Spaces:
Runtime error
Runtime error
| # Execute Python Code Endpoint | |
| ## 1. Overview | |
| The `/v1/code/execute/python` endpoint allows users to execute Python code on the server. This endpoint is part of the version 1.0 API structure defined in `app.py`. It is designed to provide a secure and controlled environment for executing Python code, with features like input validation, output capturing, and timeout handling. | |
| ## 2. Endpoint | |
| **URL Path:** `/v1/code/execute/python` | |
| **HTTP Method:** `POST` | |
| ## 3. Request | |
| ### Headers | |
| - `x-api-key` (required): The API key for authentication. | |
| ### Body Parameters | |
| The request body must be a JSON object with the following properties: | |
| - `code` (string, required): The Python code to be executed. | |
| - `timeout` (integer, optional): The maximum execution time in seconds, between 1 and 300. Default is 30 seconds. | |
| - `webhook_url` (string, optional): The URL to receive the execution result via a webhook. | |
| - `id` (string, optional): A unique identifier for the request. | |
| The `validate_payload` directive in the routes file enforces the following JSON schema for the request body: | |
| ```json | |
| { | |
| "type": "object", | |
| "properties": { | |
| "code": {"type": "string"}, | |
| "timeout": {"type": "integer", "minimum": 1, "maximum": 300}, | |
| "webhook_url": {"type": "string", "format": "uri"}, | |
| "id": {"type": "string"} | |
| }, | |
| "required": ["code"], | |
| "additionalProperties": False | |
| } | |
| ``` | |
| ### Example Request | |
| **Request Payload:** | |
| ```json | |
| { | |
| "code": "print('Hello, World!')", | |
| "timeout": 10, | |
| "webhook_url": "https://example.com/webhook", | |
| "id": "unique-request-id" | |
| } | |
| ``` | |
| **cURL Command:** | |
| ```bash | |
| curl -X POST \ | |
| -H "x-api-key: YOUR_API_KEY" \ | |
| -H "Content-Type: application/json" \ | |
| -d '{"code": "print('Hello, World!')", "timeout": 10, "webhook_url": "https://example.com/webhook", "id": "unique-request-id"}' \ | |
| http://your-api-endpoint/v1/code/execute/python | |
| ``` | |
| ## 4. Response | |
| ### Success Response | |
| The success response follows the general response format defined in `app.py`. Here's an example: | |
| ```json | |
| { | |
| "endpoint": "/v1/code/execute/python", | |
| "code": 200, | |
| "id": "unique-request-id", | |
| "job_id": "generated-job-id", | |
| "response": { | |
| "result": null, | |
| "stdout": "Hello, World!\n", | |
| "stderr": "", | |
| "exit_code": 0 | |
| }, | |
| "message": "success", | |
| "pid": 12345, | |
| "queue_id": 1234567890, | |
| "run_time": 0.123, | |
| "queue_time": 0.0, | |
| "total_time": 0.123, | |
| "queue_length": 0, | |
| "build_number": "1.0.0" | |
| } | |
| ``` | |
| ### Error Responses | |
| #### Missing or Invalid Parameters | |
| **Status Code:** 400 Bad Request | |
| ```json | |
| { | |
| "error": "Missing or invalid parameters", | |
| "stdout": "", | |
| "exit_code": 400 | |
| } | |
| ``` | |
| #### Execution Error | |
| **Status Code:** 400 Bad Request | |
| ```json | |
| { | |
| "error": "Error message from the executed code", | |
| "stdout": "Output from the executed code", | |
| "exit_code": 400 | |
| } | |
| ``` | |
| #### Execution Timeout | |
| **Status Code:** 408 Request Timeout | |
| ```json | |
| { | |
| "error": "Execution timed out after 10 seconds" | |
| } | |
| ``` | |
| #### Internal Server Error | |
| **Status Code:** 500 Internal Server Error | |
| ```json | |
| { | |
| "error": "An internal server error occurred", | |
| "stdout": "", | |
| "stderr": "", | |
| "exit_code": 500 | |
| } | |
| ``` | |
| ## 5. Error Handling | |
| The endpoint handles various types of errors, including: | |
| - Missing or invalid parameters (400 Bad Request) | |
| - Execution errors, such as syntax errors or exceptions (400 Bad Request) | |
| - Execution timeout (408 Request Timeout) | |
| - Internal server errors (500 Internal Server Error) | |
| The main application context (`app.py`) also includes error handling for queue overload (429 Too Many Requests) and other general errors. | |
| ## 6. Usage Notes | |
| - The executed code runs in a sandboxed environment, with limited access to system resources. | |
| - The code execution is limited to a maximum of 300 seconds (5 minutes) by default, but this can be adjusted using the `timeout` parameter. | |
| - The execution result, including stdout, stderr, and the return value, is captured and returned in the response. | |
| - If a `webhook_url` is provided, the execution result will also be sent to the specified webhook. | |
| ## 7. Common Issues | |
| - Attempting to execute code that accesses restricted resources or performs disallowed operations may result in an execution error. | |
| - Long-running or resource-intensive code may trigger the execution timeout. | |
| - Providing an invalid `webhook_url` will prevent the execution result from being delivered to the specified webhook. | |
| ## 8. Best Practices | |
| - Always validate and sanitize user input to prevent code injection attacks. | |
| - Set an appropriate timeout value based on the expected execution time of the code. | |
| - Monitor the execution logs for any errors or unexpected behavior. | |
| - Implement rate limiting or queue management to prevent abuse or overload of the endpoint. | |
| - Consider implementing additional security measures, such as code sandboxing or whitelisting/blacklisting certain operations or modules. | |