Skip to content

Avoid using GITHUB_TOKEN for PR creation#9288

Merged
sarahchen6 merged 2 commits intomasterfrom
christoph.hamsen/avoid-using-github-token-for-pr-creation
Aug 1, 2025
Merged

Avoid using GITHUB_TOKEN for PR creation#9288
sarahchen6 merged 2 commits intomasterfrom
christoph.hamsen/avoid-using-github-token-for-pr-creation

Conversation

@xopham
Copy link
Copy Markdown
Contributor

@xopham xopham commented Jul 31, 2025

What Does This Do

Motivation

Additional Notes

Contributor Checklist

Jira ticket: [PROJ-IDENT]

@xopham xopham requested a review from a team as a code owner July 31, 2025 21:36
@xopham xopham requested review from AlexeyKuznetsov-DD and removed request for a team July 31, 2025 21:36
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Jul 31, 2025

Hi! 👋 Thanks for your pull request! 🎉

To help us review it, please make sure to:

  • Add at least one type, and one component or instrumentation label to the pull request

If you need help, please check our contributing guidelines.

@xopham xopham marked this pull request as draft July 31, 2025 21:38
@xopham xopham added the tag: no release notes Changes to exclude from release notes label Jul 31, 2025
@xopham xopham marked this pull request as ready for review July 31, 2025 21:44
@xopham xopham changed the title Avoid using GITHUB_TOKEN for PR create Avoid using GITHUB_TOKEN for PR creation Jul 31, 2025
PerfectSlayer
PerfectSlayer reviewed Jul 31, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@PerfectSlayer PerfectSlayer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for helping us to make the transition.

As general comment, it’s missing update-jmxfetch-submodule and add-release-to-cloudfoundry fix.
But overall, the migration will consist of getting rid of ghcommit and replace it with the usual git commands and the new octo-sts way of signing way.

Would you be able to make the overall migration or would you need to pair with someone from my team?

Comment thread .github/workflows/update-gradle-dependencies.yaml
@@ -37,7 +43,7 @@ jobs:
./gradlew resolveAndLockAll --write-locks --parallel --stacktrace --no-daemon --max-workers=4
- name: Commit changes
Copy link
Copy Markdown
Contributor

@PerfectSlayer PerfectSlayer Jul 31, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This whole logic need to be changed. If we can make signed commit, we don’t have to forge commits using ghcommit and can use git instead

This will greatly simplify the workflow

Copy link
Copy Markdown

@avidal avidal Aug 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You cannot make signed commits using git unless you:

  • Have a user account with a verified email address for the committer
  • Have an SSH or GPG public signing key uploaded for that user
  • Have the SSH or GPG private key available in your Action

Using ghcommit (or https://github.com/DataDog/commit-headless which does the same thing) is the better option here.

Copy link
Copy Markdown

@avidal avidal Aug 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The main difference with, eg, commit-headless is that you can just make an unsigned commit locally then pass the commit hash to commit-headless and it'll create it remotely.

Comment thread .github/workflows/update-docker-build-image.yaml
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
GITHUB_TOKEN: ${{ steps.octo-sts.outputs.token }}
run: |
ghcommit --repository ${{ github.repository }} --branch ${{ steps.define-branch.outputs.branch }} --add .gitlab-ci.yml --message "feat(ci): Update Docker build image"
Copy link
Copy Markdown
Contributor

@PerfectSlayer PerfectSlayer Jul 31, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

similarly, it can be replaced by git commands too

@datadog-datadog-prod-us1
Copy link
Copy Markdown
Contributor

datadog-datadog-prod-us1 Bot commented Jul 31, 2025
edited
Loading

Code coverage: total 57.09%, patch 100.00% (view details)

This comment will be updated automatically if new data arrives.
🔗 Commit SHA: b6e54fc | Docs | Was this helpful? Give us feedback!

