From 6338a02b75b4f9ec993197058487eb473b835d4d Mon Sep 17 00:00:00 2001 From: Rithika Narayan Date: Fri, 21 Nov 2025 13:22:39 -0500 Subject: [PATCH 1/7] use block config for block id --- datadog_lambda/asm.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/datadog_lambda/asm.py b/datadog_lambda/asm.py index 6c65a946..41cc951e 100644 --- a/datadog_lambda/asm.py +++ b/datadog_lambda/asm.py @@ -3,6 +3,7 @@ from copy import deepcopy from typing import Any, Dict, List, Optional, Union +from ddtrace.appsec._utils import Block_config from ddtrace.contrib.internal.trace_utils import _get_request_header_client_ip from ddtrace.internal import core from ddtrace.internal.utils import get_blocked @@ -223,7 +224,8 @@ def get_asm_blocked_response( content = "" else: content_type = blocked.get("content-type", "application/json") - content = http_utils._get_blocked_template(content_type) + blocked_config = Block_config() + content = http_utils._get_blocked_template(content_type, blocked_config.block_id) response = { "statusCode": blocked.get("status_code", 403), From c04c1e330cd8753e3543355cde655184c9d2b039 Mon Sep 17 00:00:00 2001 From: Rithika Narayan Date: Fri, 21 Nov 2025 13:37:22 -0500 Subject: [PATCH 2/7] linting --- datadog_lambda/asm.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/datadog_lambda/asm.py b/datadog_lambda/asm.py index 41cc951e..6e1a0480 100644 --- a/datadog_lambda/asm.py +++ b/datadog_lambda/asm.py @@ -225,7 +225,9 @@ def get_asm_blocked_response( else: content_type = blocked.get("content-type", "application/json") blocked_config = Block_config() - content = http_utils._get_blocked_template(content_type, blocked_config.block_id) + content = http_utils._get_blocked_template( + content_type, blocked_config.block_id + ) response = { "statusCode": blocked.get("status_code", 403), From 63d56554bed518f5662abcf8e448f33db72520d5 Mon Sep 17 00:00:00 2001 From: Rithika Narayan Date: Mon, 24 Nov 2025 09:48:17 -0500 Subject: [PATCH 3/7] Using existing block config --- datadog_lambda/asm.py | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/datadog_lambda/asm.py b/datadog_lambda/asm.py index 6e1a0480..29648021 100644 --- a/datadog_lambda/asm.py +++ b/datadog_lambda/asm.py @@ -3,7 +3,6 @@ from copy import deepcopy from typing import Any, Dict, List, Optional, Union -from ddtrace.appsec._utils import Block_config from ddtrace.contrib.internal.trace_utils import _get_request_header_client_ip from ddtrace.internal import core from ddtrace.internal.utils import get_blocked @@ -224,9 +223,8 @@ def get_asm_blocked_response( content = "" else: content_type = blocked.get("content-type", "application/json") - blocked_config = Block_config() content = http_utils._get_blocked_template( - content_type, blocked_config.block_id + content_type, blocked.get("block_id", "default") ) response = { From 63c443974f458b8d8fc86aaa74db0f96911c00b5 Mon Sep 17 00:00:00 2001 From: Rithika Narayan Date: Mon, 24 Nov 2025 16:48:42 -0500 Subject: [PATCH 4/7] Update dd-trace-py version --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 2c59df99..9be5c846 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -28,7 +28,7 @@ classifiers = [ python = ">=3.8.0,<4" datadog = ">=0.51.0,<1.0.0" wrapt = "^1.11.2" -ddtrace = ">=3.16.2,<4" +ddtrace = ">=3.19.0,<4" ujson = ">=5.9.0" botocore = { version = "^1.34.0", optional = true } requests = { version ="^2.22.0", optional = true } From 3a82116e981a3bb57cffcc60220b45a613277a1c Mon Sep 17 00:00:00 2001 From: Christophe Papazian Date: Wed, 26 Nov 2025 11:14:45 +0100 Subject: [PATCH 5/7] test with 3.19 branch --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 9be5c846..107c4a21 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -28,7 +28,7 @@ classifiers = [ python = ">=3.8.0,<4" datadog = ">=0.51.0,<1.0.0" wrapt = "^1.11.2" -ddtrace = ">=3.19.0,<4" +ddtrace = {git = "https://github.com/DataDog/dd-trace-py.git", branch = "3.19"} ujson = ">=5.9.0" botocore = { version = "^1.34.0", optional = true } requests = { version ="^2.22.0", optional = true } From 38e05e0bd0e2fb47e4cf8cf994eeecda6f461d43 Mon Sep 17 00:00:00 2001 From: Christophe Papazian Date: Wed, 26 Nov 2025 14:25:15 +0100 Subject: [PATCH 6/7] try adding the build action to the CI --- .github/workflows/build.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 05062447..1a00783c 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -4,6 +4,7 @@ on: push: branches: - "main" + - "christophe-papazian/system-tests-for-incident-46261" pull_request: schedule: - cron: '0 0,12 * * *' # Runs every day at midnight and noon utc From b22f389cac4582f134192e787bbd56b23a0a01cc Mon Sep 17 00:00:00 2001 From: Christophe Papazian Date: Wed, 26 Nov 2025 14:53:37 +0100 Subject: [PATCH 7/7] force build layer for ST --- .github/workflows/build_layer.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build_layer.yml b/.github/workflows/build_layer.yml index 7368a517..8008c41f 100644 --- a/.github/workflows/build_layer.yml +++ b/.github/workflows/build_layer.yml @@ -5,6 +5,7 @@ on: push: branches: - "main" + - "christophe-papazian/system-tests-for-incident-46261" jobs: build: