decodingtrust-agent-sdk 0.1.0__py3-none-any.whl

dt_arena/envs/github/docker/docker-compose-hub.yml

@@ -0,0 +1,50 @@
+services:
+  database:
+    image: decodingtrustagent/github:db-latest
+    environment:
+      POSTGRES_USER: postgres
+      POSTGRES_PASSWORD: postgres
+      POSTGRES_DB: app
+      PGPORT: ${GITHUB_PG_PORT:-5432}
+    network_mode: host
+    volumes:
+      - postgres_data:/var/lib/postgresql/data
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U postgres -p ${GITHUB_PG_PORT:-5432}"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+
+  backend:
+    image: decodingtrustagent/github:api-latest
+    network_mode: host
+    environment:
+      DB_HOST: 127.0.0.1
+      DB_PORT: ${GITHUB_PG_PORT:-5432}
+      DATABASE_URL: postgres://postgres:postgres@127.0.0.1:${GITHUB_PG_PORT:-5432}/app
+      PORT: ${GITHUB_API_PORT:-8083}
+      GITHUB_GIT_STORAGE_ROOT: ${GITHUB_GIT_STORAGE_ROOT:-/data/github-repos}
+    volumes:
+      - github_git_data:${GITHUB_GIT_STORAGE_ROOT:-/data/github-repos}
+    depends_on:
+      database:
+        condition: service_healthy
+    healthcheck:
+      test: ["CMD-SHELL", "curl -sf http://127.0.0.1:${GITHUB_API_PORT:-8083}/health || exit 1"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+      start_period: 15s
+
+  frontend:
+    image: decodingtrustagent/github:ui-latest
+    network_mode: host
+    environment:
+      GITHUB_API_URL: http://127.0.0.1:${GITHUB_API_PORT:-8083}
+      GITHUB_UI_PORT: ${GITHUB_UI_PORT:-8045}
+    depends_on:
+      - backend
+
+volumes:
+  postgres_data:
+  github_git_data:

dt_arena/envs/github/docker/docker-compose.yml

@@ -0,0 +1,50 @@
+services:
+  database:
+    build: ../app/database
+    environment:
+      POSTGRES_USER: postgres
+      POSTGRES_PASSWORD: postgres
+      POSTGRES_DB: app
+      PGPORT: ${GITHUB_PG_PORT:-5432}
+    network_mode: host
+    volumes:
+      - postgres_data:/var/lib/postgresql/data
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U postgres -p ${GITHUB_PG_PORT:-5432}"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+
+  backend:
+    build: ../app/backend
+    network_mode: host
+    environment:
+      DB_HOST: 127.0.0.1
+      DB_PORT: ${GITHUB_PG_PORT:-5432}
+      DATABASE_URL: postgres://postgres:postgres@127.0.0.1:${GITHUB_PG_PORT:-5432}/app
+      PORT: ${GITHUB_API_PORT:-8083}
+      GITHUB_GIT_STORAGE_ROOT: ${GITHUB_GIT_STORAGE_ROOT:-/data/github-repos}
+    volumes:
+      - github_git_data:${GITHUB_GIT_STORAGE_ROOT:-/data/github-repos}
+    depends_on:
+      database:
+        condition: service_healthy
+    healthcheck:
+      test: ["CMD-SHELL", "curl -sf http://127.0.0.1:${GITHUB_API_PORT:-8083}/health || exit 1"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+      start_period: 15s
+
+  frontend:
+    build: ../app/frontend
+    network_mode: host
+    environment:
+      GITHUB_API_URL: http://127.0.0.1:${GITHUB_API_PORT:-8083}
+      GITHUB_UI_PORT: ${GITHUB_UI_PORT:-8045}
+    depends_on:
+      - backend
+
+volumes:
+  postgres_data:
+  github_git_data:

