perf(internal, profiling): use Rust based importlib.metadata.distributions() impl #82480

Workflow file for this run

.github/workflows/system-tests.yml at f005017

	name: System Tests

	on:
	push:
	branches:
	- main
	- mq-working-branch-*
	merge_group:
	pull_request:
	workflow_dispatch: {}
	schedule:
	- cron: '00 04 * * 2-6'

	jobs:
	build-wheels:
	runs-on: ubuntu-latest
	strategy:
	matrix:
	include:
	- python-version: '3.11'
	cp-version: 'cp311'
	- python-version: '3.12'
	cp-version: 'cp312'
	- python-version: '3.13'
	cp-version: 'cp313'
	env:
	CIBW_BUILD: ${{ matrix.cp-version }}-manylinux_x86_64
	CIBW_BEFORE_ALL_LINUX: "curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs \| sh -s -- -y"
	CIBW_ENVIRONMENT: "PATH=$HOME/.cargo/bin:$PATH CMAKE_BUILD_PARALLEL_LEVEL=12 CARGO_BUILD_JOBS=12"
	CIBW_TEST_COMMAND: "python {project}/tests/smoke_test.py"
	steps:
	- name: Checkout code
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
	with:
	persist-credentials: false

	- name: Set up Python
	uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
	with:
	python-version: "3.13"

	- name: Build wheels
	uses: pypa/cibuildwheel@63fd63b352a9a8bdcc24791c9dbee952ee9a8abc # v3.3.0

	- name: Upload artifact
	uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
	with:
	name: wheels-${{ matrix.cp-version }}-manylinux_x86_64
	path: ./wheelhouse/*.whl

	system-tests-build-weblog:
	needs:
	- build-wheels
	runs-on: ubuntu-latest
	strategy:
	matrix:
	include:
	- weblog-variant: flask-poc
	- weblog-variant: uwsgi-poc
	- weblog-variant: django-poc
	- weblog-variant: fastapi
	# runs django-poc for 3.12
	- weblog-variant: python3.12
	- weblog-variant: django-py3.13
	fail-fast: false
	env:
	TEST_LIBRARY: python
	WEBLOG_VARIANT: ${{ matrix.weblog-variant }}
	CMAKE_BUILD_PARALLEL_LEVEL: 12
	steps:
	- name: Install Dependencies
	run: sudo apt-get install -y patchelf

	- name: Checkout system tests
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
	with:
	persist-credentials: false
	repository: 'DataDog/system-tests'
	# Automatically managed, use scripts/update-system-tests-version to update
	ref: 'e1cd85f960c713cf6a7e9caa61094b5914d0e386'

	- name: Download wheels to binaries directory
	uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
	with:
	pattern: wheels-*
	path: binaries/
	merge-multiple: true

	- name: Build
	run: ./build.sh -i weblog

	- name: Save
	id: save
	run: \|
	docker image save system_tests/weblog:latest \| gzip > ${{ matrix.weblog-variant}}_weblog_${{ github.sha }}.tar.gz

	- uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
	with:
	name: ${{ matrix.weblog-variant }}_${{ github.sha }}
	path: \|
	${{ matrix.weblog-variant}}_weblog_${{ github.sha }}.tar.gz
	retention-days: 2

	system-tests:
	runs-on: ubuntu-latest
	needs: [system-tests-build-weblog]
	strategy:
	matrix:
	weblog-variant: [flask-poc, uwsgi-poc , django-poc, fastapi, python3.12, django-py3.13]
	scenario: [remote-config, appsec, appsec-1, other]
	include:
	- weblog-variant: flask-poc
	scenario: debugger-1
	- weblog-variant: flask-poc
	scenario: debugger-2
	- weblog-variant: uwsgi-poc
	scenario: debugger-1
	- weblog-variant: uwsgi-poc
	scenario: debugger-2
	fail-fast: false
	env:
	TEST_LIBRARY: python
	WEBLOG_VARIANT: ${{ matrix.weblog-variant }}
	CMAKE_BUILD_PARALLEL_LEVEL: 12
	steps:

