Add REST API for InstaVM-compatible code execution #11
Conversation
- Rename cookbooks/ to examples/ for clearer purpose - Rename mcp_main.py to server.py for better clarity - Rename openai_testmcp.py to openai_client.py for descriptive naming - Update MCP server name from "jupyter_tools" to "CodeRunner" - Remove personal information from config files - Add claude_desktop_config.example.json template - Add essential open source files (LICENSE, CONTRIBUTING.md) - Update .gitignore for better coverage - Update all file references in Dockerfile, entrypoint.sh, and README - Update GitHub repository references to BandarLabs organization
refactor: prepare project for open source release
- GitHub Actions workflow for AMD64/ARM64 Docker builds - Docker Compose configuration for easy deployment - Comprehensive Docker setup documentation - Local build test script for validation Enables Docker Hub publishing alongside existing Apple container builds using separate tags (docker-latest vs apple-latest).
- Add InstaVM-compatible REST API endpoints (/execute, /execute_async, /sessions) - Implement session management with automatic cleanup - Add multi-language support (Python, bash, JavaScript) - Create API schemas matching InstaVM interface - Update entrypoint to start both MCP and REST servers - Expose REST API on port 8223 alongside MCP on 8222 - Add comprehensive error handling and health checks
- Implement auto-container management with Docker integration - Create zero-config CodeRunner client with InstaVM-compatible interface - Add cloud migration support via import alias pattern - Implement comprehensive error handling and logging - Add test suite for core functionality - Update dependencies and add setup.py for package distribution - Support session management, async execution, and health monitoring
- Document REST API implementation and architecture - Provide usage examples and migration guide - Detail testing strategy and review focus areas - Explain benefits for different user groups
Summary of ChangesHello @abhishek-anand, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request introduces a significant architectural enhancement by adding a new REST API and a Python client to enable local, zero-configuration code execution. The primary goal is to provide a development experience that mirrors the InstaVM cloud platform, allowing users to easily transition their workflows. This change streamlines the setup process for new users and offers a flexible hybrid execution model for existing cloud users, improving overall usability and developer experience. Highlights
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces a significant new feature: a REST API for code execution that is compatible with InstaVM. This is a valuable addition for local development and provides a clear path for cloud migration. The changes are extensive, adding new API endpoints, session management, container management, and a client library. However, there are several critical architectural issues that need to be addressed. The most important one is that the new REST API server and the existing MCP server are run as separate processes, which prevents them from sharing in-memory state like the kernel pool, leading to incorrect behavior. There are also circular dependencies and code duplication that should be resolved. I've left specific comments on these issues. Once these architectural problems are fixed, this will be a very strong contribution.
entrypoint.sh
Outdated
| uvicorn api.rest_server:app --host 0.0.0.0 --port 8223 --workers 1 --no-access-log & | ||
|
|
||
| # Start FastAPI application (MCP server) | ||
| exec uvicorn server:app --host 0.0.0.0 --port 8222 --workers 1 --no-access-log |
There was a problem hiding this comment.
Running two separate uvicorn processes for the REST API and the MCP server will cause them to have separate, unshared memory spaces. This is a critical issue because stateful objects like the kernel_pool will be instantiated independently in each process, leading to inconsistent state and incorrect kernel management. For example, a kernel acquired by one server will not be seen as busy by the other.
To fix this, you should run both applications within a single process. You can create a main application file that imports both FastAPI app objects and mounts one onto the other. This ensures that they share the same kernel_pool instance and other global state.
| uvicorn api.rest_server:app --host 0.0.0.0 --port 8223 --workers 1 --no-access-log & | |
| # Start FastAPI application (MCP server) | |
| exec uvicorn server:app --host 0.0.0.0 --port 8222 --workers 1 --no-access-log | |
| # main.py | |
| # from api.rest_server import app as rest_app | |
| # from server import app as mcp_app | |
| # | |
| # mcp_app.mount("/rest", rest_app) | |
| # | |
| # # Then run `uvicorn main:mcp_app ...` in this script | |
| # Start REST API server alongside MCP server | |
| uvicorn api.rest_server:app --host 0.0.0.0 --port 8223 --workers 1 --no-access-log & | |
| # Start FastAPI application (MCP server) | |
| exec uvicorn server:app --host 0.0.0.0 --port 8222 --workers 1 --no-access-log |
server.py
Outdated
| } | ||
|
|
||
| # Add methods to KernelPool class | ||
| KernelPool.execute_on_kernel = lambda self, kernel_id, command: execute_on_kernel_for_session(kernel_id, command) |
There was a problem hiding this comment.
