trusted-sandbox 0.0.10.pre → 0.0.11.pre
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rspec +2 -0
- data/Gemfile.lock +17 -1
- data/README.md +63 -19
- data/lib/trusted_sandbox/cli.rb +17 -6
- data/lib/trusted_sandbox/config/trusted_sandbox.yml +5 -1
- data/lib/trusted_sandbox/config.rb +47 -13
- data/lib/trusted_sandbox/defaults.rb +4 -1
- data/lib/trusted_sandbox/general_purpose.rb +26 -0
- data/lib/trusted_sandbox/response.rb +30 -11
- data/lib/trusted_sandbox/runner.rb +22 -5
- data/lib/trusted_sandbox/server_images/{2.1.2 → ruby-2.1.2}/Dockerfile +0 -0
- data/lib/trusted_sandbox/server_images/{2.1.2 → ruby-2.1.2}/Gemfile +0 -0
- data/lib/trusted_sandbox/server_images/{2.1.2 → ruby-2.1.2}/bundle_config +0 -0
- data/lib/trusted_sandbox/server_images/{2.1.2 → ruby-2.1.2}/entrypoint.sh +0 -0
- data/lib/trusted_sandbox/server_images/{2.1.2 → ruby-2.1.2}/run.rb +0 -0
- data/lib/trusted_sandbox/uid_pool.rb +4 -0
- data/lib/trusted_sandbox/version.rb +1 -1
- data/lib/trusted_sandbox.rb +9 -0
- data/spec/integration/integration_spec.rb +85 -0
- data/spec/integration/quota_spec.rb +25 -0
- data/spec/lib/trusted_sandbox/config_spec.rb +91 -0
- data/spec/lib/trusted_sandbox/request_serializer_spec.rb +47 -0
- data/spec/lib/trusted_sandbox/response_spec.rb +90 -0
- data/spec/lib/trusted_sandbox/runner_spec.rb +171 -0
- data/spec/lib/trusted_sandbox/uid_pool_spec.rb +110 -0
- data/spec/lib/trusted_sandbox_spec.rb +15 -0
- data/spec/spec_helper.rb +95 -0
- data/trusted-sandbox.gemspec +4 -2
- metadata +58 -10
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,95 @@
|
|
1
|
+
# This file was generated by the `rspec --init` command. Conventionally, all
|
2
|
+
# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
|
3
|
+
# The generated `.rspec` file contains `--require spec_helper` which will cause this
|
4
|
+
# file to always be loaded, without a need to explicitly require it in any files.
|
5
|
+
#
|
6
|
+
# Given that it is always loaded, you are encouraged to keep this file as
|
7
|
+
# light-weight as possible. Requiring heavyweight dependencies from this file
|
8
|
+
# will add to the boot time of your test suite on EVERY test run, even for an
|
9
|
+
# individual file that may not need all of that loaded. Instead, consider making
|
10
|
+
# a separate helper file that requires the additional dependencies and performs
|
11
|
+
# the additional setup, and require it from the spec files that actually need it.
|
12
|
+
#
|
13
|
+
# The `.rspec` file also contains a few flags that are not defaults but that
|
14
|
+
# users commonly want.
|
15
|
+
#
|
16
|
+
# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
|
17
|
+
|
18
|
+
require 'trusted_sandbox'
|
19
|
+
|
20
|
+
RSpec.configure do |config|
|
21
|
+
# rspec-expectations config goes here. You can use an alternate
|
22
|
+
# assertion/expectation library such as wrong or the stdlib/minitest
|
23
|
+
# assertions if you prefer.
|
24
|
+
config.expect_with :rspec do |expectations|
|
25
|
+
# This option will default to `true` in RSpec 4. It makes the `description`
|
26
|
+
# and `failure_message` of custom matchers include text for helper methods
|
27
|
+
# defined using `chain`, e.g.:
|
28
|
+
# be_bigger_than(2).and_smaller_than(4).description
|
29
|
+
# # => "be bigger than 2 and smaller than 4"
|
30
|
+
# ...rather than:
|
31
|
+
# # => "be bigger than 2"
|
32
|
+
expectations.syntax = [:expect, :should]
