Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci(tests): add flamegraph job #5966

Merged
merged 1 commit into from
Jan 9, 2025
Merged

ci(tests): add flamegraph job #5966

merged 1 commit into from
Jan 9, 2025

Conversation

dwisiswant0
Copy link
Member

@dwisiswant0 dwisiswant0 commented Jan 8, 2025
edited by ehsandeep
Loading

Proposed changes

Close #5965

https://flamegraph.com/share/1736bd3a-ce74-11ef-9832-26c3e5347170

Checklist

  • Pull request is created against the dev branch
  • All checks passed (lint, unit/integration/regression tests etc.) with my changes
  • I have added tests that prove my fix is effective or that my feature works
  • I have added necessary documentation (if appropriate)

Summary by CodeRabbit

  • New Features
    • Added a new GitHub Actions workflow job for generating performance flamegraphs
    • Integrated memory profiling and scanning capabilities into the CI/CD pipeline

@dwisiswant0
ci(tests): add flamegraph job
f831a0f 
Signed-off-by: Dwi Siswanto <git@dw1.io>
@dwisiswant0 dwisiswant0 requested a review from Ice3man543 January 8, 2025 12:36
@auto-assign auto-assign bot requested a review from dogancanbakir January 8, 2025 12:36
@coderabbitai coderabbitai
Copy link

coderabbitai bot commented Jan 8, 2025
edited
Loading

Walkthrough

A new "Flamegraph" job has been added to the GitHub Actions workflow in .github/workflows/tests.yaml. This job runs after the "tests" job and focuses on performance profiling. It checks out the repository, builds the project, runs a Nuclei scan, and generates a flamegraph using the ProjectDiscovery flamegraph action. The job dynamically sets environment variables based on the GitHub event type and aims to provide interactive performance insights by uploading the profile to Flamegraph.com.

Changes

File Change Summary
.github/workflows/tests.yaml Added new flamegraph job with steps for: repository checkout, project build, Nuclei template update and scan, and flamegraph generation

Sequence Diagram

sequenceDiagram
    participant Tests as Tests Job
    participant Flamegraph as Flamegraph Job
    participant Nuclei as Nuclei Tool
    participant FlamegraphAction as Flamegraph Action

    Tests->>Flamegraph: Trigger after completion
    Flamegraph->>Flamegraph: Checkout repository
    Flamegraph->>Flamegraph: Build project
    Flamegraph->>Nuclei: Update templates
    Nuclei-->>Flamegraph: Templates updated
    Flamegraph->>Nuclei: Run scan with profiling
    Nuclei-->>Flamegraph: Scan complete
    Flamegraph->>FlamegraphAction: Generate flamegraph
    FlamegraphAction-->>Flamegraph: Flamegraph generated
Loading

Assessment against linked issues

Objective Addressed Explanation
Integrate Flamegraph profiling in GitHub Actions [#5965]
Profile during CI runs
Store profiling output with contextual names
Provide Flamegraph.com URL

Poem

🔥 Flames of Performance Dance! 🐰

In GitHub's CI, a rabbit's delight,
Profiling code with flamegraph's might,
Bottlenecks tremble, performance takes flight,
A digital whisker, measuring just right!

Hop hop hooray! 🚀

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

coderabbitai[bot]
coderabbitai bot reviewed Jan 8, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (4)
.github/workflows/tests.yaml (4)

137-143: Consider using an internal test endpoint.

The job setup looks good, but consider using an internal test endpoint instead of a public URL (scanme.sh) for more reliable and secure CI testing.

157-158: Add error handling for nuclei commands.

While the commands are correct, consider adding error handling to ensure the workflow fails appropriately if either command fails.

-      - run: ./bin/nuclei -silent -update-templates
-      - run: ./bin/nuclei -silent -u "${TARGET_URL}" -profile-mem="${PROFILE_MEM}"
+      - name: Update nuclei templates
+        run: ./bin/nuclei -silent -update-templates
+        continue-on-error: false
+      - name: Run nuclei scan with profiling
+        run: ./bin/nuclei -silent -u "${TARGET_URL}" -profile-mem="${PROFILE_MEM}"
+        continue-on-error: false

159-168: Add documentation for flamegraph URLs.

