In teaching CS, students submit their code to our server and we compile and run with unit tests. Similar to Codeforces, Codewars, and HackerRank.
How should we be configuring servers for this? Launch a new minimal VM for each code submission? Is there a VM system and linux distribution ideal for this?
Or is there another mechanism for this purpose that is more efficient? Can a user account be configured to handle this safely? We're happy to recycle servers periodically.
We're not tied to any datacenter or service. So happy to use something like AWS Lambda if that's a viable option.
AWS Lambda recently launched a code signing feature to confirm that the code is unaltered and from a trusted publisher: https://aws.amazon.com/blogs/aws/new-code-signing-a-trust-and-integrity-control-for-aws-lambda/
You could add a layer on top of Lambda to take a student's signed code, create a Lambda function using it and then invoke the function to run the tests.
EDIT: Lambda would run the code in sandboxed containers and the Lambda function's configurations itself could be enforced by an admin.