aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeLines
...
* Move community health files to .github dirGravatar MarkKoz2022-03-05-4/+5
| | | | Merge DEVELOPING.md into CONTRIBUTING.md
* CI: define KUBECONFIG secret as required in build workflowGravatar MarkKoz2022-02-13-0/+3
|
* CI: pass KUBECONFIG secret to build workflowGravatar MarkKoz2022-02-13-0/+2
| | | | | Reusable workflows don't have access to secrets, even in this case where the workflow is local.
* Merge #133 - CI refactorGravatar Mark2022-02-13-242/+389
|\
| * CI: remove unnecessary shell option from scriptGravatar MarkKoz2022-02-13-1/+1
| | | | | | | | | | There are no pipes the in script, so the presence of -o pipefail may confuse readers.
| * CI: replace "artefact" with "artifact"Gravatar MarkKoz2022-02-13-19/+19
| | | | | | | | The latter is consistent with GitHub Action's documentation.
| * CI: remove region commentsGravatar MarkKoz2022-02-13-4/+0
| | | | | | | | There isn't enough "meat" to warrant their use.
| * CI: rename jobsGravatar MarkKoz2021-12-27-10/+6
| |
| * CI: clean up Docker stuff in self-hosted runnerGravatar MarkKoz2021-12-27-8/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Use docker-compose run instead of docker-compose up. This is more appropriate since the container is only needed for one command. The latter was actually starting the whole snekbox server. Furthermore, the former has the --rm option to remove the container when the command finishes. As an extra precaution, use docker-compose down in the self-hosted runner to also remove images, volumes, networks, and any other containers that were somehow missed. Removing images will also prevent the disk usage from building up. This is not necessary for the GH-hosted runner since a new VM is used for each run.
| * CI: fix pre-commit logs step conditionGravatar MarkKoz2021-12-27-1/+1
| | | | | | | | The step was running even if the pre-commit hooks step never ran.
| * CI: fix flake8 being skippedGravatar MarkKoz2021-12-27-0/+7
| |
| * CI: run linters outside the containerGravatar MarkKoz2021-12-27-36/+44
| | | | | | | | | | | | | | | | Remove the dependency on the container so the lint job can run in parallel with the build job. More time has to be spent installing Python dependencies, but this is made up for by not having to download and load the image artefact in addition to not having to wait for the build job.
| * CI: specify service name to coverallsGravatar MarkKoz2021-12-27-1/+1
| | | | | | | | See https://github.com/TheKevJames/coveralls-python/issues/240
| * CI: remove SHA from image build GHA cache scopeGravatar MarkKoz2021-12-26-1/+1
| | | | | | | | | | | | Unlike the cache action, the build-push action's GHA cache feature seems to only do an exact comparison for the scope. Thus, new commits lead to cache misses.
| * CI: combine coverage data from all matrix jobsGravatar MarkKoz2021-12-26-21/+39
| |
| * CI: pass artefact name as an input to workflowsGravatar MarkKoz2021-12-26-10/+28
| | | | | | | | | | | | Make the artefact and file names identical to simplify things. The artefact name doesn't have to be unique anyway since it can only be downloaded by the same workflow run.
| * CI: use buildx's integrated GH Actions cache featureGravatar MarkKoz2021-12-26-12/+18
| |
| * CI: use build-push-action to output an image tarballGravatar MarkKoz2021-12-26-4/+1
| | | | | | | | | | | | | | load: true was already creating a tarball, but it was getting immediately loaded. Since no other Docker builds run in this job, it's useless to load it. The action can still be leveraged to create the tarball instead of manually invoking `docker save`.
| * CI: use reusable workflows as jobs in main workflowGravatar MarkKoz2021-12-26-242/+27
| |
| * CI: create a reusable deployment workflowGravatar MarkKoz2021-12-26-0/+96
| |
| * CI: create a reusable test workflowGravatar MarkKoz2021-12-26-0/+74
| |
| * CI: create a reusable lint workflowGravatar MarkKoz2021-12-26-0/+52
| |
| * CI: create a reusable build workflowGravatar MarkKoz2021-12-26-0/+88
|/
* Merge #132 - fix entrypoint and support Python argsGravatar Mark2022-01-15-9/+119
|\
| * Fix typo in commentGravatar Mark2022-01-15-1/+1
| | | | | | Co-authored-by: wookie184 <[email protected]>
| * Change entrypoint tests to integration testsGravatar MarkKoz2021-12-27-35/+25
| | | | | | | | No more mocks!
