Skip to content

init rust weblog#6675

Draft
Eldolfin wants to merge 9 commits into
mainfrom
oscarld/init-rust-weblog
Draft

init rust weblog#6675
Eldolfin wants to merge 9 commits into
mainfrom
oscarld/init-rust-weblog

Conversation

@Eldolfin

@Eldolfin Eldolfin commented Apr 2, 2026

Copy link
Copy Markdown
Contributor

Motivation

There is no rust weblog yet so it doesn't show in the feature parity dashboard.

At this point, all tests from the TRACE_STATS_COMPUTATION scenario passes. TODO: mark all other endtoend tests as XFAIL in manifest

Changes

Workflow

  1. ⚠️ Create your PR as draft ⚠️
  2. Work on you PR until the CI passes
  3. Mark it as ready for review
    • Test logic is modified? -> Get a review from RFC owner.
    • Framework is modified, or non obvious usage of it -> get a review from R&P team

🚀 Once your PR is reviewed and the CI green, you can merge it!

🛟 #apm-shared-testing 🛟

Reviewer checklist

  • Anything but tests/ or manifests/ is modified ? I have the approval from R&P team
  • A docker base image is modified?
    • the relevant build-XXX-image label is present
  • A scenario is added, removed or renamed?

@github-actions

github-actions Bot commented Apr 2, 2026

Copy link
Copy Markdown
Contributor

CODEOWNERS have been resolved as:

utils/build/docker/rust/axum.Dockerfile                                 @DataDog/apm-rust @DataDog/system-tests-core
utils/build/docker/rust/axum/Cargo.lock                                 @DataDog/apm-rust @DataDog/system-tests-core
utils/build/docker/rust/axum/Cargo.toml                                 @DataDog/apm-rust @DataDog/system-tests-core
utils/build/docker/rust/axum/app.sh                                     @DataDog/apm-rust @DataDog/system-tests-core
utils/build/docker/rust/axum/src/main.rs                                @DataDog/apm-rust @DataDog/system-tests-core
utils/build/docker/rust/axum/system_tests_library_version.sh            @DataDog/apm-rust @DataDog/system-tests-core
.github/workflows/nightly.yml                                           @DataDog/system-tests-core
.gitignore                                                              @DataDog/system-tests-core
manifests/rust.yml                                                      @DataDog/apm-rust
tests/schemas/utils/library/v0.7/config-request.json                    @DataDog/system-tests-core
utils/build/docker/rust/install_ddtrace.sh                              @DataDog/apm-rust @DataDog/system-tests-core

@Eldolfin Eldolfin changed the title wip rust weblog init rust weblog Apr 2, 2026
@Eldolfin Eldolfin requested a review from Copilot April 2, 2026 11:37
@Eldolfin

Eldolfin commented Apr 2, 2026

Copy link
Copy Markdown
Contributor Author

@codex review

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR introduces the initial Rust weblog implementation using the Axum web framework. The weblog is designed to provide OpenTelemetry tracing and metrics support for system tests, addressing the gap where no Rust implementation existed to show in the feature parity dashboard.

Changes:

  • Implements a new Rust weblog application with Axum framework supporting tracing, metrics, and multiple test endpoints (/, /healthcheck, /stats-unique, /rasp/sqli, /make_distant_call)
  • Creates Docker build infrastructure with multi-stage Dockerfile and build scripts
  • Adds "rust" to the supported languages in the library configuration schema
  • Updates Rust manifest to mark specific tests as irrelevant for the weblog variant

Reviewed changes

Copilot reviewed 7 out of 9 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
utils/build/docker/rust/axum/src/main.rs Main Rust weblog application with OpenTelemetry integration and various test endpoints
utils/build/docker/rust/axum/Cargo.toml Rust project manifest with dependencies for Axum, tracing, and OpenTelemetry
utils/build/docker/rust/axum/Cargo.lock Dependency lock file with all transitive dependencies resolved
utils/build/docker/rust/axum.Dockerfile Multi-stage Docker build configuration for building and running the weblog
utils/build/docker/rust/axum/app.sh Entry point script for the container
utils/build/docker/rust/axum/system_tests_library_version.sh Script to extract library version from Cargo.lock
tests/schemas/utils/library/v0.7/config-request.json Schema update adding "rust" to supported languages list
manifests/rust.yml Test manifest update with specific test expectations
.gitignore Addition of Rust build artifacts to ignore list

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread utils/build/docker/rust/axum/Cargo.toml Outdated
@@ -0,0 +1,2 @@
#!/bin/bash
grep 'name = "datadog-opentelemetry"' ./Cargo.lock -A 1 | grep -Po 'version = "\K.*?(?=")'

Copilot AI Apr 2, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The system_tests_library_version.sh script uses grep -P (Perl-compatible regular expressions), which may not be available in the minimal Debian-based image. The -P flag requires grep to be compiled with PCRE support, which is not guaranteed in slim images. Consider using a more portable approach with standard grep flags or sed.

