initial

DataDog · Aug 30, 2024 · 46c03ec · 46c03ec
1 parent e7ca17e
commit 46c03ec
Show file tree

Hide file tree

Showing 4 changed files with 92 additions and 0 deletions.
diff --git a/contrib/envoyproxy/envoy/cmd/serviceextensions/main.go b/contrib/envoyproxy/envoy/cmd/serviceextensions/main.go
@@ -0,0 +1,83 @@
+package main
+
+import (
+	extproc "github.com/envoyproxy/go-control-plane/envoy/service/ext_proc/v3"
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/reflection"
+	"gopkg.in/DataDog/dd-trace-go.v1/ddtrace/tracer"
+	"gopkg.in/DataDog/dd-trace-go.v1/internal/appsec/emitter/httpsec"
+	"net"
+	"os"
+)
+
+// AppsecCalloutServiceExtensionService defines the struct that follows the ExternalProcessorServer interface.
+type AppsecCalloutServiceExtensionService struct {
+	extproc.ExternalProcessorServer
+}
+
+func main() {
+	var customService AppsecCalloutServiceExtensionService
+
+	os.Setenv("DD_APPSEC_ENABLED", "true")
+	tracer.Start(tracer.WithServiceName("appsec-callout-service-extension"))
+
+	go StartGRPC(&customService)
+	println("gRPC server started on port 50051")
+
+	select {}
+}
+
+// NewAppsecCalloutServiceExtensionService creates a new instance of AppsecCalloutServiceExtensionService.
+func NewAppsecCalloutServiceExtensionService() *AppsecCalloutServiceExtensionService {
+	service := &AppsecCalloutServiceExtensionService{}
+	return service
+}
+
+func (s *AppsecCalloutServiceExtensionService) Process(stream extproc.ExternalProcessor_ProcessServer) error {
+	println("Processing request...")
+
+	for {
+		req, err := stream.Recv()
+		if err != nil {
+			println("Error receiving request: ", err)
+			return err
+		}
+
+		// Request section
+		var requestHeaders = req.GetRequestHeaders()
+		var requestBody = req.GetRequestBody()
+		var requestTrailers = req.GetRequestTrailers()
+
+		// Pretty print
+		println("Request Headers: ", requestHeaders.GetHeaders().String())
+		println("Request Body: ", requestBody.GetBody())
+		println("Request Trailers: ", requestTrailers.GetTrailers().String())
+
+		// Build response
+		// Empty response because no changes should be made - except on blocking
+		var calloutResponse = &extproc.ProcessingResponse{}
+
+		// Send response
+		if err := stream.Send(calloutResponse); err != nil {
+			println("Error sending response: ", err)
+			return err
+		}
+
+		httpsec.MakeHandlerOperationArgs(nil, "127.0.0.1", nil)
+
+		println("Response sent")
+	}
+}
+
+func StartGRPC(service extproc.ExternalProcessorServer) {
+	lis, err := net.Listen("tcp", "0.0.0.0:50051")
+	if err != nil {
+		println("Failed to listen on insecure port: %v", err)
+	}
+	grpcServer := grpc.NewServer()
+	extproc.RegisterExternalProcessorServer(grpcServer, service)
+	reflection.Register(grpcServer)
+	if err := grpcServer.Serve(lis); err != nil {
+		println("Failed to serve gRPC on insecure port: %v", err)
+	}
+}
diff --git a/contrib/envoyproxy/envoy/cmd/serviceextensions/serviceextensions b/contrib/envoyproxy/envoy/cmd/serviceextensions/serviceextensions
diff --git a/go.mod b/go.mod
@@ -37,6 +37,7 @@ require (
 	github.com/elastic/go-elasticsearch/v8 v8.4.0
 	github.com/emicklei/go-restful v2.16.0+incompatible
 	github.com/emicklei/go-restful/v3 v3.11.0
+	github.com/envoyproxy/go-control-plane v0.11.1-0.20230524094728-9239064ad72f
 	github.com/garyburd/redigo v1.6.4
 	github.com/gin-gonic/gin v1.9.1
 	github.com/glebarez/go-sqlite v1.22.0
@@ -145,6 +146,7 @@ require (
 	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 	github.com/chenzhuoyu/base64x v0.0.0-20230717121745-296ad89f973d // indirect
 	github.com/chenzhuoyu/iasm v0.9.0 // indirect
+	github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4 // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
 	github.com/dustin/go-humanize v1.0.1 // indirect
@@ -153,6 +155,7 @@ require (
 	github.com/eapache/queue v1.1.0 // indirect
 	github.com/ebitengine/purego v0.6.0-alpha.5 // indirect
 	github.com/elastic/elastic-transport-go/v8 v8.1.0 // indirect
+	github.com/envoyproxy/protoc-gen-validate v0.10.1 // indirect
 	github.com/fatih/color v1.16.0 // indirect
 	github.com/felixge/httpsnoop v1.0.3 // indirect
 	github.com/gabriel-vasile/mimetype v1.4.2 // indirect

