Add performance test for redis. (#1562)

Also add preliminary Makefile target with docker compose setup for redis. Comment out query part of performance test, as it is hanging. Signed-off-by: Jeff Mendoza <jlm@jlm.name>
guacsec · Dec 11, 2023 · cb92e23 · cb92e23
1 parent c4c8ca3
commit cb92e23
Show file tree

Hide file tree

Showing 4 changed files with 113 additions and 33 deletions.
diff --git a/.github/workflows/db-performance-test.yaml b/.github/workflows/db-performance-test.yaml
@@ -32,14 +32,15 @@ jobs:
     with:
       repository: 'guacsec/guac'
       ref: 'main'
-  
+
   db-performance:
     needs: [build]
     runs-on: ubuntu-latest
     strategy:
       matrix:
         database:
           - inmem
+          - redis
           - arango
           - ent
     outputs:
@@ -65,7 +66,7 @@ jobs:
           chmod +x *
           ls -la
         working-directory: ./bin
-      - name: Load images 
+      - name: Load images
         run: |
           #!/usr/bin/env bash
           set -euo pipefail
@@ -77,8 +78,12 @@ jobs:
             GUAC_IMAGE: 'local-organic-guac'
             GUAC_API_PORT: '8080'
         run: |
+          #!/usr/bin/env bash
+          set -euo pipefail
           if [ ${{ matrix.database }} == "inmem" ]; then
             make start-inmem-db
+          elif [ ${{ matrix.database }} == redis ]; then
+            make start-redis-db
           elif [ ${{ matrix.database }} == "arango" ]; then
             make start-arango-db
           elif [ ${{ matrix.database }} == "ent" ]; then
@@ -97,43 +102,41 @@ jobs:
           grep "completed ingesting" output
           end=$(date -u +%s)
           elapsed_time=$((end - start))
-  
           printf "%-15s%-20s%-15s%s seconds\n" "Ingestion" "${{ matrix.database }}" "$elapsed_time"
           echo "elapsed_time=$elapsed_time" >> $GITHUB_OUTPUT
-      ## Write for matrix outputs workaround 
+      ## Write for matrix outputs workaround
       - uses: cloudposse/github-action-matrix-outputs-write@main
         id: out-ingestion
         with:
           matrix-step-name: run_test
           matrix-key: ${{ matrix.database }}
           outputs: |-
             elapsed_time: ${{ steps.run_test.outputs.elapsed_time }}
-      - name: Run query tests with ${{ matrix.database }}
-        id: query_test
-        run: |
-          if [ ${{ matrix.database }} == "inmem" ]; then
-            #!/usr/bin/env bash
-            set -euo pipefail
-            echo "Running query tests..."
-            start=$(date -u +%s)
-            ./bin/guacone certifier osv > output 2>&1
-            ./bin/guacone query vuln "pkg:guac/spdx/ghcr.io/guacsec/vul-image-latest" > output 2>&1
-            grep "Visualizer url" output
-            end=$(date -u +%s)
-            query_time=$((end - start))
-  
-            printf "%-15s%-20s%-15s%s seconds\n" "Query" "${{ matrix.database }}" "$query_time"
-            echo "query_time=$query_time" >> $GITHUB_OUTPUT
-          fi
-      ## Write for matrix outputs workaround 
-      - uses: cloudposse/github-action-matrix-outputs-write@main
-        id: out-query
-        with:
-          matrix-step-name: query_test
-          matrix-key: ${{ matrix.database }}
-          outputs: |-
-            query_time: ${{ steps.query_test.outputs.query_time }}
-  ## Read matrix outputs 
+      # - name: Run query tests with ${{ matrix.database }}
+      #   id: query_test
+      #   run: |
+      #     if [ ${{ matrix.database }} == "inmem" ]; then
+      #       #!/usr/bin/env bash
+      #       set -euo pipefail
+      #       echo "Running query tests..."
+      #       start=$(date -u +%s)
+      #       ./bin/guacone certifier osv --poll=false > output 2>&1
+      #       ./bin/guacone query vuln "pkg:guac/spdx/ghcr.io/guacsec/vul-image-latest" > output 2>&1
+      #       #grep "Visualizer url" output
+      #       end=$(date -u +%s)
+      #       query_time=$((end - start))
+      #       printf "%-15s%-20s%-15s%s seconds\n" "Query" "${{ matrix.database }}" "$query_time"
+      #       echo "query_time=$query_time" >> $GITHUB_OUTPUT
+      #     fi
+      # ## Write for matrix outputs workaround
+      # - uses: cloudposse/github-action-matrix-outputs-write@main
+      #   id: out-query
+      #   with:
+      #     matrix-step-name: query_test
+      #     matrix-key: ${{ matrix.database }}
+      #     outputs: |-
+      #       query_time: ${{ steps.query_test.outputs.query_time }}
+  ## Read matrix outputs
   read:
     runs-on: ubuntu-latest
     needs: [db-performance]
@@ -143,13 +146,13 @@ jobs:
         with:
           matrix-step-name: run_test
       - run: |
-          echo "result: ${{ steps.ingestion.outputs.result }}" 
+          echo "result: ${{ steps.ingestion.outputs.result }}"
       - uses: cloudposse/github-action-matrix-outputs-read@main
         id: query
         with:
           matrix-step-name: query_test
       - run: |
-          echo "result: ${{ steps.query.outputs.result }}" 
+          echo "result: ${{ steps.query.outputs.result }}"
     outputs:
       result: "${{ steps.ingestion.outputs.result }}"
       query_result: "${{ steps.query.outputs.result }}"

