Permalink
Browse files

Don't set security profile while running tests

  • Loading branch information...
mlandauer committed Apr 3, 2018
1 parent 3ba2d8a commit 600989cec121180eb7b1e57b9dbdc82c6cde6bef
Showing with 10 additions and 7 deletions.
  1. +10 −7 lib/morph/docker_runner.rb
View
@@ -59,6 +59,15 @@ def self.compile_and_start_run(
# Add another label to the created container
container_labels['io.morph.stage'] = 'running'
# Set up special security profile that allows us run chrome headless
# without setting "--no-sandbox"
# The documentation on this is non-existent but
# the seccomp in the api is not the name of the file but the contents of it
# In other words the file is uploaded client side
# From https://raw.githubusercontent.com/jfrazelle/dotfiles/master/etc/docker/seccomp/chrome.json
# Don't set things in test because it fails on travis for some reason
security_opt = Rails.env.test? ? [] : ["seccomp=#{File.read('config/chrome.json')}"]
container_options = {
'Cmd' => command,
'Image' => i3.id,
@@ -73,13 +82,7 @@ def self.compile_and_start_run(
'HostConfig' => {
# Attach this container to our special network morph
'NetworkMode' => DOCKER_NETWORK,
# Set up special security profile that allows us run chrome headless
# without setting "--no-sandbox"
# The documentation on this is non-existent but
# the seccomp in the api is not the name of the file but the contents of it
# In other words the file is uploaded client side
# From https://raw.githubusercontent.com/jfrazelle/dotfiles/master/etc/docker/seccomp/chrome.json
'SecurityOpt' => ["seccomp=#{File.read('config/chrome.json')}"]
'SecurityOpt' => security_opt
}
}

0 comments on commit 600989c

Please sign in to comment.