WARNING: THIS SITE IS A MIRROR OF GITHUB.COM / IT CANNOT LOGIN OR REGISTER ACCOUNTS / THE CONTENTS ARE PROVIDED AS-IS / THIS SITE ASSUMES NO RESPONSIBILITY FOR ANY DISPLAYED CONTENT OR LINKS / IF YOU FOUND SOMETHING MAY NOT GOOD FOR EVERYONE, CONTACT ADMIN AT ilovescratch@foxmail.com
Skip to content

Fix API Security sampling in standalone mode #10165

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jandro996 merged 10 commits into from
Dec 12, 2025
Merged

Fix API Security sampling in standalone mode #10165

jandro996 merged 10 commits into from
Dec 12, 2025
+189 −2

Conversation

@jandro996
Copy link
Member

@jandro996 jandro996 commented Dec 11, 2025
edited
Loading

What Does This Do

Fix the API security sampling in standalone mode (APM tracing disabled).
Since we decided that, at the end of the request, if the pre-sample chooses to retain the trace we will add the asm.keep and propagation tags for ASM in standalone mode, we also need to keep that same decision in the sample method. This avoids inconsistencies in concurrent threads under high load scenarios where the post-processor might be delayed.

Added a bit of extra complexity to get more detailed logs through logSamplingDecision. This should make it easier to troubleshoot future sampling issues

Motivation

API Security standalone system tests were failing intermittently in CI with _sampling_priority_v1 set to 2, in traces that should be not retained due to API Security sampling

Related with APPSEC-57815

Additional Notes

tested in https://github.com/DataDog/system-tests/actions/runs/20127087811/job/57783265656

Contributor Checklist

Jira ticket: [PROJ-IDENT]

@jandro996 jandro996 added tag: do not merge Do not merge changes tag: no release notes Changes to exclude from release notes comp: asm waf Application Security Management (WAF) labels Dec 11, 2025
@pr-commenter
Copy link

pr-commenter bot commented Dec 11, 2025
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/test_api_sec_sampling
git_commit_date 1765502485 1765526297
git_commit_sha 766474f 4eeda5c
release_version 1.57.0-SNAPSHOT~766474f875 1.57.0-SNAPSHOT~4eeda5cac2
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1765528145 1765528145
ci_job_id 1289839091 1289839091
ci_pipeline_id 86412626 86412626
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-0-ji7kkg4k 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-0-ji7kkg4k 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module Agent Agent
parent None None

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 58 metrics, 7 unstable metrics.

Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.57.0-SNAPSHOT~4eeda5cac2, baseline=1.57.0-SNAPSHOT~766474f875

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.088 s) : 0, 1088118
Total [baseline] (10.973 s) : 0, 10973380
Agent [candidate] (1.089 s) : 0, 1089165
Total [candidate] (11.047 s) : 0, 11046555
section appsec
Agent [baseline] (1.275 s) : 0, 1275253
Total [baseline] (11.107 s) : 0, 11106839
Agent [candidate] (1.273 s) : 0, 1272547
Total [candidate] (11.034 s) : 0, 11034050
section iast
Agent [baseline] (1.224 s) : 0, 1224386
Total [baseline] (11.275 s) : 0, 11275331
Agent [candidate] (1.224 s) : 0, 1224226
Total [candidate] (11.201 s) : 0, 11201457
section profiling
Agent [baseline] (1.207 s) : 0, 1206828
Total [baseline] (10.937 s) : 0, 10936978
Agent [candidate] (1.219 s) : 0, 1218536
Total [candidate] (10.942 s) : 0, 10942217
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.088 s -
Agent appsec 1.275 s 187.134 ms (17.2%)
Agent iast 1.224 s 136.267 ms (12.5%)
Agent profiling 1.207 s 118.71 ms (10.9%)
Total tracing 10.973 s -
Total appsec 11.107 s 133.458 ms (1.2%)
Total iast 11.275 s 301.951 ms (2.8%)
Total profiling 10.937 s -36.402 ms (-0.3%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.089 s -
Agent appsec 1.273 s 183.383 ms (16.8%)
Agent iast 1.224 s 135.061 ms (12.4%)
Agent profiling 1.219 s 129.371 ms (11.9%)
Total tracing 11.047 s -
Total appsec 11.034 s -12.506 ms (-0.1%)
Total iast 11.201 s 154.902 ms (1.4%)
Total profiling 10.942 s -104.338 ms (-0.9%) 
gantt
    title petclinic - break down per module: candidate=1.57.0-SNAPSHOT~4eeda5cac2, baseline=1.57.0-SNAPSHOT~766474f875

