Add appsec benchmarks#2791
Conversation
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## master #2791 +/- ##
============================================
+ Coverage 81.05% 81.07% +0.01%
Complexity 2517 2517
============================================
Files 146 146
Lines 14654 14654
============================================
+ Hits 11878 11880 +2
+ Misses 2776 2774 -2
Flags with carried forward coverage won't be shown. Click here to find out more. Continue to review full report in Codecov by Sentry.
🚀 New features to boost your workflow:
|
estringana
force-pushed
the
estringana/add-appsec-benchmarks
branch
2 times, most recently
from
7955e0b to
979c3ad
Compare
estringana
force-pushed
the
estringana/add-appsec-benchmarks
branch
from
979c3ad to
bf6e1ef
Compare
Benchmarks [ profiler ]Benchmark execution time: 2024-09-02 14:10:17 Comparing candidate commit 9db79ba in PR branch Found 0 performance improvements and 0 performance regressions! Performance is the same for 27 metrics, 9 unstable metrics. |
Benchmarks [ tracer ]Benchmark execution time: 2024-09-25 09:08:18 Comparing candidate commit 95aa3f3 in PR branch Found 2 performance improvements and 9 performance regressions! Performance is the same for 167 metrics, 0 unstable metrics. scenario:EmptyFileBench/benchEmptyFileBaseline-opcache
scenario:EmptyFileBench/benchEmptyFileOverhead
scenario:LaravelBench/benchLaravelBaseline
scenario:LaravelBench/benchLaravelBaseline-opcache
scenario:LaravelBench/benchLaravelOverhead
scenario:LaravelBench/benchLaravelOverhead-opcache
scenario:LogsInjectionBench/benchLogsInfoBaseline-opcache
scenario:WordPressBench/benchWordPressBaseline
scenario:WordPressBench/benchWordPressBaseline-opcache
scenario:WordPressBench/benchWordPressOverhead
scenario:WordPressBench/benchWordPressOverhead-opcache
|
Benchmarks [ appsec ]Benchmark execution time: 2024-09-11 09:53:43 Comparing candidate commit ccd86d5 in PR branch Found 0 performance improvements and 0 performance regressions! Performance is the same for 178 metrics, 0 unstable metrics. |
|
About - Benchmarks [ tracer ]. Something is completely not right with WordPressBench/benchWordPressOverhead, should not experience such big perf difference. Other 4 scenarios seems to be what usually flaky / not super precise benchmarks look like. I can increase flakiness threshold for you from 2% to 5%, so the small flaky results are hidden. For most teams we already use 5%, ensuring 2% threshold is possible, but would require quite some engineering time (and in general not sure if it is useful for you -- will you address a regression of size 2% anyhow?). |
|
I keep wondering what is happening with |
estringana
force-pushed
the
estringana/add-appsec-benchmarks
branch
2 times, most recently
from
0813939 to
19a0904
Compare
estringana
force-pushed
the
estringana/add-appsec-benchmarks
branch
from
46f2665 to
9ecca43
Compare
estringana
force-pushed
the
estringana/add-appsec-benchmarks
branch
from
f89eed7 to
7f15058
Compare
BenchmarksBenchmark execution time: 2024-09-20 08:45:44 Comparing candidate commit 339adfc in PR branch Found 1 performance improvements and 8 performance regressions! Performance is the same for 168 metrics, 1 unstable metrics. scenario:ContextPropagationBench/benchInject64Bit
scenario:EmptyFileBench/benchEmptyFileOverhead-opcache
scenario:LaravelBench/benchLaravelBaseline
scenario:LaravelBench/benchLaravelOverhead
scenario:LaravelBench/benchLaravelOverhead-opcache
scenario:WordPressBench/benchWordPressBaseline
scenario:WordPressBench/benchWordPressBaseline-opcache
scenario:WordPressBench/benchWordPressOverhead
scenario:WordPressBench/benchWordPressOverhead-opcache
|
estringana
force-pushed
the
estringana/add-appsec-benchmarks
branch
from
6b533a9 to
8293cfd
Compare
estringana
force-pushed
the
estringana/add-appsec-benchmarks
branch
from
8293cfd to
339adfc
Compare
estringana
force-pushed
the
estringana/add-appsec-benchmarks
branch
from
5d2d179 to
aaec12b
Compare
This is fixed. Basically, there was error connecting to the wordpress database. I think this problem was there before but can't understand why it was not spotted |
| $(call run_tests,--testsuite=metrics $(TESTS)) | ||
|
|
||
| benchmarks_run_dependencies: global_test_run_dependencies tests/Frameworks/Symfony/Version_5_2/composer.lock-php$(PHP_MAJOR_MINOR) tests/Frameworks/Laravel/Version_8_x/composer.lock-php$(PHP_MAJOR_MINOR) tests/Benchmarks/composer.lock-php$(PHP_MAJOR_MINOR) | ||
| benchmarks_run_dependencies: global_test_run_dependencies tests/Frameworks/Symfony/Version_5_2/composer.lock-php$(PHP_MAJOR_MINOR) tests/Frameworks/Laravel/Version_10_x/composer.lock-php$(PHP_MAJOR_MINOR) tests/Benchmarks/composer.lock-php$(PHP_MAJOR_MINOR) |
There was a problem hiding this comment.
This is the reason why Laravel performance has increased. Basically, the autoloader didn't exists and all responses were fast because they were 500x
| timeout: 1h | ||
| script: | ||
| - export ARTIFACTS_DIR="$(pwd)/reports" && (mkdir "${ARTIFACTS_DIR}" || :) | ||
| - git clone --branch dd-trace-php https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.ddbuild.io/DataDog/benchmarking-platform /platform && cd /platform |
There was a problem hiding this comment.
I will change this once the other branch is merged and this approved
| '8.3-buster': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-8.3_buster' } | ||
| 'php-master-buster': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-master_buster' } | ||
| # --- Bookworm --- | ||
| '8.2-bookworm': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-8.2_bookworm-3' } |
There was a problem hiding this comment.
Not really needed but I added it here because that's the image I use to test benchmarks. Appsec is not compiling on buster versions
| $this->TearDownAfterClass(); | ||
| } | ||
|
|
||
| public function enableWordPressTracing() |
There was a problem hiding this comment.
I have changed this so now we ensure the database is created before any test
|
|
||
| spl_autoload_register('\DDTrace\Tests\missing_ddtrace_class_fatal_autoloader', true); | ||
|
|
||
| $phpunitVersionParts = class_exists('\PHPUnit\Runner\Version') |
There was a problem hiding this comment.
The next three files related with bootstrap are changed because benchmarks were loading appsec Mock. This changes avoid that happening
There was a problem hiding this comment.
Basically I copied/pasted code from one file to another. All the code was already there but in different files
PROFeNoM
left a comment
PROFeNoM
left a comment
There was a problem hiding this comment.
LGTM 
Reminder: Don't forget to change the branch in .gitlab/benchmarks 👍
4 participants
Description
Integrates PHP AppSec into the Datadog benchmarking platform so that performance regressions are caught automatically before they ship.
Before this PR, there was no automated performance baseline for AppSec overhead. Changes to the RASP instrumentation would have silently impacted performance. This PR adds AppSec-specific benchmark scenarios to the suite and wires them into CI, so every PR against dd-trace-php that touches AppSec gets a performance comparison against the master baseline.
See also: benchmarking-platform#94 (the platform-side changes that enable this).
[APPSEC-54443]
Reviewer checklist