mirror of
https://github.com/securego/gosec.git
synced 2024-12-25 03:55:54 +00:00
Add a build step to measure the scan perfomance
This step will measure the scan performance difference against the master version. Change-Id: I1b9196ef3348350cf818471f55d9024d14064ac6 Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
This commit is contained in:
parent
bcec04e784
commit
c52dc0ea4e
3 changed files with 50 additions and 1 deletions
2
.github/workflows/ci.yml
vendored
2
.github/workflows/ci.yml
vendored
|
@ -37,6 +37,8 @@ jobs:
|
||||||
args: ./...
|
args: ./...
|
||||||
- name: Run Tests
|
- name: Run Tests
|
||||||
run: make test
|
run: make test
|
||||||
|
- name: Perf Diff
|
||||||
|
run: make perf-diff
|
||||||
coverage:
|
coverage:
|
||||||
needs: [test]
|
needs: [test]
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
|
5
Makefile
5
Makefile
|
@ -92,4 +92,7 @@ image-push: image
|
||||||
tlsconfig:
|
tlsconfig:
|
||||||
go generate ./...
|
go generate ./...
|
||||||
|
|
||||||
.PHONY: test build clean release image image-push tlsconfig
|
perf-diff:
|
||||||
|
./perf-diff.sh
|
||||||
|
|
||||||
|
.PHONY: test build clean release image image-push tlsconfig perf-diff
|
||||||
|
|
44
perf-diff.sh
Executable file
44
perf-diff.sh
Executable file
|
@ -0,0 +1,44 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
BIN="gosec"
|
||||||
|
BUILD_DIR="/tmp/securego"
|
||||||
|
|
||||||
|
# Scan the current folder and measure the duration.
|
||||||
|
function scan() {
|
||||||
|
local scan_cmd=$1
|
||||||
|
s=$(date +%s%3N)
|
||||||
|
$scan_cmd -quiet ./...
|
||||||
|
e=$(date +%s%3N)
|
||||||
|
res=$(expr $e - $s)
|
||||||
|
echo $res
|
||||||
|
}
|
||||||
|
|
||||||
|
# Build the master reference version.
|
||||||
|
mkdir -p ${BUILD_DIR}
|
||||||
|
git clone --quiet https://github.com/securego/gosec.git ${BUILD_DIR} >/dev/null
|
||||||
|
make -C ${BUILD_DIR} >/dev/null
|
||||||
|
|
||||||
|
# Scan once with the main reference.
|
||||||
|
duration_master=$(scan "${BUILD_DIR}/${BIN}")
|
||||||
|
echo "gosec reference time: ${duration_master}ms"
|
||||||
|
|
||||||
|
# Build the current version.
|
||||||
|
make -C . >/dev/null
|
||||||
|
|
||||||
|
# Scan once with the current version.
|
||||||
|
duration=$(scan "./${BIN}")
|
||||||
|
echo "gosec time: ${duration}ms"
|
||||||
|
|
||||||
|
# Compute the difference of the execution time.
|
||||||
|
diff=$(($duration - $duration_master))
|
||||||
|
if [[ diff -lt 0 ]]; then
|
||||||
|
diff=$(($diff * -1))
|
||||||
|
fi
|
||||||
|
echo "diff: ${diff}ms"
|
||||||
|
perf=$((100 - ($duration * 100) / $duration_master))
|
||||||
|
echo "perf diff: ${perf}%"
|
||||||
|
|
||||||
|
# Fail the build if there is a performance degradation of more than 10%.
|
||||||
|
if [[ $perf -lt -10 ]]; then
|
||||||
|
exit 1
|
||||||
|
fi
|
Loading…
Reference in a new issue