Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add session tracking support to vert.x 3/4 #7953

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Add session tracking support to vert.x 3/4 #7953

wants to merge 2 commits into from

Conversation

manuel-alvarez-alvarez
Copy link
Member

@manuel-alvarez-alvarez manuel-alvarez-alvarez commented Nov 14, 2024
edited by jira bot
Loading

What Does This Do

Includes a new advice for the RoutingContext#setSession method to notify the WAF about the requested session id.

Motivation

Additional Notes

Contributor Checklist

Jira ticket: APPSEC-55855

@manuel-alvarez-alvarez manuel-alvarez-alvarez added comp: asm waf Application Security Management (WAF) inst: vertx Eclipse Vert.x instrumentation labels Nov 14, 2024
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Nov 14, 2024
edited
Loading

Hi! 👋 Thanks for your pull request! 🎉

To help us review it, please make sure to:

  • Add at least one type, and one component or instrumentation label to the pull request

If you need help, please check our contributing guidelines.

@manuel-alvarez-alvarez manuel-alvarez-alvarez marked this pull request as draft November 14, 2024 11:52
@manuel-alvarez-alvarez manuel-alvarez-alvarez marked this pull request as ready for review November 14, 2024 11:59
@pr-commenter
Copy link

pr-commenter bot commented Nov 14, 2024
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master malvarez/appsec-session-tracking-vertx
git_commit_date 1732290365 1732290530
git_commit_sha 79ca6e4 68af1e0
release_version 1.43.0-SNAPSHOT~79ca6e471f 1.43.0-SNAPSHOT~68af1e048c
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1732292984 1732292984
ci_job_id 717278362 717278362
ci_pipeline_id 49740919 49740919
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
module Agent Agent
parent None None
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 53 metrics, 10 unstable metrics.

Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.43.0-SNAPSHOT~68af1e048c, baseline=1.43.0-SNAPSHOT~79ca6e471f

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.104 s) : 0, 1103590
Total [baseline] (8.776 s) : 0, 8776128
Agent [candidate] (1.087 s) : 0, 1087077
Total [candidate] (8.631 s) : 0, 8630804
section iast
Agent [baseline] (1.215 s) : 0, 1215017
Total [baseline] (9.165 s) : 0, 9165473
Agent [candidate] (1.215 s) : 0, 1215196
Total [candidate] (9.168 s) : 0, 9168360
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.216 s) : 0, 1215578
Total [baseline] (9.16 s) : 0, 9160046
Agent [candidate] (1.224 s) : 0, 1224287
Total [candidate] (9.191 s) : 0, 9190699
section iast_TELEMETRY_OFF
Agent [baseline] (1.212 s) : 0, 1211866
Total [baseline] (9.157 s) : 0, 9157018
Agent [candidate] (1.213 s) : 0, 1212674
Total [candidate] (9.148 s) : 0, 9148079
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.104 s -
Agent iast 1.215 s 111.427 ms (10.1%)
Agent iast_HARDCODED_SECRET_DISABLED 1.216 s 111.988 ms (10.1%)
Agent iast_TELEMETRY_OFF 1.212 s 108.276 ms (9.8%)
Total tracing 8.776 s -
Total iast 9.165 s 389.345 ms (4.4%)
Total iast_HARDCODED_SECRET_DISABLED 9.16 s 383.918 ms (4.4%)
Total iast_TELEMETRY_OFF 9.157 s 380.89 ms (4.3%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.087 s -
Agent iast 1.215 s 128.119 ms (11.8%)
Agent iast_HARDCODED_SECRET_DISABLED 1.224 s 137.21 ms (12.6%)
Agent iast_TELEMETRY_OFF 1.213 s 125.597 ms (11.6%)
Total tracing 8.631 s -
Total iast 9.168 s 537.555 ms (6.2%)
Total iast_HARDCODED_SECRET_DISABLED 9.191 s 559.895 ms (6.5%)
Total iast_TELEMETRY_OFF 9.148 s 517.274 ms (6.0%) 
gantt
    title insecure-bank - break down per module: candidate=1.43.0-SNAPSHOT~68af1e048c, baseline=1.43.0-SNAPSHOT~79ca6e471f

