datadog-operator icon indicating copy to clipboard operation
datadog-operator copied to clipboard
verified publisher icon DataDog

[ASM] product features activation

Open eliottness opened this issue 1 year ago • 1 comments

What does this PR do?

This PR adds the ASM features activation under the feature.asm field in the DatadogAgent crd. Its only goal is to propagate environment variables to the cluster-agent admission controller (cf. https://github.com/DataDog/datadog-agent/pull/23618)

Sister PR of https://github.com/DataDog/helm-charts/pull/1337 Clone of #1151

Motivation

Part of Single Step Activation for ASM products

Minimum Agent Versions

Are there minimum versions of the Datadog Agent and/or Cluster Agent required?

  • Cluster Agent: v7.53.0

Checklist

  • [x] PR has at least one valid label: bug, enhancement, refactoring, documentation, tooling, and/or dependencies
  • [ ] PR has a milestone or the qa/skip-qa label

Test Instruction

if the admission controller is not disabled, then there is a OneToOne relation between the DatadogAgent manifest and the env of the cluster agent like this:

  • asm.threats.enabled -> DD_ADMISSION_CONTROLLER_AUTO_INSTRUMENTATION_APPSEC_ENABLED
  • asm.sca.enabled -> DD_ADMISSION_CONTROLLER_AUTO_INSTRUMENTATION_APPSEC_SCA_ENABLED
  • asm.iast.enabled -> DD_ADMISSION_CONTROLLER_AUTO_INSTRUMENTATION_IAST_ENABLED

Manifest example:

apiVersion: datadoghq.com/v1alpha1
kind: DatadogAgent
metadata:
  name: datadog
spec:
  features:
     asm:
       threats:
         enabled: true
       sca:
         enabled: true
       iast:
         enabled: true

eliottness avatar May 02 '24 19:05 eliottness

Codecov Report

Attention: Patch coverage is 75.58140% with 21 lines in your changes are missing coverage. Please review.

Project coverage is 59.23%. Comparing base (8981855) to head (34ad7f9).

Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##             main    #1165      +/-   ##
==========================================
+ Coverage   59.16%   59.23%   +0.06%     
==========================================
  Files         175      176       +1     
  Lines       21944    22031      +87     
==========================================
+ Hits        12984    13050      +66     
- Misses       8164     8181      +17     
- Partials      796      800       +4
Flag Coverage Δ
unittests 59.23% <75.58%> (+0.06%) :arrow_up:

Flags with carried forward coverage won't be shown. Click here to find out more.

Files Coverage Δ
apis/datadoghq/v2alpha1/datadogagent_default.go 92.05% <100.00%> (+0.53%) :arrow_up:
apis/datadoghq/v2alpha1/datadogagent_types.go 100.00% <ø> (ø)
controllers/datadogagent/controller.go 59.25% <ø> (ø)
controllers/datadogagent/feature/asm/feature.go 69.11% <69.11%> (ø)

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 8981855...34ad7f9. Read the comment docs.

codecov-commenter avatar May 02 '24 19:05 codecov-commenter