bump runtime limits due to slow github actions workers

biscuit-auth · Nov 29, 2024 · a1cdb6b · a1cdb6b
1 parent b852ee0
commit a1cdb6b
Show file tree

Hide file tree

Showing 4 changed files with 31 additions and 3 deletions.
diff --git a/biscuit-auth/examples/third_party.rs b/biscuit-auth/examples/third_party.rs
@@ -1,7 +1,9 @@
+use std::time::Duration;
+
 use biscuit_auth::{
     builder::{Algorithm, AuthorizerBuilder, BlockBuilder},
     builder_ext::AuthorizerExt,
-    datalog::SymbolTable,
+    datalog::{RunLimits, SymbolTable},
     Biscuit, KeyPair,
 };
 use rand::{prelude::StdRng, SeedableRng};
@@ -36,6 +38,10 @@ fn main() {
 
     let mut authorizer = AuthorizerBuilder::new()
         .allow_all()
+        .limits(RunLimits {
+            max_time: Duration::from_secs(10),
+            ..Default::default()
+        })
         .build(&biscuit1)
         .unwrap();
 
@@ -44,6 +50,10 @@ fn main() {
 
     let mut authorizer = AuthorizerBuilder::new()
         .allow_all()
+        .limits(RunLimits {
+            max_time: Duration::from_secs(10),
+            ..Default::default()
+        })
         .build(&biscuit2)
         .unwrap();
 

diff --git a/biscuit-auth/src/token/authorizer.rs b/biscuit-auth/src/token/authorizer.rs
@@ -1093,7 +1093,7 @@ mod tests {
             )
             .unwrap()
             .limits(AuthorizerLimits {
-                max_time: Duration::from_millis(10), //Set 10 milliseconds as the maximum time allowed for the authorization due to "cheap" worker on GitHub Actions
+                max_time: Duration::from_secs(10), //Set 10 seconds as the maximum time allowed for the authorization due to "cheap" worker on GitHub Actions
                 ..Default::default()
             })
             .build(&biscuit2)

diff --git a/biscuit-auth/src/token/mod.rs b/biscuit-auth/src/token/mod.rs
@@ -1384,6 +1384,10 @@ mod tests {
             .check("check if bytes($0), { hex:00000000, hex:0102AB }.contains($0)")
             .unwrap()
             .allow_all()
+            .limits(AuthorizerLimits {
+                max_time: Duration::from_secs(10),
+                ..Default::default()
+            })
             .build(&biscuit2)
             .unwrap();
 

diff --git a/biscuit-auth/tests/macros.rs b/biscuit-auth/tests/macros.rs
@@ -75,7 +75,13 @@ fn authorizer_macro() {
       "#
     );
 
-    let authorizer = b.build_unauthenticated().unwrap();
+    let authorizer = b
+        .limits(RunLimits {
+            max_time: Duration::from_secs(10),
+            ..Default::default()
+        })
+        .build_unauthenticated()
+        .unwrap();
     assert_eq!(
         authorizer.dump_code(),
         r#"appended(true);
@@ -95,6 +101,10 @@ allow if true;
 #[test]
 fn authorizer_macro_trailing_comma() {
     let a = authorizer!(r#"fact("test", {my_key});"#, my_key = "my_value",)
+        .limits(RunLimits {
+            max_time: Duration::from_secs(10),
+            ..Default::default()
+        })
         .build_unauthenticated()
         .unwrap();
     assert_eq!(
@@ -261,6 +271,10 @@ fn json() {
           $value.get("id") == $id,
           $value.get("roles").contains("admin");"#
     )
+    .limits(RunLimits {
+        max_time: Duration::from_secs(10),
+        ..Default::default()
+    })
     .build(&biscuit)
     .unwrap();
     assert_eq!(