From cf51ea57a1ffd44aebbd56e78273bb948cc2ca2b Mon Sep 17 00:00:00 2001 From: Justin Law Date: Fri, 16 Aug 2024 14:58:29 -0400 Subject: [PATCH 01/39] initial registry1 api integration --- .github/actions/lfai-core/action.yaml | 2 +- Makefile | 8 +- packages/api/Dockerfile | 9 +- packages/api/chart/Chart.yaml | 8 +- packages/api/chart/templates/_helpers.tpl | 63 +++++++++++++ .../api/chart/templates/api/deployment.yaml | 89 ++++++++++--------- .../api/chart/templates/api/permissions.yaml | 22 ++--- packages/api/chart/templates/api/service.yaml | 12 +-- .../api/chart/templates/migration-job.yaml | 37 ++++---- packages/api/chart/templates/uds-package.yaml | 8 +- packages/api/chart/values.yaml | 71 ++++++++++----- packages/api/common/zarf.yaml | 28 ++++++ packages/api/config.example.yaml | 6 -- packages/api/lfai-values.yaml | 6 -- packages/api/values/registry1-values.yaml | 19 ++++ packages/api/values/upstream-values.yaml | 14 +++ packages/api/zarf.yaml | 58 ++++++------ packages/ui/zarf.yaml | 2 +- 18 files changed, 311 insertions(+), 151 deletions(-) create mode 100644 packages/api/chart/templates/_helpers.tpl create mode 100644 packages/api/common/zarf.yaml delete mode 100644 packages/api/config.example.yaml delete mode 100644 packages/api/lfai-values.yaml create mode 100644 packages/api/values/registry1-values.yaml create mode 100644 packages/api/values/upstream-values.yaml diff --git a/.github/actions/lfai-core/action.yaml b/.github/actions/lfai-core/action.yaml index 40807f8c3..29221c0aa 100644 --- a/.github/actions/lfai-core/action.yaml +++ b/.github/actions/lfai-core/action.yaml @@ -22,7 +22,7 @@ runs: - name: Deploy LFAI-API shell: bash run: | - make build-api LOCAL_VERSION=e2e-test + make build-api LOCAL_VERSION=e2e-test FLAVOR=upstream docker image prune -af uds zarf package deploy packages/api/zarf-package-leapfrogai-api-amd64-e2e-test.tar.zst --confirm rm packages/api/zarf-package-leapfrogai-api-amd64-e2e-test.tar.zst diff --git a/Makefile b/Makefile index bf5442755..7f02b06f2 100644 --- a/Makefile +++ b/Makefile @@ -4,6 +4,7 @@ REG_NAME ?= registry LOCAL_VERSION ?= $(shell git rev-parse --short HEAD) DOCKER_FLAGS := ZARF_FLAGS := +FLAVOR := upstream SILENT_DOCKER_FLAGS := --quiet SILENT_ZARF_FLAGS := --no-progress -l warn --no-color MAX_JOBS := 4 @@ -64,21 +65,24 @@ build-supabase: local-registry docker-supabase docker-api: local-registry sdk-wheel @echo $(DOCKER_FLAGS) @echo $(ZARF_FLAGS) +ifeq ($(FLAVOR),upstream) ## Build the API image (and tag it for the local registry) docker build ${DOCKER_FLAGS} --platform=linux/${ARCH} --build-arg LOCAL_VERSION=${LOCAL_VERSION} -t ghcr.io/defenseunicorns/leapfrogai/leapfrogai-api:${LOCAL_VERSION} -f packages/api/Dockerfile . docker tag ghcr.io/defenseunicorns/leapfrogai/leapfrogai-api:${LOCAL_VERSION} localhost:${REG_PORT}/defenseunicorns/leapfrogai/leapfrogai-api:${LOCAL_VERSION} - +endif ## Build the migration container for this version of the API docker build ${DOCKER_FLAGS} --platform=linux/${ARCH} -t ghcr.io/defenseunicorns/leapfrogai/api-migrations:${LOCAL_VERSION} -f Dockerfile.migrations --build-arg="MIGRATIONS_DIR=packages/api/supabase/migrations" . docker tag ghcr.io/defenseunicorns/leapfrogai/api-migrations:${LOCAL_VERSION} localhost:${REG_PORT}/defenseunicorns/leapfrogai/api-migrations:${LOCAL_VERSION} build-api: local-registry docker-api ## Build the leapfrogai_api container and Zarf package +ifeq ($(FLAVOR),upstream) ## Push the images to the local registry (Zarf is super slow if the image is only in the local daemon) docker push ${DOCKER_FLAGS} localhost:${REG_PORT}/defenseunicorns/leapfrogai/leapfrogai-api:${LOCAL_VERSION} +endif docker push ${DOCKER_FLAGS} localhost:${REG_PORT}/defenseunicorns/leapfrogai/api-migrations:${LOCAL_VERSION} ## Build the Zarf package - uds zarf package create packages/api -a ${ARCH} -o packages/api --registry-override=ghcr.io=localhost:${REG_PORT} --insecure --set LEAPFROGAI_IMAGE_VERSION=${LOCAL_VERSION} ${ZARF_FLAGS} --confirm + uds zarf package create packages/api --flavor ${FLAVOR} -a ${ARCH} -o packages/api --registry-override=ghcr.io=localhost:${REG_PORT} --insecure --set IMAGE_VERSION=${LOCAL_VERSION} ${ZARF_FLAGS} --confirm docker-ui: ## Build the UI image (and tag it for the local registry) diff --git a/packages/api/Dockerfile b/packages/api/Dockerfile index 4bd36c4ad..de2256e9a 100644 --- a/packages/api/Dockerfile +++ b/packages/api/Dockerfile @@ -2,8 +2,11 @@ ARG LOCAL_VERSION FROM ghcr.io/defenseunicorns/leapfrogai/leapfrogai-sdk:${LOCAL_VERSION} AS sdk FROM ghcr.io/defenseunicorns/leapfrogai/python:3.11-dev AS builder + ARG SDK_DEST=src/leapfrogai_sdk/build + USER root + WORKDIR /leapfrogai # copy the api dependencies over @@ -13,9 +16,9 @@ COPY src/leapfrogai_api src/leapfrogai_api RUN python -m venv .venv ENV PATH="/leapfrogai/.venv/bin:$PATH" -RUN rm -f packages/api/build/*.whl -RUN python -m pip wheel src/leapfrogai_api -w packages/api/build --find-links=${SDK_DEST} -RUN pip install packages/api/build/leapfrogai_api*.whl --no-index --find-links=packages/api/build/ +RUN rm -f packages/api/build/*.whl && \ + python -m pip wheel src/leapfrogai_api -w packages/api/build --find-links=${SDK_DEST} && \ + pip install packages/api/build/leapfrogai_api*.whl --no-index --find-links=packages/api/build/ FROM ghcr.io/defenseunicorns/leapfrogai/python:3.11 ENV PATH="/leapfrogai/.venv/bin:$PATH" diff --git a/packages/api/chart/Chart.yaml b/packages/api/chart/Chart.yaml index 744281aff..6d3ad6b84 100644 --- a/packages/api/chart/Chart.yaml +++ b/packages/api/chart/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 -name: leapfrogai -description: A deployment of AI tools +name: leapfrogai-api +description: "A Python API that shadows the OpenAI API specification" # A chart can be either an 'application' or a 'library' chart. # @@ -23,4 +23,6 @@ version: 0.10.0 # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "1.16.0" +# x-release-please-start-version +appVersion: 0.10.0 +# x-release-please-end diff --git a/packages/api/chart/templates/_helpers.tpl b/packages/api/chart/templates/_helpers.tpl new file mode 100644 index 000000000..f16219e25 --- /dev/null +++ b/packages/api/chart/templates/_helpers.tpl @@ -0,0 +1,63 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "chart.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "chart.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "chart.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "chart.labels" -}} +helm.sh/chart: {{ include "chart.chart" . }} +{{ include "chart.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} +app: {{ include "chart.fullname" . }} + +{{/* +Selector labels +*/}} +{{- define "chart.selectorLabels" -}} +app.kubernetes.io/name: {{ include "chart.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "chart.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "chart.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/packages/api/chart/templates/api/deployment.yaml b/packages/api/chart/templates/api/deployment.yaml index 8ed6a176c..bca68efc0 100644 --- a/packages/api/chart/templates/api/deployment.yaml +++ b/packages/api/chart/templates/api/deployment.yaml @@ -1,10 +1,10 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: api-deployment + name: {{ include "chart.fullname" . }} namespace: {{ .Release.Namespace }} spec: - replicas: {{ .Values.api.replcias }} + replicas: {{ .Values.api.replicas }} strategy: rollingUpdate: maxUnavailable: 0 @@ -18,64 +18,67 @@ spec: app: api spec: serviceAccountName: read-configmaps + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} containers: - name: sidecar - image: kiwigrid/k8s-sidecar:{{ .Values.image.kiwigridTag }} + image: "{{ .Values.kiwigrid.image.repository }}:{{ .Values.kiwigrid.image.tag }}" + imagePullPolicy: {{ .Values.kiwigrid.image.imagePullPolicy }} volumeMounts: - - name: api-model - mountPath: /config/ + - name: api-model + mountPath: /config/ env: - - name: LABEL - value: "leapfrogai" - - name: FOLDER - value: /config/ - - name: RESOURCE - value: both - - name: UNIQUE_FILENAMES - value: "true" - - name: NAMESPACE - value: leapfrogai + - name: LABEL + value: "leapfrogai" + - name: FOLDER + value: /config/ + - name: RESOURCE + value: both + - name: UNIQUE_FILENAMES + value: "true" + - name: NAMESPACE + value: leapfrogai + securityContext: + {{- toYaml .Values.kiwigrid.securityContext | nindent 12 }} - name: api-container - image: ghcr.io/defenseunicorns/leapfrogai/leapfrogai-api:{{ .Values.image.lfaiAPITag }} - imagePullPolicy: Always + image: "{{ .Values.api.image.repository }}:{{ .Values.api.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.api.image.imagePullPolicy }} env: - - name: LFAI_CONFIG_PATH - value: /config/ - - name: LFAI_CONFIG_FILENAME - value: "*.toml" - - name: DEFAULT_EMBEDDINGS_MODEL - value: "{{ .Values.api.defaultEmbeddingsModel }}" - - name: PORT - value: "{{ .Values.api.port }}" - - name: SUPABASE_URL - value: "{{ .Values.supabase.url }}" - - name: SUPABASE_ANON_KEY - valueFrom: - secretKeyRef: - name: supabase-bootstrap-jwt - key: anon-key - optional: true + - name: LFAI_CONFIG_PATH + value: /config/ + - name: LFAI_CONFIG_FILENAME + value: "*.toml" + - name: DEFAULT_EMBEDDINGS_MODEL + value: "{{ .Values.api.env.defaultEmbeddingsModel }}" + - name: PORT + value: "{{ .Values.api.env.port }}" + - name: SUPABASE_URL + value: "{{ .Values.supabase.env.url }}" + - name: SUPABASE_ANON_KEY + valueFrom: + secretKeyRef: + name: supabase-bootstrap-jwt + key: anon-key + optional: true ports: - - containerPort: 8080 + - containerPort: {{ .Values.api.env.port }} livenessProbe: httpGet: path: /healthz - port: 8080 + port: {{ .Values.api.env.port }} initialDelaySeconds: 10 periodSeconds: 10 readinessProbe: httpGet: path: /healthz - port: 8080 + port: {{ .Values.api.env.port }} initialDelaySeconds: 10 periodSeconds: 10 securityContext: - runAsUser: 65532 - runAsGroup: 65532 - fsGroup: 65532 + {{- toYaml .Values.api.securityContext | nindent 12 }} volumeMounts: - - name: api-model - mountPath: /config + - name: api-model + mountPath: /config volumes: - - name: api-model - emptyDir: {} + - name: api-model + emptyDir: {} diff --git a/packages/api/chart/templates/api/permissions.yaml b/packages/api/chart/templates/api/permissions.yaml index 21790f415..78645d484 100644 --- a/packages/api/chart/templates/api/permissions.yaml +++ b/packages/api/chart/templates/api/permissions.yaml @@ -10,15 +10,15 @@ metadata: name: read-configmaps namespace: {{ .Release.Namespace }} rules: -- apiGroups: - - "" - resources: - - configmaps - - secrets - verbs: - - get - - list - - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding @@ -30,5 +30,5 @@ roleRef: kind: Role name: read-configmaps subjects: -- kind: ServiceAccount - name: read-configmaps + - kind: ServiceAccount + name: read-configmaps diff --git a/packages/api/chart/templates/api/service.yaml b/packages/api/chart/templates/api/service.yaml index 6244f5723..8f46ac6b9 100644 --- a/packages/api/chart/templates/api/service.yaml +++ b/packages/api/chart/templates/api/service.yaml @@ -1,19 +1,19 @@ apiVersion: v1 kind: Service metadata: - name: api + name: {{ include "chart.fullname" . }} namespace: {{ .Release.Namespace }} annotations: - zarf.dev/connect-description: "Load the OpenAPI spec for the LFAI API" + zarf.dev/connect-description: "Load the OpenAPI specification for the LeapfrogAI API" zarf.dev/connect-url: "/docs" labels: - zarf.dev/connect-name: lfai-api + zarf.dev/connect-name: {{ include "chart.fullname" . }} spec: selector: - app: api + app: {{ include "chart.fullname" . }} ports: - name: http protocol: TCP - port: 8080 - targetPort: 8080 + port: {{ .Values.api.env.port }} + targetPort: {{ .Values.api.env.port }} type: ClusterIP diff --git a/packages/api/chart/templates/migration-job.yaml b/packages/api/chart/templates/migration-job.yaml index 64543b0c7..d28a6cfd2 100644 --- a/packages/api/chart/templates/migration-job.yaml +++ b/packages/api/chart/templates/migration-job.yaml @@ -1,36 +1,37 @@ apiVersion: batch/v1 kind: Job metadata: - name: api-migrations-{{ .Values.image.lfaiAPITag }} + name: api-migrations + namespace: {{ .Release.Namespace }} spec: template: spec: + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} containers: - - name: supabase-cli - image: "ghcr.io/defenseunicorns/leapfrogai/api-migrations:{{ .Values.image.lfaiAPITag }}" - env: + - name: supabase-cli + image: "{{ .Values.api.migration.image.repository }}:{{ .Values.api.migration.image.tag | default .Chart.AppVersion }}" + env: - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: name: supabase-postgresql key: postgres-password - name: MIGRATION_NAMESPACE - value: "{{ .Values.api.migration.namespace }}" + value: "{{ .Release.Namespace }}" - name: MIGRATION_SERVICE_NAME - value: "{{ .Values.api.migration.serviceName }}" + value: "{{ .Values.api.migration.env.serviceName }}" - name: MIGRATION_SERVICE_PORT - value: "{{ .Values.api.migration.servicePort }}" + value: "{{ .Values.api.migration.env.servicePort }}" - # NOTE: This command is assuming the default username. - command: ["/bin/sh"] - args: - - -c - - >- - supabase migration fetch --db-url="postgresql://postgres:$POSTGRES_PASSWORD@$MIGRATION_SERVICE_NAME.$MIGRATION_NAMESPACE.svc.cluster.local:$MIGRATION_SERVICE_PORT/postgres" --debug || true && - supabase db push --db-url="postgresql://postgres:$POSTGRES_PASSWORD@$MIGRATION_SERVICE_NAME.$MIGRATION_NAMESPACE.svc.cluster.local:$MIGRATION_SERVICE_PORT/postgres" --include-all --debug - securityContext: - runAsUser: {{ .Values.image.securityContext.runAsUser }} - runAsGroup: {{ .Values.image.securityContext.runAsGroup }} - fsGroup: {{ .Values.image.securityContext.fsGroup }} + # NOTE: This command is assuming the default username. + command: ["/bin/sh"] + args: + - -c + - >- + supabase migration fetch --db-url="postgresql://postgres:$POSTGRES_PASSWORD@$MIGRATION_SERVICE_NAME.$MIGRATION_NAMESPACE.svc.cluster.local:$MIGRATION_SERVICE_PORT/postgres" --debug || true && + supabase db push --db-url="postgresql://postgres:$POSTGRES_PASSWORD@$MIGRATION_SERVICE_NAME.