dt_arena/envs/gmail/docker-compose-hub.yml

@@ -0,0 +1,51 @@
+services:
+  mailpit:
+    image: axllent/mailpit:latest
+    restart: unless-stopped
+    network_mode: host
+    environment:
+      MP_UI_BIND_ADDR: "0.0.0.0:${GMAIL_UI_PORT:-8025}"
+      MP_SMTP_BIND_ADDR: "0.0.0.0:${GMAIL_SMTP_PORT:-1025}"
+
+  user-service:
+    image: decodingtrustagent/gmail:service-latest
+    restart: unless-stopped
+    network_mode: host
+    security_opt:
+      - seccomp:unconfined
+    depends_on:
+      - mailpit
+    healthcheck:
+      test: ["CMD", "python", "-c", "import urllib.request; urllib.request.urlopen('http://127.0.0.1:${GMAIL_AUTH_PORT:-8030}/health', timeout=3)"]
+      interval: 5s
+      timeout: 5s
+      retries: 10
+      start_period: 10s
+    volumes:
+      - gmail_data:/app/data
+    environment:
+      - MAILPIT_BASE_URL=http://127.0.0.1:${GMAIL_UI_PORT:-8025}
+      - MAILPIT_SMTP_HOST=127.0.0.1
+      - MAILPIT_SMTP_PORT=${GMAIL_SMTP_PORT:-1025}
+      - DATABASE_PATH=/app/data/users.db
+      - ALLOWED_ORIGINS=*
+      - AUTH_PORT=${GMAIL_AUTH_PORT:-8030}
+      - PROXY_PORT=${GMAIL_PROXY_PORT:-8031}
+
+  gmail-ui:
+    image: decodingtrustagent/gmail:ui-latest
+    restart: unless-stopped
+    network_mode: host
+    security_opt:
+      - seccomp:unconfined
+    depends_on:
+      - mailpit
+      - user-service
+    environment:
+      - MAILPIT_API_HOST=127.0.0.1:${GMAIL_UI_PORT:-8025}
+      - USER_SERVICE_URL=http://127.0.0.1:${GMAIL_AUTH_PORT:-8030}
+      - API_PROXY_URL=http://127.0.0.1:${GMAIL_PROXY_PORT:-8031}
+      - GMAIL_FRONTEND_PORT=${GMAIL_FRONTEND_PORT:-8050}
+
+volumes:
+  gmail_data:

dt_arena/envs/gmail/docker-compose.yml

@@ -0,0 +1,65 @@
+services:
+  mailpit:
+    image: axllent/mailpit:latest
+    restart: unless-stopped
+    network_mode: host
+    environment:
+      MP_UI_BIND_ADDR: "0.0.0.0:${GMAIL_UI_PORT:-8025}"
+      MP_SMTP_BIND_ADDR: "0.0.0.0:${GMAIL_SMTP_PORT:-1025}"
+
+  # User Service (Authentication + Ownership Tracking)
+  user-service:
+    build:
+      context: ./user_service
+      dockerfile: Dockerfile
+      network: host
+    dns:
+      - 8.8.8.8
+      - 8.8.4.4
+    restart: unless-stopped
+    network_mode: host
+    security_opt:
+      - seccomp:unconfined
+    depends_on:
+      - mailpit
+    healthcheck:
+      test: ["CMD", "python", "-c", "import urllib.request; urllib.request.urlopen('http://127.0.0.1:${GMAIL_AUTH_PORT:-8030}/health', timeout=3)"]
+      interval: 5s
+      timeout: 5s
+      retries: 10
+      start_period: 10s
+    volumes:
+      - gmail_data:/app/data  # Named volume - each project gets its own
+      - ./init_examples:/app/init_examples
+    environment:
+      - MAILPIT_BASE_URL=http://127.0.0.1:${GMAIL_UI_PORT:-8025}
+      - MAILPIT_SMTP_HOST=127.0.0.1
+      - MAILPIT_SMTP_PORT=${GMAIL_SMTP_PORT:-1025}
+      - DATABASE_PATH=/app/data/users.db
+      - ALLOWED_ORIGINS=*
+      - AUTH_PORT=${GMAIL_AUTH_PORT:-8030}
+      - PROXY_PORT=${GMAIL_PROXY_PORT:-8031}
+
+  gmail-ui:
+    build:
+      context: ./gmail_ui
+      dockerfile: Dockerfile
+      network: host
+    dns:
+      - 8.8.8.8
+      - 8.8.4.4
+    restart: unless-stopped
+    network_mode: host
+    security_opt:
+      - seccomp:unconfined
+    depends_on:
+      - mailpit
+      - user-service
+    environment:
+      - MAILPIT_API_HOST=127.0.0.1:${GMAIL_UI_PORT:-8025}
+      - USER_SERVICE_URL=http://127.0.0.1:${GMAIL_AUTH_PORT:-8030}
+      - API_PROXY_URL=http://127.0.0.1:${GMAIL_PROXY_PORT:-8031}
+      - GMAIL_FRONTEND_PORT=${GMAIL_FRONTEND_PORT:-8050}
+
+volumes:
+  gmail_data:

