github robintra/perf-sentinel v0.5.4
on GitHub

latest releases: chart-v0.2.52, v0.8.7, chart-v0.2.51...
one month ago

What's new in v0.5.4

Interactive HTML report shipping in CI across the three major providers, plus a CLI parity round that closes most of the terminal-vs-dashboard gap, plus a doc reorg that breaks the monolithic INTEGRATION.md into three navigable files.

The interactive report (the single-file dashboard already produced by perf-sentinel report) can now be deployed automatically and linked from the PR sticky comment on GitHub Pages, GitLab Pages or Jenkins HTML Publisher, so reviewers click straight from the comment into a per-PR Findings / Explain / pg_stat / Diff / Correlations / GreenOps view. The CLI parity round fills the remaining gaps where the terminal showed less than the dashboard: the diff text output now matches the dashboard's fidelity, the Correlations panel lands in the inspect TUI, the report subcommand prints a trim notice when traces are capped, and the dashboard surfaces the quality-gate rule and confidence badge per finding. Terminal output is also sanitized through a new text_safety module that strips ANSI escapes, OSC 8 hyperlinks and other control bytes from user-controlled fields before printing.

Added

  • Interactive HTML report linked from the PR sticky comment. Three CI provider paths, all opt-in.
    • GitHub Pages. Two new companion templates under docs/ci-templates/: github-actions-baseline.yml (refreshes the trunk baseline on every push to main) and github-actions-report-cleanup.yml (removes pr-<N>/ on PR close). The main github-actions.yml template gains a deploy step. Sticky comment ships an Interactive report (Diff view) link that opens on #diff when a baseline is available, #findings otherwise. Concurrency lock gh-pages-deploy on all five gh-pages-touching workflows. Documented limitations: Pages on GitHub Free requires a public repo, fork PRs need pull_request_target + workflow_run for the sticky-comment write.
    • GitLab Pages. Two opt-in blocks in docs/ci-templates/gitlab-ci.yml: perf-sentinel-pages-simple for Free tier (single default-branch deployment) and perf-sentinel-pages for Premium/Ultimate (per-MR path_prefix deployments, 30-day expire_in backstop, immediate cleanup on MR close/merge).
    • Jenkins HTML Publisher. Stable sidebar URL at ${BUILD_URL}perf-sentinel/. Header documents the default CSP block on inline CSS/JS and the two workarounds (Resource Root URL recommended for Jenkins 2.200+, hudson.model.DirectoryBrowserSupport.CSP system property as fallback). Pipeline requirements (MultiBranch + Linux agent), options { timeout(30 min) + disableConcurrentBuilds() }, enabledForFailure: true on recordIssues so SARIF renders on failed PR builds, plugin minimums for Warnings Next Generation and HTML Publisher.
  • inspect accepts a Report JSON file in addition to event arrays. Auto-detect on the top-level shape ([ for events, { for a Report). Lets you pipe a daemon /api/export/report snapshot or an analyze --format json artifact straight into the TUI for cross-panel navigation, without re-running the full pipeline.
  • Correlations panel in inspect TUI. Layout shifts from three panels to four: Traces, Findings, Correlations, Detail. Exposes the cross-trace pairs that the HTML dashboard's Correlations tab already shows, navigable with Tab / j / k. Closes the last significant terminal-vs-dashboard gap.
  • Trim notice on report --max-traces-embedded. When the dashboard caps embedded traces under the 5 MB JSON budget, the CLI now logs Embedded N of M traces in the dashboard (K trimmed for file size). Use --max-traces-embedded <higher> to keep more. Previously the trim was silent on the CLI and only visible as a banner inside the rendered HTML.
  • Quality-gate rules and confidence surfaced in the HTML dashboard. Findings tab shows the rule that matched the gate alongside a confidence badge per finding (matches the SARIF / CI output).
  • Trivy image scan and Gitleaks secret scan in CI. Trivy gates the multi-arch image build, Gitleaks audits every push to a tracked branch.

