Skip to content

Fixup a bunch of things#87

Merged
ctron merged 8 commits intoguacsec:mainfrom
ctron:feature/fixup_2
Feb 24, 2026
Merged

Fixup a bunch of things#87
ctron merged 8 commits intoguacsec:mainfrom
ctron:feature/fixup_2

Conversation

@ctron
Copy link
Copy Markdown
Contributor

@ctron ctron commented Feb 23, 2026

No description provided.

@ctron ctron requested a review from mrizzi February 23, 2026 16:08
ctron added 2 commits February 23, 2026 17:16
@ctron
chore: add context, helps when nothing was found
3ac1c4b
@ctron
fix: if there are no licenses, don't fail or generate empty results
67297d3 
We used to pick SBOMs which licenses. However, as RH's SBOMs no longer
contains licenses, we can't use that for generating the scenario file.
@helio-frota helio-frota self-requested a review February 24, 2026 10:35
@helio-frota
Copy link
Copy Markdown
Contributor

helio-frota commented Feb 24, 2026

it is working locally and I'm using the database from trustify etc/deploy directory with manual uploaded sboms and advsories.

nit: While following the steps from readme I noticed that is good to remove the dbpassword argument from this section
https://github.com/guacsec/trustify-scale-testing?tab=readme-ov-file#memory-profiling-with-heaptrack because the password was changed on this PR https://github.com/guacsec/trustify/pull/1086/changes

Could you please change from:

heaptrack ./trustd api --db-password eggs --devmode --auth-disabled

to:

heaptrack ./trustd api --devmode --auth-disabled

thanks 👍

10:53:20 [INFO] entering GooseAttack phase: Maintain
^C10:57:24 [WARN] caught ctrl-c, stopping...
10:57:25 [INFO] entering GooseAttack phase: Decrease
10:57:25 [INFO] exiting user 3 from WebsiteUser...
10:57:25 [INFO] exiting user 1 from RestAPIUserSlow...
10:57:25 [INFO] exiting user 2 from RestAPIUser...
10:57:25 [INFO] entering GooseAttack phase: Shutdown
10:57:25 [INFO] printing final metrics after 244 seconds...

 === PER SCENARIO METRICS ===
 ------------------------------------------------------------------------------
 Name                     |  # users |  # times run | scenarios/s | iterations
 ------------------------------------------------------------------------------
 1: WebsiteUser           |        1 |            4 |        0.02 |       4.00
 2: RestAPIUser           |        0 |            0 |        0.00 |        NaN
 3: RestAPIUserSlow       |        1 |            8 |        0.03 |       8.00
 4: RestAPIUserDelete     |        0 |            0 |        0.00 |        NaN
 5: RestAdvisoryLableUser |        0 |            0 |        0.00 |        NaN
 -------------------------+----------+--------------+-------------+------------
 Aggregated               |        2 |           12 |        0.05 |       6.00
 ------------------------------------------------------------------------------
 Name                     |    Avg (ms) |        Min |         Max |     Median
 ------------------------------------------------------------------------------
   1: WebsiteUser         |       58266 |     51,347 |      65,189 |     51,347
   2: RestAPIUser         |        0.00 |          0 |           0 |          0
   3: RestAPIUserSlow     |       29948 |     22,074 |      36,478 |     22,074
   4: RestAPIUserDelete   |        0.00 |          0 |           0 |          0
   5: RestAdvisoryLable.. |        0.00 |          0 |           0 |          0
 -------------------------+-------------+------------+-------------+-----------
 Aggregated               |       39388 |     22,074 |      65,189 |     22,074

