trusted-sandbox 0.1.2 → 0.1.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +39 -18
- data/lib/trusted_sandbox/config/trusted_sandbox.yml +5 -0
- data/lib/trusted_sandbox/config.rb +2 -1
- data/lib/trusted_sandbox/defaults.rb +1 -0
- data/lib/trusted_sandbox/{runner.rb → host_runner.rb} +37 -10
- data/lib/trusted_sandbox/response.rb +27 -7
- data/lib/trusted_sandbox/version.rb +1 -1
- data/lib/trusted_sandbox.rb +2 -2
- data/spec/integration/integration_spec.rb +44 -0
- data/spec/lib/trusted_sandbox/{runner_spec.rb → host_runner_spec.rb} +39 -25
- data/spec/lib/trusted_sandbox/response_spec.rb +6 -6
- metadata +5 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 2d4e0bcecde1af0fb5f4c06a716777e1504e319b
|
4
|
+
data.tar.gz: f89202701ed4195b50d54d16e33fcfba824c006e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7aef11d8b4ff742e7413d1aba15cf09d81df302e1cfd537557f98051b0b7d0282fb48667d00d14eddd171561a0c01766156f4135956ddd98f8de3d73613aa2f5
|
7
|
+
data.tar.gz: 1d3d9de1be89cd85e08c281272d5af13b500896d9daa2bbd0ebcc410925c5263a916c355833dbe3d003fb536b0d5a945c4b8f4c46f63fbd4cf87279b25aed051
|
data/README.md
CHANGED
@@ -207,6 +207,11 @@ keep_containers: false
|
|
207
207
|
|
208
208
|
# A folder used by the UID-pool to handle locks.
|
209
209
|
host_uid_pool_lock_path: tmp/uid_pool_lock
|
210
|
+
|
211
|
+
# When set to true the code is executed within the current process, without launching a
|
212
|
+
# Docker container. This is useful for testing and on dev machines that do not have Docker
|
213
|
+
# installed.
|
214
|
+
shortcut: false
|
210
215
|
```
|
211
216
|
|
212
217
|
### Limiting swap memory
|
@@ -348,7 +353,9 @@ possible. You can prepare a docker image with additional gems and custom Ruby cl
|
|
348
353
|
|
349
354
|
### Running containers
|
350
355
|
|
351
|
-
There are two
|
356
|
+
There are two main methods to run a container.
|
357
|
+
|
358
|
+
Use `run!` to retrieve output from the container. If the user code raised
|
352
359
|
an exception, it will be raised by `run!`.
|
353
360
|
|
354
361
|
```ruby
|
@@ -358,6 +365,25 @@ output = TrustedSandbox.run! MyFunction, "input ** 2", 10
|
|
358
365
|
Use `run` to retrieve a response object. The response object provides additional useful information about the
|
359
366
|
container execution.
|
360
367
|
|
368
|
+
Here is a success scenario:
|
369
|
+
```ruby
|
370
|
+
response = TrustedSandbox.run MyFunction, "input ** 2", 10
|
371
|
+
|
372
|
+
response.status
|
373
|
+
# => "success"
|
374
|
+
|
375
|
+
response.valid?
|
376
|
+
# => true
|
377
|
+
|
378
|
+
response.output
|
379
|
+
# => 100
|
380
|
+
|
381
|
+
response.output!
|
382
|
+
# => 100
|
383
|
+
|
384
|
+
response.error
|
385
|
+
# => nil
|
386
|
+
```
|
361
387
|
Here is an error scenario:
|
362
388
|
```ruby
|
363
389
|
response = TrustedSandbox.run MyFunction, "raise 'error!'", 10
|
@@ -388,25 +414,20 @@ puts response.stdout
|
|
388
414
|
# Can be useful for environment related errors
|
389
415
|
puts response.stderr
|
390
416
|
```
|
391
|
-
Here is a success scenario:
|
392
|
-
```ruby
|
393
|
-
response = TrustedSandbox.run MyFunction, "input ** 2", 10
|
394
|
-
|
395
|
-
response.status
|
396
|
-
# => "success"
|
397
417
|
|
398
|
-
|
399
|
-
|
400
|
-
|
401
|
-
|
402
|
-
|
403
|
-
|
404
|
-
response.output!