	- name: Checkout system tests
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
	with:
	persist-credentials: false
	repository: 'DataDog/system-tests'
	# Automatically managed, use scripts/update-system-tests-version to update
	ref: 'e1cd85f960c713cf6a7e9caa61094b5914d0e386'

	- name: Build runner
	uses: ./.github/actions/install_runner

	- uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
	with:
	name: ${{ matrix.weblog-variant }}_${{ github.sha }}
	path: images_artifacts/

	- name: docker load
	id: docker_load
	run: \|
	docker load < images_artifacts/${{ matrix.weblog-variant}}_weblog_${{ github.sha }}.tar.gz

	- name: Run DEFAULT
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'other'
	run: ./run.sh DEFAULT

	- name: Run SAMPLING
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'other'
	run: ./run.sh SAMPLING

	- name: Run INTEGRATIONS
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'other'
	run: ./run.sh INTEGRATIONS

	- name: Run CROSSED_TRACING_LIBRARIES
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'other'
	run: ./run.sh CROSSED_TRACING_LIBRARIES

	- name: Run PROFILING
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'other'
	run: \|
	cat /proc/sys/kernel/perf_event_paranoid
	sudo sysctl kernel.perf_event_paranoid=1
	sudo sysctl -p
	./run.sh PROFILING

	- name: Run AGENT_SUPPORTING_SPAN_EVENTS
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'other'
	run: ./run.sh AGENT_SUPPORTING_SPAN_EVENTS

	- name: Run RUNTIME_METRICS_ENABLED
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'other'
	run: ./run.sh RUNTIME_METRICS_ENABLED

	- name: Run REMOTE_CONFIG_MOCKED_BACKEND_ASM_FEATURES
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'remote-config'
	run: ./run.sh REMOTE_CONFIG_MOCKED_BACKEND_ASM_FEATURES

	- name: Run REMOTE_CONFIG_MOCKED_BACKEND_LIVE_DEBUGGING
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'remote-config'
	run: ./run.sh REMOTE_CONFIG_MOCKED_BACKEND_LIVE_DEBUGGING

	- name: Run REMOTE_CONFIG_MOCKED_BACKEND_ASM_DD
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'remote-config'
	run: ./run.sh REMOTE_CONFIG_MOCKED_BACKEND_ASM_DD

	- name: Run APPSEC_MISSING_RULES
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'appsec'
	run: ./run.sh APPSEC_MISSING_RULES

	- name: Run APPSEC_ATO_SDK
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'appsec'
	run: ./run.sh APPSEC_ATO_SDK

	- name: Run APPSEC_AUTO_EVENTS_EXTENDED
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'appsec'
	run: ./run.sh APPSEC_AUTO_EVENTS_EXTENDED

	- name: Run APPSEC_CUSTOM_RULES
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'appsec'
	run: ./run.sh APPSEC_CUSTOM_RULES

	- name: Run APPSEC_CORRUPTED_RULES
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'appsec'
	run: ./run.sh APPSEC_CORRUPTED_RULES

	- name: Run APPSEC_RULES_MONITORING_WITH_ERRORS
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'appsec'
	run: ./run.sh APPSEC_RULES_MONITORING_WITH_ERRORS

	- name: Run APPSEC_LOW_WAF_TIMEOUT
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'appsec'
	run: ./run.sh APPSEC_LOW_WAF_TIMEOUT

	- name: Run APPSEC_CUSTOM_OBFUSCATION
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'appsec'
	run: ./run.sh APPSEC_CUSTOM_OBFUSCATION

	- name: Run APPSEC_RATE_LIMITER
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'appsec'
	run: ./run.sh APPSEC_RATE_LIMITER

	- name: Run APPSEC_STANDALONE
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'appsec-1'
	run: ./run.sh APPSEC_STANDALONE