Monkey-patching KernelPool.execute_on_kernel is a dangerous practice that makes the code difficult to understand, debug, and maintain. It's not clear why this method is being replaced at runtime, and it can lead to unexpected behavior.
| KernelPool.execute_on_kernel = lambda self, kernel_id, command: execute_on_kernel_for_session(kernel_id, command) | |
| # Instead of monkey-patching, consider adding execute_on_kernel_for_session as a method to the KernelPool class | |
| # and calling it directly from the session manager. |
api/rest_server.py
Outdated
| session_count = len(session_manager.sessions) | ||
|
|
||
| # Check kernel pool | ||
| from server import kernel_pool |
There was a problem hiding this comment.
Importing kernel_pool from server here introduces a circular dependency and a significant architectural flaw. The api module should not depend on the top-level server module. This makes the code tightly coupled and hard to maintain or test. A similar issue exists in core/session_manager.py.
The KernelPool class and its instance should be moved out of server.py into its own module, for example, core/kernel_pool.py. Both server.py and this file can then import it from this central location, breaking the circular dependency and improving modularity.
| @app.post("/execute_async", response_model=AsyncExecutionResponse) | ||
| async def execute_command_async(request: CommandRequest): | ||
| """ | ||
| Execute command asynchronously - InstaVM compatible interface | ||
| Args: | ||
| request: Command execution request | ||
| Returns: | ||
| Task ID for checking execution status | ||
| """ | ||
| try: | ||
| # Validate language | ||
| if not LanguageProcessor.validate_language(request.language): | ||
| raise HTTPException( | ||
| status_code=400, | ||
| detail=f"Unsupported language: {request.language}" | ||
| ) | ||
|
|
||
| # Generate task ID | ||
| task_id = str(uuid.uuid4()) | ||
|
|
||
| # Store task info | ||
| async_tasks[task_id] = { | ||
| "id": task_id, | ||
| "status": "queued", | ||
| "command": request.command, | ||
| "language": request.language, | ||
| "session_id": request.session_id, | ||
| "created_at": time.time(), | ||
| "result": None, | ||
| "error": None | ||
| } | ||
|
|
||
| # TODO: Implement actual async execution with background tasks | ||
| # For now, just return the task ID | ||
| # In a full implementation, this would use Celery or similar | ||
|
|
||
| return AsyncExecutionResponse(task_id=task_id, status="queued") | ||
|
|
||
| except HTTPException: | ||
| raise | ||
| except Exception as e: | ||
| logger.error(f"Error in execute_command_async: {e}") | ||
| raise HTTPException(status_code=500, detail=f"Internal server error: {str(e)}") | ||
|
|
There was a problem hiding this comment.
The /execute_async endpoint is misleading. It returns a task_id and a queued status, but it doesn't actually perform any asynchronous execution, as the TODO comment confirms. This is a critical issue as the API does not behave as documented or expected. The in-memory async_tasks dictionary is also not a suitable solution for a production environment as tasks will be lost on restart.
You should either implement a proper background task queue (e.g., using FastAPI's BackgroundTasks, or a more robust system like Celery) or, if this feature is not ready, remove the endpoint to avoid confusion. If you keep it, the documentation must be updated to clearly state its current limitations.
core/session_manager.py
Outdated
| session_id = str(uuid.uuid4()) | ||
|
|
||
| # Import here to avoid circular imports | ||
| from server import kernel_pool |
There was a problem hiding this comment.