 === PER TRANSACTION METRICS ===
 ------------------------------------------------------------------------------
 Name                     |   # times run |        # fails |  trans/s |  fail/s
 ------------------------------------------------------------------------------
 1: WebsiteUser          
   1: website_index       |             4 |         0 (0%) |     0.02 |    0.00
   2: website_openapi     |             5 |         0 (0%) |     0.02 |    0.00
   3: website_sboms       |             4 |         0 (0%) |     0.02 |    0.00
   4: website_packages    |             4 |         0 (0%) |     0.02 |    0.00
   5: website_advisories  |             4 |         0 (0%) |     0.02 |    0.00
   6: website_importers   |             4 |         0 (0%) |     0.02 |    0.00
 2: RestAPIUser          
   1: list_organizations  |             0 |         0 (0%) |     0.00 |    0.00
   2: list_advisory       |             1 |         0 (0%) |     0.00 |    0.00
   3: list_advisory_pag.. |             1 |         0 (0%) |     0.00 |    0.00
   4: get_advisory_by_d.. |             1 |         0 (0%) |     0.00 |    0.00
   5: search_advisory     |             1 |         0 (0%) |     0.00 |    0.00
   6: list_vulnerabilit.. |             1 |         0 (0%) |     0.00 |    0.00
   7: list_vulnerabilit.. |             1 |         0 (0%) |     0.00 |    0.00
   8: list_importer       |             1 |         0 (0%) |     0.00 |    0.00
   9: list_packages       |             1 |         0 (0%) |     0.00 |    0.00
   10: list_packages_pa.. |             1 |         0 (0%) |     0.00 |    0.00
   11: search_purls       |             1 |         0 (0%) |     0.00 |    0.00
   12: search_exact_purl  |             1 |         0 (0%) |     0.00 |    0.00
   13: list_products      |             1 |         0 (0%) |     0.00 |    0.00
   14: list_sboms         |             1 |         0 (0%) |     0.00 |    0.00
   15: list_sboms_pagin.. |             1 |         0 (0%) |     0.00 |    0.00
   16: get_analysis_sta.. |             1 |         0 (0%) |     0.00 |    0.00
   17: get_analysis_lat.. |             1 |         0 (0%) |     0.00 |    0.00
   18: list_advisory_la.. |             1 |         0 (0%) |     0.00 |    0.00
   19: get_sbom[sha256:.. |             1 |         0 (0%) |     0.00 |    0.00
   20: get_sbom_advisor.. |             1 |         0 (0%) |     0.00 |    0.00
   21: get_sbom_package.. |             1 |         0 (0%) |     0.00 |    0.00
   22: get_sbom_related.. |             1 |         0 (0%) |     0.00 |    0.00
   23: get_vulnerabilit.. |             1 |         0 (0%) |     0.00 |    0.00
   24: sbom_by_package[.. |             1 |         0 (0%) |     0.00 |    0.00
   25: get_sbom_license.. |             0 |         0 (0%) |     0.00 |    0.00
   26: post_vulnerabili.. |             0 |         0 (0%) |     0.00 |    0.00
   27: get_purl_details.. |             0 |         0 (0%) |     0.00 |    0.00
   28: get_recommendati.. |             0 |         0 (0%) |     0.00 |    0.00
   29: download_advisor.. |             0 |         0 (0%) |     0.00 |    0.00
   30: get_advisory[6e6.. |             0 |         0 (0%) |     0.00 |    0.00
 3: RestAPIUserSlow      
   1: search_licenses     |             8 |         0 (0%) |     0.03 |    0.00
   2: search_sboms_by_l.. |             8 |         0 (0%) |     0.03 |    0.00
   3: search_purls_by_l.. |             8 |         0 (0%) |     0.03 |    0.00
 4: RestAPIUserDelete    
   1: delete_sbom_from_.. |             0 |         0 (0%) |     0.00 |    0.00
 5: RestAdvisoryLableUser
   1: find_random_advis.. |             0 |         0 (0%) |     0.00 |    0.00
   2: put_advisory_labels |             0 |         0 (0%) |     0.00 |    0.00
   3: patch_advisory_la.. |             0 |         0 (0%) |     0.00 |    0.00
 -------------------------+---------------+----------------+----------+--------
 Aggregated               |            72 |         0 (0%) |     0.30 |    0.00
