Skip to content

feat: Analyze manifests concurrently

Lucas Charles requested to merge process-manifests-concurrently into master

What does this MR do?

Previous logic ran sequential kubesec scans for each manifest. This update changes the analyzer logic to scan each concurrently and concatenate the results

Before

time docker run: 12.346 total 
❯ time docker run --rm --volume "$PWD":/tmp/app --env GITLAB_FEATURES="sast_custom_rulesets,vulnerability_finding_signatures" --env CI_PROJECT_DIR="/tmp/app" kubesec:master
[INFO] [Kubesec] [2021-10-29T21:31:14Z] ▶ GitLab Kubesec analyzer v2.15.0
[INFO] [Kubesec] [2021-10-29T21:31:14Z] ▶ Detecting project
[INFO] [Kubesec] [2021-10-29T21:31:14Z] ▶ Found project in /tmp/app

[INFO] [Kubesec] [2021-10-29T21:31:14Z] ▶ Running analyzer
[INFO] [Kubesec] [2021-10-29T21:31:14Z] ▶ Searching /tmp/app for Kubernetes manifests.

[INFO] [Kubesec] [2021-10-29T21:31:26Z] ▶ Creating report
docker run --rm --volume "$PWD":/tmp/app --env  --env  kubesec:master  0.14s user 0.10s system 1% cpu 12.346 total

After

time docker run: 0.844 total 
❯ time docker run --rm --volume "$PWD":/tmp/app --env GITLAB_FEATURES="sast_custom_rulesets,vulnerability_finding_signatures" --env CI_PROJECT_DIR="/tmp/app" kubesec:master
[INFO] [Kubesec] [2021-10-29T21:30:51Z] ▶ GitLab Kubesec analyzer v2.15.0
[INFO] [Kubesec] [2021-10-29T21:30:51Z] ▶ Detecting project
[INFO] [Kubesec] [2021-10-29T21:30:51Z] ▶ Found project in /tmp/app

[INFO] [Kubesec] [2021-10-29T21:30:51Z] ▶ Running analyzer
[INFO] [Kubesec] [2021-10-29T21:30:51Z] ▶ Searching /tmp/app for Kubernetes manifests.

[INFO] [Kubesec] [2021-10-29T21:30:51Z] ▶ Creating report
docker run --rm --volume "$PWD":/tmp/app --env  --env  kubesec:master  0.13s user 0.07s system 23% cpu 0.844 total

What are the relevant issue numbers?

Does this MR meet the acceptance criteria?

Edited by Lucas Charles

Merge request reports