snekbox
sysbox
Our great sponsors
snekbox | sysbox | |
---|---|---|
17 | 22 | |
191 | 2,503 | |
0.5% | 3.0% | |
7.9 | 8.5 | |
9 days ago | 2 days ago | |
Python | Shell | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
snekbox
-
A Python Jupyter Kernel in Slack. Just send Python code as a message!
why not use a secure code execution engine like python-discord/snekbox or engineer-man/piston though?
- how to host snekbox on heroku
-
How can I host snekbox on something like heroku or replit so it can be accessed from anywhere else?
Snekbox is conveniently available as a Docker image, so you can host it with any provider that supports Docker. All the big cloud providers (AWS, Azure, GCP, etc) all have a free tier available.
-
Gunicorn Module not found error
While trying to host snekbox according to this article: https://devcenter.heroku.com/articles/container-registry-and-runtime i got a module not found error regarding gunicorn? This script works fine on my computer so what do I have to change to get it to work on heroku?
-
How can I host something that uses localhost on heroku?
https://github.com/python-discord/snekbox This is the github.
-
How can I add custom packages to snekbox
How can I edit the code of this repo: https://github.com/python-discord/snekbox so that snekbox always has access to a custom package like numpy? According to the github I can type:
-
How can I host the snekbox api on replit or heroku?
Wanted to use a python eval bot in discord but you need to set up this api first: https://github.com/python-discord/snekbox. How can I do that on something like replit or heroku and how can I get a link to where it is hosted so I can actually use it?
-
A simple, kind-of "safe" eval ?
Theres also Snekbox, which we used over at python discord for the eval bot command: https://github.com/python-discord/snekbox
- [Uni] coding (Python) help!
-
I finished 4 years of prison, this week. Studying mathematics in uni, but want to get involved with Python.
I picked up python and software dev in general because I could not find a job after graduating with an elec eng degree. Python is so much fun! As for the people to bounce off ideas I would recommend Python discord server. They also have private chat rooms where I can talk 1-on-1 with people and explain your problems/ideas better.
sysbox
-
Podman Desktop: A Free OSS Alternative to Docker Desktop
You are probably referring to Sysbox (https://github.com/nestybox/sysbox), which I believe will meet your requirements (systemd, inner containers, security, etc).
Btw, Sysbox is already supported in Docker-Desktop (business tier only), so you can easily do what you want with this instruction:
$ docker run -it --rm -e SYSBOX_SYSCONT_MODE=TRUE nestybox/ubuntu-focal-systemd-docker:latest bash
Disclaimer: I'm Sysbox's co-creator and currently working for Docker.
- Sysbox: VM-Like Containers
- What companies are using golang and have source code in github?
-
SELinux is unmanageable; just turn it off if it gets in your way
One project in this space that looked quite promising to me is sysbox[0]. I've used them once for a gitlab runner set-up similar to what is described in their blog[1].
It's currently working great and I have not had any major crashes/incidents for at least the past 8 months.
-
Jenkins in Docker: Running Docker in a Jenkins container
Today, things are very different. Docker-in-Docker has a more secure and safe approach with rootless containers and freemium tools like sysbox. Tools like sysbox let you run Docker-in-Docker without the -privileged flag and optimizes specific scenarios, like running multiple nodes of a Kubernetes cluster as ordinary containers.
-
Run untrusted code in sandbox
Right now I am going with sysbox rootless containers. https://github.com/nestybox/sysbox
-
Real-world stories of how we’ve compromised CI/CD pipelines
We’ve been using Sysbox (https://github.com/nestybox/sysbox) for our Buildkite based CI/CD setup, allows docker-in-docker without privileged containers. Paired with careful IAM/STS design we’ve ended up with isolated job containers with their own IAM roles limited to least-privilege.
-
Individual Docker Desktops vs hosting on a server?
A good alternative to the VM approach is to use Kubernetes + Sysbox (a next-gen "runc", free, open-source).
- Sysbox now works on K8s v1.21
-
Does running a container with privileged mode turn on allow code to escape into the Host ?
But nowadays there is an option to run such software in containers securely. It's called Sysbox, and it's a new "runc" (the piece of software that creates the containers). I am one of the developers, so I am biased, but I think you'll find it helpful.
What are some alternatives?
piston - A high performance general purpose code execution engine.
kata-containers - Kata Containers is an open source project and community working to build a standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs. https://katacontainers.io/
asteval - minimalistic evaluator of python expression using ast module
containerd - An open and reliable container runtime
reviews - A terminal UI dashboard to monitor requests for code review across Github and Gitlab repositories.
dind - Docker in Docker
Arcade - Easy to use Python library for creating 2D arcade games.
gvisor - Application Kernel for Containers
the-witness-stand - The Witness Stand is a set of sandboxes for trying user programs.
gatekeeper - 🐊 Gatekeeper - Policy Controller for Kubernetes
intro-numerical-methods - Jupyter notebooks and other materials developed for the Columbia course APMA 4300
vm2 - Advanced vm/sandbox for Node.js