-
Notifications
You must be signed in to change notification settings - Fork 1
/
swagger.yaml
688 lines (673 loc) · 23.9 KB
/
swagger.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
openapi: 3.0.0
info:
title: Poseidon API
description: |
This API is used by CodeOcean to run code in runners.
version: '0.2.2'
servers:
- url: '/api/v1'
components:
schemas:
ExecutionEnvironment:
type: object
properties:
id:
description: The id of the execution environment
type: integer
example: 6
image:
description: The name of the OCI image used for this execution environment
type: string
example: openhpi/co_execenv_python:latest
prewarmingPoolSize:
description: Number of runners with this configuration to prewarm
type: integer
example: 50
cpuLimit:
description: CPU limit for one runner in MHz
type: number
example: 100
memoryLimit:
description: Memory limit for one runner in MB. Exceeding the limit may result in termination of the runner.
type: integer
example: 256
networkAccess:
description: Whether the runner is allowed to access the network or not
type: boolean
example: true
exposedPorts:
description: A list of ports inside the runner to expose to the outside
type: array
items:
type: integer
minimum: 1
maximum: 65535
example: [80, 443]
required:
- id
- image
- prewarmingPoolSize
- cpuLimit
- memoryLimit
- networkAccess
- exposedPorts
additionalProperties: false
FileHeader:
type: object
properties:
name:
description: The path of the file.
type: string
example: ./logs/last.log
entryType:
description: The type of the object (file). See the man page `info ls` for all the meanings.
type: string
minLength: 1
maxLength: 1
enum: ["-", "a", "A", "b", "c", "C", "d", "D", "l", "M", "n", "p", "P", "s", "w", "?"]
default: "-"
size:
description: The size of the file in bytes.
type: integer
example: 42
modificationTime:
description: The Unix Time Stamp of the last modification.
type: integer
example: 1654201799
required:
- name
- size
- modificationTime
additionalProperties: false
ClientError:
type: object
properties:
message:
description: Explanation on why the request could not be handled
type: string
example: Nomad server unreachable
required:
- message
additionalProperties: false
securitySchemes:
poseidonAuthToken:
type: apiKey
in: header
name: Poseidon-Token
description: A security token that might be required depending on the Poseidon configuration.
responses:
BadRequest:
description: Request is invalid. E.g. request body does not follow the json schema required by the given route or url parameters are invalid.
content:
application/json:
schema:
type: object
properties:
message:
description: Explanation on why the request is invalid
type: string
Unauthorized:
description: Client could not be authenticated
NotFound:
description: The entity with the given identifier does not exist.
RunnerGone:
description: The runner is not available any longer.
content:
application/json:
schema:
$ref: "#/components/schemas/ClientError"
FailedFileDependency:
description: The file is not available.
content:
application/json:
schema:
$ref: "#/components/schemas/ClientError"
InternalServerError:
description: Request could not be handled
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/ClientError"
- type: object
properties:
errorCode:
description: Machine readable error description
type: string
enum:
- NOMAD_UNREACHABLE
- NOMAD_OVERLOAD
- NOMAD_INTERNAL_SERVER_ERROR
- PREWARMING_POOL_DEPLETING
- UNKNOWN
example: NOMAD_UNREACHABLE
tags:
- name: runner
description: A unit of execution
- name: execution environment
description: A template for runners
- name: miscellaneous
paths:
/health:
get:
summary: Check if the API is available
description: If this route does not return, the API is not available.
tags:
- miscellaneous
responses:
"204":
description: Everything okay
"503":
$ref: "#/components/responses/InternalServerError"
/version:
get:
summary: Retrieve the version of Poseidon
description: Return hash-like release information.
tags:
- miscellaneous
responses:
"200":
description: The release information could be returned.
