language based test segregation #2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Python3 Integration Tests | |
| on: | |
| push: | |
| branches: | |
| - "**" | |
| pull_request: | |
| jobs: | |
| test-filesystem-isolation: | |
| name: "Language Gap: Python3 Filesystem Isolation (Expected Fail)" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: go.mod | |
| - name: Install native dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y gcc libc6-dev python3 | |
| - name: Run filesystem isolation subtest | |
| env: | |
| ENABLE_QUEUE: "false" | |
| run: sudo -E go test -v -run 'TestContainerizationAPISecurityIntegrationPython3/file privacy across request IDs' ./... | |
| test-disk-cleanup: | |
| name: "Language Gap: Python3 Disk Cleanup (Expected Fail)" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: go.mod | |
| - name: Install native dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y gcc libc6-dev python3 | |
| - name: Run disk cleanup subtest | |
| env: | |
| ENABLE_QUEUE: "false" | |
| run: sudo -E go test -v -run 'TestContainerizationAPISecurityIntegrationPython3/disk spammer is terminated and data is reclaimed' ./... | |
| test-fork-bomb: | |
| name: "Language Gap: Python3 Fork Bomb Containment (Expected Fail)" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: go.mod | |
| - name: Install native dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y gcc libc6-dev python3 | |
| - name: Run fork bomb subtest | |
| env: | |
| ENABLE_QUEUE: "false" | |
| run: sudo -E go test -v -run 'TestContainerizationAPISecurityIntegrationPython3/fork bomb does not poison subsequent requests' ./... | |
| test-network-isolation: | |
| name: "Language Gap: Python3 Network Isolation (Expected Fail)" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: go.mod | |
| - name: Install native dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y gcc libc6-dev python3 | |
| - name: Run network isolation subtest | |
| env: | |
| ENABLE_QUEUE: "false" | |
| run: sudo -E go test -v -run 'TestContainerizationAPISecurityIntegrationPython3/network namespace blocks localhost bridge' ./... | |
| test-memory-oom: | |
| name: "Language Gap: Python3 Memory OOM (Expected Fail)" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: go.mod | |
| - name: Install native dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y gcc libc6-dev python3 | |
| - name: Run memory OOM subtest | |
| env: | |
| ENABLE_QUEUE: "false" | |
| run: sudo -E go test -v -run 'TestContainerizationAPISecurityIntegrationPython3/memory hard limit triggers oom kill' ./... | |
| test-io-flood: | |
| name: "Language Gap: Python3 I/O Flood (Expected Fail)" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: go.mod | |
| - name: Install native dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y gcc libc6-dev python3 | |
| - name: Run I/O flood subtest | |
| env: | |
| ENABLE_QUEUE: "false" | |
| run: sudo -E go test -v -run 'TestContainerizationAPISecurityIntegrationPython3/io flood is bounded and returns before timeout' ./... | |
| test-signal-trap: | |
| name: "Language Gap: Python3 Signal Trap Timeout (Expected Fail)" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: go.mod | |
| - name: Install native dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y gcc libc6-dev python3 | |
| - name: Run signal trap subtest | |
| env: | |
| ENABLE_QUEUE: "false" | |
| run: sudo -E go test -v -run 'TestContainerizationAPISecurityIntegrationPython3/signal trap cannot survive forced timeout' ./... | |
| test-orphan-reaping: | |
| name: "Language Gap: Python3 Orphan Reaping (Expected Fail)" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: go.mod | |
| - name: Install native dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y gcc libc6-dev python3 | |
| - name: Run orphan reaping subtest | |
| env: | |
| ENABLE_QUEUE: "false" | |
| run: sudo -E go test -v -run 'TestContainerizationAPISecurityIntegrationPython3/orphan grandchild is reaped after request exits' ./... | |
| test-inode-exhaustion: | |
| name: "Language Gap: Python3 Inode Exhaustion (Expected Fail)" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: go.mod | |
| - name: Install native dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y gcc libc6-dev python3 | |
| - name: Run inode exhaustion subtest | |
| env: | |
| ENABLE_QUEUE: "false" | |
| run: sudo -E go test -v -run 'TestContainerizationAPISecurityIntegrationPython3/inode bomb does not poison host temp filesystem' ./... | |
| test-privileged-syscall: | |
| name: "Language Gap: Python3 Privileged Syscall Denial (Expected Fail)" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: go.mod | |
| - name: Install native dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y gcc libc6-dev python3 | |
| - name: Run privileged syscall subtest | |
| env: | |
| ENABLE_QUEUE: "false" | |
| run: sudo -E go test -v -run 'TestContainerizationAPISecurityIntegrationPython3/privileged reboot syscall is denied' ./... |