|
405
|
-
# => 100
|
406
|
-
|
407
|
-
response.error
|
408
|
-
# => nil
|
418
|
+
The helper methods `run_code` and `run_code!` behave similarly to `run` and `run!`. They invoke TrustedSandbox
|
419
|
+
on a `GeneralPurpose` class that performs a simple `eval`, with an ability to provide a context for the code to run in.
|
420
|
+
The following:
|
421
|
+
```ruby
|
422
|
+
TrustedSandbox.run_code! "input[:a] + input[:b]", input: {a: 1, b: 2}
|
423
|
+
# => 3
|
409
424
|
```
|
425
|
+
Is equivalent to running:
|
426
|
+
```ruby
|
427
|
+
TrustedSandbox.run! TrustedSandbox::GeneralPurpose, "input[:a] + input[:b]", input: {a: 1, b: 2}
|
428
|
+
# => 3
|
429
|
+
```
|
430
|
+
|
410
431
|
### Overriding specific invocations
|
411
432
|
|
412
433
|
To override a configuration parameter for a specific invocation, use `with_options`:
|
@@ -28,6 +28,11 @@ development:
|
|
28
28
|
keep_code_folders: false
|
29
29
|
keep_containers: false
|
30
30
|
|
31
|
+
# When set to true, code will run in the current process instead of
|
32
|
+
# a docker container. This is useful for testing and dev machines
|
33
|
+
# that do not have docker installed
|
34
|
+
shortcut: false
|
35
|
+
|
31
36
|
# When this is set to false and keep_code_folders is true, you'll
|
32
37
|
# receive helpful messages about how to connect to your containers
|
33
38
|
quiet_mode: false
|
@@ -49,7 +49,8 @@ module TrustedSandbox
|
|
49
49
|
:memory_limit, :memory_swap_limit, :cpu_shares, :docker_image_name,
|
50
50
|
:execution_timeout, :network_access, :enable_swap_limit, :enable_quotas,
|
51
51
|
:container_code_path, :container_input_filename, :container_output_filename,
|
52
|
-
:keep_code_folders, :keep_containers, :quiet_mode, :container_manifest_filename
|
52
|
+
:keep_code_folders, :keep_containers, :quiet_mode, :container_manifest_filename,
|
53
|
+
:shortcut
|
53
54
|
|
54
55
|
attr_reader_with_fallback :host_code_root_path, :host_uid_pool_lock_path
|
55
56
|
|
@@ -1,5 +1,5 @@
|
|
1
1
|
module TrustedSandbox
|
2
|
-
class
|
2
|
+
class HostRunner
|
3
3
|
|
4
4
|
attr_reader :uid_pool, :config
|
5
5
|
|
@@ -15,14 +15,11 @@ module TrustedSandbox
|
|
15
15
|
# @param *args [Array] arguments to send to klass#initialize
|
16
16
|
# @return [Response]
|
17
17
|
def run(klass, *args)
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
release_uid
|
24
|
-
remove_code_dir
|
25
|
-
remove_container
|
18
|
+
if config.shortcut
|
19
|
+
shortcut(klass, *args)
|
20
|
+
else
|
21
|
+
run_in_container(klass, *args)
|
22
|
+
end
|
26
23
|
end
|
27
24
|
|
28
25
|
# @param klass [Class] the class object that should be run
|
@@ -50,6 +47,17 @@ module TrustedSandbox
|
|
50
47
|
|
51
48
|
private
|
52
49
|
|
50
|
+
def run_in_container(klass, *args)
|
51
|
+
create_code_dir
|
52
|
+
serialize_request(klass, *args)
|
53
|
+
create_container
|
54
|
+
start_container
|
55
|
+
ensure
|
56
|
+
release_uid
|
57
|
+
remove_code_dir
|
58
|
+
remove_container
|
59
|
+
end
|
60
|
+
|
53
61
|
def obtain_uid
|
54
62
|
@uid ||= uid_pool.lock
|
55
63
|
end
|
@@ -99,7 +107,26 @@ module TrustedSandbox
|
|
99
107
|
response
|
100
108
|
rescue Timeout::Error => e
|
101
109
|
logs = @container.logs(stdout: true, stderr: true)
|
102
|
-
TrustedSandbox::Response.
