Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AppSec Xml support for play 2.6 #6100

Merged
merged 1 commit into from
Oct 27, 2023
Merged

AppSec Xml support for play 2.6 #6100

merged 1 commit into from
Oct 27, 2023

Conversation

cataphract
Copy link
Contributor

No description provided.

@cataphract cataphract requested review from a team as code owners October 25, 2023 17:40
@pr-commenter
Copy link

pr-commenter bot commented Oct 25, 2023
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
commit 1.23.0-SNAPSHOT~29753c57f8 1.23.0-SNAPSHOT~7966052880
config baseline candidate
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
module Agent Agent
parent None None
variant iast iast

Summary

Found 1 performance improvements and 0 performance regressions! Performance is the same for 53 cases.

scenario Δ mean execution_time candidate mean execution_time baseline mean execution_time
scenario:insecure-bank:iast:Telemetry better
[-6.378ms; -0.768ms] or [-65.708%; -7.908%]		 6.134ms 9.707ms
Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.23.0-SNAPSHOT~7966052880, baseline=1.23.0-SNAPSHOT~29753c57f8

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.024 s) : 0, 1023934
Total [baseline] (9.282 s) : 0, 9281569
Agent [candidate] (1.028 s) : 0, 1027971
Total [candidate] (9.323 s) : 0, 9323126
section appsec
Agent [baseline] (1.112 s) : 0, 1112343
Total [baseline] (9.359 s) : 0, 9358964
Agent [candidate] (1.135 s) : 0, 1135302
Total [candidate] (9.411 s) : 0, 9410847
section iast
Agent [baseline] (1.162 s) : 0, 1162445
Total [baseline] (9.514 s) : 0, 9514061
Agent [candidate] (1.158 s) : 0, 1158014
Total [candidate] (9.527 s) : 0, 9527010
section profiling
Agent [baseline] (1.208 s) : 0, 1208073
Total [baseline] (9.556 s) : 0, 9555754
Agent [candidate] (1.213 s) : 0, 1212628
Total [candidate] (9.624 s) : 0, 9623666
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.024 s -
Agent appsec 1.112 s 88.409 ms (8.6%)
Agent iast 1.162 s 138.511 ms (13.5%)
Agent profiling 1.208 s 184.139 ms (18.0%)
Total tracing 9.282 s -
Total appsec 9.359 s 77.395 ms (0.8%)
Total iast 9.514 s 232.492 ms (2.5%)
Total profiling 9.556 s 274.185 ms (3.0%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.028 s -
Agent appsec 1.135 s 107.332 ms (10.4%)
Agent iast 1.158 s 130.043 ms (12.7%)
Agent profiling 1.213 s 184.657 ms (18.0%)
Total tracing 9.323 s -
Total appsec 9.411 s 87.722 ms (0.9%)
Total iast 9.527 s 203.885 ms (2.2%)
Total profiling 9.624 s 300.541 ms (3.2%) 
gantt
    title petclinic - break down per module: candidate=1.23.0-SNAPSHOT~7966052880, baseline=1.23.0-SNAPSHOT~29753c57f8

