search

Infisical / infisical

♾ Infisical is the open-source secret management platform: Sync secrets across your team/infrastructure, prevent secret leaks, and manage internal PKI
https://infisical.com
Other
15.63k stars 971 forks source link

[ENG-105] Infisical CLI slow response times #1001

Open lauri865 opened 1 year ago

lauri865 commented 1 year ago

Describe the bug

Seeing considerably slow response times for infisical CLI.

E.g. time infisical run --path=/test -- echo "done" Can take around 8 seconds or more to run. For testing purposes, the path test contains only 1 secret. If there's referenced secret in the path, it becomes even slower by a few seconds.

To Reproduce

Steps to reproduce the behavior:

  1. time infisical run --path=/test -- echo "done"

Expected behavior

As a benchmark, the same equivalent command for doppler run takes 0.3-0.4s (20x faster). We would love to use an open source alternative, but the delta in response times impacts DX too much for us to pull the trigger at this time.

Platform you are having the issue on:

OSX 13.5.1 (MBP with M2 Pro processor)

From SyncLinear.com | ENG-105

vwbusguy commented 1 year ago

Interestingly, the local CLI from my testing of PR 1003 is much faster than the current 0.12.3 on my laptop. Here's the numbers side by side:

Infisical CLI 0.12.3

[scott@samus infisical]$ time infisical secrets set FOO=BAR
┌─────────────┬──────────────┬────────────────┐
│ SECRET NAME │ SECRET VALUE │ STATUS         │
├─────────────┼──────────────┼────────────────┤
│ FOO         │ BAR          │ SECRET CREATED │
└─────────────┴──────────────┴────────────────┘

real    0m1.331s
user    0m0.082s
sys 0m0.052s
[scott@samus infisical]$ time infisical secrets get FOO=BAR
┌─────────────┬──────────────┬─────────────┐
│ SECRET NAME │ SECRET VALUE │ SECRET TYPE │
├─────────────┼──────────────┼─────────────┤
│ FOO=BAR     │ *not found*  │ *not found* │
└─────────────┴──────────────┴─────────────┘

real    0m10.973s
user    0m0.081s
sys 0m0.054s

[scott@samus infisical]$ time infisical secrets delete --type shared FOO
secret name(s) [FOO] have been deleted from your project 

real    0m0.707s
user    0m0.063s
sys 0m0.030s

Infisical compiled with go 1.20.7 for PR #1003:

[scott@samus infisical]$ time ./infisical-merge secrets set foo=bar
┌─────────────┬──────────────┬────────────────┐
│ SECRET NAME │ SECRET VALUE │ STATUS         │
├─────────────┼──────────────┼────────────────┤
│ foo         │ bar          │ SECRET CREATED │
└─────────────┴──────────────┴────────────────┘

real    0m0.932s
user    0m0.070s
sys 0m0.050s
[scott@samus infisical]$ time ./infisical-merge secrets get foo
┌─────────────┬──────────────┬─────────────┐
│ SECRET NAME │ SECRET VALUE │ SECRET TYPE │
├─────────────┼──────────────┼─────────────┤
│ foo         │ bar          │ shared      │
└─────────────┴──────────────┴─────────────┘

real    0m1.107s
user    0m0.265s
sys 0m0.122s
[scott@samus infisical]$ time ./infisical-merge secrets delete --type=shared foo
secret name(s) [foo] have been deleted from your project 

real    0m0.517s
user    0m0.060s
sys 0m0.036s

That's a significant difference on secrets get . The current CLI is almost 11 seconds where my local compiled took 1.1s - against the same server/project from the same machine. The others commands were faster, too, but probably within a reasonable margin of error.

I think it's the newer go version (1.20 vs 1.19), since export has a similar improvement (10.961s vs 0.810s local-compile) and I didn't touch export.go in my PR.

maidul98 commented 1 year ago

What region are you making these cli calls from? @lauri865

vwbusguy commented 1 year ago

In my case, Infisical is running on newer gen EPYC baremetal Kubernetes nodes that are roughly four miles away or about 20 minutes by bicycle in Southern California.

lauri865 commented 1 year ago

From Sweden, but it shouldn't matter. Network latency alone can't make up for this.

adelowo commented 1 year ago

Same here. The run command seems to take forever to run. This definitely cannot be latency like @lauri865 suggested. My internet is >= 200Mbps at the moment

adelowo commented 1 year ago

For some weird reason, this wasn't working until I did infisical login and the run command started finishing quickly. I'd let the token re-expire again and try to debug.

but definitely weird behaviour there

amiranvarov commented 4 months ago

I'm having this issue as well. Developer experience is terrible only because of this. I wonder why the team is not responding to this thread? I'm considering to stick to doppler only because of this latency

maidul98 commented 3 months ago

Hey @adelowo and @amiranvarov what region are you located in? We may need to deploy servers closer to your regions for faster respones

amiranvarov commented 3 months ago

hey @maidul98 , i'm located in Estonia, EU.

One more thing, i had a latency of about 9 seconds. But turned out to be because of my Office Wifi. Because when i switched my Internet connection from another place, it worked somewhat better. But still there is a second with something latency. would be nice if you could place servers nearby my specified place every second counts when you develop locally and need ENV variables injected

Exmirai commented 2 months ago

@maidul98 It's not a network issue. Actually CLI itself command processing time is awfully long. I have self-hosted instance and direct request to the api takes around 100ms and SAME execution of the same command using CLI takes up to 10-15 seconds! infisical_cli_bugrep

maidul98 commented 2 months ago

@Exmirai, what version of the CLI are you on currently?