diff --git a/go.sum b/go.sum
@@ -870,6 +870,8 @@ github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWH
 github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
 github.com/cncf/xds/go v0.0.0-20220314180256-7f1daf1720fc/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
 github.com/cncf/xds/go v0.0.0-20230105202645-06c439db220b/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
+github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4 h1:/inchEIKaYC1Akx+H+gqO04wryn5h75LSazbRlnya1k=
+github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
 github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8=
 github.com/cockroachdb/datadriven v0.0.0-20200714090401-bf6692d28da5/go.mod h1:h6jFvWxBdQXxjopDMZyH2UVceIRfR84bdzbkoKrsWNo=
 github.com/cockroachdb/errors v1.2.4/go.mod h1:rQD95gz6FARkaKkQXUksEje/d9a6wBJoCr5oaCLELYA=
@@ -1097,9 +1099,13 @@ github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.m
 github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0=
 github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE=
 github.com/envoyproxy/go-control-plane v0.10.3/go.mod h1:fJJn/j26vwOu972OllsvAgJJM//w9BV6Fxbg2LuVd34=
+github.com/envoyproxy/go-control-plane v0.11.1-0.20230524094728-9239064ad72f h1:7T++XKzy4xg7PKy+bM+Sa9/oe1OC88yz2hXQUISoXfA=
+github.com/envoyproxy/go-control-plane v0.11.1-0.20230524094728-9239064ad72f/go.mod h1:sfYdkwUW4BA3PbKjySwjJy+O4Pu0h62rlqCMHNk+K+Q=
 github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
 github.com/envoyproxy/protoc-gen-validate v0.6.7/go.mod h1:dyJXwwfPK2VSqiB9Klm1J6romD608Ba7Hij42vrOBCo=
 github.com/envoyproxy/protoc-gen-validate v0.9.1/go.mod h1:OKNgG7TCp5pF4d6XftA0++PMirau2/yoOwVac3AbF2w=
+github.com/envoyproxy/protoc-gen-validate v0.10.1 h1:c0g45+xCJhdgFGw7a5QAfdS4byAbud7miNWJ1WwEVf8=
+github.com/envoyproxy/protoc-gen-validate v0.10.1/go.mod h1:DRjgyB0I43LtJapqN6NiRwroiAU2PaFuvk/vjgh61ss=
 github.com/erikstmartin/go-testdb v0.0.0-20160219214506-8d10e4a1bae5 h1:Yzb9+7DPaBjB8zlTR87/ElzFsnQfuHnVUVqpZZIcV5Y=
 github.com/erikstmartin/go-testdb v0.0.0-20160219214506-8d10e4a1bae5/go.mod h1:a2zkGnVExMxdzMo3M0Hi/3sEU+cWnZpSni0O6/Yb/P0=
 github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=