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (701.053 ms) : 0, 701053
BytebuddyAgent [candidate] (691.646 ms) : 0, 691646
GlobalTracer [baseline] (321.689 ms) : 0, 321689
GlobalTracer [candidate] (316.546 ms) : 0, 316546
AppSec [baseline] (55.539 ms) : 0, 55539
AppSec [candidate] (54.548 ms) : 0, 54548
Remote Config [baseline] (701.603 µs) : 0, 702
Remote Config [candidate] (680.937 µs) : 0, 681
Telemetry [baseline] (10.768 ms) : 0, 10768
Telemetry [candidate] (9.98 ms) : 0, 9980
section iast
BytebuddyAgent [baseline] (808.519 ms) : 0, 808519
BytebuddyAgent [candidate] (808.912 ms) : 0, 808912
GlobalTracer [baseline] (306.305 ms) : 0, 306305
GlobalTracer [candidate] (306.065 ms) : 0, 306065
AppSec [baseline] (56.271 ms) : 0, 56271
AppSec [candidate] (57.82 ms) : 0, 57820
IAST [baseline] (22.26 ms) : 0, 22260
IAST [candidate] (20.697 ms) : 0, 20697
Remote Config [baseline] (599.567 µs) : 0, 600
Remote Config [candidate] (597.458 µs) : 0, 597
Telemetry [baseline] (7.402 ms) : 0, 7402
Telemetry [candidate] (7.441 ms) : 0, 7441
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (809.098 ms) : 0, 809098
BytebuddyAgent [candidate] (815.389 ms) : 0, 815389
GlobalTracer [baseline] (306.301 ms) : 0, 306301
GlobalTracer [candidate] (308.051 ms) : 0, 308051
AppSec [baseline] (57.71 ms) : 0, 57710
AppSec [candidate] (56.437 ms) : 0, 56437
IAST [baseline] (20.664 ms) : 0, 20664
IAST [candidate] (22.5 ms) : 0, 22500
Remote Config [baseline] (606.867 µs) : 0, 607
Remote Config [candidate] (620.664 µs) : 0, 621
Telemetry [baseline] (7.487 ms) : 0, 7487
Telemetry [candidate] (7.524 ms) : 0, 7524
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (806.466 ms) : 0, 806466
BytebuddyAgent [candidate] (806.526 ms) : 0, 806526
GlobalTracer [baseline] (305.555 ms) : 0, 305555
GlobalTracer [candidate] (306.08 ms) : 0, 306080
AppSec [baseline] (57.928 ms) : 0, 57928
AppSec [candidate] (57.287 ms) : 0, 57287
IAST [baseline] (20.296 ms) : 0, 20296
IAST [candidate] (21.168 ms) : 0, 21168
Remote Config [baseline] (618.699 µs) : 0, 619
Remote Config [candidate] (613.79 µs) : 0, 614
Telemetry [baseline] (7.311 ms) : 0, 7311
Telemetry [candidate] (7.304 ms) : 0, 7304
Loading
Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.43.0-SNAPSHOT~68af1e048c, baseline=1.43.0-SNAPSHOT~79ca6e471f

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.094 s) : 0, 1094058
Total [baseline] (10.412 s) : 0, 10411776
Agent [candidate] (1.086 s) : 0, 1086305
Total [candidate] (10.421 s) : 0, 10420507
section appsec
Agent [baseline] (1.222 s) : 0, 1221706
Total [baseline] (10.701 s) : 0, 10701487
Agent [candidate] (1.227 s) : 0, 1227197
Total [candidate] (10.682 s) : 0, 10681909
section iast
Agent [baseline] (1.223 s) : 0, 1223176
Total [baseline] (10.951 s) : 0, 10950813
Agent [candidate] (1.218 s) : 0, 1217585
Total [candidate] (10.915 s) : 0, 10915132
section profiling
Agent [baseline] (1.322 s) : 0, 1322452
Total [baseline] (10.776 s) : 0, 10775931
Agent [candidate] (1.325 s) : 0, 1324783
Total [candidate] (10.793 s) : 0, 10792760
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.094 s -
Agent appsec 1.222 s 127.648 ms (11.7%)
Agent iast 1.223 s 129.118 ms (11.8%)
Agent profiling 1.322 s 228.395 ms (20.9%)
Total tracing 10.412 s -
Total appsec 10.701 s 289.711 ms (2.8%)
Total iast 10.951 s 539.037 ms (5.2%)
Total profiling 10.776 s 364.155 ms (3.5%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.086 s -
Agent appsec 1.227 s 140.892 ms (13.0%)
Agent iast 1.218 s 131.279 ms (12.1%)
Agent profiling 1.325 s 238.478 ms (22.0%)
Total tracing 10.421 s -
Total appsec 10.682 s 261.401 ms (2.5%)
Total iast 10.915 s 494.625 ms (4.7%)
Total profiling 10.793 s 372.253 ms (3.6%) 
gantt
    title petclinic - break down per module: candidate=1.43.0-SNAPSHOT~68af1e048c, baseline=1.43.0-SNAPSHOT~79ca6e471f

