trusted-sandbox 0.1.2 → 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +39 -18
- data/lib/trusted_sandbox/config/trusted_sandbox.yml +5 -0
- data/lib/trusted_sandbox/config.rb +2 -1
- data/lib/trusted_sandbox/defaults.rb +1 -0
- data/lib/trusted_sandbox/{runner.rb → host_runner.rb} +37 -10
- data/lib/trusted_sandbox/response.rb +27 -7
- data/lib/trusted_sandbox/version.rb +1 -1
- data/lib/trusted_sandbox.rb +2 -2
- data/spec/integration/integration_spec.rb +44 -0
- data/spec/lib/trusted_sandbox/{runner_spec.rb → host_runner_spec.rb} +39 -25
- data/spec/lib/trusted_sandbox/response_spec.rb +6 -6
- metadata +5 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 2d4e0bcecde1af0fb5f4c06a716777e1504e319b
|
4
|
+
data.tar.gz: f89202701ed4195b50d54d16e33fcfba824c006e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7aef11d8b4ff742e7413d1aba15cf09d81df302e1cfd537557f98051b0b7d0282fb48667d00d14eddd171561a0c01766156f4135956ddd98f8de3d73613aa2f5
|
7
|
+
data.tar.gz: 1d3d9de1be89cd85e08c281272d5af13b500896d9daa2bbd0ebcc410925c5263a916c355833dbe3d003fb536b0d5a945c4b8f4c46f63fbd4cf87279b25aed051
|
data/README.md
CHANGED
@@ -207,6 +207,11 @@ keep_containers: false
|
|
207
207
|
|
208
208
|
# A folder used by the UID-pool to handle locks.
|
209
209
|
host_uid_pool_lock_path: tmp/uid_pool_lock
|
210
|
+
|
211
|
+
# When set to true the code is executed within the current process, without launching a
|
212
|
+
# Docker container. This is useful for testing and on dev machines that do not have Docker
|
213
|
+
# installed.
|
214
|
+
shortcut: false
|
210
215
|
```
|
211
216
|
|
212
217
|
### Limiting swap memory
|
@@ -348,7 +353,9 @@ possible. You can prepare a docker image with additional gems and custom Ruby cl
|
|
348
353
|
|
349
354
|
### Running containers
|
350
355
|
|
351
|
-
There are two
|
356
|
+
There are two main methods to run a container.
|
357
|
+
|
358
|
+
Use `run!` to retrieve output from the container. If the user code raised
|
352
359
|
an exception, it will be raised by `run!`.
|
353
360
|
|
354
361
|
```ruby
|
@@ -358,6 +365,25 @@ output = TrustedSandbox.run! MyFunction, "input ** 2", 10
|
|
358
365
|
Use `run` to retrieve a response object. The response object provides additional useful information about the
|
359
366
|
container execution.
|
360
367
|
|
368
|
+
Here is a success scenario:
|
369
|
+
```ruby
|
370
|
+
response = TrustedSandbox.run MyFunction, "input ** 2", 10
|
371
|
+
|
372
|
+
response.status
|
373
|
+
# => "success"
|
374
|
+
|
375
|
+
response.valid?
|
376
|
+
# => true
|
377
|
+
|
378
|
+
response.output
|
379
|
+
# => 100
|
380
|
+
|
381
|
+
response.output!
|
382
|
+
# => 100
|
383
|
+
|
384
|
+
response.error
|
385
|
+
# => nil
|
386
|
+
```
|
361
387
|
Here is an error scenario:
|
362
388
|
```ruby
|
363
389
|
response = TrustedSandbox.run MyFunction, "raise 'error!'", 10
|
@@ -388,25 +414,20 @@ puts response.stdout
|
|
388
414
|
# Can be useful for environment related errors
|
389
415
|
puts response.stderr
|
390
416
|
```
|
391
|
-
Here is a success scenario:
|
392
|
-
```ruby
|
393
|
-
response = TrustedSandbox.run MyFunction, "input ** 2", 10
|
394
|
-
|
395
|
-
response.status
|
396
|
-
# => "success"
|
397
417
|
|
398
|
-
|
399
|
-
|
400
|
-
|
401
|
-
|
402
|
-
|
403
|
-
|
404
|
-
response.output!
|
405
|
-
# => 100
|
406
|
-
|
407
|
-
response.error
|
408
|
-
# => nil
|
418
|
+
The helper methods `run_code` and `run_code!` behave similarly to `run` and `run!`. They invoke TrustedSandbox
|
419
|
+
on a `GeneralPurpose` class that performs a simple `eval`, with an ability to provide a context for the code to run in.
|
420
|
+
The following:
|
421
|
+
```ruby
|
422
|
+
TrustedSandbox.run_code! "input[:a] + input[:b]", input: {a: 1, b: 2}
|
423
|
+
# => 3
|
409
424
|
```
|
425
|
+
Is equivalent to running:
|
426
|
+
```ruby
|
427
|
+
TrustedSandbox.run! TrustedSandbox::GeneralPurpose, "input[:a] + input[:b]", input: {a: 1, b: 2}
|
428
|
+
# => 3
|
429
|
+
```
|
430
|
+
|
410
431
|
### Overriding specific invocations
|
411
432
|
|
412
433
|
To override a configuration parameter for a specific invocation, use `with_options`:
|
@@ -28,6 +28,11 @@ development:
|
|
28
28
|
keep_code_folders: false
|
29
29
|
keep_containers: false
|
30
30
|
|
31
|
+
# When set to true, code will run in the current process instead of
|
32
|
+
# a docker container. This is useful for testing and dev machines
|
33
|
+
# that do not have docker installed
|
34
|
+
shortcut: false
|
35
|
+
|
31
36
|
# When this is set to false and keep_code_folders is true, you'll
|
32
37
|
# receive helpful messages about how to connect to your containers
|
33
38
|
quiet_mode: false
|
@@ -49,7 +49,8 @@ module TrustedSandbox
|
|
49
49
|
:memory_limit, :memory_swap_limit, :cpu_shares, :docker_image_name,
|
50
50
|
:execution_timeout, :network_access, :enable_swap_limit, :enable_quotas,
|
51
51
|
:container_code_path, :container_input_filename, :container_output_filename,
|
52
|
-
:keep_code_folders, :keep_containers, :quiet_mode, :container_manifest_filename
|
52
|
+
:keep_code_folders, :keep_containers, :quiet_mode, :container_manifest_filename,
|
53
|
+
:shortcut
|
53
54
|
|
54
55
|
attr_reader_with_fallback :host_code_root_path, :host_uid_pool_lock_path
|
55
56
|
|
@@ -1,5 +1,5 @@
|
|
1
1
|
module TrustedSandbox
|
2
|
-
class
|
2
|
+
class HostRunner
|
3
3
|
|
4
4
|
attr_reader :uid_pool, :config
|
5
5
|
|
@@ -15,14 +15,11 @@ module TrustedSandbox
|
|
15
15
|
# @param *args [Array] arguments to send to klass#initialize
|
16
16
|
# @return [Response]
|
17
17
|
def run(klass, *args)
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
release_uid
|
24
|
-
remove_code_dir
|
25
|
-
remove_container
|
18
|
+
if config.shortcut
|
19
|
+
shortcut(klass, *args)
|
20
|
+
else
|
21
|
+
run_in_container(klass, *args)
|
22
|
+
end
|
26
23
|
end
|
27
24
|
|
28
25
|
# @param klass [Class] the class object that should be run
|
@@ -50,6 +47,17 @@ module TrustedSandbox
|
|
50
47
|
|
51
48
|
private
|
52
49
|
|
50
|
+
def run_in_container(klass, *args)
|
51
|
+
create_code_dir
|
52
|
+
serialize_request(klass, *args)
|
53
|
+
create_container
|
54
|
+
start_container
|
55
|
+
ensure
|
56
|
+
release_uid
|
57
|
+
remove_code_dir
|
58
|
+
remove_container
|
59
|
+
end
|
60
|
+
|
53
61
|
def obtain_uid
|
54
62
|
@uid ||= uid_pool.lock
|
55
63
|
end
|
@@ -99,7 +107,26 @@ module TrustedSandbox
|
|
99
107
|
response
|
100
108
|
rescue Timeout::Error => e
|
101
109
|
logs = @container.logs(stdout: true, stderr: true)
|
102
|
-
TrustedSandbox::Response.