 ------------------------------------------------------------------------------
 Name                     |    Avg (ms) |        Min |         Max |     Median
 ------------------------------------------------------------------------------
 1: WebsiteUser          
   1: website_index       |        5.00 |          5 |           5 |          5
   2: website_openapi     |        6.00 |          6 |           6 |          6
   3: website_sboms       |        4.75 |          4 |           5 |          5
   4: website_packages    |        4.50 |          4 |           5 |          4
   5: website_advisories  |        2.75 |          1 |           5 |          1
   6: website_importers   |        4.25 |          2 |           5 |          5
 2: RestAPIUser          
   1: list_organizations  |        0.00 |          0 |           0 |          0
   2: list_advisory       |       73.00 |         73 |          73 |         73
   3: list_advisory_pag.. |       69.00 |         69 |          69 |         69
   4: get_advisory_by_d.. |       20.00 |         20 |          20 |         20
   5: search_advisory     |       32.00 |         32 |          32 |         32
   6: list_vulnerabilit.. |       96.00 |         96 |          96 |         96
   7: list_vulnerabilit.. |       22.00 |         22 |          22 |         22
   8: list_importer       |       17.00 |         17 |          17 |         17
   9: list_packages       |       22.00 |         22 |          22 |         22
   10: list_packages_pa.. |       28.00 |         28 |          28 |         28
   11: search_purls       |       52.00 |         52 |          52 |         52
   12: search_exact_purl  |       12.00 |         12 |          12 |         12
   13: list_products      |       31.00 |         31 |          31 |         31
   14: list_sboms         |      196.00 |        196 |         196 |        196
   15: list_sboms_pagin.. |        9.00 |          9 |           9 |          9
   16: get_analysis_sta.. |       15.00 |         15 |          15 |         15
   17: get_analysis_lat.. |       11.00 |         11 |          11 |         11
   18: list_advisory_la.. |       17.00 |         17 |          17 |         17
   19: get_sbom[sha256:.. |       60.00 |         60 |          60 |         60
   20: get_sbom_advisor.. |      109.00 |        109 |         109 |        109
   21: get_sbom_package.. |      176.00 |        176 |         176 |        176
   22: get_sbom_related.. |      228.00 |        228 |         228 |        228
   23: get_vulnerabilit.. |       83.00 |         83 |          83 |         83
   24: sbom_by_package[.. |       32.00 |         32 |          32 |         32
   25: get_sbom_license.. |        0.00 |          0 |           0 |          0
   26: post_vulnerabili.. |        0.00 |          0 |           0 |          0
   27: get_purl_details.. |        0.00 |          0 |           0 |          0
   28: get_recommendati.. |        0.00 |          0 |           0 |          0
   29: download_advisor.. |        0.00 |          0 |           0 |          0
   30: get_advisory[6e6.. |        0.00 |          0 |           0 |          0
 3: RestAPIUserSlow      
   1: search_licenses     |       83.00 |         65 |         111 |         77
   2: search_sboms_by_l.. |      338.12 |        314 |         391 |        320
   3: search_purls_by_l.. |       98.12 |         79 |         126 |         93
 4: RestAPIUserDelete    
   1: delete_sbom_from_.. |        0.00 |          0 |           0 |          0
 5: RestAdvisoryLableUser
   1: find_random_advis.. |        0.00 |          0 |           0 |          0
   2: put_advisory_labels |        0.00 |          0 |           0 |          0
   3: patch_advisory_la.. |        0.00 |          0 |           0 |          0
 -------------------------+-------------+------------+-------------+-----------
 Aggregated               |       78.88 |          1 |         391 |         31

