Skip to content

[Ruby] Enable SQL Injection tests #4405

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 20 commits into
base: main
Choose a base branch
from
Open

[Ruby] Enable SQL Injection tests #4405

wants to merge 20 commits into from

Conversation

y9v
Copy link
Member

@y9v y9v commented Mar 27, 2025
edited
Loading

Motivation

We need to test SQL Injection detection feature in the Ruby tracer starting from version 2.14.0.

Changes

This PR enables SQL Injection tests for Ruby.

Workflow

  1. ⚠️ Create your PR as draft ⚠️
  2. Work on you PR until the CI passes (if something not related to your task is failing, you can ignore it)
  3. Mark it as ready for review
    • Test logic is modified? -> Get a review from RFC owner. We're working on refining the codeowners file quickly.
    • Framework is modified, or non obvious usage of it -> get a review from R&P team

🚀 Once your PR is reviewed, you can merge it!

🛟 #apm-shared-testing 🛟

Reviewer checklist

  • If PR title starts with [<language>], double-check that only <language> is impacted by the change
  • No system-tests internal is modified. Otherwise, I have the approval from R&P team
  • CI is green, or failing jobs are not related to this change (and you are 100% sure about this statement)
  • A docker base image is modified?
    • the relevant build-XXX-image label is present
  • A scenario is added (or removed)?

@y9v y9v self-assigned this Mar 27, 2025
@y9v y9v force-pushed the ruby-enable-sql-injection-tests branch 2 times, most recently from a360c2e to 0f6598d Compare March 27, 2025 17:13
@marcotc
Copy link
Member

marcotc commented Mar 27, 2025

Awesome work!

@y9v y9v force-pushed the ruby-enable-sql-injection-tests branch 5 times, most recently from 30afc1c to 57aa08d Compare April 4, 2025 12:30
@y9v y9v force-pushed the ruby-enable-sql-injection-tests branch 3 times, most recently from a8c98f2 to 44bd05f Compare April 15, 2025 12:21
@y9v y9v marked this pull request as ready for review April 15, 2025 14:46
@y9v y9v requested review from a team as code owners April 15, 2025 14:46
Strech
Strech approved these changes Apr 16, 2025
View reviewed changes
Copy link
Member

@Strech Strech left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMHO folder rasp in unnecessary compexity

vpellan
vpellan reviewed Apr 16, 2025
View reviewed changes
manifests/ruby.yml Outdated
@@ -279,7 +347,7 @@ tests/:
test_truncation.py:
Test_Truncation: missing_feature
test_asm_standalone.py:
Test_AppSecStandalone_NotEnabled: v2.13.0
Test_AppSecStandalone_NotEnabled: v2.14.0
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This test was passing in 2.13.0, why changing it to 2.14.0 ?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sorry, I just realized it's not related to SQLI. Rolled this back in 13a57bb. Thanks for noticing this!

@y9v y9v force-pushed the ruby-enable-sql-injection-tests branch from 2568bc8 to 13a57bb Compare April 16, 2025 09:45
@y9v y9v requested a review from vpellan April 16, 2025 10:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Strech Strech Strech approved these changes

@vpellan vpellan Awaiting requested review from vpellan

Assignees

@y9v y9v

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@y9v @marcotc @Strech @vpellan