dt_arena/envs/google-form/docker-compose-hub.yml

@@ -0,0 +1,33 @@
+version: "3.9"
+services:
+  form-api:
+    image: decodingtrustagent/google-form:api-latest
+    dns:
+      - 8.8.8.8
+      - 8.8.4.4
+    network_mode: host
+    restart: unless-stopped
+    environment:
+      - SCHEMA_PATH=/app/schemas/schema.json
+      - ALLOW_ORIGINS=*
+      - SCHEMA_INIT=/app/init/schema.json
+      - GOOGLE_FORM_API_PORT=${GOOGLE_FORM_API_PORT:-8054}
+    volumes:
+      - form_data:/app/data
+
+  form-ui:
+    image: decodingtrustagent/google-form:ui-latest
+    dns:
+      - 8.8.8.8
+      - 8.8.4.4
+    network_mode: host
+    restart: unless-stopped
+    environment:
+      - VITE_API_BASE=/api
+      - GOOGLE_FORM_UI_PORT=${GOOGLE_FORM_UI_PORT:-8055}
+      - GOOGLE_FORM_API_PORT=${GOOGLE_FORM_API_PORT:-8054}
+    depends_on:
+      - form-api
+
+volumes:
+  form_data:

dt_arena/envs/google-form/docker-compose.yml

@@ -0,0 +1,41 @@
+version: "3.9"
+services:
+  form-api:
+    build:
+      context: ./server
+      dockerfile: Dockerfile
+      network: host
+    dns:
+      - 8.8.8.8
+      - 8.8.4.4
+    network_mode: host
+    restart: unless-stopped
+    environment:
+      - SCHEMA_PATH=/app/schemas/schema.json
+      - ALLOW_ORIGINS=*
+      - SCHEMA_INIT=/app/init/schema.json
+      - GOOGLE_FORM_API_PORT=${GOOGLE_FORM_API_PORT:-8054}
+    volumes:
+      - form_data:/app/data  # Named volume - each project gets its own
+      - ./schemas:/app/schemas
+      - ./init:/app/init
+
+  form-ui:
+    build:
+      context: ./ui
+      dockerfile: Dockerfile
+      network: host
+    dns:
+      - 8.8.8.8
+      - 8.8.4.4
+    network_mode: host
+    restart: unless-stopped
+    environment:
+      - VITE_API_BASE=/api
+      - GOOGLE_FORM_UI_PORT=${GOOGLE_FORM_UI_PORT:-8055}
+      - GOOGLE_FORM_API_PORT=${GOOGLE_FORM_API_PORT:-8054}
+    depends_on:
+      - form-api
+
+volumes:
+  form_data:

