Skip to content

Enforce size limit on application_monitoring.yaml files #8789

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 26 commits into
base: master
Choose a base branch
from
Draft

Enforce size limit on application_monitoring.yaml files #8789

wants to merge 26 commits into from
+59 −1

Conversation

mtoffl01
Copy link
Contributor

@mtoffl01 mtoffl01 commented May 8, 2025
edited
Loading

What Does This Do

Introduces a file size limit (256 KB) to limit the maximum "hands off" configuration file size that we will read.

Motivation

Protection against corrupted files and maintain performance.
See: RFC

The value (256 KB) was determined by taking the size of a sample "hands off" configuration file with both apm_configuration_default and apm_configuration_rules (phase 1 and phase 2 inputs, respectively), multiplying it by 100 * 2. This value may change, or may become configurable, in the future depending on where phase 2 specifications land.

Additional Notes

Contributor Checklist

Jira ticket: [PROJ-IDENT]

mtoffl01 and others added 22 commits April 10, 2025 12:38
@mtoffl01
migrate CLIHelper to use a Map, parse system properties in key-vals
d112dc7
@mtoffl01
Fix processTemplateVar logic to remove superfluous ':'
3ba99af
@mtoffl01
nits: javadocs
9caeb5d
@mtoffl01
Move writeFileRaw helper to testutils
d0f194b
@mtoffl01
Add YamlParser tests
457c288
@mtoffl01
Revert CLIHelper to use List<String>; lazily load a Map cache for que…
06ae9ac 
…rying key-vals
@mtoffl01
reuse logic for adding to the vm args cache
06712dc
@mtoffl01
apply github suggestions
0a1da8f
@mtoffl01
Move processTemplate yaml helper fns into StableConfigParser, along w…
e106416 
…ith tests
@mtoffl01
Remove changes to CLIHelper; rely on System.getProperty instead
48adeaa
@mtoffl01
optimize: return from processTemplate early if no {{ found
24b8615
@mtoffl01
Add more test coverage to StableConfigParserTest
cc76954
@mtoffl01
Merge branch 'master' into mtoff/scfg_fix
afddf95
@mcculls
Optimize template processing to reduce use of substrings
fc4652c
@mcculls
Introduce constants for repeated strings
e633f26
@mtoffl01
Change UNDEFINED_VALUE to empty string
b5deffd
@mtoffl01
Add log messages for empty environment_variable and process_argument …
9104f0d 
…values in template variable
@mtoffl01
Remove FileUtils and all its references
ecb5a15
@mtoffl01
initial file size limit implementation: phase 1 limit only
62388b3
@mtoffl01
Implement file size limit + tests
7b7dbdd
@mtoffl01
merge wth main, resolve conflicts
b7f224b
@mtoffl01
remove unrelated changes
6bcada2
@mtoffl01 mtoffl01 changed the title Mtoff/scfg file size limit Enforce size limit on application_monitoring.yaml files May 8, 2025
@pr-commenter
Copy link

pr-commenter bot commented May 8, 2025
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master mtoff/scfg_file_size_limit
git_commit_date 1746789389 1748365103
git_commit_sha ad6d5fe 0f77a40
release_version 1.50.0-SNAPSHOT~ad6d5fef42 1.50.0-SNAPSHOT~0f77a40332
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1748368012 1748368012
ci_job_id 956199236 956199236
ci_pipeline_id 66226136 66226136
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-qshkhgbg-project-304-concurrent-2-xp0zs29p 6.8.0-1029-aws #31~22.04.1-Ubuntu SMP Thu Apr 24 21:16:18 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-qshkhgbg-project-304-concurrent-2-xp0zs29p 6.8.0-1029-aws #31~22.04.1-Ubuntu SMP Thu Apr 24 21:16:18 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module Agent Agent
parent None None
variant iast iast

Summary

Found 3 performance improvements and 1 performance regressions! Performance is the same for 51 metrics, 16 unstable metrics.

