Merge pull request #4 from invariantlabs-ai/playground

Update playground
invariantlabs-ai · Aug 29, 2024 · 0b16e2c · 0b16e2c
2 parents d3b151c + ddaf281
commit 0b16e2c
Show file tree

Hide file tree

Showing 52 changed files with 5,817 additions and 1,556 deletions.
diff --git a/.env.example b/.env.example
@@ -0,0 +1,2 @@
+PROMETHEUS_TOKEN=token
+PRODUCTION=true
diff --git a/.gitignore b/.gitignore
@@ -10,4 +10,5 @@ wheels/
 # venv
 .venv
 *.db
-.vite
+.vite
+.env.local
diff --git a/.python-version b/.python-version
@@ -1 +1 @@
-3.12.3
+3.12.3
diff --git a/Dockerfile b/Dockerfile
@@ -1,43 +1,46 @@
-FROM node:20 as frontend-builder
-
+FROM node:20-slim as frontend-builder
 WORKDIR /app
-
 COPY ./playground/package*.json ./
-RUN npm install
-
+RUN npm ci
 COPY ./playground/ ./
 RUN npm run build
 
-FROM gcr.io/kctf-docker/challenge
+FROM gcr.io/kctf-docker/challenge as nsjail-source
 
-RUN useradd --create-home --shell /bin/bash app
-RUN apt-get -y update && apt-get install -y git curl
+FROM python:3.12.3-slim
 
+COPY --from=nsjail-source /usr/bin/nsjail /usr/bin/nsjail
 RUN chmod u+s /usr/bin/nsjail
 
-# install rye
-RUN curl -sSf https://rye.astral.sh/get | RYE_HOME="/home/app/.rye" RYE_INSTALL_OPTION="--yes" RYE_TOOLCHAIN_VERSION="3.12.3" bash
+RUN useradd --create-home --shell /bin/bash app && \
+    apt-get update && \
+    apt-get install -y --no-install-recommends git curl && \
+    echo "deb http://deb.debian.org/debian buster main" >> /etc/apt/sources.list && \
+    apt-get update && \
+    apt-get install -y --no-install-recommends libprotobuf17 libnl-3-200 libnl-route-3-200 && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/*
 
 USER app
 WORKDIR /home/app
 
-COPY --chown=app requirements.lock ./
-COPY --chown=app pyproject.toml ./
-COPY --chown=app .python-version ./
-COPY --chown=app README.md ./
+ENV RYE_HOME="/home/app/.rye" \
+    PATH="/home/app/.rye/shims:${PATH}"
 
-RUN /bin/bash -c 'source /home/app/.rye/env && rye sync'
+RUN curl -sSf https://rye.astral.sh/get | RYE_INSTALL_OPTION="--yes" RYE_TOOLCHAIN="/usr/local/bin/python" UV_NO_CACHE=1 bash
 
-ENV PATH="/home/app/.rye/shims:${PATH}"
+COPY --chown=app requirements.lock pyproject.toml .python-version README.md ./
 
-# Cache presidio-analyzer
-RUN rye run python3 -c 'import presidio_analyzer; a = presidio_analyzer.AnalyzerEngine(); a.analyze("text", language="en")'
-RUN rye run python3 -c 'from huggingface_hub import snapshot_download; snapshot_download(repo_id="protectai/deberta-v3-base-prompt-injection-v2"); snapshot_download(repo_id="KoalaAI/Text-Moderation")'
-RUN curl https://semgrep.dev/c/r/bash -s -o /tmp/bash
-RUN curl https://semgrep.dev/c/r/python.lang.security -s -o /tmp/python.lang.security
+RUN /bin/bash -c 'source $RYE_HOME/env && UV_NO_CACHE=1 rye sync' && \
+    curl https://semgrep.dev/c/r/bash -s -o /tmp/bash && \
+    curl https://semgrep.dev/c/r/python.lang.security -s -o /tmp/python.lang.security
 
-COPY server ./server
-COPY --from=frontend-builder /app/dist ./playground/dist
+COPY --chown=app server ./server
+COPY --from=frontend-builder --chown=app /app/dist ./playground/dist
+
+USER root
+RUN chown -R app:app /home/app/server/logs
+USER app
 
