feat(load): k6 precheck baseline + weekly regression gate#1
Merged
Shaivpidadi merged 1 commit intomainfrom Apr 24, 2026
Merged
Conversation
- Rewrite load/precheck-baseline.js to target POST /api/v1/precheck with the real X-Governs-Key header and a realistic payload mix. Ramp 10->1000 RPS over 5 minutes; thresholds P99<50ms, error rate<0.1%. - Add load/compare-baseline.mjs: compares the latest k6 summary against the most recent committed baseline; fails CI on >20% P99 regression or on crossing the 0.1% error-rate SLO. - Seed load/baselines/precheck-2026-04-23.json anchored to the SLO so the regression gate has a reference point; the first weekly workflow run (or manual dispatch with commit_baseline=true) replaces it with a real measurement via an automated PR to dev. - Add .github/workflows/load-precheck.yml: weekly cron (Mon 07:00 UTC) + workflow_dispatch. Builds precheck from governs-ai/precheck, boots it with postgres/redis service containers, runs k6, archives the summary, and runs the regression gate. Refs: GOV-566
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds the §2.5g deliverable: a k6 load test targeting
POST /api/v1/precheck, a baseline recording workflow, and an automated regression gate.load/precheck-baseline.js— ramps 10→1000 RPS over 5 minutes; asserts P99 < 50ms and error rate < 0.1%. Uses the realX-Governs-Keyauth header and a rotating payload that exercises PII/email/SSN paths.load/compare-baseline.mjs— compares the latest k6 summary against the most recent committed baseline. Fails on >20% P99 regression or on crossing the 0.1% error-rate SLO.load/baselines/precheck-2026-04-23.json— seed baseline anchored to the SLO so the regression gate has a reference point on its first CI run. The first weekly workflow run (or manual dispatch withcommit_baseline=true) replaces it with a real measurement via an automated PR back to this branch's base..github/workflows/load-precheck.yml— weekly cron (Mondays 07:00 UTC) +workflow_dispatch. Buildsgoverns-ai/precheck@mainin a job with postgres and redis service containers, waits for/api/v1/health, runs k6 end-to-end, archives the summary, and runs the regression gate.GovernsAI Tracker issue
GOV-566
Baseline capture note
I was unable to record a real local-stack baseline inside this PR — bringing up precheck in this environment requires a ~1GB spaCy-model image build that exceeds the time budget here. The baseline file committed in this PR is explicitly marked
"source": "seed"and mirrors the SLO thresholds. The first successful run of theload-precheckworkflow (either the Monday cron or a manual dispatch withcommit_baseline=true) will open a follow-up PR with the real P99/error-rate numbers.Reviewers
Tagging Nexus (code quality) and Cipher (security/arch) — both approvals required.
Test plan
k6 inspect load/precheck-baseline.jspasses (verified locally viadocker run grafana/k6:latest inspect)node load/compare-baseline.mjs --summary load/baselines/precheck-2026-04-23.jsonreportsNo regression detected(verified locally)p(99)=70) and confirm comparator exits non-zero (verified locally — 40% regression caught)workflow_dispatchonload-precheckwithcommit_baseline=trueto capture the first real baseline and confirm the auto-PR opens