up
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
AOC Guard CI / aoc-guard (push) Has been cancelled
Policy Lint & Smoke / policy-lint (push) Has been cancelled
SDK Publish & Sign / sdk-publish (push) Has been cancelled
sdk-generator-smoke / sdk-smoke (push) Has been cancelled
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
AOC Guard CI / aoc-guard (push) Has been cancelled
Policy Lint & Smoke / policy-lint (push) Has been cancelled
SDK Publish & Sign / sdk-publish (push) Has been cancelled
sdk-generator-smoke / sdk-smoke (push) Has been cancelled
This commit is contained in:
StellaOps Bot
@@ -1,10 +1,12 @@
|
||||
# Bench scripts
|
||||
|
||||
- `determinism-run.sh`: runs BENCH-DETERMINISM-401-057 harness (`src/Bench/StellaOps.Bench/Determinism`), writes artifacts to `out/bench-determinism`, and enforces threshold via `BENCH_DETERMINISM_THRESHOLD` (default 0.95). Defaults to 10 runs per scanner/SBOM pair. Pass `DET_EXTRA_INPUTS` (space-separated globs) to include frozen feeds in `inputs.sha256`; `DET_RUN_EXTRA_ARGS` to forward extra args to the harness.
|
||||
- `determinism-run.sh`: runs BENCH-DETERMINISM-401-057 harness (`src/Bench/StellaOps.Bench/Determinism`), writes artifacts to `out/bench-determinism`, and enforces threshold via `BENCH_DETERMINISM_THRESHOLD` (default 0.95). Defaults to 10 runs per scanner/SBOM pair. Pass `DET_EXTRA_INPUTS` (space-separated globs) to include frozen feeds in `inputs.sha256`; `DET_RUN_EXTRA_ARGS` to forward extra args to the harness; `DET_REACH_GRAPHS`/`DET_REACH_RUNTIME` to hash reachability datasets and emit `dataset.sha256` + `results-reach.*`.
|
||||
|
||||
Usage:
|
||||
```sh
|
||||
BENCH_DETERMINISM_THRESHOLD=0.97 \
|
||||
DET_EXTRA_INPUTS="offline/feeds/*.tar.gz" \
|
||||
DET_REACH_GRAPHS="offline/reachability/graphs/*.json" \
|
||||
DET_REACH_RUNTIME="offline/reachability/runtime/*.ndjson" \
|
||||
scripts/bench/determinism-run.sh
|
||||
```
|
||||
|
||||
@@ -28,5 +28,28 @@ printf "timestamp=%s\n" "$(date -u +"%Y-%m-%dT%H:%M:%SZ")" >> "$OUT/summary.txt"
|
||||
|
||||
awk -v rate="$det_rate" -v th="$THRESHOLD" 'BEGIN {if (rate+0 < th+0) {printf("determinism_rate %s is below threshold %s\n", rate, th); exit 1}}'
|
||||
|
||||
if [ -n "${DET_REACH_GRAPHS:-}" ]; then
|
||||
echo "[bench-determinism] running reachability dataset hash"
|
||||
reach_graphs=${DET_REACH_GRAPHS}
|
||||
reach_runtime=${DET_REACH_RUNTIME:-}
|
||||
# prefix relative globs with repo root for consistency
|
||||
case "$reach_graphs" in
|
||||
/*) ;;
|
||||
*) reach_graphs="${ROOT}/${reach_graphs}" ;;
|
||||
esac
|
||||
case "$reach_runtime" in
|
||||
/*|"") ;;
|
||||
*) reach_runtime="${ROOT}/${reach_runtime}" ;;
|
||||
esac
|
||||
python run_reachability.py \
|
||||
--graphs ${reach_graphs} \
|
||||
--runtime ${reach_runtime} \
|
||||
--output results
|
||||
# copy reachability outputs
|
||||
cp results/results-reach.csv "$OUT"/ || true
|
||||
cp results/results-reach.json "$OUT"/ || true
|
||||
cp results/dataset.sha256 "$OUT"/ || true
|
||||
fi
|
||||
|
||||
tar -C "$OUT" -czf "$OUT/bench-determinism-artifacts.tgz" .
|
||||
echo "[bench-determinism] artifacts at $OUT"
|
||||
|
||||
Reference in New Issue
Block a user