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (639.936 ms) : 0, 639936
BytebuddyAgent [candidate] (642.956 ms) : 0, 642956
GlobalTracer [baseline] (293.787 ms) : 0, 293787
GlobalTracer [candidate] (294.843 ms) : 0, 294843
AppSec [baseline] (49.049 ms) : 0, 49049
AppSec [candidate] (48.83 ms) : 0, 48830
Remote Config [baseline] (680.349 µs) : 0, 680
Remote Config [candidate] (692.108 µs) : 0, 692
Telemetry [baseline] (6.071 ms) : 0, 6071
Telemetry [candidate] (6.083 ms) : 0, 6083
section appsec
BytebuddyAgent [baseline] (640.29 ms) : 0, 640290
BytebuddyAgent [candidate] (654.351 ms) : 0, 654351
GlobalTracer [baseline] (292.586 ms) : 0, 292586
GlobalTracer [candidate] (299.135 ms) : 0, 299135
AppSec [baseline] (138.613 ms) : 0, 138613
AppSec [candidate] (140.141 ms) : 0, 140141
Remote Config [baseline] (642.379 µs) : 0, 642
Remote Config [candidate] (660.188 µs) : 0, 660
Telemetry [baseline] (5.721 ms) : 0, 5721
Telemetry [candidate] (5.842 ms) : 0, 5842
section iast
BytebuddyAgent [baseline] (778.23 ms) : 0, 778230
BytebuddyAgent [candidate] (775.104 ms) : 0, 775104
GlobalTracer [baseline] (275.733 ms) : 0, 275733
GlobalTracer [candidate] (275.089 ms) : 0, 275089
AppSec [baseline] (49.335 ms) : 0, 49335
AppSec [candidate] (48.232 ms) : 0, 48232
Remote Config [baseline] (563.168 µs) : 0, 563
Remote Config [candidate] (1.242 ms) : 0, 1242
Telemetry [baseline] (7.612 ms) : 0, 7612
Telemetry [candidate] (8.35 ms) : 0, 8350
IAST [baseline] (16.176 ms) : 0, 16176
IAST [candidate] (15.346 ms) : 0, 15346
section profiling
ProfilingAgent [baseline] (80.729 ms) : 0, 80729
ProfilingAgent [candidate] (81.792 ms) : 0, 81792
BytebuddyAgent [baseline] (656.463 ms) : 0, 656463
BytebuddyAgent [candidate] (658.963 ms) : 0, 658963
GlobalTracer [baseline] (360.396 ms) : 0, 360396
GlobalTracer [candidate] (361.321 ms) : 0, 361321
AppSec [baseline] (50.067 ms) : 0, 50067
AppSec [candidate] (49.955 ms) : 0, 49955
Remote Config [baseline] (653.069 µs) : 0, 653
Remote Config [candidate] (654.396 µs) : 0, 654
Telemetry [baseline] (6.079 ms) : 0, 6079
Telemetry [candidate] (6.14 ms) : 0, 6140
Profiling [baseline] (80.754 ms) : 0, 80754
Profiling [candidate] (81.816 ms) : 0, 81816
Loading
Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.23.0-SNAPSHOT~7966052880, baseline=1.23.0-SNAPSHOT~29753c57f8

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.026 s) : 0, 1025597
Total [baseline] (8.733 s) : 0, 8733301
Agent [candidate] (1.028 s) : 0, 1028340
Total [candidate] (8.751 s) : 0, 8750820
section iast
Agent [baseline] (1.152 s) : 0, 1151513
Total [baseline] (9.304 s) : 0, 9303561
Agent [candidate] (1.152 s) : 0, 1151516
Total [candidate] (9.261 s) : 0, 9260947
section iast_TELEMETRY_OFF
Agent [baseline] (1.152 s) : 0, 1152480
Total [baseline] (9.273 s) : 0, 9273085
Agent [candidate] (1.148 s) : 0, 1147868
Total [candidate] (9.242 s) : 0, 9242403
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.026 s -
Agent iast 1.152 s 125.916 ms (12.3%)
Agent iast_TELEMETRY_OFF 1.152 s 126.883 ms (12.4%)
Total tracing 8.733 s -
Total iast 9.304 s 570.26 ms (6.5%)
Total iast_TELEMETRY_OFF 9.273 s 539.785 ms (6.2%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.028 s -
Agent iast 1.152 s 123.176 ms (12.0%)
Agent iast_TELEMETRY_OFF 1.148 s 119.528 ms (11.6%)
Total tracing 8.751 s -
Total iast 9.261 s 510.126 ms (5.8%)
Total iast_TELEMETRY_OFF 9.242 s 491.582 ms (5.6%) 
gantt
    title insecure-bank - break down per module: candidate=1.23.0-SNAPSHOT~7966052880, baseline=1.23.0-SNAPSHOT~29753c57f8