	- name: Run APPSEC_STANDALONE_API_SECURITY
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'appsec-1'
	run: ./run.sh APPSEC_STANDALONE_API_SECURITY

	- name: Run IAST_STANDALONE
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'appsec-1'
	run: ./run.sh IAST_STANDALONE

	- name: Run SCA_STANDALONE
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'appsec-1'
	run: ./run.sh SCA_STANDALONE

	- name: Run APPSEC_RUNTIME_ACTIVATION
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'appsec-1'
	run: ./run.sh APPSEC_RUNTIME_ACTIVATION

	- name: Run APPSEC_WAF_TELEMETRY
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'appsec-1'
	run: ./run.sh APPSEC_WAF_TELEMETRY

	- name: Run APPSEC_DISABLED
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'appsec-1'
	run: ./run.sh APPSEC_DISABLED

	- name: Run APPSEC_BLOCKING
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'appsec-1'
	run: ./run.sh APPSEC_BLOCKING

	- name: Run APPSEC_BLOCKING_FULL_DENYLIST
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'appsec-1'
	run: ./run.sh APPSEC_BLOCKING_FULL_DENYLIST

	- name: Run APPSEC_RASP
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'appsec-1'
	run: ./run.sh APPSEC_RASP

	- name: Run APPSEC_RASP_NON_BLOCKING
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'appsec-1'
	run: ./run.sh APPSEC_RASP_NON_BLOCKING

	- name: Run APPSEC_RASP_WITHOUT_DOWNSTREAM_BODY_ANALYSIS_USING_MAX
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'appsec-1'
	run: ./run.sh APPSEC_RASP_WITHOUT_DOWNSTREAM_BODY_ANALYSIS_USING_MAX

	- name: Run APPSEC_RASP_WITHOUT_DOWNSTREAM_BODY_ANALYSIS_USING_SAMPLE_RATE
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'appsec-1'
	run: ./run.sh APPSEC_RASP_WITHOUT_DOWNSTREAM_BODY_ANALYSIS_USING_SAMPLE_RATE

	- name: Run APPSEC_STANDALONE_RASP
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'appsec-1'
	run: ./run.sh APPSEC_STANDALONE_RASP

	- name: Run DEBUGGER_PROBES_STATUS
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'debugger-1'
	run: ./run.sh DEBUGGER_PROBES_STATUS

	- name: Run DEBUGGER_PROBES_SNAPSHOT
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'debugger-1'
	run: ./run.sh DEBUGGER_PROBES_SNAPSHOT

	- name: Run DEBUGGER_PII_REDACTION
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'debugger-1'
	run: ./run.sh DEBUGGER_PII_REDACTION

	- name: Run DEBUGGER_EXPRESSION_LANGUAGE
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'debugger-1'
	run: ./run.sh DEBUGGER_EXPRESSION_LANGUAGE

	- name: Run DEBUGGER_EXCEPTION_REPLAY
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'debugger-2'
	run: ./run.sh DEBUGGER_EXCEPTION_REPLAY

	- name: Run DEBUGGER_SYMDB
	if: always() && steps.docker_load.outcome == 'success' && matrix.scenario == 'debugger-2'
	run: ./run.sh DEBUGGER_SYMDB

	# The compress step speed up a lot the upload artifact process
	- name: Compress artifact
	if: always() && steps.docker_load.outcome == 'success'
	id: compress-artifact
	run: tar -czvf artifact.tar.gz $(ls \| grep logs)

	- name: Upload artifact
	uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
	if: always() && steps.docker_load.outcome == 'success'
	with:
	name: logs_${{ matrix.weblog-variant }}_${{ matrix.scenario }}
	path: artifact.tar.gz


	parametric:
	needs:
	- build-wheels
	runs-on: ubuntu-latest
	env:
	TEST_LIBRARY: python
	steps:
	- name: Install Dependencies
	run: sudo apt-get install -y patchelf

