use codspeed to report benchmarks (#223)

biscuit-auth · May 26, 2024 · c7b7c95 · c7b7c95
1 parent 227f0d9
commit c7b7c95
Show file tree

Hide file tree

Showing 3 changed files with 104 additions and 17 deletions.
diff --git a/.github/workflows/codspeed.yml b/.github/workflows/codspeed.yml
@@ -0,0 +1,32 @@
+name: codspeed-benchmarks
+
+on:
+ push:
+ branches:
+ - "main"
+ pull_request:
+ # `workflow_dispatch` allows CodSpeed to trigger backtest
+ # performance analysis in order to generate initial data.
+ workflow_dispatch:
+
+jobs:
+ benchmarks:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v3
+
+ - name: Setup rust toolchain, cache and cargo-codspeed binary
+ uses: moonrepo/setup-rust@v0
+ with:
+ channel: stable
+ cache-target: release
+ bins: cargo-codspeed
+
+ - name: Build the benchmark target(s)
+ run: cargo codspeed build -p biscuit-auth
+
+ - name: Run the benchmarks
+ uses: CodSpeedHQ/action@v2
+ with:
+ run: cargo codspeed run -p biscuit-auth
+ token: ${{ secrets.CODSPEED_TOKEN }}
diff --git a/biscuit-auth/Cargo.toml b/biscuit-auth/Cargo.toml
@@ -59,6 +59,7 @@ colored-diff = "0.2.3"
 prost-build = "0.10"
 serde = { version = "1.0.130", features = ["derive"] }
 serde_json = "1.0.67"
+codspeed-bencher-compat = "2.6.0"
 
 #[build-dependencies]
 #prost-build = "0.10"

diff --git a/biscuit-auth/benches/token.rs b/biscuit-auth/benches/token.rs
@@ -1,12 +1,12 @@
-#[macro_use]
-extern crate bencher;
-
 extern crate biscuit_auth as biscuit;
 
-use bencher::Bencher;
+use std::time::Duration;
+
 use biscuit::{
- builder::*, builder_ext::BuilderExt, datalog::SymbolTable, Biscuit, KeyPair, UnverifiedBiscuit,
+ builder::*, builder_ext::BuilderExt, datalog::SymbolTable, AuthorizerLimits, Biscuit, KeyPair,
+ UnverifiedBiscuit,
 };
+use codspeed_bencher_compat::{benchmark_group, benchmark_main, Bencher};
 use rand::rngs::OsRng;
 
 fn create_block_1(b: &mut Bencher) {
@@ -245,16 +245,25 @@ fn verify_block_2(b: &mut Bencher) {
  verifier.add_fact("resource(\"file1\")");
  verifier.add_fact("operation(\"read\")");
  verifier.allow();
- verifier.authorize().unwrap();
-
+ verifier
+ .authorize_with_limits(AuthorizerLimits {
+ max_time: Duration::from_secs(10),
+ ..Default::default()
+ })
+ .unwrap();
  b.bytes = data.len() as u64;
  b.iter(|| {
  let token = Biscuit::from(&data, &root.public()).unwrap();
  let mut verifier = token.authorizer().unwrap();
  verifier.add_fact("resource(\"file1\")");
  verifier.add_fact("operation(\"read\")");
  verifier.allow();
- verifier.authorize().unwrap();
+ verifier
+ .authorize_with_limits(AuthorizerLimits {
+ max_time: Duration::from_secs(10),
+ ..Default::default()
+ })
+ .unwrap();
  });
 }
 
@@ -314,7 +323,12 @@ fn verify_block_5(b: &mut Bencher) {
  verifier.add_fact("resource(\"file1\")");
  verifier.add_fact("operation(\"read\")");
  verifier.allow();
- verifier.authorize().unwrap();
+ verifier
+ .authorize_with_limits(AuthorizerLimits {
+ max_time: Duration::from_secs(10),
+ ..Default::default()
+ })
+ .unwrap();
 
  b.bytes = data.len() as u64;
  b.iter(|| {
@@ -323,7 +337,12 @@ fn verify_block_5(b: &mut Bencher) {
  verifier.add_fact("resource(\"file1\")");
  verifier.add_fact("operation(\"read\")");
  verifier.allow();
- verifier.authorize().unwrap();
+ verifier
+ .authorize_with_limits(AuthorizerLimits {
+ max_time: Duration::from_secs(10),
+ ..Default::default()
+ })
+ .unwrap();
  });
 }
 
