You could use automated testing tools to do the work for you. You define your requirements as individual tests and every input is tested separately giving you a report which tests failed and which succeeded.
That sounds like build automation. You can use some Git forge software.
Did a takehome for a company recently that did it well. They required that I make a docker file (you could give them one if you wanted) where when ran it would run tests. It was a neat use of docker IMO, it standardized that builds were just "build the docker file" and running was just "run the dockerfile". You would t have to deal with tar or anything then.
Thousand ways to skin a cat there
Why give your students a way to get RCE on your institutions servers through anything less than perfect file upload implementation.
For a .tar? I wish you the best...
Instead of that, simplify.
Use unique salts for each assignment per student.
Align hashes with those salts to check the outcome for each students assignment.
Literally have them send you a CTF style sha256 string.
Do it step by step where each step doesn't depend on the next, grade as a percentage of flags accurately procured.
Absolutely this. Even if you had fancy jails or docker setups for each submission, this will be a nightmare to properly handle. Students DOSing each other exactly before the submission deadline, too.
I mean just for the love of God don't spin up something on your company's infrastructure that accepts file uploads.
Just don't.
If you're reading this and going "well, it's just internal," or "well, it doesn't do much it just accepts this exact file type." My god. Ask your CISA. And if they're okay with it, cool. That's on them.
Unless your whole business is transferring files, don't. And even then... Don't.
And if you're still confused, the answer is to use another company's infrastructure for this. Use Azure. Use AWS. Use Google cloud or even g suites. Don't accept that liability. Let the trillionaires do it.
This is basically what CI/CD pipelines do.
Compile the code, run tests, run static analysis. If results pass, submit the code. If results fail, reject it with an explanation.
Idk the details of how you'd implement this for a class, without letting everyone see eachother's completed work, but I'm sure it could be done.
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
No low-effort posts. This is subjective and will largely be determined by the community member reports.
Resources:
Any issues on the community? Report it using the report flag.
Questions? DM the mods!