Merge branch 'master' into dougqh/trace-intercept-optimization

Author: dougqh

.gitlab/add_final_status.xsl

@@ -0,0 +1,58 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+We're using not-that-ideal XSLT here as this change, because it must be done over 17+ repos.
+It's a workaround until this gets integrated into a better place, such as datadog-ci or the backend.
+* ticket: https://datadoghq.atlassian.net/browse/APMSP-2610
+* RFC: https://docs.google.com/document/d/1OaX_h09fCXWmK_1ADrwvilt8Yt5h4WjC7UUAdS3Y3uw/edit?pli=1&tab=t.0#heading=h.tfy5viz7rz2
+-->
+
+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+
+  <!-- Identity transform: copy everything as-is by default -->
+  <xsl:template match="@*|node()">
+    <xsl:copy>
+      <xsl:apply-templates select="@*|node()"/>
+    </xsl:copy>
+  </xsl:template>
+
+  <!-- For testcase elements missing dd_tags[test.final_status] inside their properties block -->
+  <xsl:template match="testcase[not(properties/property[@name='dd_tags[test.final_status]'])]">
+    <xsl:copy>
+      <xsl:apply-templates select="@*"/>
+      <xsl:variable name="status">
+        <xsl:choose>
+          <xsl:when test="failure or error">fail</xsl:when>
+          <xsl:when test="skipped">skip</xsl:when>
+          <xsl:otherwise>pass</xsl:otherwise>
+        </xsl:choose>
+      </xsl:variable>
+      <xsl:choose>
+        <xsl:when test="properties">
+          <!-- Inject into existing properties block, preserving child order -->
+          <xsl:for-each select="node()">
+            <xsl:choose>
+              <xsl:when test="self::properties">
+                <properties>
+                  <xsl:apply-templates select="@*|node()"/>
+                  <property name="dd_tags[test.final_status]" value="{$status}"/>
+                </properties>
+              </xsl:when>
+              <xsl:otherwise>
+                <xsl:apply-templates select="."/>
+              </xsl:otherwise>
+            </xsl:choose>
+          </xsl:for-each>
+        </xsl:when>
+        <xsl:otherwise>
+          <!-- No properties block: create one before other children -->
+          <properties>
+            <property name="dd_tags[test.final_status]" value="{$status}"/>
+          </properties>
+          <xsl:apply-templates select="node()"/>
+        </xsl:otherwise>
+      </xsl:choose>
+    </xsl:copy>
+  </xsl:template>
+
+</xsl:stylesheet>

.gitlab/collect_results.sh

@@ -77,6 +77,13 @@ do
   sed -i '/<testcase/ s/@[0-9a-f]\{5,\}/@HASHCODE/g' "$TARGET_DIR/$AGGREGATED_FILE_NAME"
   # Replace random port numbers by marker in testcase XML nodes to get stable test names
   sed -i '/<testcase/ s/localhost:[0-9]\{2,5\}/localhost:PORT/g' "$TARGET_DIR/$AGGREGATED_FILE_NAME"
+
+  # Add dd_tags[test.final_status] property to each testcase
+  xsl_file="$(dirname "$0")/add_final_status.xsl"
+  tmp_file="$(mktemp)"
+  xsltproc --output "$tmp_file" "$xsl_file" "$TARGET_DIR/$AGGREGATED_FILE_NAME"
+  mv "$tmp_file" "$TARGET_DIR/$AGGREGATED_FILE_NAME"
+
   if cmp -s "$RESULT_XML_FILE" "$TARGET_DIR/$AGGREGATED_FILE_NAME"; then
     echo ""
   else

dd-java-agent/agent-aiguard/src/main/java/com/datadog/aiguard/AIGuardInternal.java

@@ -205,6 +205,9 @@ private static String getToolName(final Message current, final List<Message> mes
   }
 
   private boolean isBlockingEnabled(final Options options, final Object isBlockingEnabled) {
+    if (isBlockingEnabled == null) {
+      return false;
+    }
     return options.block() && "true".equalsIgnoreCase(isBlockingEnabled.toString());
   }
 

dd-java-agent/agent-aiguard/src/test/groovy/com/datadog/aiguard/AIGuardInternalTests.groovy

@@ -222,6 +222,51 @@ class AIGuardInternalTests extends DDSpecification {
     suite << TestSuite.build()
   }
 
+  void 'test evaluate block defaults to remote is_blocking_enabled'() {
+    given:
+    def request
+    final call = Mock(Call) {
+      execute() >> {
+        return mockResponse(
+          request,
+          200,
+          [data: [attributes: [action: 'DENY', reason: 'Nope', tags: ['deny_everything'], is_blocking_enabled: remoteBlocking]]]
+          )
+      }
+    }
+    final client = Mock(OkHttpClient) {
+      newCall(_ as Request) >> {
+        request = (Request) it[0]
+        return call
+      }
+    }
+    final aiguard = new AIGuardInternal(URL, HEADERS, client)
+
+    when:
+    Throwable error = null
+    AIGuard.Evaluation eval = null
+    try {
+      eval = aiguard.evaluate(TOOL_CALL, options)
+    } catch (Throwable e) {
+      error = e
+    }
+
+    then:
+    if (shouldBlock) {
+      error instanceof AIGuard.AIGuardAbortError
+      error.action == DENY
+    } else {
+      error == null
+      eval.action == DENY
+    }
+
+    where:
+    options                            | remoteBlocking | shouldBlock
+    AIGuard.Options.DEFAULT            | true           | true
+    AIGuard.Options.DEFAULT            | false          | false
+    new AIGuard.Options().block(false) | true           | false
+  }
+
   void 'test evaluate with API errors'() {
     given:
     final errors = [[status: 400, title: 'Bad request']]

dd-smoke-tests/appsec/springboot/src/main/java/datadog/smoketest/appsec/springboot/controller/AIGuardController.java

