From 857a619fb811647c6944b7fe54a763f86a3084d4 Mon Sep 17 00:00:00 2001
From: Federico Mon <federico.mon@datadoghq.com>
Date: Wed, 9 Oct 2024 19:45:14 +0200
Subject: [PATCH] ci: update iast-tdd-propagation suite (#10982)

IAST: Update iast-tdd-propagation suite so it doesn't fail

1. Honor `FLASK_RUN_PORT` env var instead of `8000`
2. Update requests version in asserts

## Checklist
- [x] PR author has checked that all the criteria below are met
- The PR description includes an overview of the change
- The PR description articulates the motivation for the change
- The change includes tests OR the PR description describes a testing
strategy
- The PR description notes risks associated with the change, if any
- Newly-added code is easy to change
- The change follows the [library release note
guidelines](https://ddtrace.readthedocs.io/en/stable/releasenotes.html)
- The change includes or references documentation updates if necessary
- Backport labels are set (if
[applicable](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting))

## Reviewer Checklist
- [x] Reviewer has checked that all the criteria below are met
- Title is accurate
- All changes are related to the pull request's stated goal
- Avoids breaking
[API](https://ddtrace.readthedocs.io/en/stable/versioning.html#interfaces)
changes
- Testing strategy adequately addresses listed risks
- Newly-added code is easy to change
- Release note makes sense to a user of the library
- If necessary, author has acknowledged and discussed the performance
implications of this PR as reported in the benchmarks PR comment
- Backport labels are set in a manner that is consistent with the
[release branch maintenance
policy](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting)
---
 .gitlab/tests/appsec.yml                                   | 1 -
 tests/appsec/iast_tdd_propagation/flask_orm_app.py         | 4 +++-
 tests/appsec/iast_tdd_propagation/flask_propagation_app.py | 6 +++++-
 tests/appsec/iast_tdd_propagation/flask_taint_sinks_app.py | 6 +++++-
 tests/appsec/iast_tdd_propagation/test_flask.py            | 4 ++--
 5 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/.gitlab/tests/appsec.yml b/.gitlab/tests/appsec.yml
index be67ac46e59..7b3667a954b 100644
--- a/.gitlab/tests/appsec.yml
+++ b/.gitlab/tests/appsec.yml
@@ -19,7 +19,6 @@ appsec iast:
 
 appsec iast tdd_propagation:
   extends: .test_base_riot_snapshot
-  allow_failure: true
   parallel: 2
   variables:
     SUITE_NAME: "appsec_iast_tdd_propagation"
diff --git a/tests/appsec/iast_tdd_propagation/flask_orm_app.py b/tests/appsec/iast_tdd_propagation/flask_orm_app.py
index 19c516bebcf..670228f1880 100644
--- a/tests/appsec/iast_tdd_propagation/flask_orm_app.py
+++ b/tests/appsec/iast_tdd_propagation/flask_orm_app.py
@@ -25,6 +25,8 @@
 
 orm = os.getenv("FLASK_ORM", "sqlite")
 
+port = int(os.getenv("FLASK_RUN_PORT", 8000))
+
 orm_impl = importlib.import_module(f"{orm}_impl")
 
 
@@ -94,4 +96,4 @@ def untainted_view():
 
 if __name__ == "__main__":
     ddtrace_iast_flask_patch()
-    app.run(debug=False, port=8000)
+    app.run(debug=False, port=port)
diff --git a/tests/appsec/iast_tdd_propagation/flask_propagation_app.py b/tests/appsec/iast_tdd_propagation/flask_propagation_app.py
index 1c1b23f9fbb..53764dde655 100644
--- a/tests/appsec/iast_tdd_propagation/flask_propagation_app.py
+++ b/tests/appsec/iast_tdd_propagation/flask_propagation_app.py
@@ -1,9 +1,13 @@
+import os
+
 from flask_propagation_views import create_app
 
 from ddtrace import auto  # noqa: F401
 
 
+port = int(os.getenv("FLASK_RUN_PORT", 8000))
+
 app = create_app()
 
 if __name__ == "__main__":
-    app.run(debug=False, port=8000)
+    app.run(debug=False, port=port)
diff --git a/tests/appsec/iast_tdd_propagation/flask_taint_sinks_app.py b/tests/appsec/iast_tdd_propagation/flask_taint_sinks_app.py
index b140a953812..0b8536f1664 100644
--- a/tests/appsec/iast_tdd_propagation/flask_taint_sinks_app.py
+++ b/tests/appsec/iast_tdd_propagation/flask_taint_sinks_app.py
@@ -1,9 +1,13 @@
+import os
+
 from flask_taint_sinks_views import create_app
 
 from ddtrace import auto  # noqa: F401
 
 
+port = int(os.getenv("FLASK_RUN_PORT", 8000))
+
 app = create_app()
 
 if __name__ == "__main__":
-    app.run(debug=False, port=8000)
+    app.run(debug=False, port=port)
diff --git a/tests/appsec/iast_tdd_propagation/test_flask.py b/tests/appsec/iast_tdd_propagation/test_flask.py
index d973831928c..c4422300343 100644
--- a/tests/appsec/iast_tdd_propagation/test_flask.py
+++ b/tests/appsec/iast_tdd_propagation/test_flask.py
@@ -107,8 +107,8 @@ def test_iast_flask_headers():
         assert tainted_response.status_code == 200
         content = json.loads(tainted_response.content)
         assert content["param"] == [
-            ["Host", "0.0.0.0:8000"],
-            ["User-Agent", "python-requests/2.31.0"],
+            ["Host", f"0.0.0.0:{_PORT}"],
+            ["User-Agent", "python-requests/2.32.3"],
             ["Accept-Encoding", "gzip, deflate, br"],
             ["Accept", "*/*"],
             ["Connection", "keep-alive"],