"404":
$ref: "#/components/responses/NotFound"
"500":
$ref: "#/components/responses/InternalServerError"
/statistics/execution-environments:
get:
summary: Retrieve the statistics about the execution environments of Poseidon
description: Return Return the current availability and usage of runners.
tags:
- miscellaneous
security:
- poseidonAuthToken: [ ]
responses:
"200":
description: Success. Returns all execution environments
content:
application/json:
schema:
type: object
additionalProperties:
type: object
properties:
id:
description: The id of the execution environment.
type: integer
prewarmingPoolSize:
description: Number of runners with this configuration to prewarm.
type: integer
example: 50
idleRunners:
description: Number of runners currently prewarmed.
type: number
example: 45
usedRunners:
description: Number of runners currently in use.
type: number
example: 20
example:
21:
id: 21
prewarmingPoolSize: 50
idleRunners: 45
usedRunners: 20
42:
id: 42
prewarmingPoolSize: 50
idleRunners: 45
usedRunners: 20
"500":
$ref: "#/components/responses/InternalServerError"
/runners:
post:
summary: Provide a runner
description: Provide a runner with the requested execution environment to the client (CodeOcean).
tags:
- runner
security:
- poseidonAuthToken: [ ]
requestBody:
description: Runner attributes
required: true
content:
application/json:
schema:
type: object
properties:
inactivityTimeout:
description: Specify how long the runner should be available when there is no activity (execution or file copy). Activity resets this timer. 0 means no timeout
type: integer
default: 0
example: 60
executionEnvironmentId:
description: Specifies the execution environment of the runner
type: integer
example: 6
required:
- executionEnvironmentId
additionalProperties: false
responses:
"200":
description: A runner was successfully reserved
content:
application/json:
schema:
type: object
properties:
runnerId:
description: The UUID of the provided runner
type: string
example: 123e4567-e89b-12d3-a456-426614174000
mappedPorts:
description: Array containing the addresses of the mapped ports specified in the execution environment.
type: array
items:
description: The exposedPort inside the container is reachable on the returned hostAddress.
type: object
properties:
exposedPort:
description: The port inside the container.
type: integer
minimum: 0
maximum: 65535
example: 80
hostAddress:
description: The address which can be contacted to reach the mapped port.
type: string
example: 10.224.6.18:23832
"400":
$ref: "#/components/responses/BadRequest"
"401":
$ref: "#/components/responses/Unauthorized"
"404":
$ref: "#/components/responses/NotFound"
"500":
$ref: "#/components/responses/InternalServerError"
/runners/{runnerId}:
delete:
summary: Destroy the runner
description: The runner is no longer in use and should be destroyed.
tags:
- runner
security:
- poseidonAuthToken: [ ]
parameters:
- name: runnerId
in: path
schema:
description: The UUID of the runner that should be destroyed
type: string
example: 123e4567-e89b-12d3-a456-426614174000
required: true
responses:
"204":
description: Success
"401":
$ref: "#/components/responses/Unauthorized"
"410":
$ref: "#/components/responses/RunnerGone"
"500":
$ref: "#/components/responses/InternalServerError"
/runners/{runnerId}/files:
parameters:
- name: runnerId
in: path
schema:
description: Runner on which the files should be placed
type: string
example: 123e4567-e89b-12d3-a456-426614174000
required: true
get:
summary: List filesystem.
description: List all files available in the runner.
tags:
- runner
security:
- poseidonAuthToken: [ ]
parameters:
- name: recursive
in: query
description: Specify if the filesystem should be listed recursively.
schema:
type: boolean
default: true
required: false
- name: path
in: query
description: Specify the directory from where the filesystem is listed.
schema:
type: string
format: pct-encoded # rfc 3986
default: "./"
required: false
- name: privilegedExecution
in: query
description: Specifies if the command should be executed as an privileged user.
schema:
type: boolean
default: false
responses:
"200":
description: Success. Returns the listing of the runner's filesystem.
