-
Notifications
You must be signed in to change notification settings - Fork 274
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
API Security - enabled by default #6701
Open
ValentinZakharov
wants to merge
2
commits into
master
Choose a base branch
from
vzakharov/enable_api_sec
base: master
Could not load branches
Branch not found: {{ refName }}
Could not load tags
Nothing to show
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
BenchmarksStartupParameters
See matching parameters
SummaryFound 0 performance improvements and 0 performance regressions! Performance is the same for 51 metrics, 12 unstable metrics. Startup time reports for petclinicgantt
title petclinic - global startup overhead: candidate=1.32.0-SNAPSHOT~85fa55e998, baseline=1.32.0-SNAPSHOT~ee9c0f803a
dateFormat X
axisFormat %s
section tracing
Agent [baseline] (1.077 s) : 0, 1076880
Total [baseline] (9.188 s) : 0, 9187693
Agent [candidate] (1.078 s) : 0, 1078428
Total [candidate] (9.209 s) : 0, 9209110
section appsec
Agent [baseline] (1.207 s) : 0, 1206744
Total [baseline] (9.24 s) : 0, 9239915
Agent [candidate] (1.205 s) : 0, 1204897
Total [candidate] (9.307 s) : 0, 9306692
section iast
Agent [baseline] (1.21 s) : 0, 1209860
Total [baseline] (9.372 s) : 0, 9371951
Agent [candidate] (1.218 s) : 0, 1217592
Total [candidate] (9.389 s) : 0, 9389161
section profiling
Agent [baseline] (1.277 s) : 0, 1276829
Total [baseline] (9.363 s) : 0, 9363051
Agent [candidate] (1.273 s) : 0, 1272806
Total [candidate] (9.318 s) : 0, 9317896
gantt
title petclinic - break down per module: candidate=1.32.0-SNAPSHOT~85fa55e998, baseline=1.32.0-SNAPSHOT~ee9c0f803a
dateFormat X
axisFormat %s
section tracing
BytebuddyAgent [baseline] (694.502 ms) : 0, 694502
BytebuddyAgent [candidate] (695.101 ms) : 0, 695101
GlobalTracer [baseline] (290.658 ms) : 0, 290658
GlobalTracer [candidate] (291.871 ms) : 0, 291871
AppSec [baseline] (49.004 ms) : 0, 49004
AppSec [candidate] (48.787 ms) : 0, 48787
Remote Config [baseline] (722.105 µs) : 0, 722
Remote Config [candidate] (712.147 µs) : 0, 712
Telemetry [baseline] (7.798 ms) : 0, 7798
Telemetry [candidate] (7.749 ms) : 0, 7749
section appsec
BytebuddyAgent [baseline] (700.05 ms) : 0, 700050
BytebuddyAgent [candidate] (699.927 ms) : 0, 699927
GlobalTracer [baseline] (292.633 ms) : 0, 292633
GlobalTracer [candidate] (291.534 ms) : 0, 291534
AppSec [baseline] (154.032 ms) : 0, 154032
AppSec [candidate] (153.669 ms) : 0, 153669
IAST [baseline] (17.987 ms) : 0, 17987
IAST [candidate] (17.765 ms) : 0, 17765
Remote Config [baseline] (616.316 µs) : 0, 616
Remote Config [candidate] (606.376 µs) : 0, 606
Telemetry [baseline] (6.951 ms) : 0, 6951
Telemetry [candidate] (6.869 ms) : 0, 6869
section iast
BytebuddyAgent [baseline] (804.455 ms) : 0, 804455
BytebuddyAgent [candidate] (810.933 ms) : 0, 810933
GlobalTracer [baseline] (289.215 ms) : 0, 289215
GlobalTracer [candidate] (290.863 ms) : 0, 290863
AppSec [baseline] (49.541 ms) : 0, 49541
AppSec [candidate] (49.339 ms) : 0, 49339
IAST [baseline] (22.414 ms) : 0, 22414
IAST [candidate] (24.423 ms) : 0, 24423
Remote Config [baseline] (606.576 µs) : 0, 607
Remote Config [candidate] (612.003 µs) : 0, 612
