Improve performance of license scanning report generation
Problem to solve
Generating license scanning reports is resource and time consuming.
Multiple users have reported issues with this ( Rack::Timeout::RequestTimeoutException on parti... (#435272 - closed)). The issue can be resolved in the short term by removing the synchronous call to the report which allowed the pipeline page to load, but the problem will still exist for other license scanning requests. Note: this would apply to generating the security report via CVS as well.
As a result, a way to improve the performance of generating these reports is necessary.
Proposal
Several backend possibilities can be discussed:
- Setting a maximum on the number of components evaluated.
- Generate the report in a background job when the pipeline finishes.
- Improve component performance
- Improve version matching performance (
PipelineComponents
,LicenseScanning
,SbomReport
,semver_dialects
etc.) - Add caching of reports or report components
- Improve version matching performance (
- Improve database performance
- Optimize tables, indexes, queries.