 === PER REQUEST METRICS ===
 ------------------------------------------------------------------------------
 Name                     |        # reqs |        # fails |    req/s |  fail/s
 ------------------------------------------------------------------------------
 GET get_advisory_by_do.. |             1 |         0 (0%) |     0.00 |    0.00
 GET get_analysis_lates.. |             1 |         0 (0%) |     0.00 |    0.00
 GET get_analysis_status  |             1 |         0 (0%) |     0.00 |    0.00
 GET get_sbom[sha256:d6.. |             1 |         0 (0%) |     0.00 |    0.00
 GET get_sbom_advisorie.. |             1 |         0 (0%) |     0.00 |    0.00
 GET get_sbom_packages[.. |             1 |         0 (0%) |     0.00 |    0.00
 GET get_sbom_related[0.. |             1 |         0 (0%) |     0.00 |    0.00
 GET get_vulnerability[.. |             1 |         0 (0%) |     0.00 |    0.00
 GET list_advisory        |             1 |         0 (0%) |     0.00 |    0.00
 GET list_advisory_labels |             1 |         0 (0%) |     0.00 |    0.00
 GET list_advisory_pagi.. |             1 |         0 (0%) |     0.00 |    0.00
 GET list_importer        |             1 |         0 (0%) |     0.00 |    0.00
 GET list_packages        |             1 |         0 (0%) |     0.00 |    0.00
 GET list_packages_pagi.. |             1 |         0 (0%) |     0.00 |    0.00
 GET list_products        |             1 |         0 (0%) |     0.00 |    0.00
 GET list_sboms           |             1 |         0 (0%) |     0.00 |    0.00
 GET list_sboms_paginated |             1 |         0 (0%) |     0.00 |    0.00
 GET list_vulnerabilities |             1 |         0 (0%) |     0.00 |    0.00
 GET list_vulnerabiliti.. |             1 |         0 (0%) |     0.00 |    0.00
 GET sbom_by_package[pk.. |             1 |         0 (0%) |     0.00 |    0.00
 GET search_advisory      |             1 |         0 (0%) |     0.00 |    0.00
 GET search_exact_purl    |             1 |         0 (0%) |     0.00 |    0.00
 GET search_licenses      |             8 |         0 (0%) |     0.03 |    0.00
 GET search_purls         |             1 |         0 (0%) |     0.00 |    0.00
 GET search_purls_by_li.. |             8 |         0 (0%) |     0.03 |    0.00
 GET search_sboms_by_li.. |             8 |         0 (0%) |     0.03 |    0.00
 GET website_advisories   |             4 |         0 (0%) |     0.02 |    0.00
 GET website_importers    |             4 |         0 (0%) |     0.02 |    0.00
 GET website_index        |             4 |         0 (0%) |     0.02 |    0.00
 GET website_openapi      |             5 |         0 (0%) |     0.02 |    0.00
 GET website_packages     |             4 |         0 (0%) |     0.02 |    0.00
 GET website_sboms        |             4 |         0 (0%) |     0.02 |    0.00
 -------------------------+---------------+----------------+----------+--------
 Aggregated               |            72 |         0 (0%) |     0.30 |    0.00
 ------------------------------------------------------------------------------
 Name                     |    Avg (ms) |        Min |         Max |     Median
 ------------------------------------------------------------------------------
 GET get_advisory_by_do.. |       20.00 |         20 |          20 |         20
 GET get_analysis_lates.. |       11.00 |         11 |          11 |         11
 GET get_analysis_status  |       14.00 |         14 |          14 |         14
 GET get_sbom[sha256:d6.. |       59.00 |         59 |          59 |         59
 GET get_sbom_advisorie.. |      109.00 |        109 |         109 |        109
 GET get_sbom_packages[.. |      176.00 |        176 |         176 |        176
 GET get_sbom_related[0.. |      228.00 |        228 |         228 |        228
 GET get_vulnerability[.. |       83.00 |         83 |          83 |         83
 GET list_advisory        |       73.00 |         73 |          73 |         73
 GET list_advisory_labels |       17.00 |         17 |          17 |         17
 GET list_advisory_pagi.. |       69.00 |         69 |          69 |         69
 GET list_importer        |       16.00 |         16 |          16 |         16
 GET list_packages        |       22.00 |         22 |          22 |         22
 GET list_packages_pagi.. |       28.00 |         28 |          28 |         28
 GET list_products        |       31.00 |         31 |          31 |         31
 GET list_sboms           |      196.00 |        196 |         196 |        196
 GET list_sboms_paginated |        9.00 |          9 |           9 |          9
 GET list_vulnerabilities |       95.00 |         95 |          95 |         95
 GET list_vulnerabiliti.. |       21.00 |         21 |          21 |         21
 GET sbom_by_package[pk.. |       32.00 |         32 |          32 |         32
 GET search_advisory      |       32.00 |         32 |          32 |         32
 GET search_exact_purl    |       12.00 |         12 |          12 |         12
 GET search_licenses      |       83.00 |         65 |         111 |         77
 GET search_purls         |       52.00 |         52 |          52 |         52
 GET search_purls_by_li.. |       98.00 |         79 |         126 |         93
 GET search_sboms_by_li.. |      338.00 |        314 |         391 |        320
 GET website_advisories   |        2.75 |          1 |           5 |          1
 GET website_importers    |        3.75 |          2 |           5 |          4
 GET website_index        |        4.50 |          4 |           5 |          4
 GET website_openapi      |        6.00 |          6 |           6 |          6
 GET website_packages     |        4.25 |          4 |           5 |          4
 GET website_sboms        |        4.75 |          4 |           5 |          5
 -------------------------+-------------+------------+-------------+-----------
 Aggregated               |       78.71 |          1 |         391 |         31
 ------------------------------------------------------------------------------
