Track security scan report size in snowplow
Why are we doing this work
Security scan jobs that produce large reports can cause performance issues and timeouts (e.g. #331679 (closed)).
We'd like to collect size information for scan reports so that we can introduce a size limit that will minimise impact to users.
Relevant links
Non-functional requirements
-
Documentation: -
Feature flag: -
Performance: -
Testing:
Implementation plan
-
Add a new version of the IGLU Secure metric schema to include new fields: report_size
findings_count
-
Update the schema version in the TrackScanService. -
Add report size
toSecurity::Report
, this should come fromci_job_artifacts.size
. -
Add new fields to data_to_track
:-
report_size
-
findings_count
(this should correspond toreport.findings.count
)
-
-
Add a histogram of report size to the periscope Secure Scan Metrics dashboard. The chart should use the secure_scans
view and be filtered by the filters on the dashboard, i.e.FROM [secure_scans] SELECT ... WHERE [analyzer=Analyzer] AND [scanner=Scanner] AND [scan_type=ScanType] AND [start_time=daterange]
-
As above for findings_count
. -
Using Snowplow Micro, verify that the metrics can be tracked locally. Note that the metrics will not be tracked if it doesn't conform to the schema or the schema has not been released.
Edited by Thiago Figueiró