-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[SBOM] Add memory based cache for Trivy #16983
Conversation
Bloop Bleep... Dogbot HereRegression Detector ResultsRun ID: 18807135-670e-4047-9905-48cfbbcfdab9 ExplanationA regression test is an integrated performance test for Because a target's optimization goal performance in each experiment will vary somewhat each time it is run, we can only estimate mean differences in optimization goal relative to the baseline target. We express these differences as a percentage change relative to the baseline target, denoted "Δ mean %". These estimates are made to a precision that balances accuracy and cost control. We represent this precision as a 90.00% confidence interval denoted "Δ mean % CI": there is a 90.00% chance that the true value of "Δ mean %" is in that interval. We decide whether a change in performance is a "regression" -- a change worth investigating further -- if both of the following two criteria are true:
The table below, if present, lists those experiments that have experienced a statistically significant change in mean optimization goal performance between baseline and comparison SHAs with 90.00% confidence OR have been detected as newly erratic. Negative values of "Δ mean %" mean that baseline is faster, whereas positive values of "Δ mean %" mean that comparison is faster. Results that do not exhibit more than a ±5.00% change in their mean optimization goal are discarded. An experiment is erratic if its coefficient of variation is greater than 0.1. The abbreviated table will be omitted if no interesting change is observed. Changes in experiment optimization goals with confidence ≥ 90.00% and |Δ mean %| ≥ 5.00%:
Fine details of change detection per experiment.
|
If we do not need the data after the cache perhaps we could clear it ? Also, we tried to implement the cache as a generic component to keep the telemetry. For that we have the type We also have an in memory cache implemented here but the methods don't have the same name as the ones in the Cache interface. We could either rename the |
The memoryCache is allocated at every scan and will be garbage collected.
I don't know if we want to have the telemetry for this as it will increase the number of cache misses and hits in a case where we don't want any cache. |
09dc8ac
to
2e969fd
Compare
What does this PR do?
Add a memory based cache for Trivy
Motivation
When scanning filesystems, Trivy computes the checksum of all the scanned dependencies,
store into the persistent cache. It can be pretty big (around to 30M) with little value as a
rescan of the filesystem will still cause a scan of the filesystems. If the checksum of the new
result is the same, it will use what's stored in the cache instead.
Additional Notes
Possible Drawbacks / Trade-offs
Describe how to test/QA your changes
Reviewer's Checklist
Triage
milestone is set.major_change
label if your change either has a major impact on the code base, is impacting multiple teams or is changing important well-established internals of the Agent. This label will be use during QA to make sure each team pay extra attention to the changed behavior. For any customer facing change use a releasenote.changelog/no-changelog
label has been applied.qa/skip-qa
label is not applied.team/..
label has been applied, indicating the team(s) that should QA this change.need-change/operator
andneed-change/helm
labels have been applied.k8s/<min-version>
label, indicating the lowest Kubernetes version compatible with this feature.