|
110
|
+
TrustedSandbox::Response.error(e, TrustedSandbox::ExecutionTimeoutError, logs)
|
111
|
+
end
|
112
|
+
|
113
|
+
# @return [TrustedSandbox::Response]
|
114
|
+
def shortcut(klass, *args)
|
115
|
+
output, stdout, stderr = Timeout.timeout(config.execution_timeout) do
|
116
|
+
begin
|
117
|
+
$stdout = StringIO.new
|
118
|
+
$stderr = StringIO.new
|
119
|
+
[klass.new(*args).run, $stdout.string, $stderr.string]
|
120
|
+
ensure
|
121
|
+
$stdout = STDOUT
|
122
|
+
$stderr = STDERR
|
123
|
+
end
|
124
|
+
end
|
125
|
+
TrustedSandbox::Response.shortcut output, stdout, stderr
|
126
|
+
rescue Timeout::Error => e
|
127
|
+
TrustedSandbox::Response.error(e, TrustedSandbox::ExecutionTimeoutError, stdout, stderr)
|
128
|
+
rescue => e
|
129
|
+
TrustedSandbox::Response.error(e, TrustedSandbox::UserCodeError, stdout, stderr)
|
103
130
|
end
|
104
131
|
|
105
132
|
def remove_container
|
@@ -9,19 +9,39 @@ module TrustedSandbox
|
|
9
9
|
# @param host_code_dir_path [String] path to the folder where the argument value needs to be stored
|
10
10
|
# @param output_file_name [String] name of output file inside the host_code_dir_path
|
11
11
|
def initialize(stdout = nil, stderr = nil, host_code_dir_path = nil, output_file_name = nil)
|
12
|
-
@stdout = stdout
|
13
|
-
@stderr = stderr
|
12
|
+
@stdout = [stdout].flatten.compact
|
13
|
+
@stderr = [stderr].flatten.compact
|
14
14
|
@host_code_dir_path = host_code_dir_path
|
15
15
|
@output_file_name = output_file_name
|
16
16
|
end
|
17
17
|
|
18
|
-
#
|
19
|
-
|
20
|
-
|
18
|
+
# = Alternative initializers
|
19
|
+
|
20
|
+
# @param error [StandardError] error object that was raised during execution of the code
|
21
|
+
# @param error_to_raise [Class] an error class in the TrustedSandbox module.
|
22
|
+
# @param stdout [String]
|
23
|
+
# @param stderr [String]
|
24
|
+
# @return [Response] object initialized with error details
|
25
|
+
def self.error(error, error_to_raise, stdout = nil, stderr = nil)
|
26
|
+
obj = new(stdout, stderr)
|
21
27
|
obj.instance_eval do
|
22
28
|
@status = 'error'
|
23
|
-
@error =
|
24
|
-
@error_to_raise =
|
29
|
+
@error = error
|
30
|
+
@error_to_raise = error_to_raise.new(error)
|
31
|
+
end
|
32
|
+
obj
|
33
|
+
end
|
34
|
+
|
35
|
+
# This is used when user decides not to go through docker
|
36
|
+
# @param output [Object] the result of the code execution
|
37
|
+
# @param stdout [String]
|
38
|
+
# @param stderr [String]
|
39
|
+
# @return [Response] object initialized with output
|
40
|
+
def self.shortcut(output, stdout = nil, stderr = nil)
|
41
|
+
obj = new(stdout, stderr)
|
42
|
+
obj.instance_eval do
|
43
|
+
@status = 'success'
|
44
|
+
@output = output
|
25
45
|
end
|
26
46
|
obj
|
27
47
|
end
|
data/lib/trusted_sandbox.rb
CHANGED
@@ -8,7 +8,7 @@ module TrustedSandbox
|
|
8
8
|
require 'trusted_sandbox/general_purpose'
|
9
9
|
require 'trusted_sandbox/request_serializer'
|
10
10
|
require 'trusted_sandbox/response'
|
11
|
-
require 'trusted_sandbox/
|
11
|
+
require 'trusted_sandbox/host_runner'
|
12
12
|
require 'trusted_sandbox/uid_pool'
|
13
13
|
require 'trusted_sandbox/version'
