CompileBox is a Docker based sandbox to run untrusted code and return the output to your app. Users can submit their code in any of the supported languages. The system will test the code in an isolated environment. This way you do not have to worry about untrusted code possibly damaging your server intentionally or unintentionally.
A client submits their code and a languageID to the API. The API then creates a new Docker container and runs the code using the compiler/interpreter of that language. The program runs inside a virtual machine with limited resources and has a time-limit for execution (20s by default). Once the output is ready it is returned as a result of the API request. The Docker container is destroyed and all the files are deleted from the server.
No two coders have access to each other’s Docker or files.
- Install docker as appropriate for your platform.
- In the subdirectory
Setup
, rundocker build -t virtual_machine .
- Install the Go toolchain as appropriate for your platform.
- Presently the server depends on the
gb
build tool, it can be installed viago get github.com/constabulary/gb/...
- In the subdirectory
API
, rungb build
.
- Set the desired port for compilebox via the environment variable
COMPILEBOX_PORT
. - From the API subdirectory, run
./bin/compilebox
.
Interacting with compilebox
is currently limited to a simple REST api. Two endpoints are exposed by the running server:
- GET
/languages/
: This will return a JSON list with the available target languages. - POST
/eval/
: This evaluates code, encoded in a JSON body of the following form:
{
"language": "python",
"stdins": ["1","2"],
"code": "import sys\nprint(sys.stdin.read())"
}
Returned is a JSON object that reports success or failure of evaluation, and for each element of stdins
, what the code has printed to stdout
for that element.`