Telemetry [baseline] (8.994 ms) : 0, 8994
Telemetry [candidate] (6.628 ms) : 0, 6628
section profiling
BytebuddyAgent [baseline] (690.416 ms) : 0, 690416
BytebuddyAgent [candidate] (688.719 ms) : 0, 688719
GlobalTracer [baseline] (376.974 ms) : 0, 376974
GlobalTracer [candidate] (376.43 ms) : 0, 376430
AppSec [baseline] (49.772 ms) : 0, 49772
AppSec [candidate] (49.356 ms) : 0, 49356
Remote Config [baseline] (728.309 µs) : 0, 728
Remote Config [candidate] (812.613 µs) : 0, 813
Telemetry [baseline] (7.526 ms) : 0, 7526
Telemetry [candidate] (7.391 ms) : 0, 7391
ProfilingAgent [baseline] (95.156 ms) : 0, 95156
ProfilingAgent [candidate] (94.069 ms) : 0, 94069
Profiling [baseline] (95.179 ms) : 0, 95179
Profiling [candidate] (94.092 ms) : 0, 94092
Startup time reports for insecure-bankgantt
title insecure-bank - global startup overhead: candidate=1.32.0-SNAPSHOT~85fa55e998, baseline=1.32.0-SNAPSHOT~ee9c0f803a
dateFormat X
axisFormat %s
section tracing
Agent [baseline] (1.085 s) : 0, 1084644
Total [baseline] (8.557 s) : 0, 8557429
Agent [candidate] (1.081 s) : 0, 1080855
Total [candidate] (8.562 s) : 0, 8562170
section iast
Agent [baseline] (1.22 s) : 0, 1220001
Total [baseline] (9.087 s) : 0, 9086685
Agent [candidate] (1.211 s) : 0, 1211107
Total [candidate] (9.077 s) : 0, 9076605
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.204 s) : 0, 1204445
Total [baseline] (9.028 s) : 0, 9028373
Agent [candidate] (1.206 s) : 0, 1205924
Total [candidate] (9.036 s) : 0, 9035969
section iast_TELEMETRY_OFF
Agent [baseline] (1.195 s) : 0, 1195256
Total [baseline] (9.024 s) : 0, 9023905
Agent [candidate] (1.197 s) : 0, 1197479
Total [candidate] (9.052 s) : 0, 9052412
gantt
title insecure-bank - break down per module: candidate=1.32.0-SNAPSHOT~85fa55e998, baseline=1.32.0-SNAPSHOT~ee9c0f803a
dateFormat X
axisFormat %s
section tracing
BytebuddyAgent [baseline] (699.813 ms) : 0, 699813
BytebuddyAgent [candidate] (696.736 ms) : 0, 696736
GlobalTracer [baseline] (292.453 ms) : 0, 292453
GlobalTracer [candidate] (292.185 ms) : 0, 292185
AppSec [baseline] (49.293 ms) : 0, 49293
AppSec [candidate] (49.115 ms) : 0, 49115
Remote Config [baseline] (757.094 µs) : 0, 757
Remote Config [candidate] (725.053 µs) : 0, 725
Telemetry [baseline] (7.792 ms) : 0, 7792
Telemetry [candidate] (7.798 ms) : 0, 7798
section iast
BytebuddyAgent [baseline] (811.917 ms) : 0, 811917
BytebuddyAgent [candidate] (805.082 ms) : 0, 805082
GlobalTracer [baseline] (291.818 ms) : 0, 291818
GlobalTracer [candidate] (290.14 ms) : 0, 290140
AppSec [baseline] (50.137 ms) : 0, 50137
AppSec [candidate] (50.093 ms) : 0, 50093
IAST [baseline] (23.354 ms) : 0, 23354
IAST [candidate] (22.428 ms) : 0, 22428
Remote Config [baseline] (611.653 µs) : 0, 612
Remote Config [candidate] (608.14 µs) : 0, 608
Telemetry [baseline] (7.376 ms) : 0, 7376
Telemetry [candidate] (8.207 ms) : 0, 8207
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (799.974 ms) : 0, 799974
BytebuddyAgent [candidate] (801.928 ms) : 0, 801928
GlobalTracer [baseline] (288.613 ms) : 0, 288613
GlobalTracer [candidate] (289.136 ms) : 0, 289136
AppSec [baseline] (50.211 ms) : 0, 50211
AppSec [candidate] (50.136 ms) : 0, 50136
