fix rasp ssrf flaky test #5659
fix rasp ssrf flaky test #5659
Conversation
Overall package sizeSelf size: 9.3 MB Dependency sizes| name | version | self size | total size | |------|---------|-----------|------------| | @datadog/libdatadog | 0.5.1 | 29.73 MB | 29.73 MB | | @datadog/native-appsec | 8.5.2 | 19.33 MB | 19.34 MB | | @datadog/native-iast-taint-tracking | 3.3.1 | 13.99 MB | 13.99 MB | | @datadog/pprof | 5.7.1 | 9.51 MB | 9.88 MB | | @opentelemetry/core | 1.30.1 | 908.66 kB | 7.16 MB | | protobufjs | 7.4.0 | 2.77 MB | 5.42 MB | | @datadog/wasm-js-rewriter | 4.0.1 | 2.85 MB | 3.58 MB | | @datadog/native-metrics | 3.1.1 | 1.02 MB | 1.43 MB | | @opentelemetry/api | 1.8.0 | 1.21 MB | 1.21 MB | | import-in-the-middle | 1.13.1 | 117.64 kB | 839.26 kB | | source-map | 0.7.4 | 226 kB | 226 kB | | opentracing | 0.14.7 | 194.81 kB | 194.81 kB | | lru-cache | 7.18.3 | 133.92 kB | 133.92 kB | | pprof-format | 2.1.0 | 111.69 kB | 111.69 kB | | @datadog/sketches-js | 2.1.1 | 109.9 kB | 109.9 kB | | lodash.sortby | 4.7.0 | 75.76 kB | 75.76 kB | | ignore | 5.3.2 | 53.63 kB | 53.63 kB | | istanbul-lib-coverage | 3.2.0 | 29.34 kB | 29.34 kB | | rfdc | 1.4.1 | 27.15 kB | 27.15 kB | | @isaacs/ttlcache | 1.4.1 | 25.2 kB | 25.2 kB | | dc-polyfill | 0.1.8 | 25.08 kB | 25.08 kB | | tlhunter-sorted-set | 0.1.0 | 24.94 kB | 24.94 kB | | shell-quote | 1.8.2 | 23.54 kB | 23.54 kB | | limiter | 1.1.5 | 23.17 kB | 23.17 kB | | retry | 0.13.1 | 18.85 kB | 18.85 kB | | semifies | 1.0.0 | 15.84 kB | 15.84 kB | | jest-docblock | 29.7.0 | 8.99 kB | 12.76 kB | | crypto-randomuuid | 1.0.0 | 11.18 kB | 11.18 kB | | ttl-set | 1.0.0 | 4.61 kB | 9.69 kB | | mutexify | 1.4.0 | 5.71 kB | 8.74 kB | | path-to-regexp | 0.1.12 | 6.6 kB | 6.6 kB | | koalas | 1.0.2 | 6.47 kB | 6.47 kB | | module-details-from-path | 1.0.3 | 4.47 kB | 4.47 kB |🤖 This report was automatically generated by heaviest-objects-in-the-universe |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #5659 +/- ##
==========================================
- Coverage 79.12% 79.06% -0.07%
==========================================
Files 513 512 -1
Lines 23497 23425 -72
==========================================
- Hits 18593 18521 -72
Misses 4904 4904 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
Datadog ReportBranch report: ✅ 0 Failed, 931 Passed, 0 Skipped, 12m 37.01s Total Time |
BenchmarksBenchmark execution time: 2025-05-05 14:00:39 Comparing candidate commit 2279355 in PR branch Found 0 performance improvements and 0 performance regressions! Performance is the same for 1276 metrics, 47 unstable metrics. |
| @@ -121,11 +121,11 @@ describe('RASP - ssrf', () => { | |||
|
|
|||
| it('Should not detect threat', async () => { | |||
| app = (req, res) => { | |||
| axiosToTest.get(`https://${req.query.host}`) | |||
| axiosToTest.get(`https://${req.query.host}`).catch(noop) // swallow network error | |||
There was a problem hiding this comment.
we could have a network error calling www.datadoghq.com which is not interesting in this test
There was a problem hiding this comment.
I've tried forcing an ENOTFOUND without the .catch(noop) and the test keeps passing. I'm not sure if this is the root cause of the flakiness.
There was a problem hiding this comment.
I don't think either that the flaky test is related to this, this is just an additional helper.
The solution is to add an await to wait for request completion before checkRaspExecutedAndNotThreat
What does this PR do?
fix rasp ssrf flaky test
Plugin Checklist
Additional Notes