| * Skip coverage of if __name__ == "__main__":Gravatar MarkKoz2021-12-26-1/+1
| |
| * Add tests for main()Gravatar MarkKoz2021-12-26-0/+49
| |
| * Forward the NsJail exit code from the entrypointGravatar MarkKoz2021-12-26-0/+4
| |
| * Test argument parsing for entry pointGravatar MarkKoz2021-12-26-0/+51
| |
| * Add option to pass Python args via main entry pointGravatar MarkKoz2021-12-26-8/+24
| | | | | | | | | | | | Python args are specified as a single string because if they were positional, there wouldn't be a way to distinguish them from NsJail's args.
| * Fix #124 passing NsJail arguments via main entrypointGravatar MarkKoz2021-12-26-1/+1
|/
* Merge pull request #136 from python-discord/feat/tests/135/rel-path-coverageGravatar Hassan Abouelela2021-12-29-7/+6
|\ | | | | Store relative paths in coverage data
| * Store relative paths in coverage dataGravatar MarkKoz2021-12-28-7/+6
|/ | | | | | | Also remove the reliance on the container needing to mount the host's files to the same directory during local testing. Fix #135
* Do not run Kubernetes deployment on self-hosted runnerGravatar Joe Banks2021-12-26-1/+1
|
* Merge pull request #127 from python-discord/feat/nsjail/102/cgroupv2Gravatar Joe Banks2021-12-26-1060/+378
|\
| * CI: disable setup-python action on self-hosted runnerGravatar MarkKoz2021-12-25-1/+1
| | | | | | | | | | | | Python 3.9 is available on the self-hosted runner and is sufficient to run coveralls. Trying to get the setup-python action supported on the self-hosted runner proved to be problematic.
| * CI: create a matrix with a self-hosted runner with cgroupv2Gravatar MarkKoz2021-12-21-6/+18
| | | | | | | | | | | | The self-hosted runner has cgroupv2 enabled. It's only needed to run the tests on a cgroupv2 system. Only lint, push the image, and deploy it on one runner to avoid redundancy.
| * Ignore swap limits if the swap controller is disabledGravatar MarkKoz2021-12-21-2/+70
| | | | | | | | | | | | | | | | Fix NsJail failing to set the swap limit because it tries to write to a file that doesn't exist. Log a warning if swap is on, the swap controller is disabled, and the NsJail config is attempting to limit swap memory.
| * Remove dynamic cgroupv1 creationGravatar MarkKoz2021-12-21-64/+27
| | | | | | | | | | Memory limit of the parent doesn't need to be modified because NsJail is now able to set the swap limit itself.
| * Add a test for #83Gravatar MarkKoz2021-12-21-0/+123
| |
| * Show a warning if use_cgroupv2 is true but only a v1 fs is detectedGravatar MarkKoz2021-12-21-0/+7
| | | | | | | | | | | | The NsJail config can be overridden by command-line arguments. However, there is no way to negate `--use_cgroupv2`. Hence, manual correction of the config by the user is required.
| * Disable pip version checks in the Docker imageGravatar MarkKoz2021-12-21-0/+1
| |
| * Set NsJail log level to warning during API testsGravatar MarkKoz2021-12-21-0/+3
| |
| * Install numpy before running tests locallyGravatar MarkKoz2021-12-21-1/+2
| | | | | | | | | | | | `test_numpy_import` fails when running with `pipenv run tests`, since numpy was not installed. Modify the pipenv script to install numpy before starting the tests.
| * Fix NsJail args testGravatar MarkKoz2021-12-21-1/+2
| | | | | | | | | | Dynamically calculate the position of the arguments rather than hard-coding them.
| * Set the max swap size through NsJailGravatar MarkKoz2021-12-20-4/+2
| |
| * Update NsJailGravatar MarkKoz2021-12-20-979/+49
| | | | | | | | | | | | | | The updated versions adds support for telling NsJail to set the max swap memory in the cgroup. Resolve #125
| * Use the system locale's encoding for cgroup filesGravatar MarkKoz2021-12-20-2/+2
| | | | | | | | | | They're encoded with the system's locale, so that's what should be used to read them.
| * Add cgroupv2 initialisationGravatar MarkKoz2021-12-20-6/+46
| | | | | | | | | | | | | | | | Ensure the cgroupv2 mount exists, subtree_control is not empty, and swap is disabled. Fix #126 Fix #102
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-22 00:24:14 +0000