 EXPOSE 8000
 

diff --git a/Dockerfile.gpu b/Dockerfile.gpu
@@ -0,0 +1,49 @@
+FROM node:20-slim as frontend-builder
+WORKDIR /app
+COPY ./playground/package*.json ./
+RUN npm ci
+COPY ./playground/ ./
+RUN npm run build
+
+FROM gcr.io/kctf-docker/challenge as nsjail-source
+
+FROM python:3.12.3-slim
+
+COPY --from=nsjail-source /usr/bin/nsjail /usr/bin/nsjail
+RUN chmod u+s /usr/bin/nsjail
+
+RUN useradd --create-home --shell /bin/bash app && \
+    apt-get update && \
+    apt-get install -y --no-install-recommends git curl && \
+    echo "deb http://deb.debian.org/debian buster main" >> /etc/apt/sources.list && \
+    apt-get update && \
+    apt-get install -y --no-install-recommends libprotobuf17 libnl-3-200 libnl-route-3-200 && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/*
+
+USER app
+WORKDIR /home/app
+
+ENV RYE_HOME="/home/app/.rye" \
+    PATH="/home/app/.rye/shims:${PATH}"
+
+RUN curl -sSf https://rye.astral.sh/get | RYE_INSTALL_OPTION="--yes" RYE_TOOLCHAIN="/usr/local/bin/python" UV_NO_CACHE=1 bash
+
+COPY --chown=app requirements.lock pyproject.toml .python-version README.md ./
+
+RUN /bin/bash -c 'source $RYE_HOME/env && UV_NO_CACHE=1 rye sync --all-features' && \
+    curl https://semgrep.dev/c/r/bash -s -o /tmp/bash && \
+    curl https://semgrep.dev/c/r/python.lang.security -s -o /tmp/python.lang.security
+RUN rye run python3 -c 'import presidio_analyzer; a = presidio_analyzer.AnalyzerEngine(); a.analyze("text", language="en")'
+RUN rye run python3 -c 'from huggingface_hub import snapshot_download; snapshot_download(repo_id="protectai/deberta-v3-base-prompt-injection-v2"); snapshot_download(repo_id="KoalaAI/Text-Moderation")'
+
+COPY --chown=app server ./server
+COPY --from=frontend-builder --chown=app /app/dist ./playground/dist
+
+USER root
+RUN chown -R app:app /home/app/server/logs
+USER app
+
+EXPOSE 8000
+
+CMD ["rye", "run", "uvicorn", "server.main:app", "--host", "0.0.0.0"]
diff --git a/README.md b/README.md
@@ -7,13 +7,20 @@ REST API Server made to run Invariant policies remotely.
 ```bash
 git clone https://github.com/invariantlabs-ai/invariant-server
 cd invariant-server
-docker build -t invariant-server .
-docker run -e PRODUCTION=true --privileged -d -p8000:8000 invariant-server
+cp .env.example .env
+docker-compose up -d --build
 ```
 
-The `--privileged` flag is required to run each session policy in its own [nsjail](https://nsjail.dev/). This is required to ensure isolation between multiple users running policies on the same server.
+## Environment Variables
 
-Note that `PRODUCTION=true` requires the `--privileged` flag.
+- `PRODUCTION`: Set to `true` to run in production mode with nsjail isolation.
+- `PROMETHEUS_TOKEN`: Token for authenticating Prometheus scrape requests.
+
+## Production
+
+The `docker-compose.yml` file is configured to run the container with the necessary privileges and settings for production use, including nsjail isolation.
+
+Note that `PRODUCTION=true` requires privileged mode, which is already set in the docker-compose file. **Disable** privileges if not running in production mode.
 
 If running ubuntu 23.10 or later, you need to run these commands on the host:
 ```
@@ -23,6 +30,8 @@ sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
 
 This is related to issue [#236](https://github.com/google/nsjail/issues/236).
 
+## Staging
+
 The application can also be run in development mode by omitting the `PRODUCTION` environment variable:
 
 ```bash

diff --git a/client.py b/client.py
@@ -40,7 +40,7 @@ def check(self, past_events: List[Dict], pending_events: List[Dict]):
                     "policy": self.policy,
                 },
             )
-            return response.text
+            return response.json()
 
 
 # Example usage

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -0,0 +1,22 @@
+version: '3.8'
+
+services:
+  app:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    ports:
+      - "8000:8000"
+    env_file:
+      - .env
+    volumes:
+      - app_logs:/home/app/server/logs
+    privileged: true
+    security_opt:
+      - seccomp:unconfined
+    cgroup: host
+    platform: linux/amd64
+    user: app
+
+volumes:
+  app_logs:
-Original file line number
+Diff line change
@@ Expand Up / @@ -10,4 +10,5 @@ wheels/ @@
     # venv
     .venv
     *.db
-    .vite
+    .vite
+    .env.local