &gid
 			}
-			return ptracer.StartCWSPtracer(args, os.Environ(), params.ProbeAddr, creds, params.Verbose, params.Async, params.DisableStats)
+
+			opts := ptracer.Opts{
+				Creds:           creds,
+				Verbose:         params.Verbose,
+				Async:           params.Async,
+				DisableStats:    params.DisableStats,
+				DisableProcScan: params.DisableProcScan,
+			}
+
+			if params.ScanProcEvery != "" {
+				every, err := time.ParseDuration(params.ScanProcEvery)
+				if err != nil {
+					fmt.Fprintf(os.Stderr, "invalid scan proc rate duration `%s`: %s", params.ScanProcEvery, err)
+				}
+				opts.ScanProcEvery = every
+			}
+
+			return ptracer.StartCWSPtracer(args, os.Environ(), params.ProbeAddr, opts)
 		},
 	}
 
@@ -73,11 +102,9 @@ func Command() []*cobra.Command {
 	traceCmd.Flags().Int32Var(&params.UID, uid, -1, "uid used to start the tracee")
 	traceCmd.Flags().Int32Var(&params.GID, gid, -1, "gid used to start the tracee")
 	traceCmd.Flags().BoolVar(&params.Async, async, false, "enable async GRPC connection")
-	if os.Getenv(envDisableStats) != "" {
-		params.DisableStats = true
-	} else {
-		traceCmd.Flags().BoolVar(&params.DisableStats, disableStats, false, "disable use of stats")
-	}
+	traceCmd.Flags().BoolVar(&params.DisableStats, disableStats, os.Getenv(envDisableStats) != "", "disable use of stats")
+	traceCmd.Flags().BoolVar(&params.DisableProcScan, disableProcScan, os.Getenv(envDisableProcScan) != "", "disable proc scan")
+	traceCmd.Flags().StringVar(&params.ScanProcEvery, scanProcEvery, os.Getenv(envProcScanRate), "proc scan rate")
 
 	traceCmd.AddCommand(selftestscmd.Command()...)
 

diff --git a/comp/core/flare/helpers/send_flare_test.go b/comp/core/flare/helpers/send_flare_test.go
@@ -53,7 +53,7 @@ func TestFlareHasRightForm(t *testing.T) {
 					w.Header().Set("Content-Type", "application/json")
 					lastRequest = r
 					err := lastRequest.ParseMultipartForm(1000000)
-					assert.Nil(t, err)
+					assert.NoError(t, err)
 					io.WriteString(w, "{}")
 				} else {
 					w.WriteHeader(500)
@@ -94,7 +94,7 @@ func TestFlareHasRightForm(t *testing.T) {
 					" via redirects: 503 Service Unavailable"
 				assert.Equal(t, expectedErrorMessage, err.Error())
 			} else {
-				assert.Nil(t, err)
+				assert.NoError(t, err)
 				av, _ := version.Agent()
 
 				assert.Equal(t, caseID, lastRequest.FormValue("case_id"))

diff --git a/comp/core/secrets/secretsimpl/check_rights_nix_test.go b/comp/core/secrets/secretsimpl/check_rights_nix_test.go
@@ -30,7 +30,7 @@ func TestWrongPath(t *testing.T) {
 
 func TestGroupOtherRights(t *testing.T) {
 	tmpfile, err := os.CreateTemp("", "agent-collector-test")
-	require.Nil(t, err)
+	require.NoError(t, err)
 	defer os.Remove(tmpfile.Name())
 
 	allowGroupExec := false

diff --git a/comp/core/secrets/secretsimpl/check_rights_windows_test.go b/comp/core/secrets/secretsimpl/check_rights_windows_test.go
@@ -38,10 +38,10 @@ func TestWrongPath(t *testing.T) {
 
 func TestSpaceInPath(t *testing.T) {
 	tmpDir, err := os.MkdirTemp("", "super temp")
-	require.Nil(t, err)
+	require.NoError(t, err)
 	defer os.Remove(tmpDir)
 	tmpFile, err := os.CreateTemp(tmpDir, "agent-collector-test")
-	require.Nil(t, err)
+	require.NoError(t, err)
 	defer os.Remove(tmpFile.Name())
 	require.Nil(t, os.Chmod(tmpFile.Name(), 0700))
 	require.Nil(t, checkRights(tmpFile.Name(), false))
@@ -54,7 +54,7 @@ func TestCheckRightsDoesNotExists(t *testing.T) {
 
