SECURITY: Remove runaway cpu/memory tests.

These should not be in the public plugin accessible via a GET. At
the very least they should require an environment variable and
CSRF protection. I'm removing them because they don't seem commonly
used.

app/controllers/docker_manager/admin_controller.rb

@@ -64,7 +64,7 @@ module DockerManager
       repo = DockerManager::GitRepo.find(params[:path])
       raise Discourse::NotFound unless repo.present?
 
-      repo.update! if Rails.env == 'production'
+      repo.update_remote! if Rails.env == 'production'
 
       render json: {
         latest: {
@@ -103,27 +103,5 @@ module DockerManager
       end
       render plain: ps_output
     end
-
-    def runaway_cpu
-      Thread.new do
-        a = 1
-        while true
-          a += 1
-        end
-      end
-      render plain: "Killing CPU on #{Process.pid}"
-    end
-
-    def runaway_mem
-      Thread.new do
-        a = []
-        while true
-          a << Array.new(50_000_000 / 8)
-          sleep 30
-        end
-      end
-      render plain: "Leaking memory on #{Process.pid}"
-    end
-
   end
 end

config/routes.rb

@@ -7,7 +7,5 @@ DockerManager::Engine.routes.draw do
   get "admin/docker/ps" => "admin#ps", constraints: AdminConstraint.new
   post "admin/docker/upgrade" => "admin#upgrade", constraints: AdminConstraint.new
   delete "admin/docker/upgrade" => "admin#reset_upgrade", constraints: AdminConstraint.new
-  get "admin/docker/runaway_cpu" => "admin#runaway_cpu", constraints: AdminConstraint.new
-  get "admin/docker/runaway_mem" => "admin#runaway_mem", constraints: AdminConstraint.new
   get 'admin/docker/csrf' => 'admin#csrf', constraints: AdminConstraint.new
 end

lib/docker_manager/git_repo.rb

@@ -59,7 +59,7 @@ class DockerManager::GitRepo
     url
   end
 
-  def update!
+  def update_remote!
     `cd #{path} && git remote update`
   end