IAST [baseline] (23.215 ms) : 0, 23215
IAST [candidate] (23.107 ms) : 0, 23107
Remote Config [baseline] (626.157 µs) : 0, 626
Remote Config [candidate] (624.301 µs) : 0, 624
Telemetry [baseline] (7.43 ms) : 0, 7430
Telemetry [candidate] (6.674 ms) : 0, 6674
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (792.059 ms) : 0, 792059
BytebuddyAgent [candidate] (792.794 ms) : 0, 792794
GlobalTracer [baseline] (288.295 ms) : 0, 288295
GlobalTracer [candidate] (289.406 ms) : 0, 289406
AppSec [baseline] (50.526 ms) : 0, 50526
AppSec [candidate] (52.392 ms) : 0, 52392
IAST [baseline] (23.018 ms) : 0, 23018
IAST [candidate] (21.546 ms) : 0, 21546
Remote Config [baseline] (575.579 µs) : 0, 576
Remote Config [candidate] (575.211 µs) : 0, 575
Telemetry [baseline] (6.399 ms) : 0, 6399
Telemetry [candidate] (6.53 ms) : 0, 6530
LoadRequest duration reports for petclinicgantt
title petclinic - request duration [CI 0.99] : candidate=1.32.0-SNAPSHOT~85fa55e998, baseline=1.32.0-SNAPSHOT~ee9c0f803a
dateFormat X
axisFormat %s
section baseline
no_agent (1.353 ms) : 1334, 1372
. : milestone, 1353,
appsec (1.767 ms) : 1743, 1790
. : milestone, 1767,
iast (1.507 ms) : 1483, 1531
. : milestone, 1507,
profiling (1.53 ms) : 1506, 1555
. : milestone, 1530,
tracing (1.515 ms) : 1491, 1539
. : milestone, 1515,
section candidate
no_agent (1.35 ms) : 1330, 1369
. : milestone, 1350,
appsec (1.768 ms) : 1745, 1791
. : milestone, 1768,
iast (1.516 ms) : 1493, 1539
. : milestone, 1516,
profiling (1.532 ms) : 1509, 1555
. : milestone, 1532,
tracing (1.504 ms) : 1482, 1527
. : milestone, 1504,
Request duration reports for insecure-bankgantt
title insecure-bank - request duration [CI 0.99] : candidate=1.32.0-SNAPSHOT~85fa55e998, baseline=1.32.0-SNAPSHOT~ee9c0f803a
dateFormat X
axisFormat %s
section baseline
no_agent (360.29 µs) : 341, 380
. : milestone, 360,
iast (469.92 µs) : 449, 490
. : milestone, 470,
iast_FULL (535.82 µs) : 515, 556
. : milestone, 536,
iast_GLOBAL (484.688 µs) : 465, 505
. : milestone, 485,
iast_HARDCODED_SECRET_DISABLED (472.118 µs) : 452, 493
. : milestone, 472,
iast_INACTIVE (445.457 µs) : 424, 466
. : milestone, 445,
iast_TELEMETRY_OFF (468.608 µs) : 448, 489
. : milestone, 469,
tracing (443.939 µs) : 423, 465
. : milestone, 444,
section candidate
no_agent (359.761 µs) : 340, 380
. : milestone, 360,
iast (475.295 µs) : 454, 496
. : milestone, 475,
iast_FULL (539.856 µs) : 519, 561
. : milestone, 540,
iast_GLOBAL (491.01 µs) : 470, 512
. : milestone, 491,
iast_HARDCODED_SECRET_DISABLED (477.928 µs) : 457, 499
. : milestone, 478,
iast_INACTIVE (446.421 µs) : 426, 467
. : milestone, 446,
iast_TELEMETRY_OFF (468.053 µs) : 447, 489
. : milestone, 468,
tracing (437.61 µs) : 417, 458
. : milestone, 438,
|
am312
approved these changes
Feb 21, 2024
ValentinZakharov
force-pushed
the
vzakharov/enable_api_sec
branch
from
February 26, 2024 10:03
53236f4
to
c572728
Compare
manuel-alvarez-alvarez
approved these changes
Feb 27, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What Does This Do
API Security enabled by default
To disable API Security use environment variable
DD_API_SECURITY_ENABLED=false
or startup option-Ddd.api-security.enabled=false