scenario Δ mean execution_time candidate mean execution_time baseline mean execution_time
scenario:startup:petclinic:profiling:ProfilingAgent better
[-7.366ms; -2.930ms] or [-6.763%; -2.690%]		 103.762ms 108.910ms
scenario:startup:petclinic:profiling:GlobalTracer better
[-19.671ms; -15.317ms] or [-5.205%; -4.053%]		 360.458ms 377.952ms
scenario:startup:petclinic:profiling:AppSec worse
[+6.190ms; +9.390ms] or [+11.420%; +17.323%]		 61.994ms 54.204ms
scenario:startup:petclinic:profiling:Profiling better
[-7.368ms; -2.932ms] or [-6.764%; -2.691%]		 103.786ms 108.936ms
Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.50.0-SNAPSHOT~0f77a40332, baseline=1.50.0-SNAPSHOT~ad6d5fef42

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.02 s) : 0, 1020017
Total [baseline] (8.659 s) : 0, 8659001
Agent [candidate] (1.02 s) : 0, 1019769
Total [candidate] (8.674 s) : 0, 8673967
section iast
Agent [baseline] (1.157 s) : 0, 1157041
Total [baseline] (9.284 s) : 0, 9283544
Agent [candidate] (1.16 s) : 0, 1160129
Total [candidate] (9.253 s) : 0, 9252893
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.158 s) : 0, 1157562
Total [baseline] (9.217 s) : 0, 9216712
Agent [candidate] (1.151 s) : 0, 1150933
Total [candidate] (9.195 s) : 0, 9195444
section iast_TELEMETRY_OFF
Agent [baseline] (1.146 s) : 0, 1145959
Total [baseline] (9.244 s) : 0, 9244364
Agent [candidate] (1.147 s) : 0, 1147165
Total [candidate] (9.169 s) : 0, 9168639
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.02 s -
Agent iast 1.157 s 137.024 ms (13.4%)
Agent iast_HARDCODED_SECRET_DISABLED 1.158 s 137.545 ms (13.5%)
Agent iast_TELEMETRY_OFF 1.146 s 125.942 ms (12.3%)
Total tracing 8.659 s -
Total iast 9.284 s 624.544 ms (7.2%)
Total iast_HARDCODED_SECRET_DISABLED 9.217 s 557.712 ms (6.4%)
Total iast_TELEMETRY_OFF 9.244 s 585.363 ms (6.8%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.02 s -
Agent iast 1.16 s 140.359 ms (13.8%)
Agent iast_HARDCODED_SECRET_DISABLED 1.151 s 131.164 ms (12.9%)
Agent iast_TELEMETRY_OFF 1.147 s 127.395 ms (12.5%)
Total tracing 8.674 s -
Total iast 9.253 s 578.927 ms (6.7%)
Total iast_HARDCODED_SECRET_DISABLED 9.195 s 521.477 ms (6.0%)
Total iast_TELEMETRY_OFF 9.169 s 494.672 ms (5.7%) 
gantt
    title insecure-bank - break down per module: candidate=1.50.0-SNAPSHOT~0f77a40332, baseline=1.50.0-SNAPSHOT~ad6d5fef42