@pr-commenter
Copy link
Copy Markdown

pr-commenter Bot commented Jul 31, 2025
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master christoph.hamsen/avoid-using-github-token-for-pr-creation
git_commit_date 1754058594 1754058733
git_commit_sha 023e525 b6e54fc
release_version 1.51.1-SNAPSHOT~023e5251a6 1.51.1-SNAPSHOT~b6e54fc9c8
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1754060541 1754060541
ci_job_id 1060190423 1060190423
ci_pipeline_id 72438361 72438361
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-4-pafyctf4 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-4-pafyctf4 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module Agent Agent
parent None None

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 47 metrics, 12 unstable metrics.

Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.51.1-SNAPSHOT~b6e54fc9c8, baseline=1.51.1-SNAPSHOT~023e5251a6

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.042 s) : 0, 1041743
Total [baseline] (10.72 s) : 0, 10720054
Agent [candidate] (1.043 s) : 0, 1043362
Total [candidate] (10.729 s) : 0, 10728962
section appsec
Agent [baseline] (1.218 s) : 0, 1218055
Total [baseline] (10.813 s) : 0, 10812633
Agent [candidate] (1.219 s) : 0, 1218584
Total [candidate] (10.867 s) : 0, 10866588
section iast
Agent [baseline] (1.174 s) : 0, 1173730
Total [baseline] (10.874 s) : 0, 10873642
Agent [candidate] (1.171 s) : 0, 1170938
Total [candidate] (10.845 s) : 0, 10845233
section profiling
Agent [baseline] (1.191 s) : 0, 1191308
Total [baseline] (10.861 s) : 0, 10860595
Agent [candidate] (1.208 s) : 0, 1207504
Total [candidate] (10.923 s) : 0, 10922885
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.042 s -
Agent appsec 1.218 s 176.312 ms (16.9%)
Agent iast 1.174 s 131.988 ms (12.7%)
Agent profiling 1.191 s 149.565 ms (14.4%)
Total tracing 10.72 s -
Total appsec 10.813 s 92.579 ms (0.9%)
Total iast 10.874 s 153.588 ms (1.4%)
Total profiling 10.861 s 140.541 ms (1.3%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.043 s -
Agent appsec 1.219 s 175.222 ms (16.8%)
Agent iast 1.171 s 127.575 ms (12.2%)
Agent profiling 1.208 s 164.141 ms (15.7%)
Total tracing 10.729 s -
Total appsec 10.867 s 137.626 ms (1.3%)
Total iast 10.845 s 116.271 ms (1.1%)
Total profiling 10.923 s 193.923 ms (1.8%) 
gantt
    title petclinic - break down per module: candidate=1.51.1-SNAPSHOT~b6e54fc9c8, baseline=1.51.1-SNAPSHOT~023e5251a6

