stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity
Files
dee252940bfd1d1c874a64a3088c500693f37f5d
git.stella-ops.org/tests/load/README.md
master 2170a58734
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
Export Center CI / export-ci (push) Has been cancelled
Details
Findings Ledger CI / build-test (push) Has been cancelled
Details
Findings Ledger CI / migration-validation (push) Has been cancelled
Details
Findings Ledger CI / generate-manifest (push) Has been cancelled
Details
Manifest Integrity / Validate Schema Integrity (push) Has been cancelled
Details
Lighthouse CI / Lighthouse Audit (push) Has been cancelled
Details
Lighthouse CI / Axe Accessibility Audit (push) Has been cancelled
Details
Manifest Integrity / Validate Contract Documents (push) Has been cancelled
Details
Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled
Details
Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled
Details
Manifest Integrity / Verify Merkle Roots (push) Has been cancelled
Details
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Details
Policy Simulation / policy-simulate (push) Has been cancelled
Details
Add comprehensive security tests for OWASP A02, A05, A07, and A08 categories 
- Implemented tests for Cryptographic Failures (A02) to ensure proper handling of sensitive data, secure algorithms, and key management.
- Added tests for Security Misconfiguration (A05) to validate production configurations, security headers, CORS settings, and feature management.
- Developed tests for Authentication Failures (A07) to enforce strong password policies, rate limiting, session management, and MFA support.
- Created tests for Software and Data Integrity Failures (A08) to verify artifact signatures, SBOM integrity, attestation chains, and feed updates.
2025-12-16 16:40:44 +02:00

89 lines
2.3 KiB
Markdown
Raw Blame History

# Load Tests
This directory contains k6 load test suites for StellaOps performance testing.
## Prerequisites
- [k6](https://k6.io/docs/getting-started/installation/) installed
- Target environment accessible
- (Optional) Grafana k6 Cloud for distributed testing
## Test Suites
### TTFS Load Test (`ttfs-load-test.js`)
Tests the Time to First Signal endpoint under various load conditions.
**Scenarios:**
- **Sustained**: 50 RPS for 5 minutes (normal operation)
- **Spike**: Ramp from 50 to 200 RPS, hold, ramp down (CI burst simulation)
- **Soak**: 25 RPS for 15 minutes (stability test)
**Thresholds (per Advisory §12.4):**
- Cache-hit P95 ≤ 250ms
- Cold-path P95 ≤ 500ms
- Error rate < 0.1%
**Run locally:**
```bash
k6 run tests/load/ttfs-load-test.js
```
**Run against staging:**
```bash
k6 run --env BASE_URL=https://staging.stellaops.local \
--env AUTH_TOKEN=$STAGING_TOKEN \
tests/load/ttfs-load-test.js
```
**Run with custom run IDs:**
```bash
k6 run --env BASE_URL=http://localhost:5000 \
--env RUN_IDS='["run-1","run-2","run-3"]' \
tests/load/ttfs-load-test.js
```
## CI Integration
Load tests can be integrated into CI pipelines. See `.gitea/workflows/load-test.yml` for an example.
```yaml
load-test-ttfs:
runs-on: ubuntu-latest
needs: [deploy-staging]
steps:
- uses: grafana/k6-action@v0.3.1
with:
filename: tests/load/ttfs-load-test.js
env:
BASE_URL: ${{ secrets.STAGING_URL }}
AUTH_TOKEN: ${{ secrets.STAGING_TOKEN }}
```
## Results
Test results are written to `results/ttfs-load-test-latest.json` and timestamped files.
Use Grafana Cloud or local Prometheus + Grafana to visualize results:
```bash
k6 run --out json=results/metrics.json tests/load/ttfs-load-test.js
```
## Writing New Load Tests
1. Create a new `.js` file in this directory
2. Define scenarios, thresholds, and the default function
3. Use custom metrics for domain-specific measurements
4. Add handleSummary for result export
5. Update this README
## Environment Variables
| Variable | Description | Default |
|----------|-------------|---------|
| `BASE_URL` | Target API base URL | `http://localhost:5000` |
| `RUN_IDS` | JSON array of run IDs to test | `["run-load-1",...,"run-load-5"]` |
| `TENANT_ID` | Tenant ID header value | `load-test-tenant` |
| `AUTH_TOKEN` | Bearer token for authentication | (none) |
Reference in New Issue View Git Blame Copy Permalink