Add DD_APPSEC_SCA_ENABLED new configuration variable

[estringana]

Description

It is required to create a new configuration variable DD_APPSEC_SCA_ENABLED so customers can enable SCA. This variable is reported to the backend via telemetry and used there.

Reviewer checklist

• Test coverage seems ok.
• Appropriate labels assigned.

APPSEC-14721

[pr-commenter]

Benchmarks

Benchmark execution time: 2024-03-05 16:23:25

Comparing candidate commit fa41d2a in PR branch estringana/add-appsec-sca with baseline commit dc24c31 in branch master.

Found 3 performance improvements and 3 performance regressions! Performance is the same for 176 metrics, 0 unstable metrics.

scenario:PDOBench/benchPDOBaseline

• 🟩 execution_time [-16.340µs; -13.325µs] or [-8.609%; -7.020%]

scenario:PDOBench/benchPDOBaseline-opcache

• 🟥 execution_time [+15.141µs; +16.403µs] or [+8.668%; +9.391%]

scenario:PDOBench/benchPDOOverhead

• 🟩 execution_time [-18.074µs; -16.050µs] or [-6.292%; -5.588%]

scenario:PDOBench/benchPDOOverhead-opcache

• 🟥 execution_time [+14.981µs; +17.044µs] or [+5.321%; +6.054%]

scenario:PDOBench/benchPDOOverheadWithDBM

• 🟩 execution_time [-18.020µs; -15.859µs] or [-5.828%; -5.129%]

scenario:PDOBench/benchPDOOverheadWithDBM-opcache

• 🟥 execution_time [+15.028µs; +18.456µs] or [+4.861%; +5.970%]

[Anilm3]

Are there perhaps any tests showing that this variable is actually being sent?

[codecov-commenter]

Codecov Report

Merging #2557 (887c380) into master (dc24c31) will decrease coverage by 1.17%.
Report is 7 commits behind head on master.
The diff coverage is 80.00%.

Additional details and impacted files

@@             Coverage Diff              @@
##             master    #2557      +/-   ##
============================================
- Coverage     77.08%   75.91%   -1.17%     
  Complexity     2574     2574              
============================================
  Files           214      240      +26     
  Lines         23057    27033    +3976     
  Branches          0      976     +976     
============================================
+ Hits          17773    20522    +2749     
- Misses         5284     5991     +707     
- Partials          0      520     +520     

Flag	Coverage Δ
appsec-extension	69.13% <ø> (?)
tracer-extension	78.70% <80.00%> (-0.01%)	⬇️
tracer-php	75.08% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Files	Coverage Δ
ext/configuration.h	100.00% <ø> (ø)
ext/telemetry.c	100.00% <100.00%> (ø)
ext/configuration.c	78.26% <75.00%> (-0.21%)	⬇️

... and 26 files with indirect coverage changes

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update dc24c31...887c380. Read the comment docs.

[estringana]

I found that when a configuration is explicitly defined as a env/ini with the same value as the default value of that config, the value sent to telemetry was default and it should be EnvVar instead

[bwoebi]

I think you should test datadog.appsec.sca_enabled=1 in one of the tests instead of using the ENV there. I believe it needs to be handled in configuration.c so that it's parsed as datadog.appsec.sca_enabled instead of datadog.appsec_sca_enabled.

[estringana]

I think you should test datadog.appsec.sca_enabled=1 in one of the tests instead of using the ENV there. I believe it needs to be handled in configuration.c so that it's parsed as datadog.appsec.sca_enabled instead of datadog.appsec_sca_enabled.

Thanks for pointing that out @bwoebi . If I understood correctly, I fixed it

[estringana]

@bwoebi pr is ready. Can you review when you have a chance please?

[bwoebi]

Can we reorder this and put an else if there? Just to avoid eval of strstr when unnecessary.

[estringana]

Makes sense. Done

[bwoebi]

Overall LGTM :-)