Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WAF telemetry #2735

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

WAF telemetry #2735

wants to merge 3 commits into from

Conversation

cataphract
Copy link
Contributor

Description

See individual commits for descriptions of the changes.

Reviewer checklist

  • Test coverage seems ok.
  • Appropriate labels assigned.

@cataphract cataphract requested review from a team as code owners June 27, 2024 10:26
@codecov-commenter
Copy link

codecov-commenter commented Jun 27, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 73.97%. Comparing base (7b487bd) to head (b3f6f9f).

❗ There is a different number of reports uploaded between BASE (7b487bd) and HEAD (b3f6f9f). Click for more details.

HEAD has 1 upload less than BASE
Flag BASE (7b487bd) HEAD (b3f6f9f)
tracer-php 12 11
Additional details and impacted files

Impacted file tree graph

@@             Coverage Diff              @@
##             master    #2735      +/-   ##
============================================
- Coverage     82.10%   73.97%   -8.13%     
  Complexity     2527     2527              
============================================
  Files           108      108              
  Lines         10360    10360              
============================================
- Hits           8506     7664     -842     
- Misses         1854     2696     +842
Flag Coverage Δ
tracer-php 73.97% <ø> (-8.13%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

see 8 files with indirect coverage changes

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 7b487bd...b3f6f9f. Read the comment docs.

@pr-commenter
Copy link

pr-commenter bot commented Jun 27, 2024
edited
Loading

Benchmarks

Benchmark execution time: 2024-07-13 00:47:21

Comparing candidate commit a225a90 in PR branch glopes/waf-telemetry with baseline commit 4c3832d in branch master.

Found 17 performance improvements and 0 performance regressions! Performance is the same for 161 metrics, 0 unstable metrics.

scenario:EmptyFileBench/benchEmptyFileBaseline

  • 🟩 execution_time [-398.670µs; -235.850µs] or [-14.264%; -8.439%]

scenario:EmptyFileBench/benchEmptyFileBaseline-opcache

  • 🟩 execution_time [-430.977µs; -266.503µs] or [-14.768%; -9.132%]

scenario:EmptyFileBench/benchEmptyFileOverhead

  • 🟩 execution_time [-500.727µs; -340.853µs] or [-15.926%; -10.841%]

scenario:EmptyFileBench/benchEmptyFileOverhead-opcache

  • 🟩 execution_time [-541.737µs; -402.743µs] or [-16.620%; -12.356%]

scenario:LaravelBench/benchLaravelBaseline

  • 🟩 execution_time [-419.144µs; -246.976µs] or [-14.387%; -8.478%]

scenario:LaravelBench/benchLaravelBaseline-opcache

  • 🟩 execution_time [-407.735µs; -267.945µs] or [-13.502%; -8.873%]

scenario:LaravelBench/benchLaravelOverhead

  • 🟩 execution_time [-606.339µs; -426.181µs] or [-18.143%; -12.753%]

scenario:LaravelBench/benchLaravelOverhead-opcache

  • 🟩 execution_time [-565.431µs; -362.429µs] or [-16.594%; -10.636%]

scenario:MessagePackSerializationBench/benchMessagePackSerialization-opcache

  • 🟩 execution_time [-7.998µs; -5.782µs] or [-3.347%; -2.419%]

scenario:SymfonyBench/benchSymfonyBaseline

  • 🟩 execution_time [-300.154µs; -218.546µs] or [-5.000%; -3.641%]

scenario:SymfonyBench/benchSymfonyBaseline-opcache

  • 🟩 execution_time [-314.024µs; -269.696µs] or [-5.139%; -4.413%]

scenario:SymfonyBench/benchSymfonyOverhead

  • 🟩 execution_time [-734.478µs; -678.602µs] or [-10.406%; -9.615%]

scenario:SymfonyBench/benchSymfonyOverhead-opcache

  • 🟩 execution_time [-720.026µs; -639.954µs] or [-10.068%; -8.948%]

scenario:TraceSerializationBench/benchSerializeTrace

  • 🟩 execution_time [-8.473µs; -5.227µs] or [-4.195%; -2.588%]

scenario:TraceSerializationBench/benchSerializeTrace-opcache

  • 🟩 mem_peak [-167.139KB; -62.645KB] or [-7.538%; -2.825%]

scenario:WordPressBench/benchWordPressOverhead

  • 🟩 execution_time [-11.984ms; -9.469ms] or [-5.473%; -4.325%]

scenario:WordPressBench/benchWordPressOverhead-opcache

  • 🟩 execution_time [-10.767ms; -8.338ms] or [-4.933%; -3.821%]

