test: setup sandbox on linux (#3530)
Drop all the `--no-sandbox` bits from tests and infrastructure. Instead, configure Travis to enable user namespace clone.
This commit is contained in:
parent
10a4c8c123
commit
eb7bd9d7d3
@ -7,3 +7,11 @@ RUN apt-get update && \
|
||||
libxcomposite1 libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 libxrandr2 libxrender1 libxss1 \
|
||||
libxtst6 ca-certificates fonts-liberation libappindicator1 libnss3 lsb-release xdg-utils wget && \
|
||||
rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# Add user so we don't need --no-sandbox.
|
||||
RUN groupadd -r pptruser && useradd -r -g pptruser -G audio,video pptruser \
|
||||
&& mkdir -p /home/pptruser/Downloads \
|
||||
&& chown -R pptruser:pptruser /home/pptruser
|
||||
|
||||
# Run everything after as non-privileged user.
|
||||
USER pptruser
|
||||
|
@ -7,3 +7,11 @@ RUN apt-get update && \
|
||||
libxcomposite1 libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 libxrandr2 libxrender1 libxss1 \
|
||||
libxtst6 ca-certificates fonts-liberation libappindicator1 libnss3 lsb-release xdg-utils wget && \
|
||||
rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# Add user so we don't need --no-sandbox.
|
||||
RUN groupadd -r pptruser && useradd -r -g pptruser -G audio,video pptruser \
|
||||
&& mkdir -p /home/pptruser/Downloads \
|
||||
&& chown -R pptruser:pptruser /home/pptruser
|
||||
|
||||
# Run everything after as non-privileged user.
|
||||
USER pptruser
|
||||
|
@ -12,6 +12,7 @@ cache:
|
||||
- node_modules
|
||||
# allow headful tests
|
||||
before_install:
|
||||
- "sysctl kernel.unprivileged_userns_clone=1"
|
||||
- "export DISPLAY=:99.0"
|
||||
- "sh -e /etc/init.d/xvfb start"
|
||||
script:
|
||||
|
@ -55,7 +55,6 @@ module.exports.addTests = function({testRunner, expect, defaultBrowserOptions})
|
||||
const extensionOptions = Object.assign({}, defaultBrowserOptions, {
|
||||
headless: false,
|
||||
args: [
|
||||
'--no-sandbox',
|
||||
`--disable-extensions-except=${extensionPath}`,
|
||||
`--load-extension=${extensionPath}`,
|
||||
],
|
||||
|
@ -116,7 +116,7 @@ module.exports.addTests = function({testRunner, expect, defaultBrowserOptions})
|
||||
it('userDataDir argument', async({server}) => {
|
||||
const userDataDir = await mkdtempAsync(TMP_FOLDER);
|
||||
const options = Object.assign({}, defaultBrowserOptions);
|
||||
options.args = [`--user-data-dir=${userDataDir}`].concat(options.args);
|
||||
options.args = [`--user-data-dir=${userDataDir}`].concat(options.args || []);
|
||||
const browser = await puppeteer.launch(options);
|
||||
expect(fs.readdirSync(userDataDir).length).toBeGreaterThan(0);
|
||||
await browser.close();
|
||||
@ -209,7 +209,7 @@ module.exports.addTests = function({testRunner, expect, defaultBrowserOptions})
|
||||
});
|
||||
it('should support the pipe argument', async() => {
|
||||
const options = Object.assign({}, defaultBrowserOptions);
|
||||
options.args = ['--remote-debugging-pipe'].concat(options.args);
|
||||
options.args = ['--remote-debugging-pipe'].concat(options.args || []);
|
||||
const browser = await puppeteer.launch(options);
|
||||
expect(browser.wsEndpoint()).toBe('');
|
||||
const page = await browser.newPage();
|
||||
