Merge pull request 'Implement benchmark build stage on Dockerfile' (#15) from henriquehbr/rdo:benchmark-container into main

Reviewed-on: https://codeberg.org/sw1tchbl4d3/rdo/pulls/15

Makefile

@@ -28,3 +28,12 @@ uninstall:
 
 clean:
 	rm rdo
+
+bench-clean:
+	docker rmi -f rdo-benchmark
+
+bench-build: bench-clean
+	docker buildx build -t rdo-benchmark -f benchmark/Dockerfile .
+
+bench-run:
+	docker run --rm -t rdo-benchmark

README.md

@@ -50,7 +50,7 @@ session_ttl=5
 
 ### Benchmarks
 
-The benchmark: Execute `whoami` (GNU coreutils 8.32) 1000 times.
+The benchmark: Execute `whoami` (GNU coreutils 9.1) 10000 times.
 
 Yes, this is a silly benchmark. Yes, the performance gain in real world application is close to nothing.
 
@@ -58,32 +58,21 @@ But it's fun!
 
 |Program|Time|
 --- | --- 
-sudo 1.9.9 | 22.12s
-opendoas 6.8.2 | 13.5s
-rdo 1.4 | 3.5s
-Baseline | 2.1s
+sudo 1.19.11 | 46.85s
+doas 6.8.2 | 32.57s
+rdo 1.4.2 | 13.37s
+Baseline | 7.95s
 
-Baseline here is how long it took without any wrapper to make it root.
+> Baseline here is how long it took without any wrapper to make it root.
 
-These benchmarks were done on a single core of an `AMD FX-8350` processor, on Artix Linux version `5.16.12-zen1-1-zen`.
+These benchmarks were done on a `Intel i5 7200U` processor, on a Debian 12 Docker container.
 
-`sudo` and `opendoas` were pulled from the pacman repos, rdo via AUR.
+`sudo` and `doas` were pulled from the Debian repos, `rdo` was compiled locally.
 
 All configs were kept as default, except allow the `wheel` group on both + enable `persist` on doas.
 
-Script used:
-```sh
-#!/bin/sh
+The benchmark can be executed through a Docker container by running:
 
-$1 whoami
-
-current=$(date +%s.%N)
-for i in {1..1000}; do
-	$1 whoami 2>&1 >/dev/null
-done
-done=$(date +%s.%N)
-
-echo $done - $current | bc
 ```
-
-The script requires `bc` to be installed, for floating point arithmetics.
+make bench-build bench-run
+```

benchmark/Dockerfile

@@ -0,0 +1,42 @@
+# syntax=docker/dockerfile-upstream:master-labs
+FROM debian:bookworm-slim as base
+
+ADD https://codeberg.org/sw1tchbl4d3/stdinify.git#main /stdinify
+
+ENV DEBIAN_FRONTEND noninteractive
+
+# install build dependencies and benchmarked programs
+RUN apt-get update
+RUN apt-get -y upgrade
+RUN apt-get -y --no-install-recommends install make gcc libc6-dev time sudo=1.9.11p3-2 doas=6.8.2-1+b1
+RUN apt-get clean
+RUN rm -rf /var/lib/apt/lists/*
+
+# create normal user
+RUN useradd -m rdo
+RUN printf "rdo123\nrdo123" | passwd rdo
+RUN groupadd wheel
+RUN usermod -a -G wheel rdo
+
+WORKDIR /rdo
+
+# build rdo
+RUN --mount=type=bind,target=/rdo,rw \
+    make -j "$(nproc)" && \
+    make install
+
+WORKDIR /stdinify
+
+# build stdinify
+RUN make -j "$(nproc)"
+RUN make install
+
+COPY --link benchmark/doas.conf /etc
+COPY --link --chown=0:0 --chmod=440 benchmark/sudoers /etc
+COPY --link benchmark/run benchmark/whoami-test /usr/local/bin/
+
+USER rdo
+
+WORKDIR /home/rdo
+
+ENTRYPOINT ["run", "sudo", "doas", "rdo"]

benchmark/doas.conf

@@ -0,0 +1 @@
+permit persist rdo as root

benchmark/run

@@ -0,0 +1,23 @@
+#!/bin/sh
+
+programs="$@"
+
+if [ -z "$programs" ]; then
+    echo 'No programs specified (rdo, doas or sudo)'
+    exit 1
+fi
+
+for program in $programs; do
+    if ! which "$program" >/dev/null 2>&1; then
+        echo "Command not found: $program"
+        exit 1
+    fi
+done
+
+for program in $programs; do
+    time -f "$program %es" -o benchmark-results -a whoami-test "$program"
+done
+
+time -f "baseline %es" -o benchmark-results -a whoami-test
+
+cat benchmark-results

benchmark/sudoers

@@ -0,0 +1 @@
+%wheel ALL=(ALL:ALL) ALL

benchmark/whoami-test

@@ -0,0 +1,7 @@
+#!/bin/sh
+
+program="$1"
+
+for _ in $(seq 1 10000); do
+    echo rdo123 | $program whoami >/dev/null
+done