simcop2387/treedeps
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Switch to a more restricted cpanm runner

Browse source
This commit is contained in:
ryan 2017-07-27 15:42:21 -07:00
parent 584e007512
commit d5f609c74c
3 changed files with 22 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
lib/Module.pm
View file

@ -7,6 +7,7 @@ use Storable;
use IPC::Run qw/run/; use IPC::Run qw/run/;
no warnings 'experimental'; no warnings 'experimental';
use Carp qw/croak carp cluck confess/; use Carp qw/croak carp cluck confess/;
use TestCpanInc;
has 'name' => (is => 'ro'); has 'name' => (is => 'ro');
has 'dist' => (is => 'ro', has 'dist' => (is => 'ro',
@ -99,17 +100,13 @@ sub get_deps {
print "Getting deps for $module\n"; print "Getting deps for $module\n";
my $out; my $out;
my $ret; my $exitcode;
for my $tries (1..3) { for my $tries (1..3) {
my @cmd = (qw|cpanm --quiet --showdeps|, $module); ($exitcode, $out) = TestCpanInc::run_cpanm(1, 30, qw/--quiet --showdeps/, $module);
warn "Failed to get deps for $module: $exitcode" if $exitcode;
$SIG{TERM}="ignore"; last unless ($exitcode);
$ret = run \@cmd, '>&', \$out;
warn "Failed to get deps for $module: $?" unless $ret;
last if ($ret);
} }
die "FATAL: no deps for $module: $out" unless $ret; die "FATAL: no deps for $module: $out" if $exitcode;
my $deps = [map {Module->new_module($_)} grep {!_is_core($_)} grep {defined $_ && $_ !~ /^\s*$/} split($/, $out)]; my $deps = [map {Module->new_module($_)} grep {!_is_core($_)} grep {defined $_ && $_ !~ /^\s*$/} split($/, $out)];

21
lib/TestCpanInc.pm
View file

@ -52,16 +52,16 @@ sub dep_order {
} }
sub run_cpanm { sub run_cpanm {
my ($module, $incstatus) = @_; my ($incstatus, $timeout, @arguments) = @_;
$ENV{PERL_USE_UNSAFE_INC} = !!$incstatus; $ENV{PERL_USE_UNSAFE_INC} = !!$incstatus;
my @cmd = (qw/perlbrew exec --with/, $perlbrew_env, qw|cpanm --reinstall --verbose |, $module); my @cmd = (qw/perlbrew exec --with/, $perlbrew_env, 'cpanm', @arguments);
my $out; my $out;
my $in=''; my $in='';
$|++; $|++;
my $timeout = 10*60; $timeout = $timeout > 0? $timeout : 600; # default to 10 min, even if you passed 0.
my $h = harness \@cmd, '<', \$in, '>&', \$out, timeout($timeout); # timeout after 10 minutes my $h = harness \@cmd, '<', \$in, '>&', \$out, timeout($timeout); # timeout after 10 minutes
eval { eval {
@ -88,17 +88,28 @@ sub run_cpanm {
return ($exitcode, $out); return ($exitcode, $out);
} }
sub test_install {
my ($module, $incstatus) = @_;
$ENV{PERL_USE_UNSAFE_INC} = !!$incstatus;
my @cmd = (qw/perlbrew exec --with/, $perlbrew_env, qw|cpanm --reinstall --verbose |, $module);
my ($exitcode, $out) = run_cpanm($incstatus, 600, qw/--reinstall --verbose/, $module);
return ($exitcode, $out);
}
sub test_module { sub test_module {
my $module = shift; my $module = shift;
return "banned module" if (Module::_is_banned($module)); return "banned module" if (Module::_is_banned($module));
remove_imc(); remove_imc();
my ($ret, $noincout) = run_cpanm($module, 0); my ($ret, $noincout) = test_install($module, 0);
if ($ret) { if ($ret) {
remove_imc(); remove_imc();
my ($ret2, $incout) = run_cpanm($module, 1); my ($ret2, $incout) = test_install($module, 1);
if (!$ret2) { if (!$ret2) {
print ">>>>Module $module failed to build without UNSAFE INC\n"; print ">>>>Module $module failed to build without UNSAFE INC\n";

BIN
modcache.stor
View file

Binary file not shown.