Importing kernel_pool from server here introduces a circular dependency and a significant architectural flaw. The core module should not depend on the top-level server module. This makes the code tightly coupled and hard to maintain or test.
The KernelPool class and its instance should be moved out of server.py into its own module, for example, core/kernel_pool.py. Both server.py and this file can then import it from this central location, breaking the circular dependency and improving modularity.
server.py
Outdated
| async def execute_on_kernel_for_session(kernel_id: str, command: str) -> dict: | ||
| """Execute code on specific kernel for session management""" | ||
| jupyter_ws_url = f"{JUPYTER_WS_URL}/api/kernels/{kernel_id}/channels" | ||
| final_output_lines = [] | ||
| error_output = [] | ||
| sent_msg_id = None | ||
|
|
||
| try: | ||
| async with websockets.connect( | ||
| jupyter_ws_url, | ||
| ping_interval=WEBSOCKET_PING_INTERVAL, | ||
| ping_timeout=WEBSOCKET_PING_TIMEOUT, | ||
| close_timeout=10 | ||
| ) as jupyter_ws: | ||
| sent_msg_id, jupyter_request_json = create_jupyter_request(command) | ||
| await jupyter_ws.send(jupyter_request_json) | ||
| logger.info(f"Sent execute_request to kernel {kernel_id} (msg_id: {sent_msg_id})") | ||
|
|
||
| execution_complete = False | ||
| start_time = time.time() | ||
|
|
||
| while not execution_complete and (time.time() - start_time) < WEBSOCKET_TIMEOUT: | ||
| try: | ||
| message_str = await asyncio.wait_for(jupyter_ws.recv(), timeout=30.0) | ||
| except asyncio.TimeoutError: | ||
| continue | ||
|
|
||
| try: | ||
| message_data = json.loads(message_str) | ||
| except json.JSONDecodeError: | ||
| continue | ||
|
|
||
| parent_msg_id = message_data.get("parent_header", {}).get("msg_id") | ||
| if parent_msg_id != sent_msg_id: | ||
| continue | ||
|
|
||
| msg_type = message_data.get("header", {}).get("msg_type") | ||
| content = message_data.get("content", {}) | ||
|
|
||
| if msg_type == "stream": | ||
| stream_text = content.get("text", "") | ||
| final_output_lines.append(stream_text) | ||
|
|
||
| elif msg_type in ["execute_result", "display_data"]: | ||
| result_text = content.get("data", {}).get("text/plain", "") | ||
| final_output_lines.append(result_text) | ||
|
|
||
| elif msg_type == "error": | ||
| error_traceback = "\n".join(content.get("traceback", [])) | ||
| error_output.append(error_traceback) | ||
|
|
||
| elif msg_type == "status" and content.get("execution_state") == "idle": | ||
| execution_complete = True | ||
|
|
||
| if not execution_complete: | ||
| elapsed = time.time() - start_time | ||
| raise KernelTimeoutError(f"Execution timed out after {elapsed:.0f} seconds") | ||
|
|
||
| execution_time = time.time() - start_time | ||
|
|
||
| return { | ||
| "stdout": "".join(final_output_lines), | ||
| "stderr": "\n".join(error_output), | ||
| "execution_time": execution_time, | ||
| "success": len(error_output) == 0 | ||
| } | ||
|
|
||
| except Exception as e: | ||
| logger.error(f"Error executing on kernel {kernel_id}: {e}") | ||
| return { | ||
| "stdout": "", | ||
| "stderr": str(e), | ||
| "execution_time": 0.0, | ||
| "success": False | ||
| } |
There was a problem hiding this comment.
The new function execute_on_kernel_for_session duplicates a large amount of logic from _execute_on_kernel (in the same file). This code duplication makes maintenance difficult, as any bug fixes or improvements will need to be applied in two places.
__init__.py
Outdated
| try: | ||
| error_data = response.json() | ||
| error_detail = error_data.get("detail", error_detail) | ||
| except: |
There was a problem hiding this comment.