|
110
|
+
TrustedSandbox::Response.error(e, TrustedSandbox::ExecutionTimeoutError, logs)
|
111
|
+
end
|
112
|
+
|
113
|
+
# @return [TrustedSandbox::Response]
|
114
|
+
def shortcut(klass, *args)
|
115
|
+
output, stdout, stderr = Timeout.timeout(config.execution_timeout) do
|
116
|
+
begin
|
117
|
+
$stdout = StringIO.new
|
118
|
+
$stderr = StringIO.new
|
119
|
+
[klass.new(*args).run, $stdout.string, $stderr.string]
|
120
|
+
ensure
|
121
|
+
$stdout = STDOUT
|
122
|
+
$stderr = STDERR
|
123
|
+
end
|
124
|
+
end
|
125
|
+
TrustedSandbox::Response.shortcut output, stdout, stderr
|
126
|
+
rescue Timeout::Error => e
|
127
|
+
TrustedSandbox::Response.error(e, TrustedSandbox::ExecutionTimeoutError, stdout, stderr)
|
128
|
+
rescue => e
|
129
|
+
TrustedSandbox::Response.error(e, TrustedSandbox::UserCodeError, stdout, stderr)
|
103
130
|
end
|
104
131
|
|
105
132
|
def remove_container
|
@@ -9,19 +9,39 @@ module TrustedSandbox
|
|
9
9
|
# @param host_code_dir_path [String] path to the folder where the argument value needs to be stored
|
10
10
|
# @param output_file_name [String] name of output file inside the host_code_dir_path
|
11
11
|
def initialize(stdout = nil, stderr = nil, host_code_dir_path = nil, output_file_name = nil)
|
12
|
-
@stdout = stdout
|
13
|
-
@stderr = stderr
|
12
|
+
@stdout = [stdout].flatten.compact
|
13
|
+
@stderr = [stderr].flatten.compact
|
14
14
|
@host_code_dir_path = host_code_dir_path
|
15
15
|
@output_file_name = output_file_name
|
16
16
|
end
|
17
17
|
|
18
|
-
#
|
19
|
-
|
20
|
-
|
18
|
+
# = Alternative initializers
|
19
|
+
|
20
|
+
# @param error [StandardError] error object that was raised during execution of the code
|
21
|
+
# @param error_to_raise [Class] an error class in the TrustedSandbox module.
|
22
|
+
# @param stdout [String]
|
23
|
+
# @param stderr [String]
|
24
|
+
# @return [Response] object initialized with error details
|
25
|
+
def self.error(error, error_to_raise, stdout = nil, stderr = nil)
|
26
|
+
obj = new(stdout, stderr)
|
21
27
|
obj.instance_eval do
|
22
28
|
@status = 'error'
|
23
|
-
@error =
|
24
|
-
@error_to_raise =
|
29
|
+
@error = error
|
30
|
+
@error_to_raise = error_to_raise.new(error)
|
31
|
+
end
|
32
|
+
obj
|
33
|
+
end
|
34
|
+
|
35
|
+
# This is used when user decides not to go through docker
|
36
|
+
# @param output [Object] the result of the code execution
|
37
|
+
# @param stdout [String]
|
38
|
+
# @param stderr [String]
|
39
|
+
# @return [Response] object initialized with output
|
40
|
+
def self.shortcut(output, stdout = nil, stderr = nil)
|
41
|
+
obj = new(stdout, stderr)
|
42
|
+
obj.instance_eval do
|
43
|
+
@status = 'success'
|
44
|
+
@output = output
|
25
45
|
end
|
26
46
|
obj
|
27
47
|
end
|
data/lib/trusted_sandbox.rb
CHANGED
@@ -8,7 +8,7 @@ module TrustedSandbox
|
|
8
8
|
require 'trusted_sandbox/general_purpose'
|
9
9
|
require 'trusted_sandbox/request_serializer'
|
10
10
|
require 'trusted_sandbox/response'
|
11
|
-
require 'trusted_sandbox/
|
11
|
+
require 'trusted_sandbox/host_runner'
|
12
12
|
require 'trusted_sandbox/uid_pool'
|
13
13
|
require 'trusted_sandbox/version'