dt_arena/envs/googledocs/docker-compose-hub.yml

@@ -0,0 +1,61 @@
+version: "3.8"
+
+services:
+  googledocs-pg:
+    image: decodingtrustagent/google-docs:db-latest
+    network_mode: host
+    privileged: true
+    security_opt:
+      - seccomp:unconfined
+    environment:
+      POSTGRES_DB: googledocs_sandbox
+      POSTGRES_USER: sandbox
+      POSTGRES_PASSWORD: sandbox
+      PGPORT: ${GOOGLEDOCS_PG_PORT:-5474}
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U sandbox -d googledocs_sandbox"]
+      interval: 5s
+      timeout: 5s
+      retries: 20
+      start_period: 30s
+    restart: unless-stopped
+
+  googledocs-api:
+    image: decodingtrustagent/google-docs:api-latest
+    network_mode: host
+    privileged: true
+    security_opt:
+      - seccomp:unconfined
+    ulimits:
+      nproc: 65535
+      nofile:
+        soft: 65535
+        hard: 65535
+    depends_on:
+      googledocs-pg:
+        condition: service_healthy
+    environment:
+      GOOGLEDOCS_PG_HOST: 127.0.0.1
+      GOOGLEDOCS_PG_PORT: ${GOOGLEDOCS_PG_PORT:-5474}
+      GOOGLEDOCS_PG_DB: googledocs_sandbox
+      GOOGLEDOCS_PG_USER: sandbox
+      GOOGLEDOCS_PG_PASSWORD: sandbox
+      GOOGLEDOCS_API_PORT: ${GOOGLEDOCS_API_PORT:-8041}
+    healthcheck:
+      test: ["CMD-SHELL", "python -c \"import urllib.request; urllib.request.urlopen('http://127.0.0.1:$${GOOGLEDOCS_API_PORT:-8041}/health', timeout=5)\" || exit 1"]
+      interval: 5s
+      timeout: 10s
+      retries: 30
+      start_period: 90s
+    restart: unless-stopped
+
+  googledocs-ui:
+    image: decodingtrustagent/google-docs:ui-latest
+    network_mode: host
+    restart: unless-stopped
+    depends_on:
+      googledocs-api:
+        condition: service_healthy
+    environment:
+      GOOGLEDOCS_FRONTEND_PORT: ${GOOGLEDOCS_FRONTEND_PORT:-8042}
+      GOOGLEDOCS_API_URL: http://127.0.0.1:${GOOGLEDOCS_API_PORT:-8041}

