Add execution duration metric for ProcessScanResultPolicyWorker

changed milestone to %16.7

added Category:Security Policy Management backend devopsgovern groupsecurity policies maintenancetest-gap sectionsec spike typemaintenance workflowready for development + 1 deleted label

assigned to @bauerdominic

added 1299 commits

4cfb1edc...2ec60caa - 1298 commits from branch master
215fd220 - Add execution duration metric for ProcessScanResultPolicyWorker

Compare with previous version

@sashi_kumar Could you please review backend? This addresses two suggestions you had re dashboards (#433408 (comment 1684227084)):

Security::CreateOrchestrationPolicyWorker is called every 10 minutes, but we want the duration of the worker to be less than 10 minutes inorder not to have cascading -> maybe we can have a dashboard with the duration > 10 minutes. Similarly for Security::OrchestrationPolicyRuleScheduleWorker which is scheduled every 15 mins

Number of Security::ProcessScanResultPolicyWorker jobs scheduled for a configuration_id over a period of time. This would help us to identify if a heavy group does multiple syncs over a period of time We can enable alerts from kibana for those queries/dashboard

We can derive the top N configuration_ids from this histogram as well as the top N most expensive ones.

@rdickenson Could you please review documentation?

requested review from @sashi_kumar and @rdickenson

added documentation label

2 Messages

📖

CHANGELOG missing:

If this merge request needs a changelog entry, add the Changelog trailer to the commit message you want to add to the changelog.

If this merge request doesn't need a CHANGELOG entry, feel free to ignore this message.

📖 This merge request adds or changes documentation files. A review from the Technical Writing team before you merge is recommended. Reviews can happen after you merge.

Documentation review

The following files require a review from a technical writer:

doc/administration/monitoring/prometheus/gitlab_metrics.md (Link to current live version)

The review does not need to block merging this merge request. See the:

Metadata for the *.md files that you've changed. The first few lines of each *.md file identify the stage and group most closely associated with your docs change.
The Technical Writer assigned for that stage and group.
Documentation workflows for information on when to assign a merge request for review.

Reviewer roulette

Changes that require review have been detected!

Please refer to the table below for assigning reviewers and maintainers suggested by Danger in the specified category:

Category	Reviewer	Maintainer
backend	`@rkumar555` (UTC+1, same timezone as author)	`@eurie` (UTC-5, 6 hours behind author)

Please check reviewer's status!

Reviewer is available!
Reviewer is unavailable!

Feel free to override these selections if you think someone else would be better-suited or use the GitLab Review Workload Dashboard to find other available reviewers.

To read more on how to use the reviewer roulette, please take a look at the Engineering workflow and code review guidelines. Please consider assigning a reviewer or maintainer who is a domain expert in the area of the merge request.

Once you've decided who will review this merge request, assign them as a reviewer! Danger does not automatically notify them for you.

If needed, you can retry the 🔁 danger-review job that generated this comment.

Generated by 🚫 Danger

E2E Test Result Summary

allure-report-publisher generated test report!

e2e-test-on-gdk: ✅ test report for 215fd220

expand test summary

+-----------------------------------------------------------------------+
|                            suites summary                             |
+------------------+--------+--------+---------+-------+-------+--------+
|                  | passed | failed | skipped | flaky | total | result |
+------------------+--------+--------+---------+-------+-------+--------+
| Create           | 54     | 0      | 7       | 0     | 61    | ✅     |
| Govern           | 57     | 0      | 0       | 0     | 57    | ✅     |
| Verify           | 31     | 0      | 0       | 0     | 31    | ✅     |
| Package          | 5      | 0      | 1       | 0     | 6     | ✅     |
| Data Stores      | 23     | 0      | 0       | 0     | 23    | ✅     |
| Plan             | 55     | 0      | 0       | 0     | 55    | ✅     |
| Framework sanity | 0      | 0      | 1       | 0     | 1     | ➖     |
| Analytics        | 2      | 0      | 0       | 0     | 2     | ✅     |
| Monitor          | 8      | 0      | 0       | 0     | 8     | ✅     |
| Release          | 5      | 0      | 0       | 0     | 5     | ✅     |
| Manage           | 0      | 0      | 1       | 0     | 1     | ➖     |
+------------------+--------+--------+---------+-------+-------+--------+
| Total            | 240    | 0      | 10      | 0     | 250   | ✅     |
+------------------+--------+--------+---------+-------+-------+--------+

e2e-package-and-test: ✅ test report for 215fd220

expand test summary

+-----------------------------------------------------------------------+
|                            suites summary                             |
+------------------+--------+--------+---------+-------+-------+--------+
|                  | passed | failed | skipped | flaky | total | result |
+------------------+--------+--------+---------+-------+-------+--------+
| Govern           | 298    | 0      | 20      | 6     | 318   | ✅     |
| Create           | 149    | 0      | 16      | 1     | 165   | ✅     |
| Package          | 0      | 0      | 2       | 0     | 2     | ➖     |
| Framework sanity | 0      | 0      | 2       | 0     | 2     | ➖     |
| Plan             | 8      | 0      | 0       | 0     | 8     | ✅     |
| Monitor          | 8      | 0      | 0       | 0     | 8     | ✅     |
| Data Stores      | 4      | 0      | 0       | 0     | 4     | ✅     |
+------------------+--------+--------+---------+-------+-------+--------+
| Total            | 467    | 0      | 40      | 7     | 507   | ✅     |
+------------------+--------+--------+---------+-------+-------+--------+

approved this merge request

👋 @sashi_kumar, thanks for approving this merge request.

This is the first time the merge request has been approved. To ensure we don't only run predictive pipelines, and we don't break master, a new pipeline will be started shortly.

Please wait for the pipeline to start before resolving this discussion and set auto-merge for the new pipeline. See merging a merge request for more details.