content:
application/json:
schema:
type: object
properties:
files:
description: A list of all Files
type: array
items:
$ref: "#/components/schemas/FileHeader"
"401":
$ref: "#/components/responses/Unauthorized"
"410":
$ref: "#/components/responses/RunnerGone"
"424":
$ref: "#/components/responses/FailedFileDependency"
"500":
$ref: "#/components/responses/InternalServerError"
patch:
summary: Manipulate runner file system
description: Delete the files with the given paths from the file system of the specified runner. Afterwards, copy the enclosed files to the runner. Existing files get overwritten and results of previous file copy operations on the same runner are present when executing multiple requests.
tags:
- runner
security:
- poseidonAuthToken: [ ]
requestBody:
description: Files to copy or delete
required: true
content:
application/json:
schema:
type: object
properties:
delete:
description: Array of filepaths that should be deleted. Each of the given files or directories should be deleted recursively.
type: array
items:
description: Location of the file or directory that should be deleted. Can be absolute (starting with /) or relative to the workspace directory.
type: string
example: /workspace
copy:
description: Array of files that should be placed in the runner.
type: array
items:
type: object
properties:
path:
description: Location where the file should be placed. Can be absolute (starting with /) or relative to the workspace directory. Missing parent directories are created. If this ends with a /, the path is interpreted as a directory and content is ignored. Currently, every file/directory is owned by root but the directories have the sticky bit set to allow unprivileged file creation.
type: string
example: /etc/passwd
content:
description: The content of the file. MUST be base64 encoded. If this is not given, the file is created with no content.
type: string
example: cm9vdDp4OjA6MDo6L3Jvb3Q6L2Jpbi9iYXNo # root:x:0:0::/root:/bin/bash
required:
- path
additionalProperties: false
additionalProperties: false
responses:
"204":
description: All files were saved
"400":
$ref: "#/components/responses/BadRequest"
"401":
$ref: "#/components/responses/Unauthorized"
"410":
$ref: "#/components/responses/RunnerGone"
"500":
$ref: "#/components/responses/InternalServerError"
/runners/{runnerId}/files/raw:
get:
summary: Download the file.
description: Download the specified file from the selected runner.
tags:
- runner
security:
- poseidonAuthToken: [ ]
parameters:
- name: runnerId
description: Runner on which the command should be executed
in: path
schema:
type: string
example: 123e4567-e89b-12d3-a456-426614174000
required: true
- name: path
in: query
description: Specify the file that should be returned by its filename including its path and extension.
schema:
type: string
format: pct-encoded # rfc 3986
example: "./flag.txt"
required: true
- name: privilegedExecution
in: query
description: Specifies if the command should be executed as an privileged user.
schema:
type: boolean
default: false
responses:
"200":
description: Success. Returns the file.
content:
application/octet-stream:
schema:
type: string
format: binary
"401":
$ref: "#/components/responses/Unauthorized"
"410":
$ref: "#/components/responses/RunnerGone"
"424":
$ref: "#/components/responses/FailedFileDependency"
/runners/{runnerId}/execute:
post:
summary: Execute a command
description: Execute a command in the runner. Whether this starts the actual execution or only prepares a Websocket URL to start it depends on the implementation.
tags:
- runner
security:
- poseidonAuthToken: [ ]
parameters:
- name: runnerId
description: Runner on which the command should be executed
in: path
schema:
type: string
example: 123e4567-e89b-12d3-a456-426614174000
required: true
requestBody:
description: Description what and how to execute
required: true
content:
application/json:
schema:
type: object
properties:
command:
description: The command to be executed. The working directory for this execution is the working directory of the image of the execution environment. Single quotation ' can not be used.
type: string
example: python exercise.py
privilegedExecution:
description: Specifies if the command should be executed as an privileged user.
type: boolean
default: false
environment:
description: Environment variables for this execution. The keys of this object are the variable names and the value of each key is the value of the variable with the same name. The environment variables of the system remain accessible.