diff --git a/Makefile b/Makefile
@@ -154,7 +154,7 @@ start-service: check-docker-compose-tool-check
 		sleep 1; \
 		counter=$$((counter+1)); \
 	done; \
- 	[ $$counter -eq 15 ] && { echo "Inmem GUAC service did not start in time"; exit 1; } || echo "Inmem GUAC service is up!"
+	[ $$counter -eq 15 ] && { echo "Inmem GUAC service did not start in time"; exit 1; } || echo "Inmem GUAC service is up!"
 
 # to flush state, service-stop must be used else state is taken from old containers
 .PHONY: stop-service
@@ -174,6 +174,19 @@ start-inmem-db: check-docker-compose-tool-check
 	done; \
 	[ $$counter -eq 15 ] && { echo "Arango GUAC service did not start in time"; exit 1; } || echo "Inmem GUAC service is up!"
 
+# start graphQL server with keyvalue-redis backend
+.PHONY: start-redis-db
+start-redis-db: check-docker-compose-tool-check
+	$(CONTAINER) compose -f docker-compose.yml -f container_files/redis.yaml up -d 2>&1
+	@echo "Waiting for the service to start"
+	@counter=0; \
+	while [ $$counter -lt 15 ] && ! curl --silent --head --output /dev/null --fail http://localhost:8080; do \
+		printf '.'; \
+		sleep 1; \
+		counter=$$((counter+1)); \
+	done; \
+	[ $$counter -eq 15 ] && { echo "Redis GUAC service did not start in time"; exit 1; } || echo "Redis GUAC service is up!"
+
 # start graphQL server with arango backend
 .PHONY: start-arango-db
 start-arango-db: check-docker-compose-tool-check

diff --git a/container_files/redis.yaml b/container_files/redis.yaml
@@ -0,0 +1,40 @@
+version: "3.9"
+
+volumes:
+  redis_guac_data:
+services:
+  guac-graphql:
+    networks: [frontend]
+    image: $GUAC_IMAGE
+    command: "/opt/guac/guacgql"
+    working_dir: /guac
+    restart: on-failure
+    depends_on:
+      nats:
+        condition: service_healthy
+      redis:
+        condition: service_healthy
+    ports:
+      - "$GUAC_API_PORT:8080"
+    volumes:
+      - ./container_files/redis:/guac:z
+    healthcheck:
+      test: ["CMD", "wget", "--spider", "http://localhost:8080"]
+      interval: 10s
+      timeout: 10s
+      retries: 3
+      start_period: 5s
+  redis:
+    networks: [frontend]
+    image: cgr.dev/chainguard/redis
+    ports:
+    - "6379:6379"
+    restart: on-failure
+    volumes:
+    - redis_guac_data:/data
+    healthcheck:
+      test: [ "CMD", "redis-cli", "--raw", "incr", "ping" ]
+      interval: 10s
+      timeout: 10s
+      retries: 3
+      start_period: 1s
diff --git a/container_files/redis/guac.yaml b/container_files/redis/guac.yaml
@@ -0,0 +1,24 @@
+# nats
+nats-addr: nats://nats:4222
+
+# collect-sub
+csub-addr: guac-collectsub:2782
+csub-listen-port: 2782
+
+# graphql
+gql-backend: keyvalue
+gql-listen-port: 8080
+gql-debug: true
+gql-addr: http://guac-graphql:8080/query
+
+# keyvalue
+kv-store: redis
+kv-redis: redis://user@redis:6379/0
+
+# collector polling
+service-poll: true
+use-csub: true
+
+# certifier polling
+poll: true
+interval: 5m