Skip to content

Commit

Permalink
Add a build step to measure the scan perfomance
Browse files Browse the repository at this point in the history
This step will measure the scan performance difference against the
master version.

Change-Id: I1b9196ef3348350cf818471f55d9024d14064ac6
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
  • Loading branch information
ccojocar committed Aug 26, 2024
1 parent bcec04e commit c52dc0e
Show file tree
Hide file tree
Showing 3 changed files with 50 additions and 1 deletion.
2 changes: 2 additions & 0 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,8 @@ jobs:
args: ./...
- name: Run Tests
run: make test
- name: Perf Diff
run: make perf-diff
coverage:
needs: [test]
runs-on: ubuntu-latest
Expand Down
5 changes: 4 additions & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -92,4 +92,7 @@ image-push: image
tlsconfig:
go generate ./...

.PHONY: test build clean release image image-push tlsconfig
perf-diff:
./perf-diff.sh

.PHONY: test build clean release image image-push tlsconfig perf-diff
44 changes: 44 additions & 0 deletions perf-diff.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
#!/bin/bash

BIN="gosec"
BUILD_DIR="/tmp/securego"

# Scan the current folder and measure the duration.
function scan() {
local scan_cmd=$1
s=$(date +%s%3N)
$scan_cmd -quiet ./...
e=$(date +%s%3N)
res=$(expr $e - $s)
echo $res
}

# Build the master reference version.
mkdir -p ${BUILD_DIR}
git clone --quiet https://github.com/securego/gosec.git ${BUILD_DIR} >/dev/null
make -C ${BUILD_DIR} >/dev/null

# Scan once with the main reference.
duration_master=$(scan "${BUILD_DIR}/${BIN}")
echo "gosec reference time: ${duration_master}ms"

# Build the current version.
make -C . >/dev/null

# Scan once with the current version.
duration=$(scan "./${BIN}")
echo "gosec time: ${duration}ms"

# Compute the difference of the execution time.
diff=$(($duration - $duration_master))
if [[ diff -lt 0 ]]; then
diff=$(($diff * -1))
fi
echo "diff: ${diff}ms"
perf=$((100 - ($duration * 100) / $duration_master))
echo "perf diff: ${perf}%"

# Fail the build if there is a performance degradation of more than 10%.
if [[ $perf -lt -10 ]]; then
exit 1
fi

0 comments on commit c52dc0e

Please sign in to comment.