dt_arena/envs/googledocs/docker-compose.yml

@@ -0,0 +1,78 @@
+version: "3.8"
+services:
+  googledocs-pg:
+    image: postgres:14
+    network_mode: host
+    privileged: true
+    security_opt:
+      - seccomp:unconfined
+    environment:
+      POSTGRES_DB: googledocs_sandbox
+      POSTGRES_USER: sandbox
+      POSTGRES_PASSWORD: sandbox
+      PGPORT: ${GOOGLEDOCS_PG_PORT:-5474}
+    volumes:
+      - ./init:/docker-entrypoint-initdb.d:ro
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U sandbox -d googledocs_sandbox"]
+      interval: 5s
+      timeout: 5s
+      retries: 20
+      start_period: 30s
+    restart: unless-stopped
+
+  googledocs-api:
+    image: python:3.12-slim
+    network_mode: host
+    privileged: true
+    security_opt:
+      - seccomp:unconfined
+    ulimits:
+      nproc: 65535
+      nofile:
+        soft: 65535
+        hard: 65535
+    dns:
+      - 8.8.8.8
+      - 8.8.4.4
+    depends_on:
+      googledocs-pg:
+        condition: service_healthy
+    working_dir: /app
+    environment:
+      GOOGLEDOCS_PG_HOST: 127.0.0.1
+      GOOGLEDOCS_PG_PORT: ${GOOGLEDOCS_PG_PORT:-5474}
+      GOOGLEDOCS_PG_DB: googledocs_sandbox
+      GOOGLEDOCS_PG_USER: sandbox
+      GOOGLEDOCS_PG_PASSWORD: sandbox
+      GOOGLEDOCS_API_PORT: ${GOOGLEDOCS_API_PORT:-8041}
+    volumes:
+      - ./api:/app:ro
+      - ./init_examples:/init_examples:ro
+    command: >
+      sh -c "pip install --no-cache-dir --progress-bar off 'psycopg[binary]>=3.1' fastapi 'uvicorn[standard]' &&
+             uvicorn main:app --host 0.0.0.0 --port $${GOOGLEDOCS_API_PORT:-8041}"
+    healthcheck:
+      test: ["CMD-SHELL", "python -c \"import urllib.request; urllib.request.urlopen('http://127.0.0.1:$${GOOGLEDOCS_API_PORT:-8041}/health', timeout=5)\" || exit 1"]
+      interval: 5s
+      timeout: 10s
+      retries: 30
+      start_period: 90s
+    restart: unless-stopped
+
+  googledocs-ui:
+    build:
+      context: ./ui
+      dockerfile: Dockerfile
+      network: host
+    dns:
+      - 8.8.8.8
+      - 8.8.4.4
+    network_mode: host
+    restart: unless-stopped
+    depends_on:
+      googledocs-api:
+        condition: service_healthy
+    environment:
+      GOOGLEDOCS_FRONTEND_PORT: ${GOOGLEDOCS_FRONTEND_PORT:-8042}
+      GOOGLEDOCS_API_URL: http://127.0.0.1:${GOOGLEDOCS_API_PORT:-8041}

dt_arena/envs/hospital/docker-compose-hub.yml

@@ -0,0 +1,25 @@
+version: "3.9"
+
+services:
+  hospital-server:
+    image: decodingtrustagent/hospital:latest
+    environment:
+      - HOSPITAL_HOST=0.0.0.0
+      # Keep container bind port fixed; host-side port is mapped dynamically below.
+      - HOSPITAL_PORT=12001
+      - OPENAI_API_KEY=${OPENAI_API_KEY:-}
+      - ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY:-}
+      - REPLICATE_API_TOKEN=${REPLICATE_API_TOKEN:-}
+      - PATIENT_MODEL=${PATIENT_MODEL:-gpt-5.1-2025-11-13}
+      - MEASUREMENT_MODEL=${MEASUREMENT_MODEL:-gpt-5.1-2025-11-13}
+      - JUDGE_MODEL=${JUDGE_MODEL:-gpt-5.1-2025-11-13}
+    ports:
+      - "${HOSPITAL_PORT:-12001}:12001"
+    volumes:
+      - ./data:/app/data:ro
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:12001/"]
+      interval: 10s
+      timeout: 5s
+      retries: 3
+      start_period: 10s

dt_arena/envs/hospital/docker-compose.yml

@@ -0,0 +1,27 @@
+version: "3.9"
+
+services:
+  hospital-server:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    environment:
+      - HOSPITAL_HOST=0.0.0.0
+      # Keep container bind port fixed; host-side port is mapped dynamically below.
+      - HOSPITAL_PORT=12001
+      - OPENAI_API_KEY=${OPENAI_API_KEY:-}
+      - ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY:-}
+      - REPLICATE_API_TOKEN=${REPLICATE_API_TOKEN:-}
+      - PATIENT_MODEL=${PATIENT_MODEL:-gpt-5.1-2025-11-13}
+      - MEASUREMENT_MODEL=${MEASUREMENT_MODEL:-gpt-5.1-2025-11-13}
+      - JUDGE_MODEL=${JUDGE_MODEL:-gpt-5.1-2025-11-13}
+    ports:
+      - "${HOSPITAL_PORT:-12001}:12001"
+    volumes:
+      - ./data:/app/data:ro
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:12001/"]
+      interval: 10s
+      timeout: 5s
+      retries: 3
+      start_period: 10s