$MIGRATION_NAMESPACE.svc.cluster.local:$MIGRATION_SERVICE_PORT/postgres" --include-all --debug + securityContext: + {{- toYaml .Values.api.migration.securityContext | nindent 12 }} restartPolicy: Never backoffLimit: 4 diff --git a/packages/api/chart/templates/uds-package.yaml b/packages/api/chart/templates/uds-package.yaml index 188fafe90..f8ee53654 100644 --- a/packages/api/chart/templates/uds-package.yaml +++ b/packages/api/chart/templates/uds-package.yaml @@ -1,8 +1,8 @@ -{{- if .Values.api.exposeAPI }} +{{- if .Values.api.env.exposeAPI }} apiVersion: uds.dev/v1alpha1 kind: Package metadata: - name: leapfrogai-api + name: {{ include "chart.fullname" . }} namespace: {{ .Release.Namespace }} spec: network: @@ -10,9 +10,9 @@ spec: - service: api podLabels: app: api - host: {{ .Values.package.host }} + host: {{ include "chart.fullname" . }} gateway: tenant - port: 8080 + port: {{ .Values.api.env.port }} allow: - direction: Ingress diff --git a/packages/api/chart/values.yaml b/packages/api/chart/values.yaml index d96db89fd..13fe75404 100644 --- a/packages/api/chart/values.yaml +++ b/packages/api/chart/values.yaml @@ -1,27 +1,58 @@ -image: - # x-release-please-start-version - lfaiAPITag: 0.10.0 - # x-release-please-end - kiwigridTag: 1.23.3 +podSecurityContext: + runAsNonRoot: true + fsGroup: 65532 +api: + image: + repository: ghcr.io/defenseunicorns/leapfrogai/leapfrogai-api + # x-release-please-start-version + tag: 0.10.0 + # x-release-please-end + imagePullPolicy: Always + replicas: 1 securityContext: runAsUser: 65532 runAsGroup: 65532 - fsGroup: 65532 - -supabase: - url: "http://supabase-kong.leapfrogai.svc.cluster.local:80" - -api: - replicas: 1 - port: 8080 - exposeAPI: true - defaultEmbeddingsModel: "###ZARF_VAR_DEFAULT_EMBEDDINGS_MODEL###" + runAsNonRoot: true + capabilities: + drop: + - ALL + env: + port: 8080 + exposeAPI: "###ZARF_VAR_EXPOSE_API###" + defaultEmbeddingsModel: "###ZARF_VAR_DEFAULT_EMBEDDINGS_MODEL###" migration: - namespace: "leapfrogai" - serviceName: "supabase-postgresql" - servicePort: "5432" + image: + repository: ghcr.io/defenseunicorns/leapfrogai/api-migrations + # x-release-please-start-version + tag: 0.10.0 + # x-release-please-end + imagePullPolicy: Always + securityContext: + runAsUser: 65532 + runAsGroup: 65532 + runAsNonRoot: true + capabilities: + drop: + - ALL + env: + serviceName: "supabase-postgresql" + servicePort: 5432 + +supabase: + env: + url: "http://supabase-kong.leapfrogai.svc.cluster.local:80" -package: - host: leapfrogai-api +kiwigrid: + image: + repository: kiwigrid/k8s-sidecar + tag: 1.23.3 + imagePullPolicy: Always + securityContext: + runAsUser: 65532 + runAsGroup: 65532 + runAsNonRoot: true + capabilities: + drop: + - ALL diff --git a/packages/api/common/zarf.yaml b/packages/api/common/zarf.yaml new file mode 100644 index 000000000..898dca4d5 --- /dev/null +++ b/packages/api/common/zarf.yaml @@ -0,0 +1,28 @@ +# yaml-language-server: $schema=https://raw.githubusercontent.com/zarf-dev/zarf/main/zarf.schema.json + +kind: ZarfPackageConfig +metadata: + description: "LeapfrogAI API common" + name: leapfrogai-api-common + version: "###ZARF_PKG_TMPL_IMAGE_VERSION###" + +components: + - name: leapfrogai-api + description: "The LeapfrogAI Python API that shadows the OpenAI API specification" + required: true + charts: + - name: leapfrogai-api + namespace: leapfrogai + localPath: ../chart + # x-release-please-start-version + version: 0.10.0 + # x-release-please-end + actions: + onDeploy: + after: + - wait: + cluster: + kind: Job + name: api-migrations + namespace: leapfrogai + condition: complete diff --git a/packages/api/config.example.yaml b/packages/api/config.example.yaml deleted file mode 100644 index 07d9242d0..000000000 --- a/packages/api/config.example.yaml +++ /dev/null @@ -1,6 +0,0 @@ -# This is an example configuration file for the API service -# If deploying onto kubernetes, the helm chart will automatically generate the configuration based on config-maps in the cluster -# The code that reads this file exists in `src/leapfrogai_api/utils/config.py` -models: -- name: vllm - backend: localhost:50051 \ No newline at end of file diff --git a/packages/api/lfai-values.yaml b/packages/api/lfai-values.yaml deleted file mode 100644 index 9a7ce1bfa..000000000 --- a/packages/api/lfai-values.yaml +++ /dev/null @@ -1,6 +0,0 @@ -image: - lfaiAPITag: ###ZARF_CONST_LEAPFROGAI_API_VERSION### - kiwigridTag: ###ZARF_CONST_KIWIGRID_VERSION### - -api: - exposeAPI: ###ZARF_VAR_EXPOSE_API### diff --git a/packages/api/values/registry1-values.yaml b/packages/api/values/registry1-values.yaml new file mode 100644 index 000000000..72d6a77b1 --- /dev/null +++ b/packages/api/values/registry1-values.yaml @@ -0,0 +1,19 @@ +api: + image: + repository: registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api + # x-release-please-start-version + tag: v0.10.0 + # x-release-please-end + + migration: + image: + # TODO: replace with Ironbank image once hardened: registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api/migrations + repository: ghcr.io/defenseunicorns/leapfrogai/api-migrations + # x-release-please-start-version + tag: ###ZARF_CONST_IMAGE_VERSION### + # x-release-please-end + +kiwigrid: + image: + repository: registry1.dso.mil/ironbank/kiwigrid/k8s-sidecar + tag: 1.23.3 diff --git a/packages/api/values/upstream-values.yaml b/packages/api/values/upstream-values.yaml new file mode 100644 index 000000000..844e51c26 --- /dev/null +++ b/packages/api/values/upstream-values.yaml @@ -0,0 +1,14 @@ +api: + image: + repository: ghcr.io/defenseunicorns/leapfrogai/leapfrogai-api + tag: ###ZARF_CONST_IMAGE_VERSION### + + migration: + image: + repository: ghcr.io/defenseunicorns/leapfrogai/api-migrations + tag: ###ZARF_CONST_IMAGE_VERSION### + +kiwigrid: + image: + repository: kiwigrid/k8s-sidecar + tag: 1.23.3 diff --git a/packages/api/zarf.yaml b/packages/api/zarf.yaml index e7bb8e76f..12e908c0f 100644 --- a/packages/api/zarf.yaml +++ b/packages/api/zarf.yaml @@ -2,16 +2,13 @@ kind: ZarfPackageConfig metadata: - description: "LeapfrogAI" + description: "LeapfrogAI API" name: leapfrogai-api - version: "###ZARF_PKG_TMPL_LEAPFROGAI_IMAGE_VERSION###" + version: "###ZARF_PKG_TMPL_IMAGE_VERSION###" constants: - - name: LEAPFROGAI_API_VERSION - value: "###ZARF_PKG_TMPL_LEAPFROGAI_IMAGE_VERSION###" - - - name: KIWIGRID_VERSION - value: "1.23.3" + - name: IMAGE_VERSION + value: "###ZARF_PKG_TMPL_IMAGE_VERSION###" variables: - name: EXPOSE_API @@ -21,27 +18,34 @@ variables: default: "text-embeddings" components: - - name: leapfrogai + - name: leapfrogai-api + description: "A Python API that shadows the OpenAI API specification" + only: + flavor: upstream required: true + import: + path: common charts: - - name: leapfrogai - namespace: leapfrogai - localPath: chart - # x-release-please-start-version - version: 0.10.0 - # x-release-please-end - valuesFiles: - - "lfai-values.yaml" + - name: leapfrogai-api + valuesFiles: + - "values/upstream-values.yaml" images: - - "ghcr.io/defenseunicorns/leapfrogai/leapfrogai-api:###ZARF_PKG_TMPL_LEAPFROGAI_IMAGE_VERSION###" - - "ghcr.io/defenseunicorns/leapfrogai/api-migrations:###ZARF_PKG_TMPL_LEAPFROGAI_IMAGE_VERSION###" + - "ghcr.io/defenseunicorns/leapfrogai/leapfrogai-api:###ZARF_PKG_TMPL_IMAGE_VERSION###" + - "ghcr.io/defenseunicorns/leapfrogai/api-migrations:###ZARF_PKG_TMPL_IMAGE_VERSION###" - "kiwigrid/k8s-sidecar:1.23.3" - actions: - onDeploy: - after: - - wait: - cluster: - kind: Job - name: api-migrations-###ZARF_PKG_TMPL_LEAPFROGAI_IMAGE_VERSION### - namespace: leapfrogai - condition: complete + + - name: leapfrogai-api + only: + flavor: registry1 + required: true + import: + path: common + charts: + - name: leapfrogai-api + valuesFiles: + - "values/registry1-values.yaml" + images: + - "registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api:v0.10.0" + # TODO: replace with Ironbank image once hardened: registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api/migrations + - "ghcr.io/defenseunicorns/leapfrogai/api-migrations:###ZARF_PKG_TMPL_IMAGE_VERSION###" + - "registry1.dso.mil/ironbank/kiwigrid/k8s-sidecar:1.23.3" diff --git a/packages/ui/zarf.yaml b/packages/ui/zarf.yaml index 83a233f1f..88464647c 100644 --- a/packages/ui/zarf.yaml +++ b/packages/ui/zarf.yaml @@ -12,7 +12,7 @@ constants: variables: - name: LEAPFROGAI_API_BASE_URL #LEAPFROGAI_API_BASE_URL description: The base URL for the LeapfrogAI API - default: http://api.leapfrogai.svc.cluster.local:8080 + default: http://leapfrogai-api.leapfrogai.svc.cluster.local:8080 prompt: true sensitive: true - name: OPENAI_API_KEY From 548a4e0fd8053bfa7815535f3bf059ae45550be8 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Fri, 16 Aug 2024 15:46:27 -0400 Subject: [PATCH 02/39] fixes to service names --- packages/api/chart/templates/api/deployment.yaml | 4 ++-- packages/api/chart/templates/uds-package.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/packages/api/chart/templates/api/deployment.yaml b/packages/api/chart/templates/api/deployment.yaml index bca68efc0..a3c7a1f5b 100644 --- a/packages/api/chart/templates/api/deployment.yaml +++ b/packages/api/chart/templates/api/deployment.yaml @@ -11,11 +11,11 @@ spec: type: RollingUpdate selector: matchLabels: - app: api + app: {{ include "chart.fullname" . }} template: metadata: labels: - app: api + app: {{ include "chart.fullname" . }} spec: serviceAccountName: read-configmaps securityContext: diff --git a/packages/api/chart/templates/uds-package.yaml b/packages/api/chart/templates/uds-package.yaml index f8ee53654..adcddc569 100644 --- a/packages/api/chart/templates/uds-package.yaml +++ b/packages/api/chart/templates/uds-package.yaml @@ -7,9 +7,9 @@ metadata: spec: network: expose: - - service: api + - service: {{ include "chart.fullname" . }} podLabels: - app: api + app: {{ include "chart.fullname" . }} host: {{ include "chart.fullname" . }} gateway: tenant port: {{ .Values.api.env.port }} From 3d80ed035805ad17f6572988e0f45ca9714f1bf0 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Fri, 16 Aug 2024 15:53:19 -0400 Subject: [PATCH 03/39] helper template functions --- packages/api/chart/templates/api/deployment.yaml | 8 +++++--- .../api/chart/templates/api/permissions.yaml | 16 +++++++++++----- packages/api/chart/templates/api/service.yaml | 3 ++- packages/api/chart/templates/migration-job.yaml | 9 ++++++--- packages/api/chart/templates/namespace.yaml | 4 +++- packages/api/chart/templates/uds-package.yaml | 6 ++++-- 6 files changed, 31 insertions(+), 15 deletions(-) diff --git a/packages/api/chart/templates/api/deployment.yaml b/packages/api/chart/templates/api/deployment.yaml index a3c7a1f5b..95b5a9a36 100644 --- a/packages/api/chart/templates/api/deployment.yaml +++ b/packages/api/chart/templates/api/deployment.yaml @@ -3,6 +3,8 @@ kind: Deployment metadata: name: {{ include "chart.fullname" . }} namespace: {{ .Release.Namespace }} + labels: + {{- include "chart.labels" . | nindent 4 }} spec: replicas: {{ .Values.api.replicas }} strategy: @@ -11,13 +13,13 @@ spec: type: RollingUpdate selector: matchLabels: - app: {{ include "chart.fullname" . }} + {{- include "chart.selectorLabels" . | nindent 6 }} template: metadata: labels: - app: {{ include "chart.fullname" . }} + {{- include "chart.selectorLabels" . | nindent 8 }} spec: - serviceAccountName: read-configmaps + serviceAccountName: {{ include "chart.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} containers: diff --git a/packages/api/chart/templates/api/permissions.yaml b/packages/api/chart/templates/api/permissions.yaml index 78645d484..3ca06df4b 100644 --- a/packages/api/chart/templates/api/permissions.yaml +++ b/packages/api/chart/templates/api/permissions.yaml @@ -1,14 +1,18 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: read-configmaps + name: {{ include "chart.serviceAccountName" . }} namespace: {{ .Release.Namespace }} + labels: + {{- include "chart.labels" . | nindent 4 }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: read-configmaps + name: {{ include "chart.fullname" . }}-read-configmaps namespace: {{ .Release.Namespace }} + labels: + {{- include "chart.labels" . | nindent 4 }} rules: - apiGroups: - "" @@ -23,12 +27,14 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: read-configmaps + name: {{ include "chart.fullname" . }}-read-configmaps namespace: {{ .Release.Namespace }} + labels: + {{- include "chart.labels" . | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: read-configmaps + name: {{ include "chart.fullname" . }}-read-configmaps subjects: - kind: ServiceAccount - name: read-configmaps + name: {{ include "chart.serviceAccountName" . }} diff --git a/packages/api/chart/templates/api/service.yaml b/packages/api/chart/templates/api/service.yaml index 8f46ac6b9..8dc6e2fac 100644 --- a/packages/api/chart/templates/api/service.yaml +++ b/packages/api/chart/templates/api/service.yaml @@ -7,10 +7,11 @@ metadata: zarf.dev/connect-description: "Load the OpenAPI specification for the LeapfrogAI API" zarf.dev/connect-url: "/docs" labels: + {{- include "chart.labels" . | nindent 4 }} zarf.dev/connect-name: {{ include "chart.fullname" . }} spec: selector: - app: {{ include "chart.fullname" . }} + {{- include "chart.selectorLabels" . | nindent 4 }} ports: - name: http protocol: TCP diff --git a/packages/api/chart/templates/migration-job.yaml b/packages/api/chart/templates/migration-job.yaml index d28a6cfd2..c2242f7ec 100644 --- a/packages/api/chart/templates/migration-job.yaml +++ b/packages/api/chart/templates/migration-job.yaml @@ -1,10 +1,15 @@ apiVersion: batch/v1 kind: Job metadata: - name: api-migrations + name: {{ include "chart.fullname" . }}-migrations namespace: {{ .Release.Namespace }} + labels: + {{- include "chart.labels" . | nindent 4 }} spec: template: + metadata: + labels: + {{- include "chart.selectorLabels" . | nindent 8 }} spec: securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} @@ -23,8 +28,6 @@ spec: value: "{{ .Values.api.migration.env.serviceName }}" - name: MIGRATION_SERVICE_PORT value: "{{ .Values.api.migration.env.servicePort }}" - - # NOTE: This command is assuming the default username. command: ["/bin/sh"] args: - -c diff --git a/packages/api/chart/templates/namespace.yaml b/packages/api/chart/templates/namespace.yaml index 0172d6405..8044650e6 100644 --- a/packages/api/chart/templates/namespace.yaml +++ b/packages/api/chart/templates/namespace.yaml @@ -1,4 +1,6 @@ apiVersion: v1 kind: Namespace metadata: - name: leapfrogai + name: {{ .Release.Namespace | default "leapfrogai" }} + labels: + {{- include "chart.labels" . | nindent 4 }} diff --git a/packages/api/chart/templates/uds-package.yaml b/packages/api/chart/templates/uds-package.yaml index adcddc569..21e2bc69e 100644 --- a/packages/api/chart/templates/uds-package.yaml +++ b/packages/api/chart/templates/uds-package.yaml @@ -4,12 +4,14 @@ kind: Package metadata: name: {{ include "chart.fullname" . }} namespace: {{ .Release.Namespace }} + labels: + {{- include "chart.labels" . | nindent 4 }} spec: network: expose: - service: {{ include "chart.fullname" . }} podLabels: - app: {{ include "chart.fullname" . }} + {{- include "chart.selectorLabels" . | nindent 10 }} host: {{ include "chart.fullname" . }} gateway: tenant port: {{ .Values.api.env.port }} @@ -23,6 +25,6 @@ spec: - direction: Egress podLabels: - app: api + {{- include "chart.selectorLabels" . | nindent 10 }} remoteGenerated: Anywhere {{- end }} From ed30584bcb3cc4d25e3b9d5e0a188cbb43dc5ca4 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Fri, 16 Aug 2024 16:12:02 -0400 Subject: [PATCH 04/39] missing serviceAccount vars --- packages/api/chart/templates/_helpers.tpl | 6 +++--- packages/api/chart/values.yaml | 3 +++ 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/packages/api/chart/templates/_helpers.tpl b/packages/api/chart/templates/_helpers.tpl index f16219e25..d40086141 100644 --- a/packages/api/chart/templates/_helpers.tpl +++ b/packages/api/chart/templates/_helpers.tpl @@ -55,9 +55,9 @@ app.kubernetes.io/instance: {{ .Release.Name }} Create the name of the service account to use */}} {{- define "chart.