From 0ec06535a37f5f90d98b2f33597da71c3fe682c1 Mon Sep 17 00:00:00 2001 From: Roch Devost Date: Mon, 24 Jun 2024 11:01:10 -0400 Subject: [PATCH] remove most get-port usage in appsec tests (#4428) --- ...aphql.apollo-server-express.plugin.spec.js | 4 +- ...aphql.apollo-server-fastify.plugin.spec.js | 4 +- .../graphql.apollo-server.plugin.spec.js | 5 +- ...lugin.apollo-server-express.plugin.spec.js | 4 +- .../plugin.apollo-server.plugin.spec.js | 5 +- .../taint-tracking.express.plugin.spec.js | 71 +++++++++---------- packages/dd-trace/test/appsec/iast/utils.js | 32 ++++----- .../appsec/index.body-parser.plugin.spec.js | 9 +-- .../appsec/index.cookie-parser.plugin.spec.js | 9 +-- .../test/appsec/index.express.plugin.spec.js | 9 +-- .../appsec/index.sequelize.plugin.spec.js | 9 +-- packages/dd-trace/test/appsec/index.spec.js | 11 ++- .../test/appsec/rasp.express.plugin.spec.js | 11 ++- .../test/appsec/response_blocking.spec.js | 21 +++--- .../dd-trace/test/appsec/sdk/set_user.spec.js | 7 +- .../test/appsec/sdk/track_event.spec.js | 7 +- .../test/appsec/sdk/user_blocking.spec.js | 7 +- 17 files changed, 97 insertions(+), 128 deletions(-) diff --git a/packages/dd-trace/test/appsec/graphql.apollo-server-express.plugin.spec.js b/packages/dd-trace/test/appsec/graphql.apollo-server-express.plugin.spec.js index a1cf874af04..9ea9638eddf 100644 --- a/packages/dd-trace/test/appsec/graphql.apollo-server-express.plugin.spec.js +++ b/packages/dd-trace/test/appsec/graphql.apollo-server-express.plugin.spec.js @@ -1,6 +1,5 @@ 'use strict' -const getPort = require('get-port') const agent = require('../plugins/agent') const { schema, @@ -41,10 +40,9 @@ withVersions('apollo-server-core', 'express', '>=4', expressVersion => { server.applyMiddleware({ app }) - config.port = await getPort() - return new Promise(resolve => { expressServer = app.listen({ port: config.port }, () => { + config.port = expressServer.address().port resolve() }) }) diff --git a/packages/dd-trace/test/appsec/graphql.apollo-server-fastify.plugin.spec.js b/packages/dd-trace/test/appsec/graphql.apollo-server-fastify.plugin.spec.js index f6e423fb0e0..f8f4721fe3d 100644 --- a/packages/dd-trace/test/appsec/graphql.apollo-server-fastify.plugin.spec.js +++ b/packages/dd-trace/test/appsec/graphql.apollo-server-fastify.plugin.spec.js @@ -1,6 +1,5 @@ 'use strict' -const getPort = require('get-port') const agent = require('../plugins/agent') const { schema, @@ -41,10 +40,9 @@ withVersions('apollo-server-core', 'fastify', '3', fastifyVersion => { app.register(server.createHandler()) - config.port = await getPort() - return new Promise(resolve => { app.listen({ port: config.port }, (data) => { + config.port = app.server.address().port resolve() }) }) diff --git a/packages/dd-trace/test/appsec/graphql.apollo-server.plugin.spec.js b/packages/dd-trace/test/appsec/graphql.apollo-server.plugin.spec.js index f5b3863f963..b0f527db141 100644 --- a/packages/dd-trace/test/appsec/graphql.apollo-server.plugin.spec.js +++ b/packages/dd-trace/test/appsec/graphql.apollo-server.plugin.spec.js @@ -1,6 +1,5 @@ 'use strict' -const getPort = require('get-port') const path = require('path') const agent = require('../plugins/agent') const { @@ -31,9 +30,9 @@ withVersions('apollo-server', '@apollo/server', apolloServerVersion => { resolvers }) - config.port = await getPort() + const { url } = await startStandaloneServer(server, { listen: { port: 0 } }) - await startStandaloneServer(server, { listen: { port: config.port } }) + config.port = new URL(url).port }) after(async () => { diff --git a/packages/dd-trace/test/appsec/iast/taint-tracking/sources/plugin.apollo-server-express.plugin.spec.js b/packages/dd-trace/test/appsec/iast/taint-tracking/sources/plugin.apollo-server-express.plugin.spec.js index 1047e3da5ae..91b6e2849f6 100644 --- a/packages/dd-trace/test/appsec/iast/taint-tracking/sources/plugin.apollo-server-express.plugin.spec.js +++ b/packages/dd-trace/test/appsec/iast/taint-tracking/sources/plugin.apollo-server-express.plugin.spec.js @@ -1,6 +1,5 @@ 'use strict' -const getPort = require('get-port') const agent = require('../../../../plugins/agent') const { schema, @@ -41,10 +40,9 @@ withVersions('graphql', 'express', '>=4', expressVersion => { server.applyMiddleware({ app }) - config.port = await getPort() - return new Promise(resolve => { expressServer = app.listen({ port: config.port }, () => { + config.port = expressServer.address().port resolve() }) }) diff --git a/packages/dd-trace/test/appsec/iast/taint-tracking/sources/plugin.apollo-server.plugin.spec.js b/packages/dd-trace/test/appsec/iast/taint-tracking/sources/plugin.apollo-server.plugin.spec.js index b33820de369..bc6f0b7f079 100644 --- a/packages/dd-trace/test/appsec/iast/taint-tracking/sources/plugin.apollo-server.plugin.spec.js +++ b/packages/dd-trace/test/appsec/iast/taint-tracking/sources/plugin.apollo-server.plugin.spec.js @@ -1,6 +1,5 @@ 'use strict' -const getPort = require('get-port') const path = require('path') const agent = require('../../../../plugins/agent') const { @@ -31,9 +30,9 @@ withVersions('apollo-server', '@apollo/server', apolloServerVersion => { resolvers }) - config.port = await getPort() + const { url } = await startStandaloneServer(server, { listen: { port: config.port } }) - await startStandaloneServer(server, { listen: { port: config.port } }) + config.port = new URL(url).port }) after(async () => { diff --git a/packages/dd-trace/test/appsec/iast/taint-tracking/sources/taint-tracking.express.plugin.spec.js b/packages/dd-trace/test/appsec/iast/taint-tracking/sources/taint-tracking.express.plugin.spec.js index 7e1626a2b6f..7465f6b2408 100644 --- a/packages/dd-trace/test/appsec/iast/taint-tracking/sources/taint-tracking.express.plugin.spec.js +++ b/packages/dd-trace/test/appsec/iast/taint-tracking/sources/taint-tracking.express.plugin.spec.js @@ -1,7 +1,6 @@ 'use strict' const axios = require('axios') -const getPort = require('get-port') const semver = require('semver') const agent = require('../../../../plugins/agent') const Config = require('../../../../../src/config') @@ -59,13 +58,13 @@ describe('URI sourcing with express', () => { res.status(200).send() }) - getPort().then(port => { - appListener = app.listen(port, 'localhost', () => { - axios - .get(`http://localhost:${port}/path/vulnerable`) - .then(() => done()) - .catch(done) - }) + appListener = app.listen(0, 'localhost', () => { + const port = appListener.address().port + + axios + .get(`http://localhost:${port}/path/vulnerable`) + .then(() => done()) + .catch(done) }) }) }) @@ -137,13 +136,13 @@ describe('Path params sourcing with express', () => { res.status(200).send() }) - getPort().then(port => { - appListener = app.listen(port, 'localhost', () => { - axios - .get(`http://localhost:${port}/tainted1/tainted2`) - .then(() => done()) - .catch(done) - }) + appListener = app.listen(0, 'localhost', () => { + const port = appListener.address().port + + axios + .get(`http://localhost:${port}/tainted1/tainted2`) + .then(() => done()) + .catch(done) }) }) @@ -172,13 +171,13 @@ describe('Path params sourcing with express', () => { app.use('/:parameterParent', nestedRouter) - getPort().then(port => { - appListener = app.listen(port, 'localhost', () => { - axios - .get(`http://localhost:${port}/tainted1/tainted2`) - .then(() => done()) - .catch(done) - }) + appListener = app.listen(0, 'localhost', () => { + const port = appListener.address().port + + axios + .get(`http://localhost:${port}/tainted1/tainted2`) + .then(() => done()) + .catch(done) }) }) @@ -192,13 +191,13 @@ describe('Path params sourcing with express', () => { app.param('parameter1', checkParamIsTaintedAndNext) app.param('parameter2', checkParamIsTaintedAndNext) - getPort().then(port => { - appListener = app.listen(port, 'localhost', () => { - axios - .get(`http://localhost:${port}/tainted1/tainted2`) - .then(() => done()) - .catch(done) - }) + appListener = app.listen(0, 'localhost', () => { + const port = appListener.address().port + + axios + .get(`http://localhost:${port}/tainted1/tainted2`) + .then(() => done()) + .catch(done) }) }) @@ -216,13 +215,13 @@ describe('Path params sourcing