fixes misspelled build tag coraza.rule.multiphase_evaluation

[daum3ns]

No description provided.

[M4tteoP]

Thanks for spotting it and opening the PR!

[M4tteoP]

Ouch, this changes the permutations of build tags generated for the CI, and a permutation is failing now with the correct tag 🫤

[daum3ns]

hm, does this mean it only succeeded before because it was incorrectly set?
this would make sense because the rules in the failing test here use ARGS
https://github.com/corazawaf/coraza/blob/main/testing/engine/variables.go#L174
if it was not correctly set before this matched...

[M4tteoP]

hm, does this mean it only succeeded before because it was incorrectly set?

Yes, I think so. This is a quite recently added test, and we did not catch that it is not flexible enough to work with multiphase.

[M4tteoP]

I just took a quick look, but I think that:

• the test is expecting exactly the following line Message from rule 12: ARGS:key2[name], macro expansion: PaYlOaD in the logs
• multiphase is splitting ARGS into ARGS_GET and ARGS_POST, therefore, I suspect the log line is going to be Message from rule 12: ARGS_POST:key2[name], macro expansion: PaYlOaD.

[daum3ns]

somehow I can't test it locally on my side.. when i run go run mage.go coverage
i get the following error:

Running tests with coverage
Tags: memoize_builders,coraza.rule.multiphase_evaluation,no_fs_access
go: downloading github.com/corazawaf/coraza-coreruleset v0.0.0-20240226094324-415b1017abdc
# github.com/corazawaf/coraza/v3/internal/seclang
github.com/corazawaf/coraza-coreruleset@v0.0.0-20240226094324-415b1017abdc: reading https://proxy.golang.org/github.com/corazawaf/coraza-coreruleset/@v/v0.0.0-20240226094324-415b1017abdc.zip: 403 Forbidden
FAIL	github.com/corazawaf/coraza/v3/internal/seclang [setup failed]

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 84.09%. Comparing base (681afa9) to head (53f2f33).
Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1338      +/-   ##
==========================================
+ Coverage   81.99%   84.09%   +2.10%     
==========================================
  Files         170      170              
  Lines        9803     9803              
==========================================
+ Hits         8038     8244     +206     
+ Misses       1518     1317     -201     
+ Partials      247      242       -5     

Flag	Coverage Δ
coraza.rule.case_sensitive_args_keys	84.05% <ø> (+2.10%)	⬆️
coraza.rule.multiphase_evaluation	83.74% <ø> (?)
coraza.rule.multiphase_valuation	?
coraza.rule.no_regex_multiline	84.03% <ø> (+2.10%)	⬆️
default	84.09% <ø> (+2.10%)	⬆️
examples+	16.50% <ø> (ø)
examples+coraza.rule.case_sensitive_args_keys	84.05% <ø> (+2.10%)	⬆️
examples+coraza.rule.multiphase_evaluation	83.58% <ø> (?)
examples+coraza.rule.multiphase_valuation	?
examples+coraza.rule.no_regex_multiline	83.95% <ø> (+2.10%)	⬆️
examples+memoize_builders	84.06% <ø> (+2.11%)	⬆️
examples+no_fs_access	81.28% <ø> (ø)
ftw	84.09% <ø> (+2.10%)	⬆️
memoize_builders	84.19% <ø> (+2.11%)	⬆️
no_fs_access	83.54% <ø> (+2.10%)	⬆️
tinygo	84.06% <ø> (+2.10%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[M4tteoP]

Thanks! We should have dedicated tests (to be checked) with multiphase checking the ARGS -> ARGS_POST conversion, so this test should be good like this.