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (695.731 ms) : 0, 695731
BytebuddyAgent [candidate] (690.824 ms) : 0, 690824
GlobalTracer [baseline] (317.935 ms) : 0, 317935
GlobalTracer [candidate] (316.005 ms) : 0, 316005
AppSec [baseline] (54.53 ms) : 0, 54530
AppSec [candidate] (54.394 ms) : 0, 54394
Remote Config [baseline] (692.789 µs) : 0, 693
Remote Config [candidate] (699.883 µs) : 0, 700
Telemetry [baseline] (11.395 ms) : 0, 11395
Telemetry [candidate] (10.682 ms) : 0, 10682
section appsec
BytebuddyAgent [baseline] (708.548 ms) : 0, 708548
BytebuddyAgent [candidate] (713.171 ms) : 0, 713171
GlobalTracer [baseline] (313.794 ms) : 0, 313794
GlobalTracer [candidate] (314.641 ms) : 0, 314641
AppSec [baseline] (166.319 ms) : 0, 166319
AppSec [candidate] (165.559 ms) : 0, 165559
IAST [baseline] (21.237 ms) : 0, 21237
IAST [candidate] (21.088 ms) : 0, 21088
Remote Config [baseline] (634.937 µs) : 0, 635
Remote Config [candidate] (637.624 µs) : 0, 638
Telemetry [baseline] (8.138 ms) : 0, 8138
Telemetry [candidate] (8.865 ms) : 0, 8865
section iast
BytebuddyAgent [baseline] (814.088 ms) : 0, 814088
BytebuddyAgent [candidate] (810.335 ms) : 0, 810335
GlobalTracer [baseline] (307.911 ms) : 0, 307911
GlobalTracer [candidate] (306.57 ms) : 0, 306570
AppSec [baseline] (58.412 ms) : 0, 58412
AppSec [candidate] (57.294 ms) : 0, 57294
IAST [baseline] (20.843 ms) : 0, 20843
IAST [candidate] (21.648 ms) : 0, 21648
Remote Config [baseline] (612.032 µs) : 0, 612
Remote Config [candidate] (601.182 µs) : 0, 601
Telemetry [baseline] (7.551 ms) : 0, 7551
Telemetry [candidate] (7.448 ms) : 0, 7448
section profiling
BytebuddyAgent [baseline] (690.438 ms) : 0, 690438
BytebuddyAgent [candidate] (690.745 ms) : 0, 690745
GlobalTracer [baseline] (436.697 ms) : 0, 436697
GlobalTracer [candidate] (438.031 ms) : 0, 438031
AppSec [baseline] (53.946 ms) : 0, 53946
AppSec [candidate] (54.145 ms) : 0, 54145
Remote Config [baseline] (671.834 µs) : 0, 672
Remote Config [candidate] (659.258 µs) : 0, 659
Telemetry [baseline] (7.83 ms) : 0, 7830
Telemetry [candidate] (7.904 ms) : 0, 7904
ProfilingAgent [baseline] (93.655 ms) : 0, 93655
ProfilingAgent [candidate] (93.959 ms) : 0, 93959
Profiling [baseline] (93.679 ms) : 0, 93679
Profiling [candidate] (93.982 ms) : 0, 93982
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2024-11-22T15:59:50 2024-11-22T16:06:47
git_branch master malvarez/appsec-session-tracking-vertx
git_commit_date 1732290365 1732290530
git_commit_sha 79ca6e4 68af1e0
release_version 1.43.0-SNAPSHOT~79ca6e471f 1.43.0-SNAPSHOT~68af1e048c
start_time 2024-11-22T15:59:37 2024-11-22T16:06:33
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1732291959 1732291959
ci_job_id 717278363 717278363
ci_pipeline_id 49740919 49740919
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 17 unstable metrics.

Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.43.0-SNAPSHOT~68af1e048c, baseline=1.43.0-SNAPSHOT~79ca6e471f
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.363 ms) : 1343, 1383
.   : milestone, 1363,
appsec (1.724 ms) : 1698, 1749
.   : milestone, 1724,
appsec_no_iast (1.744 ms) : 1720, 1769
.   : milestone, 1744,
iast (1.484 ms) : 1461, 1507
.   : milestone, 1484,
profiling (1.521 ms) : 1496, 1545
.   : milestone, 1521,
tracing (1.465 ms) : 1440, 1490
.   : milestone, 1465,
section candidate
no_agent (1.355 ms) : 1336, 1375
.   : milestone, 1355,
appsec (1.745 ms) : 1720, 1770
.   : milestone, 1745,
appsec_no_iast (1.733 ms) : 1707, 1759
.   : milestone, 1733,
iast (1.486 ms) : 1464, 1509
.   : milestone, 1486,
profiling (1.567 ms) : 1543, 1592
.   : milestone, 1567,
tracing (1.475 ms) : 1449, 1500
.   : milestone, 1475,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.363 ms [1.343 ms, 1.383 ms] -
appsec 1.724 ms [1.698 ms, 1.749 ms] 360.582 µs (26.5%)
appsec_no_iast 1.744 ms [1.72 ms, 1.769 ms] 381.44 µs (28.0%)
iast 1.484 ms [1.461 ms, 1.507 ms] 121.015 µs (8.9%)
profiling 1.521 ms [1.496 ms, 1.545 ms] 157.573 µs (11.6%)
tracing 1.465 ms [1.44 ms, 1.49 ms] 102.076 µs (7.5%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.355 ms [1.336 ms, 1.375 ms] -
appsec 1.745 ms [1.72 ms, 1.77 ms] 389.379 µs (28.7%)
appsec_no_iast 1.733 ms [1.707 ms, 1.759 ms] 377.444 µs (27.8%)
iast 1.486 ms [1.464 ms, 1.509 ms] 130.624 µs (9.6%)
profiling 1.567 ms [1.543 ms, 1.592 ms] 211.943 µs (15.6%)
tracing 1.475 ms [1.449 ms, 1.5 ms] 119.076 µs (8.8%)
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.43.0-SNAPSHOT~68af1e048c, baseline=1.43.0-SNAPSHOT~79ca6e471f
    dateFormat X
    axisFormat %s
section baseline
no_agent (380.124 µs) : 358, 402
.   : milestone, 380,
iast (481.632 µs) : 460, 503
.   : milestone, 482,
iast_FULL (645.982 µs) : 625, 667
.   : milestone, 646,
iast_GLOBAL (509.075 µs) : 488, 530
.   : milestone, 509,
iast_HARDCODED_SECRET_DISABLED (487.204 µs) : 465, 509
.   : milestone, 487,
iast_INACTIVE (446.429 µs) : 425, 468
.   : milestone, 446,
iast_TELEMETRY_OFF (475.868 µs) : 455, 497
.   : milestone, 476,
tracing (446.102 µs) : 424, 468
.   : milestone, 446,
section candidate
no_agent (371.03 µs) : 351, 391
.   : milestone, 371,
iast (485.754 µs) : 464, 507
.   : milestone, 486,
iast_FULL (642.313 µs) : 621, 664
.   : milestone, 642,
iast_GLOBAL (512.201 µs) : 490, 534
.   : milestone, 512,
iast_HARDCODED_SECRET_DISABLED (485.251 µs) : 464, 507
.   : milestone, 485,
iast_INACTIVE (443.631 µs) : 422, 465
.   : milestone, 444,
iast_TELEMETRY_OFF (475.916 µs) : 455, 497
.   : milestone, 476,
tracing (443.663 µs) : 423, 465
.   : milestone, 444,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 380.124 µs [358.211 µs, 402.037 µs] -
iast 481.632 µs [460.357 µs, 502.907 µs] 101.508 µs (26.7%)
iast_FULL 645.982 µs [624.544 µs, 667.421 µs] 265.858 µs (69.9%)
iast_GLOBAL 509.075 µs [487.676 µs, 530.473 µs] 128.951 µs (33.9%)
iast_HARDCODED_SECRET_DISABLED 487.204 µs [465.498 µs, 508.909 µs] 107.08 µs (28.2%)
iast_INACTIVE 446.429 µs [425.091 µs, 467.768 µs] 66.305 µs (17.4%)
iast_TELEMETRY_OFF 475.868 µs [454.675 µs, 497.062 µs] 95.744 µs (25.2%)
tracing 446.102 µs [424.263 µs, 467.941 µs] 65.978 µs (17.4%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 371.03 µs [351.066 µs, 390.993 µs] -
iast 485.754 µs [464.281 µs, 507.227 µs] 114.724 µs (30.9%)
iast_FULL 642.313 µs [620.78 µs, 663.847 µs] 271.284 µs (73.1%)
iast_GLOBAL 512.201 µs [490.084 µs, 534.318 µs] 141.171 µs (38.0%)
iast_HARDCODED_SECRET_DISABLED 485.251 µs [463.909 µs, 506.594 µs] 114.221 µs (30.8%)
iast_INACTIVE 443.631 µs [422.306 µs, 464.956 µs] 72.601 µs (19.6%)
iast_TELEMETRY_OFF 475.916 µs [454.566 µs, 497.266 µs] 104.886 µs (28.3%)