|
33
|
+
expectations.include_chain_clauses_in_custom_matcher_descriptions = true
|
34
|
+
end
|
35
|
+
|
36
|
+
config.mock_framework = :rr
|
37
|
+
|
38
|
+
# rspec-mocks config goes here. You can use an alternate test double
|
39
|
+
# library (such as bogus or mocha) by changing the `mock_with` option here.
|
40
|
+
# config.mock_with :rspec do |mocks|
|
41
|
+
# Prevents you from mocking or stubbing a method that does not exist on
|
42
|
+
# a real object. This is generally recommended, and will default to
|
43
|
+
# `true` in RSpec 4.
|
44
|
+
# mocks.verify_partial_doubles = true
|
45
|
+
# end
|
46
|
+
|
47
|
+
# The settings below are suggested to provide a good initial experience
|
48
|
+
# with RSpec, but feel free to customize to your heart's content.
|
49
|
+
=begin
|
50
|
+
# These two settings work together to allow you to limit a spec run
|
51
|
+
# to individual examples or groups you care about by tagging them with
|
52
|
+
# `:focus` metadata. When nothing is tagged with `:focus`, all examples
|
53
|
+
# get run.
|
54
|
+
config.filter_run :focus
|
55
|
+
config.run_all_when_everything_filtered = true
|
56
|
+
|
57
|
+
# Limits the available syntax to the non-monkey patched syntax that is recommended.
|
58
|
+
# For more details, see:
|
59
|
+
# - http://myronmars.to/n/dev-blog/2012/06/rspecs-new-expectation-syntax
|
60
|
+
# - http://teaisaweso.me/blog/2013/05/27/rspecs-new-message-expectation-syntax/
|
61
|
+
# - http://myronmars.to/n/dev-blog/2014/05/notable-changes-in-rspec-3#new__config_option_to_disable_rspeccore_monkey_patching
|
62
|
+
config.disable_monkey_patching!
|
63
|
+
|
64
|
+
# This setting enables warnings. It's recommended, but in some cases may
|
65
|
+
# be too noisy due to issues in dependencies.
|
66
|
+
config.warnings = true
|
67
|
+
|
68
|
+
# Many RSpec users commonly either run the entire suite or an individual
|
69
|
+
# file, and it's useful to allow more verbose output when running an
|
70
|
+
# individual spec file.
|
71
|
+
if config.files_to_run.one?
|
72
|
+
# Use the documentation formatter for detailed output,
|
73
|
+
# unless a formatter has already been configured
|
74
|
+
# (e.g. via a command-line flag).
|
75
|
+
config.default_formatter = 'doc'
|
76
|
+
end
|
77
|
+
|
78
|
+
# Print the 10 slowest examples and example groups at the
|
79
|
+
# end of the spec run, to help surface which specs are running
|
80
|
+
# particularly slow.
|
81
|
+
config.profile_examples = 10
|
82
|
+
|
83
|
+
# Run specs in random order to surface order dependencies. If you find an
|
84
|
+
# order dependency and want to debug it, you can fix the order by providing
|
85
|
+
# the seed, which is printed after each run.
|
86
|
+
# --seed 1234
|
87
|
+
config.order = :random
|
88
|
+
|
89
|
+
# Seed global randomization in this process using the `--seed` CLI option.
|
90
|
+
# Setting this allows you to use `--seed` to deterministically reproduce
|
91
|
+
# test failures related to randomization by passing the same `--seed` value
|
92
|
+
# as the one that triggered the failure.
|
93
|
+
Kernel.srand config.seed
|
94
|
+
=end
|
95
|
+
end
|
data/trusted-sandbox.gemspec
CHANGED
@@ -8,8 +8,8 @@ Gem::Specification.new do |spec|
|
|
8
8
|
spec.version = TrustedSandbox::VERSION
|
9
9
|
spec.authors = ['Amit Aharoni']
|
10
10
|
spec.email = ['amit.sites@gmail.com']
|
11
|
-
spec.description = %q{Trusted Sandbox makes it simple to execute
|
12
|
-
spec.summary = %q{Run untrusted
|
11
|
+
spec.description = %q{Trusted Sandbox makes it simple to execute classes that eval untrusted code in a resource-controlled docker container}
|
12
|
+
spec.summary = %q{Run untrusted code in a contained sandbox using Docker}
|
13
13
|
spec.homepage = 'https://github.com/vaharoni/trusted-sandbox'
|
14
14
|
spec.license = 'MIT'
|
15
15
|
|
@@ -20,6 +20,8 @@ Gem::Specification.new do |spec|
|
|
20
20
|
|
21
21
|
spec.add_development_dependency 'bundler', '~> 1.3'
|
22
22
|
spec.add_development_dependency 'rake'
|
23
|
+
spec.add_development_dependency 'rspec'
|
24
|
+
spec.add_development_dependency 'rr'
|
23
25
|
|
24
26
|
spec.add_runtime_dependency 'docker-api', '~> 1.13'