Using a bare except: clause is dangerous as it catches all exceptions, including system-exiting ones like SystemExit or KeyboardInterrupt, making it harder to debug and stop the program. This pattern is repeated in other places in this file (e.g., line 145, 223, 304). You should always specify the exception type you expect to catch. In this case, you are trying to handle errors when parsing the JSON response.
| except: | |
| except requests.exceptions.JSONDecodeError: |
container_manager.py
Outdated
| timeout=3 | ||
| ) | ||
| return response.status_code == 200 | ||
| except: |
There was a problem hiding this comment.
The bare except: clause here is too broad and can hide unexpected errors. It's better to catch specific exceptions. This pattern is also present on line 239.
| except: | |
| except requests.exceptions.RequestException: |
setup.py
Outdated
| install_requires=[ | ||
| "requests>=2.25.0", | ||
| "fastapi>=0.68.0", | ||
| "uvicorn[standard]>=0.15.0", | ||
| "pydantic>=1.8.0", | ||
| "beautifulsoup4>=4.9.0", | ||
| ], |
There was a problem hiding this comment.
The install_requires list is hardcoded, but there is a read_requirements function defined in the file that is not being used. This leads to dependency information being duplicated and a risk of them getting out of sync with requirements.txt.
install_requires=read_requirements(),
- Modified CodeRunner constructor to support isolated=True parameter (default) - Added ContainerManager.create_isolated_container() with unique port allocation - Implemented cleanup methods for isolated containers with context manager support - Added comprehensive tests for isolated vs shared container modes - Users now get fresh isolated containers by default instead of shared ones - Maintains backward compatibility with isolated=False for shared containers 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]>
|
Resolved: Critical issue #1 - Merged both services into a single unified application in main.py. The MCP server now mounts the REST API on /api subpath, ensuring shared kernel_pool and state. Updated entrypoint.sh to run unified app on port 8222. |
|
Resolved: Critical issue #2 - Moved KernelPool and related classes to core/kernel_pool.py, eliminating circular dependencies. Updated all imports to use the new location. |
|
Resolved: Critical issue #3 - Removed monkey-patching by adding execute_on_kernel as a proper method to the KernelPool class in core/kernel_pool.py. The code is now much cleaner and maintainable. |
|
Resolved: Critical issue #4 - Implemented proper async execution using FastAPI's BackgroundTasks. The /execute_async endpoint now actually executes code asynchronously in the background and stores results for status checking. |
|
Resolved: High priority issue #1 - Eliminated code duplication by consolidating execute_on_kernel functions. The KernelPool class now has a single execute_on_kernel method, and the MCP server has its own specialized version for progress reporting. |
|
Resolved: High priority issue #2 - Replaced all bare except clauses with specific exception types (requests.exceptions.RequestException, subprocess.CalledProcessError, etc.) for better error handling and debugging. |
|
Resolved: High priority issue #3 - Fixed setup.py to use read_requirements() function instead of hardcoded dependencies, ensuring consistency with requirements.txt file. |
Critical Issues Fixed: - Unified MCP and REST API into single process (main.py) - Moved KernelPool to core/kernel_pool.py, eliminating circular dependencies - Removed monkey-patching by adding proper KernelPool.execute_on_kernel method - Implemented proper async execution using FastAPI BackgroundTasks High Priority Issues Fixed: - Eliminated code duplication in execute_on_kernel functions - Replaced all bare except clauses with specific exception types - Fixed setup.py to use read_requirements() function Architecture Improvements: - Single unified app on port 8222 with REST API mounted on /api - Clean module structure with core/ components - Proper error handling throughout codebase - Functional async task execution
|
/gemini review |
There was a problem hiding this comment.
Code Review
This is a substantial pull request that introduces a new REST API, session management, and a client library. The scope is quite large, and it includes many files that appear to be AI-generated chat logs and analysis, which should be removed from the final pull request (e.g., .aider.*, CLAUDE.md, parity.md, etc.). I recommend splitting this work into smaller, more focused pull requests to make it easier to review and merge.