Suggested change
grep 'name = "datadog-opentelemetry"' ./Cargo.lock -A 1 | grep -Po 'version = "\K.*?(?=")'
grep 'name = "datadog-opentelemetry"' ./Cargo.lock -A 1 | grep 'version = "' | head -n1 | sed -E 's/.*version = "([^"]+)".*/\1/'

Copilot uses AI. Check for mistakes.

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 744e9c9dfa

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread utils/build/docker/rust/axum.Dockerfile Outdated
Comment on lines +20 to +23
libdd-trace-utils = { path = "/binaries/libdatadog/libdd-trace-utils" }
libdd-common = { path = "/binaries/libdatadog/libdd-common" }
libdd-tinybytes = { path = "/binaries/libdatadog/libdd-tinybytes" }
libdd-telemetry = { path = "/binaries/libdatadog/libdd-telemetry" }

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P0 Badge Guard libdatadog patch paths before cargo build

Do not unconditionally patch crates.io to /binaries/libdatadog/* here, because those directories are not present in the normal system-tests build flow (the repo’s binaries/ is typically empty aside from helper files, and Rust dev setup uses rust-load-from-git/dd-trace-rs instead). With these lines present, cargo fails dependency resolution immediately with “failed to read .../Cargo.toml”, so the new rust/axum weblog image cannot build in default CI/local runs.

Useful? React with 👍 / 👎.

@datadog-datadog-prod-us1-2

datadog-datadog-prod-us1-2 Bot commented Apr 2, 2026

Copy link
Copy Markdown

Pipelines  Tests

Fix all issues with BitsAI

⚠️ Warnings

🚦 9 Pipeline jobs failed

Testing the test | System Tests (rust, prod) / End-to-end #1 / axum 1   View in Datadog   GitHub Actions

🧪 10 Tests failed

tests.ai_guard.test_ai_guard_sdk.Test_AIGuardEvent_Tag.test_ai_guard_event[axum] from system_tests_suite   View in Datadog
AssertionError: assert 404 == 200
 +  where 404 = HttpResponse(status_code:404, headers:{'content-length': '0', 'date': 'Wed, 01 Jul 2026 18:32:13 GMT'}, text:).status_code
 +    where HttpResponse(status_code:404, headers:{'content-length': '0', 'date': 'Wed, 01 Jul 2026 18:32:13 GMT'}, text:) = <tests.ai_guard.test_ai_guard_sdk.Test_AIGuardEvent_Tag object at 0x7f33dccd8e00>.r

self = <tests.ai_guard.test_ai_guard_sdk.Test_AIGuardEvent_Tag object at 0x7f33dccd8e00>

    def test_ai_guard_event(self):
        """Test AI Guard sets ai_guard.event:true tag in the local root span of the trace."""
>       assert self.r.status_code == 200
E       AssertionError: assert 404 == 200
...
tests.ai_guard.test_ai_guard_sdk.Test_AIGuardStandalone.test_standalone_keeps_ai_guard_trace[axum] from system_tests_suite   View in Datadog
AssertionError: assert 404 == 200
 +  where 404 = HttpResponse(status_code:404, headers:{'content-length': '0', 'date': 'Wed, 01 Jul 2026 18:34:33 GMT'}, text:).status_code
 +    where HttpResponse(status_code:404, headers:{'content-length': '0', 'date': 'Wed, 01 Jul 2026 18:34:33 GMT'}, text:) = <tests.ai_guard.test_ai_guard_sdk.Test_AIGuardStandalone object at 0x7fb3786d0da0>.r

self = <tests.ai_guard.test_ai_guard_sdk.Test_AIGuardStandalone object at 0x7fb3786d0da0>

    def test_standalone_keeps_ai_guard_trace(self):
>       assert self.r.status_code == 200
E       AssertionError: assert 404 == 200
E        +  where 404 = HttpResponse(status_code:404, headers:{'content-length': '0', 'date': 'Wed, 01 Jul 2026 18:34:33 GMT'}, text:).status_code
...
View all 10 test failures

Testing the test | System Tests (rust, dev) / End-to-end #1 / axum 1   View in Datadog   GitHub Actions

