Skip to content

Add dependency on Maven Central deployment to OCI publish jobs #9204

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 19 commits into
base: master
Choose a base branch
from
Open

Add dependency on Maven Central deployment to OCI publish jobs #9204

wants to merge 19 commits into from

Conversation

sarahchen6
Copy link
Contributor

@sarahchen6 sarahchen6 commented Jul 19, 2025
edited
Loading

What Does This Do

OCI publishing jobs (gated by the one-pipeline publishing-gate job) now depend on images to be successfully published to Maven Central before proceeding. This is done through a new verify_maven_central_deployment job.

Motivation

Previously, all OCI-related jobs were triggered as soon as the build step was successful. This gave little buffer between when a release begins and when OCI images are published and enter customer prod environments. The additional dependency added in this PR helps to avoid prematurely publishing OCI images.

Additional Notes

I tested the verify_maven_central_deployment job by hard-coding the VERSION it's checking to our recent release (successful job run) and a non-existent release (failed job run).

Also considered was adding another layer of security by making these publishing jobs manually triggered. However, that's not included in order to keep the release automated.

Contributor Checklist

Jira ticket: [PROJ-IDENT]

@sarahchen6 sarahchen6 added type: enhancement Enhancements and improvements comp: tooling Build & Tooling labels Jul 19, 2025
@pr-commenter
Copy link

pr-commenter bot commented Jul 19, 2025
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master sarahchen6/change-release-job-dependencies
git_commit_date 1753834217 1753835548
git_commit_sha b35e121 fe7374c
release_version 1.51.1-SNAPSHOT~b35e1215b0 1.51.1-SNAPSHOT~fe7374ca56
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1753837348 1753837348
ci_job_id 1054413325 1054413325
ci_pipeline_id 72116691 72116691
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-1-289b52tt 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-1-289b52tt 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module Agent Agent
parent None None

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 46 metrics, 13 unstable metrics.

Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.51.1-SNAPSHOT~fe7374ca56, baseline=1.51.1-SNAPSHOT~b35e1215b0

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.05 s) : 0, 1049687
Total [baseline] (10.781 s) : 0, 10781109
Agent [candidate] (1.042 s) : 0, 1042291
Total [candidate] (10.678 s) : 0, 10677802
section appsec
Agent [baseline] (1.23 s) : 0, 1230195
Total [baseline] (10.843 s) : 0, 10842938
Agent [candidate] (1.221 s) : 0, 1221186
Total [candidate] (10.793 s) : 0, 10793364
section iast
Agent [baseline] (1.175 s) : 0, 1174936
Total [baseline] (10.922 s) : 0, 10922058
Agent [candidate] (1.172 s) : 0, 1172316
Total [candidate] (10.191 s) : 0, 10190922
section profiling
Agent [baseline] (1.191 s) : 0, 1190753
Total [baseline] (10.888 s) : 0, 10888327
Agent [candidate] (1.195 s) : 0, 1194837
Total [candidate] (10.844 s) : 0, 10844020
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.05 s -
Agent appsec 1.23 s 180.508 ms (17.2%)
Agent iast 1.175 s 125.249 ms (11.9%)
Agent profiling 1.191 s 141.066 ms (13.4%)
Total tracing 10.781 s -
Total appsec 10.843 s 61.829 ms (0.6%)
Total iast 10.922 s 140.949 ms (1.3%)
Total profiling 10.888 s 107.217 ms (1.0%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.042 s -
Agent appsec 1.221 s 178.896 ms (17.2%)
Agent iast 1.172 s 130.025 ms (12.5%)
Agent profiling 1.195 s 152.546 ms (14.6%)
Total tracing 10.678 s -
Total appsec 10.793 s 115.562 ms (1.1%)
Total iast 10.191 s -486.879 ms (-4.6%)
Total profiling 10.844 s 166.218 ms (1.6%) 
gantt
    title petclinic - break down per module: candidate=1.51.1-SNAPSHOT~fe7374ca56, baseline=1.51.1-SNAPSHOT~b35e1215b0