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "chart.fullname" .) .Values.serviceAccount.name }} +{{- if .Values.api.serviceAccount.create }} +{{- default (include "chart.fullname" .) .Values.api.serviceAccount.name }} {{- else }} -{{- default "default" .Values.serviceAccount.name }} +{{- default "default" .Values.api.serviceAccount.name }} {{- end }} {{- end }} diff --git a/packages/api/chart/values.yaml b/packages/api/chart/values.yaml index 34569d5bd..60ec41317 100644 --- a/packages/api/chart/values.yaml +++ b/packages/api/chart/values.yaml @@ -21,6 +21,9 @@ api: port: 8080 exposeAPI: "###ZARF_VAR_EXPOSE_API###" defaultEmbeddingsModel: "###ZARF_VAR_DEFAULT_EMBEDDINGS_MODEL###" + serviceAccount: + name: leapfrogai-api + create: true migration: image: From 045b8621bdde79abeaeb0ff01d79729ed1d6e0ef Mon Sep 17 00:00:00 2001 From: Justin Law Date: Fri, 16 Aug 2024 17:02:39 -0400 Subject: [PATCH 05/39] fix zarf wait-for --- packages/api/chart/templates/migration-job.yaml | 2 +- packages/api/common/zarf.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/api/chart/templates/migration-job.yaml b/packages/api/chart/templates/migration-job.yaml index c2242f7ec..6b511d7f5 100644 --- a/packages/api/chart/templates/migration-job.yaml +++ b/packages/api/chart/templates/migration-job.yaml @@ -1,7 +1,7 @@ apiVersion: batch/v1 kind: Job metadata: - name: {{ include "chart.fullname" . }}-migrations + name: {{ include "chart.fullname" . }}-migrations-{{ .Values.api.migration.image.tag | default .Chart.AppVersion }} namespace: {{ .Release.Namespace }} labels: {{- include "chart.labels" . | nindent 4 }} diff --git a/packages/api/common/zarf.yaml b/packages/api/common/zarf.yaml index fbbb00464..d83a14619 100644 --- a/packages/api/common/zarf.yaml +++ b/packages/api/common/zarf.yaml @@ -23,6 +23,6 @@ components: - wait: cluster: kind: Job - name: api-migrations + name: leapfrogai-api-migrations-###ZARF_PKG_TMPL_IMAGE_VERSION### namespace: leapfrogai condition: complete From 058f8811d88ca28f86335e4f74e6f59b854076c5 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 12:06:38 -0400 Subject: [PATCH 06/39] update docs for flavors, typos --- README.md | 24 +++++++++++++++- docs/DEVELOPMENT.md | 28 +++++++++---------- packages/api/README.md | 2 +- .../en/docs/local-deploy-guide/components.md | 4 +-- 4 files changed, 40 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index e60eb4af3..2263e32eb 100644 --- a/README.md +++ b/README.md @@ -42,7 +42,7 @@ Large Language Models (LLMs) are a powerful resource for AI-driven decision maki 2 minute demo of features of LeapfrogAI -LeapfrogAI, built on top of [Unicorn Delivery Service (UDS)](https://github.com/defenseunicorns/uds-core), which includes several features including: +LeapfrogAI is built on top of [Unicorn Delivery Service (UDS) Kubernetes runtime](https://github.com/defenseunicorns/uds-core), which includes several features: - **Single Sign-On** - **Non-proprietary API Compatible with OpenAI's API** @@ -114,6 +114,28 @@ LeapfrogAI provides several backends for a variety of use cases. Below is the ba The [repeater](packages/repeater/) "model" is a basic "backend" that parrots all inputs it receives back to the user. It is built out the same way all the actual backends are and it is primarily used for testing the API. +### Flavors + +Each component has different images and values that refer to a specific image registry and/or hardening source. These images are packaged using [Zarf Flavors](https://docs.zarf.dev/ref/examples/package-flavors/): + +1. `upstream`: uses upstream vendor images from open source container registries and repositories +2. 🚧 `registry1`: uses [IronBank hardened images](https://repo1.dso.mil/dsop) from the Repo1 harbor registry +3. 🚧 `unicorn`: uses [Chainguard hardened images](https://www.chainguard.dev/chainguard-images) from the Chainguard registry + +Below is the current component flavors list: + +| Component | `upstream` | `registry1` | `chainguard` | +| ---------------------------------------------- | ------------ | ------------- | -------------- | +| [api](packages/api/) | ✅ | ✅ | 🚧 | +| [ui](packages/ui/) | ✅ | 🚧 | 🚧 | +| [supabase](packages/supabase/) | ✅ | 🚧 | 🚧 | +| [migrations](./Dockerfile.migrations) | ✅ | 🚧 | 🚧 | +| [llama-cpp-python](packages/llama-cpp-python/) | ✅ | 🚧 | 🚧 | +| [whisper](packages/whisper/) | ✅ | 🚧 | 🚧 | +| [text-embeddings](packages/text-embeddings/) | ✅ | 🚧 | 🚧 | +| [vllm](packages/vllm/) | ✅ | 🚧 | 🚧 | +| [vllm](packages/vllm/) | ✅ | 🚧 | 🚧 | + ## Usage To build a LeapfrogAI UDS bundle and deploy it, please refer to the [LeapfrogAI Documentation Website](https://docs.leapfrog.ai/docs/). In the documentation website, you'll find system requirements and instructions for all things LeapfrogAI that aren't associated to local development and contributing. diff --git a/docs/DEVELOPMENT.md b/docs/DEVELOPMENT.md index 06fdd8255..2993c37a1 100644 --- a/docs/DEVELOPMENT.md +++ b/docs/DEVELOPMENT.md @@ -80,8 +80,8 @@ uds zarf package remove leapfrogai-api --confirm uds zarf tools registry prune --confirm # create and deploy the new package -LOCAL_VERSION=dev REGISTRY_PORT=5000 ARCH=amd64 make build-api -LOCAL_VERSION=dev REGISTRY_PORT=5000 ARCH=amd64 make deploy-api +LOCAL_VERSION=dev FLAVOR=upstream REGISTRY_PORT=5000 ARCH=amd64 make build-api +LOCAL_VERSION=dev FLAVOR=upstream REGISTRY_PORT=5000 ARCH=amd64 make deploy-api ``` For example, this is how you pull and deploy a LATEST version of a package: @@ -103,11 +103,11 @@ uds zarf package deploy zarf-package-*.tar.zst --confirm 2. Build all of the packages you need at once with **ONE** of the following Make targets: ```bash - LOCAL_VERSION=dev ARCH=amd64 make build-cpu # ui, api, llama-cpp-python, text-embeddings, whisper, supabase + LOCAL_VERSION=dev FLAVOR=upstream ARCH=amd64 make build-cpu # ui, api, llama-cpp-python, text-embeddings, whisper, supabase # OR - LOCAL_VERSION=dev ARCH=amd64 make build-gpu # ui, api, vllm, text-embeddings, whisper, supabase + LOCAL_VERSION=dev FLAVOR=upstream ARCH=amd64 make build-gpu # ui, api, vllm, text-embeddings, whisper, supabase # OR - LOCAL_VERSION=dev ARCH=amd64 make build-all # all of the components + LOCAL_VERSION=dev FLAVOR=upstream ARCH=amd64 make build-all # all of the components ``` **OR** @@ -115,13 +115,13 @@ uds zarf package deploy zarf-package-*.tar.zst --confirm You can build components individually using the following Make targets: ```bash - LOCAL_VERSION=dev ARCH=amd64 make build-ui - LOCAL_VERSION=dev ARCH=amd64 make build-api - LOCAL_VERSION=dev ARCH=amd64 make build-supabase - LOCAL_VERSION=dev ARCH=amd64 make build-vllm # if you have NVIDIA GPUs (AMR64 not supported) - LOCAL_VERSION=dev ARCH=amd64 make build-llama-cpp-python # if you have CPU only - LOCAL_VERSION=dev ARCH=amd64 make build-text-embeddings - LOCAL_VERSION=dev ARCH=amd64 make build-whisper + LOCAL_VERSION=dev FLAVOR=upstream ARCH=amd64 make build-ui + LOCAL_VERSION=dev FLAVOR=upstream ARCH=amd64 make build-api + LOCAL_VERSION=dev FLAVOR=upstream ARCH=amd64 make build-supabase + LOCAL_VERSION=dev FLAVOR=upstream ARCH=amd64 make build-vllm # if you have NVIDIA GPUs (AMR64 not supported) + LOCAL_VERSION=dev FLAVOR=upstream ARCH=amd64 make build-llama-cpp-python # if you have CPU only + LOCAL_VERSION=dev FLAVOR=upstream ARCH=amd64 make build-text-embeddings + LOCAL_VERSION=dev FLAVOR=upstream ARCH=amd64 make build-whisper ``` 3. Create the UDS bundle, modifying the `uds-config.yaml` as required: @@ -149,13 +149,13 @@ To run the same commands in MacOS, you will need to prepend your command with a To demonstrate what this would look like for an Apple Silicon Mac: ``` shell -REG_PORT=5001 ARCH=arm64 LOCAL_VERSION=dev make build-cpu +REG_PORT=5001 ARCH=arm64 LOCAL_VERSION=dev FLAVOR=upstream make build-cpu ``` To demonstrate what this would look like for an older Intel Mac: ``` shell -REG_PORT=5001 ARCH=arm64 LOCAL_VERSION=dev make build-cpu +REG_PORT=5001 ARCH=arm64 LOCAL_VERSION=dev FLAVOR=upstream make build-cpu ``` ## Access diff --git a/packages/api/README.md b/packages/api/README.md index 3d451decb..aa2b34690 100644 --- a/packages/api/README.md +++ b/packages/api/README.md @@ -23,7 +23,7 @@ To build and deploy the API Zarf package into an existing [UDS Kubernetes cluste > Execute the following commands from the root of the LeapfrogAI repository ```bash -make build-api LOCAL_VERSION=dev +make build-api LOCAL_VERSION=dev FLAVOR=upstream uds zarf package deploy packages/api/zarf-package-leapfrogai-api-*-dev.tar.zst --confirm ``` diff --git a/website/content/en/docs/local-deploy-guide/components.md b/website/content/en/docs/local-deploy-guide/components.md index 7bf1b6550..bb252c97e 100644 --- a/website/content/en/docs/local-deploy-guide/components.md +++ b/website/content/en/docs/local-deploy-guide/components.md @@ -31,11 +31,11 @@ Each component has different images and values that refer to a specific image re ### Artifact Support -LeapfrogAI contains built-in embeddings for RAG and transcription / translation solutions that can handle many different file types. Many of these capabilities are accessible via the LeapfrogAI API. The support artifact types are as follows: +LeapfrogAI contains built-in embeddings for RAG and transcription / translation solutions that can handle many different file types. Many of these capabilities are accessible via the LeapfrogAI API. The supported artifact types are as follows: #### Transcription / Translation -- All formats supported by `ffmpeg -formats`, e.g., `.mp3`, `.wav`, `.mp4`, etc. +- All formats supported by `ffmpeg` as listed using `ffmpeg -formats`, e.g., `.mp3`, `.wav`, `.mp4`, etc. #### Embeddings for RAG From eaedb5fed62a434c31f79c0edbec979e4d807cd4 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 16:22:35 -0400 Subject: [PATCH 07/39] update release name, add weekly test --- .github/workflows/e2e-registry1-nightly.yaml | 88 ++++++++++++++++++++ packages/api/chart/Chart.yaml | 2 +- packages/api/common/zarf.yaml | 2 +- packages/api/zarf.yaml | 4 +- 4 files changed, 92 insertions(+), 4 deletions(-) create mode 100644 .github/workflows/e2e-registry1-nightly.yaml diff --git a/.github/workflows/e2e-registry1-nightly.yaml b/.github/workflows/e2e-registry1-nightly.yaml new file mode 100644 index 000000000..c2f6ee047 --- /dev/null +++ b/.github/workflows/e2e-registry1-nightly.yaml @@ -0,0 +1,88 @@ +name: e2e-registry1-nightly + +on: + schedule: + - cron: "0 0 * * 6" # Run every Sunday at 12 AM EST + workflow_dispatch: # trigger manually as needed + +concurrency: + group: e2e-e2e-registry1-nightly-${{ github.ref }} + cancel-in-progress: true + +jobs: + test-flavor: + runs-on: "uds-ubuntu-big-boy-8-core" + name: Test LeapfrogAI Flavor + + permissions: + contents: read + packages: write + id-token: write # This is needed for OIDC federation. + + steps: + - name: Checkout Repo + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + + - name: Setup Python + uses: ./.github/actions/python + + - name: Setup UDS Cluster + uses: ./.github/actions/uds-cluster + with: + registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} + registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + + - name: Setup LFAI-API and Supabase + uses: ./.github/actions/lfai-core + + - name: Set Flavor and Version + run: | + uds zarf tools yq -i '.metadata.version = "registry1"' \ + uds-bundles/latest/cpu/uds-bundle.yaml + + uds zarf tools yq -i '.packages[1].repository = "registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api"' \ + uds-bundles/latest/cpu/uds-bundle.yaml + + - name: Create Bundle + run: | + cd uds-bundles/latest/cpu + uds create . --confirm + + - name: Deploy Bundle + run: | + uds deploy uds-bundle-leapfrogai-amd64-registry1.tar.zst + rm -rf uds-bundle-leapfrogai-amd64-registry1.tar.zst + cd ../../../ + + - name: Install UI/Playwright Dependencies + run: | + npm --prefix src/leapfrogai_ui ci + npx --prefix src/leapfrogai_ui playwright install + + - name: Setup Python + uses: ./.github/actions/python + + - name: Test llama-cpp-python + run: | + python -m pytest ./tests/e2e/test_llama.py -v + + - name: Test text-embeddings + run: | + python -m pytest ./tests/e2e/test_text_embeddings.py -v + + - name: Test whisper + run: | + python -m pytest ./tests/e2e/test_whisper.py -v + + - name: Test UI + run: | + cp src/leapfrogai_ui/.env.example src/leapfrogai_ui/.env + TEST_ENV=CI PUBLIC_DISABLE_KEYCLOAK=true PUBLIC_SUPABASE_ANON_KEY=$ANON_KEY npm --prefix src/leapfrogai_ui run test:integration:ci + + - name: Archive Playwright Report + uses: actions/upload-artifact@v4 + if: ${{ !cancelled() }} + with: + name: playwright-report + path: src/leapfrogai_ui/e2e-report/ + retention-days: 30 diff --git a/packages/api/chart/Chart.yaml b/packages/api/chart/Chart.yaml index 17ed015f0..fda0acd45 100644 --- a/packages/api/chart/Chart.yaml +++ b/packages/api/chart/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -name: leapfrogai-api +name: api description: "A Python API that shadows the OpenAI API specification" # A chart can be either an 'application' or a 'library' chart. diff --git a/packages/api/common/zarf.yaml b/packages/api/common/zarf.yaml index d83a14619..a4709c24a 100644 --- a/packages/api/common/zarf.yaml +++ b/packages/api/common/zarf.yaml @@ -11,7 +11,7 @@ components: description: "The LeapfrogAI Python API that shadows the OpenAI API specification" required: true charts: - - name: leapfrogai-api + - name: leapfrogai namespace: leapfrogai localPath: ../chart # x-release-please-start-version diff --git a/packages/api/zarf.yaml b/packages/api/zarf.yaml index 12e908c0f..2c8cc43cf 100644 --- a/packages/api/zarf.yaml +++ b/packages/api/zarf.yaml @@ -26,7 +26,7 @@ components: import: path: common charts: - - name: leapfrogai-api + - name: leapfrogai valuesFiles: - "values/upstream-values.yaml" images: @@ -41,7 +41,7 @@ components: import: path: common charts: - - name: leapfrogai-api + - name: leapfrogai valuesFiles: - "values/registry1-values.yaml" images: From 32081c85ca87ebc8589eb09bf5b4db73c4c58da8 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 16:29:47 -0400 Subject: [PATCH 08/39] weekly test name and triggers --- ...istry1-nightly.yaml => e2e-registry1-weekly.yaml} | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) rename .github/workflows/{e2e-registry1-nightly.yaml => e2e-registry1-weekly.yaml} (88%) diff --git a/.github/workflows/e2e-registry1-nightly.yaml b/.github/workflows/e2e-registry1-weekly.yaml similarity index 88% rename from .github/workflows/e2e-registry1-nightly.yaml rename to .github/workflows/e2e-registry1-weekly.yaml index c2f6ee047..d4264235a 100644 --- a/.github/workflows/e2e-registry1-nightly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -1,9 +1,19 @@ -name: e2e-registry1-nightly +name: e2e-registry1-weekly on: schedule: - cron: "0 0 * * 6" # Run every Sunday at 12 AM EST workflow_dispatch: # trigger manually as needed + pull_request: + types: + - opened # default trigger + - reopened # default trigger + - synchronize # default trigger + - ready_for_review # don't run on draft PRs + - milestoned # allows us to trigger on bot PRs + paths: + - .github/workflows/e2e-registry1-weekly.yaml + - uds-bundles/latest/** concurrency: group: e2e-e2e-registry1-nightly-${{ github.ref }} From d8f3a149db13c204b8f64cad801c1df03d524faf Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 16:38:37 -0400 Subject: [PATCH 09/39] more triggers --- .github/workflows/e2e-registry1-weekly.