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (682.156 ms) : 0, 682156
BytebuddyAgent [candidate] (682.676 ms) : 0, 682676
GlobalTracer [baseline] (239.642 ms) : 0, 239642
GlobalTracer [candidate] (240.651 ms) : 0, 240651
AppSec [baseline] (54.552 ms) : 0, 54552
AppSec [candidate] (54.665 ms) : 0, 54665
Debugger [baseline] (9.027 ms) : 0, 9027
Debugger [candidate] (7.633 ms) : 0, 7633
Remote Config [baseline] (714.72 µs) : 0, 715
Remote Config [candidate] (714.973 µs) : 0, 715
Telemetry [baseline] (10.481 ms) : 0, 10481
Telemetry [candidate] (9.943 ms) : 0, 9943
section iast
BytebuddyAgent [baseline] (806.901 ms) : 0, 806901
BytebuddyAgent [candidate] (810.209 ms) : 0, 810209
GlobalTracer [baseline] (232.456 ms) : 0, 232456
GlobalTracer [candidate] (232.463 ms) : 0, 232463
AppSec [baseline] (50.669 ms) : 0, 50669
AppSec [candidate] (48.95 ms) : 0, 48950
Debugger [baseline] (5.974 ms) : 0, 5974
Debugger [candidate] (6.032 ms) : 0, 6032
Remote Config [baseline] (611.265 µs) : 0, 611
Remote Config [candidate] (611.966 µs) : 0, 612
Telemetry [baseline] (7.98 ms) : 0, 7980
Telemetry [candidate] (7.998 ms) : 0, 7998
IAST [baseline] (28.848 ms) : 0, 28848
IAST [candidate] (30.131 ms) : 0, 30131
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (808.637 ms) : 0, 808637
BytebuddyAgent [candidate] (802.772 ms) : 0, 802772
GlobalTracer [baseline] (231.873 ms) : 0, 231873
GlobalTracer [candidate] (231.299 ms) : 0, 231299
AppSec [baseline] (47.821 ms) : 0, 47821
AppSec [candidate] (50.439 ms) : 0, 50439
Debugger [baseline] (5.969 ms) : 0, 5969
Debugger [candidate] (6.005 ms) : 0, 6005
Remote Config [baseline] (615.944 µs) : 0, 616
Remote Config [candidate] (622.107 µs) : 0, 622
Telemetry [baseline] (7.96 ms) : 0, 7960
Telemetry [candidate] (7.915 ms) : 0, 7915
IAST [baseline] (31.053 ms) : 0, 31053
IAST [candidate] (28.31 ms) : 0, 28310
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (799.008 ms) : 0, 799008
BytebuddyAgent [candidate] (798.033 ms) : 0, 798033
GlobalTracer [baseline] (230.678 ms) : 0, 230678
GlobalTracer [candidate] (232.265 ms) : 0, 232265
AppSec [baseline] (54.41 ms) : 0, 54410
AppSec [candidate] (56.221 ms) : 0, 56221
Debugger [baseline] (5.98 ms) : 0, 5980
Debugger [candidate] (5.97 ms) : 0, 5970
Remote Config [baseline] (600.846 µs) : 0, 601
Remote Config [candidate] (610.54 µs) : 0, 611
Telemetry [baseline] (7.771 ms) : 0, 7771
Telemetry [candidate] (7.821 ms) : 0, 7821
IAST [baseline] (24.003 ms) : 0, 24003
IAST [candidate] (22.642 ms) : 0, 22642
Loading
Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.50.0-SNAPSHOT~0f77a40332, baseline=1.50.0-SNAPSHOT~ad6d5fef42

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.024 s) : 0, 1024095
Total [baseline] (10.517 s) : 0, 10516902
Agent [candidate] (1.021 s) : 0, 1021125
Total [candidate] (10.446 s) : 0, 10446188
section appsec
Agent [baseline] (1.168 s) : 0, 1168197
Total [baseline] (10.744 s) : 0, 10743536
Agent [candidate] (1.162 s) : 0, 1161547
Total [candidate] (10.699 s) : 0, 10698560
section iast
Agent [baseline] (1.171 s) : 0, 1171352
Total [baseline] (10.954 s) : 0, 10953680
Agent [candidate] (1.149 s) : 0, 1149150
Total [candidate] (10.895 s) : 0, 10895495
section profiling
Agent [baseline] (1.28 s) : 0, 1279705
Total [baseline] (10.869 s) : 0, 10869102
Agent [candidate] (1.269 s) : 0, 1268556
Total [candidate] (10.868 s) : 0, 10867999
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.024 s -
Agent appsec 1.168 s 144.102 ms (14.1%)
Agent iast 1.171 s 147.258 ms (14.4%)
Agent profiling 1.28 s 255.61 ms (25.0%)
Total tracing 10.517 s -
Total appsec 10.744 s 226.634 ms (2.2%)
Total iast 10.954 s 436.779 ms (4.2%)
Total profiling 10.869 s 352.2 ms (3.3%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.021 s -
Agent appsec 1.162 s 140.422 ms (13.8%)
Agent iast 1.149 s 128.025 ms (12.5%)
Agent profiling 1.269 s 247.431 ms (24.2%)
Total tracing 10.446 s -
Total appsec 10.699 s 252.372 ms (2.4%)
Total iast 10.895 s 449.307 ms (4.3%)
Total profiling 10.868 s 421.81 ms (4.0%) 
gantt
    title petclinic - break down per module: candidate=1.50.0-SNAPSHOT~0f77a40332, baseline=1.50.0-SNAPSHOT~ad6d5fef42

