Spaces:
Sleeping
Sleeping
Upload 6 files
Browse files- Dockerfile +4 -21
- main.py +4 -1
- pyproject.toml +17 -17
- requirements.txt +4 -5
Dockerfile
CHANGED
|
@@ -1,36 +1,19 @@
|
|
| 1 |
-
# βββ Build stage βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
|
| 2 |
-
FROM python:3.11-slim AS builder
|
| 3 |
-
|
| 4 |
-
WORKDIR /build
|
| 5 |
-
|
| 6 |
-
# Install dependencies into a prefix we'll copy to the final image
|
| 7 |
-
COPY requirements.txt .
|
| 8 |
-
RUN pip install --no-cache-dir --prefix=/install -r requirements.txt
|
| 9 |
-
|
| 10 |
-
|
| 11 |
-
# βββ Runtime stage ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
|
| 12 |
FROM python:3.11-slim
|
| 13 |
|
| 14 |
-
# Hugging Face Spaces expects the app on port 7860
|
| 15 |
ENV PORT=7860
|
| 16 |
ENV PYTHONUNBUFFERED=1
|
| 17 |
ENV PYTHONDONTWRITEBYTECODE=1
|
| 18 |
|
| 19 |
WORKDIR /app
|
| 20 |
|
| 21 |
-
|
| 22 |
-
|
| 23 |
|
| 24 |
-
|
| 25 |
-
COPY env.py .
|
| 26 |
-
COPY main.py .
|
| 27 |
-
COPY inference.py .
|
| 28 |
|
| 29 |
-
# HF Spaces: non-root user for safety
|
| 30 |
RUN useradd -m -u 1000 appuser && chown -R appuser /app
|
| 31 |
USER appuser
|
| 32 |
|
| 33 |
EXPOSE 7860
|
| 34 |
|
| 35 |
-
|
| 36 |
-
CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "7860", "--workers", "1"]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
FROM python:3.11-slim
|
| 2 |
|
|
|
|
| 3 |
ENV PORT=7860
|
| 4 |
ENV PYTHONUNBUFFERED=1
|
| 5 |
ENV PYTHONDONTWRITEBYTECODE=1
|
| 6 |
|
| 7 |
WORKDIR /app
|
| 8 |
|
| 9 |
+
COPY requirements.txt .
|
| 10 |
+
RUN pip install --no-cache-dir -r requirements.txt
|
| 11 |
|
| 12 |
+
COPY . .
|
|
|
|
|
|
|
|
|
|
| 13 |
|
|
|
|
| 14 |
RUN useradd -m -u 1000 appuser && chown -R appuser /app
|
| 15 |
USER appuser
|
| 16 |
|
| 17 |
EXPOSE 7860
|
| 18 |
|
| 19 |
+
CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "7860", "--workers", "1"]
|
|
|
main.py
CHANGED
|
@@ -2,6 +2,7 @@
|
|
| 2 |
API Gateway Defender β FastAPI Server
|
| 3 |
=====================================
|
| 4 |
Exposes the OpenEnv-compliant HTTP API for the environment.
|
|
|
|
| 5 |
Endpoints
|
| 6 |
---------
|
| 7 |
POST /reset β Start a new episode
|
|
@@ -90,13 +91,13 @@ async def reset(
|
|
| 90 |
) -> Dict[str, Any]:
|
| 91 |
"""
|
| 92 |
Start a new episode.
|
|
|
|
| 93 |
Accepts ALL of these formats (validator may use any):
|
| 94 |
- JSON body: {"task_id": "easy"}
|
| 95 |
- Query param: POST /reset?task_id=easy
|
| 96 |
- Empty body: POST /reset (defaults to "easy")
|
| 97 |
- No body at all: POST /reset (defaults to "easy")
|
| 98 |
"""
|
| 99 |
-
# Priority: JSON body > query param > default "easy"
|
| 100 |
tid = (req.task_id if req else None) or task_id or "easy"
|
| 101 |
try:
|
| 102 |
obs: Observation = _env.reset(task_id=tid)
|
|
@@ -109,7 +110,9 @@ async def reset(
|
|
| 109 |
def step(action: Action) -> Dict[str, Any]:
|
| 110 |
"""
|
| 111 |
Submit one firewall rule.
