OLD | NEW |
1 Design | 1 Design |
2 ====== | 2 ====== |
3 | 3 |
4 | 4 |
5 Overview | 5 Overview |
6 -------- | 6 -------- |
7 Allows trying out Skia code in the browser. | 7 Allows trying out Skia code in the browser. |
8 | 8 |
9 | 9 |
10 Security | 10 Security |
(...skipping 14 matching lines...) Expand all Loading... |
25 for example runtime is limited to 5s of CPU. | 25 for example runtime is limited to 5s of CPU. |
26 | 26 |
27 User submitted code is also restricted in the following ways: | 27 User submitted code is also restricted in the following ways: |
28 * Limited to 10K of code total. | 28 * Limited to 10K of code total. |
29 * No preprocessor use is allowed (no lines can begin with #includes). | 29 * No preprocessor use is allowed (no lines can begin with #includes). |
30 | 30 |
31 | 31 |
32 Architecture | 32 Architecture |
33 ------------ | 33 ------------ |
34 | 34 |
35 | |
36 The server runs on GCE, and consists of a Go Web Server that calls out to the | 35 The server runs on GCE, and consists of a Go Web Server that calls out to the |
37 c++ compiler and executes code in a chroot jail. See the diagram below: | 36 c++ compiler and executes code in a chroot jail. See the diagram below: |
38 | 37 |
39 +–––––––––––––+ | 38 +–––––––––––––+ |
40 | | | 39 | | |
41 | Browser | | 40 | Browser | |
42 | | | 41 | | |
43 +––––––+––––––+ | 42 +––––––+––––––+ |
44 | | 43 | |
45 +––––––+––––––+ | 44 +––––––+––––––+ |
(...skipping 150 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
196 gcutil --project=google.com:skia-buildbots setinstancemetadata skia-webtr
y-b --metadata=password:'[mysql client webtry password]' --fingerprint=[some fin
gerprint] | 195 gcutil --project=google.com:skia-buildbots setinstancemetadata skia-webtr
y-b --metadata=password:'[mysql client webtry password]' --fingerprint=[some fin
gerprint] |
197 | 196 |
198 To retrieve the password from the running instance just GET the right URL from | 197 To retrieve the password from the running instance just GET the right URL from |
199 the metadata server: | 198 the metadata server: |
200 | 199 |
201 curl "http://metadata/computeMetadata/v1/instance/attributes/password" -H "X
-Google-Metadata-Request: True" | 200 curl "http://metadata/computeMetadata/v1/instance/attributes/password" -H "X
-Google-Metadata-Request: True" |
202 | 201 |
203 N.B. If you need to change the MySQL password that webtry uses, you must change | 202 N.B. If you need to change the MySQL password that webtry uses, you must change |
204 it both in MySQL and the value stored in the metadata server. | 203 it both in MySQL and the value stored in the metadata server. |
205 | 204 |
| 205 Squid |
| 206 ----- |
| 207 |
| 208 Squid is configured to run on port 80 and run as an accelerator for the actual |
| 209 Go program which is running on port 8000. The config for the squid proxy is |
| 210 held in sys/webtry_squid, which is copied into place during installation and |
| 211 squid is kept running via monit. |
| 212 |
206 Workspaces | 213 Workspaces |
207 ---------- | 214 ---------- |
208 | 215 |
209 Workspaces are implemented by the workspace and workspacetry tables. The | 216 Workspaces are implemented by the workspace and workspacetry tables. The |
210 workspace table keeps the unique list of all workspaces. The workspacetry table | 217 workspace table keeps the unique list of all workspaces. The workspacetry table |
211 keeps track of all the tries that have occured in a workspace. Right now the | 218 keeps track of all the tries that have occured in a workspace. Right now the |
212 hidden column of workspacetry is not used, it's for future functionality. | 219 hidden column of workspacetry is not used, it's for future functionality. |
213 | 220 |
214 Installation | 221 Installation |
215 ------------ | 222 ------------ |
216 See the README file. | 223 See the README file. |
217 | 224 |
218 | 225 |
OLD | NEW |