@@ -356,7 +375,12 @@ fn check_signature_2(b: &mut Bencher) {
  verifier.add_fact("resource(\"file1\")");
  verifier.add_fact("operation(\"read\")");
  verifier.allow();
- verifier.authorize().unwrap();
+ verifier
+ .authorize_with_limits(AuthorizerLimits {
+ max_time: Duration::from_secs(10),
+ ..Default::default()
+ })
+ .unwrap();
 
  b.bytes = data.len() as u64;
  b.iter(|| {
@@ -419,7 +443,12 @@ fn check_signature_5(b: &mut Bencher) {
  verifier.add_fact("resource(\"file1\")");
  verifier.add_fact("operation(\"read\")");
  verifier.allow();
- verifier.authorize().unwrap();
+ verifier
+ .authorize_with_limits(AuthorizerLimits {
+ max_time: Duration::from_secs(10),
+ ..Default::default()
+ })
+ .unwrap();
 
  b.bytes = data.len() as u64;
  b.iter(|| {
@@ -456,7 +485,12 @@ fn checks_block_2(b: &mut Bencher) {
  verifier.add_fact("resource(\"file1\")");
  verifier.add_fact("operation(\"read\")");
  verifier.allow();
- verifier.authorize().unwrap();
+ verifier
+ .authorize_with_limits(AuthorizerLimits {
+ max_time: Duration::from_secs(10),
+ ..Default::default()
+ })
+ .unwrap();
 
  let token = Biscuit::from(&data, &root.public()).unwrap();
  b.bytes = data.len() as u64;
@@ -465,7 +499,12 @@ fn checks_block_2(b: &mut Bencher) {
  verifier.add_fact("resource(\"file1\")");
  verifier.add_fact("operation(\"read\")");
  verifier.allow();
- verifier.authorize().unwrap();
+ verifier
+ .authorize_with_limits(AuthorizerLimits {
+ max_time: Duration::from_secs(10),
+ ..Default::default()
+ })
+ .unwrap();
  });
 }
 
@@ -498,7 +537,12 @@ fn checks_block_create_verifier2(b: &mut Bencher) {
  verifier.add_fact("resource(\"file1\")");
  verifier.add_fact("operation(\"read\")");
  verifier.allow();
- verifier.authorize().unwrap();
+ verifier
+ .authorize_with_limits(AuthorizerLimits {
+ max_time: Duration::from_secs(10),
+ ..Default::default()
+ })
+ .unwrap();
 
  let token = Biscuit::from(&data, &root.public()).unwrap();
  b.bytes = data.len() as u64;
@@ -536,15 +580,25 @@ fn checks_block_verify_only2(b: &mut Bencher) {
  verifier.add_fact("resource(\"file1\")");
  verifier.add_fact("operation(\"read\")");
  verifier.allow();
- verifier.authorize().unwrap();
+ verifier
+ .authorize_with_limits(AuthorizerLimits {
+ max_time: Duration::from_secs(10),
+ ..Default::default()
+ })
+ .unwrap();
 
  let token = Biscuit::from(&data, &root.public()).unwrap();
  b.iter(|| {
  let mut verifier = token.authorizer().unwrap();
  verifier.add_fact("resource(\"file1\")");
  verifier.add_fact("operation(\"read\")");
  verifier.allow();
- verifier.authorize().unwrap();
+ verifier
+ .authorize_with_limits(AuthorizerLimits {
+ max_time: Duration::from_secs(10),
+ ..Default::default()
+ })
+ .unwrap();
  });
 }