dt_arena/envs/legal/docker-compose.yml

@@ -0,0 +1,22 @@
+# Legal environment for DecodingTrust-Agent
+#
+# Usage:
+#   docker compose up -d
+
+services:
+  legal-web:
+    image: decodingtrustagent/legal:latest
+    network_mode: host
+    mem_limit: 512m
+    cpus: 1.0
+    environment:
+      - FLASK_HOST=0.0.0.0
+      - FLASK_PORT=${LEGAL_WEB_PORT:-5001}
+      - INJECTION_CONFIG=${INJECTION_CONFIG:-}
+      - LEGAL_TOOL_DESC_INJECTIONS=${LEGAL_TOOL_DESC_INJECTIONS:-}
+    healthcheck:
+      test: ["CMD", "python", "-c", "import urllib.request; urllib.request.urlopen('http://localhost:${LEGAL_WEB_PORT:-5001}/api/health')"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+      start_period: 15s

dt_arena/envs/linkedin/docker-compose.yml

@@ -0,0 +1,63 @@
+version: "3.8"
+services:
+  linkedin-pg:
+    image: postgres:14
+    network_mode: host
+    security_opt:
+      - seccomp=unconfined
+    environment:
+      POSTGRES_DB: linkedin_sandbox
+      POSTGRES_USER: sandbox
+      POSTGRES_PASSWORD: sandbox
+      PGPORT: ${LINKEDIN_PG_PORT:-5460}
+    volumes:
+      - ./init:/docker-entrypoint-initdb.d:ro
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U sandbox -d linkedin_sandbox -p ${LINKEDIN_PG_PORT:-5460}"]
+      interval: 5s
+      timeout: 5s
+      retries: 20
+    restart: unless-stopped
+
+  linkedin-api:
+    build:
+      context: ./api
+      dockerfile: Dockerfile
+    network_mode: host
+    depends_on:
+      linkedin-pg:
+        condition: service_healthy
+    dns:
+      - 8.8.8.8
+      - 8.8.4.4
+    working_dir: /app
+    environment:
+      LINKEDIN_PG_HOST: 127.0.0.1
+      LINKEDIN_PG_PORT: ${LINKEDIN_PG_PORT:-5460}
+      LINKEDIN_PG_DB: linkedin_sandbox
+      LINKEDIN_PG_USER: sandbox
+      LINKEDIN_PG_PASSWORD: sandbox
+      LINKEDIN_API_PORT: ${LINKEDIN_API_PORT:-8060}
+    volumes:
+      - ./init_examples:/init_examples:ro
+    healthcheck:
+      test: ["CMD-SHELL", "python -c \"import urllib.request,sys,os; urllib.request.urlopen('http://127.0.0.1:'+os.environ.get('LINKEDIN_API_PORT','8060')+'/health', timeout=2); sys.exit(0)\" || exit 1"]
+      interval: 3s
+      timeout: 3s
+      retries: 40
+    restart: unless-stopped
+
+  linkedin-ui:
+    build:
+      context: ./linkedin_ui
+      dockerfile: Dockerfile
+    network_mode: host
+    dns:
+      - 8.8.8.8
+      - 8.8.4.4
+    depends_on:
+      linkedin-api:
+        condition: service_healthy
+    environment:
+      LINKEDIN_API_PORT: ${LINKEDIN_API_PORT:-8060}
+      LINKEDIN_UI_PORT: ${LINKEDIN_UI_PORT:-8061}