type: object
additionalProperties:
type: string
pattern: "[a-zA-Z_][a-zA-Z0-9_]+"
default: {}
example:
PATH: /bin
timeLimit:
description: Specifies the time in seconds until this execution should be killed. 0 means do not kill
type: integer
default: 0
example: 5
required:
- command
additionalProperties: false
responses:
"200":
description: Success. Returns a Websocket URL to connect to
content:
application/json:
schema:
type: object
properties:
websocketUrl:
description: A Websocket endpoint to connect to communicate with the process running in the runner
type: string
example: "ws://ws.example.com/path/to/websocket"
"400":
$ref: "#/components/responses/BadRequest"
"401":
$ref: "#/components/responses/Unauthorized"
"410":
$ref: "#/components/responses/RunnerGone"
"500":
$ref: "#/components/responses/InternalServerError"
/runners/{runnerId}/websocket:
get:
summary: Connect to an execution.
description: The url including all parameters will be generated and returned by the `execute` route. This is a WebSocket endpoint. The schema for the WS communication is described in `websocket.schema.json`.
tags:
- runner
security:
- poseidonAuthToken: [ ]
parameters:
- name: runnerId
description: Runner on which the execution is created.
in: path
schema:
type: string
example: 123e4567-e89b-12d3-a456-426614174000
required: true
- name: executionID
description: The execution of the runner that you want to connect to.
in: query
schema:
type: string
example: 123e4567-e89b-12d3-a456-426614174000
required: true
responses:
"101":
description: Success. Switching protocols to WebSocket.
"401":
$ref: "#/components/responses/Unauthorized"
"404":
$ref: "#/components/responses/NotFound"
"410":
$ref: "#/components/responses/RunnerGone"
"500":
$ref: "#/components/responses/InternalServerError"
/execution-environments:
get:
summary: List execution environments
description: List all execution environments the API is aware of.
tags:
- execution environment
security:
- poseidonAuthToken: [ ]
parameters:
- name: fetch
in: query
description: Specify whether environments should be fetched again from the executor before returning. Otherwise, the data currently in cache is returned.
schema:
type: boolean
default: false
required: false
responses:
"200":
description: Success. Returns all execution environments
content:
application/json:
schema:
type: object
properties:
executionEnvironments:
description: A list of all execution environments
type: array
items:
$ref: "#/components/schemas/ExecutionEnvironment"
"401":
$ref: "#/components/responses/Unauthorized"
/execution-environments/{executionEnvironmentId}:
parameters:
- name: executionEnvironmentId
in: path
description: Id of the execution environment
required: true
schema:
type: integer
get:
summary: Show an execution environment
description: Get a representation of the execution environment specified by the id.
tags:
- execution environment
security:
- poseidonAuthToken: [ ]
parameters:
- name: fetch
in: query
description: Specify whether the environment should be fetched again from the executor before returning. Otherwise, the data currently in cache is returned.
schema:
type: boolean
default: false
required: false
responses:
"200":
description: Success. Returns the execution environment
content:
application/json:
schema:
$ref: "#/components/schemas/ExecutionEnvironment"
"400":
$ref: "#/components/responses/BadRequest"
"401":
$ref: "#/components/responses/Unauthorized"
"404":
$ref: "#/components/responses/NotFound"
put:
summary: Create or replace the execution environment
description: This is used for keeping execution environments in sync between the client and the provider of this API. By sending a request with an id, the execution environment is created if it does not exist and updated otherwise.
tags:
- execution environment
security:
- poseidonAuthToken: [ ]
requestBody:
description: The new execution environment
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/ExecutionEnvironment"
responses:
"201":
description: The executions environment did not exist and was created
"204":
description: The execution environment was replaced
"400":
$ref: "#/components/responses/BadRequest"
"401":
$ref: "#/components/responses/Unauthorized"
delete:
summary: Delete the execution environment
description: Remove the specified execution environment from the API.
tags:
- execution environment
security:
- poseidonAuthToken: [ ]
responses:
"204":
description: The execution environment was deleted.
"400":
$ref: "#/components/responses/BadRequest"
"401":
$ref: "#/components/responses/Unauthorized"
"404":
$ref: "#/components/responses/NotFound"