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.211 ms) : 0, 1211
crashtracking [candidate] (1.204 ms) : 0, 1204
BytebuddyAgent [baseline] (653.558 ms) : 0, 653558
BytebuddyAgent [candidate] (653.64 ms) : 0, 653640
GlobalTracer [baseline] (283.239 ms) : 0, 283239
GlobalTracer [candidate] (283.893 ms) : 0, 283893
AppSec [baseline] (32.651 ms) : 0, 32651
AppSec [candidate] (32.568 ms) : 0, 32568
Debugger [baseline] (68.521 ms) : 0, 68521
Debugger [candidate] (68.617 ms) : 0, 68617
Remote Config [baseline] (639.28 µs) : 0, 639
Remote Config [candidate] (648.501 µs) : 0, 649
Telemetry [baseline] (8.982 ms) : 0, 8982
Telemetry [candidate] (9.086 ms) : 0, 9086
Flare Poller [baseline] (3.693 ms) : 0, 3693
Flare Poller [candidate] (3.793 ms) : 0, 3793
section appsec
crashtracking [baseline] (1.19 ms) : 0, 1190
crashtracking [candidate] (1.19 ms) : 0, 1190
BytebuddyAgent [baseline] (694.76 ms) : 0, 694760
BytebuddyAgent [candidate] (694.738 ms) : 0, 694738
GlobalTracer [baseline] (260.239 ms) : 0, 260239
GlobalTracer [candidate] (260.344 ms) : 0, 260344
IAST [baseline] (24.8 ms) : 0, 24800
IAST [candidate] (24.818 ms) : 0, 24818
AppSec [baseline] (175.553 ms) : 0, 175553
AppSec [candidate] (174.917 ms) : 0, 174917
Debugger [baseline] (68.874 ms) : 0, 68874
Debugger [candidate] (67.146 ms) : 0, 67146
Remote Config [baseline] (711.109 µs) : 0, 711
Remote Config [candidate] (728.87 µs) : 0, 729
Telemetry [baseline] (9.319 ms) : 0, 9319
Telemetry [candidate] (9.12 ms) : 0, 9120
Flare Poller [baseline] (4.04 ms) : 0, 4040
Flare Poller [candidate] (3.907 ms) : 0, 3907
section iast
crashtracking [baseline] (1.193 ms) : 0, 1193
crashtracking [candidate] (1.204 ms) : 0, 1204
BytebuddyAgent [baseline] (791.875 ms) : 0, 791875
BytebuddyAgent [candidate] (792.73 ms) : 0, 792730
GlobalTracer [baseline] (256.208 ms) : 0, 256208
GlobalTracer [candidate] (256.088 ms) : 0, 256088
IAST [baseline] (27.047 ms) : 0, 27047
IAST [candidate] (26.957 ms) : 0, 26957
AppSec [baseline] (35.05 ms) : 0, 35050
AppSec [candidate] (34.048 ms) : 0, 34048
Debugger [baseline] (65.115 ms) : 0, 65115
Debugger [candidate] (65.415 ms) : 0, 65415
Remote Config [baseline] (547.928 µs) : 0, 548
Remote Config [candidate] (538.958 µs) : 0, 539
Telemetry [baseline] (8.419 ms) : 0, 8419
Telemetry [candidate] (8.395 ms) : 0, 8395
Flare Poller [baseline] (3.47 ms) : 0, 3470
Flare Poller [candidate] (3.456 ms) : 0, 3456
section profiling
crashtracking [baseline] (1.187 ms) : 0, 1187
crashtracking [candidate] (1.209 ms) : 0, 1209
BytebuddyAgent [baseline] (702.185 ms) : 0, 702185
BytebuddyAgent [candidate] (712.192 ms) : 0, 712192
GlobalTracer [baseline] (221.108 ms) : 0, 221108
GlobalTracer [candidate] (222.819 ms) : 0, 222819
AppSec [baseline] (32.175 ms) : 0, 32175
AppSec [candidate] (32.4 ms) : 0, 32400
Debugger [baseline] (68.93 ms) : 0, 68930
Debugger [candidate] (69.101 ms) : 0, 69101
Remote Config [baseline] (651.533 µs) : 0, 652
Remote Config [candidate] (627.917 µs) : 0, 628
Telemetry [baseline] (9.104 ms) : 0, 9104
Telemetry [candidate] (8.948 ms) : 0, 8948
Flare Poller [baseline] (3.799 ms) : 0, 3799
Flare Poller [candidate] (3.744 ms) : 0, 3744
ProfilingAgent [baseline] (97.604 ms) : 0, 97604
ProfilingAgent [candidate] (96.687 ms) : 0, 96687
Profiling [baseline] (98.177 ms) : 0, 98177
Profiling [candidate] (97.255 ms) : 0, 97255
Loading
Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.57.0-SNAPSHOT~4eeda5cac2, baseline=1.57.0-SNAPSHOT~766474f875