@cataphract cataphract force-pushed the glopes/waf-telemetry branch 2 times, most recently from 8464095 to d91cd3f Compare June 27, 2024 17:35
iamluc
iamluc reviewed Jun 28, 2024
View reviewed changes
ext/telemetry.c Outdated Show resolved Hide resolved
@cataphract cataphract force-pushed the glopes/waf-telemetry branch 5 times, most recently from e777ab6 to 8239978 Compare July 4, 2024 16:53
@cataphract cataphract closed this Jul 5, 2024
@cataphract cataphract reopened this Jul 5, 2024
@cataphract cataphract force-pushed the glopes/waf-telemetry branch 9 times, most recently from 6b37ec2 to ad72485 Compare July 11, 2024 17:19
@cataphract cataphract force-pushed the glopes/waf-telemetry branch 3 times, most recently from 1b22395 to a225a90 Compare July 13, 2024 00:19
@pr-commenter
Copy link

pr-commenter bot commented Oct 10, 2024
edited
Loading

Benchmarks [ tracer ]

Benchmark execution time: 2024-11-11 12:23:45

Comparing candidate commit b3f6f9f in PR branch glopes/waf-telemetry with baseline commit 7b487bd in branch master.

Found 0 performance improvements and 2 performance regressions! Performance is the same for 176 metrics, 0 unstable metrics.

scenario:PDOBench/benchPDOBaseline

  • 🟥 execution_time [+15.094µs; +16.101µs] or [+6.754%; +7.205%]

scenario:PDOBench/benchPDOBaseline-opcache

  • 🟥 execution_time [+8.749µs; +16.131µs] or [+3.884%; +7.161%]

@pr-commenter
Copy link

pr-commenter bot commented Oct 10, 2024
edited
Loading

Benchmarks [ appsec ]

Benchmark execution time: 2024-11-11 12:23:13

Comparing candidate commit b3f6f9f in PR branch glopes/waf-telemetry with baseline commit 7b487bd in branch master.

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

@cataphract cataphract force-pushed the glopes/waf-telemetry branch 4 times, most recently from 4e07791 to e00d8b6 Compare October 15, 2024 11:47
Anilm3
Anilm3 approved these changes Oct 22, 2024
View reviewed changes
Copy link
Contributor

@Anilm3 Anilm3 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I left a number of comments, everything looks correct albeit there could be some improvements around the helper telemetry API and the naming conventions.

appsec/src/extension/commands_helpers.c Outdated Show resolved Hide resolved
appsec/src/extension/commands_helpers.c Show resolved Hide resolved
appsec/src/extension/ddtrace.h Show resolved Hide resolved
appsec/src/helper/client.cpp Outdated Show resolved Hide resolved
appsec/src/helper/client.cpp Outdated Show resolved Hide resolved
appsec/src/helper/metrics.cpp Outdated Show resolved Hide resolved
appsec/src/helper/remote_config/client_handler.cpp Outdated Show resolved Hide resolved
appsec/src/helper/service.hpp Show resolved Hide resolved
appsec/src/helper/service.hpp Show resolved Hide resolved
appsec/src/helper/subscriber/waf.cpp Show resolved Hide resolved
@cataphract cataphract force-pushed the glopes/waf-telemetry branch 2 times, most recently from 9ae5168 to 7f4cb58 Compare November 6, 2024 18:02
@cataphract cataphract mentioned this pull request Nov 11, 2024
Open
estringana
estringana reviewed Nov 12, 2024
View reviewed changes
appsec/src/extension/commands_helpers.c
@@ -648,6 +678,103 @@ bool dd_command_process_metrics(mpack_node_t root, zend_object *nonnull span)
return true;
}

static void _handle_telemetry_metric(const char *nonnull key_str,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure if it is a good practice or I made it up but, should this early declaration be at the top?

Copy link
Collaborator

@bwoebi bwoebi Nov 12, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You put these at the top if you use these multiple times at various places across a file. For a single use like here, there's no reason to.

estringana
estringana reviewed Nov 12, 2024
View reviewed changes
appsec/src/extension/ddtrace.c
@@ -123,6 +147,7 @@ void dd_trace_startup()

if (get_global_DD_APPSEC_TESTING()) {
_register_testing_objects();
_setup_testing_telemetry_functions();
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I coudln't get why this is within APPSEC_TESTING. I'm probably missing something

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok. Makes sense

estringana
estringana reviewed Nov 12, 2024
View reviewed changes
appsec/src/helper/network/proto.hpp
@@ -89,6 +89,9 @@ template <typename T> struct base_response_generic : public base_response {
}
};

using telemetry_metrics =
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is not used

estringana
estringana reviewed Nov 12, 2024
View reviewed changes
appsec/src/extension/commands_helpers.c
} \
} while (0)

HANDLE_METRIC("waf.requests", DDTRACE_METRIC_TYPE_COUNT);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I saw you added some integration tests checking this metrics but I am missing some PHPT checking the extension.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would also allow you to test unknown telemetry metrics

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bwoebi bwoebi bwoebi left review comments

@iamluc iamluc iamluc left review comments

@estringana estringana estringana left review comments

@Anilm3 Anilm3 Anilm3 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@cataphract @codecov-commenter @Anilm3 @estringana @iamluc @bwoebi