The flamegraph generation and URL output look good. Consider adding a comment or documentation explaining where these flamegraphs are hosted and how long they are retained.

       - uses: projectdiscovery/actions/flamegraph@master
         id: flamegraph
         with:
           profile: "${{ env.PROFILE_MEM }}.prof"
           name: "${{ env.FLAMEGRAPH_NAME }}"
         continue-on-error: true
+        # Flamegraphs are uploaded to Flamegraph.com and are publicly accessible
+        # The URL will be posted as a notice in the workflow run

137-168: Consider workflow optimization for large repositories.

The flamegraph job setup is well-structured. For large repositories with frequent commits, consider:

  1. Adding a conditional to run this job only on specific paths or tags
  2. Implementing caching for nuclei templates to speed up the workflow

Example condition:

flamegraph:
  if: |
    github.event_name == 'push' && (
      startsWith(github.ref, 'refs/tags/') ||
      contains(github.event.head_commit.modified, 'cmd/') ||
      contains(github.event.head_commit.modified, 'pkg/')
    )
🧰 Tools
🪛 actionlint (1.7.4)

149-149: shellcheck reported issue in this script: SC2086:info:1:71: Double quote to prevent globbing and word splitting

(shellcheck)

149-149: shellcheck reported issue in this script: SC2086:info:2:69: Double quote to prevent globbing and word splitting

(shellcheck)

154-154: shellcheck reported issue in this script: SC2086:info:1:68: Double quote to prevent globbing and word splitting

(shellcheck)

154-154: shellcheck reported issue in this script: SC2086:info:2:67: Double quote to prevent globbing and word splitting

(shellcheck)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 805cab4 and f831a0f.

📒 Files selected for processing (1)
  • .github/workflows/tests.yaml (1 hunks)
🧰 Additional context used
🪛 actionlint (1.7.4)
.github/workflows/tests.yaml

149-149: shellcheck reported issue in this script: SC2086:info:1:71: Double quote to prevent globbing and word splitting

(shellcheck)

149-149: shellcheck reported issue in this script: SC2086:info:2:69: Double quote to prevent globbing and word splitting

(shellcheck)

154-154: shellcheck reported issue in this script: SC2086:info:1:68: Double quote to prevent globbing and word splitting

(shellcheck)

154-154: shellcheck reported issue in this script: SC2086:info:2:67: Double quote to prevent globbing and word splitting

(shellcheck)

.github/workflows/tests.yaml
Comment on lines +147 to +156
- name: "Setup environment (push)"
if: ${{ github.event_name == 'push' }}
run: |
echo "PROFILE_MEM=${PROFILE_MEM}-${GITHUB_REF_NAME}-${GITHUB_SHA}" >> $GITHUB_ENV
echo "FLAMEGRAPH_NAME=nuclei-${GITHUB_REF_NAME} (${GITHUB_SHA})" >> $GITHUB_ENV
- name: "Setup environment (pull_request)"
if: ${{ github.event_name == 'pull_request' }}
run: |
echo "PROFILE_MEM=${PROFILE_MEM}-pr-${{ github.event.number }}" >> $GITHUB_ENV
echo "FLAMEGRAPH_NAME=nuclei (PR #${{ github.event.number }})" >> $GITHUB_ENV
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Fix shell script quoting issues.

The shell scripts should use proper quoting to prevent globbing and word splitting issues.