 Slowest page load within specified percentile of requests (in ms):
 ------------------------------------------------------------------------------
 Name                     |    50% |    75% |    98% |    99% |  99.9% | 99.99%
 ------------------------------------------------------------------------------
 GET get_advisory_by_do.. |     20 |     20 |     20 |     20 |     20 |     20
 GET get_analysis_lates.. |     11 |     11 |     11 |     11 |     11 |     11
 GET get_analysis_status  |     14 |     14 |     14 |     14 |     14 |     14
 GET get_sbom[sha256:d6.. |     59 |     59 |     59 |     59 |     59 |     59
 GET get_sbom_advisorie.. |    109 |    109 |    109 |    109 |    109 |    109
 GET get_sbom_packages[.. |    176 |    176 |    176 |    176 |    176 |    176
 GET get_sbom_related[0.. |    228 |    228 |    228 |    228 |    228 |    228
 GET get_vulnerability[.. |     83 |     83 |     83 |     83 |     83 |     83
 GET list_advisory        |     73 |     73 |     73 |     73 |     73 |     73
 GET list_advisory_labels |     17 |     17 |     17 |     17 |     17 |     17
 GET list_advisory_pagi.. |     69 |     69 |     69 |     69 |     69 |     69
 GET list_importer        |     16 |     16 |     16 |     16 |     16 |     16
 GET list_packages        |     22 |     22 |     22 |     22 |     22 |     22
 GET list_packages_pagi.. |     28 |     28 |     28 |     28 |     28 |     28
 GET list_products        |     31 |     31 |     31 |     31 |     31 |     31
 GET list_sboms           |    196 |    196 |    196 |    196 |    196 |    196
 GET list_sboms_paginated |      9 |      9 |      9 |      9 |      9 |      9
 GET list_vulnerabilities |     95 |     95 |     95 |     95 |     95 |     95
 GET list_vulnerabiliti.. |     21 |     21 |     21 |     21 |     21 |     21
 GET sbom_by_package[pk.. |     32 |     32 |     32 |     32 |     32 |     32
 GET search_advisory      |     32 |     32 |     32 |     32 |     32 |     32
 GET search_exact_purl    |     12 |     12 |     12 |     12 |     12 |     12
 GET search_licenses      |     77 |     87 |    110 |    110 |    110 |    110
 GET search_purls         |     52 |     52 |     52 |     52 |     52 |     52
 GET search_purls_by_li.. |     93 |     95 |    126 |    126 |    126 |    126
 GET search_sboms_by_li.. |    320 |    330 |    390 |    390 |    390 |    390
 GET website_advisories   |      1 |      4 |      5 |      5 |      5 |      5
 GET website_importers    |      4 |      4 |      5 |      5 |      5 |      5
 GET website_index        |      4 |      5 |      5 |      5 |      5 |      5
 GET website_openapi      |      6 |      6 |      6 |      6 |      6 |      6
 GET website_packages     |      4 |      4 |      5 |      5 |      5 |      5
 GET website_sboms        |      5 |      5 |      5 |      5 |      5 |      5
 -------------------------+--------+--------+--------+--------+--------+-------
 Aggregated               |     31 |     93 |    370 |    370 |    390 |    390
 ------------------------------------------------------------------------------
 Name                     |                                        Status codes 
 ------------------------------------------------------------------------------
 GET get_advisory_by_do.. |                                             1 [200]
 GET get_analysis_lates.. |                                             1 [200]
 GET get_analysis_status  |                                             1 [200]
 GET get_sbom[sha256:d6.. |                                             1 [200]
 GET get_sbom_advisorie.. |                                             1 [200]
 GET get_sbom_packages[.. |                                             1 [200]
 GET get_sbom_related[0.. |                                             1 [200]
 GET get_vulnerability[.. |                                             1 [200]
 GET list_advisory        |                                             1 [200]
 GET list_advisory_labels |                                             1 [200]
 GET list_advisory_pagi.. |                                             1 [200]
 GET list_importer        |                                             1 [200]
 GET list_packages        |                                             1 [200]
 GET list_packages_pagi.. |                                             1 [200]
 GET list_products        |                                             1 [200]
 GET list_sboms           |                                             1 [200]
 GET list_sboms_paginated |                                             1 [200]
 GET list_vulnerabilities |                                             1 [200]
 GET list_vulnerabiliti.. |                                             1 [200]
 GET sbom_by_package[pk.. |                                             1 [200]
 GET search_advisory      |                                             1 [200]
 GET search_exact_purl    |                                             1 [200]
 GET search_licenses      |                                             8 [200]
 GET search_purls         |                                             1 [200]
 GET search_purls_by_li.. |                                             8 [200]
 GET search_sboms_by_li.. |                                             8 [200]
 GET website_advisories   |                                             4 [200]
 GET website_importers    |                                             4 [200]
 GET website_index        |                                             4 [200]
 GET website_openapi      |                                             5 [200]
 GET website_packages     |                                             4 [200]
 GET website_sboms        |                                             4 [200]
 -------------------------+----------------------------------------------------
 Aggregated               |                                            72 [200] 

