Integration of Newrelic Ruby Security agent #2752
Conversation
a manual port value can be passed to the security agent when needed
update description for security.applicationinfo.port
- introduce NewRelic::Control::SecurityInterface singleton class - leverage the singleton class to ensure the security agent is only ever initialized once - leverage the singleton class to defer security agent initialization in lockstep with dependency detection deference - have each singleton class perform its own `require` of the singleton library so that it's not necessary to understand that the library is coming in from the `Control` class that might seem to have nothing to do with the singleton class
- update NewRelic::Control::Security source file with license header and frozen string literal magic comment - remove commented out dev dependency from gemspec, as Gemfile will be used
NewRelic::Control::SecurityInterface
remove blank line left over from testing to cut down on diff noise
initialize the instance vars
SecurityInterface: Ruby <= 2.4 compatibility
make sure the SecurityInterface singleton behaves as expected
K2 security interface tests
when relying on the 3 argument version of `stub`, make sure it's available
security interface tests: skip MiniTest 4
Co-authored-by: Kayla Reopelle (she/her) <[email protected]>
Co-authored-by: Kayla Reopelle (she/her) <[email protected]>
Co-authored-by: Kayla Reopelle (she/her) <[email protected]>
Co-authored-by: Kayla Reopelle (she/her) <[email protected]>
add a security agent note, update descriptions further
reconcile .rb and .yml changes from the PR
updated security config: application_info
make it abundantly clear which combinations of the 3 options will disable the security agent
prateeksen
requested review from
fallwith,
hannahramadan,
kaylareopelle and
tannalynn
as code owners
github-actions
bot
added
the
community
| @@ -853,6 +853,55 @@ common: &default_settings | |||
| # Foundry environment. | |||
| # utilization.detect_pcf: true | |||
|
|
|||
| # | |||
There was a problem hiding this comment.
@hannahramadan we'll likely need some help here getting these comments moved into default_source.rb and/or the newrelic.yml auto-generator so that these changes aren't lost the next time the file is auto-generated.
There was a problem hiding this comment.
@fallwith roger that! I'll make a ticket for this
There was a problem hiding this comment.
Great suggestion, @fallwith. Thank you for making the ticket, @hannahramadan! I think we may also want to consider adding this content to the auto-generated configuration docs that get published on the New Relic Docs website.
| Agent.config[:'security.agent.enabled'] ? security_agent_metric(ENABLED) : security_agent_metric(DISABLED) | ||
| end | ||
|
|
||
| def security_metric(setting) |
There was a problem hiding this comment.
It looks like the only caller of this method has been removed. I think this method can be removed now.
There was a problem hiding this comment.
I believe there's a should-level declaration in the Security-Agent-Integration spec to generate this metric. Perhaps we should add a call?
There was a problem hiding this comment.
@fallwith @kaylareopelle Changes in place under this commit
| @@ -853,6 +853,55 @@ common: &default_settings | |||
| # Foundry environment. | |||
| # utilization.detect_pcf: true | |||
|
|
|||
| # | |||
There was a problem hiding this comment.
Great suggestion, @fallwith. Thank you for making the ticket, @hannahramadan! I think we may also want to consider adding this content to the auto-generated configuration docs that get published on the New Relic Docs website.
Co-authored-by: James Bunch <[email protected]>
Co-authored-by: Kayla Reopelle <[email protected]>
Co-authored-by: Kayla Reopelle <[email protected]>
Co-authored-by: Kayla Reopelle <[email protected]>
SimpleCov Report
|
fallwith
removed
the
community
Integration of Newrelic Ruby Security agent (csec-ruby-agent) for public preview.