exercism/analyzer-pipeline
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Adding new configurator

Browse Source
This commit is contained in:
Charles Care
2019-08-14 08:36:16 +01:00
parent 78f0954c26
commit 859869bdaf
8 changed files with 341 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
Gemfile
View File

@@ -5,3 +5,10 @@ gem "mandate"
gem "propono" gem "propono"
gem "rugged" gem "rugged"
gem 'aws-sdk-ecr' gem 'aws-sdk-ecr'
group :development, :test do
# gem "bundler"
gem "rake"
gem "mocha"
gem "minitest"
end

7
Gemfile.lock
View File

@@ -29,10 +29,14 @@ GEM
concurrent-ruby (~> 1.0) concurrent-ruby (~> 1.0)
jmespath (1.4.0) jmespath (1.4.0)
mandate (0.2.0) mandate (0.2.0)
metaclass (0.0.4)
minitest (5.11.3) minitest (5.11.3)
mocha (1.9.0)
metaclass (~> 0.0.1)
propono (2.1.0) propono (2.1.0)
aws-sdk-sns aws-sdk-sns
aws-sdk-sqs aws-sdk-sqs
rake (12.3.3)
rugged (0.28.2) rugged (0.28.2)
thread_safe (0.3.6) thread_safe (0.3.6)
tzinfo (1.2.5) tzinfo (1.2.5)
@@ -45,7 +49,10 @@ DEPENDENCIES
activesupport activesupport
aws-sdk-ecr aws-sdk-ecr
mandate mandate
minitest
mocha
propono propono
rake
rugged rugged
BUNDLED WITH BUNDLED WITH

10
Rakefile Normal file
View File

@@ -0,0 +1,10 @@
require "rake/testtask"
Rake::TestTask.new(:test) do |t|
t.libs << "test"
t.libs << "lib"
t.warning = false
t.test_files = FileList["test/**/*_test.rb"]
end
task :default => :test

1
lib/pipeline.rb
View File

@@ -20,3 +20,4 @@ end
require "pipeline/analyzer_repo" require "pipeline/analyzer_repo"
require "pipeline/analyzer_build" require "pipeline/analyzer_build"
require "pipeline/validate_build" require "pipeline/validate_build"
require "pipeline/util/runc_configurator"

177
lib/pipeline/util/runc_configurator.rb Normal file
View File

@@ -0,0 +1,177 @@
module Pipeline::Util
class RuncConfigurator
attr_accessor :uid_id, :gid_id, :invocation_args
def seed_from_env
@uid_id = `id -u`.chomp
@gid_id = `id -g`.chomp
@invocation_args = []
end
def build
config = <<-EOS
{
"ociVersion": "1.0.1-dev",
"process": {
"terminal": false,
"user": {
"uid": 0,
"gid": 0
},
"env": [
"GEM_HOME=/usr/local/bundle",
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"TERM=xterm"
],
"cwd": "/opt/analyzer",
"rlimits": [
{
"type": "RLIMIT_NOFILE",
"hard": 1024,
"soft": 1024
}
],
"noNewPrivileges": true
},
"root": {
"path": "./rootfs",
"readonly": true
},
"hostname": "exercism-runner",
"mounts": [
{
"destination": "/mnt/exercism-iteration",
"source": "./iteration",
"options": [ "rbind", "rw" ]
},
{
"destination": "/tmp",
"source": "./tmp",
"options": [ "rbind", "rw" ]
},
{
"destination": "/proc",
"type": "proc",
"source": "proc"
},
{
"destination": "/dev",
"type": "tmpfs",
"source": "tmpfs",
"options": [
"nosuid",
"strictatime",
"mode=755",
"size=65536k"
]
},
{
"destination": "/dev/pts",
"type": "devpts",
"source": "devpts",
"options": [
"nosuid",
"noexec",
"newinstance",
"ptmxmode=0666",
"mode=0620"
]
},
{
"destination": "/dev/shm",
"type": "tmpfs",
"source": "shm",
"options": [
"nosuid",
"noexec",
"nodev",
"mode=1777",
"size=65536k"
]
},
{
"destination": "/dev/mqueue",
"type": "mqueue",
"source": "mqueue",
"options": [
"nosuid",
"noexec",
"nodev"
]
},
{
"destination": "/sys",
"type": "none",
"source": "/sys",
"options": [
"rbind",
"nosuid",
"noexec",
"nodev",
"ro"
]
}
],
"linux": {
"uidMappings": [
{
"containerID": 0,
"hostID": #{uid_id},
"size": 1
}
],
"gidMappings": [
{
"containerID": 0,
"hostID": #{gid_id},
"size": 1
}
],
"namespaces": [
{
"type": "pid"
},
{
"type": "ipc"
},
{
"type": "uts"
},
{
"type": "mount"
},
{
"type": "user"
}
],
"maskedPaths": [
"/proc/kcore",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/sys/firmware",
"/proc/scsi"
],
"readonlyPaths": [
"/proc/asound",
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
}
}
EOS
parsed = JSON.parse(config)
parsed["process"]["args"] = invocation_args
parsed
end
def invoke_analyser_for(track_slug)
@invocation_args = ["bin/analyze.sh", track_slug, "/mnt/exercism-iteration/"]
end
end
end