|
14
14
|
|
@@ -65,7 +65,7 @@ module TrustedSandbox
|
|
65
65
|
end
|
66
66
|
|
67
67
|
def self.new_runner(config_override = {})
|
68
|
-
|
68
|
+
HostRunner.new(config, uid_pool, config_override)
|
69
69
|
end
|
70
70
|
end
|
71
71
|
|
@@ -82,4 +82,48 @@ describe 'integration testing' do
|
|
82
82
|
response.error_to_raise.is_a?(TrustedSandbox::ExecutionTimeoutError).should == true
|
83
83
|
end
|
84
84
|
end
|
85
|
+
|
86
|
+
describe 'shortcut used' do
|
87
|
+
before do
|
88
|
+
dont_allow(Docker::Container).create
|
89
|
+
end
|
90
|
+
context 'no issue' do
|
91
|
+
it 'works' do
|
92
|
+
TrustedSandbox.with_options(shortcut: true) do |s|
|
93
|
+
s.run_code!('input[:x] ** 2', input: {x: 10}).should == 100
|
94
|
+
end
|
95
|
+
|
96
|
+
response = TrustedSandbox.with_options(shortcut: true) do |s|
|
97
|
+
s.run_code('puts "hi"; input[:x] ** 2', input: {x: 10})
|
98
|
+
end
|
99
|
+
response.valid?.should == true
|
100
|
+
response.output.should == 100
|
101
|
+
response.stdout.should == ["hi\n"]
|
102
|
+
end
|
103
|
+
end
|
104
|
+
|
105
|
+
context 'timeout' do
|
106
|
+
it 'raises error' do
|
107
|
+
response = TrustedSandbox.with_options(shortcut: true, execution_timeout: 1) do |s|
|
108
|
+
s.run_code('puts "hi"; while true; end')
|
109
|
+
end
|
110
|
+
response.valid?.should == false
|
111
|
+
response.error.is_a?(Timeout::Error).should == true
|
112
|
+
response.error_to_raise.is_a?(TrustedSandbox::ExecutionTimeoutError).should == true
|
113
|
+
end
|
114
|
+
end
|
115
|
+
|
116
|
+
context 'user error' do
|
117
|
+
it 'raises error' do
|
118
|
+
expect {TrustedSandbox.with_options(shortcut: true) {|s| s.run_code!('asfsadf')}}.to raise_error(TrustedSandbox::UserCodeError)
|
119
|
+
|
120
|
+
response = TrustedSandbox.with_options(shortcut: true) {|s| s.run_code('asfsadf') }
|
121
|
+
response.valid?.should == false
|
122
|
+
response.output.should == nil
|
123
|
+
response.status.should == 'error'
|
124
|
+
response.error.is_a?(NameError).should == true
|
125
|
+
response.error_to_raise.is_a?(TrustedSandbox::UserCodeError).should == true
|
126
|
+
end
|
127
|
+
end
|
128
|
+
end
|
85
129
|
end
|
@@ -1,6 +1,6 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
|
3
|
-
describe TrustedSandbox::
|
3
|
+
describe TrustedSandbox::HostRunner do
|
4
4
|
|
5
5
|
before do
|
6
6
|
@defaults = TrustedSandbox::Defaults.send(:new).override(quiet_mode: true)
|
@@ -12,17 +12,17 @@ describe TrustedSandbox::Runner do
|
|
12
12
|
before do
|
13
13
|
mock(@uid_pool).lock { 100 }
|
14
14
|
mock(@uid_pool).release(100) {}
|
15
|
-
@subject = TrustedSandbox::
|
15
|
+
@subject = TrustedSandbox::HostRunner.new @defaults, @uid_pool, keep_code_folders: false
|
16
16
|
stub(@subject).create_container
|
17
17
|
stub(@subject).start_container
|
18
18
|
end
|
19
19
|
|
20
20
|
it 'locks and releases from UID pool' do
|
21
|
-
@subject.run TrustedSandbox::
|
21
|
+
@subject.run TrustedSandbox::HostRunner
|
22
22
|
end
|
23
23
|
|
24
24
|
it 'deletes the code folder' do
|
25
|
-
@subject.run TrustedSandbox::
|
25
|
+
@subject.run TrustedSandbox::HostRunner
|
26
26
|
