update oopsla benchmark to use latest version (#196)

Co-authored-by: Craig Disselkoen <cdiss@amazon.com>
cedar-policy · Sep 30, 2024 · 851135f · 851135f
1 parent 72308fa
commit 851135f
Show file tree

Hide file tree

Showing 17 changed files with 158 additions and 174 deletions.
diff --git a/cedar-rust-hello-world/Cargo.toml b/cedar-rust-hello-world/Cargo.toml
@@ -9,7 +9,7 @@ publish = false
 serde_json = "1.0"
 
 [dependencies.cedar-policy]
-version = "4.0.0"
+version = "*"
 git = "https://github.com/cedar-policy/cedar"
 branch = "main"
 #Do not add any lines below this. CI relies on the previous line being the second-to-last line in the file

diff --git a/cedar-wasm-example/package-lock.json b/cedar-wasm-example/package-lock.json
diff --git a/cedar-wasm-example/package.json b/cedar-wasm-example/package.json
@@ -11,7 +11,7 @@
   "author": "",
   "license": "Apache-2.0",
   "dependencies": {
-    "@cedar-policy/cedar-wasm": "3.2.3"
+    "@cedar-policy/cedar-wasm": "4.1.0"
   },
   "devDependencies": {
     "@types/jest": "^29.5.12",

diff --git a/oopsla2024-benchmarks/Cargo.toml b/oopsla2024-benchmarks/Cargo.toml
@@ -7,9 +7,9 @@ publish = false
 [dependencies]
 arbitrary = "1.3"
 average = "0.14"
-cedar-policy-core = { git = "https://github.com/cedar-policy/cedar-spec", branch = "release/3.0.x", version = "=3.0.1" }
-cedar-policy-generators = { git = "https://github.com/cedar-policy/cedar-spec", branch = "release/3.0.x", version = "=3.0.1" }
-cedar-policy-validator = { git = "https://github.com/cedar-policy/cedar-spec", branch = "release/3.0.x", version = "=3.0.1" }
+cedar-policy-core = { path = "cedar-spec/cedar/cedar-policy-core", version = "*" }
+cedar-policy-generators = { path = "cedar-spec/cedar-policy-generators", version = "*" }
+cedar-policy-validator = { path = "cedar-spec/cedar/cedar-policy-validator", version = "*" }
 clap = { version = "4.3", features = ["derive"] }
 env_logger = "0.11"
 itertools = "0.12"
@@ -19,7 +19,7 @@ rand = "0.8.5"
 reqwest = { version = "0.11", features = ["json", "blocking"] }
 serde = { version = "1", features = ["derive"] }
 serde_json = "1"
-smol_str = { version = "0.2", features = ["arbitrary"] }
+smol_str = { version = "0.3", features = ["arbitrary"] }
 
 [features]
 default = []
diff --git a/oopsla2024-benchmarks/Dockerfile b/oopsla2024-benchmarks/Dockerfile
@@ -1,4 +1,4 @@
-FROM rust:1.74-bookworm
+FROM rust:1.81-bookworm
 RUN echo 'deb http://deb.debian.org/debian bookworm-backports main' >> /etc/apt/sources.list
 RUN apt-get update && apt-get install -y git python3-matplotlib python3-pandas golang-1.21-go openjdk-17-jdk vim && \
     rm -rf /var/lib/apt/lists/*
@@ -17,8 +17,12 @@ ENV PATH="${PATH}:${HOME}/openfga"
 ## run an openfga server for 100ms and then kill it. For some reason this reduces flakiness later on
 RUN timeout 0.1 openfga run --playground-enabled=false --log-level=warn || true
 
+## Clone cedar and cedar-spec
+RUN git clone https://github.com/cedar-policy/cedar-spec cedar-benchmarks/cedar-spec -b main
+RUN git clone https://github.com/cedar-policy/cedar cedar-benchmarks/cedar-spec/cedar -b main
+
 ## Install Cedar CLI so it is usable from command line
-RUN cargo install cedar-policy-cli@3.0.1
+RUN cargo install cedar-policy-cli --path cedar-benchmarks/cedar-spec/cedar/cedar-policy-cli
 
 ## Get cedar-benchmarks (benchmark harness and example app code)
 # unfortunately, `COPY src cedar-benchmarks/` doesn't do what we want, it copies

diff --git a/oopsla2024-benchmarks/src/apps.rs b/oopsla2024-benchmarks/src/apps.rs
@@ -1,11 +1,11 @@
 use arbitrary::Unstructured;
 use cedar_policy_core::{
-    ast::{Entity, EntityUID, Id, PolicyID, PolicySet},
-    entities::{EntityUidJson, JsonDeserializationErrorContext},
+    ast::{AnyId, Entity, EntityUID, PolicyID, PolicySet},
+    entities::{json::err::JsonDeserializationErrorContext, EntityUidJson},
     parser::parse_policyset,
 };
 use cedar_policy_generators::{schema::Schema as GeneratorSchema, settings::ABACSettings};
-use cedar_policy_validator::{SchemaFragment, ValidatorSchema};
+use cedar_policy_validator::{json_schema::Fragment, ValidatorSchema};
 use std::{fs::File, path::Path, process::Command};
 