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.45 ms) : 0, 1450
crashtracking [candidate] (1.442 ms) : 0, 1442
BytebuddyAgent [baseline] (735.009 ms) : 0, 735009
BytebuddyAgent [candidate] (732.294 ms) : 0, 732294
GlobalTracer [baseline] (243.011 ms) : 0, 243011
GlobalTracer [candidate] (241.835 ms) : 0, 241835
AppSec [baseline] (30.644 ms) : 0, 30644
AppSec [candidate] (30.453 ms) : 0, 30453
Debugger [baseline] (6.074 ms) : 0, 6074
Debugger [candidate] (6.048 ms) : 0, 6048
Remote Config [baseline] (660.517 µs) : 0, 661
Remote Config [candidate] (643.874 µs) : 0, 644
Telemetry [baseline] (11.716 ms) : 0, 11716
Telemetry [candidate] (8.442 ms) : 0, 8442
section appsec
crashtracking [baseline] (1.438 ms) : 0, 1438
crashtracking [candidate] (1.44 ms) : 0, 1440
BytebuddyAgent [baseline] (760.713 ms) : 0, 760713
BytebuddyAgent [candidate] (754.826 ms) : 0, 754826
GlobalTracer [baseline] (236.495 ms) : 0, 236495
GlobalTracer [candidate] (234.589 ms) : 0, 234589
IAST [baseline] (23.807 ms) : 0, 23807
IAST [candidate] (23.528 ms) : 0, 23528
AppSec [baseline] (168.006 ms) : 0, 168006
AppSec [candidate] (168.9 ms) : 0, 168900
Debugger [baseline] (8.757 ms) : 0, 8757
Debugger [candidate] (7.223 ms) : 0, 7223
Remote Config [baseline] (625.357 µs) : 0, 625
Remote Config [candidate] (622.836 µs) : 0, 623
Telemetry [baseline] (9.152 ms) : 0, 9152
Telemetry [candidate] (9.005 ms) : 0, 9005
section iast
crashtracking [baseline] (1.429 ms) : 0, 1429
crashtracking [candidate] (1.426 ms) : 0, 1426
BytebuddyAgent [baseline] (848.342 ms) : 0, 848342
BytebuddyAgent [candidate] (846.169 ms) : 0, 846169
GlobalTracer [baseline] (231.914 ms) : 0, 231914
GlobalTracer [candidate] (231.38 ms) : 0, 231380
IAST [baseline] (29.744 ms) : 0, 29744
IAST [candidate] (28.471 ms) : 0, 28471
AppSec [baseline] (27.968 ms) : 0, 27968
AppSec [candidate] (27.557 ms) : 0, 27557
Debugger [baseline] (5.757 ms) : 0, 5757
Debugger [candidate] (7.695 ms) : 0, 7695
Remote Config [baseline] (602.129 µs) : 0, 602
Remote Config [candidate] (584.836 µs) : 0, 585
Telemetry [baseline] (8.127 ms) : 0, 8127
Telemetry [candidate] (8.035 ms) : 0, 8035
section profiling
crashtracking [baseline] (1.389 ms) : 0, 1389
crashtracking [candidate] (1.408 ms) : 0, 1408
BytebuddyAgent [baseline] (757.808 ms) : 0, 757808
BytebuddyAgent [candidate] (760.774 ms) : 0, 760774
GlobalTracer [baseline] (221.301 ms) : 0, 221301
GlobalTracer [candidate] (222.091 ms) : 0, 222091
AppSec [baseline] (30.23 ms) : 0, 30230
AppSec [candidate] (30.263 ms) : 0, 30263
Debugger [baseline] (6.27 ms) : 0, 6270
Debugger [candidate] (6.297 ms) : 0, 6297
Remote Config [baseline] (664.557 µs) : 0, 665
Remote Config [candidate] (667.925 µs) : 0, 668
Telemetry [baseline] (15.146 ms) : 0, 15146
Telemetry [candidate] (15.815 ms) : 0, 15815
ProfilingAgent [baseline] (108.816 ms) : 0, 108816
ProfilingAgent [candidate] (107.929 ms) : 0, 107929
Profiling [baseline] (109.47 ms) : 0, 109470
Profiling [candidate] (108.587 ms) : 0, 108587
Loading
Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.51.1-SNAPSHOT~fe7374ca56, baseline=1.51.1-SNAPSHOT~b35e1215b0