 func TestCheckRightsMissingCurrentUser(t *testing.T) {
 	tmpfile, err := os.CreateTemp("", "agent-collector-test")
-	require.Nil(t, err)
+	require.NoError(t, err)
 	defer os.Remove(tmpfile.Name())
 
 	err = exec.Command("powershell", "test/setAcl.ps1",
@@ -69,7 +69,7 @@ func TestCheckRightsMissingCurrentUser(t *testing.T) {
 
 func TestCheckRightsMissingLocalSystem(t *testing.T) {
 	tmpfile, err := os.CreateTemp("", "agent-collector-test")
-	require.Nil(t, err)
+	require.NoError(t, err)
 	defer os.Remove(tmpfile.Name())
 
 	err = exec.Command("powershell", "test/setAcl.ps1",
@@ -84,7 +84,7 @@ func TestCheckRightsMissingLocalSystem(t *testing.T) {
 
 func TestCheckRightsMissingAdministrator(t *testing.T) {
 	tmpfile, err := os.CreateTemp("", "agent-collector-test")
-	require.Nil(t, err)
+	require.NoError(t, err)
 	defer os.Remove(tmpfile.Name())
 
 	err = exec.Command("powershell", "test/setAcl.ps1",
@@ -100,7 +100,7 @@ func TestCheckRightsMissingAdministrator(t *testing.T) {
 func TestCheckRightsExtraRights(t *testing.T) {
 	// extra rights for someone else
 	tmpfile, err := os.CreateTemp("", "agent-collector-test")
-	require.Nil(t, err)
+	require.NoError(t, err)
 	defer os.Remove(tmpfile.Name())
 
 	err = exec.Command("powershell", "test/setAcl.ps1",
@@ -116,7 +116,7 @@ func TestCheckRightsExtraRights(t *testing.T) {
 func TestCheckRightsMissingAdmingAndLocal(t *testing.T) {
 	// missing localSystem or Administrator
 	tmpfile, err := os.CreateTemp("", "agent-collector-test")
-	require.Nil(t, err)
+	require.NoError(t, err)
 	defer os.Remove(tmpfile.Name())
 
 	err = exec.Command("powershell", "test/setAcl.ps1",

diff --git a/comp/forwarder/defaultforwarder/domain_forwarder_test.go b/comp/forwarder/defaultforwarder/domain_forwarder_test.go
@@ -49,7 +49,7 @@ func TestDomainForwarderStart(t *testing.T) {
 	forwarder := newDomainForwarderForTest(mockConfig, log, 0, false)
 	err := forwarder.Start()
 
-	assert.Nil(t, err)
+	assert.NoError(t, err)
 	requireLenForwarderRetryQueue(t, forwarder, 0)
 	require.Len(t, forwarder.workers, 1)
 	assert.Equal(t, Started, forwarder.State())

diff --git a/comp/forwarder/defaultforwarder/forwarder_test.go b/comp/forwarder/defaultforwarder/forwarder_test.go
@@ -88,7 +88,7 @@ func TestStart(t *testing.T) {
 	err := forwarder.Start()
 	defer forwarder.Stop()
 
-	assert.Nil(t, err)
+	assert.NoError(t, err)
 	assert.Equal(t, Started, forwarder.State())
 	require.Len(t, forwarder.domainForwarders, 1)
 	require.NotNil(t, forwarder.healthChecker)
@@ -316,7 +316,7 @@ func TestSendHTTPTransactions(t *testing.T) {
 	forwarder.Start()
 	defer forwarder.Stop()
 	err = forwarder.sendHTTPTransactions(tr)
-	assert.Nil(t, err)
+	assert.NoError(t, err)
 }
 
 func TestSubmitV1Intake(t *testing.T) {

diff --git a/comp/forwarder/defaultforwarder/transaction/transaction_test.go b/comp/forwarder/defaultforwarder/transaction/transaction_test.go
@@ -56,7 +56,7 @@ func TestProcess(t *testing.T) {
 	mockConfig := pkgconfigmodel.NewConfig("test", "DD", strings.NewReplacer(".", "_"))
 	log := fxutil.Test[log.Component](t, logimpl.MockModule())
 	err := transaction.Process(context.Background(), mockConfig, log, client)
-	assert.Nil(t, err)
+	assert.NoError(t, err)
 }
 