 === OVERVIEW ===
 ------------------------------------------------------------------------------
 Action       Started               Stopped             Elapsed    Users
 ------------------------------------------------------------------------------
 Increasing:  2026-02-24 07:53:17 - 2026-02-24 07:53:20 (00:00:03, 0 -> 3)
 Maintaining: 2026-02-24 07:53:20 - 2026-02-24 07:57:25 (00:04:05, 3)
 Canceling:   2026-02-24 07:57:25 - 2026-02-24 07:57:25 (00:00:00, 0 <- 3)

 Target host: http://localhost:8080/
 goose v0.18.0
 ------------------------------------------------------------------------------

helio-frota
helio-frota approved these changes Feb 24, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@helio-frota helio-frota left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving with nit-comment

@helio-frota helio-frota mentioned this pull request Feb 24, 2026
Closed
@ctron ctron enabled auto-merge February 24, 2026 11:55
@ctron ctron added this pull request to the merge queue Feb 24, 2026
Merged via the queue into guacsec:main with commit e0dbe57 Feb 24, 2026
1 check passed
@ctron ctron deleted the feature/fixup_2 branch February 24, 2026 11:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@helio-frota helio-frota helio-frota approved these changes

@mrizzi mrizzi Awaiting requested review from mrizzi

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ctron @helio-frota