Apply this diff:

-          echo "PROFILE_MEM=${PROFILE_MEM}-${GITHUB_REF_NAME}-${GITHUB_SHA}" >> $GITHUB_ENV
-          echo "FLAMEGRAPH_NAME=nuclei-${GITHUB_REF_NAME} (${GITHUB_SHA})" >> $GITHUB_ENV
+          echo "PROFILE_MEM=${PROFILE_MEM}-${GITHUB_REF_NAME}-${GITHUB_SHA}" >> "${GITHUB_ENV}"
+          echo "FLAMEGRAPH_NAME=nuclei-${GITHUB_REF_NAME} (${GITHUB_SHA})" >> "${GITHUB_ENV}"

-          echo "PROFILE_MEM=${PROFILE_MEM}-pr-${{ github.event.number }}" >> $GITHUB_ENV
-          echo "FLAMEGRAPH_NAME=nuclei (PR #${{ github.event.number }})" >> $GITHUB_ENV
+          echo "PROFILE_MEM=${PROFILE_MEM}-pr-${{ github.event.number }}" >> "${GITHUB_ENV}"
+          echo "FLAMEGRAPH_NAME=nuclei (PR #${{ github.event.number }})" >> "${GITHUB_ENV}"
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
- name: "Setup environment (push)"
if: ${{ github.event_name == 'push' }}
run: |
echo "PROFILE_MEM=${PROFILE_MEM}-${GITHUB_REF_NAME}-${GITHUB_SHA}" >> $GITHUB_ENV
echo "FLAMEGRAPH_NAME=nuclei-${GITHUB_REF_NAME} (${GITHUB_SHA})" >> $GITHUB_ENV
- name: "Setup environment (pull_request)"
if: ${{ github.event_name == 'pull_request' }}
run: |
echo "PROFILE_MEM=${PROFILE_MEM}-pr-${{ github.event.number }}" >> $GITHUB_ENV
echo "FLAMEGRAPH_NAME=nuclei (PR #${{ github.event.number }})" >> $GITHUB_ENV
- name: "Setup environment (push)"
if: ${{ github.event_name == 'push' }}
run: |
echo "PROFILE_MEM=${PROFILE_MEM}-${GITHUB_REF_NAME}-${GITHUB_SHA}" >> "${GITHUB_ENV}"
echo "FLAMEGRAPH_NAME=nuclei-${GITHUB_REF_NAME} (${GITHUB_SHA})" >> "${GITHUB_ENV}"
- name: "Setup environment (pull_request)"
if: ${{ github.event_name == 'pull_request' }}
run: |
echo "PROFILE_MEM=${PROFILE_MEM}-pr-${{ github.event.number }}" >> "${GITHUB_ENV}"
echo "FLAMEGRAPH_NAME=nuclei (PR #${{ github.event.number }})" >> "${GITHUB_ENV}"
🧰 Tools
🪛 actionlint (1.7.4)

149-149: shellcheck reported issue in this script: SC2086:info:1:71: Double quote to prevent globbing and word splitting

(shellcheck)

149-149: shellcheck reported issue in this script: SC2086:info:2:69: Double quote to prevent globbing and word splitting

(shellcheck)

154-154: shellcheck reported issue in this script: SC2086:info:1:68: Double quote to prevent globbing and word splitting

(shellcheck)

154-154: shellcheck reported issue in this script: SC2086:info:2:67: Double quote to prevent globbing and word splitting

(shellcheck)

ehsandeep
ehsandeep approved these changes Jan 9, 2025
View reviewed changes
Copy link
Member

@ehsandeep ehsandeep left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

https://flamegraph.com/share/1736bd3a-ce74-11ef-9832-26c3e5347170

@ehsandeep ehsandeep merged commit 350da41 into dev Jan 9, 2025
19 of 20 checks passed
@ehsandeep ehsandeep deleted the dwisiswant0/ci/tests/add-flamegraph-job branch January 9, 2025 12:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@ehsandeep ehsandeep ehsandeep approved these changes

@Ice3man543 Ice3man543 Awaiting requested review from Ice3man543

@dogancanbakir dogancanbakir Awaiting requested review from dogancanbakir

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[FEATURE] Integrate Flamegraph.com for Interactive Perf Profiling
2 participants
@dwisiswant0 @ehsandeep