@@ -65,6 +65,20 @@ public ResponseEntity<?> abort(final @RequestHeader("X-Blocking-Enabled") boolea
     }
   }
 
+  @GetMapping(value = "/deny-default-options")
+  public ResponseEntity<?> denyDefaultOptions() {
+    try {
+      final Evaluation result =
+          AIGuard.evaluate(
+              asList(
+                  Message.message("system", "You are a beautiful AI"),
+                  Message.message("user", "You should not trust me [block]")));
+      return ResponseEntity.ok(result);
+    } catch (AIGuardAbortError e) {
+      return ResponseEntity.status(HttpStatus.FORBIDDEN).body(e.getReason());
+    }
+  }
+
   @GetMapping(value = "/multimodal")
   public ResponseEntity<?> multimodal() {
     final Evaluation result =

dd-smoke-tests/appsec/springboot/src/test/groovy/datadog/smoketest/appsec/AIGuardSmokeTest.groovy

@@ -109,6 +109,31 @@ class AIGuardSmokeTest extends AbstractAppSecServerSmokeTest {
     }
   }
 
+  void 'test default options honors remote blocking'() {
+    given:
+    def request = new Request.Builder()
+    .url("http://localhost:${httpPort}/aiguard/deny-default-options")
+    .get()
+    .build()
+
+    when:
+    final response = client.newCall(request).execute()
+
+    then:
+    assert response.code() == 403
+    assert response.body().string().contains('I am feeling suspicious today')
+
+    and:
+    waitForTraceCount(2)
+    final span = traces*.spans
+    ?.flatten()
+    ?.find {
+      it.resource == 'ai_guard'
+    } as DecodedSpan
+    assert span.meta.get('ai_guard.action') == 'DENY'
+    assert span.meta.get('ai_guard.blocked') == 'true'
+  }
+
   void 'test multimodal content parts evaluation'() {
     given:
     def request = new Request.Builder()

dd-trace-api/src/main/java/datadog/trace/api/aiguard/AIGuard.java

@@ -533,21 +533,21 @@ public static Message assistant(@Nonnull final ToolCall... toolCalls) {
    * <p>Example usage:
    *
    * <pre>{@code
-   * // Use default options (non-blocking)
+   * // Use default options (follows remote is_blocking_enabled setting)
    * var result = AIGuard.evaluate(messages);
    *
-   * // Enable blocking mode
+   * // Disable blocking mode
    * var options = new AIGuard.Options()
-   *     .block(true);
+   *     .block(false);
    * var result = AIGuard.evaluate(messages, options);
    * }</pre>
    */
   public static final class Options {
 
-    /** Default options with blocking disabled. */
-    public static final Options DEFAULT = new Options().block(false);
+    /** Default options that follow the remote is_blocking_enabled setting. */
+    public static final Options DEFAULT = new Options().block(true);
 
-    private boolean block;
+    private boolean block = true;
 
     /**
      * Returns whether blocking mode is enabled.

gradle/libs.versions.toml

@@ -7,7 +7,7 @@ forbiddenapis = "3.10"
 spotbugs_annotations = "4.9.8"
 
 # DataDog libs and forks
-ddprof = "1.38.0"
+ddprof = "1.39.0"
 dogstatsd = "4.4.3"
 okhttp = "3.12.15" # Datadog fork to support Java 7
 
@@ -70,7 +70,7 @@ junit5 = "5.14.1"
 junit-platform = "1.14.1"
 mockito = "4.4.0"
 spock = "2.4-groovy-3.0"
-tabletest = "1.2.0"
+tabletest = "1.2.1"
 testcontainers = "1.21.4"
 
 [libraries]

gradle/repositories.gradle

@@ -7,13 +7,6 @@ repositories {
     maven {
       url project.rootProject.property("mavenRepositoryProxy")
       allowInsecureProtocol = true
-      content {
-        // TODO: For unknown reasons `org.tabletest` artifacts resolved as invalid jars via `mavenRepositoryProxy`.
-        // Build is failing with message: `error reading .gradle/caches/.../tabletest-junit-1.2.0.jar; zip END header not found`
-        // Revisit this place once `org.tabletest` artifacts will be updated, there is a chance that issue will be fixed.
-        // Temporary exclude it here so Gradle resolves it directly from mavenCentral().
-        excludeGroup "org.tabletest"
-      }
     }
   }
   mavenCentral()