@ -256,7 +256,7 @@ module.exports.addTests = function({testRunner, expect, defaultBrowserOptions})
|
||||
it('should have custom url when launching browser', async function({server}) {
|
||||
const customUrl = server.PREFIX + '/empty.html';
|
||||
const options = Object.assign({}, defaultBrowserOptions);
|
||||
options.args = [customUrl].concat(options.args);
|
||||
options.args = [customUrl].concat(options.args || []);
|
||||
const browser = await puppeteer.launch(options);
|
||||
const pages = await browser.pages();
|
||||
expect(pages.length).toBe(1);
|
||||
|
@ -47,7 +47,6 @@ const defaultBrowserOptions = {
|
||||
slowMo,
|
||||
headless,
|
||||
dumpio: (process.env.DUMPIO || 'false').trim().toLowerCase() === 'true',
|
||||
args: ['--no-sandbox']
|
||||
};
|
||||
|
||||
let parallel = 1;
|
||||
|
@ -15,10 +15,6 @@ const {it, xit, fit} = testRunner;
|
||||
const {afterAll, beforeAll, afterEach, beforeEach} = testRunner;
|
||||
const {expect} = new Matchers();
|
||||
|
||||
const defaultBrowserOptions = {
|
||||
args: ['--no-sandbox']
|
||||
};
|
||||
|
||||
beforeAll(async state => {
|
||||
const assetsPath = path.join(__dirname, '..', '..', 'test', 'assets');
|
||||
const port = 8998;
|
||||
@ -27,7 +23,7 @@ beforeAll(async state => {
|
||||
PREFIX: `http://localhost:${port}`,
|
||||
EMPTY_PAGE: `http://localhost:${port}/empty.html`,
|
||||
};
|
||||
state.browser = await puppeteer.launch(defaultBrowserOptions);
|
||||
state.browser = await puppeteer.launch();
|
||||
});
|
||||
|
||||
afterAll(async state => {
|
||||
@ -54,7 +50,7 @@ afterEach(async state => {
|
||||
|
||||
describe('Puppeteer-Web', () => {
|
||||
it('should work over web socket', async({page, serverConfig}) => {
|
||||
const browser2 = await puppeteer.launch(defaultBrowserOptions);
|
||||
const browser2 = await puppeteer.launch();
|
||||
// Use in-page puppeteer to create a new page and navigate it to the EMPTY_PAGE
|
||||
await page.evaluate(async(browserWSEndpoint, serverConfig) => {
|
||||
const puppeteer = require('puppeteer');
|
||||
|
@ -34,7 +34,7 @@ let browser;
|
||||
let page;
|
||||
|
||||
beforeAll(async function() {
|
||||
browser = await puppeteer.launch({args: ['--no-sandbox']});
|
||||
browser = await puppeteer.launch();
|
||||
page = await browser.newPage();
|
||||
});
|
||||
|
||||
|
@ -45,7 +45,7 @@ async function run() {
|
||||
messages.push(...await preprocessor.runCommands(mdSources, VERSION));
|
||||
messages.push(...await preprocessor.ensureReleasedAPILinks([readme], VERSION));
|
||||
|
||||
const browser = await puppeteer.launch({args: ['--no-sandbox']});
|
||||
const browser = await puppeteer.launch();
|
||||
const page = await browser.newPage();
|
||||
const checkPublicAPI = require('./check_public_api');
|
||||
const jsSources = await Source.readdir(path.join(PROJECT_DIR, 'lib'), '.js');
|
||||
|
@ -4,7 +4,6 @@ const puppeteer = require('../..');
|
||||
module.exports = puppeteer.launch({
|
||||
pipe: false,
|
||||
executablePath: process.env.CHROME,
|
||||
args: ['--no-sandbox', '--disable-dev-shm-usage']
|
||||
}).then(async browser => {
|
||||
const origin = browser.wsEndpoint().match(/ws:\/\/([0-9A-Za-z:\.]*)\//)[1];
|
||||
const page = await browser.newPage();
|
||||
|
Loading…
Reference in New Issue
Block a user