Skip to content

Push llm event address#3664

Open
estringana wants to merge 16 commits intomasterfrom
estringana/add-openai-integration
Open

Push llm event address#3664
estringana wants to merge 16 commits intomasterfrom
estringana/add-openai-integration

Conversation

@estringana
Copy link
Contributor

@estringana estringana commented Feb 19, 2026

Description

This PR enables appsec capabilities when using openai-php client. The implementation push appsec addresses to the waf and then eventually they are reported to the backend.

More info on RFC: API Endpoints: AI usage

Reviewer checklist

  • Test coverage seems ok.
  • Appropriate labels assigned.

@datadog-official
Copy link

datadog-official bot commented Feb 19, 2026

⚠️ Tests

Fix all issues with BitsAI or with Cursor

⚠️ Warnings

🧪 1028 Tests failed

testSearchPhpBinaries from integration.DDTrace\Tests\Integration\PHPInstallerTest (Datadog) (Fix with Cursor)
Risky Test
phpvfscomposer://tests/vendor/phpunit/phpunit/phpunit:52
testSimplePushAndProcess from laravel-58-test.DDTrace\Tests\Integrations\Laravel\V5_8\QueueTest (Datadog) (Fix with Cursor)
DDTrace\Tests\Integrations\Laravel\V5_8\QueueTest::testSimplePushAndProcess
Test code or tested code printed unexpected output: spanLinksTraceId: 69a1ce380000000085e10a8419472e5f
tid: 69a1ce3800000000
hexProcessTraceId: 85e10a8419472e5f
hexProcessSpanId: a4090723264fe196
processTraceId: 9647003439280369247
processSpanId: 11819986544558596502

phpvfscomposer://tests/vendor/phpunit/phpunit/phpunit:106
testSimplePushAndProcess from laravel-8x-test.DDTrace\Tests\Integrations\Laravel\V8_x\QueueTest (Datadog) (Fix with Cursor)
DDTrace\Tests\Integrations\Laravel\V8_x\QueueTest::testSimplePushAndProcess
Test code or tested code printed unexpected output: spanLinksTraceId: 69a1ce9f0000000099f6eefc357654bf
tid: 69a1ce9f00000000
hexProcessTraceId: 99f6eefc357654bf
hexProcessSpanId: 6121f9218a7fdcbb
processTraceId: 11094317499069912255
processSpanId: 6999149218363333819

phpvfscomposer://tests/vendor/phpunit/phpunit/phpunit:106
View all

ℹ️ Info

❄️ No new flaky tests detected

This comment will be updated automatically if new data arrives.
🔗 Commit SHA: e618728 | Docs | Datadog PR Page | Was this helpful? React with 👍/👎 or give us feedback!

@codecov-commenter
Copy link

codecov-commenter commented Feb 19, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 62.10%. Comparing base (a3409cd) to head (e618728).
⚠️ Report is 5 commits behind head on master.

Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #3664      +/-   ##
==========================================
- Coverage   62.22%   62.10%   -0.12%     
==========================================
  Files         141      141              
  Lines       13352    13352              
  Branches     1746     1746              
==========================================
- Hits         8308     8292      -16     
- Misses       4253     4266      +13     
- Partials      791      794       +3     

see 3 files with indirect coverage changes


Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update a3409cd...e618728. Read the comment docs.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@pr-commenter
Copy link

pr-commenter bot commented Feb 19, 2026

Benchmarks [ tracer ]

Benchmark execution time: 2026-02-27 18:12:24

Comparing candidate commit e618728 in PR branch estringana/add-openai-integration with baseline commit a3409cd in branch master.

Found 4 performance improvements and 27 performance regressions! Performance is the same for 162 metrics, 1 unstable metrics.

scenario:BM_TeaSapiSpindown

  • 🟩 execution_time [-26.057µs; -13.177µs] or [-4.754%; -2.404%]

scenario:ComposerTelemetryBench/benchTelemetryParsing

  • 🟥 mem_peak [+86.936KB; +86.936KB] or [+2.176%; +2.176%]
  • 🟩 execution_time [-1.653µs; -0.747µs] or [-13.116%; -5.931%]

scenario:ContextPropagationBench/benchExtractHeaders128Bit

  • 🟥 mem_peak [+98.648KB; +98.648KB] or [+2.469%; +2.469%]

scenario:ContextPropagationBench/benchExtractHeaders64Bit

  • 🟥 mem_peak [+98.648KB; +98.648KB] or [+2.469%; +2.469%]

scenario:ContextPropagationBench/benchExtractTraceContext128Bit

  • 🟥 mem_peak [+98.648KB; +98.648KB] or [+2.469%; +2.469%]

scenario:ContextPropagationBench/benchExtractTraceContext64Bit

  • 🟥 mem_peak [+98.648KB; +98.648KB] or [+2.469%; +2.469%]

scenario:ContextPropagationBench/benchInject128Bit

  • 🟥 mem_peak [+98.656KB; +98.656KB] or [+2.469%; +2.469%]

scenario:ContextPropagationBench/benchInject64Bit

  • 🟥 mem_peak [+98.656KB; +98.656KB] or [+2.469%; +2.469%]

scenario:HookBench/benchHookOverheadInstallHookOnFunction

  • 🟥 mem_peak [+98.520KB; +98.520KB] or [+2.466%; +2.466%]

scenario:HookBench/benchHookOverheadInstallHookOnMethod

  • 🟥 mem_peak [+98.520KB; +98.520KB] or [+2.466%; +2.466%]

scenario:HookBench/benchHookOverheadTraceFunction

  • 🟥 mem_peak [+107.360KB; +107.360KB] or [+2.417%; +2.417%]

