⚠ Warning: Untrusted code execution zone — proceed with exactly zero trust ⚠
Containerized · Isolated · Logged · Destroyed

Because Running
Random Code Directly
on Production Was a
Totally Fine Idea

OopsEngine accepts questionable code, locks it inside disposable Docker containers, watches it carefully, records the damage, and destroys the evidence before it can hurt anyone.

View on GitHub
oopsengine — execution/container-7f3a2b
$ docker run --rm -m 512m --cpus=0.5 --timeout=3 python:3.11-alpine execute.py
✓ Container 7f3a2b spawned successfully
⚑ Watching for infinite loops, memory bombs, and other creative disasters...
✓ Execution complete — 0.847s
✗ Stdout: RecursionError: maximum recursion depth exceeded // lol
✓ Logged to PostgreSQL · job_id: 8f29c1
✓ Container 7f3a2b killed and evidence destroyed
$
3s
Hard Timeout Kill
512MB
Max RAM Per Run
0.5×
CPU Cap Per Job
Bad Decisions
The flow — what happens to your code
User
Submits Code
FastAPI
Enqueues Job
Redis
Job Queue
Celery Worker
Spins Docker
Container
Executes → Dies
Postgres
Logs Result
How it works — four ruthless steps
01

Receive the Questionable Code

FastAPI endpoint accepts your submission. Returns a job_id instantly. No judgment. No mercy.

FastAPI + Redis
02

Lock It in a Disposable Prison

Code drops into a python:3.11-alpine container with 512MB RAM and half a CPU. It can't see your filesystem or secrets.

Docker Engine
03

Watch It Run. Watch the Clock.

If execution exceeds 3 seconds, the container gets killed — no negotiation. while True is not clever. It is a timeout.

SIGKILL at 3s
04

Log Damage. Destroy Evidence.

Stdout, stderr, status, and execution time land in Postgres. Container is destroyed. The server never touched your code.

PostgreSQL
Features — milk these hard
MVP

Single-Language Execution

Python first. Get it right before adding JS. Start with python:3.11-alpine — tiny image, fast spin-up, zero bloat.

MVP

Containerized Execution

Every run is an isolated container. No shared state. No privilege escalation. No crying to your SRE at 2am.

MVP

Hard Timeout Kill

3 seconds. Then SIGKILL. while True: pass will not bring down your server. This is non-negotiable infrastructure.

Flex

Async Task Queue

50 concurrent submissions hit your endpoint. Synchronous FastAPI would fold immediately. Redis queue absorbs the load. Workers process at their own pace.

Flex

Resource Limits

Pass --memory=512m --cpus=0.5 directly to Docker. Shows you understand system constraints. High signal-to-effort ratio.

Flex

Test Case Evaluation

Run code against hidden inputs. Compare output to expected results. The difference between "I built a REPL" and "I built a judge."

The core execution block
# The execution pipeline in ~15 lines of actual logic
async def execute_in_container(code: str, timeout: int = 3):
# Write code to a temp file — never eval() user input directly
tmp = write_temp_file(code)
# Spin up an ephemeral container with hard resource limits
container = docker.run(
"python:3.11-alpine",
command=f"python {tmp}",
mem_limit="512m", cpu_quota=50000, remove=True
)
# If it's still running after timeout, kill it — no exceptions
try:
stdout, stderr = await asyncio.wait_for(container.wait(), timeout)
except asyncio.TimeoutError:
container.kill() # SIGKILL. Not SIGTERM. Not a suggestion.
return {"status": "TIMEOUT", "output": "while True was a choice."}
return log_and_return(stdout, stderr) # Postgres gets the receipts

Thousands of lines executed.
Countless bad decisions contained.

Your production server remains untouched. You're welcome.