|
14
14
|
|
@@ -65,7 +65,7 @@ module TrustedSandbox
|
|
65
65
|
end
|
66
66
|
|
67
67
|
def self.new_runner(config_override = {})
|
68
|
-
|
68
|
+
HostRunner.new(config, uid_pool, config_override)
|
69
69
|
end
|
70
70
|
end
|
71
71
|
|
@@ -82,4 +82,48 @@ describe 'integration testing' do
|
|
82
82
|
response.error_to_raise.is_a?(TrustedSandbox::ExecutionTimeoutError).should == true
|
83
83
|
end
|
84
84
|
end
|
85
|
+
|
86
|
+
describe 'shortcut used' do
|
87
|
+
before do
|
88
|
+
dont_allow(Docker::Container).create
|
89
|
+
end
|
90
|
+
context 'no issue' do
|
91
|
+
it 'works' do
|
92
|
+
TrustedSandbox.with_options(shortcut: true) do |s|
|
93
|
+
s.run_code!('input[:x] ** 2', input: {x: 10}).should == 100
|
94
|
+
end
|
95
|
+
|
96
|
+
response = TrustedSandbox.with_options(shortcut: true) do |s|
|
97
|
+
s.run_code('puts "hi"; input[:x] ** 2', input: {x: 10})
|
98
|
+
end
|
99
|
+
response.valid?.should == true
|
100
|
+
response.output.should == 100
|
101
|
+
response.stdout.should == ["hi\n"]
|
102
|
+
end
|
103
|
+
end
|
104
|
+
|
105
|
+
context 'timeout' do
|
106
|
+
it 'raises error' do
|
107
|
+
response = TrustedSandbox.with_options(shortcut: true, execution_timeout: 1) do |s|
|
108
|
+
s.run_code('puts "hi"; while true; end')
|
109
|
+
end
|
110
|
+
response.valid?.should == false
|
111
|
+
response.error.is_a?(Timeout::Error).should == true
|
112
|
+
response.error_to_raise.is_a?(TrustedSandbox::ExecutionTimeoutError).should == true
|
113
|
+
end
|
114
|
+
end
|
115
|
+
|
116
|
+
context 'user error' do
|
117
|
+
it 'raises error' do
|
118
|
+
expect {TrustedSandbox.with_options(shortcut: true) {|s| s.run_code!('asfsadf')}}.to raise_error(TrustedSandbox::UserCodeError)
|
119
|
+
|
120
|
+
response = TrustedSandbox.with_options(shortcut: true) {|s| s.run_code('asfsadf') }
|
121
|
+
response.valid?.should == false
|
122
|
+
response.output.should == nil
|
123
|
+
response.status.should == 'error'
|
124
|
+
response.error.is_a?(NameError).should == true
|
125
|
+
response.error_to_raise.is_a?(TrustedSandbox::UserCodeError).should == true
|
126
|
+
end
|
127
|
+
end
|
128
|
+
end
|
85
129
|
end
|
@@ -1,6 +1,6 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
|
3
|
-
describe TrustedSandbox::
|
3
|
+
describe TrustedSandbox::HostRunner do
|
4
4
|
|
5
5
|
before do
|
6
6
|
@defaults = TrustedSandbox::Defaults.send(:new).override(quiet_mode: true)
|
@@ -12,17 +12,17 @@ describe TrustedSandbox::Runner do
|
|
12
12
|
before do
|
13
13
|
mock(@uid_pool).lock { 100 }
|
14
14
|
mock(@uid_pool).release(100) {}
|
15
|
-
@subject = TrustedSandbox::
|
15
|
+
@subject = TrustedSandbox::HostRunner.new @defaults, @uid_pool, keep_code_folders: false
|
16
16
|
stub(@subject).create_container
|
17
17
|
stub(@subject).start_container
|
18
18
|
end
|
19
19
|
|
20
20
|
it 'locks and releases from UID pool' do
|
21
|
-
@subject.run TrustedSandbox::
|
21
|
+
@subject.run TrustedSandbox::HostRunner
|
22
22
|
end
|
23
23
|
|
24
24
|
it 'deletes the code folder' do
|
25
|
-
@subject.run TrustedSandbox::
|
25
|
+
@subject.run TrustedSandbox::HostRunner
|
26
26
|
