diff --git a/.azure-pipelines.yml b/.azure-pipelines.yml index d9dc639da094..5b842b4b1ae7 100644 --- a/.azure-pipelines.yml +++ b/.azure-pipelines.yml @@ -55,3 +55,23 @@ jobs: parameters: perf_or_release: ${{ variables['perf_or_release'] }} perf_tests: ${{ variables['perf_tests'] }} + + - job: CredScan + variables: + Codeql.SkipTaskAutoInjection: true + skipComponentGovernanceDetection: true + pool: + vmImage: "ubuntu-20.04" + steps: + # Scan for credentials in the repo + - task: CredScan@3 + inputs: + suppressionsFile: .gdn/CredScanSuppressions.json + # To suppress folders, rather than individual files, we require both of the following options + debugMode: true + folderSuppression: true + + # Break the build if any credentials (or other Guardian scans) find issues + - task: PostAnalysis@2 + inputs: + GdnBreakAllTools: true diff --git a/.gdn/CredScanSuppressions.json b/.gdn/CredScanSuppressions.json new file mode 100644 index 000000000000..2edaf59cd5fd --- /dev/null +++ b/.gdn/CredScanSuppressions.json @@ -0,0 +1,13 @@ +{ + "tool": "Credential Scanner", + "suppressions": [ + { + "folder": ["3rdparty"], + "_justification": "Ignore 3rdparty test credentials" + }, + { + "folder": ["tests/testdata"], + "_justification": "Ignore test credentials" + } + ] +} diff --git a/attestation-container/go.mod b/attestation-container/go.mod index bf83891a815b..2a89e77a8ae8 100644 --- a/attestation-container/go.mod +++ b/attestation-container/go.mod @@ -3,7 +3,7 @@ module microsoft/attestation-container go 1.20 require ( - golang.org/x/sys v0.10.0 + golang.org/x/sys v0.11.0 google.golang.org/grpc v1.56.2 google.golang.org/protobuf v1.31.0 ) diff --git a/attestation-container/go.sum b/attestation-container/go.sum index 01b8c0dd3623..8aa620eb9863 100644 --- a/attestation-container/go.sum +++ b/attestation-container/go.sum @@ -5,8 +5,8 @@ github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= golang.org/x/net v0.9.0 h1:aWJ/m6xSmxWBx+V0XRHTlrYrPG56jKsLdTFmsSsCzOM= golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= -golang.org/x/sys v0.10.0 h1:SqMFp9UcQJZa+pmYuAKjd9xq1f0j5rLcDIk0mj4qAsA= -golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM= +golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/tests/infra/basicperf.py b/tests/infra/basicperf.py index fecce06bb65e..d0ee967b1fe5 100644 --- a/tests/infra/basicperf.py +++ b/tests/infra/basicperf.py @@ -490,6 +490,22 @@ def table(): "all_clients_active_percentage" ] = all_clients_active_percentage statistics["total_duration_s"] = duration_s + + agg_all_active = agg.filter(pl.col("sendTime") > latest_start).filter( + pl.col("receiveTime") < earliest_end + ) + all_active_duration_s = (earliest_end - latest_start).total_seconds() + all_active_throughput = len(agg_all_active) / duration_s + statistics[ + "all_clients_active_average_throughput_tx/s" + ] = all_active_throughput + writes = len( + agg_all_active.filter(pl.col("request").bin.starts_with(b"PUT ")) + ) + statistics["all_clients_active_write_fraction"] = writes / len( + agg_all_active + ) + statistics_path = os.path.join(network.common_dir, "statistics.json") with open(statistics_path, "w") as f: json.dump(statistics, f, indent=2) diff --git a/tests/infra/piccolo/generator.py b/tests/infra/piccolo/generator.py index df7b35c1eb0b..6914d3d2ec69 100644 --- a/tests/infra/piccolo/generator.py +++ b/tests/infra/piccolo/generator.py @@ -38,7 +38,7 @@ def append( headers["content-type"] = content_type # Convert body to bytes if we were given a string - if type(body) == str: + if isinstance(body, str): body = body.encode("utf-8") request_line = f"{verb.upper()} {path} {http_version}"