From 92f04526831bc471fca92cc189b6f21d1d3159b6 Mon Sep 17 00:00:00 2001
From: stuart nelson <stuartnelson3@gmail.com>
Date: Thu, 24 Jun 2021 13:32:58 +0200
Subject: [PATCH] add java attacher config (#5483)

* add java attacher config
---
 beater/config/config.go             |  2 +
 beater/config/java_attacher.go      | 60 +++++++++++++++++++++++++++++
 beater/config/java_attacher_test.go | 42 ++++++++++++++++++++
 3 files changed, 104 insertions(+)
 create mode 100644 beater/config/java_attacher.go
 create mode 100644 beater/config/java_attacher_test.go

diff --git a/beater/config/config.go b/beater/config/config.go
index 579b57cd8ba..98ba3dcaa07 100644
--- a/beater/config/config.go
+++ b/beater/config/config.go
@@ -73,6 +73,7 @@ type Config struct {
 	Sampling                  SamplingConfig          `config:"sampling"`
 	DataStreams               DataStreamsConfig       `config:"data_streams"`
 	DefaultServiceEnvironment string                  `config:"default_service_environment"`
+	JavaAttacherConfig        JavaAttacherConfig      `config:"java_attacher"`
 
 	Pipeline string
 
@@ -199,5 +200,6 @@ func DefaultConfig() *Config {
 		Sampling:            defaultSamplingConfig(),
 		DataStreams:         defaultDataStreamsConfig(),
 		AgentAuth:           defaultAgentAuth(),
+		JavaAttacherConfig:  defaultJavaAttacherConfig(),
 	}
 }
diff --git a/beater/config/java_attacher.go b/beater/config/java_attacher.go
new file mode 100644
index 00000000000..caab7c3aaa4
--- /dev/null
+++ b/beater/config/java_attacher.go
@@ -0,0 +1,60 @@
+// Licensed to Elasticsearch B.V. under one or more contributor
+// license agreements. See the NOTICE file distributed with
+// this work for additional information regarding copyright
+// ownership. Elasticsearch B.V. licenses this file to you under
+// the Apache License, Version 2.0 (the "License"); you may
+// not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+package config
+
+import "fmt"
+
+// JavaAttacherConfig holds configuration information for running a java
+// attacher jarfile.
+type JavaAttacherConfig struct {
+	Enabled        bool                `config:"enabled"`
+	DiscoveryRules []map[string]string `config:"discovery_rules"`
+	Config         map[string]string   `config:"config"`
+}
+
+func (j JavaAttacherConfig) setup() error {
+	if !j.Enabled {
+		return nil
+	}
+	for _, rule := range j.DiscoveryRules {
+		if len(rule) != 1 {
+			return fmt.Errorf("unexpected discovery rule format: %v", rule)
+		}
+		for flag := range rule {
+			if _, ok := allowlist[flag]; !ok {
+				return fmt.Errorf("unrecognized discovery rule: %s", rule)
+			}
+		}
+	}
+	return nil
+}
+
+var allowlist = map[string]struct{}{
+	"include-all":   {},
+	"include-pid":   {},
+	"include-main":  {},
+	"include-vmarg": {},
+	"include-user":  {},
+	"exclude-main":  {},
+	"exclude-vmarg": {},
+	"exclude-user":  {},
+}
+
+func defaultJavaAttacherConfig() JavaAttacherConfig {
+	return JavaAttacherConfig{Enabled: false}
+}
diff --git a/beater/config/java_attacher_test.go b/beater/config/java_attacher_test.go
new file mode 100644
index 00000000000..8d43a8ec2a4
--- /dev/null
+++ b/beater/config/java_attacher_test.go
@@ -0,0 +1,42 @@
+// Licensed to Elasticsearch B.V. under one or more contributor
+// license agreements. See the NOTICE file distributed with
+// this work for additional information regarding copyright
+// ownership. Elasticsearch B.V. licenses this file to you under
+// the Apache License, Version 2.0 (the "License"); you may
+// not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+package config
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestJavaAttacherConfig(t *testing.T) {
+	discoveryRules := []map[string]string{
+		map[string]string{"include-pid": "1001"},
+		map[string]string{"include-main": "main.jar"},
+		map[string]string{"include-vmarg": "elastic.apm.agent.attach=true"},
+		map[string]string{"exclude-user": "root"},
+	}
+	config := JavaAttacherConfig{
+		Enabled:        true,
+		DiscoveryRules: discoveryRules,
+	}
+
+	assert.NoError(t, config.setup())
+
+	config.DiscoveryRules = append(discoveryRules, map[string]string{"bogus-flag": "dne"})
+	assert.Error(t, config.setup())
+}