sandbox-fdae94c1

Paused

App Files Files Community

sandbox-fdae94c1 / sandbox_server.py

kangkangchen

Setup sandbox server

937073d verified 21 days ago

raw

history blame contribute delete

14.5 kB

	"""Minimal FastAPI server for sandbox operations."""
	import hmac, os, subprocess, pathlib, signal, threading, re, tempfile
	from fastapi import Depends, FastAPI, HTTPException, Request
	from pydantic import BaseModel
	from typing import Optional
	import uvicorn

	_ANSI_RE = re.compile(r'\x1b\[[0-9;][a-zA-Z]\|\x1b\].?\x07')

	def _strip_ansi(text: str) -> str:
	return _ANSI_RE.sub('', text)

	def _truncate_output(output: str, max_chars: int = 25000, head_ratio: float = 0.25) -> str:
	if len(output) <= max_chars:
	return output
	# Write full output to temp file so LLM can read specific sections
	spill_path = None
	try:
	with tempfile.NamedTemporaryFile(mode='w', suffix='.txt', prefix='bash_output_', dir='/tmp', delete=False) as f:
	f.write(output)
	spill_path = f.name
	except Exception:
	pass
	head_budget = int(max_chars * head_ratio)
	tail_budget = max_chars - head_budget
	head = output[:head_budget]
	tail = output[-tail_budget:]
	total = len(output)
	omitted = total - max_chars
	meta = f"\n\n... ({omitted:,} of {total:,} chars omitted, showing first {head_budget:,} + last {tail_budget:,}) ...\n"
	if spill_path:
	meta += f"Full output saved to {spill_path} — use the read tool with offset/limit to inspect specific sections.\n"
	return head + meta + tail

	def _atomic_write(path: pathlib.Path, content: str):
	"""Write atomically: temp file + fsync + os.replace."""
	path.parent.mkdir(parents=True, exist_ok=True)
	fd = None
	tmp_path = None
	try:
	fd, tmp_path = tempfile.mkstemp(dir=str(path.parent), suffix=".tmp")
	os.write(fd, content.encode("utf-8"))
	os.fsync(fd)
	os.close(fd)
	fd = None
	os.replace(tmp_path, str(path))
	tmp_path = None
	finally:
	if fd is not None:
	os.close(fd)
	if tmp_path is not None:
	try:
	os.unlink(tmp_path)
	except OSError:
	pass

	app = FastAPI()

	def _expected_api_token() -> str:
	return os.environ.get("SANDBOX_API_TOKEN") or os.environ.get("HF_TOKEN") or ""

	def _require_auth(request: Request) -> None:
	expected = _expected_api_token()
	if not expected:
	raise HTTPException(status_code=503, detail="Sandbox API token not configured")
	auth_header = request.headers.get("authorization", "")
	scheme, _, supplied = auth_header.partition(" ")
	if scheme.lower() != "bearer" or not supplied:
	raise HTTPException(status_code=401, detail="Missing bearer token")
	if not hmac.compare_digest(supplied, expected):
	raise HTTPException(status_code=401, detail="Invalid bearer token")

	_AUTH = [Depends(_require_auth)]

	# Track active bash processes so they can be killed on cancel
	_active_procs = {} # pid -> subprocess.Popen
	_proc_lock = threading.Lock()

	class BashReq(BaseModel):
	command: str
	work_dir: str = "/app"
	timeout: int = 120

	class ReadReq(BaseModel):
	path: str
	offset: Optional[int] = None
	limit: Optional[int] = 2000

	class WriteReq(BaseModel):
	path: str
	content: str

	class EditReq(BaseModel):
	path: str
	old_str: str
	new_str: str
	replace_all: bool = False
	mode: str = "replace"

	class ExistsReq(BaseModel):
	path: str

	# ── Fuzzy matching & edit utilities (embedded) ──

	UNICODE_MAP = {
	"\u2013": "-", "\u2014": "-", "\u2212": "-",
	"\u2018": "'", "\u2019": "'",
	"\u201c": '"', "\u201d": '"',
	"\u00a0": " ", "\u2003": " ", "\u2002": " ",
	"\u200b": "", "\ufeff": "",
	}

	def _normalize_unicode(s):
	return "".join(UNICODE_MAP.get(c, c) for c in s)