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (640.976 ms) : 0, 640976
BytebuddyAgent [candidate] (642.972 ms) : 0, 642972
GlobalTracer [baseline] (294.049 ms) : 0, 294049
GlobalTracer [candidate] (294.692 ms) : 0, 294692
AppSec [baseline] (49.385 ms) : 0, 49385
AppSec [candidate] (49.448 ms) : 0, 49448
Remote Config [baseline] (680.943 µs) : 0, 681
Remote Config [candidate] (684.494 µs) : 0, 684
Telemetry [baseline] (6.042 ms) : 0, 6042
Telemetry [candidate] (6.144 ms) : 0, 6144
section iast
BytebuddyAgent [baseline] (770.244 ms) : 0, 770244
BytebuddyAgent [candidate] (770.042 ms) : 0, 770042
GlobalTracer [baseline] (272.819 ms) : 0, 272819
GlobalTracer [candidate] (273.968 ms) : 0, 273968
AppSec [baseline] (46.299 ms) : 0, 46299
AppSec [candidate] (47.073 ms) : 0, 47073
Remote Config [baseline] (575.339 µs) : 0, 575
Remote Config [candidate] (612.735 µs) : 0, 613
Telemetry [baseline] (9.707 ms) : 0, 9707
Telemetry [candidate] (6.134 ms) : 0, 6134
IAST [baseline] (17.467 ms) : 0, 17467
IAST [candidate] (19.281 ms) : 0, 19281
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (770.424 ms) : 0, 770424
BytebuddyAgent [candidate] (766.707 ms) : 0, 766707
GlobalTracer [baseline] (275.143 ms) : 0, 275143
GlobalTracer [candidate] (274.746 ms) : 0, 274746
AppSec [baseline] (46.753 ms) : 0, 46753
AppSec [candidate] (46.805 ms) : 0, 46805
Remote Config [baseline] (567.407 µs) : 0, 567
Remote Config [candidate] (579.039 µs) : 0, 579
Telemetry [baseline] (7.719 ms) : 0, 7719
Telemetry [candidate] (6.116 ms) : 0, 6116
IAST [baseline] (17.123 ms) : 0, 17123
IAST [candidate] (18.241 ms) : 0, 18241
Loading

Load

Parameters

Baseline Candidate
commit 1.23.0-SNAPSHOT~29753c57f8 1.23.0-SNAPSHOT~7966052880
config baseline candidate
end_time 2023-10-27T06:22:19 2023-10-27T06:38:41
start_time 2023-10-27T06:22:06 2023-10-27T06:38:29
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 22 cases.

Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.23.0-SNAPSHOT~7966052880, baseline=1.23.0-SNAPSHOT~29753c57f8
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.351 ms) : 1331, 1370
.   : milestone, 1351,
appsec (1.713 ms) : 1689, 1737
.   : milestone, 1713,
iast (1.478 ms) : 1454, 1503
.   : milestone, 1478,
profiling (1.469 ms) : 1444, 1494
.   : milestone, 1469,
tracing (1.449 ms) : 1425, 1474
.   : milestone, 1449,
section candidate
no_agent (1.343 ms) : 1323, 1362
.   : milestone, 1343,
appsec (1.71 ms) : 1685, 1734
.   : milestone, 1710,
iast (1.455 ms) : 1431, 1479
.   : milestone, 1455,
profiling (1.437 ms) : 1413, 1462
.   : milestone, 1437,
tracing (1.458 ms) : 1433, 1483
.   : milestone, 1458,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.351 ms [1.331 ms, 1.37 ms] -
appsec 1.713 ms [1.689 ms, 1.737 ms] 362.774 µs (26.9%)
iast 1.478 ms [1.454 ms, 1.503 ms] 127.816 µs (9.5%)
profiling 1.469 ms [1.444 ms, 1.494 ms] 118.383 µs (8.8%)
tracing 1.449 ms [1.425 ms, 1.474 ms] 98.888 µs (7.3%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.343 ms [1.323 ms, 1.362 ms] -
appsec 1.71 ms [1.685 ms, 1.734 ms] 367.011 µs (27.3%)
iast 1.455 ms [1.431 ms, 1.479 ms] 112.806 µs (8.4%)
profiling 1.437 ms [1.413 ms, 1.462 ms] 94.582 µs (7.0%)
tracing 1.458 ms [1.433 ms, 1.483 ms] 115.53 µs (8.6%)
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.23.0-SNAPSHOT~7966052880, baseline=1.23.0-SNAPSHOT~29753c57f8
    dateFormat X
    axisFormat %s
section baseline
no_agent (364.047 µs) : 343, 385
.   : milestone, 364,
iast (468.088 µs) : 447, 489
.   : milestone, 468,
iast_FULL (522.962 µs) : 502, 544
.   : milestone, 523,
iast_INACTIVE (428.425 µs) : 408, 449
.   : milestone, 428,
iast_TELEMETRY_OFF (453.901 µs) : 433, 475
.   : milestone, 454,
tracing (435.952 µs) : 414, 458
.   : milestone, 436,
section candidate
no_agent (372.736 µs) : 352, 393
.   : milestone, 373,
iast (458.892 µs) : 438, 479
.   : milestone, 459,
iast_FULL (521.366 µs) : 500, 542
.   : milestone, 521,
iast_INACTIVE (434.382 µs) : 414, 455
.   : milestone, 434,
iast_TELEMETRY_OFF (462.297 µs) : 440, 484
.   : milestone, 462,
tracing (432.061 µs) : 411, 453
.   : milestone, 432,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 364.047 µs [342.87 µs, 385.225 µs] -
iast 468.088 µs [447.145 µs, 489.03 µs] 104.04 µs (28.6%)
iast_FULL 522.962 µs [502.092 µs, 543.832 µs] 158.915 µs (43.7%)
iast_INACTIVE 428.425 µs [407.637 µs, 449.213 µs] 64.378 µs (17.7%)
iast_TELEMETRY_OFF 453.901 µs [432.562 µs, 475.24 µs] 89.854 µs (24.7%)
tracing 435.952 µs [414.214 µs, 457.69 µs] 71.905 µs (19.8%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 372.736 µs [352.218 µs, 393.254 µs] -
iast 458.892 µs [438.449 µs, 479.334 µs] 86.156 µs (23.1%)
iast_FULL 521.366 µs [500.379 µs, 542.352 µs] 148.63 µs (39.9%)
iast_INACTIVE 434.382 µs [413.629 µs, 455.135 µs] 61.646 µs (16.5%)
iast_TELEMETRY_OFF 462.297 µs [440.48 µs, 484.115 µs] 89.561 µs (24.0%)
tracing 432.061 µs [410.882 µs, 453.24 µs] 59.325 µs (15.9%)

@smola smola added the comp: asm waf Application Security Management (WAF) label Oct 26, 2023
@cataphract cataphract merged commit a012761 into master Oct 27, 2023
69 checks passed
@cataphract cataphract deleted the glopes/play-2.6-xml branch October 27, 2023 07:01
@github-actions github-actions bot added this to the 1.23.0 milestone Oct 27, 2023
@cataphract cataphract mentioned this pull request Oct 27, 2023
Merged
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@smola smola smola approved these changes

@anderruiz anderruiz Awaiting requested review from anderruiz anderruiz is a code owner automatically assigned from DataDog/asm-java

@mcculls mcculls Awaiting requested review from mcculls mcculls is a code owner automatically assigned from DataDog/apm-java

@am312 am312 Awaiting requested review from am312 am312 is a code owner automatically assigned from DataDog/apm-java

Assignees
No one assigned
Labels
comp: asm waf Application Security Management (WAF)
Projects
None yet
Milestone
1.23.0
Development

Successfully merging this pull request may close these issues.
2 participants
@cataphract @smola