From 40a3857e58bc2e6ce34cb5868dc1135b15018384 Mon Sep 17 00:00:00 2001 From: Zakaria Maaraki <41241669+zakariamaaraki@users.noreply.github.com> Date: Thu, 18 Apr 2024 13:35:06 +0200 Subject: [PATCH 1/5] Update README.md --- README.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 2a0a25a..5377d86 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,13 @@ This tool execute your code remotely using docker containers to separate environ ![Supported languages](images/supported-languages.png?raw=true "supported-languages logos") -Supports **Rest Calls (Long Polling and [Push Notification](https://en.wikipedia.org/wiki/Push_technology))**, **Apache Kafka** and **Rabbit MQ Messages**. +Supports **Rest Calls (Long Polling and [Push Notification](https://en.wikipedia.org/wiki/Push_technology))**, **Apache Kafka** and **Rabbit MQ Messages**, and **gRPC**. + +## Security Considerations +The compiler ensures the security of user code execution by sandboxing the execution environment and applying strict resource limits. Additionally, input sanitization and validation are performed to prevent code injection attacks. + +## Scalability +The compiler can scale horizontally to handle increased load by deploying multiple instances behind a load balancer. Each instance is stateless and can independently process incoming requests, ensuring high availability and performance. **Example of an input** From dba56372f48bbfcb5e05a1d658ef322351c690a4 Mon Sep 17 00:00:00 2001 From: Zakaria Maaraki <41241669+zakariamaaraki@users.noreply.github.com> Date: Thu, 18 Apr 2024 13:36:59 +0200 Subject: [PATCH 2/5] Update README.md --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 5377d86..20865d0 100644 --- a/README.md +++ b/README.md @@ -18,6 +18,8 @@ The compiler ensures the security of user code execution by sandboxing the execu ## Scalability The compiler can scale horizontally to handle increased load by deploying multiple instances behind a load balancer. Each instance is stateless and can independently process incoming requests, ensuring high availability and performance. +## Sample input / output + **Example of an input** ```json From 3e6cd54116231ac0332b8db52c15e1e9b648169b Mon Sep 17 00:00:00 2001 From: Zakaria Maaraki <41241669+zakariamaaraki@users.noreply.github.com> Date: Thu, 18 Apr 2024 13:41:58 +0200 Subject: [PATCH 3/5] Update README.md --- README.md | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 20865d0..08fabc2 100644 --- a/README.md +++ b/README.md @@ -416,14 +416,6 @@ docker container run -p 8080:8082 -v /var/run/docker.sock:/var/run/docker.sock - Check out exposed prometheus metrics using the following url : http:///prometheus -![Java execution counter](images/executions_metrics.png?raw=true "Executions counter") - -![Parallel executions](images/parallel-executions-metrics.png?raw=true "Parallel Executions Metrics") - -![Throttling counter](images/throttling-counter-metrics.png?raw=true "Throttling Counter Metrics") - -Other metrics are available. - ## Logging

By default, only console logging is enabled.

@@ -438,6 +430,12 @@ All logs will be kept for 7 days with a maximum size of 1 GB. You can also send logs to logstash pipeline by setting these environment variables **LOGSTASH_LOGGING** to true and **LOGSTASH_SERVER_HOST**, **LOGSTASH_SERVER_PORT** to logstash and port values respectively. +## Getting Help + +If you encounter any issues or need assistance with the Remote Code Compiler, feel free to reach out for support. You can: +- Open an issue on GitHub: [Issues](https://github.com/zakariamaaraki/RemoteCodeCompiler/issues) +- Contact the project maintainers directly. + ## Author - **Zakaria Maaraki** - _Initial work_ - [zakariamaaraki](https://github.com/zakariamaaraki) From 702e52b062667309581b096e6866770b67bb317b Mon Sep 17 00:00:00 2001 From: Zakaria Maaraki <41241669+zakariamaaraki@users.noreply.github.com> Date: Thu, 18 Apr 2024 13:44:57 +0200 Subject: [PATCH 4/5] Update README.md --- README.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/README.md b/README.md index 08fabc2..090ae74 100644 --- a/README.md +++ b/README.md @@ -15,6 +15,15 @@ Supports **Rest Calls (Long Polling and [Push Notification](https://en.wikipedia ## Security Considerations The compiler ensures the security of user code execution by sandboxing the execution environment and applying strict resource limits. Additionally, input sanitization and validation are performed to prevent code injection attacks. +#### Sandboxing +The Remote Code Compiler employs sandboxing techniques to isolate user code executions from the underlying system. Each code execution occurs within a dedicated Docker container, providing a secure and contained environment. This isolation prevents unauthorized access to system resources and protects against potential security vulnerabilities. + +#### Resource Limits +Strict resource limits are enforced to prevent resource exhaustion attacks and ensure fair resource allocation. The compiler sets limits on CPU usage, memory consumption, and execution time for each code execution. These limits mitigate the risk of denial-of-service (DoS) attacks and ensure the stability and reliability of the compiler platform. + +#### Input Sanitization +Input sanitization measures are implemented to validate and sanitize user inputs before execution. This helps prevent code injection attacks and ensures that only safe and trusted inputs are processed by the compiler. By sanitizing inputs, the compiler reduces the risk of executing malicious code and maintains the integrity of the execution environment. + ## Scalability The compiler can scale horizontally to handle increased load by deploying multiple instances behind a load balancer. Each instance is stateless and can independently process incoming requests, ensuring high availability and performance. From 8b15b79c61239484ddbc5564b2fc8da79e56b52c Mon Sep 17 00:00:00 2001 From: Zakaria Maaraki <41241669+zakariamaaraki@users.noreply.github.com> Date: Thu, 18 Apr 2024 13:48:42 +0200 Subject: [PATCH 5/5] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 090ae74..e4f6dc1 100644 --- a/README.md +++ b/README.md @@ -170,7 +170,7 @@ We provide you with a script to provision an AKS cluster to ease your deployment ## How It Works -When a request comes in, the compiler creates a container responsible of compiling the given sourcecode (this container shares the same volume with the main application). After a successful compilation, an execution container (with it's own execution environment and totally isolated from other containers) is created for each test case. +When a request arrives, the compiler gets to work by creating a special container just for compiling the code you sent. This container works closely with the main application, sharing its storage space for easy access to files. Once the code is compiled successfully, the compiler sets up separate containers for running each test. These containers work independently, each having its own space to run the code without being affected by others. ![Architecture](images/remote_code_compiler_architecture.png?raw=true "Compiler")