My review focuses on the new application code. I've found several critical issues related to module imports and concurrency, as well as opportunities for improving maintainability and robustness. Key areas for improvement include fixing circular and incorrect imports, ensuring non-blocking I/O in async functions, standardizing configuration, and improving the reliability of the async task store.
api/rest_server.py
Outdated
| session_count = len(session_manager.sessions) | ||
|
|
||
| # Check kernel pool | ||
| from core.kernel_pool import kernel_pool |
There was a problem hiding this comment.
This import from core.kernel_pool import kernel_pool will fail with a ModuleNotFoundError because core is not in the Python path relative to this file. Since api and core are sibling packages, you should use a relative import.
| from core.kernel_pool import kernel_pool | |
| from ..core.kernel_pool import kernel_pool |
core/session_manager.py
Outdated
|
|
||
| try: | ||
| # Import here to avoid circular imports | ||
| from server import kernel_pool |
There was a problem hiding this comment.
The import from server import kernel_pool will cause a circular dependency and will fail because server.py might depend on this module. You should use a relative import from the core package instead.
| from server import kernel_pool | |
| from .kernel_pool import kernel_pool |
main.py
Outdated
| # Get the existing startup/shutdown events from REST API | ||
| rest_startup = None | ||
| rest_shutdown = None | ||
| for event_handler in rest_app.router.on_startup: | ||
| rest_startup = event_handler | ||
|
|
||
| for event_handler in rest_app.router.on_shutdown: | ||
| rest_shutdown = event_handler | ||
|
|
||
| # Add REST API startup/shutdown to main app | ||
| if rest_startup: | ||
| @main_app.on_event("startup") | ||
| async def combined_startup(): | ||
| await rest_startup() | ||
|
|
||
| if rest_shutdown: | ||
| @main_app.on_event("shutdown") | ||
| async def combined_shutdown(): | ||
| await rest_shutdown() |
There was a problem hiding this comment.
The current implementation for transferring event handlers will only copy the last startup and shutdown handler if multiple exist. FastAPI stores these handlers in a list. To ensure all handlers are transferred, you should iterate over the list and add each one to the main application.
| # Get the existing startup/shutdown events from REST API | |
| rest_startup = None | |
| rest_shutdown = None | |
| for event_handler in rest_app.router.on_startup: | |
| rest_startup = event_handler | |
| for event_handler in rest_app.router.on_shutdown: | |
| rest_shutdown = event_handler | |
| # Add REST API startup/shutdown to main app | |
| if rest_startup: | |
| @main_app.on_event("startup") | |
| async def combined_startup(): | |
| await rest_startup() | |
| if rest_shutdown: | |
| @main_app.on_event("shutdown") | |
| async def combined_shutdown(): | |
| await rest_shutdown() | |
| # Get the existing startup/shutdown events from REST API | |
| for handler in rest_app.router.on_startup: | |
| main_app.add_event_handler("startup", handler) | |
| for handler in rest_app.router.on_shutdown: | |
| main_app.add_event_handler("shutdown", handler) |
| ) | ||
|
|
||
| # Async task storage (simple in-memory for now) | ||
| async_tasks: Dict[str, Dict[str, Any]] = {} |
There was a problem hiding this comment.
Using an in-memory dictionary for async_tasks is not robust for production. If the server restarts, all information about running and completed asynchronous tasks will be lost. Consider using a more persistent storage solution like Redis or a database to track task state.
container_manager.py
Outdated
| subprocess.run([ | ||
| "docker", "run", "-d", | ||
| "--name", cls.CONTAINER_NAME, | ||
| "-p", f"{cls.REST_PORT}:8223", |
There was a problem hiding this comment.