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (687.224 ms) : 0, 687224
BytebuddyAgent [candidate] (684.358 ms) : 0, 684358
GlobalTracer [baseline] (240.893 ms) : 0, 240893
GlobalTracer [candidate] (240.525 ms) : 0, 240525
AppSec [baseline] (54.757 ms) : 0, 54757
AppSec [candidate] (54.605 ms) : 0, 54605
Debugger [baseline] (6.261 ms) : 0, 6261
Debugger [candidate] (7.613 ms) : 0, 7613
Remote Config [baseline] (727.722 µs) : 0, 728
Remote Config [candidate] (716.691 µs) : 0, 717
Telemetry [baseline] (10.657 ms) : 0, 10657
Telemetry [candidate] (9.802 ms) : 0, 9802
section appsec
BytebuddyAgent [baseline] (705.153 ms) : 0, 705153
BytebuddyAgent [candidate] (701.058 ms) : 0, 701058
GlobalTracer [baseline] (238.127 ms) : 0, 238127
GlobalTracer [candidate] (236.965 ms) : 0, 236965
AppSec [baseline] (176.185 ms) : 0, 176185
AppSec [candidate] (174.854 ms) : 0, 174854
Debugger [baseline] (6.007 ms) : 0, 6007
Debugger [candidate] (5.943 ms) : 0, 5943
Remote Config [baseline] (627.544 µs) : 0, 628
Remote Config [candidate] (627.137 µs) : 0, 627
Telemetry [baseline] (7.444 ms) : 0, 7444
Telemetry [candidate] (7.76 ms) : 0, 7760
IAST [baseline] (21.939 ms) : 0, 21939
IAST [candidate] (21.653 ms) : 0, 21653
section iast
BytebuddyAgent [baseline] (818.66 ms) : 0, 818660
BytebuddyAgent [candidate] (801.905 ms) : 0, 801905
GlobalTracer [baseline] (234.011 ms) : 0, 234011
GlobalTracer [candidate] (230.784 ms) : 0, 230784
AppSec [baseline] (52.887 ms) : 0, 52887
AppSec [candidate] (48.423 ms) : 0, 48423
Debugger [baseline] (5.99 ms) : 0, 5990
Debugger [candidate] (5.92 ms) : 0, 5920
Remote Config [baseline] (599.271 µs) : 0, 599
Remote Config [candidate] (590.715 µs) : 0, 591
Telemetry [baseline] (8.105 ms) : 0, 8105
Telemetry [candidate] (7.918 ms) : 0, 7918
IAST [baseline] (26.48 ms) : 0, 26480
IAST [candidate] (29.31 ms) : 0, 29310
section profiling
BytebuddyAgent [baseline] (673.285 ms) : 0, 673285
BytebuddyAgent [candidate] (676.106 ms) : 0, 676106
GlobalTracer [baseline] (377.952 ms) : 0, 377952
GlobalTracer [candidate] (360.458 ms) : 0, 360458
AppSec [baseline] (54.204 ms) : 0, 54204
AppSec [candidate] (61.994 ms) : 0, 61994
Debugger [baseline] (6.137 ms) : 0, 6137
Debugger [candidate] (6.231 ms) : 0, 6231
Remote Config [baseline] (645.736 µs) : 0, 646
Remote Config [candidate] (669.924 µs) : 0, 670
Telemetry [baseline] (8.038 ms) : 0, 8038
Telemetry [candidate] (8.283 ms) : 0, 8283
ProfilingAgent [baseline] (108.91 ms) : 0, 108910
ProfilingAgent [candidate] (103.762 ms) : 0, 103762
Profiling [baseline] (108.936 ms) : 0, 108936
Profiling [candidate] (103.786 ms) : 0, 103786
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2025-05-27T17:15:13 2025-05-27T17:22:58
git_branch master mtoff/scfg_file_size_limit
git_commit_date 1746789389 1748365103
git_commit_sha ad6d5fe 0f77a40
release_version 1.50.0-SNAPSHOT~ad6d5fef42 1.50.0-SNAPSHOT~0f77a40332
start_time 2025-05-27T17:14:59 2025-05-27T17:22:44
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1748366976 1748366976
ci_job_id 956199237 956199237
ci_pipeline_id 66226136 66226136
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-dtsgutkg-project-304-concurrent-0-s493fgkl 6.8.0-1029-aws #31~22.04.1-Ubuntu SMP Thu Apr 24 21:16:18 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-dtsgutkg-project-304-concurrent-0-s493fgkl 6.8.0-1029-aws #31~22.04.1-Ubuntu SMP Thu Apr 24 21:16:18 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
variant iast iast