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index d4264235a..dd022d133 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -16,7 +16,7 @@ on: - uds-bundles/latest/** concurrency: - group: e2e-e2e-registry1-nightly-${{ github.ref }} + group: e2e-registry1-weekly-${{ github.ref }} cancel-in-progress: true jobs: From bb31b7ae23addd05f744a4b7948f3aedb93175f0 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 17:16:48 -0400 Subject: [PATCH 10/39] correct runner --- .github/workflows/e2e-registry1-weekly.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index dd022d133..52716a37f 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -21,7 +21,7 @@ concurrency: jobs: test-flavor: - runs-on: "uds-ubuntu-big-boy-8-core" + runs-on: ai-ubuntu-big-boy-8-core name: Test LeapfrogAI Flavor permissions: From f47907a061fafc45c6d5c5f53a3b8edb2bc67bac Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 17:19:51 -0400 Subject: [PATCH 11/39] remove extra python setup step --- .github/workflows/e2e-registry1-weekly.yaml | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index 52716a37f..809094d25 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -64,14 +64,6 @@ jobs: rm -rf uds-bundle-leapfrogai-amd64-registry1.tar.zst cd ../../../ - - name: Install UI/Playwright Dependencies - run: | - npm --prefix src/leapfrogai_ui ci - npx --prefix src/leapfrogai_ui playwright install - - - name: Setup Python - uses: ./.github/actions/python - - name: Test llama-cpp-python run: | python -m pytest ./tests/e2e/test_llama.py -v @@ -84,6 +76,11 @@ jobs: run: | python -m pytest ./tests/e2e/test_whisper.py -v + - name: Install UI/Playwright Dependencies + run: | + npm --prefix src/leapfrogai_ui ci + npx --prefix src/leapfrogai_ui playwright install + - name: Test UI run: | cp src/leapfrogai_ui/.env.example src/leapfrogai_ui/.env From 1835070e946804d2fc4c10d083307d6fb807bcb8 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 17:41:18 -0400 Subject: [PATCH 12/39] fix UDS CLI version --- .github/actions/uds-cluster/action.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/uds-cluster/action.yaml b/.github/actions/uds-cluster/action.yaml index 19b23c61e..875205dfb 100644 --- a/.github/actions/uds-cluster/action.yaml +++ b/.github/actions/uds-cluster/action.yaml @@ -11,7 +11,7 @@ runs: using: composite steps: - name: Setup UDS Environment - uses: defenseunicorns/uds-common/.github/actions/setup@05f42bb3117b66ebef8c72ae050b34bce19385f5 + uses: defenseunicorns/uds-common/.github/actions/setup@822dac4452e6815aadcf09f487406ff258756a0c with: username: ${{ inputs.registry1Username }} password: ${{ inputs.registry1Password }} @@ -19,4 +19,4 @@ runs: - name: Create UDS Cluster shell: bash run: | - make create-uds-cpu-cluster \ No newline at end of file + make create-uds-cpu-cluster From e67c320cf3c6c3b02525b1e39bf76d71fccf24ef Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 17:51:18 -0400 Subject: [PATCH 13/39] fix UDS CLI version, pt.2 --- .github/actions/uds-cluster/action.yaml | 8 +++++--- .github/workflows/e2e-llama-cpp-python.yaml | 3 --- .github/workflows/e2e-playwright.yaml | 3 --- .github/workflows/e2e-registry1-weekly.yaml | 3 --- .github/workflows/e2e-text-embeddings.yaml | 3 --- .github/workflows/e2e-whisper.yaml | 3 --- 6 files changed, 5 insertions(+), 18 deletions(-) diff --git a/.github/actions/uds-cluster/action.yaml b/.github/actions/uds-cluster/action.yaml index 875205dfb..4a7b25b87 100644 --- a/.github/actions/uds-cluster/action.yaml +++ b/.github/actions/uds-cluster/action.yaml @@ -11,10 +11,12 @@ runs: using: composite steps: - name: Setup UDS Environment - uses: defenseunicorns/uds-common/.github/actions/setup@822dac4452e6815aadcf09f487406ff258756a0c + uses: defenseunicorns/uds-common/.github/actions/setup@822dac4452e6815aadcf09f487406ff258756a0c # v0.14.0 with: - username: ${{ inputs.registry1Username }} - password: ${{ inputs.registry1Password }} + registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} + registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + udsCliVersion: 0.14.0 + ghToken: ${{ secrets.GITHUB_TOKEN }} - name: Create UDS Cluster shell: bash diff --git a/.github/workflows/e2e-llama-cpp-python.yaml b/.github/workflows/e2e-llama-cpp-python.yaml index 66cd16bfb..b9f376744 100644 --- a/.github/workflows/e2e-llama-cpp-python.yaml +++ b/.github/workflows/e2e-llama-cpp-python.yaml @@ -65,9 +65,6 @@ jobs: - name: Setup UDS Cluster uses: ./.github/actions/uds-cluster - with: - registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} - registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} - name: Setup LFAI-API and Supabase uses: ./.github/actions/lfai-core diff --git a/.github/workflows/e2e-playwright.yaml b/.github/workflows/e2e-playwright.yaml index 0eea84eb0..3ce993de5 100644 --- a/.github/workflows/e2e-playwright.yaml +++ b/.github/workflows/e2e-playwright.yaml @@ -74,9 +74,6 @@ jobs: - name: Setup UDS Cluster uses: ./.github/actions/uds-cluster - with: - registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} - registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} - name: Setup LFAI-API and Supabase uses: ./.github/actions/lfai-core diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index 809094d25..879ea0912 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -38,9 +38,6 @@ jobs: - name: Setup UDS Cluster uses: ./.github/actions/uds-cluster - with: - registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} - registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} - name: Setup LFAI-API and Supabase uses: ./.github/actions/lfai-core diff --git a/.github/workflows/e2e-text-embeddings.yaml b/.github/workflows/e2e-text-embeddings.yaml index eba01378d..d297b7feb 100644 --- a/.github/workflows/e2e-text-embeddings.yaml +++ b/.github/workflows/e2e-text-embeddings.yaml @@ -67,9 +67,6 @@ jobs: - name: Setup UDS Cluster uses: ./.github/actions/uds-cluster - with: - registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} - registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} - name: Setup LFAI-API and Supabase uses: ./.github/actions/lfai-core diff --git a/.github/workflows/e2e-whisper.yaml b/.github/workflows/e2e-whisper.yaml index 7c3908aa5..1aca21a2d 100644 --- a/.github/workflows/e2e-whisper.yaml +++ b/.github/workflows/e2e-whisper.yaml @@ -67,9 +67,6 @@ jobs: - name: Setup UDS Cluster uses: ./.github/actions/uds-cluster - with: - registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} - registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} - name: Setup LFAI-API and Supabase uses: ./.github/actions/lfai-core From ce960a64424350cbfc48defb08ec41d284f4c0a5 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 17:57:24 -0400 Subject: [PATCH 14/39] fix UDS CLI version, pt.3 --- .github/actions/uds-cluster/action.yaml | 8 +++++--- .github/workflows/e2e-llama-cpp-python.yaml | 4 ++++ .github/workflows/e2e-playwright.yaml | 4 ++++ .github/workflows/e2e-registry1-weekly.yaml | 4 ++++ .github/workflows/e2e-text-embeddings.yaml | 4 ++++ .github/workflows/e2e-vllm.yaml | 5 +++-- .github/workflows/e2e-whisper.yaml | 4 ++++ 7 files changed, 28 insertions(+), 5 deletions(-) diff --git a/.github/actions/uds-cluster/action.yaml b/.github/actions/uds-cluster/action.yaml index 4a7b25b87..2683b9910 100644 --- a/.github/actions/uds-cluster/action.yaml +++ b/.github/actions/uds-cluster/action.yaml @@ -6,6 +6,8 @@ inputs: description: Registry1 Username registry1Password: description: Registry1 Password + ghToken: + description: GitHub Token runs: using: composite @@ -13,10 +15,10 @@ runs: - name: Setup UDS Environment uses: defenseunicorns/uds-common/.github/actions/setup@822dac4452e6815aadcf09f487406ff258756a0c # v0.14.0 with: - registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} - registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + registry1Username: ${{ inputs.IRON_BANK_ROBOT_USERNAME }} + registry1Password: ${{ inputs.IRON_BANK_ROBOT_PASSWORD }} + ghToken: ${{ inputs.ghToken }} udsCliVersion: 0.14.0 - ghToken: ${{ secrets.GITHUB_TOKEN }} - name: Create UDS Cluster shell: bash diff --git a/.github/workflows/e2e-llama-cpp-python.yaml b/.github/workflows/e2e-llama-cpp-python.yaml index b9f376744..5c6768596 100644 --- a/.github/workflows/e2e-llama-cpp-python.yaml +++ b/.github/workflows/e2e-llama-cpp-python.yaml @@ -65,6 +65,10 @@ jobs: - name: Setup UDS Cluster uses: ./.github/actions/uds-cluster + with: + registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} + registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + ghToken: ${{ secrets.GITHUB_TOKEN }} - name: Setup LFAI-API and Supabase uses: ./.github/actions/lfai-core diff --git a/.github/workflows/e2e-playwright.yaml b/.github/workflows/e2e-playwright.yaml index 3ce993de5..4d48bfd25 100644 --- a/.github/workflows/e2e-playwright.yaml +++ b/.github/workflows/e2e-playwright.yaml @@ -74,6 +74,10 @@ jobs: - name: Setup UDS Cluster uses: ./.github/actions/uds-cluster + with: + registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} + registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + ghToken: ${{ secrets.GITHUB_TOKEN }} - name: Setup LFAI-API and Supabase uses: ./.github/actions/lfai-core diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index 879ea0912..e5e59f64f 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -38,6 +38,10 @@ jobs: - name: Setup UDS Cluster uses: ./.github/actions/uds-cluster + with: + registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} + registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + ghToken: ${{ secrets.GITHUB_TOKEN }} - name: Setup LFAI-API and Supabase uses: ./.github/actions/lfai-core diff --git a/.github/workflows/e2e-text-embeddings.yaml b/.github/workflows/e2e-text-embeddings.yaml index d297b7feb..20f7eb97a 100644 --- a/.github/workflows/e2e-text-embeddings.yaml +++ b/.github/workflows/e2e-text-embeddings.yaml @@ -67,6 +67,10 @@ jobs: - name: Setup UDS Cluster uses: ./.github/actions/uds-cluster + with: + registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} + registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + ghToken: ${{ secrets.GITHUB_TOKEN }} - name: Setup LFAI-API and Supabase uses: ./.github/actions/lfai-core diff --git a/.github/workflows/e2e-vllm.yaml b/.github/workflows/e2e-vllm.yaml index cedfab53e..5931ef359 100644 --- a/.github/workflows/e2e-vllm.yaml +++ b/.github/workflows/e2e-vllm.yaml @@ -70,8 +70,9 @@ jobs: - name: Setup UDS Environment uses: defenseunicorns/uds-common/.github/actions/setup@05f42bb3117b66ebef8c72ae050b34bce19385f5 with: - username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} - password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} + registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + ghToken: ${{ secrets.GITHUB_TOKEN }} ########## c # vLLM diff --git a/.github/workflows/e2e-whisper.yaml b/.github/workflows/e2e-whisper.yaml index 1aca21a2d..dee2cf45a 100644 --- a/.github/workflows/e2e-whisper.yaml +++ b/.github/workflows/e2e-whisper.yaml @@ -67,6 +67,10 @@ jobs: - name: Setup UDS Cluster uses: ./.github/actions/uds-cluster + with: + registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} + registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + ghToken: ${{ secrets.GITHUB_TOKEN }} - name: Setup LFAI-API and Supabase uses: ./.github/actions/lfai-core From 1ef8606491cbdd0f23f6a708bdf8f360e728f535 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 18:01:12 -0400 Subject: [PATCH 15/39] fix UDS CLI version, pt.4 --- .github/actions/uds-cluster/action.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/uds-cluster/action.yaml b/.github/actions/uds-cluster/action.yaml index 2683b9910..b52e66b8d 100644 --- a/.github/actions/uds-cluster/action.yaml +++ b/.github/actions/uds-cluster/action.yaml @@ -15,8 +15,8 @@ runs: - name: Setup UDS Environment uses: defenseunicorns/uds-common/.github/actions/setup@822dac4452e6815aadcf09f487406ff258756a0c # v0.14.0 with: - registry1Username: ${{ inputs.IRON_BANK_ROBOT_USERNAME }} - registry1Password: ${{ inputs.IRON_BANK_ROBOT_PASSWORD }} + registry1Username: ${{ inputs.registry1Username }} + registry1Password: ${{ inputs.registry1Password }} ghToken: ${{ inputs.ghToken }} udsCliVersion: 0.14.0 From a1aa182e9b757961f482fe991ac4097afe178119 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 18:03:57 -0400 Subject: [PATCH 16/39] fix vllm uds setup --- .github/workflows/e2e-vllm.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/e2e-vllm.yaml b/.github/workflows/e2e-vllm.yaml index 5931ef359..836cddf61 100644 --- a/.github/workflows/e2e-vllm.yaml +++ b/.github/workflows/e2e-vllm.yaml @@ -67,8 +67,8 @@ jobs: with: additionalOptionalDep: dev-vllm - - name: Setup UDS Environment - uses: defenseunicorns/uds-common/.github/actions/setup@05f42bb3117b66ebef8c72ae050b34bce19385f5 + - name: Setup UDS Cluster + uses: ./.github/actions/uds-cluster with: registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} From e05998a02e553a09b821822ca5686ad0165ee9ae Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 18:06:15 -0400 Subject: [PATCH 17/39] fix vllm uds setup, pt.2 --- .github/workflows/e2e-vllm.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/e2e-vllm.yaml b/.github/workflows/e2e-vllm.yaml index 836cddf61..1d037fc57 100644 --- a/.github/workflows/e2e-vllm.yaml +++ b/.github/workflows/e2e-vllm.yaml @@ -67,12 +67,13 @@ jobs: with: additionalOptionalDep: dev-vllm - - name: Setup UDS Cluster - uses: ./.github/actions/uds-cluster + - name: Setup UDS Environment + uses: defenseunicorns/uds-common/.github/actions/setup@822dac4452e6815aadcf09f487406ff258756a0c # v0.14.0 with: registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} ghToken: ${{ secrets.GITHUB_TOKEN }} + udsCliVersion: 0.14.0 ########## c # vLLM From 8a06f5840503e17579ca07f4c51fdd4ae3ac1786 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 18:23:47 -0400 Subject: [PATCH 18/39] fix version for registry1 image --- .github/release-please-config.json | 5 +++++ .github/workflows/e2e-registry1-weekly.yaml | 6 ++++++ 2 files changed, 11 insertions(+) diff --git a/.github/release-please-config.json b/.github/release-please-config.json index 6cf564cdb..4458cae05 100644 --- a/.github/release-please-config.json +++ b/.github/release-please-config.json @@ -45,6 +45,11 @@ "type": "generic", "path": "**/hugo.toml", "glob": true + }, + { + "type": "generic", + "path": ".github/workflows/e2e-registry1-weekly.yaml", + "glob": true } ] } diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index e5e59f64f..379306c6a 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -15,6 +15,11 @@ on: - .github/workflows/e2e-registry1-weekly.yaml - uds-bundles/latest/** +env: + # x-release-please-start-version + VERSION: 0.11.0 + # x-release-please-end + concurrency: group: e2e-registry1-weekly-${{ github.ref }} cancel-in-progress: true @@ -53,6 +58,7 @@ jobs: uds zarf tools yq -i '.packages[1].repository = "registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api"' \ uds-bundles/latest/cpu/uds-bundle.yaml + uds zarf tools yq -i '.packages[1].ref = v${{ env.VERSION }}' uds-bundles/latest/cpu/uds-bundle.yaml - name: Create Bundle run: | From 839a66f95d575e3b7ff676edeb23ccbe5737cf54 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 18:28:07 -0400 Subject: [PATCH 19/39] fix version for registry1 image, pt.2 --- packages/api/values/registry1-values.yaml | 4 +--- packages/api/zarf.yaml | 2 +- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/packages/api/values/registry1-values.yaml b/packages/api/values/registry1-values.yaml index 72d6a77b1..56d7e6e4e 100644 --- a/packages/api/values/registry1-values.yaml +++ b/packages/api/values/registry1-values.yaml @@ -2,16 +2,14 @@ api: image: repository: registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api # x-release-please-start-version - tag: v0.10.0 + tag: v0.11.0 # x-release-please-end migration: image: # TODO: replace with Ironbank image once hardened: registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api/migrations repository: ghcr.io/defenseunicorns/leapfrogai/api-migrations - # x-release-please-start-version tag: ###ZARF_CONST_IMAGE_VERSION### - # x-release-please-end kiwigrid: image: diff --git a/packages/api/zarf.yaml b/packages/api/zarf.yaml index 2c8cc43cf..fb3e6a089 100644 --- a/packages/api/zarf.yaml +++ b/packages/api/zarf.yaml @@ -45,7 +45,7 @@ components: valuesFiles: - "values/registry1-values.yaml" images: - - "registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api:v0.10.0" + - "registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api:v0.11.0" # TODO: replace with Ironbank image once hardened: registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api/migrations - "ghcr.io/defenseunicorns/leapfrogai/api-migrations:###ZARF_PKG_TMPL_IMAGE_VERSION###" - "registry1.dso.mil/ironbank/kiwigrid/k8s-sidecar:1.23.3" From 152e5a6b4466e455dc9b66d5310f1e72cb7c15fd Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 18:42:11 -0400 Subject: [PATCH 20/39] missing double quotes yq --- .github/workflows/e2e-registry1-weekly.