tracing 443.663 µs [422.768 µs, 464.557 µs] 72.633 µs (19.6%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master malvarez/appsec-session-tracking-vertx
git_commit_date 1732290365 1732290530
git_commit_sha 79ca6e4 68af1e0
release_version 1.43.0-SNAPSHOT~79ca6e471f 1.43.0-SNAPSHOT~68af1e048c
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1732292564 1732292564
ci_job_id 717278364 717278364
ci_pipeline_id 49740919 49740919
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant appsec appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.43.0-SNAPSHOT~68af1e048c, baseline=1.43.0-SNAPSHOT~79ca6e471f
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.464 ms) : 1452, 1475
.   : milestone, 1464,
appsec (2.329 ms) : 2288, 2370
.   : milestone, 2329,
iast (2.08 ms) : 2028, 2133
.   : milestone, 2080,
iast_GLOBAL (2.116 ms) : 2063, 2168
.   : milestone, 2116,
profiling (1.95 ms) : 1908, 1991
.   : milestone, 1950,
tracing (1.928 ms) : 1888, 1968
.   : milestone, 1928,
section candidate
no_agent (1.469 ms) : 1457, 1480
.   : milestone, 1469,
appsec (2.318 ms) : 2277, 2359
.   : milestone, 2318,
iast (2.069 ms) : 2017, 2121
.   : milestone, 2069,
iast_GLOBAL (2.119 ms) : 2066, 2171
.   : milestone, 2119,
profiling (1.967 ms) : 1924, 2010
.   : milestone, 1967,
tracing (1.905 ms) : 1866, 1945
.   : milestone, 1905,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.464 ms [1.452 ms, 1.475 ms] -
appsec 2.329 ms [2.288 ms, 2.37 ms] 865.177 µs (59.1%)
iast 2.08 ms [2.028 ms, 2.133 ms] 616.441 µs (42.1%)
iast_GLOBAL 2.116 ms [2.063 ms, 2.168 ms] 652.228 µs (44.6%)
profiling 1.95 ms [1.908 ms, 1.991 ms] 485.928 µs (33.2%)
tracing 1.928 ms [1.888 ms, 1.968 ms] 464.345 µs (31.7%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.469 ms [1.457 ms, 1.48 ms] -
appsec 2.318 ms [2.277 ms, 2.359 ms] 849.658 µs (57.8%)
iast 2.069 ms [2.017 ms, 2.121 ms] 600.011 µs (40.9%)
iast_GLOBAL 2.119 ms [2.066 ms, 2.171 ms] 649.973 µs (44.3%)
profiling 1.967 ms [1.924 ms, 2.01 ms] 498.253 µs (33.9%)
tracing 1.905 ms [1.866 ms, 1.945 ms] 436.512 µs (29.7%)
Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.43.0-SNAPSHOT~68af1e048c, baseline=1.43.0-SNAPSHOT~79ca6e471f
    dateFormat X
    axisFormat %s
section baseline
no_agent (14.891 s) : 14891000, 14891000
.   : milestone, 14891000,
appsec (14.853 s) : 14853000, 14853000
.   : milestone, 14853000,
iast (19.21 s) : 19210000, 19210000
.   : milestone, 19210000,
iast_GLOBAL (18.064 s) : 18064000, 18064000
.   : milestone, 18064000,
profiling (14.927 s) : 14927000, 14927000
.   : milestone, 14927000,
tracing (14.897 s) : 14897000, 14897000
.   : milestone, 14897000,
section candidate
no_agent (15.25 s) : 15250000, 15250000
.   : milestone, 15250000,
appsec (14.865 s) : 14865000, 14865000
.   : milestone, 14865000,
iast (18.846 s) : 18846000, 18846000
.   : milestone, 18846000,
iast_GLOBAL (17.617 s) : 17617000, 17617000
.   : milestone, 17617000,
profiling (15.15 s) : 15150000, 15150000
.   : milestone, 15150000,
tracing (15.172 s) : 15172000, 15172000
.   : milestone, 15172000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 14.891 s [14.891 s, 14.891 s] -
appsec 14.853 s [14.853 s, 14.853 s] -38.0 ms (-0.3%)
iast 19.21 s [19.21 s, 19.21 s] 4.319 s (29.0%)
iast_GLOBAL 18.064 s [18.064 s, 18.064 s] 3.173 s (21.3%)
profiling 14.927 s [14.927 s, 14.927 s] 36.0 ms (0.2%)
tracing 14.897 s [14.897 s, 14.897 s] 6.0 ms (0.0%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.25 s [15.25 s, 15.25 s] -
appsec 14.865 s [14.865 s, 14.865 s] -385.0 ms (-2.5%)
iast 18.846 s [18.846 s, 18.846 s] 3.596 s (23.6%)
iast_GLOBAL 17.617 s [17.617 s, 17.617 s] 2.367 s (15.5%)
profiling 15.15 s [15.15 s, 15.15 s] -100.0 ms (-0.7%)
tracing 15.172 s [15.172 s, 15.172 s] -78.0 ms (-0.5%)