Summary

Found 1 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 18 unstable metrics.

scenario Δ mean http_req_duration Δ mean throughput candidate mean http_req_duration candidate mean throughput baseline mean http_req_duration baseline mean throughput
scenario:load:petclinic:profiling better
[-106.342µs; -53.523µs] or [-6.785%; -3.415%]		 unstable
[-298.293op/s; +772.367op/s] or [-10.067%; +26.067%]		 1.487ms 3200.000op/s 1.567ms 2962.963op/s
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.50.0-SNAPSHOT~0f77a40332, baseline=1.50.0-SNAPSHOT~ad6d5fef42
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.362 ms) : 1342, 1381
.   : milestone, 1362,
appsec (1.731 ms) : 1708, 1754
.   : milestone, 1731,
appsec_no_iast (1.718 ms) : 1695, 1741
.   : milestone, 1718,
code_origins (1.669 ms) : 1642, 1696
.   : milestone, 1669,
iast (1.513 ms) : 1490, 1537
.   : milestone, 1513,
profiling (1.567 ms) : 1542, 1593
.   : milestone, 1567,
tracing (1.494 ms) : 1469, 1519
.   : milestone, 1494,
section candidate
no_agent (1.351 ms) : 1332, 1371
.   : milestone, 1351,
appsec (1.733 ms) : 1710, 1756
.   : milestone, 1733,
appsec_no_iast (1.733 ms) : 1710, 1756
.   : milestone, 1733,
code_origins (1.671 ms) : 1644, 1698
.   : milestone, 1671,
iast (1.51 ms) : 1486, 1534
.   : milestone, 1510,
profiling (1.487 ms) : 1464, 1511
.   : milestone, 1487,
tracing (1.506 ms) : 1481, 1531
.   : milestone, 1506,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.362 ms [1.342 ms, 1.381 ms] -
appsec 1.731 ms [1.708 ms, 1.754 ms] 369.014 µs (27.1%)
appsec_no_iast 1.718 ms [1.695 ms, 1.741 ms] 356.184 µs (26.2%)
code_origins 1.669 ms [1.642 ms, 1.696 ms] 307.397 µs (22.6%)
iast 1.513 ms [1.49 ms, 1.537 ms] 151.631 µs (11.1%)
profiling 1.567 ms [1.542 ms, 1.593 ms] 205.462 µs (15.1%)
tracing 1.494 ms [1.469 ms, 1.519 ms] 132.219 µs (9.7%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.351 ms [1.332 ms, 1.371 ms] -
appsec 1.733 ms [1.71 ms, 1.756 ms] 381.518 µs (28.2%)
appsec_no_iast 1.733 ms [1.71 ms, 1.756 ms] 381.86 µs (28.3%)
code_origins 1.671 ms [1.644 ms, 1.698 ms] 319.536 µs (23.6%)
iast 1.51 ms [1.486 ms, 1.534 ms] 158.733 µs (11.7%)
profiling 1.487 ms [1.464 ms, 1.511 ms] 136.022 µs (10.1%)
tracing 1.506 ms [1.481 ms, 1.531 ms] 154.318 µs (11.4%)
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.50.0-SNAPSHOT~0f77a40332, baseline=1.50.0-SNAPSHOT~ad6d5fef42
    dateFormat X
    axisFormat %s
section baseline
no_agent (382.812 µs) : 363, 403
.   : milestone, 383,
iast (516.221 µs) : 494, 539
.   : milestone, 516,
iast_FULL (734.042 µs) : 712, 757
.   : milestone, 734,
iast_GLOBAL (556.782 µs) : 535, 578
.   : milestone, 557,
iast_HARDCODED_SECRET_DISABLED (528.052 µs) : 505, 551
.   : milestone, 528,
iast_INACTIVE (470.771 µs) : 447, 494
.   : milestone, 471,
iast_TELEMETRY_OFF (515.199 µs) : 492, 538
.   : milestone, 515,
