From 7b3b52201d242e1698f0d4946ff63164ff776120 Mon Sep 17 00:00:00 2001 From: Will Beason Date: Wed, 1 Dec 2021 13:02:15 -0800 Subject: [PATCH 1/2] Benchmark AddConstraint function We didn't expect this to be problematic, but it's nice to have a benchmark for this as we do intend to make some changes to what happens when Constraints are added. Fix "ModuleSimple" so it actually compiles. I was originally against having the error check in the benchmark since it's slightly slower, but (1) the performance difference is negligible and (2) we want to be sure the CT is actually being compiled, so it's worth the minuscule performance cost. Signed-off-by: Will Beason --- .../client/client_addconstraint_bench_test.go | 59 +++++++++++++++++++ .../client/client_addtemplate_bench_test.go | 6 +- 2 files changed, 64 insertions(+), 1 deletion(-) create mode 100644 constraint/pkg/client/client_addconstraint_bench_test.go diff --git a/constraint/pkg/client/client_addconstraint_bench_test.go b/constraint/pkg/client/client_addconstraint_bench_test.go new file mode 100644 index 000000000..ac4667632 --- /dev/null +++ b/constraint/pkg/client/client_addconstraint_bench_test.go @@ -0,0 +1,59 @@ +package client + +import ( + "context" + "strconv" + "testing" + + "github.com/open-policy-agent/frameworks/constraint/pkg/client/drivers/local" + "github.com/open-policy-agent/frameworks/constraint/pkg/core/templates" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +func makeConstraint(i int, ct *templates.ConstraintTemplate) *unstructured.Unstructured { + u := &unstructured.Unstructured{} + u.SetName(strconv.Itoa(i)) + u.SetGroupVersionKind(schema.GroupVersionKind{ + Group: "constraints.gatekeeper.sh", + Version: "v1beta1", + Kind: ct.Spec.CRD.Spec.Names.Kind, + }) + + return u +} + +func BenchmarkClient_AddConstraint(b *testing.B) { + ctx := context.Background() + + ct := makeConstraintTemplate(0, makeModuleSimple) + + d := local.New() + backend, err := NewBackend(Driver(d)) + if err != nil { + b.Fatal(err) + } + + targets := Targets(&handler{}) + + c, err := backend.NewClient(targets) + if err != nil { + b.Fatal(err) + } + + _, err = c.AddTemplate(ct) + if err != nil { + b.Fatal(err) + } + + b.ResetTimer() + + for i := 0; i < b.N; i++ { + constraint := makeConstraint(i, ct) + + _, err = c.AddConstraint(ctx, constraint) + if err != nil { + b.Fatal(err) + } + } +} diff --git a/constraint/pkg/client/client_addtemplate_bench_test.go b/constraint/pkg/client/client_addtemplate_bench_test.go index c7edaf43a..4e1831d76 100644 --- a/constraint/pkg/client/client_addtemplate_bench_test.go +++ b/constraint/pkg/client/client_addtemplate_bench_test.go @@ -30,7 +30,7 @@ func makeKind(i int) string { func makeModuleSimple(i int) string { kind := makeKind(i) return fmt.Sprintf(`package %s -violation[msg] { +violation[{"msg": msg}] { input.review.object.foo == input.parameters.foo msg := sprintf("input.foo is %%v", [input.parameters.foo]) }`, kind) @@ -44,6 +44,7 @@ identical(obj, review) { obj.metadata.namespace == review.object.metadata.namespace obj.metadata.name == review.object.metadata.name } + violation[{"msg": msg}] { input.review.kind.kind == "Ingress" re_match("^(extensions|networking.k8s.io)$", input.review.kind.group) @@ -99,6 +100,9 @@ func BenchmarkClient_AddTemplate(b *testing.B) { for _, ct := range cts { _, _ = c.AddTemplate(ct) + if err != nil { + b.Fatal(err) + } } } }) From dce8923bce6c7d8df328b4ecdd225daa2561d078 Mon Sep 17 00:00:00 2001 From: Will Beason Date: Wed, 12 Jan 2022 08:15:45 -0800 Subject: [PATCH 2/2] Actually perform error check Signed-off-by: Will Beason --- constraint/pkg/client/client_addtemplate_bench_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/constraint/pkg/client/client_addtemplate_bench_test.go b/constraint/pkg/client/client_addtemplate_bench_test.go index 4e1831d76..be56c3bc8 100644 --- a/constraint/pkg/client/client_addtemplate_bench_test.go +++ b/constraint/pkg/client/client_addtemplate_bench_test.go @@ -99,7 +99,7 @@ func BenchmarkClient_AddTemplate(b *testing.B) { b.StartTimer() for _, ct := range cts { - _, _ = c.AddTemplate(ct) + _, err = c.AddTemplate(ct) if err != nil { b.Fatal(err) }