jandro996
jandro996 reviewed Nov 14, 2024
View reviewed changes
...rc/main/java/datadog/trace/instrumentation/vertx_3_4/server/RoutingContextSessionAdvice.java
Comment on lines +29 to +51
final CallbackProvider cbp = AgentTracer.get().getCallbackProvider(RequestContextSlot.APPSEC);
BiFunction<RequestContext, String, Flow<Void>> callback =
cbp.getCallback(EVENTS.requestSession());
if (callback == null) {
return;
}

Flow<Void> flow = callback.apply(reqCtx, session.id());
Flow.Action action = flow.getAction();
if (action instanceof Flow.Action.RequestBlockingAction) {
BlockResponseFunction blockResponseFunction = reqCtx.getBlockResponseFunction();
if (blockResponseFunction == null) {
return;
}
Flow.Action.RequestBlockingAction rba = (Flow.Action.RequestBlockingAction) action;
blockResponseFunction.tryCommitBlockingResponse(
reqCtx.getTraceSegment(),
rba.getStatusCode(),
rba.getBlockingContentType(),
rba.getExtraHeaders());
if (throwable == null) {
throwable = new BlockingException("Blocked request (for sessionId)");
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not related with this PR but I have the feeling that we are repeating this pice of code every time we need to block something 😅

jandro996
jandro996 approved these changes Nov 14, 2024
View reviewed changes
Copy link
Member

@jandro996 jandro996 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM but needs to fix problem with tests in other tests, like VertxRxCircuitBreakerHttpServerForkedTest

amarziali
amarziali reviewed Nov 21, 2024
View reviewed changes
...rc/main/java/datadog/trace/instrumentation/vertx_3_4/server/RoutingContextSessionAdvice.java
rba.getBlockingContentType(),
rba.getExtraHeaders());
if (throwable == null) {
throwable = new BlockingException("Blocked request (for sessionId)");
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should you need to change the throwable in this case or just not apply the advice at all?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@amarziali amarziali amarziali left review comments

@jandro996 jandro996 jandro996 approved these changes

@smola smola smola approved these changes

@ValentinZakharov ValentinZakharov Awaiting requested review from ValentinZakharov ValentinZakharov was automatically assigned from DataDog/asm-java

@Mariovido Mariovido Awaiting requested review from Mariovido Mariovido was automatically assigned from DataDog/asm-java

Assignees
No one assigned
Labels
comp: asm waf Application Security Management (WAF) inst: vertx Eclipse Vert.x instrumentation
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@manuel-alvarez-alvarez @smola @amarziali @jandro996