Dir.exists?(@subject.send(:code_dir_path)).should == false
|
27
27
|
end
|
28
28
|
end
|
@@ -31,17 +31,17 @@ describe TrustedSandbox::Runner do
|
|
31
31
|
before do
|
32
32
|
mock(@uid_pool).lock { 100 }
|
33
33
|
dont_allow(@uid_pool).release
|
34
|
-
@subject = TrustedSandbox::
|
34
|
+
@subject = TrustedSandbox::HostRunner.new @defaults, @uid_pool, keep_code_folders: true
|
35
35
|
stub(@subject).create_container
|
36
36
|
stub(@subject).start_container
|
37
37
|
end
|
38
38
|
|
39
39
|
it 'locks but does not release from UID pool' do
|
40
|
-
@subject.run TrustedSandbox::
|
40
|
+
@subject.run TrustedSandbox::HostRunner
|
41
41
|
end
|
42
42
|
|
43
43
|
it 'does not delete the code folder' do
|
44
|
-
@subject.run TrustedSandbox::
|
44
|
+
@subject.run TrustedSandbox::HostRunner
|
45
45
|
Dir.exists?(@subject.send(:code_dir_path)).should == true
|
46
46
|
end
|
47
47
|
end
|
@@ -68,32 +68,32 @@ describe TrustedSandbox::Runner do
|
|
68
68
|
|
69
69
|
context 'keep_containers=true' do
|
70
70
|
before do
|
71
|
-
@subject = TrustedSandbox::
|
71
|
+
@subject = TrustedSandbox::HostRunner.new @defaults, @uid_pool, keep_containers: true
|
72
72
|
dont_allow(@container).delete
|
73
73
|
end
|
74
74
|
|
75
75
|
it 'does not delete the container' do
|
76
|
-
@subject.run TrustedSandbox::
|
76
|
+
@subject.run TrustedSandbox::HostRunner
|
77
77
|
end
|
78
78
|
end
|
79
79
|
|
80
80
|
context 'keep_containers=false' do
|
81
81
|
before do
|
82
|
-
@subject = TrustedSandbox::
|
82
|
+
@subject = TrustedSandbox::HostRunner.new @defaults, @uid_pool, keep_containers: false
|
83
83
|
mock(@container).delete(force: true) {}
|
84
84
|
end
|
85
85
|
|
86
86
|
it 'does not delete the container' do
|
87
|
-
@subject.run TrustedSandbox::
|
87
|
+
@subject.run TrustedSandbox::HostRunner
|
88
88
|
end
|
89
89
|
end
|
90
90
|
|
91
91
|
context 'basic request parameters' do
|
92
92
|
before do
|
93
|
-
@subject = TrustedSandbox::
|
93
|
+
@subject = TrustedSandbox::HostRunner.new @defaults, @uid_pool, cpu_shares: 5, memory_limit: 100,
|
94
94
|
docker_image_name: 'image', container_code_path: '/code',
|
95
95
|
network_access: false, keep_containers: true
|
96
|
-
@subject.run TrustedSandbox::
|
96
|
+
@subject.run TrustedSandbox::HostRunner
|
97
97
|
end
|
98
98
|
|
99
99
|
it 'sends the right requests' do
|
@@ -104,8 +104,8 @@ describe TrustedSandbox::Runner do
|
|
104
104
|
|
105
105
|
context 'enable_quotas=true' do
|
106
106
|
before do
|
107
|
-
@subject = TrustedSandbox::
|
108
|
-
@subject.run TrustedSandbox::
|
107
|
+
@subject = TrustedSandbox::HostRunner.new @defaults, @uid_pool, enable_quotas: true, keep_containers: true
|
108
|
+
@subject.run TrustedSandbox::HostRunner
|
109
109
|
end
|
110
110
|
|
111
111
|
it 'sends the right request' do
|
@@ -115,8 +115,8 @@ describe TrustedSandbox::Runner do
|
|
115
115
|
|
116
116
|
context 'enable_quotas=false' do
|
117
117
|
before do
|
118
|
-
@subject = TrustedSandbox::
|
119
|
-
@subject.run TrustedSandbox::
|
118
|
+
@subject = TrustedSandbox::HostRunner.new @defaults, @uid_pool, enable_quotas: false, keep_containers: true
|