Dir.exists?(@subject.send(:code_dir_path)).should == false
|
27
27
|
end
|
28
28
|
end
|
@@ -31,17 +31,17 @@ describe TrustedSandbox::Runner do
|
|
31
31
|
before do
|
32
32
|
mock(@uid_pool).lock { 100 }
|
33
33
|
dont_allow(@uid_pool).release
|
34
|
-
@subject = TrustedSandbox::
|
34
|
+
@subject = TrustedSandbox::HostRunner.new @defaults, @uid_pool, keep_code_folders: true
|
35
35
|
stub(@subject).create_container
|
36
36
|
stub(@subject).start_container
|
37
37
|
end
|
38
38
|
|
39
39
|
it 'locks but does not release from UID pool' do
|
40
|
-
@subject.run TrustedSandbox::
|
40
|
+
@subject.run TrustedSandbox::HostRunner
|
41
41
|
end
|
42
42
|
|
43
43
|
it 'does not delete the code folder' do
|
44
|
-
@subject.run TrustedSandbox::
|
44
|
+
@subject.run TrustedSandbox::HostRunner
|
45
45
|
Dir.exists?(@subject.send(:code_dir_path)).should == true
|
46
46
|
end
|
47
47
|
end
|
@@ -68,32 +68,32 @@ describe TrustedSandbox::Runner do
|
|
68
68
|
|
69
69
|
context 'keep_containers=true' do
|
70
70
|
before do
|
71
|
-
@subject = TrustedSandbox::
|
71
|
+
@subject = TrustedSandbox::HostRunner.new @defaults, @uid_pool, keep_containers: true
|
72
72
|
dont_allow(@container).delete
|
73
73
|
end
|
74
74
|
|
75
75
|
it 'does not delete the container' do
|
76
|
-
@subject.run TrustedSandbox::
|
76
|
+
@subject.run TrustedSandbox::HostRunner
|
77
77
|
end
|
78
78
|
end
|
79
79
|
|
80
80
|
context 'keep_containers=false' do
|
81
81
|
before do
|
82
|
-
@subject = TrustedSandbox::
|
82
|
+
@subject = TrustedSandbox::HostRunner.new @defaults, @uid_pool, keep_containers: false
|
83
83
|
mock(@container).delete(force: true) {}
|
84
84
|
end
|
85
85
|
|
86
86
|
it 'does not delete the container' do
|
87
|
-
@subject.run TrustedSandbox::
|
87
|
+
@subject.run TrustedSandbox::HostRunner
|
88
88
|
end
|
89
89
|
end
|
90
90
|
|
91
91
|
context 'basic request parameters' do
|
92
92
|
before do
|
93
|
-
@subject = TrustedSandbox::
|
93
|
+
@subject = TrustedSandbox::HostRunner.new @defaults, @uid_pool, cpu_shares: 5, memory_limit: 100,
|
94
94
|
docker_image_name: 'image', container_code_path: '/code',
|
95
95
|
network_access: false, keep_containers: true
|
96
|
-
@subject.run TrustedSandbox::
|
96
|
+
@subject.run TrustedSandbox::HostRunner
|
97
97
|
end
|
98
98
|
|
99
99
|
it 'sends the right requests' do
|
@@ -104,8 +104,8 @@ describe TrustedSandbox::Runner do
|
|
104
104
|
|
105
105
|
context 'enable_quotas=true' do
|
106
106
|
before do
|
107
|
-
@subject = TrustedSandbox::
|
108
|
-
@subject.run TrustedSandbox::
|
107
|
+
@subject = TrustedSandbox::HostRunner.new @defaults, @uid_pool, enable_quotas: true, keep_containers: true
|
108
|
+
@subject.run TrustedSandbox::HostRunner
|
109
109
|
end
|
110
110
|
|
111
111
|
it 'sends the right request' do
|
@@ -115,8 +115,8 @@ describe TrustedSandbox::Runner do
|
|
115
115
|
|
116
116
|
context 'enable_quotas=false' do
|
117
117
|
before do
|
118
|
-
@subject = TrustedSandbox::
|
119
|
-
@subject.run TrustedSandbox::
|
118
|
+
@subject = TrustedSandbox::HostRunner.new @defaults, @uid_pool, enable_quotas: false, keep_containers: true
|