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.086 s) : 0, 1086263
Total [baseline] (8.808 s) : 0, 8808052
Agent [candidate] (1.089 s) : 0, 1088848
Total [candidate] (8.774 s) : 0, 8774310
section iast
Agent [baseline] (1.23 s) : 0, 1229920
Total [baseline] (9.43 s) : 0, 9429814
Agent [candidate] (1.222 s) : 0, 1222022
Total [candidate] (9.391 s) : 0, 9390916
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.086 s -
Agent iast 1.23 s 143.657 ms (13.2%)
Total tracing 8.808 s -
Total iast 9.43 s 621.762 ms (7.1%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.089 s -
Agent iast 1.222 s 133.174 ms (12.2%)
Total tracing 8.774 s -
Total iast 9.391 s 616.605 ms (7.0%) 
gantt
    title insecure-bank - break down per module: candidate=1.57.0-SNAPSHOT~4eeda5cac2, baseline=1.57.0-SNAPSHOT~766474f875

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.19 ms) : 0, 1190
crashtracking [candidate] (1.192 ms) : 0, 1192
BytebuddyAgent [baseline] (652.613 ms) : 0, 652613
BytebuddyAgent [candidate] (653.912 ms) : 0, 653912
GlobalTracer [baseline] (283.045 ms) : 0, 283045
GlobalTracer [candidate] (283.977 ms) : 0, 283977
AppSec [baseline] (32.567 ms) : 0, 32567
AppSec [candidate] (32.729 ms) : 0, 32729
Debugger [baseline] (67.739 ms) : 0, 67739
Debugger [candidate] (67.919 ms) : 0, 67919
Remote Config [baseline] (648.686 µs) : 0, 649
Remote Config [candidate] (648.875 µs) : 0, 649
Telemetry [baseline] (9.071 ms) : 0, 9071
Telemetry [candidate] (8.941 ms) : 0, 8941
Flare Poller [baseline] (3.75 ms) : 0, 3750
Flare Poller [candidate] (3.741 ms) : 0, 3741
section iast
crashtracking [baseline] (1.195 ms) : 0, 1195
crashtracking [candidate] (1.183 ms) : 0, 1183
BytebuddyAgent [baseline] (796.318 ms) : 0, 796318
BytebuddyAgent [candidate] (790.91 ms) : 0, 790910
GlobalTracer [baseline] (256.804 ms) : 0, 256804
GlobalTracer [candidate] (255.749 ms) : 0, 255749
IAST [baseline] (27.064 ms) : 0, 27064
IAST [candidate] (26.791 ms) : 0, 26791
AppSec [baseline] (33.727 ms) : 0, 33727
AppSec [candidate] (34.462 ms) : 0, 34462
Debugger [baseline] (66.594 ms) : 0, 66594
Debugger [candidate] (65.013 ms) : 0, 65013
Remote Config [baseline] (556.227 µs) : 0, 556
Remote Config [candidate] (542.369 µs) : 0, 542
Telemetry [baseline] (8.58 ms) : 0, 8580
Telemetry [candidate] (8.326 ms) : 0, 8326
Flare Poller [baseline] (3.563 ms) : 0, 3563
Flare Poller [candidate] (3.445 ms) : 0, 3445
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/test_api_sec_sampling
git_commit_date 1765502485 1765526297
git_commit_sha 766474f 4eeda5c
release_version 1.57.0-SNAPSHOT~766474f875 1.57.0-SNAPSHOT~4eeda5cac2
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1765528627 1765528627
ci_job_id 1289839092 1289839092
ci_pipeline_id 86412626 86412626
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-1-z1d1cpz2 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-1-z1d1cpz2 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 0 performance improvements and 3 performance regressions! Performance is the same for 16 metrics, 17 unstable metrics.