The container port 8223 is mapped to the host, but nothing inside the container listens on this port. The unified application runs on port 8222. This port mapping is unused and can be confusing. I recommend removing it.
| try: | ||
| if KERNEL_ID_FILE_PATH.exists(): | ||
| with open(KERNEL_ID_FILE_PATH, 'r') as f: | ||
| kernel_id = f.read().strip() | ||
| if kernel_id: | ||
| # Verify kernel is still alive | ||
| if await self._check_kernel_health(kernel_id): | ||
| return kernel_id | ||
| else: | ||
| logger.warning(f"Existing kernel {kernel_id} is not responsive") | ||
| except Exception as e: | ||
| logger.warning(f"Could not read existing kernel: {e}") | ||
| return None |
There was a problem hiding this comment.
This function uses the synchronous open() and os.path.exists() to read the kernel ID file. In an async function, this will block the event loop. You should use aiofiles for asynchronous file I/O to prevent blocking.
| try: | |
| if KERNEL_ID_FILE_PATH.exists(): | |
| with open(KERNEL_ID_FILE_PATH, 'r') as f: | |
| kernel_id = f.read().strip() | |
| if kernel_id: | |
| # Verify kernel is still alive | |
| if await self._check_kernel_health(kernel_id): | |
| return kernel_id | |
| else: | |
| logger.warning(f"Existing kernel {kernel_id} is not responsive") | |
| except Exception as e: | |
| logger.warning(f"Could not read existing kernel: {e}") | |
| return None | |
| try: | |
| async with aiofiles.open(KERNEL_ID_FILE_PATH, mode='r') as f: | |
| kernel_id = (await f.read()).strip() | |
| if kernel_id and await self._check_kernel_health(kernel_id): | |
| return kernel_id | |
| elif kernel_id: | |
| logger.warning(f"Existing kernel {kernel_id} is not responsive") | |
| except FileNotFoundError: | |
| # This is a normal case if the server is starting for the first time. | |
| pass | |
| except Exception as e: | |
| logger.warning(f"Could not read or validate existing kernel: {e}") | |
| return None |
| if isinstance(result, dict): | ||
| # Handle different result formats from kernel pool | ||
| if "stdout" in result: | ||
| stdout = result["stdout"] | ||
| elif "output" in result: | ||
| stdout = result["output"] | ||
| else: | ||
| stdout = str(result) | ||
|
|
||
| if "stderr" in result: | ||
| stderr = result["stderr"] | ||
| elif "error" in result and result.get("error"): | ||
| stderr = str(result["error"]) | ||
| else: | ||
| stdout = str(result) |
There was a problem hiding this comment.
The logic to extract stdout and stderr from the execution result is quite defensive, checking for stdout, output, stderr, and error keys. This suggests the return format from session_manager.execute_in_session is not standardized. To improve maintainability, it would be better to enforce a consistent return schema from the execution layer, so this complex parsing is not needed.
| """Response schema for session operations""" | ||
| session_id: str | ||
| status: str = "active" | ||
| created_at: Optional[str] = None |
There was a problem hiding this comment.
The created_at field is typed as Optional[str], but the create_session endpoint in rest_server.py assigns it time.time(), which is a float. This is inconsistent with the get_session endpoint, which returns an ISO string. To standardize this, I recommend changing the type to datetime and assigning datetime.now() in the endpoint. Pydantic will automatically serialize it to an ISO 8601 string.
| elif any(cmd in command.lower() for cmd in ["npm", "node", "yarn"]): | ||
| return "javascript" | ||
| elif any(cmd in command.lower() for cmd in ["ls", "cd", "mkdir", "cat", "grep"]): | ||
| return "bash" |
There was a problem hiding this comment.
The current language detection logic any(cmd in command.lower() for cmd in ...) can lead to false positives. For example, a Python string like my_var = "npm install" would be incorrectly detected as JavaScript. To make this more robust, consider checking if the command starts with one of these keywords.
| elif any(cmd in command.lower() for cmd in ["npm", "node", "yarn"]): | |
| return "javascript" | |
| elif any(cmd in command.lower() for cmd in ["ls", "cd", "mkdir", "cat", "grep"]): | |
| return "bash" | |
| elif any(command.lower().strip().startswith(cmd) for cmd in ["npm ", "node ", "yarn "]): | |
| return "javascript" | |
| elif any(command.lower().strip().startswith(cmd) for cmd in ["ls ", "cd ", "mkdir ", "cat ", "grep "]): | |
| return "bash" |
| image_data = data["image/png"] | ||
| try: | ||
| image_bytes = base64.b64decode(image_data) | ||
| image_path = f"/app/uploads/output_{int(time.time())}.png" |
There was a problem hiding this comment.
