| Commit message (Collapse) | Author | Age | Lines |
|---|
| ... | |
| | |
|
| |\ |
|
| | |
| |
| |
| |
| |
| | |
Python 3.9 is available on the self-hosted runner and is sufficient to
run coveralls. Trying to get the setup-python action supported on
the self-hosted runner proved to be problematic.
|
| | |
| |
| |
| |
| |
| | |
The self-hosted runner has cgroupv2 enabled. It's only needed to run
the tests on a cgroupv2 system. Only lint, push the image, and deploy
it on one runner to avoid redundancy.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Fix NsJail failing to set the swap limit because it tries to write to
a file that doesn't exist.
Log a warning if swap is on, the swap controller is disabled, and the
NsJail config is attempting to limit swap memory.
|
| | |
| |
| |
| |
| | |
Memory limit of the parent doesn't need to be modified because NsJail
is now able to set the swap limit itself.
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
The NsJail config can be overridden by command-line arguments. However,
there is no way to negate `--use_cgroupv2`. Hence, manual correction
of the config by the user is required.
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
`test_numpy_import` fails when running with `pipenv run tests`, since
numpy was not installed. Modify the pipenv script to install numpy
before starting the tests.
|
| | |
| |
| |
| |
| | |
Dynamically calculate the position of the arguments rather than
hard-coding them.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| | |
The updated versions adds support for telling NsJail to set the max swap
memory in the cgroup.
Resolve #125
|
| | |
| |
| |
| |
| | |
They're encoded with the system's locale, so that's what should be used
to read them.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Ensure the cgroupv2 mount exists, subtree_control is not empty, and
swap is disabled.
Fix #126
Fix #102
|
| | | |
|
| |/ |
|
| | |
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| | |
Remove the rename step from the protobuf generation script to get around
a bug causing failures in the test suite.
Signed-off-by: Hassan Abouelela <[email protected]>
|
| |/
|
|
|
|
|
|
| |
Bumps protobuf from ~=3.14 to ==3.19. 3.19 was already a valid upgrade
from ~=3.14, but it introduced a breaking bug. The dependency has been
locked for now to avoid any more unintended bugs.
Signed-off-by: Hassan Abouelela <[email protected]>
|
| |\ |
|
| |/ |
|
| |\
| |
| | |
Add the --use_cgroupv2 flag when relevant
|
| | | |
|
| |/
|
|
| |
According to https://github.com/google/nsjail/pull/119, the flag should be passed for NsJail to try to use cgroupv2. This commit will use the /sys/fs/cgroup structure to guess the installed version, and depending on the version add that flag.
|
| |\ |
|
| |/ |
|
| | |
|
| |\ |
|
| | |
| |
| |
| | |
Signed-off-by: Hassan Abouelela <[email protected]>
|
| | |
| |
| |
| | |
Signed-off-by: Hassan Abouelela <[email protected]>
|
| |/
|
|
| |
Signed-off-by: Hassan Abouelela <[email protected]>
|
| |\ |
|
| | |
| |
| |
| | |
This test ensures that spawned child processes inherit the same resource group as the parent by spawning 2 child processes which each allocate a 40MB object, it then verifies that one of the child processes was killed with SIGKILL for violating the resource quota.
|
| | | |
|
| | |
| |
| |
| | |
We define a few environment variables to stop third party libraries trying to default to spawning more processes, with the PID limit modification we can increase these values.
|
| |/
|
|
| |
Processes spawned in snekbox now have up to 5 PIDs available, each sharing the same memory limits and environment as the parent python process. As far as I could see in testing this does appear safe and processes behave as expected even when detatching from the parent or exceeding memory limits.
|
| | |
|
| |\
| |
| | |
Env deps: add tzdata
|
| |/
|
|
|
|
|
|
| |
Snekbox is lacking an IANA timezone database, this first-party `tzdata` package will provide them. It can be tested by running the following script:
```py
import zoneinfo
if len(zoneinfo.available_timezones()) == 0:
print("The environment doesn't have a valid IANA database.")
```
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.4 to 1.26.5.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](https://github.com/urllib3/urllib3/compare/1.26.4...1.26.5)
---
updated-dependencies:
- dependency-name: urllib3
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <[email protected]>
|
| |\ |
|
| | | |
|
| | |
| |
| |
| | |
Co-authored-by: Mark <[email protected]>
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
Joe Banks
MarkKoz
Nightfurex
Hassan Abouelela
Matteo Bertucci
aru
Thomas Grainger
Joe Banks
dependabot[bot]
ToxicKidz