|
25
27
|
spec.add_runtime_dependency 'thor', '~> 0.19'
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: trusted-sandbox
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.11.pre
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amit Aharoni
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-10-
|
11
|
+
date: 2014-10-31 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -38,6 +38,34 @@ dependencies:
|
|
38
38
|
- - ">="
|
39
39
|
- !ruby/object:Gem::Version
|
40
40
|
version: '0'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: rspec
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - ">="
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '0'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - ">="
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: rr
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - ">="
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - ">="
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
41
69
|
- !ruby/object:Gem::Dependency
|
42
70
|
name: docker-api
|
43
71
|
requirement: !ruby/object:Gem::Requirement
|
@@ -66,7 +94,7 @@ dependencies:
|
|
66
94
|
- - "~>"
|
67
95
|
- !ruby/object:Gem::Version
|
68
96
|
version: '0.19'
|
69
|
-
description: Trusted Sandbox makes it simple to execute
|
97
|
+
description: Trusted Sandbox makes it simple to execute classes that eval untrusted
|
70
98
|
code in a resource-controlled docker container
|
71
99
|
email:
|
72
100
|
- amit.sites@gmail.com
|
@@ -76,6 +104,7 @@ extensions: []
|
|
76
104
|
extra_rdoc_files: []
|
77
105
|
files:
|
78
106
|
- ".gitignore"
|
107
|
+
- ".rspec"
|
79
108
|
- ".ruby-gemset"
|
80
109
|
- ".ruby-version"
|
81
110
|
- Gemfile
|
@@ -90,16 +119,26 @@ files:
|
|
90
119
|
- lib/trusted_sandbox/config/trusted_sandbox.yml
|
91
120
|
- lib/trusted_sandbox/defaults.rb
|
92
121
|
- lib/trusted_sandbox/errors.rb
|
122
|
+
- lib/trusted_sandbox/general_purpose.rb
|
93
123
|
- lib/trusted_sandbox/request_serializer.rb
|
94
124
|
- lib/trusted_sandbox/response.rb
|
95
125
|
- lib/trusted_sandbox/runner.rb
|
96
|
-
- lib/trusted_sandbox/server_images/2.1.2/Dockerfile
|
97
|
-
- lib/trusted_sandbox/server_images/2.1.2/Gemfile
|
98
|
-
- lib/trusted_sandbox/server_images/2.1.2/bundle_config
|
99
|
-
- lib/trusted_sandbox/server_images/2.1.2/entrypoint.sh
|
100
|
-
- lib/trusted_sandbox/server_images/2.1.2/run.rb
|
126
|
+
- lib/trusted_sandbox/server_images/ruby-2.1.2/Dockerfile
|
127
|
+
- lib/trusted_sandbox/server_images/ruby-2.1.2/Gemfile
|
128
|
+
- lib/trusted_sandbox/server_images/ruby-2.1.2/bundle_config
|
129
|
+
- lib/trusted_sandbox/server_images/ruby-2.1.2/entrypoint.sh
|
130
|
+
- lib/trusted_sandbox/server_images/ruby-2.1.2/run.rb
|
101
131
|
- lib/trusted_sandbox/uid_pool.rb
|
102
132
|
- lib/trusted_sandbox/version.rb
|
133
|
+
- spec/integration/integration_spec.rb
|
134
|
+
- spec/integration/quota_spec.rb
|
135
|
+
- spec/lib/trusted_sandbox/config_spec.rb
|
136
|
+
- spec/lib/trusted_sandbox/request_serializer_spec.rb
|
137
|
+
- spec/lib/trusted_sandbox/response_spec.rb
|
138
|
+
- spec/lib/trusted_sandbox/runner_spec.rb
|
139
|
+
- spec/lib/trusted_sandbox/uid_pool_spec.rb
|
140
|
+
- spec/lib/trusted_sandbox_spec.rb
|
141
|
+
- spec/spec_helper.rb
|
103
142
|
- trusted-sandbox.gemspec
|
104
143
|
homepage: https://github.com/vaharoni/trusted-sandbox
|
105
144
|
licenses:
|
@@ -124,5 +163,14 @@ rubyforge_project:
|
|
124
163
|
rubygems_version: 2.2.2
|
125
164
|
signing_key:
|
126
165
|
specification_version: 4
|
127
|
-
summary: Run untrusted
|
128
|
-
test_files:
|
166
|
+
summary: Run untrusted code in a contained sandbox using Docker
|
167
|
+
test_files:
|
168
|
+
- spec/integration/integration_spec.rb
|
169
|
+
- spec/integration/quota_spec.rb
|
170
|
+
- spec/lib/trusted_sandbox/config_spec.rb
|
171
|
+
- spec/lib/trusted_sandbox/request_serializer_spec.rb
|
172
|
+
- spec/lib/trusted_sandbox/response_spec.rb
|
173
|
+
- spec/lib/trusted_sandbox/runner_spec.rb
|
174
|
+
- spec/lib/trusted_sandbox/uid_pool_spec.rb
|
175
|
+
- spec/lib/trusted_sandbox_spec.rb
|
176
|
+
- spec/spec_helper.rb
|