Upload app.py with huggingface_hub

app.py

@@ -17,7 +17,60 @@ LOG_FILE     = "./training.log"
 DONE_FILE    = "./training_done.txt"
 PID_FILE     = "./training.pid"
 RESULTS_FILE = f"{PLOTS_DIR}/results.json"
+TASK_ID_FILE = "./.task_id"
 
+# ---------------------------------------------------------------------------
+# Trainer hub config — same across all 3 trainer Spaces, the active task
+# is selected by the contents of `.task_id` at the Space root.
+# ---------------------------------------------------------------------------
+TASKS = {
+    "dependency": {
+        "title":     "Dependency Review",
+        "subtitle":  "Supply-chain literacy",
+        "blurb":     "Typosquats, hallucinated PyPI imports, pinned CVEs, license risks. Tests the baseline of supply-chain awareness every reviewer should have.",
+        "stats":     "24 scenarios · 120 findings · Qwen 1.5B · 3 epochs",
+        "delta":     "+0.302",
+        "deltatxt":  "20 / 24 wins · 0.083 → 0.385",
+        "space_url": "https://huggingface.co/spaces/sam25kat/securereview-trainer",
+    },
+    "iac": {
+        "title":     "IaC Misconfiguration",
+        "subtitle":  "Cloud-security reasoning",
+        "blurb":     "CIS violations in Terraform / K8s — public buckets, wildcard IAM, privileged containers, missing encryption. Multi-file cloud reasoning.",
+        "stats":     "24 scenarios · 155 findings · Qwen 1.5B · 3 epochs",
+        "delta":     "+0.126",
+        "deltatxt":  "6 / 13 wins · 0.177 → 0.303",
+        "space_url": "https://huggingface.co/spaces/sam25kat/securereview-trainer-iac",
+    },
+    "migration": {
+        "title":     "Migration Safety",
+        "subtitle":  "Database engineering judgment",
+        "blurb":     "SQL migrations against live production context — table sizes, write throughput, downstream services. Hot-row contention, RLS gaps, MVCC bloat.",
+        "stats":     "12 curriculum-filtered (of 28) · 155 findings · Qwen 7B 4-bit · 3 epochs",
+        "delta":     "+0.295",
+        "deltatxt":  "10 / 12 wins · 0.170 → 0.465",
+        "space_url": "https://huggingface.co/spaces/sam25kat/securereview-trainer-migration",
+    },
+}
+TASK_ORDER = ["dependency", "iac", "migration"]
+
+
+def detect_local_task() -> str:
+    """Each trainer Space puts its own task id in /.task_id — defaults to dep."""
+    if os.path.exists(TASK_ID_FILE):
+        try:
+            t = open(TASK_ID_FILE).read().strip()
+            if t in TASKS:
+                return t
+        except OSError:
+            pass
+    return "dependency"
+
+
+LOCAL_TASK = detect_local_task()
+
+
+# ---------------------------------------------------------------------------
 
 def is_training_alive():
     if not os.path.exists(PID_FILE):
@@ -51,19 +104,146 @@ def _run():
             pass
 