	- name: Checkout system tests
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
	with:
	persist-credentials: false
	repository: 'DataDog/system-tests'
	# Automatically managed, use scripts/update-system-tests-version to update
	ref: 'e1cd85f960c713cf6a7e9caa61094b5914d0e386'
	- name: Download wheels to binaries directory
	uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
	with:
	pattern: wheels-*
	path: binaries/
	merge-multiple: true

	- name: Build runner
	id: build_runner
	uses: ./.github/actions/install_runner

	- name: Run
	if: always() && steps.build_runner.outcome == 'success'
	run: ./run.sh PARAMETRIC

	- name: Compress artifact
	if: always() && steps.build_runner.outcome == 'success'
	run: tar -czvf artifact.tar.gz $(ls \| grep logs)

	- name: Upload artifact
	uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
	if: always() && steps.build_runner.outcome == 'success'
	with:
	name: logs_parametric
	path: artifact.tar.gz

	serverless-system-tests-build-layer:
	runs-on: ubuntu-latest
	needs: [build-wheels]
	steps:
	- name: Checkout datadog-lambda-python
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
	with:
	persist-credentials: false
	repository: "DataDog/datadog-lambda-python"

	- name: Download wheel to binaries directory
	uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
	with:
	name: wheels-cp313-manylinux_x86_64
	path: artifacts/

	- name: Build datadog_lambda layer
	run: \|
	wheel_path=$(find ./artifacts -name "*.whl" \| head -n 1)
	sed -i 's\|^ddtrace =.*$\|ddtrace = { file = "'"$wheel_path"'" }\|' pyproject.toml
	ARCH=amd64 PYTHON_VERSION=3.13 ./scripts/build_layers.sh

	- name: Upload layer artifact
	uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
	with:
	path: .layers/datadog_lambda_py-amd64-3.13.zip
	name: serverless_system_tests_binaries

	serverless-system-tests:
	needs: [serverless-system-tests-build-layer]
	# Automatically managed, use scripts/update-system-tests-version to update
	uses: DataDog/system-tests/.github/workflows/system-tests.yml@e1cd85f960c713cf6a7e9caa61094b5914d0e386
	secrets: inherit
	permissions:
	contents: read
	packages: write
	with:
	library: python_lambda
	binaries_artifact: serverless_system_tests_binaries
	scenarios_groups: lambda_end_to_end
	skip_empty_scenarios: true

	integration-frameworks-combine-wheels:
	runs-on: ubuntu-latest
	needs: [build-wheels]
	steps:
	- name: Download wheels to binaries directory
	uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
	with:
	pattern: wheels-*
	path: binaries/
	merge-multiple: true

	- name: Upload combined wheels
	uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
	with:
	name: integration-frameworks-wheels
	path: binaries/

	integration-frameworks-system-tests:
	needs: [integration-frameworks-combine-wheels]
	# Automatically managed, use scripts/update-system-tests-version to update
	uses: DataDog/system-tests/.github/workflows/system-tests.yml@e1cd85f960c713cf6a7e9caa61094b5914d0e386
	secrets: inherit
	permissions:
	contents: read
	packages: write
	with:
	library: python
	scenarios: INTEGRATION_FRAMEWORKS
	binaries_artifact: integration-frameworks-wheels

	finished:
	name: system-tests finished
	runs-on: ubuntu-latest
	needs: [parametric, system-tests, serverless-system-tests, integration-frameworks-system-tests]
	if: success() \|\| failure()
	steps:
	- name: True when everything else succeeded
	if: needs.parametric.result == 'success' && needs.system-tests.result == 'success' && needs.serverless-system-tests.result == 'success'
	run: exit 0
	- name: Fails if anything else failed
	if: needs.parametric.result != 'success' \|\| needs.system-tests.result != 'success' \|\| needs.serverless-system-tests.result != 'success'
	run: exit 1

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

perf(internal, profiling): use Rust based importlib.metadata.distributions() impl #82480

Workflow file

perf(internal, profiling): use Rust based importlib.metadata.distributions() impl #82480

Uh oh!

Workflow file for this run