aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeLines
* Change entrypoint tests to integration testsGravatar MarkKoz2021-12-27-35/+25
| | | | No more mocks!
* Skip coverage of if __name__ == "__main__":Gravatar MarkKoz2021-12-26-1/+1
|
* Add tests for main()Gravatar MarkKoz2021-12-26-0/+49
|
* Forward the NsJail exit code from the entrypointGravatar MarkKoz2021-12-26-0/+4
|
* Test argument parsing for entry pointGravatar MarkKoz2021-12-26-0/+51
|
* Add option to pass Python args via main entry pointGravatar MarkKoz2021-12-26-8/+24
| | | | | | Python args are specified as a single string because if they were positional, there wouldn't be a way to distinguish them from NsJail's args.
* Fix #124 passing NsJail arguments via main entrypointGravatar MarkKoz2021-12-26-1/+1
|
* Merge pull request #136 from python-discord/feat/tests/135/rel-path-coverageGravatar Hassan Abouelela2021-12-29-7/+6
|\ | | | | Store relative paths in coverage data
| * Store relative paths in coverage dataGravatar MarkKoz2021-12-28-7/+6
|/ | | | | | | Also remove the reliance on the container needing to mount the host's files to the same directory during local testing. Fix #135
* Do not run Kubernetes deployment on self-hosted runnerGravatar Joe Banks2021-12-26-1/+1
|
* Merge pull request #127 from python-discord/feat/nsjail/102/cgroupv2Gravatar Joe Banks2021-12-26-1060/+378
|\
| * CI: disable setup-python action on self-hosted runnerGravatar MarkKoz2021-12-25-1/+1
| | | | | | | | | | | | Python 3.9 is available on the self-hosted runner and is sufficient to run coveralls. Trying to get the setup-python action supported on the self-hosted runner proved to be problematic.
| * CI: create a matrix with a self-hosted runner with cgroupv2Gravatar MarkKoz2021-12-21-6/+18
| | | | | | | | | | | | The self-hosted runner has cgroupv2 enabled. It's only needed to run the tests on a cgroupv2 system. Only lint, push the image, and deploy it on one runner to avoid redundancy.
| * Ignore swap limits if the swap controller is disabledGravatar MarkKoz2021-12-21-2/+70
| | | | | | | | | | | | | | | | Fix NsJail failing to set the swap limit because it tries to write to a file that doesn't exist. Log a warning if swap is on, the swap controller is disabled, and the NsJail config is attempting to limit swap memory.
| * Remove dynamic cgroupv1 creationGravatar MarkKoz2021-12-21-64/+27
| | | | | | | | | | Memory limit of the parent doesn't need to be modified because NsJail is now able to set the swap limit itself.
| * Add a test for #83Gravatar MarkKoz2021-12-21-0/+123
| |
| * Show a warning if use_cgroupv2 is true but only a v1 fs is detectedGravatar MarkKoz2021-12-21-0/+7
| | | | | | | | | | | | The NsJail config can be overridden by command-line arguments. However, there is no way to negate `--use_cgroupv2`. Hence, manual correction of the config by the user is required.
| * Disable pip version checks in the Docker imageGravatar MarkKoz2021-12-21-0/+1
| |
| * Set NsJail log level to warning during API testsGravatar MarkKoz2021-12-21-0/+3
| |
| * Install numpy before running tests locallyGravatar MarkKoz2021-12-21-1/+2
| | | | | | | | | | | | `test_numpy_import` fails when running with `pipenv run tests`, since numpy was not installed. Modify the pipenv script to install numpy before starting the tests.
| * Fix NsJail args testGravatar MarkKoz2021-12-21-1/+2
| | | | | | | | | | Dynamically calculate the position of the arguments rather than hard-coding them.
| * Set the max swap size through NsJailGravatar MarkKoz2021-12-20-4/+2
| |
| * Update NsJailGravatar MarkKoz2021-12-20-979/+49
| | | | | | | | | | | | | | The updated versions adds support for telling NsJail to set the max swap memory in the cgroup. Resolve #125
| * Use the system locale's encoding for cgroup filesGravatar MarkKoz2021-12-20-2/+2
| | | | | | | | | | They're encoded with the system's locale, so that's what should be used to read them.