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.431 ms) : 0, 1431
crashtracking [candidate] (1.444 ms) : 0, 1444
BytebuddyAgent [baseline] (731.378 ms) : 0, 731378
BytebuddyAgent [candidate] (731.829 ms) : 0, 731829
GlobalTracer [baseline] (241.353 ms) : 0, 241353
GlobalTracer [candidate] (241.267 ms) : 0, 241267
AppSec [baseline] (30.033 ms) : 0, 30033
AppSec [candidate] (29.938 ms) : 0, 29938
Debugger [baseline] (6.055 ms) : 0, 6055
Debugger [candidate] (6.036 ms) : 0, 6036
Remote Config [baseline] (653.313 µs) : 0, 653
Remote Config [candidate] (650.172 µs) : 0, 650
Telemetry [baseline] (9.888 ms) : 0, 9888
Telemetry [candidate] (11.204 ms) : 0, 11204
section appsec
crashtracking [baseline] (1.439 ms) : 0, 1439
crashtracking [candidate] (1.423 ms) : 0, 1423
BytebuddyAgent [baseline] (752.275 ms) : 0, 752275
BytebuddyAgent [candidate] (752.349 ms) : 0, 752349
GlobalTracer [baseline] (234.218 ms) : 0, 234218
GlobalTracer [candidate] (234.804 ms) : 0, 234804
AppSec [baseline] (166.591 ms) : 0, 166591
AppSec [candidate] (167.921 ms) : 0, 167921
Debugger [baseline] (10.137 ms) : 0, 10137
Debugger [candidate] (7.93 ms) : 0, 7930
Remote Config [baseline] (625.486 µs) : 0, 625
Remote Config [candidate] (622.814 µs) : 0, 623
Telemetry [baseline] (8.287 ms) : 0, 8287
Telemetry [candidate] (9.015 ms) : 0, 9015
IAST [baseline] (23.49 ms) : 0, 23490
IAST [candidate] (23.547 ms) : 0, 23547
section iast
crashtracking [baseline] (1.437 ms) : 0, 1437
crashtracking [candidate] (1.42 ms) : 0, 1420
BytebuddyAgent [baseline] (847.476 ms) : 0, 847476
BytebuddyAgent [candidate] (846.049 ms) : 0, 846049
GlobalTracer [baseline] (231.605 ms) : 0, 231605
GlobalTracer [candidate] (230.845 ms) : 0, 230845
AppSec [baseline] (25.926 ms) : 0, 25926
AppSec [candidate] (27.388 ms) : 0, 27388
Debugger [baseline] (5.813 ms) : 0, 5813
Debugger [candidate] (6.689 ms) : 0, 6689
Remote Config [baseline] (596.943 µs) : 0, 597
Remote Config [candidate] (580.876 µs) : 0, 581
Telemetry [baseline] (8.159 ms) : 0, 8159
Telemetry [candidate] (8.116 ms) : 0, 8116
IAST [baseline] (31.718 ms) : 0, 31718
IAST [candidate] (28.867 ms) : 0, 28867
section profiling
crashtracking [baseline] (1.391 ms) : 0, 1391
crashtracking [candidate] (1.414 ms) : 0, 1414
BytebuddyAgent [baseline] (759.551 ms) : 0, 759551
BytebuddyAgent [candidate] (769.521 ms) : 0, 769521
GlobalTracer [baseline] (221.329 ms) : 0, 221329
GlobalTracer [candidate] (223.529 ms) : 0, 223529
AppSec [baseline] (29.852 ms) : 0, 29852
AppSec [candidate] (30.496 ms) : 0, 30496
Debugger [baseline] (6.29 ms) : 0, 6290
Debugger [candidate] (6.366 ms) : 0, 6366
Remote Config [baseline] (684.221 µs) : 0, 684
Remote Config [candidate] (705.951 µs) : 0, 706
Telemetry [baseline] (15.804 ms) : 0, 15804
Telemetry [candidate] (16.276 ms) : 0, 16276
ProfilingAgent [baseline] (107.103 ms) : 0, 107103
ProfilingAgent [candidate] (109.154 ms) : 0, 109154
Profiling [baseline] (107.73 ms) : 0, 107730
Profiling [candidate] (109.815 ms) : 0, 109815
Loading
Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.51.1-SNAPSHOT~b6e54fc9c8, baseline=1.51.1-SNAPSHOT~023e5251a6

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.047 s) : 0, 1047230
Total [baseline] (8.596 s) : 0, 8596335
Agent [candidate] (1.043 s) : 0, 1042817
Total [candidate] (8.559 s) : 0, 8558801
section iast
Agent [baseline] (1.174 s) : 0, 1173932
Total [baseline] (9.324 s) : 0, 9323838
Agent [candidate] (1.176 s) : 0, 1175886
Total [candidate] (9.299 s) : 0, 9299330
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.047 s -
Agent iast 1.174 s 126.703 ms (12.1%)
Total tracing 8.596 s -
Total iast 9.324 s 727.504 ms (8.5%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.043 s -
Agent iast 1.176 s 133.069 ms (12.8%)
Total tracing 8.559 s -
Total iast 9.299 s 740.53 ms (8.7%) 
gantt
    title insecure-bank - break down per module: candidate=1.51.1-SNAPSHOT~b6e54fc9c8, baseline=1.51.1-SNAPSHOT~023e5251a6