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index 379306c6a..80af6df39 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -58,7 +58,7 @@ jobs: uds zarf tools yq -i '.packages[1].repository = "registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api"' \ uds-bundles/latest/cpu/uds-bundle.yaml - uds zarf tools yq -i '.packages[1].ref = v${{ env.VERSION }}' uds-bundles/latest/cpu/uds-bundle.yaml + uds zarf tools yq -i '.packages[1].ref = "v${{ env.VERSION }}"' uds-bundles/latest/cpu/uds-bundle.yaml - name: Create Bundle run: | From dd78a7f17e2db629053aec83b11c57ee9b56053f Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 21:52:04 -0400 Subject: [PATCH 21/39] zarf package yq commands --- .github/release-please-config.json | 5 ----- .github/workflows/e2e-registry1-weekly.yaml | 24 +++++++++------------ 2 files changed, 10 insertions(+), 19 deletions(-) diff --git a/.github/release-please-config.json b/.github/release-please-config.json index 4458cae05..6cf564cdb 100644 --- a/.github/release-please-config.json +++ b/.github/release-please-config.json @@ -45,11 +45,6 @@ "type": "generic", "path": "**/hugo.toml", "glob": true - }, - { - "type": "generic", - "path": ".github/workflows/e2e-registry1-weekly.yaml", - "glob": true } ] } diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index 80af6df39..aea3c8555 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -15,19 +15,14 @@ on: - .github/workflows/e2e-registry1-weekly.yaml - uds-bundles/latest/** -env: - # x-release-please-start-version - VERSION: 0.11.0 - # x-release-please-end - concurrency: group: e2e-registry1-weekly-${{ github.ref }} cancel-in-progress: true jobs: - test-flavor: + test-flavors: runs-on: ai-ubuntu-big-boy-8-core - name: Test LeapfrogAI Flavor + name: Test LeapfrogAI Flavors permissions: contents: read @@ -48,17 +43,18 @@ jobs: registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} ghToken: ${{ secrets.GITHUB_TOKEN }} - - name: Setup LFAI-API and Supabase + - name: Setup LeapfrogAI API and Supabase uses: ./.github/actions/lfai-core - - name: Set Flavor and Version + - name: Set Bundle Flavor Fields run: | - uds zarf tools yq -i '.metadata.version = "registry1"' \ - uds-bundles/latest/cpu/uds-bundle.yaml + uds zarf tools yq -i '.packages[1] |= del(.repository)' uds-bundles/latest/cpu/uds-bundle.yaml + uds zarf tools yq -i '.packages[1] |= .ref = "registry1"' uds-bundles/latest/cpu/uds-bundle.yaml + uds zarf tools yq -i '.packages[1] |= .path = "../../../packages/api"' uds-bundles/latest/cpu/uds-bundle.yaml - uds zarf tools yq -i '.packages[1].repository = "registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api"' \ - uds-bundles/latest/cpu/uds-bundle.yaml - uds zarf tools yq -i '.packages[1].ref = "v${{ env.VERSION }}"' uds-bundles/latest/cpu/uds-bundle.yaml + - name: Create Registry1 Package(s) + run: | + LOCAL_VERSION=registry1 FLAVOR=registry1 make build-api - name: Create Bundle run: | From 70b3988f3d4d92a0dd9bd376ca546e1e469cc7e2 Mon Sep 17 00:00:00 2001 From: Justin Law <81255462+justinthelaw@users.noreply.github.com> Date: Tue, 20 Aug 2024 22:33:57 -0400 Subject: [PATCH 22/39] Update e2e-registry1-weekly.yaml --- .github/workflows/e2e-registry1-weekly.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index aea3c8555..38c6e6f24 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -51,6 +51,7 @@ jobs: uds zarf tools yq -i '.packages[1] |= del(.repository)' uds-bundles/latest/cpu/uds-bundle.yaml uds zarf tools yq -i '.packages[1] |= .ref = "registry1"' uds-bundles/latest/cpu/uds-bundle.yaml uds zarf tools yq -i '.packages[1] |= .path = "../../../packages/api"' uds-bundles/latest/cpu/uds-bundle.yaml + uds zarf tools yq -i '.metadata.version = "registry1"' uds-bundles/latest/cpu/uds-bundle.yaml - name: Create Registry1 Package(s) run: | From 84b31f9e496b6bf000fb3bc92d67e59b71aa1c18 Mon Sep 17 00:00:00 2001 From: Justin Law <81255462+justinthelaw@users.noreply.github.com> Date: Tue, 20 Aug 2024 23:02:35 -0400 Subject: [PATCH 23/39] Update e2e-registry1-weekly.yaml --- .github/workflows/e2e-registry1-weekly.yaml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index 38c6e6f24..782b3c52b 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -57,13 +57,10 @@ jobs: run: | LOCAL_VERSION=registry1 FLAVOR=registry1 make build-api - - name: Create Bundle + - name: Create and Deploy Bundle run: | cd uds-bundles/latest/cpu uds create . --confirm - - - name: Deploy Bundle - run: | uds deploy uds-bundle-leapfrogai-amd64-registry1.tar.zst rm -rf uds-bundle-leapfrogai-amd64-registry1.tar.zst cd ../../../ From bd37b7feb1fe1029c4fbde1cb686d32df5521082 Mon Sep 17 00:00:00 2001 From: Justin Law <81255462+justinthelaw@users.noreply.github.com> Date: Tue, 20 Aug 2024 23:21:43 -0400 Subject: [PATCH 24/39] Update e2e-registry1-weekly.yaml --- .github/workflows/e2e-registry1-weekly.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index 782b3c52b..fc61d93fb 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -61,7 +61,7 @@ jobs: run: | cd uds-bundles/latest/cpu uds create . --confirm - uds deploy uds-bundle-leapfrogai-amd64-registry1.tar.zst + uds deploy uds-bundle-leapfrogai-amd64-registry1.tar.zst --confirm rm -rf uds-bundle-leapfrogai-amd64-registry1.tar.zst cd ../../../ From 081e60f539c5d2a11003971b208cb51634259aea Mon Sep 17 00:00:00 2001 From: Justin Law Date: Thu, 29 Aug 2024 10:18:32 -0400 Subject: [PATCH 25/39] revert default ui api service --- packages/ui/zarf.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/ui/zarf.yaml b/packages/ui/zarf.yaml index c85d5bfa8..93ae95896 100644 --- a/packages/ui/zarf.yaml +++ b/packages/ui/zarf.yaml @@ -12,7 +12,7 @@ constants: variables: - name: LEAPFROGAI_API_BASE_URL #LEAPFROGAI_API_BASE_URL description: The base URL for the LeapfrogAI API - default: http://leapfrogai-api.leapfrogai.svc.cluster.local:8080 + default: http://api.leapfrogai.svc.cluster.local:8080 prompt: true sensitive: true - name: OPENAI_API_KEY From 12498813ca63c58c7b697a8508afe9f3386a3d46 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Thu, 29 Aug 2024 11:41:54 -0400 Subject: [PATCH 26/39] default ui URL for api service --- .github/workflows/e2e-registry1-weekly.yaml | 2 +- packages/ui/zarf.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index fc61d93fb..df333c618 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -85,7 +85,7 @@ jobs: - name: Test UI run: | cp src/leapfrogai_ui/.env.example src/leapfrogai_ui/.env - TEST_ENV=CI PUBLIC_DISABLE_KEYCLOAK=true PUBLIC_SUPABASE_ANON_KEY=$ANON_KEY npm --prefix src/leapfrogai_ui run test:integration:ci + LEAPFROGAI_API_BASE_URL="http://leapfrogai-api.leapfrogai.svc.cluster.local:8080" TEST_ENV=CI PUBLIC_DISABLE_KEYCLOAK=true PUBLIC_SUPABASE_ANON_KEY=$ANON_KEY npm --prefix src/leapfrogai_ui run test:integration:ci - name: Archive Playwright Report uses: actions/upload-artifact@v4 diff --git a/packages/ui/zarf.yaml b/packages/ui/zarf.yaml index 93ae95896..c85d5bfa8 100644 --- a/packages/ui/zarf.yaml +++ b/packages/ui/zarf.yaml @@ -12,7 +12,7 @@ constants: variables: - name: LEAPFROGAI_API_BASE_URL #LEAPFROGAI_API_BASE_URL description: The base URL for the LeapfrogAI API - default: http://api.leapfrogai.svc.cluster.local:8080 + default: http://leapfrogai-api.leapfrogai.svc.cluster.local:8080 prompt: true sensitive: true - name: OPENAI_API_KEY From 284f292b59598bfb5ee9b4a4fe749a762907c033 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Thu, 29 Aug 2024 13:20:12 -0400 Subject: [PATCH 27/39] fix setup and deploy bundle --- .github/actions/uds-cluster/action.yaml | 5 +++-- .github/workflows/e2e-registry1-weekly.yaml | 7 +++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/actions/uds-cluster/action.yaml b/.github/actions/uds-cluster/action.yaml index 7fa16098e..683aa2652 100644 --- a/.github/actions/uds-cluster/action.yaml +++ b/.github/actions/uds-cluster/action.yaml @@ -15,8 +15,9 @@ runs: - name: Setup UDS Environment uses: defenseunicorns/uds-common/.github/actions/setup@822dac4452e6815aadcf09f487406ff258756a0c # v0.14.0 with: - username: ${{ inputs.registry1Username }} - password: ${{ inputs.registry1Password }} + registry1Username: ${{ inputs.registry1Username }} + registry1Password: ${{ inputs.registry1Password }} + ghToken: ${{ inputs.ghToken }} udsCliVersion: 0.14.0 - name: Checkout Repo diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index df333c618..a7ebce63f 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -60,10 +60,9 @@ jobs: - name: Create and Deploy Bundle run: | cd uds-bundles/latest/cpu - uds create . --confirm - uds deploy uds-bundle-leapfrogai-amd64-registry1.tar.zst --confirm - rm -rf uds-bundle-leapfrogai-amd64-registry1.tar.zst - cd ../../../ + uds create . --confirm && \ + uds deploy uds-bundle-leapfrogai-amd64-registry1.tar.zst --confirm --no-progress && \ + rm -rf uds-bundle-leapfrogai-amd64-registry1.tar.zst - name: Test llama-cpp-python run: | From 410cd2188fd4b2be1142daa3c8c4621df7c0d162 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Thu, 29 Aug 2024 13:28:00 -0400 Subject: [PATCH 28/39] remove extraneous setup step --- .github/workflows/e2e-registry1-weekly.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index a7ebce63f..e8fa602cc 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -43,9 +43,6 @@ jobs: registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} ghToken: ${{ secrets.GITHUB_TOKEN }} - - name: Setup LeapfrogAI API and Supabase - uses: ./.github/actions/lfai-core - - name: Set Bundle Flavor Fields run: | uds zarf tools yq -i '.packages[1] |= del(.repository)' uds-bundles/latest/cpu/uds-bundle.yaml From 5cdd8b0a7e1185093d7bb727ac830e3a91eb12bc Mon Sep 17 00:00:00 2001 From: Justin Law Date: Thu, 29 Aug 2024 14:05:04 -0400 Subject: [PATCH 29/39] add ANON_KEY back in manually --- .github/workflows/e2e-registry1-weekly.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index e8fa602cc..9d2259f23 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -54,6 +54,12 @@ jobs: run: | LOCAL_VERSION=registry1 FLAVOR=registry1 make build-api + - name: Set environment variable + shell: bash + id: set-env-var + run: | + echo "ANON_KEY=$(uds zarf tools kubectl get secret supabase-bootstrap-jwt -n leapfrogai -o jsonpath='{.data.anon-key}' | base64 -d)" >> "$GITHUB_ENV" + - name: Create and Deploy Bundle run: | cd uds-bundles/latest/cpu From 37b8a5aefb33d94c76de4a9e735329f525fce692 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Thu, 29 Aug 2024 15:22:56 -0400 Subject: [PATCH 30/39] move ANON_KEY to correct step --- .github/workflows/e2e-registry1-weekly.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index 9d2259f23..d402f54a7 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -54,12 +54,6 @@ jobs: run: | LOCAL_VERSION=registry1 FLAVOR=registry1 make build-api - - name: Set environment variable - shell: bash - id: set-env-var - run: | - echo "ANON_KEY=$(uds zarf tools kubectl get secret supabase-bootstrap-jwt -n leapfrogai -o jsonpath='{.data.anon-key}' | base64 -d)" >> "$GITHUB_ENV" - - name: Create and Deploy Bundle run: | cd uds-bundles/latest/cpu @@ -67,6 +61,12 @@ jobs: uds deploy uds-bundle-leapfrogai-amd64-registry1.tar.zst --confirm --no-progress && \ rm -rf uds-bundle-leapfrogai-amd64-registry1.tar.zst + - name: Set environment variable + shell: bash + id: set-env-var + run: | + echo "ANON_KEY=$(uds zarf tools kubectl get secret supabase-bootstrap-jwt -n leapfrogai -o jsonpath='{.data.anon-key}' | base64 -d)" >> "$GITHUB_ENV" + - name: Test llama-cpp-python run: | python -m pytest ./tests/e2e/test_llama.py -v From 2e67af914c24b3af2d28d4d19bf6ba14cfd6e1e3 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Thu, 29 Aug 2024 16:05:34 -0400 Subject: [PATCH 31/39] add other Playwright E2E test steps --- .github/workflows/e2e-registry1-weekly.yaml | 33 +++++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index d402f54a7..4877653f6 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -43,6 +43,7 @@ jobs: registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} ghToken: ${{ secrets.GITHUB_TOKEN }} + # Set flavored package within UDS bundle definition - name: Set Bundle Flavor Fields run: | uds zarf tools yq -i '.packages[1] |= del(.repository)' uds-bundles/latest/cpu/uds-bundle.yaml @@ -61,12 +62,14 @@ jobs: uds deploy uds-bundle-leapfrogai-amd64-registry1.tar.zst --confirm --no-progress && \ rm -rf uds-bundle-leapfrogai-amd64-registry1.tar.zst + # API Key Prep - name: Set environment variable shell: bash id: set-env-var run: | echo "ANON_KEY=$(uds zarf tools kubectl get secret supabase-bootstrap-jwt -n leapfrogai -o jsonpath='{.data.anon-key}' | base64 -d)" >> "$GITHUB_ENV" + # Backends - name: Test llama-cpp-python run: | python -m pytest ./tests/e2e/test_llama.py -v @@ -79,15 +82,41 @@ jobs: run: | python -m pytest ./tests/e2e/test_whisper.py -v + # Setup for application layer testing + - name: Generate Fake Playwright User Password + id: generate-password + run: | + PASSWORD=$(cat <(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9!@#$%^&*()_+-=[]{}|;:,.<>?' | head -c 20) <(echo '!