| * Add cgroupv2 initialisationGravatar MarkKoz2021-12-20-6/+46
| | | | | | | | | | | | | | | | Ensure the cgroupv2 mount exists, subtree_control is not empty, and swap is disabled. Fix #126 Fix #102
| * Account for NsJail's use_cgroupv2 setting when detecting cgroup versionGravatar MarkKoz2021-12-20-15/+38
| |
| * Move cgroup functions to a new utility moduleGravatar MarkKoz2021-12-21-61/+69
|/
* Excluded the snekbox/config_pb2.py from coverage (#130)Gravatar Nightfurex2021-12-22-1/+3
|
* Merge pull request #119 from python-discord/fix-tests-protobufGravatar Joe Banks2021-12-20-327/+324
|\
| * Rename Generated ProtoBuf ConfigGravatar Hassan Abouelela2021-12-20-223/+199
| | | | | | | | | | | | | | Remove the rename step from the protobuf generation script to get around a bug causing failures in the test suite. Signed-off-by: Hassan Abouelela <[email protected]>
| * Bump & Lock Protobuf to 3.19Gravatar Hassan Abouelela2021-12-19-104/+125
|/ | | | | | | | Bumps protobuf from ~=3.14 to ==3.19. 3.19 was already a valid upgrade from ~=3.14, but it introduced a breaking bug. The dependency has been locked for now to avoid any more unintended bugs. Signed-off-by: Hassan Abouelela <[email protected]>
* Merge pull request #123 from Akarys42/patch-1Gravatar Joe Banks2021-12-10-1/+1
|\
| * Remove myself from the codeownersGravatar Matteo Bertucci2021-12-10-1/+1
|/
* Merge pull request #121 from python-discord/cgroupsv2Gravatar Hassan Abouelela2021-12-07-1/+20
|\ | | | | Add the --use_cgroupv2 flag when relevant
| * Log cgroup version at startupGravatar Matteo Bertucci2021-12-07-2/+4
| |
| * Add the --use_cgroupv2 flag when relevantGravatar Matteo Bertucci2021-12-07-1/+18
|/ | | | According to https://github.com/google/nsjail/pull/119, the flag should be passed for NsJail to try to use cgroupv2. This commit will use the /sys/fs/cgroup structure to guess the installed version, and depending on the version add that flag.
* Merge pull request #120 from onerandomusername/patch-2Gravatar Joe Banks2021-12-02-1/+1
|\
| * update arrow to most recent versionGravatar aru2021-12-02-1/+1
|/
* Update deployment.yamlGravatar Joe Banks2021-11-11-0/+1
|
* Merge #117 - Bump To Python 3.10Gravatar Mark2021-10-11-129/+156
|\
| * Bumps Coverage VersionGravatar Hassan Abouelela2021-10-11-58/+39
| | | | | | | | Signed-off-by: Hassan Abouelela <[email protected]>
| * Updates Runtime Modules For 3.10Gravatar Hassan Abouelela2021-10-11-6/+4
| | | | | | | | Signed-off-by: Hassan Abouelela <[email protected]>
| * Bumps Python Version To 3.10Gravatar Hassan Abouelela2021-10-11-122/+170
|/ | | | Signed-off-by: Hassan Abouelela <[email protected]>
* Merge #112 - increase available PIDs to 5Gravatar Mark2021-07-17-7/+44
|\
| * test: add test_multiprocess_resource_limits to test memory limit sharingGravatar Joe Banks2021-07-17-0/+28
| | | | | | | | This test ensures that spawned child processes inherit the same resource group as the parent by spawning 2 child processes which each allocate a 40MB object, it then verifies that one of the child processes was killed with SIGKILL for violating the resource quota.
| * test: update pid limit tests to account for new increased limitGravatar Joe Banks2021-07-17-1/+10
| |
| * chore: increase 3rd party thread limit environment variablesGravatar Joe Banks2021-07-17-5/+5
| | | | | | | | We define a few environment variables to stop third party libraries trying to default to spawning more processes, with the PID limit modification we can increase these values.
| * feat: increased PID limitsGravatar Joe Banks2021-07-17-1/+1
|/ | | | Processes spawned in snekbox now have up to 5 PIDs available, each sharing the same memory limits and environment as the parent python process. As far as I could see in testing this does appear safe and processes behave as expected even when detatching from the parent or exceeding memory limits.
* add anyioGravatar Thomas Grainger2021-07-07-0/+1
|
* Merge pull request #110 from python-discord/env-deps/add-tzdataGravatar Joe Banks2021-06-19-0/+1
|\ | | | | Env deps: add tzdata
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-31 20:37:18 +0000