|
|
|
|
| 112 |
Returns StepResult: {observation, reward, done, info}
|
|
|
|
| 113 |
Reward score: 0.0β1.0
|
| 114 |
= detection_rate β (false_positive_rate Γ 5)
|
| 115 |
= 0.0 if false positive rate > 10%
|
|
|
|
| 2 |
API Gateway Defender β FastAPI Server
|
| 3 |
=====================================
|
| 4 |
Exposes the OpenEnv-compliant HTTP API for the environment.
|
| 5 |
+
|
| 6 |
Endpoints
|
| 7 |
---------
|
| 8 |
POST /reset β Start a new episode
|
|
|
|
| 91 |
) -> Dict[str, Any]:
|
| 92 |
"""
|
| 93 |
Start a new episode.
|
| 94 |
+
|
| 95 |
Accepts ALL of these formats (validator may use any):
|
| 96 |
- JSON body: {"task_id": "easy"}
|
| 97 |
- Query param: POST /reset?task_id=easy
|
| 98 |
- Empty body: POST /reset (defaults to "easy")
|
| 99 |
- No body at all: POST /reset (defaults to "easy")
|
| 100 |
"""
|
|
|
|
| 101 |
tid = (req.task_id if req else None) or task_id or "easy"
|
| 102 |
try:
|
| 103 |
obs: Observation = _env.reset(task_id=tid)
|
|
|
|
| 110 |
def step(action: Action) -> Dict[str, Any]:
|
| 111 |
"""
|
| 112 |
Submit one firewall rule.
|
| 113 |
+
|
| 114 |
Returns StepResult: {observation, reward, done, info}
|
| 115 |
+
|
| 116 |
Reward score: 0.0β1.0
|
| 117 |
= detection_rate β (false_positive_rate Γ 5)
|
| 118 |
= 0.0 if false positive rate > 10%
|
pyproject.toml
CHANGED
|
@@ -1,18 +1,18 @@
|
|
| 1 |
-
[project]
|
| 2 |
-
name = "api-gateway-defender"
|
| 3 |
-
version = "1.0.0"
|
| 4 |
-
description = "OpenEnv RL environment for API gateway defense"
|
| 5 |
-
requires-python = ">=3.11"
|
| 6 |
-
dependencies = [
|
| 7 |
-
"fastapi>=0.104.0",
|
| 8 |
-
"uvicorn[standard]>=0.24.0",
|
| 9 |
-
"pydantic>=2.0.0",
|
| 10 |
-
"openenv-core>=0.2.0",
|
| 11 |
-
]
|
| 12 |
-
|
| 13 |
-
[project.scripts]
|
| 14 |
-
server = "main:app"
|
| 15 |
-
|
| 16 |
-
[tool.openenv]
|
| 17 |
-
env_id = "api-gateway-defender"
|
| 18 |
entry_point = "main:app"
|
|
|
|
| 1 |
+
[project]
|
| 2 |
+
name = "api-gateway-defender"
|
| 3 |
+
version = "1.0.0"
|
| 4 |
+
description = "OpenEnv RL environment for API gateway defense"
|
| 5 |
+
requires-python = ">=3.11"
|
| 6 |
+
dependencies = [
|
| 7 |
+
"fastapi>=0.104.0",
|
| 8 |
+
"uvicorn[standard]>=0.24.0",
|
| 9 |
+
"pydantic>=2.0.0",
|
| 10 |
+
"openenv-core>=0.2.0",
|
| 11 |
+
]
|
| 12 |
+
|
| 13 |
+
[project.scripts]
|
| 14 |
+
server = "main:app"
|
| 15 |
+
|
| 16 |
+
[tool.openenv]
|
| 17 |
+
env_id = "api-gateway-defender"
|
| 18 |
entry_point = "main:app"
|
requirements.txt
CHANGED
|
@@ -1,5 +1,4 @@
|
|
| 1 |
-
fastapi
|
| 2 |
-
uvicorn
|
| 3 |
-
pydantic
|
| 4 |
-
|
| 5 |
-
openai
|
|
|
|
| 1 |
+
fastapi>=0.104.0
|
| 2 |
+
uvicorn[standard]>=0.24.0
|
| 3 |
+
pydantic>=2.0.0
|
| 4 |
+
openenv-core>=0.2.0
|
|
|