@1Aa') | fold -w1 | shuf | tr -d '\n') + echo "::add-mask::$PASSWORD" + echo "FAKE_E2E_USER_PASSWORD=$PASSWORD" >> $GITHUB_ENV + + - name: Create Test User + run: | + chmod +x ./.github/scripts/createUser.sh + ./.github/scripts/createUser.sh + + # Supabase + - name: Test Supabase + run: | + python -m pytest ./tests/e2e/test_supabase.py -v + + # API + - name: Test API + run: | + python -m pytest ./tests/e2e/test_api.py -v + + # UI - name: Install UI/Playwright Dependencies run: | npm --prefix src/leapfrogai_ui ci npx --prefix src/leapfrogai_ui playwright install - - name: Test UI + - name: UI/API/Supabase E2E Playwright Tests run: | cp src/leapfrogai_ui/.env.example src/leapfrogai_ui/.env - LEAPFROGAI_API_BASE_URL="http://leapfrogai-api.leapfrogai.svc.cluster.local:8080" TEST_ENV=CI PUBLIC_DISABLE_KEYCLOAK=true PUBLIC_SUPABASE_ANON_KEY=$ANON_KEY npm --prefix src/leapfrogai_ui run test:integration:ci + mkdir -p playwright/auth + touch playwright/auth.user.json + LEAPFROGAI_API_BASE_URL="http://leapfrogai-api.leapfrogai.svc.cluster.local:8080" SERVICE_ROLE_KEY=$ANON_KEY TEST_ENV=CI USERNAME=doug PASSWORD=$FAKE_E2E_USER_PASSWORD PUBLIC_SUPABASE_ANON_KEY=$ANON_KEY npm --prefix src/leapfrogai_ui run test:integration:ci - name: Archive Playwright Report uses: actions/upload-artifact@v4 From ab6b9dd703bed697ce2e629a6d32305c3a960993 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Thu, 29 Aug 2024 16:43:15 -0400 Subject: [PATCH 32/39] remove extraneous url env in playwright --- .github/workflows/e2e-registry1-weekly.yaml | 2 +- README.md | 2 ++ docs/DEVELOPMENT.md | 3 ++- .../en/docs/local-deploy-guide/components.md | 16 ++++++++++++++++ .../en/docs/local-deploy-guide/quick_start.md | 2 +- 5 files changed, 22 insertions(+), 3 deletions(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index 4877653f6..7f7013a75 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -116,7 +116,7 @@ jobs: cp src/leapfrogai_ui/.env.example src/leapfrogai_ui/.env mkdir -p playwright/auth touch playwright/auth.user.json - LEAPFROGAI_API_BASE_URL="http://leapfrogai-api.leapfrogai.svc.cluster.local:8080" SERVICE_ROLE_KEY=$ANON_KEY TEST_ENV=CI USERNAME=doug PASSWORD=$FAKE_E2E_USER_PASSWORD PUBLIC_SUPABASE_ANON_KEY=$ANON_KEY npm --prefix src/leapfrogai_ui run test:integration:ci + SERVICE_ROLE_KEY=$ANON_KEY TEST_ENV=CI USERNAME=doug PASSWORD=$FAKE_E2E_USER_PASSWORD PUBLIC_SUPABASE_ANON_KEY=$ANON_KEY npm --prefix src/leapfrogai_ui run test:integration:ci - name: Archive Playwright Report uses: actions/upload-artifact@v4 diff --git a/README.md b/README.md index 35ae93a7c..cfd5bbff6 100644 --- a/README.md +++ b/README.md @@ -137,6 +137,8 @@ Below is the current component flavors list: | [vllm](packages/vllm/) | ✅ | 🚧 | 🚧 | | [vllm](packages/vllm/) | ✅ | 🚧 | 🚧 | +Flavors with any components labelled as 🚧 are not available as a quick start bundle deployment yet. Please refer to the [DEVELOPMENT.md](./docs/DEVELOPMENT.md) for instructions on how to build a component's Zarf package for local testing. + ## Usage To build a LeapfrogAI UDS bundle and deploy it, please refer to the [LeapfrogAI Documentation Website](https://docs.leapfrog.ai/docs/). In the documentation website, you'll find system requirements and instructions for all things LeapfrogAI that aren't associated to local development and contributing. diff --git a/docs/DEVELOPMENT.md b/docs/DEVELOPMENT.md index 2993c37a1..ff05e2fa7 100644 --- a/docs/DEVELOPMENT.md +++ b/docs/DEVELOPMENT.md @@ -70,7 +70,7 @@ For example, the LeapfrogAI API requires a `config.yaml` be supplied when spun u ## Package Development -If you don't want to [build an entire bundle](#bundle-development), or you want to "dev-loop" on a single package in an existing [UDS Kubernetes cluster](../packages/k3d-gpu/README.md) you can do so by performing the following. +If you don't want to [build an entire bundle](#bundle-development), or you want to "dev-loop" on a single package in an existing [UDS Kubernetes cluster](../packages/k3d-gpu/README.md) you can do so by following the instructions below. For example, this is how you build and (re)deploy a local DEV version of a package: @@ -80,6 +80,7 @@ uds zarf package remove leapfrogai-api --confirm uds zarf tools registry prune --confirm # create and deploy the new package +# FLAVOR can be registry1, upstream, or unicorn - see README for availability details LOCAL_VERSION=dev FLAVOR=upstream REGISTRY_PORT=5000 ARCH=amd64 make build-api LOCAL_VERSION=dev FLAVOR=upstream REGISTRY_PORT=5000 ARCH=amd64 make deploy-api ``` diff --git a/website/content/en/docs/local-deploy-guide/components.md b/website/content/en/docs/local-deploy-guide/components.md index bb252c97e..e4e96c0da 100644 --- a/website/content/en/docs/local-deploy-guide/components.md +++ b/website/content/en/docs/local-deploy-guide/components.md @@ -29,6 +29,22 @@ Each component has different images and values that refer to a specific image re 2. 🚧 `registry1`: uses [IronBank hardened images](https://repo1.dso.mil/dsop) from the Repo1 harbor registry 3. 🚧 `unicorn`: uses [Chainguard hardened images](https://www.chainguard.dev/chainguard-images) from the Chainguard registry +Below is the current component flavors list: + +| Component | `upstream` | `registry1` | `chainguard` | +| ---------------------------------------------- | ------------ | ------------- | -------------- | +| [api](packages/api/) | ✅ | ✅ | 🚧 | +| [ui](packages/ui/) | ✅ | 🚧 | 🚧 | +| [supabase](packages/supabase/) | ✅ | 🚧 | 🚧 | +| [migrations](./Dockerfile.migrations) | ✅ | 🚧 | 🚧 | +| [llama-cpp-python](packages/llama-cpp-python/) | ✅ | 🚧 | 🚧 | +| [whisper](packages/whisper/) | ✅ | 🚧 | 🚧 | +| [text-embeddings](packages/text-embeddings/) | ✅ | 🚧 | 🚧 | +| [vllm](packages/vllm/) | ✅ | 🚧 | 🚧 | +| [vllm](packages/vllm/) | ✅ | 🚧 | 🚧 | + +Flavors with any components labelled as 🚧 are not available as a quick start bundle deployment yet. Please refer to the [DEVELOPMENT.md](https://github.com/defenseunicorns/leapfrogai/blob/main/docs/DEVELOPMENT.md) for instructions on how to build a component's Zarf package for local testing. + ### Artifact Support LeapfrogAI contains built-in embeddings for RAG and transcription / translation solutions that can handle many different file types. Many of these capabilities are accessible via the LeapfrogAI API. The supported artifact types are as follows: diff --git a/website/content/en/docs/local-deploy-guide/quick_start.md b/website/content/en/docs/local-deploy-guide/quick_start.md index 63d90ebc6..c58198a7f 100644 --- a/website/content/en/docs/local-deploy-guide/quick_start.md +++ b/website/content/en/docs/local-deploy-guide/quick_start.md @@ -71,7 +71,7 @@ If you already have a pre-built UDS bundle, please skip to [Deploying the UDS Bu 2. Deploy the bundle you created in the [previous steps](#building-the-uds-bundle): ```bash - # make sure you ar ein the directory with the UDS bundle archive + # make sure you are in the directory with the UDS bundle archive uds deploy uds-bundle-leapfrogai*.tar.zst ``` From 42c0f6be5964c50b2b178498be9f49a7f01fb762 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Thu, 29 Aug 2024 17:27:23 -0400 Subject: [PATCH 33/39] fix version and env --- .github/workflows/e2e-registry1-weekly.yaml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index 7f7013a75..a6c25d3a3 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -60,7 +60,8 @@ jobs: cd uds-bundles/latest/cpu uds create . --confirm && \ uds deploy uds-bundle-leapfrogai-amd64-registry1.tar.zst --confirm --no-progress && \ - rm -rf uds-bundle-leapfrogai-amd64-registry1.tar.zst + rm -rf uds-bundle-leapfrogai-amd64-registry1.tar.zst && \ + docker system prune -af # API Key Prep - name: Set environment variable @@ -116,10 +117,12 @@ jobs: cp src/leapfrogai_ui/.env.example src/leapfrogai_ui/.env mkdir -p playwright/auth touch playwright/auth.user.json - SERVICE_ROLE_KEY=$ANON_KEY TEST_ENV=CI USERNAME=doug PASSWORD=$FAKE_E2E_USER_PASSWORD PUBLIC_SUPABASE_ANON_KEY=$ANON_KEY npm --prefix src/leapfrogai_ui run test:integration:ci + SERVICE_ROLE_KEY=$(uds zarf tools kubectl get secret -n leapfrogai supabase-bootstrap-jwt -o jsonpath={.data.service-key} | base64 -d) + echo "::add-mask::$SERVICE_ROLE_KEY" + SERVICE_ROLE_KEY=$SERVICE_ROLE_KEY TEST_ENV=CI USERNAME=doug PASSWORD=$FAKE_E2E_USER_PASSWORD PUBLIC_SUPABASE_ANON_KEY=$ANON_KEY npm --prefix src/leapfrogai_ui run test:integration:ci - name: Archive Playwright Report - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 if: ${{ !cancelled() }} with: name: playwright-report From 6fd97b126874d94b362283c8306d9cabdacd171b Mon Sep 17 00:00:00 2001 From: Justin Law Date: Fri, 30 Aug 2024 10:19:52 -0400 Subject: [PATCH 34/39] fix up workflow, add LFAI API URL --- .github/workflows/e2e-registry1-weekly.yaml | 81 +++++++++------------ 1 file changed, 33 insertions(+), 48 deletions(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index a6c25d3a3..d1b777ddd 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -19,10 +19,14 @@ concurrency: group: e2e-registry1-weekly-${{ github.ref }} cancel-in-progress: true +defaults: + run: + shell: bash + jobs: test-flavors: runs-on: ai-ubuntu-big-boy-8-core - name: Test LeapfrogAI Flavors + name: e2e_registry1_weekly permissions: contents: read @@ -43,82 +47,63 @@ jobs: registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} ghToken: ${{ secrets.GITHUB_TOKEN }} - # Set flavored package within UDS bundle definition - - name: Set Bundle Flavor Fields + - name: Setup Playwright + run: | + npm --prefix src/leapfrogai_ui ci + npx --prefix src/leapfrogai_ui playwright install + + - name: Create Registry1 Packages + run: | + LOCAL_VERSION=registry1 FLAVOR=registry1 make build-api + + # Mutate UDS bundle definition to use Registry1 packages + - name: Mutation to Registry1 Bundle run: | uds zarf tools yq -i '.packages[1] |= del(.repository)' uds-bundles/latest/cpu/uds-bundle.yaml uds zarf tools yq -i '.packages[1] |= .ref = "registry1"' uds-bundles/latest/cpu/uds-bundle.yaml uds zarf tools yq -i '.packages[1] |= .path = "../../../packages/api"' uds-bundles/latest/cpu/uds-bundle.yaml uds zarf tools yq -i '.metadata.version = "registry1"' uds-bundles/latest/cpu/uds-bundle.yaml - - name: Create Registry1 Package(s) - run: | - LOCAL_VERSION=registry1 FLAVOR=registry1 make build-api - - name: Create and Deploy Bundle run: | cd uds-bundles/latest/cpu uds create . --confirm && \ - uds deploy uds-bundle-leapfrogai-amd64-registry1.tar.zst --confirm --no-progress && \ + uds deploy uds-bundle-leapfrogai-amd64-registry1.tar.zst \ + --set LEAPFROGAI_API_BASE_URL="http://leapfrogai-api.leapfrogai.svc.cluster.local:8080" --confirm --no-progress && \ rm -rf uds-bundle-leapfrogai-amd64-registry1.tar.zst && \ docker system prune -af - # API Key Prep - - name: Set environment variable - shell: bash - id: set-env-var - run: | - echo "ANON_KEY=$(uds zarf tools kubectl get secret supabase-bootstrap-jwt -n leapfrogai -o jsonpath='{.data.anon-key}' | base64 -d)" >> "$GITHUB_ENV" - - # Backends - - name: Test llama-cpp-python - run: | - python -m pytest ./tests/e2e/test_llama.py -v - - - name: Test text-embeddings - run: | - python -m pytest ./tests/e2e/test_text_embeddings.py -v - - - name: Test whisper - run: | - python -m pytest ./tests/e2e/test_whisper.py -v - - # Setup for application layer testing - - name: Generate Fake Playwright User Password - id: generate-password + - name: Generate Secrets and Test User run: | PASSWORD=$(cat <(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9!@#$%^&*()_+-=[]{}|;:,.<>?' | head -c 20) <(echo '!@1Aa') | fold -w1 | shuf | tr -d '\n') echo "::add-mask::$PASSWORD" echo "FAKE_E2E_USER_PASSWORD=$PASSWORD" >> $GITHUB_ENV - - name: Create Test User - run: | + ANON_KEY=$(uds zarf tools kubectl get secret supabase-bootstrap-jwt -n leapfrogai -o jsonpath='{.data.anon-key}' | base64 -d) + echo "::add-mask::$ANON_KEY" + echo "ANON_KEY=$ANON_KEY" >> "$GITHUB_ENV" + + SERVICE_ROLE_KEY=$(uds zarf tools kubectl get secret -n leapfrogai supabase-bootstrap-jwt -o jsonpath={.data.service-key} | base64 -d) + echo "::add-mask::$SERVICE_ROLE_KEY" + chmod +x ./.github/scripts/createUser.sh ./.github/scripts/createUser.sh - # Supabase - - name: Test Supabase + # Backends + - name: Run Backend Tests run: | + python -m pytest ./tests/e2e/test_llama.py -v + python -m pytest ./tests/e2e/test_text_embeddings.py -v + python -m pytest ./tests/e2e/test_whisper.py -v python -m pytest ./tests/e2e/test_supabase.py -v - - # API - - name: Test API - run: | python -m pytest ./tests/e2e/test_api.py -v - # UI - - name: Install UI/Playwright Dependencies - run: | - npm --prefix src/leapfrogai_ui ci - npx --prefix src/leapfrogai_ui playwright install - - - name: UI/API/Supabase E2E Playwright Tests + - name: Run Playwright E2E Tests run: | cp src/leapfrogai_ui/.env.example src/leapfrogai_ui/.env mkdir -p playwright/auth touch playwright/auth.user.json - SERVICE_ROLE_KEY=$(uds zarf tools kubectl get secret -n leapfrogai supabase-bootstrap-jwt -o jsonpath={.data.service-key} | base64 -d) - echo "::add-mask::$SERVICE_ROLE_KEY" + SERVICE_ROLE_KEY=$SERVICE_ROLE_KEY TEST_ENV=CI USERNAME=doug PASSWORD=$FAKE_E2E_USER_PASSWORD PUBLIC_SUPABASE_ANON_KEY=$ANON_KEY npm --prefix src/leapfrogai_ui run test:integration:ci - name: Archive Playwright Report From 05f52459d7beaaeaa969dec34457eaec28d6759d Mon Sep 17 00:00:00 2001 From: Justin Law Date: Fri, 30 Aug 2024 10:57:23 -0400 Subject: [PATCH 35/39] fix env in refactored workflow --- .github/workflows/e2e-registry1-weekly.yaml | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index d1b777ddd..5434a22d4 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -74,21 +74,27 @@ jobs: docker system prune -af - name: Generate Secrets and Test User + id: generate_secrets run: | PASSWORD=$(cat <(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9!@#$%^&*()_+-=[]{}|;:,.<>?' | head -c 20) <(echo '!@1Aa') | fold -w1 | shuf | tr -d '\n') echo "::add-mask::$PASSWORD" - echo "FAKE_E2E_USER_PASSWORD=$PASSWORD" >> $GITHUB_ENV - + echo "FAKE_E2E_USER_PASSWORD=$PASSWORD" >> $GITHUB_OUTPUT ANON_KEY=$(uds zarf tools kubectl get secret supabase-bootstrap-jwt -n leapfrogai -o jsonpath='{.data.anon-key}' | base64 -d) echo "::add-mask::$ANON_KEY" - echo "ANON_KEY=$ANON_KEY" >> "$GITHUB_ENV" - + echo "ANON_KEY=$ANON_KEY" >> $GITHUB_OUTPUT SERVICE_ROLE_KEY=$(uds zarf tools kubectl get secret -n leapfrogai supabase-bootstrap-jwt -o jsonpath={.data.service-key} | base64 -d) echo "::add-mask::$SERVICE_ROLE_KEY" + echo "SERVICE_ROLE_KEY=$SERVICE_ROLE_KEY" >> $GITHUB_OUTPUT chmod +x ./.github/scripts/createUser.sh ./.github/scripts/createUser.sh + - name: Verify Secrets + run: | + echo "FAKE_E2E_USER_PASSWORD is set: ${{ steps.generate_secrets.outputs.FAKE_E2E_USER_PASSWORD != '' }}" + echo "ANON_KEY is set: ${{ steps.generate_secrets.outputs.ANON_KEY != '' }}" + echo "SERVICE_ROLE_KEY is set: ${{ steps.generate_secrets.outputs.SERVICE_ROLE_KEY != '' }}" + # Backends - name: Run Backend Tests run: | @@ -99,6 +105,10 @@ jobs: python -m pytest ./tests/e2e/test_api.py -v - name: Run Playwright E2E Tests + env: + SERVICE_ROLE_KEY: ${{ steps.generate_secrets.outputs.SERVICE_ROLE_KEY }} + FAKE_E2E_USER_PASSWORD: ${{ steps.generate_secrets.outputs.FAKE_E2E_USER_PASSWORD }} + ANON_KEY: ${{ steps.generate_secrets.outputs.ANON_KEY }} run: | cp src/leapfrogai_ui/.env.example src/leapfrogai_ui/.env mkdir -p playwright/auth From 8dfbcc0d2dc914cae3cf511208d6b57c7122a8de Mon Sep 17 00:00:00 2001 From: Justin Law <81255462+justinthelaw@users.noreply.github.com> Date: Fri, 30 Aug 2024 11:31:39 -0400 Subject: [PATCH 36/39] move create user step down --- .github/workflows/e2e-registry1-weekly.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index 5434a22d4..72411d7d9 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -73,7 +73,7 @@ jobs: rm -rf uds-bundle-leapfrogai-amd64-registry1.tar.zst && \ docker system prune -af - - name: Generate Secrets and Test User + - name: Generate Secrets id: generate_secrets run: | PASSWORD=$(cat <(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9!