 /// Everything we need for an example application used as a benchmark
@@ -54,8 +54,7 @@ impl ExampleApp {
                 let policies_path = Path::new("./benches/github/cedar").join("policies.cedar");
                 Self::load_policies(policies_path)
             },
-            openfga_authz_model_filename:
-                "./benches/github/openfga/authorization-model.json",
+            openfga_authz_model_filename: "./benches/github/openfga/authorization-model.json",
             convert_euid: Box::new(convert_github_euid),
             bespoke_generator: separate_process_bespoke_generator(
                 "./generators/github_entity_generator.py",
@@ -86,8 +85,7 @@ impl ExampleApp {
                     Path::new("./benches/github-templates/cedar").join("policies.cedar");
                 Self::load_policies(policies_path)
             },
-            openfga_authz_model_filename:
-                "./benches/github/openfga/authorization-model.json",
+            openfga_authz_model_filename: "./benches/github/openfga/authorization-model.json",
             convert_euid: Box::new(convert_github_euid),
             bespoke_generator: separate_process_bespoke_generator(
                 "./generators/github_templates_entity_generator.py",
@@ -117,8 +115,7 @@ impl ExampleApp {
                 let policies_path = Path::new("./benches/gdrive/cedar").join("policies.cedar");
                 Self::load_policies(policies_path)
             },
-            openfga_authz_model_filename:
-                "./benches/gdrive/openfga/authorization-model.json",
+            openfga_authz_model_filename: "./benches/gdrive/openfga/authorization-model.json",
             convert_euid: Box::new(convert_gdrive_euid),
             bespoke_generator: separate_process_bespoke_generator(
                 "./generators/gdrive_entity_generator.py",
@@ -149,8 +146,7 @@ impl ExampleApp {
                     Path::new("./benches/gdrive-templates/cedar").join("policies.cedar");
                 Self::load_policies(policies_path)
             },
-            openfga_authz_model_filename:
-                "./benches/gdrive/openfga/authorization-model.json",
+            openfga_authz_model_filename: "./benches/gdrive/openfga/authorization-model.json",
             convert_euid: Box::new(convert_gdrive_euid),
             bespoke_generator: separate_process_bespoke_generator(
                 "./generators/gdrive_templates_entity_generator.py",
@@ -172,7 +168,8 @@ impl ExampleApp {
         Self {
             name: "tinytodo",
             schema: {
-                let schema_path = Path::new("benches/tinytodo/cedar").join("tinytodo.cedarschema.json");
+                let schema_path =
+                    Path::new("benches/tinytodo/cedar").join("tinytodo.cedarschema.json");
                 Self::load_schema(schema_path, u)
             },
             static_policies: {
@@ -211,17 +208,17 @@ impl ExampleApp {
         // but policies' and templates' ids will be renamed to match
         // their "id" annotation, if present
         let mut new_pset = PolicySet::new();
-        let id_key = Id::from_str("id").unwrap();
+        let id_key = AnyId::from_str("id").unwrap();
         let templates = pset.templates().map(|t| match t.annotation(&id_key) {
             None => t.clone(),
-            Some(anno) => t.new_id(PolicyID::from_smolstr(anno.clone())),
+            Some(anno) => t.new_id(PolicyID::from_smolstr(anno.val.clone())),
         });
         for template in templates {
             new_pset.add_template(template).unwrap();
         }
         let policies = pset.policies().map(|p| match p.annotation(&id_key) {
             None => p.clone(),
-            Some(anno) => p.new_id(PolicyID::from_smolstr(anno.clone())),
+            Some(anno) => p.new_id(PolicyID::from_smolstr(anno.val.clone())),
         });
         for policy in policies {
             new_pset.add(policy).unwrap();
@@ -231,7 +228,7 @@ impl ExampleApp {
 
     /// Create a `GeneratorSchema` from the given filepath
     pub fn load_schema(path: impl AsRef<Path>, u: &mut Unstructured<'_>) -> GeneratorSchema {
-        let schema = SchemaFragment::from_file(File::open(path.as_ref()).unwrap_or_else(|e| {
+        let schema = Fragment::from_json_file(File::open(path.as_ref()).unwrap_or_else(|e| {
             panic!(
                 "failed to open schema file {}: {e}",
                 path.as_ref().display()
@@ -251,7 +248,8 @@ impl ExampleApp {
             enable_unspecified_apply_spec: false,
             enable_action_in_constraints: false,
         };
-        GeneratorSchema::from_schemafrag(schema, settings, u).expect("failed to generate schema")
+        GeneratorSchema::from_raw_schemafrag(schema, settings, u)
+            .expect("failed to generate schema")
     }
 