119
|
+
@subject.run TrustedSandbox::HostRunner
|
120
120
|
end
|
121
121
|
|
122
122
|
it 'sends the right request' do
|
@@ -126,8 +126,8 @@ describe TrustedSandbox::Runner do
|
|
126
126
|
|
127
127
|
context 'enable_swap_limit=true' do
|
128
128
|
before do
|
129
|
-
@subject = TrustedSandbox::
|
130
|
-
@subject.run TrustedSandbox::
|
129
|
+
@subject = TrustedSandbox::HostRunner.new @defaults, @uid_pool, enable_swap_limit: true, memory_swap_limit: 200, keep_containers: true
|
130
|
+
@subject.run TrustedSandbox::HostRunner
|
131
131
|
end
|
132
132
|
|
133
133
|
it 'sends the right request' do
|
@@ -137,8 +137,8 @@ describe TrustedSandbox::Runner do
|
|
137
137
|
|
138
138
|
context 'enable_swap_limit=false' do
|
139
139
|
before do
|
140
|
-
@subject = TrustedSandbox::
|
141
|
-
@subject.run TrustedSandbox::
|
140
|
+
@subject = TrustedSandbox::HostRunner.new @defaults, @uid_pool, enable_swap_limit: false, memory_swap_limit: 200, keep_containers: true
|
141
|
+
@subject.run TrustedSandbox::HostRunner
|
142
142
|
end
|
143
143
|
|
144
144
|
it 'sends the right request' do
|
@@ -148,8 +148,8 @@ describe TrustedSandbox::Runner do
|
|
148
148
|
|
149
149
|
context 'network_access=true' do
|
150
150
|
before do
|
151
|
-
@subject = TrustedSandbox::
|
152
|
-
@subject.run TrustedSandbox::
|
151
|
+
@subject = TrustedSandbox::HostRunner.new @defaults, @uid_pool, network_access: true, keep_containers: true
|
152
|
+
@subject.run TrustedSandbox::HostRunner
|
153
153
|
end
|
154
154
|
|
155
155
|
it 'sends the right request' do
|
@@ -159,8 +159,8 @@ describe TrustedSandbox::Runner do
|
|
159
159
|
|
160
160
|
context 'network_access=false' do
|
161
161
|
before do
|
162
|
-
@subject = TrustedSandbox::
|
163
|
-
@subject.run TrustedSandbox::
|
162
|
+
@subject = TrustedSandbox::HostRunner.new @defaults, @uid_pool, network_access: false, keep_containers: true
|
163
|
+
@subject.run TrustedSandbox::HostRunner
|
164
164
|
end
|
165
165
|
|
166
166
|
it 'sends the right request' do
|
@@ -168,4 +168,18 @@ describe TrustedSandbox::Runner do
|
|
168
168
|
end
|
169
169
|
end
|
170
170
|
end
|
171
|
+
|
172
|
+
# See more in integration testing
|
173
|
+
describe 'shortcut used' do
|
174
|
+
before do
|
175
|
+
dont_allow(TrustedSandbox::RequestSerializer).new
|
176
|
+
dont_allow(@uid_pool).lock
|
177
|
+
dont_allow(Docker::Container).create
|
178
|
+
@subject = TrustedSandbox::HostRunner.new @defaults, @uid_pool, shortcut: true
|
179
|
+
end
|
180
|
+
|
181
|
+
it 'works' do
|
182
|
+
@subject.run_code!('true').should == true
|
183
|
+
end
|
184
|
+
end
|
171
185
|
end
|
@@ -19,8 +19,8 @@ describe TrustedSandbox::Response do
|
|
19
19
|
it 'instantiates correctly' do
|
20
20
|
@subject.host_code_dir_path.should == @tmp_path
|
21
21
|
@subject.output_file_name.should == @file_name
|
22
|
-
@subject.stdout.should == 'stdout'
|
23
|
-
@subject.stderr.should == 'stderr'
|
22
|
+
@subject.stdout.should == ['stdout']
|
23
|
+
@subject.stderr.should == ['stderr']
|
24
24
|
end
|
25
25
|
|
26
26
|
it 'parses the file correctly' do
|
@@ -64,9 +64,9 @@ describe TrustedSandbox::Response do