@#$%^&*()_+-=[]{}|;:,.<>?' | head -c 20) <(echo '!@1Aa') | fold -w1 | shuf | tr -d '\n') @@ -86,9 +86,6 @@ jobs: echo "::add-mask::$SERVICE_ROLE_KEY" echo "SERVICE_ROLE_KEY=$SERVICE_ROLE_KEY" >> $GITHUB_OUTPUT - chmod +x ./.github/scripts/createUser.sh - ./.github/scripts/createUser.sh - - name: Verify Secrets run: | echo "FAKE_E2E_USER_PASSWORD is set: ${{ steps.generate_secrets.outputs.FAKE_E2E_USER_PASSWORD != '' }}" @@ -110,6 +107,9 @@ jobs: FAKE_E2E_USER_PASSWORD: ${{ steps.generate_secrets.outputs.FAKE_E2E_USER_PASSWORD }} ANON_KEY: ${{ steps.generate_secrets.outputs.ANON_KEY }} run: | + chmod +x ./.github/scripts/createUser.sh + ./.github/scripts/createUser.sh + cp src/leapfrogai_ui/.env.example src/leapfrogai_ui/.env mkdir -p playwright/auth touch playwright/auth.user.json From 7ccf9da163a3b94ed24b0c7b2e8cfca805784a7f Mon Sep 17 00:00:00 2001 From: Justin Law Date: Fri, 30 Aug 2024 12:13:41 -0400 Subject: [PATCH 37/39] add ANON_KEY back into new pattern --- .github/workflows/e2e-registry1-weekly.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index 72411d7d9..48c87c864 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -94,6 +94,8 @@ jobs: # Backends - name: Run Backend Tests + env: + ANON_KEY: ${{ steps.generate_secrets.outputs.ANON_KEY }} run: | python -m pytest ./tests/e2e/test_llama.py -v python -m pytest ./tests/e2e/test_text_embeddings.py -v From 721d2af364268ed90f471cf749e2545f7013c83a Mon Sep 17 00:00:00 2001 From: Justin Law Date: Fri, 30 Aug 2024 15:55:21 -0400 Subject: [PATCH 38/39] remove unicorn, add flavors everywhere --- .github/workflows/release.yaml | 30 +++++++++---------- Makefile | 14 ++++----- README.md | 23 +++++++------- docs/DEVELOPMENT.md | 14 ++++++--- packages/llama-cpp-python/zarf.yaml | 2 ++ packages/repeater/zarf.yaml | 2 ++ packages/supabase/zarf.yaml | 6 ++++ packages/text-embeddings/zarf.yaml | 2 ++ packages/ui/zarf.yaml | 2 ++ packages/vllm/zarf.yaml | 2 ++ packages/whisper/zarf.yaml | 2 ++ .../en/docs/local-deploy-guide/components.md | 23 +++++++------- 12 files changed, 72 insertions(+), 50 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index c03767b30..9c0825e3a 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -65,8 +65,8 @@ jobs: docker buildx build --platform amd64,arm64 --build-arg LOCAL_VERSION=${{ steps.get_version.outputs.version-without-v }} -t ghcr.io/defenseunicorns/leapfrogai/leapfrogai-api:${{ steps.get_version.outputs.version-without-v }} --push -f packages/api/Dockerfile . docker buildx build --platform amd64,arm64 -t ghcr.io/defenseunicorns/leapfrogai/api-migrations:${{ steps.get_version.outputs.version-without-v }} --push -f Dockerfile.migrations --build-arg="MIGRATIONS_DIR=packages/api/supabase/migrations" . - zarf package create packages/api --set=LEAPFROGAI_IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture amd64 --confirm - zarf package create packages/api --set=LEAPFROGAI_IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture arm64 --confirm + zarf package create packages/api --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture amd64 --flavor upstream --confirm + zarf package create packages/api --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture arm64 --flavor upstream --confirm zarf package publish zarf-package-leapfrogai-api-amd64-${{ steps.get_version.outputs.version-without-v }}.tar.zst oci://ghcr.io/defenseunicorns/packages/leapfrogai zarf package publish zarf-package-leapfrogai-api-arm64-${{ steps.get_version.outputs.version-without-v }}.tar.zst oci://ghcr.io/defenseunicorns/packages/leapfrogai @@ -79,8 +79,8 @@ jobs: docker buildx build --platform amd64,arm64 -t ghcr.io/defenseunicorns/leapfrogai/leapfrogai-ui:${{ steps.get_version.outputs.version-without-v }} --push src/leapfrogai_ui docker buildx build --platform amd64,arm64 -t ghcr.io/defenseunicorns/leapfrogai/ui-migrations:${{ steps.get_version.outputs.version-without-v }} --push -f Dockerfile.migrations --build-arg="MIGRATIONS_DIR=src/leapfrogai_ui/supabase/migrations" . - zarf package create packages/ui --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture amd64 --confirm - zarf package create packages/ui --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture arm64 --confirm + zarf package create packages/ui --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture amd64 --flavor upstream --confirm + zarf package create packages/ui --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture arm64 --flavor upstream --confirm zarf package publish zarf-package-leapfrogai-ui-amd64-${{ steps.get_version.outputs.version-without-v }}.tar.zst oci://ghcr.io/defenseunicorns/packages/leapfrogai zarf package publish zarf-package-leapfrogai-ui-arm64-${{ steps.get_version.outputs.version-without-v }}.tar.zst oci://ghcr.io/defenseunicorns/packages/leapfrogai @@ -92,8 +92,8 @@ jobs: run: | docker buildx build --platform amd64,arm64 -t ghcr.io/defenseunicorns/leapfrogai/supabase-migrations:${{ steps.get_version.outputs.version-without-v }} --push -f Dockerfile.migrations --build-arg="MIGRATIONS_DIR=packages/supabase/migrations" . - zarf package create packages/supabase --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture amd64 --confirm - zarf package create packages/supabase --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture arm64 --confirm + zarf package create packages/supabase --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture amd64 --flavor upstream --confirm + zarf package create packages/supabase --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture arm64 --flavor upstream --confirm zarf package publish zarf-package-supabase-amd64-${{ steps.get_version.outputs.version-without-v }}.tar.zst oci://ghcr.io/defenseunicorns/packages/leapfrogai zarf package publish zarf-package-supabase-arm64-${{ steps.get_version.outputs.version-without-v }}.tar.zst oci://ghcr.io/defenseunicorns/packages/leapfrogai @@ -102,8 +102,8 @@ jobs: run: | docker buildx build --platform amd64,arm64 --build-arg LOCAL_VERSION=${{ steps.get_version.outputs.version-without-v }} -t ghcr.io/defenseunicorns/leapfrogai/repeater:${{ steps.get_version.outputs.version-without-v }} --push -f packages/repeater/Dockerfile . - zarf package create packages/repeater --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture amd64 --confirm - zarf package create packages/repeater --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture arm64 --confirm + zarf package create packages/repeater --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture amd64 --flavor upstream --confirm + zarf package create packages/repeater --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture arm64 --flavor upstream --confirm zarf package publish zarf-package-repeater-amd64-${{ steps.get_version.outputs.version-without-v }}.tar.zst oci://ghcr.io/defenseunicorns/packages/leapfrogai zarf package publish zarf-package-repeater-arm64-${{ steps.get_version.outputs.version-without-v }}.tar.zst oci://ghcr.io/defenseunicorns/packages/leapfrogai @@ -115,8 +115,8 @@ jobs: run: | docker buildx build --platform amd64,arm64 --build-arg LOCAL_VERSION=${{ steps.get_version.outputs.version-without-v }} -t ghcr.io/defenseunicorns/leapfrogai/llama-cpp-python:${{ steps.get_version.outputs.version-without-v }} --push -f packages/llama-cpp-python/Dockerfile . - zarf package create packages/llama-cpp-python --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture amd64 --confirm - zarf package create packages/llama-cpp-python --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture arm64 --confirm + zarf package create packages/llama-cpp-python --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture amd64 --flavor upstream --confirm + zarf package create packages/llama-cpp-python --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture arm64 --flavor upstream --confirm zarf package publish zarf-package-llama-cpp-python-amd64-${{ steps.get_version.outputs.version-without-v }}.tar.zst oci://ghcr.io/defenseunicorns/packages/leapfrogai zarf package publish zarf-package-llama-cpp-python-arm64-${{ steps.get_version.outputs.version-without-v }}.tar.zst oci://ghcr.io/defenseunicorns/packages/leapfrogai @@ -128,7 +128,7 @@ jobs: run: | docker buildx build --build-arg LOCAL_VERSION=${{ steps.get_version.outputs.version-without-v }} -t ghcr.io/defenseunicorns/leapfrogai/vllm:${{ steps.get_version.outputs.version-without-v }} --push -f packages/vllm/Dockerfile . - zarf package create packages/vllm --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --confirm + zarf package create packages/vllm --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --flavor upstream --confirm zarf package publish zarf-package-vllm-amd64-${{ steps.get_version.outputs.version-without-v }}.tar.zst oci://ghcr.io/defenseunicorns/packages/leapfrogai @@ -139,8 +139,8 @@ jobs: run: | docker buildx build --platform amd64,arm64 --build-arg LOCAL_VERSION=${{ steps.get_version.outputs.version-without-v }} -t ghcr.io/defenseunicorns/leapfrogai/text-embeddings:${{ steps.get_version.outputs.version-without-v }} --push -f packages/text-embeddings/Dockerfile . - zarf package create packages/text-embeddings --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture amd64 --confirm - zarf package create packages/text-embeddings --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture arm64 --confirm + zarf package create packages/text-embeddings --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture amd64 --flavor upstream --confirm + zarf package create packages/text-embeddings --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture arm64 --flavor upstream --confirm zarf package publish zarf-package-text-embeddings-amd64-${{ steps.get_version.outputs.version-without-v }}.tar.zst oci://ghcr.io/defenseunicorns/packages/leapfrogai zarf package publish zarf-package-text-embeddings-arm64-${{ steps.get_version.outputs.version-without-v }}.tar.zst oci://ghcr.io/defenseunicorns/packages/leapfrogai @@ -152,8 +152,8 @@ jobs: run: | docker buildx build --platform amd64,arm64 --build-arg LOCAL_VERSION=${{ steps.get_version.outputs.version-without-v }} -t ghcr.io/defenseunicorns/leapfrogai/whisper:${{ steps.get_version.outputs.version-without-v }} --push -f packages/whisper/Dockerfile . - zarf package create packages/whisper --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture amd64 --confirm - zarf package create packages/whisper --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture arm64 --confirm + zarf package create packages/whisper --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture amd64 --flavor upstream --confirm + zarf package create packages/whisper --set=IMAGE_VERSION=${{ steps.get_version.outputs.version-without-v }} --architecture arm64 --flavor upstream --confirm zarf package publish zarf-package-whisper-amd64-${{ steps.get_version.outputs.version-without-v }}.tar.zst oci://ghcr.io/defenseunicorns/packages/leapfrogai zarf package publish zarf-package-whisper-arm64-${{ steps.get_version.outputs.version-without-v }}.tar.zst oci://ghcr.io/defenseunicorns/packages/leapfrogai diff --git a/Makefile b/Makefile index 4a2ad600d..732abe4e5 100644 --- a/Makefile +++ b/Makefile @@ -60,7 +60,7 @@ build-supabase: local-registry docker-supabase docker push ${DOCKER_FLAGS} localhost:${REG_PORT}/defenseunicorns/leapfrogai/supabase-migrations:${LOCAL_VERSION} ## Build the Zarf package - uds zarf package create packages/supabase -a ${ARCH} -o packages/supabase --registry-override=ghcr.io=localhost:${REG_PORT} --set IMAGE_VERSION=${LOCAL_VERSION} ${ZARF_FLAGS} --confirm + uds zarf package create packages/supabase --flavor ${FLAVOR} -a ${ARCH} -o packages/supabase --registry-override=ghcr.io=localhost:${REG_PORT} --set IMAGE_VERSION=${LOCAL_VERSION} ${ZARF_FLAGS} --confirm docker-api: local-registry sdk-wheel @echo $(DOCKER_FLAGS) @@ -99,7 +99,7 @@ build-ui: local-registry docker-ui ## Build the leapfrogai_ui container and Zarf docker push ${DOCKER_FLAGS} localhost:${REG_PORT}/defenseunicorns/leapfrogai/ui-migrations:${LOCAL_VERSION} ## Build the Zarf package - uds zarf package create packages/ui -a ${ARCH} -o packages/ui --registry-override=ghcr.io=localhost:${REG_PORT} --insecure --set IMAGE_VERSION=${LOCAL_VERSION} ${ZARF_FLAGS} --confirm + uds zarf package create packages/ui --flavor ${FLAVOR} -a ${ARCH} -o packages/ui --registry-override=ghcr.io=localhost:${REG_PORT} --insecure --set IMAGE_VERSION=${LOCAL_VERSION} ${ZARF_FLAGS} --confirm docker-llama-cpp-python: sdk-wheel ## Build the image (and tag it for the local registry) @@ -111,7 +111,7 @@ build-llama-cpp-python: local-registry docker-llama-cpp-python ## Build the llam docker push ${DOCKER_FLAGS} localhost:${REG_PORT}/defenseunicorns/leapfrogai/llama-cpp-python:${LOCAL_VERSION} ## Build the Zarf package - uds zarf package create packages/llama-cpp-python -a ${ARCH} -o packages/llama-cpp-python --registry-override=ghcr.io=localhost:${REG_PORT} --insecure --set IMAGE_VERSION=${LOCAL_VERSION} ${ZARF_FLAGS} --confirm + uds zarf package create packages/llama-cpp-python --flavor ${FLAVOR} -a ${ARCH} -o packages/llama-cpp-python --registry-override=ghcr.io=localhost:${REG_PORT} --insecure --set IMAGE_VERSION=${LOCAL_VERSION} ${ZARF_FLAGS} --confirm docker-vllm: sdk-wheel ## Build the image (and tag it for the local registry) @@ -123,7 +123,7 @@ build-vllm: local-registry docker-vllm ## Build the vllm container and Zarf pack docker push ${DOCKER_FLAGS} localhost:${REG_PORT}/defenseunicorns/leapfrogai/vllm:${LOCAL_VERSION} ## Build the Zarf package - uds zarf package create packages/vllm -a ${ARCH} -o packages/vllm --registry-override=ghcr.io=localhost:${REG_PORT} --insecure --set IMAGE_VERSION=${LOCAL_VERSION} ${ZARF_FLAGS} --confirm + uds zarf package create packages/vllm --flavor ${FLAVOR} -a ${ARCH} -o packages/vllm --registry-override=ghcr.io=localhost:${REG_PORT} --insecure --set IMAGE_VERSION=${LOCAL_VERSION} ${ZARF_FLAGS} --confirm docker-text-embeddings: sdk-wheel ## Build the image (and tag it for the local registry) @@ -135,7 +135,7 @@ build-text-embeddings: local-registry docker-text-embeddings ## Build the text-e docker push ${DOCKER_FLAGS} localhost:${REG_PORT}/defenseunicorns/leapfrogai/text-embeddings:${LOCAL_VERSION} ## Build the Zarf package - uds zarf package create packages/text-embeddings -a ${ARCH} -o packages/text-embeddings --registry-override=ghcr.io=localhost:${REG_PORT} --insecure --set IMAGE_VERSION=${LOCAL_VERSION} ${ZARF_FLAGS} --confirm + uds zarf package create packages/text-embeddings --flavor ${FLAVOR} -a ${ARCH} -o packages/text-embeddings --registry-override=ghcr.io=localhost:${REG_PORT} --insecure --set IMAGE_VERSION=${LOCAL_VERSION} ${ZARF_FLAGS} --confirm docker-whisper: sdk-wheel @@ -148,7 +148,7 @@ build-whisper: local-registry docker-whisper ## Build the whisper container and docker push ${DOCKER_FLAGS} localhost:${REG_PORT}/defenseunicorns/leapfrogai/whisper:${LOCAL_VERSION} ## Build the Zarf package - uds zarf package create packages/whisper -a ${ARCH} -o packages/whisper --registry-override=ghcr.io=localhost:${REG_PORT} --insecure --set IMAGE_VERSION=${LOCAL_VERSION} ${ZARF_FLAGS} --confirm + uds zarf package create packages/whisper --flavor ${FLAVOR} -a ${ARCH} -o packages/whisper --registry-override=ghcr.io=localhost:${REG_PORT} --insecure --set IMAGE_VERSION=${LOCAL_VERSION} ${ZARF_FLAGS} --confirm docker-repeater: sdk-wheel ## Build the image (and tag it for the local registry) @@ -160,7 +160,7 @@ build-repeater: local-registry docker-repeater ## Build the repeater container a docker push ${DOCKER_FLAGS} localhost:${REG_PORT}/defenseunicorns/leapfrogai/repeater:${LOCAL_VERSION} ## Build the Zarf package - uds zarf package create packages/repeater -a ${ARCH} -o packages/repeater --registry-override=ghcr.io=localhost:${REG_PORT} --insecure --set IMAGE_VERSION=${LOCAL_VERSION} ${ZARF_FLAGS} --confirm + uds zarf package create packages/repeater --flavor ${FLAVOR} -a ${ARCH} -o packages/repeater --registry-override=ghcr.io=localhost:${REG_PORT} --insecure --set IMAGE_VERSION=${LOCAL_VERSION} ${ZARF_FLAGS} --confirm build-cpu: build-supabase build-api build-ui build-llama-cpp-python build-text-embeddings build-whisper ## Build all zarf packages for a cpu-enabled deployment of LFAI diff --git a/README.md b/README.md index cfd5bbff6..d8781727b 100644 --- a/README.md +++ b/README.md @@ -121,21 +121,20 @@ Each component has different images and values that refer to a specific image re 1. `upstream`: uses upstream vendor images from open source container registries and repositories 2. 