     /// Get the `ValidatorSchema` for this `ExampleApp`

diff --git a/oopsla2024-benchmarks/src/cedar_engine.rs b/oopsla2024-benchmarks/src/cedar_engine.rs
@@ -58,7 +58,8 @@ impl CedarEngine {
     pub fn execute(&self, request: Request) -> SingleExecutionReport {
         let num_context_attrs = request
             .context()
-            .map(|ctx| ctx.iter().map(|it| it.count()).unwrap_or(0))
+            .cloned()
+            .map(|ctx| ctx.into_iter().count())
             .unwrap_or(0);
         let start = Instant::now();
         let response = self
@@ -128,7 +129,8 @@ impl CedarOptEngine {
     pub fn execute(&self, request: Request, slicer: &Slicer) -> SingleExecutionReport {
         let num_context_attrs = request
             .context()
-            .map(|ctx| ctx.iter().map(|it| it.count()).unwrap_or(0))
+            .cloned()
+            .map(|ctx| ctx.into_iter().count())
             .unwrap_or(0);
         let start = Instant::now();
         let sliced = slicer

diff --git a/oopsla2024-benchmarks/src/lib.rs b/oopsla2024-benchmarks/src/lib.rs
@@ -110,14 +110,18 @@ impl MultiExecutionReport {
 
     /// Add a data point to the report
     pub fn add(&mut self, single_report: SingleExecutionReport) {
-        self.mean_dur_micros
-            .add(f64::try_from(u32::try_from(single_report.dur.as_micros()).unwrap()).unwrap());
-        self.median_dur_micros
-            .add(f64::try_from(u32::try_from(single_report.dur.as_micros()).unwrap()).unwrap());
-        self.p90_dur_micros
-            .add(f64::try_from(u32::try_from(single_report.dur.as_micros()).unwrap()).unwrap());
-        self.p99_dur_micros
-            .add(f64::try_from(u32::try_from(single_report.dur.as_micros()).unwrap()).unwrap());
+        self.mean_dur_micros.add(f64::from(
+            u32::try_from(single_report.dur.as_micros()).unwrap(),
+        ));
+        self.median_dur_micros.add(f64::from(
+            u32::try_from(single_report.dur.as_micros()).unwrap(),
+        ));
+        self.p90_dur_micros.add(f64::from(
+            u32::try_from(single_report.dur.as_micros()).unwrap(),
+        ));
+        self.p99_dur_micros.add(f64::from(
+            u32::try_from(single_report.dur.as_micros()).unwrap(),
+        ));
         match single_report.decision {
             Decision::Allow => {
                 self.allows.add(1.0);
@@ -128,16 +132,18 @@ impl MultiExecutionReport {
                 self.denies.add(1.0);
             }
         }
-        self.mean_num_errors
-            .add(f64::try_from(u32::try_from(single_report.errors.len()).unwrap()).unwrap());
+        self.mean_num_errors.add(f64::from(
+            u32::try_from(single_report.errors.len()).unwrap(),
+        ));
         match &self.err {
             Some(_) => {}
             None => {
-                self.err = single_report.errors.iter().next().cloned();
+                self.err = single_report.errors.first().cloned();
             }
         }
-        self.mean_context_attrs
-            .add(f64::try_from(u32::try_from(single_report.context_attrs).unwrap()).unwrap());
+        self.mean_context_attrs.add(f64::from(
+            u32::try_from(single_report.context_attrs).unwrap(),
+        ));
     }
 
     /// Print the report's contents to the provided stream (e.g. stdout)
@@ -222,11 +228,13 @@ impl HierarchyStats {
         for entity in hierarchy.iter() {
             self.mean_num_parents
                 .entry(entity.uid().entity_type().clone())
-                .or_insert_with(|| Mean::new())
-                .add(f64::try_from(u32::try_from(entity.ancestors().count()).unwrap()).unwrap());
+                .or_default()
+                .add(f64::from(
+                    u32::try_from(entity.ancestors().count()).unwrap(),
+                ));
         }
         self.mean_openfga_tuples
-            .add(f64::try_from(u32::try_from(openfga_tuples).unwrap()).unwrap());
+            .add(f64::from(u32::try_from(openfga_tuples).unwrap()));
     }
 
     /// Print the CSV header row that corresponds to the format in