Hugging Face's logo

Spaces:
jananath
/
nca-toolkit
Runtime error

App Files Community
nca-toolkit
File size: 4,972 Bytes 
4b12e15
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
 
# Execute Python Code Endpoint

## 1. Overview

The `/v1/code/execute/python` endpoint allows users to execute Python code on the server. This endpoint is part of the version 1.0 API structure defined in `app.py`. It is designed to provide a secure and controlled environment for executing Python code, with features like input validation, output capturing, and timeout handling.

## 2. Endpoint

**URL Path:** `/v1/code/execute/python`
**HTTP Method:** `POST`

## 3. Request

### Headers

- `x-api-key` (required): The API key for authentication.

### Body Parameters

The request body must be a JSON object with the following properties:

- `code` (string, required): The Python code to be executed.
- `timeout` (integer, optional): The maximum execution time in seconds, between 1 and 300. Default is 30 seconds.
- `webhook_url` (string, optional): The URL to receive the execution result via a webhook.
- `id` (string, optional): A unique identifier for the request.

The `validate_payload` directive in the routes file enforces the following JSON schema for the request body:

```json
{
    "type": "object",
    "properties": {
        "code": {"type": "string"},
        "timeout": {"type": "integer", "minimum": 1, "maximum": 300},
        "webhook_url": {"type": "string", "format": "uri"},
        "id": {"type": "string"}
    },
    "required": ["code"],
    "additionalProperties": False
}
```

### Example Request

**Request Payload:**

```json
{
    "code": "print('Hello, World!')",
    "timeout": 10,
    "webhook_url": "https://example.com/webhook",
    "id": "unique-request-id"
}
```

**cURL Command:**

```bash
curl -X POST \
     -H "x-api-key: YOUR_API_KEY" \
     -H "Content-Type: application/json" \
     -d '{"code": "print('Hello, World!')", "timeout": 10, "webhook_url": "https://example.com/webhook", "id": "unique-request-id"}' \
     http://your-api-endpoint/v1/code/execute/python
```

## 4. Response

### Success Response

The success response follows the general response format defined in `app.py`. Here's an example:

```json
{
    "endpoint": "/v1/code/execute/python",
    "code": 200,
    "id": "unique-request-id",
    "job_id": "generated-job-id",
    "response": {
        "result": null,
        "stdout": "Hello, World!\n",
        "stderr": "",
        "exit_code": 0
    },
    "message": "success",
    "pid": 12345,
    "queue_id": 1234567890,
    "run_time": 0.123,
    "queue_time": 0.0,
    "total_time": 0.123,
    "queue_length": 0,
    "build_number": "1.0.0"
}
```

### Error Responses

#### Missing or Invalid Parameters

**Status Code:** 400 Bad Request

```json
{
    "error": "Missing or invalid parameters",
    "stdout": "",
    "exit_code": 400
}
```

#### Execution Error

**Status Code:** 400 Bad Request

```json
{
    "error": "Error message from the executed code",
    "stdout": "Output from the executed code",
    "exit_code": 400
}
```

#### Execution Timeout

**Status Code:** 408 Request Timeout

```json
{
    "error": "Execution timed out after 10 seconds"
}
```

#### Internal Server Error

**Status Code:** 500 Internal Server Error

```json
{
    "error": "An internal server error occurred",
    "stdout": "",
    "stderr": "",
    "exit_code": 500
}
```

## 5. Error Handling

The endpoint handles various types of errors, including:

- Missing or invalid parameters (400 Bad Request)
- Execution errors, such as syntax errors or exceptions (400 Bad Request)
- Execution timeout (408 Request Timeout)
- Internal server errors (500 Internal Server Error)

The main application context (`app.py`) also includes error handling for queue overload (429 Too Many Requests) and other general errors.

## 6. Usage Notes

- The executed code runs in a sandboxed environment, with limited access to system resources.
- The code execution is limited to a maximum of 300 seconds (5 minutes) by default, but this can be adjusted using the `timeout` parameter.
- The execution result, including stdout, stderr, and the return value, is captured and returned in the response.
- If a `webhook_url` is provided, the execution result will also be sent to the specified webhook.

## 7. Common Issues

- Attempting to execute code that accesses restricted resources or performs disallowed operations may result in an execution error.
- Long-running or resource-intensive code may trigger the execution timeout.
- Providing an invalid `webhook_url` will prevent the execution result from being delivered to the specified webhook.

## 8. Best Practices

- Always validate and sanitize user input to prevent code injection attacks.
- Set an appropriate timeout value based on the expected execution time of the code.
- Monitor the execution logs for any errors or unexpected behavior.
- Implement rate limiting or queue management to prevent abuse or overload of the endpoint.
- Consider implementing additional security measures, such as code sandboxing or whitelisting/blacklisting certain operations or modules.