117
test/pipeline/util/runc_configurator_test.rb Normal file
View File

@@ -0,0 +1,117 @@
require 'test_helper'
require 'json'
module Pipeline::Util
class RuncConfiguratorTest < Minitest::Test
attr_reader :configurator
def setup
@configurator = Pipeline::Util::RuncConfigurator.new
configurator.uid_id = 888
configurator.gid_id = 999
end
def test_can_set_uid_and_guid
@configurator = Pipeline::Util::RuncConfigurator.new
assert_nil configurator.uid_id
assert_nil configurator.gid_id
configurator.uid_id = 123
configurator.gid_id = 456
assert_equal 123, configurator.uid_id
assert_equal 456, configurator.gid_id
end
# Probably platform dependent
def test_can_seed_guid_and_uid
@configurator = Pipeline::Util::RuncConfigurator.new
assert_nil configurator.uid_id
assert_nil configurator.gid_id
configurator.seed_from_env
refute configurator.uid_id.nil?
refute configurator.gid_id.nil?
end
def test_build_config_has_correct_process_defaults
config = configurator.build
refute config.nil?
assert_equal "1.0.1-dev", config["ociVersion"]
assert_equal "exercism-runner", config["hostname"]
assert_equal 0, config["process"]["user"]["uid"]
assert_equal 0, config["process"]["user"]["gid"]
assert_equal true, config["process"]["noNewPrivileges"]
assert_equal "RLIMIT_NOFILE", config["process"]["rlimits"][0]["type"]
assert_equal 1024, config["process"]["rlimits"][0]["hard"]
assert_equal 1024, config["process"]["rlimits"][0]["soft"]
end
def test_build_config_has_correct_custom_mounts
config = configurator.build
refute config.nil?
assert_equal "./rootfs", config["root"]["path"]
assert_equal true, config["root"]["readonly"]
mounts = config["mounts"]
refute mounts.nil?
mount = mounts.select {|m| m["destination"] == "/mnt/exercism-iteration"}.first
refute mount.nil?
assert_equal "./iteration", mount["source"]
assert_equal [ "rbind", "rw" ], mount["options"]
mount = mounts.select {|m| m["destination"] == "/tmp"}.first
refute mount.nil?
assert_equal "./tmp", mount["source"]
assert_equal [ "rbind", "rw" ], mount["options"]
end
def test_build_config_has_correct_custom_mounts
config = configurator.build
refute config.nil?
assert_equal 0, config["linux"]["uidMappings"][0]["containerID"]
assert_equal 888, config["linux"]["uidMappings"][0]["hostID"]
assert_equal 1, config["linux"]["uidMappings"][0]["size"]
assert_equal 0, config["linux"]["gidMappings"][0]["containerID"]
assert_equal 999, config["linux"]["gidMappings"][0]["hostID"]
assert_equal 1, config["linux"]["gidMappings"][0]["size"]
end
def test_build_config_has_correct_invocation
configurator.invoke_analyser_for("two-fer")
config = configurator.build
refute config.nil?
assert_equal false, config["process"]["terminal"]
assert_equal "/opt/analyzer", config["process"]["cwd"]
expected_args = ["bin/analyze.sh", "two-fer", "/mnt/exercism-iteration/"]
assert_equal expected_args, config["process"]["args"]
end
def test_build_config_has_correct_invocation
configurator.invoke_analyser_for("two-fer")
config = configurator.build
refute config.nil?
assert_equal false, config["process"]["terminal"]
assert_equal "/opt/analyzer", config["process"]["cwd"]
expected_args = ["bin/analyze.sh", "two-fer", "/mnt/exercism-iteration/"]
assert_equal expected_args, config["process"]["args"]
end
end
end

12
test/spike_test.rb Normal file
View File

@@ -0,0 +1,12 @@
# require 'test_helper'
# require 'json'
#
# module Pipeline
# class SpikeTest < Minitest::Test
#
# def test_dummy
# Pipeline.spike
# end
#
# end
# end

10
test/test_helper.rb Normal file
View File

@@ -0,0 +1,10 @@
ENV["env"] = "test"
gem "minitest"
require "minitest/autorun"
require "minitest/pride"
require "minitest/mock"
require "mocha/setup"
$LOAD_PATH.unshift File.expand_path("../../lib", __FILE__)
require "pipeline"