mirror of
https://github.com/kemko/nomad.git
synced 2026-01-07 02:45:42 +03:00
511d0c1e70
* artifact: protect against unbounded artifact decompression Starting with 1.5.0, set defaut values for artifact decompression limits. artifact.decompression_size_limit (default "100GB") - the maximum amount of data that will be decompressed before triggering an error and cancelling the operation artifact.decompression_file_count_limit (default 4096) - the maximum number of files that will be decompressed before triggering an error and cancelling the operation. * artifact: assert limits cannot be nil in validation
41 lines
645 B
HCL
41 lines
645 B
HCL
job "linux" {
|
|
datacenters = ["dc1"]
|
|
type = "batch"
|
|
|
|
constraint {
|
|
attribute = "${attr.kernel.name}"
|
|
value = "linux"
|
|
}
|
|
|
|
group "limits" {
|
|
|
|
reschedule {
|
|
attempts = 0
|
|
unlimited = false
|
|
}
|
|
|
|
restart {
|
|
attempts = 0
|
|
mode = "fail"
|
|
}
|
|
|
|
|
|
task "zip_bomb" {
|
|
artifact {
|
|
source = "https://github.com/hashicorp/go-getter/raw/main/testdata/decompress-zip/bomb.zip"
|
|
destination = "local/"
|
|
}
|
|
|
|
driver = "raw_exec"
|
|
config {
|
|
command = "/usr/bin/false"
|
|
}
|
|
|
|
resources {
|
|
cpu = 16
|
|
memory = 32
|
|
}
|
|
}
|
|
}
|
|
}
|