 
+# ---------------------------------------------------------------------------
+# Page chrome
+# ---------------------------------------------------------------------------
+
 st.set_page_config(page_title="SecureReview Trainer", layout="wide")
-st.title("SecureReview — GRPO Trainer")
+
+st.markdown(
+    """
+    <style>
+      .hub-card {
+          border: 1px solid rgba(255,255,255,0.12);
+          border-radius: 10px;
+          padding: 22px 22px 18px 22px;
+          background: rgba(255,255,255,0.02);
+          height: 100%;
+      }
+      .hub-card.active {
+          border-color: #ff6b35;
+          background: rgba(255,107,53,0.06);
+      }
+      .hub-card h3 {
+          margin: 0 0 4px 0;
+          font-size: 17px;
+      }
+      .hub-card .sub {
+          color: #9ca3af;
+          font-size: 12px;
+          letter-spacing: 0.04em;
+          text-transform: uppercase;
+          margin-bottom: 14px;
+      }
+      .hub-card .blurb {
+          color: #d1d5db;
+          font-size: 13px;
+          line-height: 1.5;
+          min-height: 86px;
+      }
+      .hub-card .stats {
+          font-family: ui-monospace, Menlo, Monaco, "Courier New", monospace;
+          font-size: 11px;
+          color: #9ca3af;
+          margin-top: 12px;
+          padding-top: 12px;
+          border-top: 1px solid rgba(255,255,255,0.08);
+      }
+      .hub-card .delta {
+          font-size: 26px;
+          font-weight: 700;
+          color: #ff6b35;
+          margin-top: 8px;
+          letter-spacing: -0.02em;
+      }
+      .hub-card .delta-cap {
+          font-family: ui-monospace, Menlo, Monaco, "Courier New", monospace;
+          font-size: 11px;
+          color: #9ca3af;
+      }
+      .hub-card .badge {
+          display: inline-block;
+          font-family: ui-monospace, Menlo, Monaco, "Courier New", monospace;
+          font-size: 10px;
+          letter-spacing: 0.08em;
+          padding: 2px 8px;
+          border-radius: 4px;
+          background: #ff6b35;
+          color: #0a0a0a;
+          margin-left: 8px;
+          vertical-align: middle;
+      }
+      .hub-card a.openbtn {
+          display: inline-block;
+          margin-top: 16px;
+          padding: 8px 14px;
+          border: 1px solid rgba(255,255,255,0.2);
+          border-radius: 6px;
+          color: #d1d5db;
+          text-decoration: none;
+          font-size: 13px;
+      }
+      .hub-card a.openbtn:hover {
+          border-color: #ff6b35;
+          color: #ff6b35;
+      }
+    </style>
+    """,
+    unsafe_allow_html=True,
+)
+
+st.title("SecureReview — Trainer Hub")
+st.markdown(
+    "**Three security-review domains. One canonical SFT → GRPO hybrid pipeline.** "
+    "Click *Run Training* on any card — full SFT run completes in ~30 s on a single GPU credit, "
+    "with loss curve + before/after plot rendered live."
+)
+st.markdown("---")
+
+# ---------------------------------------------------------------------------
+# Three task cards
+# ---------------------------------------------------------------------------
+
+cols = st.columns(3, gap="medium")
+
+for idx, task_id in enumerate(TASK_ORDER):
+    cfg = TASKS[task_id]
+    is_active = task_id == LOCAL_TASK
+    with cols[idx]:
+        active_cls = "active" if is_active else ""
+        active_badge = '<span class="badge">THIS SPACE</span>' if is_active else ""
+        card_html = f"""
+        <div class="hub-card {active_cls}">
+            <h3>{cfg['title']}{active_badge}</h3>
+            <div class="sub">{cfg['subtitle']}</div>
+            <div class="blurb">{cfg['blurb']}</div>
+            <div class="delta">{cfg['delta']}</div>
+            <div class="delta-cap">{cfg['deltatxt']}</div>
+            <div class="stats">{cfg['stats']}</div>
+        """
+        if not is_active:
+            card_html += f'<a class="openbtn" href="{cfg["space_url"]}" target="_blank">Open trainer ↗</a>'
+        card_html += "</div>"
+        st.markdown(card_html, unsafe_allow_html=True)
+
+st.markdown("")
+st.markdown("---")
+
+# ---------------------------------------------------------------------------
+# Active-task training panel
+# ---------------------------------------------------------------------------
+
+active_cfg = TASKS[LOCAL_TASK]
+st.subheader(f"▶  {active_cfg['title']} · run training here")
 st.markdown(
-    "Trains via GRPO on the live SecureReview environment.  \n"
-    "Reward comes from a graded environment — no static dataset."
+    f"Trains via SFT → GRPO on the live `{LOCAL_TASK}_review` task of the "
+    f"SecureReview environment. Reward comes from the live grader — no static dataset."
 )
 
 done            = os.path.exists(DONE_FILE)
 log_present     = os.path.exists(LOG_FILE)
 training_alive  = is_training_alive()
-mid_run         = log_present and not done and (training_alive or not is_training_alive())
-# Resume detection: if log file exists and not marked done, treat as ongoing
-ongoing = log_present and not done
+ongoing         = log_present and not done
 
 if not ongoing and not done:
     if st.button("▶  Run Training", type="primary"):