tracing (459.82 µs) : 438, 482
.   : milestone, 460,
section candidate
no_agent (377.994 µs) : 358, 398
.   : milestone, 378,
iast (519.981 µs) : 498, 542
.   : milestone, 520,
iast_FULL (731.508 µs) : 709, 754
.   : milestone, 732,
iast_GLOBAL (565.638 µs) : 543, 588
.   : milestone, 566,
iast_HARDCODED_SECRET_DISABLED (524.276 µs) : 501, 547
.   : milestone, 524,
iast_INACTIVE (465.415 µs) : 443, 488
.   : milestone, 465,
iast_TELEMETRY_OFF (499.51 µs) : 476, 523
.   : milestone, 500,
tracing (457.545 µs) : 435, 480
.   : milestone, 458,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 382.812 µs [363.06 µs, 402.563 µs] -
iast 516.221 µs [493.823 µs, 538.619 µs] 133.41 µs (34.8%)
iast_FULL 734.042 µs [711.545 µs, 756.539 µs] 351.23 µs (91.8%)
iast_GLOBAL 556.782 µs [535.189 µs, 578.375 µs] 173.97 µs (45.4%)
iast_HARDCODED_SECRET_DISABLED 528.052 µs [504.895 µs, 551.209 µs] 145.24 µs (37.9%)
iast_INACTIVE 470.771 µs [447.334 µs, 494.207 µs] 87.959 µs (23.0%)
iast_TELEMETRY_OFF 515.199 µs [491.941 µs, 538.457 µs] 132.388 µs (34.6%)
tracing 459.82 µs [437.568 µs, 482.072 µs] 77.008 µs (20.1%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 377.994 µs [358.31 µs, 397.677 µs] -
iast 519.981 µs [498.345 µs, 541.618 µs] 141.988 µs (37.6%)
iast_FULL 731.508 µs [709.494 µs, 753.522 µs] 353.514 µs (93.5%)
iast_GLOBAL 565.638 µs [543.281 µs, 587.995 µs] 187.645 µs (49.6%)
iast_HARDCODED_SECRET_DISABLED 524.276 µs [501.215 µs, 547.337 µs] 146.282 µs (38.7%)
iast_INACTIVE 465.415 µs [442.816 µs, 488.013 µs] 87.421 µs (23.1%)
iast_TELEMETRY_OFF 499.51 µs [476.251 µs, 522.769 µs] 121.517 µs (32.1%)
tracing 457.545 µs [435.44 µs, 479.651 µs] 79.552 µs (21.0%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master mtoff/scfg_file_size_limit
git_commit_date 1746789389 1748365103
git_commit_sha ad6d5fe 0f77a40
release_version 1.50.0-SNAPSHOT~ad6d5fef42 1.50.0-SNAPSHOT~0f77a40332
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1748367478 1748367478
ci_job_id 956199238 956199238
ci_pipeline_id 66226136 66226136
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-8t2n4jps-project-304-concurrent-1-rp5yzhr6 6.8.0-1029-aws #31~22.04.1-Ubuntu SMP Thu Apr 24 21:16:18 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-8t2n4jps-project-304-concurrent-1-rp5yzhr6 6.8.0-1029-aws #31~22.04.1-Ubuntu SMP Thu Apr 24 21:16:18 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
variant appsec appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.50.0-SNAPSHOT~0f77a40332, baseline=1.50.0-SNAPSHOT~ad6d5fef42
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.48 ms) : 1469, 1492
.   : milestone, 1480,
appsec (2.408 ms) : 2359, 2457
.   : milestone, 2408,
iast (2.187 ms) : 2125, 2249
.   : milestone, 2187,
iast_GLOBAL (2.232 ms) : 2170, 2294
.   : milestone, 2232,
profiling (2.046 ms) : 1995, 2096
.   : milestone, 2046,
tracing (2.009 ms) : 1961, 2056