with express', () => { app.param('parameter1') app.param('parameter2') - getPort().then(port => { - appListener = app.listen(port, 'localhost', () => { - axios - .get(`http://localhost:${port}/tainted1/tainted2`) - .then(() => done()) - .catch(done) - }) + appListener = app.listen(0, 'localhost', () => { + const port = appListener.address().port + + axios + .get(`http://localhost:${port}/tainted1/tainted2`) + .then(() => done()) + .catch(done) }) }) }) diff --git a/packages/dd-trace/test/appsec/iast/utils.js b/packages/dd-trace/test/appsec/iast/utils.js index ad40fd8e892..d308696e988 100644 --- a/packages/dd-trace/test/appsec/iast/utils.js +++ b/packages/dd-trace/test/appsec/iast/utils.js @@ -4,7 +4,6 @@ const fs = require('fs') const os = require('os') const path = require('path') -const getPort = require('get-port') const agent = require('../../plugins/agent') const axios = require('axios') const iast = require('../../../src/appsec/iast') @@ -17,12 +16,6 @@ function testInRequest (app, tests) { let appListener const config = {} - beforeEach(() => { - return getPort().then(newPort => { - config.port = newPort - }) - }) - beforeEach(() => { listener = (req, res) => { const appResult = app && app(req, res) @@ -48,7 +41,10 @@ function testInRequest (app, tests) { beforeEach(done => { const server = new http.Server(listener) appListener = server - .listen(config.port, 'localhost', () => done()) + .listen(0, 'localhost', () => { + config.port = appListener.address().port + done() + }) }) afterEach(() => { @@ -219,12 +215,6 @@ function prepareTestServerForIast (description, tests, iastConfig) { let appListener let app - before(() => { - return getPort().then(newPort => { - config.port = newPort - }) - }) - before(() => { listener = (req, res) => { endResponse(res, app && app(req, res)) @@ -241,7 +231,10 @@ function prepareTestServerForIast (description, tests, iastConfig) { before(done => { const server = new http.Server(listener) appListener = server - .listen(config.port, 'localhost', () => done()) + .listen(0, 'localhost', () => { + config.port = appListener.address().port + done() + }) }) beforeEachIastTest(iastConfig) @@ -311,11 +304,10 @@ function prepareTestServerForIastInExpress (description, expressVersion, loadMid } expressApp.all('/', listener) - getPort().then(newPort => { - config.port = newPort - server = expressApp.listen(newPort, () => { - done() - }) + + server = expressApp.listen(0, () => { + config.port = server.address().port + done() }) }) diff --git a/packages/dd-trace/test/appsec/index.body-parser.plugin.spec.js b/packages/dd-trace/test/appsec/index.body-parser.plugin.spec.js index f48d330279c..458a69ee97d 100644 --- a/packages/dd-trace/test/appsec/index.body-parser.plugin.spec.js +++ b/packages/dd-trace/test/appsec/index.body-parser.plugin.spec.js @@ -1,7 +1,6 @@ 'use strict' const axios = require('axios') -const getPort = require('get-port') const path = require('path') const agent = require('../plugins/agent') const appsec = require('../../src/appsec') @@ -27,11 +26,9 @@ withVersions('body-parser', 'body-parser', version => { res.end('DONE') }) - getPort().then(newPort => { - port = newPort - server = app.listen(port, () => { - done() - }) + server = app.listen(port, () => { + port = server.address().port + done() }) }) diff --git a/packages/dd-trace/test/appsec/index.cookie-parser.plugin.spec.js b/packages/dd-trace/test/appsec/index.cookie-parser.plugin.spec.js index fbc49565e2a..fed6bbcbf45 100644 --- a/packages/dd-trace/test/appsec/index.cookie-parser.plugin.spec.js +++ b/packages/dd-trace/test/appsec/index.cookie-parser.plugin.spec.js @@ -2,7 +2,6 @@ const { assert } = require('chai') const axios = require('axios') -const getPort = require('get-port') const path = require('path') const agent = require('../plugins/agent') const appsec = require('../../src/appsec') @@ -28,11 +27,9 @@ withVersions('cookie-parser', 'cookie-parser', version => { res.end('DONE') }) - getPort().then(newPort => { - port = newPort - server = app.listen(port, () => { - done() - }) + server = app.listen(port, () => { + port = server.address().port + done() }) }) diff --git a/packages/dd-trace/test/appsec/index.express.plugin.spec.js b/packages/dd-trace/test/appsec/index.express.plugin.spec.js index 5bfd37bf75a..e8b0d4a50e4 100644 --- a/packages/dd-trace/test/appsec/index.express.plugin.spec.js +++ b/packages/dd-trace/test/appsec/index.express.plugin.spec.js @@ -1,7 +1,6 @@ 'use strict' const axios = require('axios') -const getPort = require('get-port') const path = require('path') const agent = require('../plugins/agent') const appsec = require('../../src/appsec') @@ -45,11 +44,9 @@ withVersions('express', 'express', version => { res.jsonp({ jsonResKey: 'jsonResValue' }) }) - getPort().then(newPort => { - port = newPort - server = app.listen(port, () => { - done() - }) + server = app.listen(port, () => { + port = server.address().port + done() }) }) diff --git a/packages/dd-trace/test/appsec/index.sequelize.plugin.spec.js b/packages/dd-trace/test/appsec/index.sequelize.plugin.spec.js index 656532e883c..07013a570d2 100644 --- a/packages/dd-trace/test/appsec/index.sequelize.plugin.spec.js +++ b/packages/dd-trace/test/appsec/index.sequelize.plugin.spec.js @@ -2,7 +2,6 @@ const path = require('path') const axios = require('axios') -const getPort = require('get-port') const agent = require('../plugins/agent') const appsec = require('../../src/appsec') const Config = require('../../src/config') @@ -69,11 +68,9 @@ describe('sequelize', () => { res.json(users) }) - getPort().then(newPort => { - port = newPort - server = app.listen(newPort, () => { - done() - }) + server = app.listen(0, () => { + port = server.address().port + done() }) }) diff --git a/packages/dd-trace/test/appsec/index.spec.js b/packages/dd-trace/test/appsec/index.spec.js index 2a33c9348bc..747ad2d4fe4 100644 --- a/packages/dd-trace/test/appsec/index.spec.js +++ b/packages/dd-trace/test/appsec/index.spec.js @@ -19,7 +19,6 @@ const Reporter = require('../../src/appsec/reporter') const agent = require('../plugins/agent') const Config = require('../../src/config') const axios = require('axios') -const getPort = require('get-port') const blockedTemplate = require('../../src/appsec/blocked_templates') const { storage } = require('../../../datadog-core') const telemetryMetrics = require('../../src/telemetry/metrics') @@ -1004,11 +1003,6 @@ describe('IP blocking', function () { const jsonDefaultContent = JSON.parse(blockedTemplate.json) let http, appListener, port - before(() => { - return getPort().then(newPort => { - port = newPort - }) - }) before(() => { return agent.load('http') .then(() => { @@ -1021,7 +1015,10 @@ describe('IP blocking', function () { res.end(JSON.stringify({ message: 'OK' })) }) appListener = server - .listen(port, 'localhost', () => done()) + .listen(0, 'localhost', () => { + port = appListener.address().port + done() + }) }) beforeEach(() => { diff --git a/packages/dd-trace/test/appsec/rasp.express.plugin.spec.js b/packages/dd-trace/test/appsec/rasp.express.plugin.spec.js index 01ebb2c9f42..2aefdb89693 100644 --- a/packages/dd-trace/test/appsec/rasp.express.plugin.spec.js +++ b/packages/dd-trace/test/appsec/rasp.express.plugin.spec.js @@ -2,7 +2,6 @@ const Axios = require('axios') const agent = require('../plugins/agent') -const getPort = require('get-port') const appsec = require('../../src/appsec') const Config = require('../../src/config') const path = require('path') @@ -12,7 +11,7 @@ function noop () {} withVersions('express', 'express', expressVersion => { describe('RASP', () => { - let app, server, port, axios + let app, server, axios before(() => { return agent.load(['http'], { client: false }) @@ -34,14 +33,12 @@ withVersions('express', 'express', expressVersion => { } })) - getPort().then(newPort => { - port = newPort + server = expressApp.listen(0, () => { + const port = server.address().port axios = Axios.create({ baseURL: `http://localhost:${port}` }) - server = expressApp.listen(port, () => { - done() - }) + done() }) }) diff --git a/packages/dd-trace/test/appsec/response_blocking.spec.js b/packages/dd-trace/test/appsec/response_blocking.spec.js