Changed

  • docs/INTEGRATION.md split into three balanced docs. New docs/INSTRUMENTATION.md collects Kubernetes deployment, cloud provider integrations, OTel Collector production setup with sampling guidance, required span attributes and per-language instrumentation (Java, Quarkus, .NET, Rust). New docs/CI.md collects CI mode, the GitHub / GitLab / Jenkins recipes with their interactive HTML report subsections, the quality-gate philosophy, the SARIF surfaces overview and the diff subcommand for PR regression detection. INTEGRATION.md keeps the topology overview, the four quick starts, the input/output formats, the daemon HTTP API, advanced carbon scoring, Tempo and Jaeger ingestion and troubleshooting. Strict EN+FR parity, cross-doc nav blocks added on all six files. Tables of contents added to LIMITATIONS.md, INTEGRATION.md, HELM-DEPLOYMENT.md, QUERY-API.md and CONFIGURATION.md.
  • Quality gate blocks on PR, stays informational on trunk. CI templates and the "Quality-gate philosophy" section of INTEGRATION.md now implement the PR-blocks / trunk-informational split. On a pull request the gate fails the build as before. On a push to the default branch the SARIF is still uploaded and the PR comment / Code Quality / Warnings NG surfaces still fire, but the build stays green. Closes the "main stays red after merge" anti-pattern reported on the integration channel.

Fixed

  • Terminal output sanitized through a new text_safety module. ANSI escapes, OSC 8 hyperlinks, NULs and other C0/C1 control bytes from user-controlled fields (templates, services, suggestions, span names) are replaced with ? before printing. Closes a CLI-side terminal injection vector. Shared between render (analyze, diff, top-findings) and explain.
  • diff text output enriched. Prints the full template, occurrence count, severity and services per regression. Previously truncated, requiring a dashboard handoff to see what changed.
  • analyze writes to stdout when no --output flag is given. The CI template snippets that piped via --output referenced a flag the binary did not surface for that subcommand. Templates now use a redirect.

Tests

  • Browser-level Playwright suite for the interactive dashboard. Exercises theme toggle, deep-link hashes (read on load + written on state change via history.replaceState), tab nav including the vim-style g f/e/p/d/c/r sequence, full-text search modal, cheatsheet modal, sessionStorage persistence and CSV export per listable tab.
  • New TUI tests around the four-panel layout, the empty-state hint when correlations are unavailable, and the inspect Report-mode auto-detection.
  • 1247 tests across the workspace, clippy strict (-D warnings, #![warn(clippy::pedantic)]), zero warnings.

Docs

  • New "Sampling and detection accuracy" subsection in docs/INTEGRATION.md and the FR mirror. Documents that head-based sampling silently breaks count-based detections (N+1, chatty service, fanout, pool saturation, serialized parallelizable calls), that within a kept trace all spans are preserved, that tail-based sampling stays compatible because the policies that surface anti-patterns are the same as those used for incident review, that CI runs should keep 100% of traces, and that pg-stat mode is sampling-immune because pg_stat_statements aggregates server-side.
  • Helm chart 0.2.4, 0.2.5, 0.2.6 and 0.2.7 along the way. Claims the Artifact Hub Official badge, refreshes the install note, drops internal-only terminology and bumps the default appVersion to 0.5.4 with the matching image tag in artifacthub.io/images.
  • Release workflow badge added to README.md, Artifact Hub badge linked.

Install

Prebuilt binaries (Linux amd64 / arm64, macOS arm64, Windows amd64): 

curl -LO https://github.com/robintra/perf-sentinel/releases/download/v0.5.4/perf-sentinel-linux-amd64
chmod +x perf-sentinel-linux-amd64
sudo mv perf-sentinel-linux-amd64 /usr/local/bin/perf-sentinel

Linux binaries are statically linked against musl and run on any distribution (Alpine, Debian, RHEL, Ubuntu any version) regardless of glibc version, and inside FROM scratch images.

From crates.io: 

cargo install perf-sentinel

Docker: 

docker run --rm -p 4317:4317 -p 4318:4318 \
  ghcr.io/robintra/perf-sentinel:0.5.4 watch --listen-address 0.0.0.0

Also available on Docker Hub: robintrassard/perf-sentinel:0.5.4.

Helm (chart 0.2.7 ships 0.5.4 as its appVersion default): 

helm install perf-sentinel oci://ghcr.io/robintra/charts/perf-sentinel \
  --version 0.2.7 \
  --namespace observability --create-namespace

Verify the binary against SHA256SUMS.txt: 

curl -LO https://github.com/robintra/perf-sentinel/releases/download/v0.5.4/SHA256SUMS.txt
sha256sum -c SHA256SUMS.txt --ignore-missing

Full diff: v0.5.3...v0.5.4

Check out latest releases or
releases around robintra/perf-sentinel v0.5.4

Don't miss a new perf-sentinel release

NewReleases is sending notifications on new releases.

Get notifications