Skip to content

Commit

Permalink
Disable sandboxing for CI runs (#99)
Browse files Browse the repository at this point in the history 
* Update sandbox.go

* Update main.go

* Update sandbox.go

* gofmt

* bump omegajail
  • Loading branch information
@frcepeda
frcepeda authored Jan 19, 2023
1 parent ef104d2 commit 640a6d0
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 1 deletion.
2 changes: 2 additions & 0 deletions cmd/omegaup-runner/main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -730,6 +730,8 @@ func main() {
if *oneshot == "ci" {
// Allow sigsys to use the fallback detector when running in CI.
oj.AllowSigsysFallback = true
// Disable sandboxing when running inside Docker.
oj.DisableSandboxing = true
}
sandbox = oj
}
Expand Down
2 changes: 1 addition & 1 deletion docker/Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM docker.pkg.github.com/omegaup/omegajail/omegajail-builder-rootfs-runtime:v3.9.0 AS base
FROM docker.pkg.github.com/omegaup/omegajail/omegajail-builder-rootfs-runtime:v3.9.4 AS base

FROM base AS builder

Expand Down
5 changes: 5 additions & 0 deletions runner/sandbox.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -140,6 +140,8 @@ type OmegajailSandbox struct {
// AllowSigsysFallback allows omegajail to use the previous implementation of
// the sigsys detector if it's running on an older pre-5.13 kernel.
AllowSigsysFallback bool

DisableSandboxing bool
}

// NewOmegajailSandbox creates a new OmegajailSandbox.
Expand Down Expand Up @@ -372,6 +374,9 @@ func (o *OmegajailSandbox) invokeOmegajail(ctx *common.Context, omegajailParams
if o.AllowSigsysFallback {
omegajailFullParams = append(omegajailFullParams, "--allow-sigsys-fallback")
}
if o.DisableSandboxing {
omegajailFullParams = append(omegajailFullParams, "--disable-sandboxing")
}
omegajailFullParams = append(omegajailFullParams, omegajailParams...)
ctx.Log.Debug(
"invoking",
Expand Down

0 comments on commit 640a6d0

Please sign in to comment.