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.428 ms) : 0, 1428
crashtracking [candidate] (1.422 ms) : 0, 1422
BytebuddyAgent [baseline] (732.4 ms) : 0, 732400
BytebuddyAgent [candidate] (730.039 ms) : 0, 730039
GlobalTracer [baseline] (241.722 ms) : 0, 241722
GlobalTracer [candidate] (241.302 ms) : 0, 241302
AppSec [baseline] (30.052 ms) : 0, 30052
AppSec [candidate] (29.958 ms) : 0, 29958
Debugger [baseline] (6.053 ms) : 0, 6053
Debugger [candidate] (5.998 ms) : 0, 5998
Remote Config [baseline] (641.577 µs) : 0, 642
Remote Config [candidate] (647.798 µs) : 0, 648
Telemetry [baseline] (13.987 ms) : 0, 13987
Telemetry [candidate] (12.551 ms) : 0, 12551
section iast
crashtracking [baseline] (1.439 ms) : 0, 1439
crashtracking [candidate] (1.423 ms) : 0, 1423
BytebuddyAgent [baseline] (848.313 ms) : 0, 848313
BytebuddyAgent [candidate] (849.255 ms) : 0, 849255
GlobalTracer [baseline] (232.408 ms) : 0, 232408
GlobalTracer [candidate] (231.448 ms) : 0, 231448
AppSec [baseline] (25.063 ms) : 0, 25063
AppSec [candidate] (26.31 ms) : 0, 26310
Debugger [baseline] (6.67 ms) : 0, 6670
Debugger [candidate] (6.834 ms) : 0, 6834
Remote Config [baseline] (598.835 µs) : 0, 599
Remote Config [candidate] (598.678 µs) : 0, 599
Telemetry [baseline] (8.049 ms) : 0, 8049
Telemetry [candidate] (8.169 ms) : 0, 8169
IAST [baseline] (30.508 ms) : 0, 30508
IAST [candidate] (30.851 ms) : 0, 30851
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master christoph.hamsen/avoid-using-github-token-for-pr-creation
git_commit_date 1754058594 1754058733
git_commit_sha 023e525 b6e54fc
release_version 1.51.1-SNAPSHOT~023e5251a6 1.51.1-SNAPSHOT~b6e54fc9c8
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1754060215 1754060215
ci_job_id 1060190426 1060190426
ci_pipeline_id 72438361 72438361
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-6-fpienfgq 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-6-fpienfgq 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 3 performance improvements and 1 performance regressions! Performance is the same for 8 metrics, 12 unstable metrics.

