Skip to content

feat(xtest): DSPX-1716 Test improvements #363

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
ImDevinC wants to merge 10 commits into
base: main
Choose a base branch
from
Open

feat(xtest): DSPX-1716 Test improvements #363

ImDevinC wants to merge 10 commits into from

Conversation

@ImDevinC
Copy link
Contributor

@ImDevinC ImDevinC commented Dec 13, 2025

Add Parallel Test Execution Support (Phase 1) - Performance Optimization
Summary
This PR implements Phase 1 of the comprehensive test suite performance optimization plan, introducing parallel test execution capabilities using pytest-xdist. This is the first step toward achieving a 50-70% reduction in test execution time for the OpenTDF test suite.
Changes
🚀 Core Functionality

  • Added pytest-xdist support (pytest-xdist==3.6.1) to enable parallel test execution across multiple CPU cores

  • Tests can now be run with pytest -n auto to automatically utilize available CPU cores

  • Initial testing shows 350%+ CPU utilization on multi-core systems (vs 100% sequential)
    📋 Planning & Documentation

  • PLAN.md: Comprehensive performance optimization roadmap analyzing the entire test suite

    • Identified bottlenecks (subprocess calls, fixture scoping, test parameterization)
    • Detailed 8-phase implementation strategy
    • Performance projections: Full run 30 min → 5-8 min (target)

  • TASKS.md: Actionable task breakdown across 8 phases with clear milestones

    • Phase 1: Quick Wins ✅ (Parallel execution - COMPLETED)
    • Phase 2-8: Infrastructure, optimization, and monitoring (future work)
    • Each phase includes specific tasks, expected outcomes, and time estimates

  • PARALLEL_EXECUTION_FINDINGS.md: Detailed analysis of Phase 1 implementation

    • Test results and validation
    • Identified shared state issues (cipherTexts cache, global counter)
    • Performance observations and recommendations for Phase 2
    • Developer usage guidelines
      🔧 Dependencies

  • Updated requirements.txt with pytest-xdist==3.6.1
    Testing & Validation
    ✅ Tests Pass Successfully

  • test_nano.py: 8 tests in 0.82s with parallel execution (baseline: ~2s sequential)

  • test_tdfs.py: Validated with focused test runs

  • No test failures introduced by parallelization

  • No race conditions or data corruption detected
    🔍 Identified Issues (Non-blocking)
    The following global variables were identified but do NOT cause correctness issues:

  • cipherTexts dict in test_tdfs.py and test_abac.py - Cache efficiency issue only

  • counter variable in test_tdfs.py - Isolated per worker
    Impact: Workers cannot share cached encrypted TDF files, leading to redundant encryption operations. Tests still pass correctly, but not yet fully optimized. This will be addressed in Phase 2 with filesystem-based caching.
    Performance Impact
    Current State

  • ✅ Parallel execution works correctly with -n auto

  • ✅ Significant CPU utilization improvement (350%+)

  • ⚠️ Cache sharing not yet optimized (Phase 2 work)
    Expected After Phase 2

  • Full 50-70% time reduction when filesystem-based cache is implemented

  • Cross-worker cache sharing for encrypted TDF files

  • Reduced redundant encryption operations
    Usage
    Developers can immediately start using parallel execution:

Auto-detect CPU cores and run in parallel

pytest -n auto

Explicit worker count

pytest -n 4

Parallel with verbose output

pytest -n auto -v

Focused parallel tests

pytest test_nano.py -n auto
pytest test_tdfs.py --focus=go --sdks=go --containers=nano -n 2

@ImDevinC ImDevinC requested review from a team as code owners December 13, 2025 04:35
@gemini-code-assist
Copy link
Contributor

gemini-code-assist bot commented Dec 13, 2025

Summary of Changes

Hello @ImDevinC, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request initiates a significant performance optimization effort for the test suite by implementing parallel test execution using pytest-xdist. This is the first phase of a multi-phase plan aimed at drastically reducing test execution time. The changes enable developers to run tests in parallel, improve CPU utilization, and lay the groundwork for further optimizations, while also providing comprehensive documentation for the entire optimization roadmap.

Highlights

  • Parallel Test Execution: Introduced pytest-xdist (version 3.6.1) to enable parallel test execution, marking Phase 1 of a comprehensive test suite performance optimization plan. This allows tests to run across multiple CPU cores, significantly improving CPU utilization.
  • New Documentation: Added PLAN.md outlining the 8-phase performance optimization roadmap, TASKS.md detailing actionable tasks and milestones, and PARALLEL_EXECUTION_FINDINGS.md with analysis of Phase 1 implementation, including identified non-blocking issues and usage guidelines.
  • Dependency Update: The xtest/requirements.txt file was updated to include pytest-xdist==3.6.1.
  • Validation and Performance: All tests pass successfully with parallel execution, and no race conditions or data corruption were detected. Initial testing shows over 350% CPU utilization improvement. Identified non-blocking issues related to cache sharing (e.g., cipherTexts dict) will be addressed in Phase 2.
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

gemini-code-assist[bot]
gemini-code-assist bot reviewed Dec 13, 2025
View reviewed changes
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request is a great step towards improving test performance by introducing parallel execution with pytest-xdist. The detailed planning documents are excellent and provide great context for this multi-phase optimization effort.

The addition of pytest-xdist to requirements.txt is correct.

However, I noticed a minor issue regarding global state that becomes more important with parallel execution. While your investigation correctly identified shared state in cipherTexts caches and the counter variable in test_tdfs.py, I also found that xtest/test_abac.py declares global counter in two test functions but never uses it:

  • test_key_mapping_multiple_mechanisms
  • test_autoconfigure_one_attribute_standard

This appears to be dead code, possibly left over from refactoring. While it doesn't cause a failure, it is confusing and could lead to bugs if this variable is used in the future expecting it to be initialized. To improve code clarity and prevent future issues, I recommend removing these unused global counter declarations from xtest/test_abac.py.

This is a small cleanup, but it will help make the test suite more robust for further parallelization work. Overall, this is a solid first step!

@github-actions

This comment was marked as outdated.

Sign in to view
@github-actions

This comment was marked as outdated.

Sign in to view
@github-actions

This comment was marked as outdated.

Sign in to view
@ImDevinC
Fix file collision issue in parallel test execution
86f773b 
- Add worker_id parameter to prevent filename collisions between pytest-xdist workers
- Update do_encrypt_with() and all test functions in test_tdfs.py to use worker_id
- Update test functions in test_abac.py with similar pattern
- Filenames now include worker ID prefix (e.g., [email protected])
- Fixes 8 test failures that occurred when running with pytest -n auto
- Tests now work correctly both sequentially and in parallel
@github-actions

This comment was marked as outdated.

Sign in to view
@github-actions

This comment was marked as outdated.

Sign in to view
@github-actions

This comment was marked as outdated.

Sign in to view
@ImDevinC
Fix parallel test failures by changing fixture scopes to session
7fba887 
The root cause was that assertion signing keys (hs256_key, rs256_keys) were
regenerating between tests with scope='module'. This caused signature
verification failures when cached encrypted files were reused with different keys.

Changes:
- tmp_dir: module -> session scope (line 170)
- hs256_key: module -> session scope (line 1015)
- rs256_keys: module -> session scope (line 1020)
- assertion_file_no_keys: module -> session scope (line 1058)
- assertion_file_rs_and_hs_keys: module -> session scope (line 1078)
- assertion_verification_file_rs_and_hs_keys: module -> session scope (line 1134)

All 25 test_tdf_assertions_with_keys tests now pass with pytest -n auto.

Fixes signature verification error: 'Unable to verify assertion signature'
in test_tdf_assertions_with_keys[small-go@main-java@main-in_focus0]
@github-actions

This comment was marked as outdated.

Sign in to view
@github-actions

This comment was marked as outdated.

Sign in to view
@ImDevinC
Use deterministic assertion signing keys for pytest-xdist compatibility
33d69bc 
The real issue: pytest-xdist session-scoped fixtures are evaluated PER WORKER,
not globally. Each worker process was generating different random keys, causing
signature verification failures when cached encrypted files were reused across
workers.

Solution: Replace random key generation with fixed, deterministic test keys
that are identical across all workers.

Changes:
- hs256_key: Use fixed 32-byte key instead of secrets.token_bytes()
- rs256_keys: Use hardcoded RSA-2048 test key pair instead of generating random keys

This ensures all workers encrypt and decrypt with the exact same keys,
eliminating the 'Unable to verify assertion signature' error in parallel tests.

Verified locally: 25/25 tests pass with pytest -n 20
@github-actions

This comment was marked as outdated.

Sign in to view
@github-actions

This comment was marked as outdated.

Sign in to view
@ImDevinC
Fix parallel test failures in test_policytypes.py by including attrib…
9a51522 
…ute FQNs in cache keys

The cipherTexts cache was using keys based only on sample_name (e.g., '[email protected]'),
which did not include the namespace-qualified attribute FQNs. In parallel execution with pytest-xdist,
each worker gets a different random namespace from the temporary_namespace fixture, causing cache collisions:

- Worker gw0 creates attributes like https://pvxpkhgw.com/attr/or/value/alpha
- Worker gw1 creates attributes like https://cgbeyhbe.com/attr/or/value/alpha
- Both workers use the same cache key, leading to namespace mismatches, assertion failures,
  file corruption (BadZipFile), and race conditions

Fix: Include sorted FQNs in cache_key to ensure namespace-specific caching across all 4 test functions:
- test_or_attributes_success
- test_and_attributes_success
- test_hierarchy_attributes_success
- test_container_policy_mode
@sonarqubecloud
Copy link

sonarqubecloud bot commented Dec 15, 2025

Quality Gate Failed Quality Gate failed

Failed conditions
1 Security Hotspot
12.5% Duplication on New Code (required ≤ 8%)

See analysis details on SonarQube Cloud

@github-actions
Copy link

github-actions bot commented Dec 15, 2025

X-Test Failure Report

✅ js-v0.4.34
✅ go-v0.4.34
✅ java-v0.4.34
❌ js-main
❌ java-main
❌ go-main

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ImDevinC