-
-
Notifications
You must be signed in to change notification settings - Fork 1.2k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Make trivy scan tentative to overcome rate limits
Related to aquasecurity/trivy-action#389 Signed-off-by: Oleksandr Porunov <[email protected]> (cherry picked from commit 1dae22f)
- Loading branch information
Showing
1 changed file
with
11 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -108,14 +108,23 @@ jobs: | |
export JG_VER="$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)-$(git rev-parse --short HEAD)" | ||
echo "JG_VER=${JG_VER}" >> $GITHUB_ENV | ||
- name: Run Trivy vulnerability scanner | ||
id: trivy_scan_step | ||
if: github.repository == 'janusgraph/janusgraph' | ||
uses: aquasecurity/[email protected] | ||
# TODO: currently this step is tentative because of the rate-limiting issue. | ||
# Thus, we add `continue-on-error: true` here, but we should remove it | ||
# when either the issue is fixed (see: https://github.com/aquasecurity/trivy-action/issues/389) | ||
# or we self-host trivy database. | ||
uses: aquasecurity/[email protected] | ||
continue-on-error: true | ||
with: | ||
image-ref: 'ghcr.io/janusgraph/janusgraph:${{ env.JG_VER }}${{ matrix.tag_suffix }}' | ||
format: 'sarif' | ||
output: 'trivy-results.sarif' | ||
env: | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
ACTIONS_RUNTIME_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
- name: Upload Trivy scan results to GitHub Security tab | ||
if: github.repository == 'janusgraph/janusgraph' | ||
if: github.repository == 'janusgraph/janusgraph' && success() && steps.trivy_scan_step.outcome == 'success' | ||
uses: github/codeql-action/upload-sarif@v3 | ||
with: | ||
sarif_file: 'trivy-results.sarif' | ||
|
22cdc67
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Benchmark
org.janusgraph.JanusGraphSpeedBenchmark.basicAddAndDelete
12405.208627668273
ms/op12994.438964091325
ms/op0.95
org.janusgraph.GraphCentricQueryBenchmark.getVertices
921.508315270549
ms/op957.3251909284766
ms/op0.96
org.janusgraph.MgmtOlapJobBenchmark.runClearIndex
216.50784714818843
ms/op216.45303196086957
ms/op1.00
org.janusgraph.MgmtOlapJobBenchmark.runReindex
337.2001201352381
ms/op342.81005004892853
ms/op0.98
org.janusgraph.JanusGraphSpeedBenchmark.basicCount
239.80182015855357
ms/op207.33680618088454
ms/op1.16
org.janusgraph.CQLMultiQueryMultiSlicesBenchmark.getValuesAllPropertiesWithAllMultiQuerySlicesUnderMaxRequestsPerConnection
4891.0854432215765
ms/op4953.295327365606
ms/op0.99
org.janusgraph.CQLMultiQueryBenchmark.getElementsWithUsingEmitRepeatSteps
16858.60419452917
ms/op16917.057558105356
ms/op1.00
org.janusgraph.CQLMultiQueryMultiSlicesBenchmark.getValuesMultiplePropertiesWithSmallBatch
20447.573213690004
ms/op18983.13907385985
ms/op1.08
org.janusgraph.CQLMultiQueryMultiSlicesBenchmark.vertexCentricPropertiesFetching
57302.20626103333
ms/op56527.85002600001
ms/op1.01
org.janusgraph.CQLMultiQueryBenchmark.getAllElementsTraversedFromOuterVertex
8197.678309544504
ms/op8433.13502817794
ms/op0.97
org.janusgraph.CQLMultiQueryBenchmark.getVerticesWithDoubleUnion
379.96929778990307
ms/op384.2152506805113
ms/op0.99
org.janusgraph.CQLMultiQueryMultiSlicesBenchmark.getValuesAllPropertiesWithUnlimitedBatch
4034.3811618397417
ms/op4227.1771161974975
ms/op0.95
org.janusgraph.CQLMultiQueryBenchmark.getNames
8315.604880141658
ms/op8339.221853925019
ms/op1.00
org.janusgraph.CQLMultiQueryMultiSlicesBenchmark.getValuesThreePropertiesWithAllMultiQuerySlicesUnderMaxRequestsPerConnection
5931.484831214282
ms/op5604.356576582386
ms/op1.06
org.janusgraph.CQLMultiQueryBenchmark.getLabels
7071.194568409148
ms/op7082.884761983721
ms/op1.00
org.janusgraph.CQLMultiQueryBenchmark.getVerticesFilteredByAndStep
423.20244318568405
ms/op430.31039337061094
ms/op0.98
org.janusgraph.CQLMultiQueryBenchmark.getVerticesFromMultiNestedRepeatStepStartingFromSingleVertex
12406.273151039215
ms/op12459.636105572155
ms/op1.00
org.janusgraph.CQLMultiQueryBenchmark.getVerticesWithCoalesceUsage
351.98918633074004
ms/op357.5981502840734
ms/op0.98
org.janusgraph.CQLMultiQueryMultiSlicesBenchmark.getValuesMultiplePropertiesWithAllMultiQuerySlicesUnderMaxRequestsPerConnection
15010.711758104653
ms/op14793.559446997619
ms/op1.01
org.janusgraph.CQLMultiQueryBenchmark.getIdToOutVerticesProjection
242.6053329160857
ms/op245.84974412075837
ms/op0.99
org.janusgraph.CQLMultiQueryMultiSlicesBenchmark.getValuesMultiplePropertiesWithUnlimitedBatch
14807.462419219097
ms/op13806.414282860256
ms/op1.07
org.janusgraph.CQLMultiQueryBenchmark.getNeighborNames
8204.971751665758
ms/op8411.967305495045
ms/op0.98
org.janusgraph.CQLMultiQueryBenchmark.getElementsWithUsingRepeatUntilSteps
9002.526134961223
ms/op9104.974810254043
ms/op0.99
org.janusgraph.CQLMultiQueryBenchmark.getAdjacentVerticesLocalCounts
8611.708108567997
ms/op8793.398072298722
ms/op0.98
This comment was automatically generated by workflow using github-action-benchmark.