	def _fuzzy_find_original(content, pattern):
	"""Find the original text in content that matches pattern fuzzily."""
	if pattern in content:
	return pattern, None
	# Pass 2: right-trim
	c_lines = content.split("\n")
	c_rt = "\n".join(l.rstrip() for l in c_lines)
	p_rt = "\n".join(l.rstrip() for l in pattern.split("\n"))
	if p_rt in c_rt:
	idx = c_rt.index(p_rt)
	start_line = c_rt[:idx].count("\n")
	n_lines = p_rt.count("\n") + 1
	matched = "\n".join(c_lines[start_line:start_line + n_lines])
	return matched, "(matched after trimming trailing whitespace)"
	# Pass 3: both-sides trim
	c_st = "\n".join(l.strip() for l in c_lines)
	p_st = "\n".join(l.strip() for l in pattern.split("\n"))
	if p_st in c_st:
	idx = c_st.index(p_st)
	start_line = c_st[:idx].count("\n")
	n_lines = p_st.count("\n") + 1
	matched = "\n".join(c_lines[start_line:start_line + n_lines])
	return matched, "(matched after trimming whitespace)"
	# Pass 4: unicode normalization
	c_norm = _normalize_unicode(c_st)
	p_norm = _normalize_unicode(p_st)
	if p_norm in c_norm:
	idx = c_norm.index(p_norm)
	start_line = c_norm[:idx].count("\n")
	n_lines = p_norm.count("\n") + 1
	matched = "\n".join(c_lines[start_line:start_line + n_lines])
	return matched, "(matched after unicode normalization)"
	return None, None

	def _apply_edit(content, old_str, new_str, mode="replace", replace_all=False):
	"""Apply edit. Returns (new_content, count, fuzzy_note) or raises ValueError."""
	if mode == "replace_all":
	replace_all = True
	mode = "replace"
	fuzzy_note = None
	if old_str not in content:
	matched, fuzzy_note = _fuzzy_find_original(content, old_str)
	if matched is None:
	raise ValueError("old_str not found in file.")
	old_str = matched
	count = content.count(old_str)
	if mode == "replace":
	if count > 1 and not replace_all:
	raise ValueError(f"old_str appears {count} times. Use replace_all=true or provide more context.")
	if replace_all:
	return content.replace(old_str, new_str), count, fuzzy_note
	return content.replace(old_str, new_str, 1), 1, fuzzy_note
	elif mode == "append_after":
	if replace_all:
	return content.replace(old_str, old_str + new_str), count, fuzzy_note
	idx = content.index(old_str) + len(old_str)
	return content[:idx] + new_str + content[idx:], 1, fuzzy_note
	elif mode == "prepend_before":
	if replace_all:
	return content.replace(old_str, new_str + old_str), count, fuzzy_note
	idx = content.index(old_str)
	return content[:idx] + new_str + content[idx:], 1, fuzzy_note
	raise ValueError(f"Unknown mode: {mode}")

	def _validate_python(content, path=""):
	"""Validate Python: syntax, kwargs against real installed signatures, training heuristics.

	Runs inside the sandbox where packages are pip-installed, so we can actually
	import classes and inspect their __init__ signatures to catch kwarg mismatches
	before runtime.
	"""
	import ast as _ast, inspect as _inspect, importlib as _il
	warnings = []

	# 1. Syntax check
	try:
	tree = _ast.parse(content)
	except SyntaxError as e:
	warnings.append(f"Python syntax error at line {e.lineno}: {e.msg}")
	return warnings

	# 2. Build import map: name -> module path (from the script's own imports)
	import_map = {}
	for node in _ast.walk(tree):
	if isinstance(node, _ast.ImportFrom) and node.module:
	for alias in (node.names or []):
	local_name = alias.asname or alias.name
	import_map[local_name] = (node.module, alias.name)
	elif isinstance(node, _ast.Import):
	for alias in (node.names or []):
	local_name = alias.asname or alias.name
	import_map[local_name] = (alias.name, None)

	# 3. For each Call node, resolve the callable and check kwargs against signature
	for node in _ast.walk(tree):
	if not isinstance(node, _ast.Call):
	continue
	# Skip calls with **kwargs unpacking — we can't statically know those keys
	if any(kw.arg is None for kw in node.keywords):
	continue
	call_kwargs = [kw.arg for kw in node.keywords if kw.arg]
	if not call_kwargs:
	continue

	# Resolve the callable name
	func_name = None
	if isinstance(node.func, _ast.Name):
	func_name = node.func.id
	elif isinstance(node.func, _ast.Attribute):
	func_name = node.func.attr
	if not func_name or func_name not in import_map:
	continue

	# Try to import and inspect the real callable
	module_path, attr_name = import_map[func_name]
	try:
	mod = _il.import_module(module_path)
	obj = getattr(mod, attr_name, None) if attr_name else mod
	if obj is None:
	continue
	sig = _inspect.signature(obj)
	params = sig.parameters
	# If **kwargs is in the signature, any kwarg is valid
	if any(p.kind == _inspect.Parameter.VAR_KEYWORD for p in params.values()):
	continue
	valid_names = set(params.keys())
	for kw_name in call_kwargs:
	if kw_name not in valid_names:
	warnings.append(
	f"Invalid kwarg: {func_name}({kw_name}=...) at line {node.lineno} "
	f"-- not accepted by {module_path}.{attr_name or func_name}()"
	)
	except Exception:
	pass # can't import/inspect — skip silently

