mirror of
https://github.com/anthropic-experimental/sandbox-runtime.git
synced 2026-05-07 06:01:25 +08:00
7f650392ee
* Bake BPF filter into apply-seccomp, build in CI
The unix-block BPF filter is now generated as a C header at build time
and compiled directly into apply-seccomp. The separate .bpf file is gone,
as is the TS machinery that found, loaded, and tracked it.
vendor/seccomp/build.ts compiles the BPF generator, runs it for both
x64 and arm64, writes the bytes into unix-block-bpf.h, then compiles
apply-seccomp with that header #included. An #if defined(__x86_64__) /
#elif defined(__aarch64__) block in the header picks the right filter
at compile time.
The built binaries are no longer committed. release.yml runs a matrix
job on both an x64 and an arm64 runner, each building apply-seccomp
for its own architecture, uploading the result as an artifact. The
publish job downloads both into vendor/seccomp/{x64,arm64}/ before
npm publish, keeping the tarball layout unchanged.
* Build seccomp binaries in docker-tests CI job
* Remove stale references to on-disk BPF filter file
The two fail-closed tests in pid-namespace-isolation now test execve
failure instead of filter-file validation, since apply-seccomp no longer
takes a filter argument. README still described .bpf files in
vendor/seccomp/.
* Bump version to 0.0.47
139 lines
4.0 KiB
YAML
139 lines
4.0 KiB
YAML
name: Tests
|
|
|
|
on:
|
|
push:
|
|
branches: ['main']
|
|
pull_request:
|
|
branches: ['**']
|
|
|
|
jobs:
|
|
integration-tests:
|
|
name: Tests (${{ matrix.os }} / ${{ matrix.arch }})
|
|
runs-on: ${{ matrix.runner }}
|
|
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
include:
|
|
- arch: x86-64
|
|
runner: ubuntu-latest
|
|
os: linux
|
|
- arch: arm64
|
|
runner: ubuntu-24.04-arm
|
|
os: linux
|
|
- arch: x86-64
|
|
runner: macos-15-large
|
|
os: macos
|
|
- arch: arm64
|
|
runner: macos-14
|
|
os: macos
|
|
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: '18'
|
|
|
|
- name: Setup Bun
|
|
uses: oven-sh/setup-bun@v2
|
|
with:
|
|
bun-version: 1.3.1
|
|
|
|
- name: Install system dependencies (Linux)
|
|
if: matrix.os == 'linux'
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y bubblewrap libseccomp-dev gcc socat ripgrep apparmor-profiles zsh
|
|
|
|
- name: Enable unprivileged user namespaces (Linux)
|
|
if: matrix.os == 'linux'
|
|
run: |
|
|
# Ubuntu 24.04+ sets kernel.apparmor_restrict_unprivileged_userns=1 which
|
|
# allows unshare(CLONE_NEWUSER) but grants the new namespace zero
|
|
# capabilities. Disable it so bwrap and apply-seccomp can nest
|
|
# namespaces without needing setuid.
|
|
sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0 || true
|
|
sudo sysctl -w kernel.unprivileged_userns_clone=1 || true
|
|
|
|
# Verify bwrap can create namespaces
|
|
echo "Testing bwrap namespace creation..."
|
|
bwrap --ro-bind / / --unshare-net true && echo "✓ bwrap namespace creation works" || echo "✗ bwrap namespace creation still fails"
|
|
|
|
- name: Install system dependencies (macOS)
|
|
if: matrix.os == 'macos'
|
|
run: |
|
|
brew install ripgrep zsh
|
|
|
|
- name: Install Node dependencies
|
|
run: npm install
|
|
|
|
- name: Build seccomp binaries (Linux)
|
|
if: matrix.os == 'linux'
|
|
run: npm run build:seccomp
|
|
|
|
- name: Build project
|
|
run: npm run build
|
|
|
|
- name: Run tests
|
|
run: npm test
|
|
|
|
- name: Run Node.js fallback tests
|
|
run: node test/utils/which-node-test.mjs
|
|
|
|
- name: Upload test results
|
|
if: always()
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: test-results-${{ matrix.os }}-${{ matrix.arch }}
|
|
path: |
|
|
test-results/
|
|
*.log
|
|
if-no-files-found: ignore
|
|
|
|
docker-tests:
|
|
name: Tests (docker / ${{ matrix.arch }})
|
|
runs-on: ${{ matrix.runner }}
|
|
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
include:
|
|
- arch: x86-64
|
|
runner: ubuntu-latest
|
|
- arch: arm64
|
|
runner: ubuntu-24.04-arm
|
|
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Enable unprivileged user namespaces on host
|
|
run: |
|
|
sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0 || true
|
|
sudo sysctl -w kernel.unprivileged_userns_clone=1 || true
|
|
|
|
- name: Run srt end-to-end in unprivileged container
|
|
run: |
|
|
docker run --rm \
|
|
--security-opt seccomp=unconfined \
|
|
--security-opt apparmor=unconfined \
|
|
-v "${{ github.workspace }}:/work" \
|
|
-w /work \
|
|
-e SRT_E2E_DOCKER=1 \
|
|
ubuntu:24.04 \
|
|
bash -euo pipefail -c '
|
|
apt-get update -qq
|
|
apt-get install -y -qq bubblewrap socat ripgrep python3 curl ca-certificates unzip gcc libseccomp-dev
|
|
curl -fsSL https://bun.sh/install | bash
|
|
export PATH="$HOME/.bun/bin:$PATH"
|
|
curl -fsSL https://deb.nodesource.com/setup_18.x | bash -
|
|
apt-get install -y -qq nodejs
|
|
npm ci
|
|
npm run build:seccomp
|
|
npm run build
|
|
bun test test/docker-weak-sandbox.test.ts
|
|
'
|