Closed benjaminkostiuk closed 3 years ago
Ideas: Run test cases with 3 layers of security:
ulimit
:-v
virtual memory-s
stack memory-u
user processes-f
size of files written-n
number of open file descriptors-m
max memory sizetimeout
--signal
Signal to send. Send either SIGTERM
or SIGKILL
--kill-after
Forcefully kill the process if not terminated after the appropriate time--memory
set a memory limit on the build--rm
--env
or --env-file
--memory
Limit memory--ulimit
Set ulimits on the container--stop-signal
Set the signal to SIGKILL
--stop-timeout
Set a timeout in seconds before killing the container and sending the --stop-signal
Also use --cache-from
to speed up builds on individual test cases.
Build Dockerfile using tags for each submission id and place the COPY instruction for all files except the test file to be run. See https://stackoverflow.com/questions/43747776/copy-with-docker-but-with-exclusion. First copy should be on earlier layer, then run copy for test file later.
Reasearch more how to run the test cases in a docker container to prevent malicious code. The run endpoint should work for python test cases.