	# 4. Training script heuristics
	if any(kw in content for kw in ("TrainingArguments", "SFTConfig", "DPOConfig", "GRPOConfig")):
	if "push_to_hub" not in content:
	warnings.append("Training script warning: no 'push_to_hub' found")
	if "hub_model_id" not in content:
	warnings.append("Training script warning: no 'hub_model_id' found")
	return warnings

	@app.get("/api/health")
	def health():
	return {"status": "ok"}

	@app.post("/api/bash", dependencies=_AUTH)
	def bash(req: BashReq):
	try:
	proc = subprocess.Popen(
	req.command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE,
	text=True, cwd=req.work_dir, start_new_session=True,
	)
	with _proc_lock:
	_active_procs[proc.pid] = proc
	try:
	stdout, stderr = proc.communicate(timeout=req.timeout)
	output = _strip_ansi(stdout + stderr)
	output = _truncate_output(output)
	return {"success": proc.returncode == 0, "output": output, "error": "" if proc.returncode == 0 else f"Exit code {proc.returncode}"}
	except subprocess.TimeoutExpired:
	try:
	os.killpg(os.getpgid(proc.pid), signal.SIGKILL)
	except OSError:
	proc.kill()
	proc.wait()
	return {"success": False, "output": "", "error": f"Timeout after {req.timeout}s"}
	finally:
	with _proc_lock:
	_active_procs.pop(proc.pid, None)
	except Exception as e:
	return {"success": False, "output": "", "error": str(e)}

	@app.post("/api/kill", dependencies=_AUTH)
	def kill_all():
	"""Kill all active bash processes. Called when user cancels."""
	with _proc_lock:
	pids = list(_active_procs.keys())
	killed = []
	for pid in pids:
	try:
	os.killpg(os.getpgid(pid), signal.SIGTERM)
	killed.append(pid)
	except OSError:
	try:
	os.kill(pid, signal.SIGKILL)
	killed.append(pid)
	except OSError:
	pass
	return {"success": True, "output": f"Killed {len(killed)} process(es): {killed}", "error": ""}

	@app.post("/api/read", dependencies=_AUTH)
	def read(req: ReadReq):
	try:
	p = pathlib.Path(req.path)
	if not p.exists():
	return {"success": False, "output": "", "error": f"File not found: {req.path}"}
	if p.is_dir():
	return {"success": False, "output": "", "error": f"Is a directory: {req.path}"}
	lines = p.read_text().splitlines()
	start = (req.offset or 1) - 1
	end = start + (req.limit or len(lines))
	selected = lines[start:end]
	numbered = "\n".join(f"{start + i + 1}\t{line}" for i, line in enumerate(selected))
	return {"success": True, "output": numbered, "error": ""}
	except Exception as e:
	return {"success": False, "output": "", "error": str(e)}

	@app.post("/api/write", dependencies=_AUTH)
	def write(req: WriteReq):
	try:
	p = pathlib.Path(req.path)
	_atomic_write(p, req.content)
	msg = f"Wrote {len(req.content)} bytes to {req.path}"
	if p.suffix == ".py":
	warnings = _validate_python(req.content, req.path)
	if warnings:
	msg += "\n\nValidation warnings:\n" + "\n".join(f" ! {w}" for w in warnings)
	return {"success": True, "output": msg, "error": ""}
	except Exception as e:
	return {"success": False, "output": "", "error": str(e)}

	@app.post("/api/edit", dependencies=_AUTH)
	def edit(req: EditReq):
	try:
	p = pathlib.Path(req.path)
	if not p.exists():
	return {"success": False, "output": "", "error": f"File not found: {req.path}"}
	content = p.read_text()
	if req.old_str == req.new_str:
	return {"success": False, "output": "", "error": "old_str and new_str must differ."}
	try:
	new_content, count, fuzzy_note = _apply_edit(
	content, req.old_str, req.new_str, mode=req.mode, replace_all=req.replace_all
	)
	except ValueError as e:
	return {"success": False, "output": "", "error": str(e)}
	_atomic_write(p, new_content)
	msg = f"Edited {req.path} ({count} replacement{'s' if count > 1 else ''})"
	if fuzzy_note:
	msg += f" {fuzzy_note}"
	if p.suffix == ".py":
	warnings = _validate_python(new_content, req.path)
	if warnings:
	msg += "\n\nValidation warnings:\n" + "\n".join(f" ! {w}" for w in warnings)
	return {"success": True, "output": msg, "error": ""}
	except Exception as e:
	return {"success": False, "output": "", "error": str(e)}

	@app.post("/api/exists", dependencies=_AUTH)
	def exists(req: ExistsReq):
	return {"success": True, "output": str(pathlib.Path(req.path).exists()).lower(), "error": ""}

	if __name__ == "__main__":
	uvicorn.run(app, host="0.0.0.0", port=7860)