From c7b7c95bfe5fde8ba4364b5cc76ce278402a38cf Mon Sep 17 00:00:00 2001
From: Geoffroy Couprie <contact@geoffroycouprie.com>
Date: Sun, 26 May 2024 14:43:56 +0200
Subject: [PATCH] use codspeed to report benchmarks (#223)

---
 .github/workflows/codspeed.yml | 32 +++++++++++++
 biscuit-auth/Cargo.toml        |  1 +
 biscuit-auth/benches/token.rs  | 88 +++++++++++++++++++++++++++-------
 3 files changed, 104 insertions(+), 17 deletions(-)
 create mode 100644 .github/workflows/codspeed.yml

diff --git a/.github/workflows/codspeed.yml b/.github/workflows/codspeed.yml
new file mode 100644
index 00000000..bc73f081
--- /dev/null
+++ b/.github/workflows/codspeed.yml
@@ -0,0 +1,32 @@
+name: codspeed-benchmarks
+
+on:
+  push:
+    branches:
+      - "main"
+  pull_request:
+  # `workflow_dispatch` allows CodSpeed to trigger backtest
+  # performance analysis in order to generate initial data.
+  workflow_dispatch:
+
+jobs:
+  benchmarks:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Setup rust toolchain, cache and cargo-codspeed binary
+        uses: moonrepo/setup-rust@v0
+        with:
+          channel: stable
+          cache-target: release
+          bins: cargo-codspeed
+
+      - name: Build the benchmark target(s)
+        run: cargo codspeed build -p biscuit-auth
+
+      - name: Run the benchmarks
+        uses: CodSpeedHQ/action@v2
+        with:
+          run: cargo codspeed run -p biscuit-auth
+          token: ${{ secrets.CODSPEED_TOKEN }}
\ No newline at end of file
diff --git a/biscuit-auth/Cargo.toml b/biscuit-auth/Cargo.toml
index 8e6b0148..4e100841 100644
--- a/biscuit-auth/Cargo.toml
+++ b/biscuit-auth/Cargo.toml
@@ -59,6 +59,7 @@ colored-diff = "0.2.3"
 prost-build = "0.10"
 serde = { version = "1.0.130", features = ["derive"] }
 serde_json = "1.0.67"
+codspeed-bencher-compat = "2.6.0"
 
 #[build-dependencies]
 #prost-build = "0.10"
diff --git a/biscuit-auth/benches/token.rs b/biscuit-auth/benches/token.rs
index 814b6e79..e68279dd 100644
--- a/biscuit-auth/benches/token.rs
+++ b/biscuit-auth/benches/token.rs
@@ -1,12 +1,12 @@
-#[macro_use]
-extern crate bencher;
-
 extern crate biscuit_auth as biscuit;
 
-use bencher::Bencher;
+use std::time::Duration;
+
 use biscuit::{
-    builder::*, builder_ext::BuilderExt, datalog::SymbolTable, Biscuit, KeyPair, UnverifiedBiscuit,
+    builder::*, builder_ext::BuilderExt, datalog::SymbolTable, AuthorizerLimits, Biscuit, KeyPair,
+    UnverifiedBiscuit,
 };
+use codspeed_bencher_compat::{benchmark_group, benchmark_main, Bencher};
 use rand::rngs::OsRng;
 
 fn create_block_1(b: &mut Bencher) {
@@ -245,8 +245,12 @@ fn verify_block_2(b: &mut Bencher) {
     verifier.add_fact("resource(\"file1\")");
     verifier.add_fact("operation(\"read\")");
     verifier.allow();
-    verifier.authorize().unwrap();
-
+    verifier
+        .authorize_with_limits(AuthorizerLimits {
+            max_time: Duration::from_secs(10),
+            ..Default::default()
+        })
+        .unwrap();
     b.bytes = data.len() as u64;
     b.iter(|| {
         let token = Biscuit::from(&data, &root.public()).unwrap();
@@ -254,7 +258,12 @@ fn verify_block_2(b: &mut Bencher) {
         verifier.add_fact("resource(\"file1\")");
         verifier.add_fact("operation(\"read\")");
         verifier.allow();
-        verifier.authorize().unwrap();
+        verifier
+            .authorize_with_limits(AuthorizerLimits {
+                max_time: Duration::from_secs(10),
+                ..Default::default()
+            })
+            .unwrap();
     });
 }
 
@@ -314,7 +323,12 @@ fn verify_block_5(b: &mut Bencher) {
     verifier.add_fact("resource(\"file1\")");
     verifier.add_fact("operation(\"read\")");
     verifier.allow();
-    verifier.authorize().unwrap();
+    verifier
+        .authorize_with_limits(AuthorizerLimits {
+            max_time: Duration::from_secs(10),
+            ..Default::default()
+        })
+        .unwrap();
 
     b.bytes = data.len() as u64;
     b.iter(|| {
@@ -323,7 +337,12 @@ fn verify_block_5(b: &mut Bencher) {
         verifier.add_fact("resource(\"file1\")");
         verifier.add_fact("operation(\"read\")");
         verifier.allow();
-        verifier.authorize().unwrap();
+        verifier
+            .authorize_with_limits(AuthorizerLimits {
+                max_time: Duration::from_secs(10),
+                ..Default::default()
+            })
+            .unwrap();
     });
 }
 
@@ -356,7 +375,12 @@ fn check_signature_2(b: &mut Bencher) {
     verifier.add_fact("resource(\"file1\")");
     verifier.add_fact("operation(\"read\")");
     verifier.allow();
-    verifier.authorize().unwrap();
+    verifier
+        .authorize_with_limits(AuthorizerLimits {
+            max_time: Duration::from_secs(10),
+            ..Default::default()
+        })
+        .unwrap();
 
     b.bytes = data.len() as u64;
     b.iter(|| {
@@ -419,7 +443,12 @@ fn check_signature_5(b: &mut Bencher) {
     verifier.add_fact("resource(\"file1\")");
     verifier.add_fact("operation(\"read\")");
     verifier.allow();
-    verifier.authorize().unwrap();
+    verifier
+        .authorize_with_limits(AuthorizerLimits {
+            max_time: Duration::from_secs(10),
+            ..Default::default()
+        })
+        .unwrap();
 
     b.bytes = data.len() as u64;
     b.iter(|| {
@@ -456,7 +485,12 @@ fn checks_block_2(b: &mut Bencher) {
     verifier.add_fact("resource(\"file1\")");
     verifier.add_fact("operation(\"read\")");
     verifier.allow();
-    verifier.authorize().unwrap();
+    verifier
+        .authorize_with_limits(AuthorizerLimits {
+            max_time: Duration::from_secs(10),
+            ..Default::default()
+        })
+        .unwrap();
 
     let token = Biscuit::from(&data, &root.public()).unwrap();
     b.bytes = data.len() as u64;
@@ -465,7 +499,12 @@ fn checks_block_2(b: &mut Bencher) {
         verifier.add_fact("resource(\"file1\")");
         verifier.add_fact("operation(\"read\")");
         verifier.allow();
-        verifier.authorize().unwrap();
+        verifier
+            .authorize_with_limits(AuthorizerLimits {
+                max_time: Duration::from_secs(10),
+                ..Default::default()
+            })
+            .unwrap();
     });
 }
 
@@ -498,7 +537,12 @@ fn checks_block_create_verifier2(b: &mut Bencher) {
     verifier.add_fact("resource(\"file1\")");
     verifier.add_fact("operation(\"read\")");
     verifier.allow();
-    verifier.authorize().unwrap();
+    verifier
+        .authorize_with_limits(AuthorizerLimits {
+            max_time: Duration::from_secs(10),
+            ..Default::default()
+        })
+        .unwrap();
 
     let token = Biscuit::from(&data, &root.public()).unwrap();
     b.bytes = data.len() as u64;
@@ -536,7 +580,12 @@ fn checks_block_verify_only2(b: &mut Bencher) {
     verifier.add_fact("resource(\"file1\")");
     verifier.add_fact("operation(\"read\")");
     verifier.allow();
-    verifier.authorize().unwrap();
+    verifier
+        .authorize_with_limits(AuthorizerLimits {
+            max_time: Duration::from_secs(10),
+            ..Default::default()
+        })
+        .unwrap();
 
     let token = Biscuit::from(&data, &root.public()).unwrap();
     b.iter(|| {
@@ -544,7 +593,12 @@ fn checks_block_verify_only2(b: &mut Bencher) {
         verifier.add_fact("resource(\"file1\")");
         verifier.add_fact("operation(\"read\")");
         verifier.allow();
-        verifier.authorize().unwrap();
+        verifier
+            .authorize_with_limits(AuthorizerLimits {
+                max_time: Duration::from_secs(10),
+                ..Default::default()
+            })
+            .unwrap();
     });
 }