dt_arena/envs/macos/docker-compose.yml

@@ -0,0 +1,79 @@
+networks:
+  default:
+    driver: bridge
+    ipam:
+      config:
+        - subnet: 172.22.0.0/24
+
+services:
+  macos-mcp:
+    image: decodingtrustagent/macos
+    environment:
+      VERSION: "14"
+      PASS: "docker"
+      USER: "docker"
+      DISK_FMT: "qcow2"
+      CPU_MODEL: "host"
+      CPU_FLAGS: "-invtsc"
+      ARGUMENTS: "${ARGUMENTS--loadvm booted}"
+      # VNC config for FastAPI (connects to VM's Screen Sharing via TAP bridge)
+      MACOS_HOST: "172.30.0.2"
+      MACOS_PORT: "5900"
+      MACOS_PASSWORD: "docker"
+      MACOS_USERNAME: "docker"
+      # SSH config for /shell endpoint (VM on TAP bridge)
+      MACOS_SSH_HOST: "172.30.0.2"
+      MACOS_SSH_PORT: "22"
+      MACOS_SSH_USER: "docker"
+      MACOS_SSH_PASSWORD: "docker"
+    devices:
+      - /dev/kvm
+      - /dev/net/tun
+    cap_add:
+      - NET_ADMIN
+    ports:
+      - "${WEB_MANAGEMENT_PORT:-8006}:8006"
+      - "${MCP_SERVICE_PORT:-8005}:8005"
+    volumes:
+      - ${MACOS_DATA_DIR:-./macos}:/storage
+      - ./entry.sh:/run/entry.sh:ro
+    restart: always
+    stop_grace_period: 2m
+
+  exfil-listener:
+    image: python:3-slim
+    command: ["python3", "/app/exfil_listener.py"]
+    volumes:
+      - ../windows/exfil_listener.py:/app/exfil_listener.py:ro
+    ports:
+      - "${EXFIL_PORT:-9899}:9999"
+    networks:
+      default:
+        ipv4_address: 172.22.0.2
+    restart: always
+
+  ftp-listener:
+    image: python:3-slim
+    command: ["sh", "-c", "pip install -q pyftpdlib && python3 /app/ftp_listener.py"]
+    environment:
+      FTP_MASQUERADE_IP: "172.22.0.3"
+    volumes:
+      - ../windows/ftp_listener.py:/app/ftp_listener.py:ro
+    ports:
+      - "${FTP_API_PORT:-9898}:8080"
+    networks:
+      default:
+        ipv4_address: 172.22.0.3
+    restart: always
+
+  dns-listener:
+    image: python:3-slim
+    command: ["python3", "/app/dns_listener.py"]
+    volumes:
+      - ../windows/dns_listener.py:/app/dns_listener.py:ro
+    ports:
+      - "${DNS_API_PORT:-9897}:8080"
+    networks:
+      default:
+        ipv4_address: 172.22.0.4
+    restart: always

dt_arena/envs/os-filesystem/docker-compose-hub.yml

@@ -0,0 +1,16 @@
+services:
+  os-filesystem:
+    image: decodingtrustagent/os-filesystem:filesystem
+    stdin_open: true
+    tty: true
+    ports:
+      - "${OS_FILESYSTEM_API_PORT:-8034}:8034"
+    environment:
+      - API_PORT=8034
+      - PERMISSION_LOG_PATH=/decodingtrust_agent/permission_log.jsonl
+    healthcheck:
+      test: ["CMD", "curl", "-sf", "http://localhost:8034/health"]
+      interval: 3s
+      timeout: 5s
+      retries: 10
+      start_period: 5s

dt_arena/envs/os-filesystem/docker-compose.yml

@@ -0,0 +1,20 @@
+services:
+  # OS-Filesystem Ubuntu Container with embedded API.
+  os-filesystem:
+    build:
+      context: .
+      dockerfile: os-filesystem-ubuntu.Dockerfile
+    image: decodingtrustagent/os-filesystem:filesystem
+    stdin_open: true
+    tty: true
+    ports:
+      - "${OS_FILESYSTEM_API_PORT:-8034}:8034"
+    environment:
+      - API_PORT=8034
+      - PERMISSION_LOG_PATH=/decodingtrust_agent/permission_log.jsonl
+    healthcheck:
+      test: ["CMD", "curl", "-sf", "http://localhost:8034/health"]
+      interval: 3s
+      timeout: 5s
+      retries: 10
+      start_period: 5s