index 672933784e7..2868a42b05b 100644 --- a/packages/dd-trace/test/appsec/response_blocking.spec.js +++ b/packages/dd-trace/test/appsec/response_blocking.spec.js @@ -1,7 +1,6 @@ 'use strict' const { assert } = require('chai') -const getPort = require('get-port') const agent = require('../plugins/agent') const Axios = require('axios') const appsec = require('../../src/appsec') @@ -17,8 +16,6 @@ describe('HTTP Response Blocking', () => { let axios before(async () => { - const port = await getPort() - await agent.load('http') const http = require('http') @@ -38,16 +35,20 @@ describe('HTTP Response Blocking', () => { }) await new Promise((resolve, reject) => { - server.listen(port, 'localhost') - .once('listening', resolve) + server.listen(0, 'localhost') + .once('listening', (...args) => { + const port = server.address().port + + axios = Axios.create(({ + baseURL: `http://localhost:${port}`, + validateStatus: null + })) + + resolve(...args) + }) .once('error', reject) }) - axios = Axios.create(({ - baseURL: `http://localhost:${port}`, - validateStatus: null - })) - appsec.enable(new Config({ appsec: { enabled: true, diff --git a/packages/dd-trace/test/appsec/sdk/set_user.spec.js b/packages/dd-trace/test/appsec/sdk/set_user.spec.js index a582837e419..9327a88afcd 100644 --- a/packages/dd-trace/test/appsec/sdk/set_user.spec.js +++ b/packages/dd-trace/test/appsec/sdk/set_user.spec.js @@ -3,7 +3,6 @@ const proxyquire = require('proxyquire') const agent = require('../../plugins/agent') const tracer = require('../../../../../index') -const getPort = require('get-port') const axios = require('axios') describe('set_user', () => { @@ -83,7 +82,6 @@ describe('set_user', () => { } before(async () => { - port = await getPort() await agent.load('http') http = require('http') }) @@ -91,7 +89,10 @@ describe('set_user', () => { before(done => { const server = new http.Server(listener) appListener = server - .listen(port, 'localhost', () => done()) + .listen(port, 'localhost', () => { + port = appListener.address().port + done() + }) }) after(() => { diff --git a/packages/dd-trace/test/appsec/sdk/track_event.spec.js b/packages/dd-trace/test/appsec/sdk/track_event.spec.js index 106a145f3b4..acc5db1e905 100644 --- a/packages/dd-trace/test/appsec/sdk/track_event.spec.js +++ b/packages/dd-trace/test/appsec/sdk/track_event.spec.js @@ -2,7 +2,6 @@ const proxyquire = require('proxyquire') const agent = require('../../plugins/agent') -const getPort = require('get-port') const axios = require('axios') const tracer = require('../../../../../index') @@ -281,7 +280,6 @@ describe('track_event', () => { } before(async () => { - port = await getPort() await agent.load('http') http = require('http') }) @@ -289,7 +287,10 @@ describe('track_event', () => { before(done => { const server = new http.Server(listener) appListener = server - .listen(port, 'localhost', () => done()) + .listen(port, 'localhost', () => { + port = appListener.address().port + done() + }) }) after(() => { diff --git a/packages/dd-trace/test/appsec/sdk/user_blocking.spec.js b/packages/dd-trace/test/appsec/sdk/user_blocking.spec.js index 04d3da4647d..30937f28de9 100644 --- a/packages/dd-trace/test/appsec/sdk/user_blocking.spec.js +++ b/packages/dd-trace/test/appsec/sdk/user_blocking.spec.js @@ -5,7 +5,6 @@ const agent = require('../../plugins/agent') const tracer = require('../../../../../index') const appsec = require('../../../src/appsec') const Config = require('../../../src/config') -const getPort = require('get-port') const axios = require('axios') const path = require('path') const waf = require('../../../src/appsec/waf') @@ -166,7 +165,6 @@ describe('user_blocking', () => { } before(async () => { - port = await getPort() await agent.load('http') http = require('http') }) @@ -174,7 +172,10 @@ describe('user_blocking', () => { before(done => { const server = new http.Server(listener) appListener = server - .listen(port, 'localhost', () => done()) + .listen(port, 'localhost', () => { + port = appListener.address().port + done() + }) appsec.enable(config) })