scenario:HookBench/benchHookOverheadTraceMethod

  • 🟥 mem_peak [+107.358KB; +107.361KB] or [+2.383%; +2.383%]

scenario:HookBench/benchWithoutHook

  • 🟥 mem_peak [+98.536KB; +98.536KB] or [+2.467%; +2.467%]

scenario:MessagePackSerializationBench/benchMessagePackSerialization

  • 🟥 mem_peak [+107.360KB; +107.360KB] or [+2.524%; +2.524%]
  • 🟩 execution_time [-10.527µs; -7.813µs] or [-9.355%; -6.944%]

scenario:MessagePackSerializationBench/benchMessagePackSerialization-opcache

  • 🟩 execution_time [-5.963µs; -4.417µs] or [-5.377%; -3.983%]

scenario:PDOBench/benchPDOBaseline

  • 🟥 mem_peak [+107.360KB; +107.360KB] or [+2.662%; +2.662%]

scenario:PHPRedisBench/benchRedisBaseline

  • 🟥 mem_peak [+97.776KB; +97.776KB] or [+2.447%; +2.447%]

scenario:SamplingRuleMatchingBench/benchGlobMatching1

  • 🟥 mem_peak [+101.776KB; +101.776KB] or [+2.548%; +2.548%]

scenario:SamplingRuleMatchingBench/benchGlobMatching2

  • 🟥 mem_peak [+101.776KB; +101.776KB] or [+2.548%; +2.548%]

scenario:SamplingRuleMatchingBench/benchGlobMatching3

  • 🟥 mem_peak [+101.776KB; +101.776KB] or [+2.548%; +2.548%]

scenario:SamplingRuleMatchingBench/benchGlobMatching4

  • 🟥 mem_peak [+101.776KB; +101.776KB] or [+2.548%; +2.548%]

scenario:SamplingRuleMatchingBench/benchRegexMatching1

  • 🟥 mem_peak [+101.776KB; +101.776KB] or [+2.547%; +2.547%]

scenario:SamplingRuleMatchingBench/benchRegexMatching2

  • 🟥 mem_peak [+101.776KB; +101.776KB] or [+2.547%; +2.547%]

scenario:SamplingRuleMatchingBench/benchRegexMatching3

  • 🟥 mem_peak [+101.776KB; +101.776KB] or [+2.547%; +2.547%]

scenario:SamplingRuleMatchingBench/benchRegexMatching4

  • 🟥 mem_peak [+101.776KB; +101.776KB] or [+2.547%; +2.547%]

scenario:SpanBench/benchDatadogAPI

  • 🟥 mem_peak [+100.008KB; +100.008KB] or [+2.503%; +2.503%]

scenario:TraceAnnotationsBench/benchTraceAnnotationOverhead

  • 🟥 mem_peak [+107.354KB; +107.361KB] or [+2.378%; +2.379%]

scenario:TraceFlushBench/benchFlushTrace

  • 🟥 mem_peak [+107.360KB; +107.360KB] or [+2.633%; +2.633%]

scenario:TraceSerializationBench/benchSerializeTrace

  • 🟥 mem_peak [+107.360KB; +107.360KB] or [+2.573%; +2.573%]

@estringana estringana force-pushed the estringana/add-openai-integration branch 2 times, most recently from cff1eed to 1ae39aa Compare February 20, 2026 12:06
@estringana estringana marked this pull request as ready for review February 22, 2026 14:57
@estringana estringana requested review from a team as code owners February 22, 2026 14:57
@estringana estringana force-pushed the estringana/add-openai-integration branch from f363215 to 3fadba0 Compare February 23, 2026 09:55
@estringana estringana force-pushed the estringana/add-openai-integration branch from 3fadba0 to 6028af2 Compare February 23, 2026 09:55
Copy link
Contributor

@cataphract cataphract left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd wait for a production rule to be ready (if it ain't already), update the recommended.json files and then also write an integration test. This would validate the correctness of the address and its parameters.

@estringana
Copy link
Contributor Author

I'd wait for a production rule to be ready (if it ain't already), update the recommended.json files and then also write an integration test. This would validate the correctness of the address and its parameters.

I have the rule https://github.com/DataDog/appsec-event-rules/pull/265 but it's not merged yet. Also we would need to mock the openai library http call. Do we have a system for that already on integration?
@cataphract

@estringana estringana requested a review from a team as a code owner February 25, 2026 16:57
Comment on lines 41 to 43
int getPort() {
PORT
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same effect could be gotten in groovy by not making PORT private (with no access modifiers, it generates setters/getters)

@cataphract
Copy link
Contributor

@codex review

Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 3c92b6746e

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

@estringana estringana force-pushed the estringana/add-openai-integration branch from e713572 to 277957f Compare February 27, 2026 16:21
Copy link
Contributor

@cataphract cataphract left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems better now, pending test success, but see some new comments

};
};

$handleRequestPrehook = fn ($streamed, $operationID, $reportApm, $reportAppsec) => function (\DDTrace\SpanData $span, $args) use ($operationID, $streamed, $reportApm, $reportAppsec, $pushAppsecEvent) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is php 7.4 syntax

);

$handleRequestPrehook = fn ($streamed, $operationID, $reportApm, $reportAppsec) => function (\DDTrace\SpanData $span, $args) use ($operationID, $streamed, $reportApm, $reportAppsec) {
$pushAppsecEvent = static function (bool $reportAppsec, array $args): void {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could just be separate function since it doesn't capture any variable

}

@Container
public static final MockOpenAIServer mockOpenAIServer = new MockOpenAIServer()
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

don't think this should be annotated with @Container

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants