phases: rework the logic of _pushdiscoveryphase to bound complexity
This rework the various graph traversal in _pushdiscoveryphase to keep the
complexity in check.
This is done though a couple of things:
- first, limiting the space we have to explore, for example, if we are not in
publishing push, we don't need to consider remote draft roots that are also
draft locally, as there is nothing to be moved there.
- avoid unbounded descendant computation, and use the faster "rev between"
computation.
This provide a massive boost to performance when exchanging with repository with
a massive amount of draft, like mozilla-try:
### data-env-vars.name = mozilla-try-2023-03-22-zstd-sparse-revlog
# benchmark.name = hg.command.push
# bin-env-vars.hg.flavor = default
# bin-env-vars.hg.py-re2-module = default
# benchmark.variants.explicit-rev = all-out-heads
# benchmark.variants.issue6528 = disabled
# benchmark.variants.protocol = ssh
# benchmark.variants.reuse-external-delta-parent = default
## benchmark.variants.revs = any-1-extra-rev
before: 20.346590 seconds
after: 11.232059 seconds (-38.15%, -7.48 seconds)
## benchmark.variants.revs = any-100-extra-rev
before: 24.752051 seconds
after: 15.367412 seconds (-37.91%, -9.38 seconds)
After this changes, the push operation is still quite too slow. Some of this
can be attributed to general phases slowness (reading all the roots from disk
for example) and other know slowness (not using persistent-nodemap, branchmap,
tags, etc. We are also working on them, but with this series, phase discovery
during push no longer showing up in profile and this is a pretty nice and bit
low-hanging fruit out of the way.
### (same case as the above)
# benchmark.variants.revs = any-1-extra-rev
pre-%ln-change: 44.235070
this-changeset: 11.232059 seconds (-74.61%, -33.00 seconds)
# benchmark.variants.revs = any-100-extra-rev
pre-%ln-change: 49.234697
this-changeset: 15.367412 seconds (-68.79%, -33.87 seconds)
Note that with this change, the `hg push` performance is now much closer to the
`hg pull` performance, even it still lagging behind a bit. (and the overall
performance are still too slow).
### data-env-vars.name = mozilla-try-2023-03-22-ds2-pnm
# benchmark.variants.explicit-rev = all-out-heads
# benchmark.variants.issue6528 = disabled
# benchmark.variants.protocol = ssh
# benchmark.variants.pulled-delta-reuse-policy = default
# bin-env-vars.hg.flavor = rust
## benchmark.variants.revs = any-1-extra-rev
hg.command.pull: 6.517450
hg.command.push: 11.219888
## benchmark.variants.revs = any-100-extra-rev
hg.command.pull: 10.160991
hg.command.push: 14.251107
### data-env-vars.name = mozilla-try-2023-03-22-zstd-sparse-revlog
# bin-env-vars.hg.py-re2-module = default
# benchmark.variants.explicit-rev = all-out-heads
# benchmark.variants.issue6528 = disabled
# benchmark.variants.protocol = ssh
# benchmark.variants.pulled-delta-reuse-policy = default
## bin-env-vars.hg.flavor = default
## benchmark.variants.revs = any-1-extra-rev
hg.command.pull: 8.577772
hg.command.push: 11.232059
## bin-env-vars.hg.flavor = default
## benchmark.variants.revs = any-100-extra-rev
hg.command.pull: 13.152976
hg.command.push: 15.367412
## bin-env-vars.hg.flavor = rust
## benchmark.variants.revs = any-1-extra-rev
hg.command.pull: 8.731982
hg.command.push: 11.178751
## bin-env-vars.hg.flavor = rust
## benchmark.variants.revs = any-100-extra-rev
hg.command.pull: 13.184236
hg.command.push: 15.620843
#require serve
$ cat > web.conf << EOF
> [paths]
> / = $TESTTMP/*
> EOF
$ hg init repo1
$ cd repo1
$ touch foo
$ hg -q commit -A -m initial
$ cd ..