119
|
+
@subject.run TrustedSandbox::HostRunner
|
120
120
|
end
|
121
121
|
|
122
122
|
it 'sends the right request' do
|
@@ -126,8 +126,8 @@ describe TrustedSandbox::Runner do
|
|
126
126
|
|
127
127
|
context 'enable_swap_limit=true' do
|
128
128
|
before do
|
129
|
-
@subject = TrustedSandbox::
|
130
|
-
@subject.run TrustedSandbox::
|
129
|
+
@subject = TrustedSandbox::HostRunner.new @defaults, @uid_pool, enable_swap_limit: true, memory_swap_limit: 200, keep_containers: true
|
130
|
+
@subject.run TrustedSandbox::HostRunner
|
131
131
|
end
|
132
132
|
|
133
133
|
it 'sends the right request' do
|
@@ -137,8 +137,8 @@ describe TrustedSandbox::Runner do
|
|
137
137
|
|
138
138
|
context 'enable_swap_limit=false' do
|
139
139
|
before do
|
140
|
-
@subject = TrustedSandbox::
|
141
|
-
@subject.run TrustedSandbox::
|
140
|
+
@subject = TrustedSandbox::HostRunner.new @defaults, @uid_pool, enable_swap_limit: false, memory_swap_limit: 200, keep_containers: true
|
141
|
+
@subject.run TrustedSandbox::HostRunner
|
142
142
|
end
|
143
143
|
|
144
144
|
it 'sends the right request' do
|
@@ -148,8 +148,8 @@ describe TrustedSandbox::Runner do
|
|
148
148
|
|
149
149
|
context 'network_access=true' do
|
150
150
|
before do
|
151
|
-
@subject = TrustedSandbox::
|
152
|
-
@subject.run TrustedSandbox::
|
151
|
+
@subject = TrustedSandbox::HostRunner.new @defaults, @uid_pool, network_access: true, keep_containers: true
|
152
|
+
@subject.run TrustedSandbox::HostRunner
|
153
153
|
end
|
154
154
|
|
155
155
|
it 'sends the right request' do
|
@@ -159,8 +159,8 @@ describe TrustedSandbox::Runner do
|
|
159
159
|
|
160
160
|
context 'network_access=false' do
|
161
161
|
before do
|
162
|
-
@subject = TrustedSandbox::
|
163
|
-
@subject.run TrustedSandbox::
|
162
|
+
@subject = TrustedSandbox::HostRunner.new @defaults, @uid_pool, network_access: false, keep_containers: true
|
163
|
+
@subject.run TrustedSandbox::HostRunner
|
164
164
|
end
|
165
165
|
|
166
166
|
it 'sends the right request' do
|
@@ -168,4 +168,18 @@ describe TrustedSandbox::Runner do
|
|
168
168
|
end
|
169
169
|
end
|
170
170
|
end
|
171
|
+
|
172
|
+
# See more in integration testing
|
173
|
+
describe 'shortcut used' do
|
174
|
+
before do
|
175
|
+
dont_allow(TrustedSandbox::RequestSerializer).new
|
176
|
+
dont_allow(@uid_pool).lock
|
177
|
+
dont_allow(Docker::Container).create
|
178
|
+
@subject = TrustedSandbox::HostRunner.new @defaults, @uid_pool, shortcut: true
|
179
|
+
end
|
180
|
+
|
181
|
+
it 'works' do
|
182
|
+
@subject.run_code!('true').should == true
|
183
|
+
end
|
184
|
+
end
|
171
185
|
end
|
@@ -19,8 +19,8 @@ describe TrustedSandbox::Response do
|
|
19
19
|
it 'instantiates correctly' do
|
20
20
|
@subject.host_code_dir_path.should == @tmp_path
|
21
21
|
@subject.output_file_name.should == @file_name
|
22
|
-
@subject.stdout.should == 'stdout'
|
23
|
-
@subject.stderr.should == 'stderr'
|
22
|
+
@subject.stdout.should == ['stdout']
|
23
|
+
@subject.stderr.should == ['stderr']
|
24
24
|
end
|
25
25
|
|
26
26
|
it 'parses the file correctly' do
|
@@ -64,9 +64,9 @@ describe TrustedSandbox::Response do