.   : milestone, 2009,
section candidate
no_agent (1.476 ms) : 1465, 1488
.   : milestone, 1476,
appsec (2.425 ms) : 2375, 2475
.   : milestone, 2425,
iast (2.201 ms) : 2138, 2263
.   : milestone, 2201,
iast_GLOBAL (2.225 ms) : 2163, 2288
.   : milestone, 2225,
profiling (2.037 ms) : 1987, 2087
.   : milestone, 2037,
tracing (2.023 ms) : 1975, 2072
.   : milestone, 2023,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.48 ms [1.469 ms, 1.492 ms] -
appsec 2.408 ms [2.359 ms, 2.457 ms] 927.611 µs (62.7%)
iast 2.187 ms [2.125 ms, 2.249 ms] 707.044 µs (47.8%)
iast_GLOBAL 2.232 ms [2.17 ms, 2.294 ms] 751.995 µs (50.8%)
profiling 2.046 ms [1.995 ms, 2.096 ms] 565.33 µs (38.2%)
tracing 2.009 ms [1.961 ms, 2.056 ms] 528.316 µs (35.7%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.476 ms [1.465 ms, 1.488 ms] -
appsec 2.425 ms [2.375 ms, 2.475 ms] 948.533 µs (64.3%)
iast 2.201 ms [2.138 ms, 2.263 ms] 724.565 µs (49.1%)
iast_GLOBAL 2.225 ms [2.163 ms, 2.288 ms] 749.248 µs (50.8%)
profiling 2.037 ms [1.987 ms, 2.087 ms] 561.225 µs (38.0%)
tracing 2.023 ms [1.975 ms, 2.072 ms] 546.971 µs (37.1%)
Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.50.0-SNAPSHOT~0f77a40332, baseline=1.50.0-SNAPSHOT~ad6d5fef42
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.395 s) : 15395000, 15395000
.   : milestone, 15395000,
appsec (15.051 s) : 15051000, 15051000
.   : milestone, 15051000,
iast (18.487 s) : 18487000, 18487000
.   : milestone, 18487000,
iast_GLOBAL (18.07 s) : 18070000, 18070000
.   : milestone, 18070000,
profiling (14.934 s) : 14934000, 14934000
.   : milestone, 14934000,
tracing (14.931 s) : 14931000, 14931000
.   : milestone, 14931000,
section candidate
no_agent (15.551 s) : 15551000, 15551000
.   : milestone, 15551000,
appsec (15.052 s) : 15052000, 15052000
.   : milestone, 15052000,
iast (19.22 s) : 19220000, 19220000
.   : milestone, 19220000,
iast_GLOBAL (18.077 s) : 18077000, 18077000
.   : milestone, 18077000,
profiling (15.635 s) : 15635000, 15635000
.   : milestone, 15635000,
tracing (14.968 s) : 14968000, 14968000
.   : milestone, 14968000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.395 s [15.395 s, 15.395 s] -
appsec 15.051 s [15.051 s, 15.051 s] -344.0 ms (-2.2%)
iast 18.487 s [18.487 s, 18.487 s] 3.092 s (20.1%)
iast_GLOBAL 18.07 s [18.07 s, 18.07 s] 2.675 s (17.4%)
profiling 14.934 s [14.934 s, 14.934 s] -461.0 ms (-3.0%)
tracing 14.931 s [14.931 s, 14.931 s] -464.0 ms (-3.0%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.551 s [15.551 s, 15.551 s] -
appsec 15.052 s [15.052 s, 15.052 s] -499.0 ms (-3.2%)
iast 19.22 s [19.22 s, 19.22 s] 3.669 s (23.6%)
iast_GLOBAL 18.077 s [18.077 s, 18.077 s] 2.526 s (16.2%)
profiling 15.635 s [15.635 s, 15.635 s] 84.0 ms (0.5%)
tracing 14.968 s [14.968 s, 14.968 s] -583.0 ms (-3.7%)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mtoffl01 @mcculls