scenario Δ mean agg_http_req_duration_p50 Δ mean agg_http_req_duration_p95 Δ mean throughput candidate mean agg_http_req_duration_p50 candidate mean agg_http_req_duration_p95 candidate mean throughput baseline mean agg_http_req_duration_p50 baseline mean agg_http_req_duration_p95 baseline mean throughput
scenario:load:petclinic:appsec:high_load worse
[+0.917ms; +1.962ms] or [+5.072%; +10.851%]		 unsure
[+0.530ms; +1.999ms] or [+1.772%; +6.690%]		 unstable
[-42.483op/s; +11.921op/s] or [-16.811%; +4.717%]		 19.519ms 31.144ms 237.438op/s 18.080ms 29.880ms 252.719op/s
scenario:load:petclinic:profiling:high_load worse
[+0.972ms; +1.815ms] or [+5.308%; +9.911%]		 worse
[+0.826ms; +2.560ms] or [+2.789%; +8.638%]		 unstable
[-42.894op/s; +11.394op/s] or [-17.096%; +4.541%]		 19.710ms 31.330ms 235.156op/s 18.316ms 29.637ms 250.906op/s
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.57.0-SNAPSHOT~4eeda5cac2, baseline=1.57.0-SNAPSHOT~766474f875
    dateFormat X
    axisFormat %s
section baseline
no_agent (18.203 ms) : 18015, 18392
.   : milestone, 18203,
appsec (18.466 ms) : 18278, 18654
.   : milestone, 18466,
code_origins (18.012 ms) : 17834, 18190
.   : milestone, 18012,
iast (17.713 ms) : 17535, 17891
.   : milestone, 17713,
profiling (18.605 ms) : 18421, 18789
.   : milestone, 18605,
tracing (17.64 ms) : 17467, 17814
.   : milestone, 17640,
section candidate
no_agent (17.284 ms) : 17111, 17458
.   : milestone, 17284,
appsec (19.664 ms) : 19462, 19867
.   : milestone, 19664,
code_origins (17.933 ms) : 17751, 18114
.   : milestone, 17933,
iast (18.067 ms) : 17888, 18247
.   : milestone, 18067,
profiling (19.852 ms) : 19649, 20055
.   : milestone, 19852,
tracing (17.96 ms) : 17779, 18140
.   : milestone, 17960,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 18.203 ms [18.015 ms, 18.392 ms] -
appsec 18.466 ms [18.278 ms, 18.654 ms] 262.46 µs (1.4%)
code_origins 18.012 ms [17.834 ms, 18.19 ms] -191.378 µs (-1.1%)
iast 17.713 ms [17.535 ms, 17.891 ms] -490.368 µs (-2.7%)
profiling 18.605 ms [18.421 ms, 18.789 ms] 401.764 µs (2.2%)
tracing 17.64 ms [17.467 ms, 17.814 ms] -563.278 µs (-3.1%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 17.284 ms [17.111 ms, 17.458 ms] -
appsec 19.664 ms [19.462 ms, 19.867 ms] 2.38 ms (13.8%)
code_origins 17.933 ms [17.751 ms, 18.114 ms] 648.219 µs (3.8%)
iast 18.067 ms [17.888 ms, 18.247 ms] 782.807 µs (4.5%)
profiling 19.852 ms [19.649 ms, 20.055 ms] 2.567 ms (14.9%)
tracing 17.96 ms [17.779 ms, 18.14 ms] 675.286 µs (3.9%)
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.57.0-SNAPSHOT~4eeda5cac2, baseline=1.57.0-SNAPSHOT~766474f875
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.212 ms) : 1200, 1224
.   : milestone, 1212,
iast (3.099 ms) : 3060, 3138
.   : milestone, 3099,
iast_FULL (5.599 ms) : 5544, 5653
.   : milestone, 5599,
iast_GLOBAL (3.555 ms) : 3499, 3612
.   : milestone, 3555,
profiling (2.032 ms) : 2013, 2050
.   : milestone, 2032,
tracing (1.884 ms) : 1868, 1901
.   : milestone, 1884,
section candidate
no_agent (1.189 ms) : 1178, 1200
.   : milestone, 1189,
iast (3.116 ms) : 3073, 3158
.   : milestone, 3116,
iast_FULL (5.725 ms) : 5668, 5782
.   : milestone, 5725,
iast_GLOBAL (3.468 ms) : 3419, 3518
.   : milestone, 3468,
profiling (1.933 ms) : 1917, 1949
.   : milestone, 1933,
tracing (1.789 ms) : 1775, 1803
.   : milestone, 1789,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.212 ms [1.2 ms, 1.224 ms] -
iast 3.099 ms [3.06 ms, 3.138 ms] 1.887 ms (155.8%)
iast_FULL 5.599 ms [5.544 ms, 5.653 ms] 4.387 ms (362.1%)
iast_GLOBAL 3.555 ms [3.499 ms, 3.612 ms] 2.344 ms (193.4%)
profiling 2.032 ms [2.013 ms, 2.05 ms] 820.053 µs (67.7%)
tracing 1.884 ms [1.868 ms, 1.901 ms] 672.623 µs (55.5%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.189 ms [1.178 ms, 1.2 ms] -
iast 3.116 ms [3.073 ms, 3.158 ms] 1.926 ms (162.0%)
iast_FULL 5.725 ms [5.668 ms, 5.782 ms] 4.536 ms (381.4%)
iast_GLOBAL 3.468 ms [3.419 ms, 3.518 ms] 2.279 ms (191.7%)
profiling 1.933 ms [1.917 ms, 1.949 ms] 743.956 µs (62.6%)
tracing 1.789 ms [1.775 ms, 1.803 ms] 600.209 µs (50.5%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/test_api_sec_sampling
git_commit_date 1765502485 1765526297
git_commit_sha 766474f 4eeda5c
release_version 1.57.0-SNAPSHOT~766474f875 1.57.0-SNAPSHOT~4eeda5cac2
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1765528531 1765528531
ci_job_id 1289839093 1289839093
ci_pipeline_id 86412626 86412626
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-2-2fen56mw 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-2-2fen56mw 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 1 unstable metrics.

Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.57.0-SNAPSHOT~4eeda5cac2, baseline=1.57.0-SNAPSHOT~766474f875
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.335 s) : 15335000, 15335000
.   : milestone, 15335000,
appsec (14.962 s) : 14962000, 14962000
.   : milestone, 14962000,
iast (18.251 s) : 18251000, 18251000
.   : milestone, 18251000,
iast_GLOBAL (17.782 s) : 17782000, 17782000
.   : milestone, 17782000,
profiling (14.822 s) : 14822000, 14822000
.   : milestone, 14822000,
tracing (14.837 s) : 14837000, 14837000
.   : milestone, 14837000,
section candidate
no_agent (15.112 s) : 15112000, 15112000
.   : milestone, 15112000,
appsec (14.815 s) : 14815000, 14815000
.   : milestone, 14815000,
iast (17.903 s) : 17903000, 17903000
.   : milestone, 17903000,
iast_GLOBAL (17.831 s) : 17831000, 17831000
.   : milestone, 17831000,
profiling (14.711 s) : 14711000, 14711000
.   : milestone, 14711000,
tracing (14.711 s) : 14711000, 14711000
.   : milestone, 14711000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.335 s [15.335 s, 15.335 s] -
appsec 14.962 s [14.962 s, 14.962 s] -373.0 ms (-2.4%)
iast 18.251 s [18.251 s, 18.251 s] 2.916 s (19.0%)
iast_GLOBAL 17.782 s [17.782 s, 17.782 s] 2.447 s (16.0%)
profiling 14.822 s [14.822 s, 14.822 s] -513.0 ms (-3.3%)
tracing 14.837 s [14.837 s, 14.837 s] -498.0 ms (-3.2%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.112 s [15.112 s, 15.112 s] -
appsec 14.815 s [14.815 s, 14.815 s] -297.0 ms (-2.0%)
iast 17.903 s [17.903 s, 17.903 s] 2.791 s (18.5%)
iast_GLOBAL 17.831 s [17.831 s, 17.831 s] 2.719 s (18.0%)
profiling 14.711 s [14.711 s, 14.711 s] -401.0 ms (-2.7%)
tracing 14.711 s [14.711 s, 14.711 s] -401.0 ms (-2.7%)
Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.57.0-SNAPSHOT~4eeda5cac2, baseline=1.57.0-SNAPSHOT~766474f875
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.484 ms) : 1473, 1496
.   : milestone, 1484,
appsec (3.743 ms) : 3523, 3963
.   : milestone, 3743,
iast (2.222 ms) : 2158, 2286
.   : milestone, 2222,
iast_GLOBAL (2.266 ms) : 2201, 2331
.   : milestone, 2266,
profiling (2.068 ms) : 2016, 2120
.   : milestone, 2068,
tracing (2.054 ms) : 2003, 2104
.   : milestone, 2054,
section candidate
no_agent (1.485 ms) : 1473, 1496
.   : milestone, 1485,
appsec (3.756 ms) : 3536, 3976
.   : milestone, 3756,
iast (2.216 ms) : 2151, 2280
.   : milestone, 2216,
iast_GLOBAL (2.263 ms) : 2198, 2328
.   : milestone, 2263,
profiling (2.082 ms) : 2029, 2134
.   : milestone, 2082,
tracing (2.058 ms) : 2007, 2108
.   : milestone, 2058,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.484 ms [1.473 ms, 1.496 ms] -
appsec 3.743 ms [3.523 ms, 3.963 ms] 2.258 ms (152.2%)
iast 2.222 ms [2.158 ms, 2.286 ms] 737.515 µs (49.7%)
iast_GLOBAL 2.266 ms [2.201 ms, 2.331 ms] 781.867 µs (52.7%)
profiling 2.068 ms [2.016 ms, 2.12 ms] 583.423 µs (39.3%)
tracing 2.054 ms [2.003 ms, 2.104 ms] 569.243 µs (38.3%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.485 ms [1.473 ms, 1.496 ms] -
appsec 3.756 ms [3.536 ms, 3.976 ms] 2.272 ms (153.0%)
iast 2.216 ms [2.151 ms, 2.28 ms] 731.133 µs (49.2%)
iast_GLOBAL 2.263 ms [2.198 ms, 2.328 ms] 777.988 µs (52.4%)
profiling 2.082 ms [2.029 ms, 2.134 ms] 596.718 µs (40.2%)
tracing 2.058 ms [2.007 ms, 2.108 ms] 572.711 µs (38.6%)