scenario Δ mean http_req_duration Δ mean throughput candidate mean http_req_duration candidate mean throughput baseline mean http_req_duration baseline mean throughput
scenario:load:insecure-bank:iast_GLOBAL:high_load better
[-806.671µs; -408.228µs] or [-7.452%; -3.771%]		 unstable
[-29.272op/s; +80.084op/s] or [-6.817%; +18.651%]		 10.217ms 454.781op/s 10.824ms 429.375op/s
scenario:load:petclinic:tracing:high_load worse
[+0.911ms; +1.718ms] or [+2.101%; +3.964%]		 unstable
[-11.703op/s; +2.647op/s] or [-10.712%; +2.422%]		 44.672ms 104.725op/s 43.357ms 109.253op/s
scenario:load:petclinic:code_origins:high_load better
[-3.135ms; -2.302ms] or [-6.795%; -4.990%]		 unstable
[-1.316op/s; +13.941op/s] or [-1.298%; +13.748%]		 43.418ms 107.713op/s 46.137ms 101.400op/s
scenario:load:petclinic:appsec:high_load better
[-2.557ms; -1.661ms] or [-5.253%; -3.412%]		 unstable
[-3.619op/s; +9.784op/s] or [-3.716%; +10.047%]		 46.571ms 100.463op/s 48.680ms 97.380op/s
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.51.1-SNAPSHOT~b6e54fc9c8, baseline=1.51.1-SNAPSHOT~023e5251a6
    dateFormat X
    axisFormat %s
section baseline
no_agent (37.17 ms) : 36878, 37463
.   : milestone, 37170,
appsec (48.68 ms) : 48242, 49117
.   : milestone, 48680,
code_origins (46.137 ms) : 45739, 46535
.   : milestone, 46137,
iast (47.083 ms) : 46674, 47492
.   : milestone, 47083,
profiling (48.862 ms) : 48374, 49350
.   : milestone, 48862,
tracing (43.357 ms) : 42991, 43723
.   : milestone, 43357,
section candidate
no_agent (37.308 ms) : 37012, 37604
.   : milestone, 37308,
appsec (46.571 ms) : 46176, 46965
.   : milestone, 46571,
code_origins (43.418 ms) : 43043, 43794
.   : milestone, 43418,
iast (47.486 ms) : 47076, 47896
.   : milestone, 47486,
profiling (48.063 ms) : 47604, 48521
.   : milestone, 48063,
tracing (44.672 ms) : 44287, 45056
.   : milestone, 44672,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 37.17 ms [36.878 ms, 37.463 ms] -
appsec 48.68 ms [48.242 ms, 49.117 ms] 11.509 ms (31.0%)
code_origins 46.137 ms [45.739 ms, 46.535 ms] 8.967 ms (24.1%)
iast 47.083 ms [46.674 ms, 47.492 ms] 9.912 ms (26.7%)
profiling 48.862 ms [48.374 ms, 49.35 ms] 11.692 ms (31.5%)
tracing 43.357 ms [42.991 ms, 43.723 ms] 6.187 ms (16.6%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 37.308 ms [37.012 ms, 37.604 ms] -
appsec 46.571 ms [46.176 ms, 46.965 ms] 9.263 ms (24.8%)
code_origins 43.418 ms [43.043 ms, 43.794 ms] 6.111 ms (16.4%)
iast 47.486 ms [47.076 ms, 47.896 ms] 10.178 ms (27.3%)
profiling 48.063 ms [47.604 ms, 48.521 ms] 10.755 ms (28.8%)
tracing 44.672 ms [44.287 ms, 45.056 ms] 7.364 ms (19.7%)
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.51.1-SNAPSHOT~b6e54fc9c8, baseline=1.51.1-SNAPSHOT~023e5251a6
    dateFormat X
    axisFormat %s
section baseline
no_agent (4.352 ms) : 4298, 4406
.   : milestone, 4352,
iast (9.511 ms) : 9355, 9667
.   : milestone, 9511,
iast_FULL (14.343 ms) : 14053, 14633
.   : milestone, 14343,
iast_GLOBAL (10.824 ms) : 10633, 11016
.   : milestone, 10824,
profiling (8.625 ms) : 8494, 8755
.   : milestone, 8625,
tracing (7.667 ms) : 7558, 7776
.   : milestone, 7667,
section candidate
no_agent (4.347 ms) : 4299, 4396
.   : milestone, 4347,
iast (9.619 ms) : 9454, 9784
.   : milestone, 9619,
iast_FULL (13.925 ms) : 13652, 14199
.   : milestone, 13925,
iast_GLOBAL (10.217 ms) : 10039, 10395
.   : milestone, 10217,
profiling (8.551 ms) : 8421, 8680
.   : milestone, 8551,
tracing (7.875 ms) : 7764, 7987
.   : milestone, 7875,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 4.352 ms [4.298 ms, 4.406 ms] -
iast 9.511 ms [9.355 ms, 9.667 ms] 5.159 ms (118.5%)
iast_FULL 14.343 ms [14.053 ms, 14.633 ms] 9.991 ms (229.6%)
iast_GLOBAL 10.824 ms [10.633 ms, 11.016 ms] 6.473 ms (148.7%)
profiling 8.625 ms [8.494 ms, 8.755 ms] 4.273 ms (98.2%)
tracing 7.667 ms [7.558 ms, 7.776 ms] 3.315 ms (76.2%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 4.347 ms [4.299 ms, 4.396 ms] -
iast 9.619 ms [9.454 ms, 9.784 ms] 5.272 ms (121.3%)
iast_FULL 13.925 ms [13.652 ms, 14.199 ms] 9.578 ms (220.3%)
iast_GLOBAL 10.217 ms [10.039 ms, 10.395 ms] 5.87 ms (135.0%)
profiling 8.551 ms [8.421 ms, 8.68 ms] 4.203 ms (96.7%)
tracing 7.875 ms [7.764 ms, 7.987 ms] 3.528 ms (81.2%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master christoph.hamsen/avoid-using-github-token-for-pr-creation
git_commit_date 1754058594 1754058733
git_commit_sha 023e525 b6e54fc
release_version 1.51.1-SNAPSHOT~023e5251a6 1.51.1-SNAPSHOT~b6e54fc9c8
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1754060791 1754060791
ci_job_id 1060190428 1060190428
ci_pipeline_id 72438361 72438361
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-7-ng7xyf57 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-7-ng7xyf57 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 1 unstable metrics.

Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.51.1-SNAPSHOT~b6e54fc9c8, baseline=1.51.1-SNAPSHOT~023e5251a6
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.406 s) : 15406000, 15406000
.   : milestone, 15406000,
appsec (14.673 s) : 14673000, 14673000
.   : milestone, 14673000,
iast (18.651 s) : 18651000, 18651000
.   : milestone, 18651000,
iast_GLOBAL (18.178 s) : 18178000, 18178000
.   : milestone, 18178000,
profiling (15.284 s) : 15284000, 15284000
.   : milestone, 15284000,
tracing (14.907 s) : 14907000, 14907000
.   : milestone, 14907000,
section candidate
no_agent (15.675 s) : 15675000, 15675000
.   : milestone, 15675000,
appsec (14.794 s) : 14794000, 14794000
.   : milestone, 14794000,
iast (18.298 s) : 18298000, 18298000
.   : milestone, 18298000,
iast_GLOBAL (18.042 s) : 18042000, 18042000
.   : milestone, 18042000,
profiling (15.384 s) : 15384000, 15384000
.   : milestone, 15384000,
tracing (15.206 s) : 15206000, 15206000
.   : milestone, 15206000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.406 s [15.406 s, 15.406 s] -
appsec 14.673 s [14.673 s, 14.673 s] -733.0 ms (-4.8%)
iast 18.651 s [18.651 s, 18.651 s] 3.245 s (21.1%)
iast_GLOBAL 18.178 s [18.178 s, 18.178 s] 2.772 s (18.0%)
profiling 15.284 s [15.284 s, 15.284 s] -122.0 ms (-0.8%)
tracing 14.907 s [14.907 s, 14.907 s] -499.0 ms (-3.2%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.675 s [15.675 s, 15.675 s] -
appsec 14.794 s [14.794 s, 14.794 s] -881.0 ms (-5.6%)
iast 18.298 s [18.298 s, 18.298 s] 2.623 s (16.7%)
iast_GLOBAL 18.042 s [18.042 s, 18.042 s] 2.367 s (15.1%)
profiling 15.384 s [15.384 s, 15.384 s] -291.0 ms (-1.9%)
tracing 15.206 s [15.206 s, 15.206 s] -469.0 ms (-3.0%)
Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.51.1-SNAPSHOT~b6e54fc9c8, baseline=1.51.1-SNAPSHOT~023e5251a6
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.48 ms) : 1469, 1492
.   : milestone, 1480,
appsec (3.601 ms) : 3386, 3816
.   : milestone, 3601,
iast (2.208 ms) : 2144, 2272
.   : milestone, 2208,
iast_GLOBAL (2.241 ms) : 2177, 2304
.   : milestone, 2241,
profiling (2.058 ms) : 2006, 2111
.   : milestone, 2058,
tracing (2.005 ms) : 1956, 2054
.   : milestone, 2005,
section candidate
no_agent (1.476 ms) : 1465, 1488
.   : milestone, 1476,
appsec (3.669 ms) : 3452, 3886
.   : milestone, 3669,
iast (2.199 ms) : 2136, 2262
.   : milestone, 2199,
iast_GLOBAL (2.243 ms) : 2180, 2307
.   : milestone, 2243,
profiling (2.046 ms) : 1994, 2097
.   : milestone, 2046,
tracing (2.02 ms) : 1971, 2069
.   : milestone, 2020,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.48 ms [1.469 ms, 1.492 ms] -
appsec 3.601 ms [3.386 ms, 3.816 ms] 2.121 ms (143.3%)
iast 2.208 ms [2.144 ms, 2.272 ms] 727.5 µs (49.1%)
iast_GLOBAL 2.241 ms [2.177 ms, 2.304 ms] 760.322 µs (51.4%)
profiling 2.058 ms [2.006 ms, 2.111 ms] 577.772 µs (39.0%)
tracing 2.005 ms [1.956 ms, 2.054 ms] 524.903 µs (35.5%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.476 ms [1.465 ms, 1.488 ms] -
appsec 3.669 ms [3.452 ms, 3.886 ms] 2.193 ms (148.6%)
iast 2.199 ms [2.136 ms, 2.262 ms] 723.061 µs (49.0%)
iast_GLOBAL 2.243 ms [2.18 ms, 2.307 ms] 767.259 µs (52.0%)
profiling 2.046 ms [1.994 ms, 2.097 ms] 569.388 µs (38.6%)
tracing 2.02 ms [1.971 ms, 2.069 ms] 543.738 µs (36.8%)