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.043 s) : 0, 1042686
Total [baseline] (8.599 s) : 0, 8598734
Agent [candidate] (1.043 s) : 0, 1042837
Total [candidate] (8.57 s) : 0, 8569611
section iast
Agent [baseline] (1.181 s) : 0, 1180673
Total [baseline] (9.314 s) : 0, 9314197
Agent [candidate] (1.177 s) : 0, 1177405
Total [candidate] (9.309 s) : 0, 9309398
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.043 s -
Agent iast 1.181 s 137.987 ms (13.2%)
Total tracing 8.599 s -
Total iast 9.314 s 715.462 ms (8.3%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.043 s -
Agent iast 1.177 s 134.568 ms (12.9%)
Total tracing 8.57 s -
Total iast 9.309 s 739.787 ms (8.6%) 
gantt
    title insecure-bank - break down per module: candidate=1.51.1-SNAPSHOT~fe7374ca56, baseline=1.51.1-SNAPSHOT~b35e1215b0

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.425 ms) : 0, 1425
crashtracking [candidate] (1.428 ms) : 0, 1428
BytebuddyAgent [baseline] (730.856 ms) : 0, 730856
BytebuddyAgent [candidate] (729.484 ms) : 0, 729484
GlobalTracer [baseline] (241.372 ms) : 0, 241372
GlobalTracer [candidate] (241.42 ms) : 0, 241420
AppSec [baseline] (30.24 ms) : 0, 30240
AppSec [candidate] (30.293 ms) : 0, 30293
Debugger [baseline] (6.029 ms) : 0, 6029
Debugger [candidate] (6.054 ms) : 0, 6054
Remote Config [baseline] (649.947 µs) : 0, 650
Remote Config [candidate] (644.502 µs) : 0, 645
Telemetry [baseline] (11.216 ms) : 0, 11216
Telemetry [candidate] (12.582 ms) : 0, 12582
section iast
crashtracking [baseline] (1.444 ms) : 0, 1444
crashtracking [candidate] (1.428 ms) : 0, 1428
BytebuddyAgent [baseline] (852.842 ms) : 0, 852842
BytebuddyAgent [candidate] (849.107 ms) : 0, 849107
GlobalTracer [baseline] (231.815 ms) : 0, 231815
GlobalTracer [candidate] (233.352 ms) : 0, 233352
IAST [baseline] (28.604 ms) : 0, 28604
IAST [candidate] (28.542 ms) : 0, 28542
AppSec [baseline] (28.453 ms) : 0, 28453
AppSec [candidate] (29.33 ms) : 0, 29330
Debugger [baseline] (7.679 ms) : 0, 7679
Debugger [candidate] (5.869 ms) : 0, 5869
Remote Config [baseline] (593.929 µs) : 0, 594
Remote Config [candidate] (611.434 µs) : 0, 611
Telemetry [baseline] (8.179 ms) : 0, 8179
Telemetry [candidate] (8.222 ms) : 0, 8222
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master sarahchen6/change-release-job-dependencies
git_commit_date 1753834217 1753835548
git_commit_sha b35e121 fe7374c
release_version 1.51.1-SNAPSHOT~b35e1215b0 1.51.1-SNAPSHOT~fe7374ca56
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1753836947 1753836947
ci_job_id 1054413326 1054413326
ci_pipeline_id 72116691 72116691
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-0-wvll69th 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-0-wvll69th 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 3 performance improvements and 1 performance regressions! Performance is the same for 8 metrics, 12 unstable metrics.