$ hg serve -p $HGPORT -d --pid-file=hg.pid --web-conf web.conf
$ cat hg.pid >> $DAEMON_PIDS
repo index should not send Content-Security-Policy header by default
$ get-with-headers.py --headeronly localhost:$HGPORT '' content-security-policy etag
200 Script output follows
static page should not send CSP by default
$ get-with-headers.py --headeronly localhost:$HGPORT static/mercurial.js content-security-policy etag
200 Script output follows
repo page should not send CSP by default, should send ETag
$ get-with-headers.py --headeronly localhost:$HGPORT repo1 content-security-policy etag
200 Script output follows
etag: W/"*" (glob)
$ killdaemons.py
Configure CSP without nonce
$ cat >> web.conf << EOF
> [web]
> csp = script-src https://example.com/ 'unsafe-inline'
> EOF
$ hg serve -p $HGPORT -d --pid-file=hg.pid --web-conf web.conf
$ cat hg.pid > $DAEMON_PIDS
repo index should send Content-Security-Policy header when enabled
$ get-with-headers.py --headeronly localhost:$HGPORT '' content-security-policy etag
200 Script output follows
content-security-policy: script-src https://example.com/ 'unsafe-inline'
static page should send CSP when enabled
$ get-with-headers.py --headeronly localhost:$HGPORT static/mercurial.js content-security-policy etag
200 Script output follows
content-security-policy: script-src https://example.com/ 'unsafe-inline'
$ get-with-headers.py --twice --headeronly localhost:$HGPORT repo1/static/style.css content-security-policy
200 Script output follows
content-security-policy: script-src https://example.com/ 'unsafe-inline'
304 Not Modified
content-security-policy: script-src https://example.com/ 'unsafe-inline'
repo page should send CSP by default, include etag w/o nonce
$ get-with-headers.py --headeronly localhost:$HGPORT repo1 content-security-policy etag
200 Script output follows
content-security-policy: script-src https://example.com/ 'unsafe-inline'
etag: W/"*" (glob)
nonce should not be added to html if CSP doesn't use it
$ get-with-headers.py localhost:$HGPORT repo1/graph/tip | grep -E 'content-security-policy|<script'
<script type="text/javascript" src="/repo1/static/mercurial.js"></script>
<script type="text/javascript">
<script type="text/javascript">
Configure CSP with nonce
$ killdaemons.py
$ cat >> web.conf << EOF
> csp = image-src 'self'; script-src https://example.com/ 'nonce-%nonce%'
> EOF
$ hg serve -p $HGPORT -d --pid-file=hg.pid --web-conf web.conf
$ cat hg.pid > $DAEMON_PIDS
nonce should be substituted in CSP header
$ get-with-headers.py --headeronly localhost:$HGPORT '' content-security-policy etag
200 Script output follows
content-security-policy: image-src 'self'; script-src https://example.com/ 'nonce-*' (glob)
nonce should be included in CSP for static pages
$ get-with-headers.py --headeronly localhost:$HGPORT static/mercurial.js content-security-policy etag
200 Script output follows
content-security-policy: image-src 'self'; script-src https://example.com/ 'nonce-*' (glob)
repo page should have nonce, no ETag
$ get-with-headers.py --headeronly localhost:$HGPORT repo1 content-security-policy etag
200 Script output follows
content-security-policy: image-src 'self'; script-src https://example.com/ 'nonce-*' (glob)
nonce should be added to html when used
$ get-with-headers.py localhost:$HGPORT repo1/graph/tip content-security-policy | grep -E 'content-security-policy|<script'
content-security-policy: image-src 'self'; script-src https://example.com/ 'nonce-*' (glob)
<script type="text/javascript" src="/repo1/static/mercurial.js"></script>
<script type="text/javascript" nonce="*"> (glob)
<script type="text/javascript" nonce="*"> (glob)
hgweb_mod w/o hgwebdir works as expected
$ killdaemons.py
$ hg serve -R repo1 -p $HGPORT -d --pid-file=hg.pid --config "web.csp=image-src 'self'; script-src https://example.com/ 'nonce-%nonce%'"
$ cat hg.pid > $DAEMON_PIDS
static page sends CSP
$ get-with-headers.py --headeronly localhost:$HGPORT static/mercurial.js content-security-policy etag
200 Script output follows
content-security-policy: image-src 'self'; script-src https://example.com/ 'nonce-*' (glob)
nonce included in <script> and headers
$ get-with-headers.py localhost:$HGPORT graph/tip content-security-policy | grep -E 'content-security-policy|<script'
content-security-policy: image-src 'self'; script-src https://example.com/ 'nonce-*' (glob)
<script type="text/javascript" src="/static/mercurial.js"></script>
<script type="text/javascript" nonce="*"> (glob)
<script type="text/javascript" nonce="*"> (glob)