|
|
64
64
|
@subject.raw_response.should == {status: 'unexpected', output: 'hi', error: @err}
|
65
65
|
@subject.status.should == 'error'
|
66
66
|
@subject.output.should == nil
|
67
|
-
@subject.error.is_a?(TrustedSandbox::
|
68
|
-
@subject.error_to_raise.is_a?(TrustedSandbox::
|
69
|
-
expect {@subject.output!}.to raise_error(TrustedSandbox::
|
67
|
+
@subject.error.is_a?(TrustedSandbox::InternalError).should == true
|
68
|
+
@subject.error_to_raise.is_a?(TrustedSandbox::InternalError).should == true
|
69
|
+
expect {@subject.output!}.to raise_error(TrustedSandbox::InternalError)
|
70
70
|
@subject.valid?.should == false
|
71
71
|
end
|
72
72
|
end
|
@@ -81,7 +81,7 @@ describe TrustedSandbox::Response do
|
|
81
81
|
@subject.raw_response.should == nil
|
82
82
|
@subject.status.should == 'error'
|
83
83
|
@subject.output.should == nil
|
84
|
-
@subject.error.is_a?(
|
84
|
+
@subject.error.is_a?(TrustedSandbox::ContainerError).should == true
|
85
85
|
@subject.error_to_raise.is_a?(TrustedSandbox::ContainerError).should == true
|
86
86
|
expect {@subject.output!}.to raise_error(TrustedSandbox::ContainerError)
|
87
87
|
@subject.valid?.should == false
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: trusted-sandbox
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amit Aharoni
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-11-
|
11
|
+
date: 2014-11-06 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -120,9 +120,9 @@ files:
|
|
120
120
|
- lib/trusted_sandbox/defaults.rb
|
121
121
|
- lib/trusted_sandbox/errors.rb
|
122
122
|
- lib/trusted_sandbox/general_purpose.rb
|
123
|
+
- lib/trusted_sandbox/host_runner.rb
|
123
124
|
- lib/trusted_sandbox/request_serializer.rb
|
124
125
|
- lib/trusted_sandbox/response.rb
|
125
|
-
- lib/trusted_sandbox/runner.rb
|
126
126
|
- lib/trusted_sandbox/server_images/ruby-2.1.2/Dockerfile
|
127
127
|
- lib/trusted_sandbox/server_images/ruby-2.1.2/Gemfile
|
128
128
|
- lib/trusted_sandbox/server_images/ruby-2.1.2/bundle_config
|
@@ -133,9 +133,9 @@ files:
|
|
133
133
|
- spec/integration/integration_spec.rb
|
134
134
|
- spec/integration/quota_spec.rb
|
135
135
|
- spec/lib/trusted_sandbox/config_spec.rb
|
136
|
+
- spec/lib/trusted_sandbox/host_runner_spec.rb
|
136
137
|
- spec/lib/trusted_sandbox/request_serializer_spec.rb
|
137
138
|
- spec/lib/trusted_sandbox/response_spec.rb
|
138
|
-
- spec/lib/trusted_sandbox/runner_spec.rb
|
139
139
|
- spec/lib/trusted_sandbox/uid_pool_spec.rb
|
140
140
|
- spec/lib/trusted_sandbox_spec.rb
|
141
141
|
- spec/spec_helper.rb
|
@@ -168,9 +168,9 @@ test_files:
|
|
168
168
|
- spec/integration/integration_spec.rb
|
169
169
|
- spec/integration/quota_spec.rb
|
170
170
|
- spec/lib/trusted_sandbox/config_spec.rb
|
171
|
+
- spec/lib/trusted_sandbox/host_runner_spec.rb
|
171
172
|
- spec/lib/trusted_sandbox/request_serializer_spec.rb
|
172
173
|
- spec/lib/trusted_sandbox/response_spec.rb
|
173
|
-
- spec/lib/trusted_sandbox/runner_spec.rb
|
174
174
|
- spec/lib/trusted_sandbox/uid_pool_spec.rb
|
175
175
|
- spec/lib/trusted_sandbox_spec.rb
|
176
176
|
- spec/spec_helper.rb
|