sarahchen6
sarahchen6 approved these changes Aug 1, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@sarahchen6 sarahchen6 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving with the plan to add in commit-headless signing for commits in a separate PR

@xopham xopham removed the request for review from AlexeyKuznetsov-DD August 1, 2025 13:15
@avidal
Copy link
Copy Markdown

avidal commented Aug 1, 2025
edited
Loading

As general comment, it’s missing update-jmxfetch-submodule and add-release-to-cloudfoundry fix.

update-jmxfetch-submodule does not create pull requests, so it's fine. But yes, add-release-to-cloudfoundry needs an update.

@sarahchen6 sarahchen6 merged commit 769f897 into master Aug 1, 2025
504 of 505 checks passed
@sarahchen6 sarahchen6 deleted the christoph.hamsen/avoid-using-github-token-for-pr-creation branch August 1, 2025 16:53
@github-actions github-actions Bot added this to the 1.52.0 milestone Aug 1, 2025
sarahchen6 pushed a commit that referenced this pull request Aug 4, 2025
@avidal @sarahchen6
ci: use commit-headless to create signed commits from actions
b448d6a 
Built on #9288
@sarahchen6 sarahchen6 mentioned this pull request Aug 4, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@PerfectSlayer PerfectSlayer PerfectSlayer left review comments

@sarahchen6 sarahchen6 sarahchen6 approved these changes

+1 more reviewer

@avidal avidal avidal left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

tag: no release notes Changes to exclude from release notes

Projects

None yet

Milestone

1.52.0

Development

Successfully merging this pull request may close these issues.

4 participants

@xopham @avidal @PerfectSlayer @sarahchen6