 func TestProcessInvalidDomain(t *testing.T) {
@@ -71,7 +71,7 @@ func TestProcessInvalidDomain(t *testing.T) {
 	mockConfig := pkgconfigmodel.NewConfig("test", "DD", strings.NewReplacer(".", "_"))
 	log := fxutil.Test[log.Component](t, logimpl.MockModule())
 	err := transaction.Process(context.Background(), mockConfig, log, client)
-	assert.Nil(t, err)
+	assert.NoError(t, err)
 }
 
 func TestProcessNetworkError(t *testing.T) {
@@ -113,16 +113,16 @@ func TestProcessHTTPError(t *testing.T) {
 
 	errorCode = http.StatusBadRequest
 	err = transaction.Process(context.Background(), mockConfig, log, client)
-	assert.Nil(t, err)
+	assert.NoError(t, err)
 
 	errorCode = http.StatusRequestEntityTooLarge
 	err = transaction.Process(context.Background(), mockConfig, log, client)
-	assert.Nil(t, err)
+	assert.NoError(t, err)
 	assert.Equal(t, transaction.ErrorCount, 1)
 
 	errorCode = http.StatusForbidden
 	err = transaction.Process(context.Background(), mockConfig, log, client)
-	assert.Nil(t, err)
+	assert.NoError(t, err)
 	assert.Equal(t, transaction.ErrorCount, 1)
 }
 
@@ -140,7 +140,7 @@ func TestProcessCancel(t *testing.T) {
 	mockConfig := pkgconfigmodel.NewConfig("test", "DD", strings.NewReplacer(".", "_"))
 	log := fxutil.Test[log.Component](t, logimpl.MockModule())
 	err := transaction.Process(ctx, mockConfig, log, client)
-	assert.Nil(t, err)
+	assert.NoError(t, err)
 }
 
 func Test_truncateBodyForLog(t *testing.T) {

diff --git a/pkg/api/security/security_test.go b/pkg/api/security/security_test.go
@@ -24,7 +24,7 @@ func initMockConf(t *testing.T) (model.Config, string) {
 	testDir := t.TempDir()
 
 	f, err := os.CreateTemp(testDir, "fake-datadog-yaml-")
-	require.Nil(t, err, fmt.Errorf("%v", err))
+	require.NoError(t, err, fmt.Errorf("%v", err))
 	t.Cleanup(func() {
 		f.Close()
 	})
@@ -39,10 +39,10 @@ func initMockConf(t *testing.T) (model.Config, string) {
 func TestCreateOrFetchAuthTokenValidGen(t *testing.T) {
 	config, expectTokenPath := initMockConf(t)
 	token, err := CreateOrFetchToken(config)
-	require.Nil(t, err, fmt.Sprintf("%v", err))
+	require.NoError(t, err, fmt.Sprintf("%v", err))
 	assert.True(t, len(token) > authTokenMinimalLen, fmt.Sprintf("%d", len(token)))
 	_, err = os.Stat(expectTokenPath)
-	require.Nil(t, err)
+	require.NoError(t, err)
 }
 
 func TestFetchAuthToken(t *testing.T) {
@@ -55,12 +55,12 @@ func TestFetchAuthToken(t *testing.T) {
 	require.True(t, os.IsNotExist(err))
 
 	newToken, err := CreateOrFetchToken(config)
-	require.Nil(t, err, fmt.Sprintf("%v", err))
+	require.NoError(t, err, fmt.Sprintf("%v", err))
 	require.True(t, len(newToken) > authTokenMinimalLen, fmt.Sprintf("%d", len(newToken)))
 	_, err = os.Stat(expectTokenPath)
-	require.Nil(t, err)
+	require.NoError(t, err)
 
 	token, err = FetchAuthToken(config)
-	require.Nil(t, err, fmt.Sprintf("%v", err))
+	require.NoError(t, err, fmt.Sprintf("%v", err))
 	require.Equal(t, newToken, token)
 }