|
|
64
64
|
@subject.raw_response.should == {status: 'unexpected', output: 'hi', error: @err}
|
65
65
|
@subject.status.should == 'error'
|
66
66
|
@subject.output.should == nil
|
67
|
-
@subject.error.is_a?(TrustedSandbox::
|
68
|
-
@subject.error_to_raise.is_a?(TrustedSandbox::
|
69
|
-
expect {@subject.output!}.to raise_error(TrustedSandbox::
|
67
|
+
@subject.error.is_a?(TrustedSandbox::InternalError).should == true
|
68
|
+
@subject.error_to_raise.is_a?(TrustedSandbox::InternalError).should == true
|
69
|
+
expect {@subject.output!}.to raise_error(TrustedSandbox::InternalError)
|
70
70
|
@subject.valid?.should == false
|
71
71
|
end
|
72
72
|
end
|
@@ -81,7 +81,7 @@ describe TrustedSandbox::Response do
|
|
81
81
|
@subject.raw_response.should == nil
|
82
82
|
@subject.status.should == 'error'
|
83
83
|
@subject.output.should == nil
|
84
|
-
@subject.error.is_a?(
|
84
|
+
@subject.error.is_a?(TrustedSandbox::ContainerError).should == true
|
85
85
|
@subject.error_to_raise.is_a?(TrustedSandbox::ContainerError).should == true
|
86
86
|
expect {@subject.output!}.to raise_error(TrustedSandbox::ContainerError)
|
87
87
|
@subject.valid?.should == false
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: trusted-sandbox
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amit Aharoni
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-11-
|
11
|
+
date: 2014-11-06 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -120,9 +120,9 @@ files:
|
|
120
120
|
- lib/trusted_sandbox/defaults.rb
|
121
121
|
- lib/trusted_sandbox/errors.rb
|
122
122
|
- lib/trusted_sandbox/general_purpose.rb
|
123
|
+
- lib/trusted_sandbox/host_runner.rb
|
123
124
|
- lib/trusted_sandbox/request_serializer.rb
|
124
125
|
- lib/trusted_sandbox/response.rb
|
125
|
-
- lib/trusted_sandbox/runner.rb
|
126
126
|
- lib/trusted_sandbox/server_images/ruby-2.1.2/Dockerfile
|
127
127
|
- lib/trusted_sandbox/server_images/ruby-2.1.2/Gemfile
|
128
128
|
- lib/trusted_sandbox/server_images/ruby-2.1.2/bundle_config
|
@@ -133,9 +133,9 @@ files:
|
|
133
133
|
- spec/integration/integration_spec.rb
|
134
134
|
- spec/integration/quota_spec.rb
|
135
135
|
- spec/lib/trusted_sandbox/config_spec.rb
|
136
|
+
- spec/lib/trusted_sandbox/host_runner_spec.rb
|
136
137
|
- spec/lib/trusted_sandbox/request_serializer_spec.rb
|
137
138
|
- spec/lib/trusted_sandbox/response_spec.rb
|
138
|
-
- spec/lib/trusted_sandbox/runner_spec.rb
|
139
139
|
- spec/lib/trusted_sandbox/uid_pool_spec.rb
|
140
140
|
- spec/lib/trusted_sandbox_spec.rb
|
141
141
|
- spec/spec_helper.rb
|
@@ -168,9 +168,9 @@ test_files:
|
|
168
168
|
- spec/integration/integration_spec.rb
|
169
169
|
- spec/integration/quota_spec.rb
|
170
170
|
- spec/lib/trusted_sandbox/config_spec.rb
|
171
|
+
- spec/lib/trusted_sandbox/host_runner_spec.rb
|
171
172
|
- spec/lib/trusted_sandbox/request_serializer_spec.rb
|
172
173
|
- spec/lib/trusted_sandbox/response_spec.rb
|
173
|
-
- spec/lib/trusted_sandbox/runner_spec.rb
|
174
174
|
- spec/lib/trusted_sandbox/uid_pool_spec.rb
|
175
175
|
- spec/lib/trusted_sandbox_spec.rb
|
176
176
|
- spec/spec_helper.rb
|