Add support for running test cases in Docker containers

[benjaminkostiuk]

Reasearch more how to run the test cases in a docker container to prevent malicious code. The run endpoint should work for python test cases.

[benjaminkostiuk]

Ideas: Run test cases with 3 layers of security:

• Bash script to run the testing & compiling commands
  • ulimit:
  • -v virtual memory
  • -s stack memory
  • -u user processes
  • -f size of files written
  • -n number of open file descriptors
  • -m max memory size
  • timeout
  • --signal Signal to send. Send either SIGTERM or SIGKILL
  • --kill-after Forcefully kill the process if not terminated after the appropriate time
• Build a docker image
  • --memory set a memory limit on the build
• Run the docker image in a container as an executable with --rm
  • Set values for script as env variable --env or --env-file
  • --memory Limit memory
  • --ulimit Set ulimits on the container
  • --stop-signal Set the signal to SIGKILL
  • --stop-timeout Set a timeout in seconds before killing the container and sending the --stop-signal
• Attach a watchdog to the thread processing the docker command
  • Forecably kill the thread if it takes too much time.

[benjaminkostiuk]

Also use --cache-from to speed up builds on individual test cases.

[benjaminkostiuk]

Build Dockerfile using tags for each submission id and place the COPY instruction for all files except the test file to be run. See https://stackoverflow.com/questions/43747776/copy-with-docker-but-with-exclusion. First copy should be on earlier layer, then run copy for test file later.