scenario Δ mean http_req_duration Δ mean throughput candidate mean http_req_duration candidate mean throughput baseline mean http_req_duration baseline mean throughput
scenario:load:insecure-bank:tracing:high_load worse
[+155.990µs; +374.231µs] or [+2.143%; +5.142%]		 unstable
[-98.054op/s; +54.179op/s] or [-15.422%; +8.521%]		 7.543ms 613.875op/s 7.278ms 635.812op/s
scenario:load:insecure-bank:profiling:high_load better
[-568.794µs; -249.294µs] or [-6.169%; -2.704%]		 unstable
[-46.493op/s; +92.618op/s] or [-9.235%; +18.397%]		 8.811ms 526.500op/s 9.220ms 503.438op/s
scenario:load:petclinic:appsec:high_load better
[-2.472ms; -1.584ms] or [-5.208%; -3.337%]		 unstable
[-2.519op/s; +11.319op/s] or [-2.555%; +11.482%]		 45.439ms 102.975op/s 47.467ms 98.575op/s
scenario:load:petclinic:iast:high_load better
[-4.267ms; -3.412ms] or [-8.828%; -7.060%]		 unstable
[+1.736op/s; +14.914op/s] or [+1.793%; +15.407%]		 44.492ms 105.125op/s 48.331ms 96.800op/s
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.51.1-SNAPSHOT~fe7374ca56, baseline=1.51.1-SNAPSHOT~b35e1215b0
    dateFormat X
    axisFormat %s
section baseline
no_agent (37.737 ms) : 37434, 38040
.   : milestone, 37737,
appsec (47.467 ms) : 47050, 47884
.   : milestone, 47467,
code_origins (45.449 ms) : 45053, 45845
.   : milestone, 45449,
iast (48.331 ms) : 47926, 48736
.   : milestone, 48331,
profiling (49.013 ms) : 48554, 49472
.   : milestone, 49013,
tracing (45.33 ms) : 44949, 45710
.   : milestone, 45330,
section candidate
no_agent (37.402 ms) : 37106, 37699
.   : milestone, 37402,
appsec (45.439 ms) : 45030, 45847
.   : milestone, 45439,
code_origins (44.547 ms) : 44166, 44928
.   : milestone, 44547,
iast (44.492 ms) : 44103, 44881
.   : milestone, 44492,
profiling (48.17 ms) : 47720, 48619
.   : milestone, 48170,
tracing (45.082 ms) : 44681, 45483
.   : milestone, 45082,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 37.737 ms [37.434 ms, 38.04 ms] -
appsec 47.467 ms [47.05 ms, 47.884 ms] 9.73 ms (25.8%)
code_origins 45.449 ms [45.053 ms, 45.845 ms] 7.712 ms (20.4%)
iast 48.331 ms [47.926 ms, 48.736 ms] 10.594 ms (28.1%)
profiling 49.013 ms [48.554 ms, 49.472 ms] 11.276 ms (29.9%)
tracing 45.33 ms [44.949 ms, 45.71 ms] 7.593 ms (20.1%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 37.402 ms [37.106 ms, 37.699 ms] -
appsec 45.439 ms [45.03 ms, 45.847 ms] 8.036 ms (21.5%)
code_origins 44.547 ms [44.166 ms, 44.928 ms] 7.145 ms (19.1%)
iast 44.492 ms [44.103 ms, 44.881 ms] 7.09 ms (19.0%)
profiling 48.17 ms [47.72 ms, 48.619 ms] 10.767 ms (28.8%)
tracing 45.082 ms [44.681 ms, 45.483 ms] 7.68 ms (20.5%)
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.51.1-SNAPSHOT~fe7374ca56, baseline=1.51.1-SNAPSHOT~b35e1215b0
    dateFormat X
    axisFormat %s
section baseline
no_agent (4.378 ms) : 4326, 4430
.   : milestone, 4378,
iast (9.03 ms) : 8882, 9179
.   : milestone, 9030,
iast_FULL (13.919 ms) : 13645, 14193
.   : milestone, 13919,
iast_GLOBAL (10.085 ms) : 9909, 10261
.   : milestone, 10085,
profiling (9.22 ms) : 9069, 9371
.   : milestone, 9220,
tracing (7.278 ms) : 7181, 7375
.   : milestone, 7278,
section candidate
no_agent (4.377 ms) : 4328, 4426
.   : milestone, 4377,
iast (9.297 ms) : 9146, 9447
.   : milestone, 9297,
iast_FULL (14.136 ms) : 13862, 14411
.   : milestone, 14136,
iast_GLOBAL (10.129 ms) : 9954, 10304
.   : milestone, 10129,
profiling (8.811 ms) : 8665, 8957
.   : milestone, 8811,
tracing (7.543 ms) : 7438, 7648
.   : milestone, 7543,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 4.378 ms [4.326 ms, 4.43 ms] -
iast 9.03 ms [8.882 ms, 9.179 ms] 4.652 ms (106.3%)
iast_FULL 13.919 ms [13.645 ms, 14.193 ms] 9.541 ms (217.9%)
iast_GLOBAL 10.085 ms [9.909 ms, 10.261 ms] 5.707 ms (130.3%)
profiling 9.22 ms [9.069 ms, 9.371 ms] 4.842 ms (110.6%)
tracing 7.278 ms [7.181 ms, 7.375 ms] 2.9 ms (66.2%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 4.377 ms [4.328 ms, 4.426 ms] -
iast 9.297 ms [9.146 ms, 9.447 ms] 4.92 ms (112.4%)
iast_FULL 14.136 ms [13.862 ms, 14.411 ms] 9.76 ms (223.0%)
iast_GLOBAL 10.129 ms [9.954 ms, 10.304 ms] 5.752 ms (131.4%)
profiling 8.811 ms [8.665 ms, 8.957 ms] 4.434 ms (101.3%)
tracing 7.543 ms [7.438 ms, 7.648 ms] 3.166 ms (72.3%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master sarahchen6/change-release-job-dependencies
git_commit_date 1753834217 1753835548
git_commit_sha b35e121 fe7374c
release_version 1.51.1-SNAPSHOT~b35e1215b0 1.51.1-SNAPSHOT~fe7374ca56
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1753837502 1753837502
ci_job_id 1054413327 1054413327
ci_pipeline_id 72116691 72116691
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-1-jc35qta2 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-1-jc35qta2 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 1 unstable metrics.

Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.51.1-SNAPSHOT~fe7374ca56, baseline=1.51.1-SNAPSHOT~b35e1215b0
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.473 ms) : 1462, 1485
.   : milestone, 1473,
appsec (3.692 ms) : 3473, 3911
.   : milestone, 3692,
iast (2.194 ms) : 2131, 2256
.   : milestone, 2194,
iast_GLOBAL (2.247 ms) : 2184, 2311
.   : milestone, 2247,
profiling (2.038 ms) : 1988, 2089
.   : milestone, 2038,
tracing (2.025 ms) : 1976, 2075
.   : milestone, 2025,
section candidate
no_agent (1.477 ms) : 1465, 1488
.   : milestone, 1477,
appsec (3.636 ms) : 3419, 3852
.   : milestone, 3636,
iast (2.203 ms) : 2140, 2266
.   : milestone, 2203,
iast_GLOBAL (2.248 ms) : 2184, 2312
.   : milestone, 2248,
profiling (2.04 ms) : 1990, 2091
.   : milestone, 2040,
tracing (2.013 ms) : 1964, 2061
.   : milestone, 2013,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.473 ms [1.462 ms, 1.485 ms] -
appsec 3.692 ms [3.473 ms, 3.911 ms] 2.219 ms (150.6%)
iast 2.194 ms [2.131 ms, 2.256 ms] 720.445 µs (48.9%)
iast_GLOBAL 2.247 ms [2.184 ms, 2.311 ms] 774.158 µs (52.5%)
profiling 2.038 ms [1.988 ms, 2.089 ms] 564.941 µs (38.3%)
tracing 2.025 ms [1.976 ms, 2.075 ms] 552.23 µs (37.5%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.477 ms [1.465 ms, 1.488 ms] -
appsec 3.636 ms [3.419 ms, 3.852 ms] 2.159 ms (146.2%)
iast 2.203 ms [2.14 ms, 2.266 ms] 726.22 µs (49.2%)
iast_GLOBAL 2.248 ms [2.184 ms, 2.312 ms] 770.957 µs (52.2%)
profiling 2.04 ms [1.99 ms, 2.091 ms] 563.434 µs (38.1%)
tracing 2.013 ms [1.964 ms, 2.061 ms] 535.919 µs (36.3%)
Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.51.1-SNAPSHOT~fe7374ca56, baseline=1.51.1-SNAPSHOT~b35e1215b0
    dateFormat X
    axisFormat %s
section baseline
no_agent (14.924 s) : 14924000, 14924000
.   : milestone, 14924000,
appsec (14.68 s) : 14680000, 14680000
.   : milestone, 14680000,
iast (18.643 s) : 18643000, 18643000
.   : milestone, 18643000,
iast_GLOBAL (18.066 s) : 18066000, 18066000
.   : milestone, 18066000,
profiling (15.146 s) : 15146000, 15146000
.   : milestone, 15146000,
tracing (15.031 s) : 15031000, 15031000
.   : milestone, 15031000,
section candidate
no_agent (15.395 s) : 15395000, 15395000
.   : milestone, 15395000,
appsec (14.821 s) : 14821000, 14821000
.   : milestone, 14821000,
iast (18.984 s) : 18984000, 18984000
.   : milestone, 18984000,
iast_GLOBAL (17.784 s) : 17784000, 17784000
.   : milestone, 17784000,
profiling (15.28 s) : 15280000, 15280000
.   : milestone, 15280000,
tracing (15.059 s) : 15059000, 15059000
.   : milestone, 15059000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 14.924 s [14.924 s, 14.924 s] -
appsec 14.68 s [14.68 s, 14.68 s] -244.0 ms (-1.6%)
iast 18.643 s [18.643 s, 18.643 s] 3.719 s (24.9%)
iast_GLOBAL 18.066 s [18.066 s, 18.066 s] 3.142 s (21.1%)
profiling 15.146 s [15.146 s, 15.146 s] 222.0 ms (1.5%)
tracing 15.031 s [15.031 s, 15.031 s] 107.0 ms (0.7%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.395 s [15.395 s, 15.395 s] -
appsec 14.821 s [14.821 s, 14.821 s] -574.0 ms (-3.7%)
iast 18.984 s [18.984 s, 18.984 s] 3.589 s (23.3%)
iast_GLOBAL 17.784 s [17.784 s, 17.784 s] 2.389 s (15.5%)
profiling 15.28 s [15.28 s, 15.28 s] -115.0 ms (-0.7%)
tracing 15.059 s [15.059 s, 15.059 s] -336.0 ms (-2.2%)