🚧 `registry1`: uses [IronBank hardened images](https://repo1.dso.mil/dsop) from the Repo1 harbor registry -3. 🚧 `unicorn`: uses [Chainguard hardened images](https://www.chainguard.dev/chainguard-images) from the Chainguard registry Below is the current component flavors list: -| Component | `upstream` | `registry1` | `chainguard` | -| ---------------------------------------------- | ------------ | ------------- | -------------- | -| [api](packages/api/) | ✅ | ✅ | 🚧 | -| [ui](packages/ui/) | ✅ | 🚧 | 🚧 | -| [supabase](packages/supabase/) | ✅ | 🚧 | 🚧 | -| [migrations](./Dockerfile.migrations) | ✅ | 🚧 | 🚧 | -| [llama-cpp-python](packages/llama-cpp-python/) | ✅ | 🚧 | 🚧 | -| [whisper](packages/whisper/) | ✅ | 🚧 | 🚧 | -| [text-embeddings](packages/text-embeddings/) | ✅ | 🚧 | 🚧 | -| [vllm](packages/vllm/) | ✅ | 🚧 | 🚧 | -| [vllm](packages/vllm/) | ✅ | 🚧 | 🚧 | +| Component | `upstream` | `registry1` | +| ---------------------------------------------- | ------------ | ------------- | +| [api](packages/api/) | ✅ | ✅ | +| [ui](packages/ui/) | ✅ | 🚧 | +| [supabase](packages/supabase/) | ✅ | 🚧 | +| [migrations](./Dockerfile.migrations) | ✅ | 🚧 | +| [llama-cpp-python](packages/llama-cpp-python/) | ✅ | 🚧 | +| [whisper](packages/whisper/) | ✅ | 🚧 | +| [text-embeddings](packages/text-embeddings/) | ✅ | 🚧 | +| [vllm](packages/vllm/) | ✅ | 🚧 | +| [vllm](packages/vllm/) | ✅ | 🚧 | Flavors with any components labelled as 🚧 are not available as a quick start bundle deployment yet. Please refer to the [DEVELOPMENT.md](./docs/DEVELOPMENT.md) for instructions on how to build a component's Zarf package for local testing. diff --git a/docs/DEVELOPMENT.md b/docs/DEVELOPMENT.md index 1add54e43..a75275760 100644 --- a/docs/DEVELOPMENT.md +++ b/docs/DEVELOPMENT.md @@ -80,7 +80,7 @@ uds zarf package remove leapfrogai-api --confirm uds zarf tools registry prune --confirm # create and deploy the new package -# FLAVOR can be registry1, upstream, or unicorn - see README for availability details +# FLAVOR can be upstream (default) or registry1 - see README for availability details LOCAL_VERSION=dev FLAVOR=upstream REGISTRY_PORT=5000 ARCH=amd64 make build-api LOCAL_VERSION=dev FLAVOR=upstream REGISTRY_PORT=5000 ARCH=amd64 make deploy-api ``` @@ -98,12 +98,15 @@ uds zarf package deploy zarf-package-*.tar.zst --confirm 1. Install all the necessary package creation dependencies: ```bash - python -m pip install "huggingface_hub[cli,hf_transfer]" "transformers[torch]" ctranslate2 + python -m pip install ".[dev]" + python -m pip install ".[dev-whisper]" + python -m pip install ".[dev-vllm]" ``` 2. Build all of the packages you need at once with **ONE** of the following Make targets: ```bash + # FLAVOR can be upstream (default) or registry1 - see README for availability details LOCAL_VERSION=dev FLAVOR=upstream ARCH=amd64 make build-cpu # ui, api, llama-cpp-python, text-embeddings, whisper, supabase # OR LOCAL_VERSION=dev FLAVOR=upstream ARCH=amd64 make build-gpu # ui, api, vllm, text-embeddings, whisper, supabase @@ -116,6 +119,7 @@ uds zarf package deploy zarf-package-*.tar.zst --confirm You can build components individually using the following Make targets: ```bash + # FLAVOR can be upstream (default) or registry1 - see README for availability details LOCAL_VERSION=dev FLAVOR=upstream ARCH=amd64 make build-ui LOCAL_VERSION=dev FLAVOR=upstream ARCH=amd64 make build-api LOCAL_VERSION=dev FLAVOR=upstream ARCH=amd64 make build-supabase @@ -149,13 +153,15 @@ To run the same commands in MacOS, you will need to prepend your command with a To demonstrate what this would look like for an Apple Silicon Mac: -``` shell +```bash +# FLAVOR can be upstream (default) or registry1 - see README for availability details REG_PORT=5001 ARCH=arm64 LOCAL_VERSION=dev FLAVOR=upstream make build-cpu ``` To demonstrate what this would look like for an older Intel Mac: -``` shell +```bash +# FLAVOR can be upstream (default) or registry1 - see README for availability details REG_PORT=5001 ARCH=arm64 LOCAL_VERSION=dev FLAVOR=upstream make build-cpu ``` diff --git a/packages/llama-cpp-python/zarf.yaml b/packages/llama-cpp-python/zarf.yaml index 054f09130..0f24d1529 100644 --- a/packages/llama-cpp-python/zarf.yaml +++ b/packages/llama-cpp-python/zarf.yaml @@ -27,6 +27,8 @@ variables: components: - name: llama-cpp-python-model required: true + only: + flavor: upstream charts: - name: llama-cpp-python-model namespace: leapfrogai diff --git a/packages/repeater/zarf.yaml b/packages/repeater/zarf.yaml index 19fb7b665..e69f0604b 100644 --- a/packages/repeater/zarf.yaml +++ b/packages/repeater/zarf.yaml @@ -12,6 +12,8 @@ constants: components: - name: repeater required: true + only: + flavor: upstream charts: - name: repeater namespace: leapfrogai diff --git a/packages/supabase/zarf.yaml b/packages/supabase/zarf.yaml index 094219fcd..6b8e3796c 100644 --- a/packages/supabase/zarf.yaml +++ b/packages/supabase/zarf.yaml @@ -56,6 +56,8 @@ variables: components: - name: supabase required: true + only: + flavor: upstream charts: # This exists because the jwt token job fails to run in the main helm chart at the proper time due to its reliance on `helm.sh/hook: post-install`. # This annotation causes it to run at the end of the Supabase Zarf component. @@ -99,6 +101,8 @@ components: - name: supabase-post-process description: "Perform necessary post processing here" required: true + only: + flavor: upstream actions: onDeploy: before: @@ -120,6 +124,8 @@ components: - name: supabase-migrations description: "Migrations that operate on a database configuration level that require higher elevated permissions (ie adding extensions)" required: true + only: + flavor: upstream charts: - name: supabase-migrations namespace: leapfrogai diff --git a/packages/text-embeddings/zarf.yaml b/packages/text-embeddings/zarf.yaml index bff729139..37e9ce115 100644 --- a/packages/text-embeddings/zarf.yaml +++ b/packages/text-embeddings/zarf.yaml @@ -35,6 +35,8 @@ variables: components: - name: text-embeddings-model required: true + only: + flavor: upstream charts: - name: text-embeddings-model namespace: leapfrogai diff --git a/packages/ui/zarf.yaml b/packages/ui/zarf.yaml index c85d5bfa8..448e10587 100644 --- a/packages/ui/zarf.yaml +++ b/packages/ui/zarf.yaml @@ -62,6 +62,8 @@ variables: components: - name: leapfrogai-ui required: true + only: + flavor: upstream charts: - name: leapfrogai-ui namespace: leapfrogai diff --git a/packages/vllm/zarf.yaml b/packages/vllm/zarf.yaml index c48f9914f..8e7dca6cd 100644 --- a/packages/vllm/zarf.yaml +++ b/packages/vllm/zarf.yaml @@ -26,6 +26,8 @@ variables: components: - name: vllm-model required: true + only: + flavor: upstream charts: - name: vllm-model namespace: leapfrogai diff --git a/packages/whisper/zarf.yaml b/packages/whisper/zarf.yaml index e34e8f458..f3fc4215b 100644 --- a/packages/whisper/zarf.yaml +++ b/packages/whisper/zarf.yaml @@ -36,6 +36,8 @@ variables: components: - name: whisper-model required: true + only: + flavor: upstream charts: - name: whisper-model namespace: leapfrogai diff --git a/website/content/en/docs/local-deploy-guide/components.md b/website/content/en/docs/local-deploy-guide/components.md index e4e96c0da..f062994f0 100644 --- a/website/content/en/docs/local-deploy-guide/components.md +++ b/website/content/en/docs/local-deploy-guide/components.md @@ -27,21 +27,20 @@ Each component has different images and values that refer to a specific image re 1. `upstream`: uses upstream vendor images from open source container registries and repositories 2. 🚧 `registry1`: uses [IronBank hardened images](https://repo1.dso.mil/dsop) from the Repo1 harbor registry -3. 🚧 `unicorn`: uses [Chainguard hardened images](https://www.chainguard.dev/chainguard-images) from the Chainguard registry Below is the current component flavors list: -| Component | `upstream` | `registry1` | `chainguard` | -| ---------------------------------------------- | ------------ | ------------- | -------------- | -| [api](packages/api/) | ✅ | ✅ | 🚧 | -| [ui](packages/ui/) | ✅ | 🚧 | 🚧 | -| [supabase](packages/supabase/) | ✅ | 🚧 | 🚧 | -| [migrations](./Dockerfile.migrations) | ✅ | 🚧 | 🚧 | -| [llama-cpp-python](packages/llama-cpp-python/) | ✅ | 🚧 | 🚧 | -| [whisper](packages/whisper/) | ✅ | 🚧 | 🚧 | -| [text-embeddings](packages/text-embeddings/) | ✅ | 🚧 | 🚧 | -| [vllm](packages/vllm/) | ✅ | 🚧 | 🚧 | -| [vllm](packages/vllm/) | ✅ | 🚧 | 🚧 | +| Component | `upstream` | `registry1` | +| ---------------------------------------------- | ------------ | ------------- | +| [api](packages/api/) | ✅ | ✅ | +| [ui](packages/ui/) | ✅ | 🚧 | +| [supabase](packages/supabase/) | ✅ | 🚧 | +| [migrations](./Dockerfile.migrations) | ✅ | 🚧 | +| [llama-cpp-python](packages/llama-cpp-python/) | ✅ | 🚧 | +| [whisper](packages/whisper/) | ✅ | 🚧 | +| [text-embeddings](packages/text-embeddings/) | ✅ | 🚧 | +| [vllm](packages/vllm/) | ✅ | 🚧 | +| [vllm](packages/vllm/) | ✅ | 🚧 | Flavors with any components labelled as 🚧 are not available as a quick start bundle deployment yet. Please refer to the [DEVELOPMENT.md](https://github.com/defenseunicorns/leapfrogai/blob/main/docs/DEVELOPMENT.md) for instructions on how to build a component's Zarf package for local testing. From 8a41f4645d9675d61c6dc74ff0cbbabecbde1d03 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 3 Sep 2024 16:20:25 -0400 Subject: [PATCH 39/39] move zarf vars out of chart/values.yaml --- .../api/chart/templates/api/deployment.yaml | 8 ++++---- packages/api/chart/templates/api/service.yaml | 4 ++-- packages/api/chart/templates/uds-package.yaml | 2 +- packages/api/chart/values.yaml | 19 +++++++++++++------ packages/api/values/registry1-values.yaml | 4 ++++ packages/api/values/upstream-values.yaml | 4 ++++ 6 files changed, 28 insertions(+), 13 deletions(-) diff --git a/packages/api/chart/templates/api/deployment.yaml b/packages/api/chart/templates/api/deployment.yaml index 95b5a9a36..64e7dbccf 100644 --- a/packages/api/chart/templates/api/deployment.yaml +++ b/packages/api/chart/templates/api/deployment.yaml @@ -53,7 +53,7 @@ spec: - name: DEFAULT_EMBEDDINGS_MODEL value: "{{ .Values.api.env.defaultEmbeddingsModel }}" - name: PORT - value: "{{ .Values.api.env.port }}" + value: "{{ .Values.api.port }}" - name: SUPABASE_URL value: "{{ .Values.supabase.env.url }}" - name: SUPABASE_ANON_KEY @@ -63,17 +63,17 @@ spec: key: anon-key optional: true ports: - - containerPort: {{ .Values.api.env.port }} + - containerPort: {{ .Values.api.port }} livenessProbe: httpGet: path: /healthz - port: {{ .Values.api.env.port }} + port: {{ .Values.api.port }} initialDelaySeconds: 10 periodSeconds: 10 readinessProbe: httpGet: path: /healthz - port: {{ .Values.api.env.port }} + port: {{ .Values.api.port }} initialDelaySeconds: 10 periodSeconds: 10 securityContext: diff --git a/packages/api/chart/templates/api/service.yaml b/packages/api/chart/templates/api/service.yaml index 8dc6e2fac..33ea860f6 100644 --- a/packages/api/chart/templates/api/service.yaml +++ b/packages/api/chart/templates/api/service.yaml @@ -15,6 +15,6 @@ spec: ports: - name: http protocol: TCP - port: {{ .Values.api.env.port }} - targetPort: {{ .Values.api.env.port }} + port: {{ .Values.api.port }} + targetPort: {{ .Values.api.port }} type: ClusterIP diff --git a/packages/api/chart/templates/uds-package.yaml b/packages/api/chart/templates/uds-package.yaml index 21e2bc69e..e10dccc89 100644 --- a/packages/api/chart/templates/uds-package.yaml +++ b/packages/api/chart/templates/uds-package.yaml @@ -14,7 +14,7 @@ spec: {{- include "chart.selectorLabels" . | nindent 10 }} host: {{ include "chart.fullname" . }} gateway: tenant - port: {{ .Values.api.env.port }} + port: {{ .Values.api.port }} allow: - direction: Ingress diff --git a/packages/api/chart/values.yaml b/packages/api/chart/values.yaml index 60ec41317..8e1e5ac20 100644 --- a/packages/api/chart/values.yaml +++ b/packages/api/chart/values.yaml @@ -9,18 +9,23 @@ api: tag: 0.11.0 # x-release-please-end imagePullPolicy: Always + replicas: 1 + securityContext: runAsUser: 65532 runAsGroup: 65532 runAsNonRoot: true capabilities: drop: - - ALL + - ALL + + port: 8080 + env: - port: 8080 - exposeAPI: "###ZARF_VAR_EXPOSE_API###" - defaultEmbeddingsModel: "###ZARF_VAR_DEFAULT_EMBEDDINGS_MODEL###" + exposeAPI: "true" + defaultEmbeddingsModel: "text-embeddings" + serviceAccount: name: leapfrogai-api create: true @@ -38,7 +43,8 @@ api: runAsNonRoot: true capabilities: drop: - - ALL + - ALL + env: serviceName: "supabase-postgresql" servicePort: 5432 @@ -52,10 +58,11 @@ kiwigrid: repository: kiwigrid/k8s-sidecar tag: 1.23.3 imagePullPolicy: Always + securityContext: runAsUser: 65532 runAsGroup: 65532 runAsNonRoot: true capabilities: drop: - - ALL + - ALL diff --git a/packages/api/values/registry1-values.yaml b/packages/api/values/registry1-values.yaml index 56d7e6e4e..70e3bcad2 100644 --- a/packages/api/values/registry1-values.yaml +++ b/packages/api/values/registry1-values.yaml @@ -5,6 +5,10 @@ api: tag: v0.11.0 # x-release-please-end + env: + exposeAPI: "###ZARF_VAR_EXPOSE_API###" + defaultEmbeddingsModel: "###ZARF_VAR_DEFAULT_EMBEDDINGS_MODEL###" + migration: image: # TODO: replace with Ironbank image once hardened: registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api/migrations diff --git a/packages/api/values/upstream-values.yaml b/packages/api/values/upstream-values.yaml index 844e51c26..655d18b4f 100644 --- a/packages/api/values/upstream-values.yaml +++ b/packages/api/values/upstream-values.yaml @@ -3,6 +3,10 @@ api: repository: ghcr.io/defenseunicorns/leapfrogai/leapfrogai-api tag: ###ZARF_CONST_IMAGE_VERSION### + env: + exposeAPI: "###ZARF_VAR_EXPOSE_API###" + defaultEmbeddingsModel: "###ZARF_VAR_DEFAULT_EMBEDDINGS_MODEL###" + migration: image: repository: ghcr.io/defenseunicorns/leapfrogai/api-migrations