@jandro996 jandro996 changed the title TEST FLAKYNESS Fix API Security sampling in standalone mode Dec 11, 2025
@jandro996 jandro996 added type: bug Bug report and fix and removed tag: do not merge Do not merge changes tag: no release notes Changes to exclude from release notes labels Dec 11, 2025
@jandro996 jandro996 mentioned this pull request Dec 11, 2025
Closed
@jandro996 jandro996 requested a review from smola December 11, 2025 15:29
smola
smola approved these changes Dec 11, 2025
View reviewed changes
Copy link
Member

@smola smola left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, just a comment on the log format.

@jandro996 jandro996 marked this pull request as ready for review December 11, 2025 15:39
@jandro996 jandro996 requested a review from a team as a code owner December 11, 2025 15:39
chatgpt-codex-connector[bot]
chatgpt-codex-connector bot reviewed Dec 11, 2025
View reviewed changes
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

@jandro996 jandro996 enabled auto-merge (squash) December 11, 2025 16:29
@jandro996 jandro996 merged commit 552ae2b into master Dec 12, 2025
550 checks passed
@jandro996 jandro996 deleted the alejandro.gonzalez/test_api_sec_sampling branch December 12, 2025 08:55
@github-actions github-actions bot added this to the 1.57.0 milestone Dec 12, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

@smola smola smola approved these changes

@manuel-alvarez-alvarez manuel-alvarez-alvarez Awaiting requested review from manuel-alvarez-alvarez manuel-alvarez-alvarez is a code owner automatically assigned from DataDog/asm-java

@claponcet claponcet Awaiting requested review from claponcet claponcet is a code owner automatically assigned from DataDog/asm-java

Assignees

No one assigned

Labels

comp: asm waf Application Security Management (WAF) type: bug Bug report and fix

Projects

None yet

Milestone

1.57.0

Development

Successfully merging this pull request may close these issues.

3 participants

@jandro996 @smola