@sarahchen6 sarahchen6 marked this pull request as ready for review July 21, 2025 15:19
@sarahchen6 sarahchen6 requested a review from a team as a code owner July 21, 2025 15:19
@sarahchen6 sarahchen6 requested review from bqbits, randomanderson and erikayasuda and removed request for a team July 21, 2025 15:19
@sarahchen6 sarahchen6 marked this pull request as draft July 21, 2025 17:52
@bqbits bqbits removed their request for review July 21, 2025 19:26
@sarahchen6 sarahchen6 force-pushed the sarahchen6/change-release-job-dependencies branch 6 times, most recently from a7ccd00 to 5e179f7 Compare July 23, 2025 20:48
@sarahchen6 sarahchen6 marked this pull request as ready for review July 23, 2025 21:05
@sarahchen6 sarahchen6 marked this pull request as draft July 28, 2025 15:12
@sarahchen6 sarahchen6 force-pushed the sarahchen6/change-release-job-dependencies branch 2 times, most recently from 5aee06c to ee81d85 Compare July 28, 2025 15:31
sarahchen6
sarahchen6 commented Jul 28, 2025
View reviewed changes
sarahchen6
sarahchen6 commented Jul 28, 2025
View reviewed changes
.gitlab-ci.yml
when: on_success
- when: manual
allow_failure: true