🧪 10 Tests failed

tests.ai_guard.test_ai_guard_sdk.Test_AIGuardEvent_Tag.test_ai_guard_event[axum] from system_tests_suite   View in Datadog
AssertionError: assert 404 == 200
 +  where 404 = HttpResponse(status_code:404, headers:{'content-length': '0', 'date': 'Wed, 01 Jul 2026 18:32:50 GMT'}, text:).status_code
 +    where HttpResponse(status_code:404, headers:{'content-length': '0', 'date': 'Wed, 01 Jul 2026 18:32:50 GMT'}, text:) = <tests.ai_guard.test_ai_guard_sdk.Test_AIGuardEvent_Tag object at 0x7f1c308945c0>.r

self = <tests.ai_guard.test_ai_guard_sdk.Test_AIGuardEvent_Tag object at 0x7f1c308945c0>

    def test_ai_guard_event(self):
        """Test AI Guard sets ai_guard.event:true tag in the local root span of the trace."""
>       assert self.r.status_code == 200
E       AssertionError: assert 404 == 200
...
tests.ai_guard.test_ai_guard_sdk.Test_AIGuardStandalone.test_standalone_keeps_ai_guard_trace[axum] from system_tests_suite   View in Datadog
AssertionError: assert 404 == 200
 +  where 404 = HttpResponse(status_code:404, headers:{'content-length': '0', 'date': 'Wed, 01 Jul 2026 18:35:15 GMT'}, text:).status_code
 +    where HttpResponse(status_code:404, headers:{'content-length': '0', 'date': 'Wed, 01 Jul 2026 18:35:15 GMT'}, text:) = <tests.ai_guard.test_ai_guard_sdk.Test_AIGuardStandalone object at 0x7f3ba438e420>.r

self = <tests.ai_guard.test_ai_guard_sdk.Test_AIGuardStandalone object at 0x7f3ba438e420>

    def test_standalone_keeps_ai_guard_trace(self):
>       assert self.r.status_code == 200
E       AssertionError: assert 404 == 200
E        +  where 404 = HttpResponse(status_code:404, headers:{'content-length': '0', 'date': 'Wed, 01 Jul 2026 18:35:15 GMT'}, text:).status_code
...
View all 10 test failures

Testing the test | System Tests (rust, prod) / End-to-end #2 / axum 2   View in Datadog   GitHub Actions

View all 9 failed jobs.

ℹ️ Info

No other issues found (see more)

❄️ No new flaky tests detected

Useful? React with 👍 / 👎

This comment will be updated automatically if new data arrives.
🔗 Commit SHA: cf7d12e | Docs | Datadog PR Page | Give us feedback!

Eldolfin added 6 commits April 3, 2026 14:12
- Add /headers, /html, /status, /waf (all methods/subpaths), /spans
- Add /identify, /identify-propagate for user tagging
- Add /params/{value}, /sample_rate_route/{i}, /api_security/sampling/{i}
- Add /tag_value/{tag}/{code} with response header passthrough
- Add appsec event tracking: user_login_success/failure, custom_event (v1+v2)
- Add /users, /returnheaders, /requestdownstream, /vulnerablerequestdownstream
- Add /set_cookie, /session/new, /external_request, /external_request/redirect
- Add /inferred-proxy/span-creation, /createextraservice, /login, /signup
- Add /shell_execution, /rasp/lfi, /rasp/ssrf, /rasp/multiple
- Add /e2e_single_span, /e2e_otel_span
- Set _dd.top_level=1 so library interface can match traces to requests
- Set http.url (with sensitive-param scrubbing), http.useragent, http.client_ip
- Extract client IP from multiple headers (x-forwarded-for, x-real-ip, etc.)
- Add http.referrer_hostname from Referer header
- Add uuid and url crates; add multipart feature to axum
…qli, endpoint_fallback)

- Add /sqli with rusqlite in-memory SQLite (unsafe injection for RASP testing)
- Add /endpoint_fallback for API security sampling fallback tests
- Add /rasp/shi (shell injection via sh -c) and /rasp/cmdi (exec without shell)
- Add 12 IAST cookie endpoints (insecure-cookie, no-httponly, no-samesite)
- Add IAST hashing endpoints (deduplicate, multiple_hash, secure, md5)
- Add /iast/hardcoded_secrets/test_insecure
- Add IAST header injection endpoints (exclusion, no-exclusion)
- Add IAST sampling endpoints (sampling-by-route-method-count x3)
- Add 11 IAST source endpoints (parameter, parametername, header, headername,
  cookievalue, cookiename, multipart, body, sql)
- Add 10 IAST SC (security controls) endpoints
- Add rusqlite, md5, sha2 crate dependencies
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants