Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

update oopsla benchmark to use latest version #196

Merged
merged 10 commits into from
Sep 30, 2024
Merged

update oopsla benchmark to use latest version #196

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
b5f14a7
updates for v4.0
khieta Sep 23, 2024
811b8c6
apply clippy suggestions
khieta Sep 23, 2024
0f7ba42
add --schema-format json
khieta Sep 23, 2024
06d118a
Merge branch 'main' into khieta/oopsla-upgrade
khieta Sep 23, 2024
f3dcac8
update dockerfile
khieta Sep 23, 2024
7c81095
fix dockerfile
khieta Sep 23, 2024
0615eed
Update oopsla2024-benchmarks/src/tinytodo_generator/cedar.rs
khieta Sep 30, 2024
f5f3327
bump versions
khieta Sep 30, 2024
37d1bc2
fix build
khieta Sep 30, 2024
81535ea
updates
khieta Sep 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion cedar-rust-hello-world/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ publish = false
serde_json = "1.0"

[dependencies.cedar-policy]
version = "4.0.0"
version = "*"
git = "https://github.com/cedar-policy/cedar"
branch = "main"
#Do not add any lines below this. CI relies on the previous line being the second-to-last line in the file
Expand Down
8 changes: 4 additions & 4 deletions cedar-wasm-example/package-lock.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion cedar-wasm-example/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
"author": "",
"license": "Apache-2.0",
"dependencies": {
"@cedar-policy/cedar-wasm": "3.2.3"
"@cedar-policy/cedar-wasm": "4.1.0"
},
"devDependencies": {
"@types/jest": "^29.5.12",
Expand Down
8 changes: 4 additions & 4 deletions oopsla2024-benchmarks/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,9 @@ publish = false
[dependencies]
arbitrary = "1.3"
average = "0.14"
cedar-policy-core = { git = "https://github.com/cedar-policy/cedar-spec", branch = "release/3.0.x", version = "=3.0.1" }
cedar-policy-generators = { git = "https://github.com/cedar-policy/cedar-spec", branch = "release/3.0.x", version = "=3.0.1" }
cedar-policy-validator = { git = "https://github.com/cedar-policy/cedar-spec", branch = "release/3.0.x", version = "=3.0.1" }
cedar-policy-core = { path = "cedar-spec/cedar/cedar-policy-core", version = "*" }
cedar-policy-generators = { path = "cedar-spec/cedar-policy-generators", version = "*" }
cedar-policy-validator = { path = "cedar-spec/cedar/cedar-policy-validator", version = "*" }
clap = { version = "4.3", features = ["derive"] }
env_logger = "0.11"
itertools = "0.12"
Expand All @@ -19,7 +19,7 @@ rand = "0.8.5"
reqwest = { version = "0.11", features = ["json", "blocking"] }
serde = { version = "1", features = ["derive"] }
serde_json = "1"
smol_str = { version = "0.2", features = ["arbitrary"] }
smol_str = { version = "0.3", features = ["arbitrary"] }

[features]
default = []
8 changes: 6 additions & 2 deletions oopsla2024-benchmarks/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM rust:1.74-bookworm
FROM rust:1.81-bookworm
RUN echo 'deb http://deb.debian.org/debian bookworm-backports main' >> /etc/apt/sources.list
RUN apt-get update && apt-get install -y git python3-matplotlib python3-pandas golang-1.21-go openjdk-17-jdk vim && \
rm -rf /var/lib/apt/lists/*
Expand All @@ -13,12 +13,16 @@
RUN cd openfga && git apply openfga-timing.patch
ENV GOPROXY="direct"
RUN cd openfga && go build -o ./openfga ./cmd/openfga
ENV PATH="${PATH}:${HOME}/openfga"

Check warning on line 16 in oopsla2024-benchmarks/Dockerfile

View workflow job for this annotation

GitHub Actions / OOPSLA2024 benchmarks

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$HOME'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/
## run an openfga server for 100ms and then kill it. For some reason this reduces flakiness later on
RUN timeout 0.1 openfga run --playground-enabled=false --log-level=warn || true

## Clone cedar and cedar-spec
RUN git clone https://github.com/cedar-policy/cedar-spec cedar-benchmarks/cedar-spec -b main
RUN git clone https://github.com/cedar-policy/cedar cedar-benchmarks/cedar-spec/cedar -b main

## Install Cedar CLI so it is usable from command line
RUN cargo install cedar-policy-cli@3.0.1
RUN cargo install cedar-policy-cli --path cedar-benchmarks/cedar-spec/cedar/cedar-policy-cli

## Get cedar-benchmarks (benchmark harness and example app code)
# unfortunately, `COPY src cedar-benchmarks/` doesn't do what we want, it copies
Expand Down
32 changes: 15 additions & 17 deletions oopsla2024-benchmarks/src/apps.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
use arbitrary::Unstructured;
use cedar_policy_core::{
ast::{Entity, EntityUID, Id, PolicyID, PolicySet},
entities::{EntityUidJson, JsonDeserializationErrorContext},
ast::{AnyId, Entity, EntityUID, PolicyID, PolicySet},
entities::{json::err::JsonDeserializationErrorContext, EntityUidJson},
parser::parse_policyset,
};
use cedar_policy_generators::{schema::Schema as GeneratorSchema, settings::ABACSettings};
use cedar_policy_validator::{SchemaFragment, ValidatorSchema};
use cedar_policy_validator::{json_schema::Fragment, ValidatorSchema};
use std::{fs::File, path::Path, process::Command};

/// Everything we need for an example application used as a benchmark
Expand Down Expand Up @@ -54,8 +54,7 @@ impl ExampleApp {
let policies_path = Path::new("./benches/github/cedar").join("policies.cedar");
Self::load_policies(policies_path)
},
openfga_authz_model_filename:
"./benches/github/openfga/authorization-model.json",
openfga_authz_model_filename: "./benches/github/openfga/authorization-model.json",
convert_euid: Box::new(convert_github_euid),
bespoke_generator: separate_process_bespoke_generator(
"./generators/github_entity_generator.py",
Expand Down Expand Up @@ -86,8 +85,7 @@ impl ExampleApp {
Path::new("./benches/github-templates/cedar").join("policies.cedar");
Self::load_policies(policies_path)
},
openfga_authz_model_filename:
"./benches/github/openfga/authorization-model.json",
openfga_authz_model_filename: "./benches/github/openfga/authorization-model.json",
convert_euid: Box::new(convert_github_euid),
bespoke_generator: separate_process_bespoke_generator(
"./generators/github_templates_entity_generator.py",
Expand Down Expand Up @@ -117,8 +115,7 @@ impl ExampleApp {
let policies_path = Path::new("./benches/gdrive/cedar").join("policies.cedar");
Self::load_policies(policies_path)
},
openfga_authz_model_filename:
"./benches/gdrive/openfga/authorization-model.json",
openfga_authz_model_filename: "./benches/gdrive/openfga/authorization-model.json",
convert_euid: Box::new(convert_gdrive_euid),
bespoke_generator: separate_process_bespoke_generator(
"./generators/gdrive_entity_generator.py",
Expand Down Expand Up @@ -149,8 +146,7 @@ impl ExampleApp {
Path::new("./benches/gdrive-templates/cedar").join("policies.cedar");
Self::load_policies(policies_path)
},
openfga_authz_model_filename:
"./benches/gdrive/openfga/authorization-model.json",
openfga_authz_model_filename: "./benches/gdrive/openfga/authorization-model.json",
convert_euid: Box::new(convert_gdrive_euid),
bespoke_generator: separate_process_bespoke_generator(
"./generators/gdrive_templates_entity_generator.py",
Expand All @@ -172,7 +168,8 @@ impl ExampleApp {
Self {
name: "tinytodo",
schema: {
let schema_path = Path::new("benches/tinytodo/cedar").join("tinytodo.cedarschema.json");
let schema_path =
Path::new("benches/tinytodo/cedar").join("tinytodo.cedarschema.json");
Self::load_schema(schema_path, u)
},
static_policies: {
Expand Down Expand Up @@ -211,17 +208,17 @@ impl ExampleApp {
// but policies' and templates' ids will be renamed to match
// their "id" annotation, if present
let mut new_pset = PolicySet::new();
let id_key = Id::from_str("id").unwrap();
let id_key = AnyId::from_str("id").unwrap();
let templates = pset.templates().map(|t| match t.annotation(&id_key) {
None => t.clone(),
Some(anno) => t.new_id(PolicyID::from_smolstr(anno.clone())),
Some(anno) => t.new_id(PolicyID::from_smolstr(anno.val.clone())),
});
for template in templates {
new_pset.add_template(template).unwrap();
}
let policies = pset.policies().map(|p| match p.annotation(&id_key) {
None => p.clone(),
Some(anno) => p.new_id(PolicyID::from_smolstr(anno.clone())),
Some(anno) => p.new_id(PolicyID::from_smolstr(anno.val.clone())),
});
for policy in policies {
new_pset.add(policy).unwrap();
Expand All @@ -231,7 +228,7 @@ impl ExampleApp {

/// Create a `GeneratorSchema` from the given filepath
pub fn load_schema(path: impl AsRef<Path>, u: &mut Unstructured<'_>) -> GeneratorSchema {
let schema = SchemaFragment::from_file(File::open(path.as_ref()).unwrap_or_else(|e| {
let schema = Fragment::from_json_file(File::open(path.as_ref()).unwrap_or_else(|e| {
panic!(
"failed to open schema file {}: {e}",
path.as_ref().display()
Expand All @@ -251,7 +248,8 @@ impl ExampleApp {
enable_unspecified_apply_spec: false,
enable_action_in_constraints: false,
};
GeneratorSchema::from_schemafrag(schema, settings, u).expect("failed to generate schema")
GeneratorSchema::from_raw_schemafrag(schema, settings, u)
.expect("failed to generate schema")
}

/// Get the `ValidatorSchema` for this `ExampleApp`
Expand Down
6 changes: 4 additions & 2 deletions oopsla2024-benchmarks/src/cedar_engine.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,8 @@ impl CedarEngine {
pub fn execute(&self, request: Request) -> SingleExecutionReport {
let num_context_attrs = request
.context()
.map(|ctx| ctx.iter().map(|it| it.count()).unwrap_or(0))
.cloned()
.map(|ctx| ctx.into_iter().count())
.unwrap_or(0);
let start = Instant::now();
let response = self
Expand Down Expand Up @@ -128,7 +129,8 @@ impl CedarOptEngine {
pub fn execute(&self, request: Request, slicer: &Slicer) -> SingleExecutionReport {
let num_context_attrs = request
.context()
.map(|ctx| ctx.iter().map(|it| it.count()).unwrap_or(0))
.cloned()
.map(|ctx| ctx.into_iter().count())
.unwrap_or(0);
let start = Instant::now();
let sliced = slicer
Expand Down
40 changes: 24 additions & 16 deletions oopsla2024-benchmarks/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -110,14 +110,18 @@ impl MultiExecutionReport {

/// Add a data point to the report
pub fn add(&mut self, single_report: SingleExecutionReport) {
self.mean_dur_micros
.add(f64::try_from(u32::try_from(single_report.dur.as_micros()).unwrap()).unwrap());
self.median_dur_micros
.add(f64::try_from(u32::try_from(single_report.dur.as_micros()).unwrap()).unwrap());
self.p90_dur_micros
.add(f64::try_from(u32::try_from(single_report.dur.as_micros()).unwrap()).unwrap());
self.p99_dur_micros
.add(f64::try_from(u32::try_from(single_report.dur.as_micros()).unwrap()).unwrap());
self.mean_dur_micros.add(f64::from(
u32::try_from(single_report.dur.as_micros()).unwrap(),
));
self.median_dur_micros.add(f64::from(
u32::try_from(single_report.dur.as_micros()).unwrap(),
));
self.p90_dur_micros.add(f64::from(
u32::try_from(single_report.dur.as_micros()).unwrap(),
));
self.p99_dur_micros.add(f64::from(
u32::try_from(single_report.dur.as_micros()).unwrap(),
));
match single_report.decision {
Decision::Allow => {
self.allows.add(1.0);
Expand All @@ -128,16 +132,18 @@ impl MultiExecutionReport {
self.denies.add(1.0);
}
}
self.mean_num_errors
.add(f64::try_from(u32::try_from(single_report.errors.len()).unwrap()).unwrap());
self.mean_num_errors.add(f64::from(
u32::try_from(single_report.errors.len()).unwrap(),
));
match &self.err {
Some(_) => {}
None => {
self.err = single_report.errors.iter().next().cloned();
self.err = single_report.errors.first().cloned();
}
}
self.mean_context_attrs
.add(f64::try_from(u32::try_from(single_report.context_attrs).unwrap()).unwrap());
self.mean_context_attrs.add(f64::from(
u32::try_from(single_report.context_attrs).unwrap(),
));
}

/// Print the report's contents to the provided stream (e.g. stdout)
Expand Down Expand Up @@ -222,11 +228,13 @@ impl HierarchyStats {
for entity in hierarchy.iter() {
self.mean_num_parents
.entry(entity.uid().entity_type().clone())
.or_insert_with(|| Mean::new())
.add(f64::try_from(u32::try_from(entity.ancestors().count()).unwrap()).unwrap());
.or_default()
.add(f64::from(
u32::try_from(entity.ancestors().count()).unwrap(),
));
}
self.mean_openfga_tuples
.add(f64::try_from(u32::try_from(openfga_tuples).unwrap()).unwrap());
.add(f64::from(u32::try_from(openfga_tuples).unwrap()));
}

/// Print the CSV header row that corresponds to the format in
Expand Down
Loading
Loading