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The publishing-gate job can be manually overridden in case verify_maven_central_deployment fails and we still want to publish OCI images.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this doesn't work as you expect. If verify_maven_central_deploymentfails, publishing-gate won't be runnable, manually or otherwise. There is no simple workaround supported by Gitlab. One option would be a pipeline variable, but then you have to rerun the entire pipeline

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tried testing this by running a test-job with the same parameters as the publishing-gate job (commit here), and the behavior in CI seems like what we want 👀 . Here are the pipeline results where I force verify_maven_central_deployment to fail and am still able to manually run test-job: https://gitlab.ddbuild.io/DataDog/apm-reliability/dd-trace-java/-/pipelines/72112529.

It seems like even if verify_maven_central_deployment fails, we can still manually trigger publishing-gate..? From the docs here, publishing-gate can run as long as verify_maven_central_deployment completes.

@sarahchen6 sarahchen6 marked this pull request as ready for review July 28, 2025 21:42
@sarahchen6 sarahchen6 requested a review from PerfectSlayer July 28, 2025 21:43
PerfectSlayer
PerfectSlayer reviewed Jul 29, 2025
View reviewed changes
Copy link
Contributor

@PerfectSlayer PerfectSlayer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What about checking for the other artefacts too? (ie dd-trace-api and dd-trace-ot)

Otherwise, looking good from LP perspective. I would recommend having review from RP too as I’m no GitLab CI expert 😇

randomanderson
randomanderson requested changes Jul 29, 2025
View reviewed changes
.gitlab-ci.yml Outdated
if curl -s -I "$MAVEN_URL" | grep -q "^HTTP/.* 200"; then
break
fi
sleep $DELAY
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The default unit for sleep is seconds, not minutes. Also, it's not ideal to wait 30 minutes before trying again. i suggest waiting a minute or two and retrying 30 (15) times, maybe with a longer initial delay.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sounds good. The problem is that the job is checking for the images to be published on Maven Central, but after the deploy_to_maven_central job completes, the release engineer can wait any amount of time before manually publishing. I'll guesstimate that they'll publish within five minutes and the artifacts will show up within five minutes after that 🤔

.gitlab-ci.yml
when: on_success
- when: manual
allow_failure: true

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this doesn't work as you expect. If verify_maven_central_deploymentfails, publishing-gate won't be runnable, manually or otherwise. There is no simple workaround supported by Gitlab. One option would be a pipeline variable, but then you have to rerun the entire pipeline

@sarahchen6 sarahchen6 force-pushed the sarahchen6/change-release-job-dependencies branch from 6180035 to 4f1db26 Compare July 29, 2025 22:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@PerfectSlayer PerfectSlayer PerfectSlayer left review comments

@erikayasuda erikayasuda Awaiting requested review from erikayasuda

@randomanderson randomanderson Awaiting requested review from randomanderson

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
comp: tooling Build & Tooling type: enhancement Enhancements and improvements
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@sarahchen6 @PerfectSlayer @randomanderson