Using int(time.time()) for image filenames could lead to name collisions if multiple images are generated within the same second. To ensure unique filenames, it's better to use a UUID.
| image_path = f"/app/uploads/output_{int(time.time())}.png" | |
| image_path = f"/app/uploads/output_{uuid.uuid4().hex}.png" |
|
/gemini review |
There was a problem hiding this comment.
Code Review
This is a substantial and well-executed pull request that introduces a comprehensive REST API for code execution, mirroring the InstaVM interface. The modularization of the codebase into core, api, and container_manager components is a significant improvement, enhancing maintainability and scalability. The addition of session management, a zero-configuration client, and a clear cloud migration path are excellent features. My review includes a few suggestions to improve robustness for production environments, enhance code clarity, and fix a potential issue with filename collisions.
| # TODO: Replace with persistent storage (Redis/database) for production to survive server restarts | ||
| async_tasks: Dict[str, Dict[str, Any]] = {} |
There was a problem hiding this comment.
The in-memory dictionary async_tasks for storing asynchronous task states is not robust for a production environment. As noted in the TODO, it will lose all task information if the server restarts, and it is not safe to use with multiple workers (even though you currently use one). For a more scalable and resilient solution, consider using a dedicated task queue like Celery with a message broker (e.g., Redis or RabbitMQ).
| image_data = data["image/png"] | ||
| try: | ||
| image_bytes = base64.b64decode(image_data) | ||
| image_path = f"/app/uploads/output_{int(time.time())}.png" |
There was a problem hiding this comment.
Using int(time.time()) to generate filenames for saved images can lead to name collisions if multiple images are saved within the same second. A more robust approach would be to use a universally unique identifier (UUID) to ensure each filename is unique.
| image_path = f"/app/uploads/output_{int(time.time())}.png" | |
| image_path = f"/app/uploads/output_{uuid.uuid4()}.png" |
| session_count = len(session_manager.sessions) | ||
|
|
||
| # Check kernel pool | ||
| from ..core.kernel_pool import kernel_pool |
There was a problem hiding this comment.
This import is within the health_check function. To improve code readability and adhere to PEP 8, it's better to move imports to the top of the file unless a local import is strictly necessary to avoid circular dependencies. In this case, it seems safe to move to the top.
| """Manage CodeRunner Docker container lifecycle""" | ||
|
|
||
| CONTAINER_NAME = "coderunner" | ||
| MCP_PORT = 8222 |
There was a problem hiding this comment.
The constant MCP_PORT is used as the port for the main application, which serves both the MCP and the REST API. This naming is a bit confusing. Renaming it to something more general like APP_PORT would make the code's intent clearer, especially in contexts like the health check URL construction.
| MCP_PORT = 8222 | |
| APP_PORT = 8222 |
| session_id = str(uuid.uuid4()) | ||
|
|
||
| # Import here to avoid circular imports | ||
| from core.kernel_pool import kernel_pool |
There was a problem hiding this comment.
The import from core.kernel_pool import kernel_pool is inside the create_session function. It's generally better to place imports at the top of the module for better organization and to avoid repeated imports, unless it's necessary to prevent a circular dependency. This import can be moved to the top level of the file.
abhishek-anand
force-pushed
the
feature/rest-api-parity
branch
from
fc76c1f to
06c7e9f
Compare
2 participants
Implements zero-config local code execution with InstaVM-compatible interface.
Summary
This PR adds a comprehensive REST API server that enables:
Key Components
Usage
Local (zero config):
Cloud migration:
Testing
Comprehensive test suite included covering all core functionality.
See README_API.md for detailed implementation guide.