From cf51ea57a1ffd44aebbd56e78273bb948cc2ca2b Mon Sep 17 00:00:00 2001 From: Justin Law Date: Fri, 16 Aug 2024 14:58:29 -0400 Subject: [PATCH 01/36] initial registry1 api integration --- .github/actions/lfai-core/action.yaml | 2 +- Makefile | 8 +- packages/api/Dockerfile | 9 +- packages/api/chart/Chart.yaml | 8 +- packages/api/chart/templates/_helpers.tpl | 63 +++++++++++++ .../api/chart/templates/api/deployment.yaml | 89 ++++++++++--------- .../api/chart/templates/api/permissions.yaml | 22 ++--- packages/api/chart/templates/api/service.yaml | 12 +-- .../api/chart/templates/migration-job.yaml | 37 ++++---- packages/api/chart/templates/uds-package.yaml | 8 +- packages/api/chart/values.yaml | 71 ++++++++++----- packages/api/common/zarf.yaml | 28 ++++++ packages/api/config.example.yaml | 6 -- packages/api/lfai-values.yaml | 6 -- packages/api/values/registry1-values.yaml | 19 ++++ packages/api/values/upstream-values.yaml | 14 +++ packages/api/zarf.yaml | 58 ++++++------ packages/ui/zarf.yaml | 2 +- 18 files changed, 311 insertions(+), 151 deletions(-) create mode 100644 packages/api/chart/templates/_helpers.tpl create mode 100644 packages/api/common/zarf.yaml delete mode 100644 packages/api/config.example.yaml delete mode 100644 packages/api/lfai-values.yaml create mode 100644 packages/api/values/registry1-values.yaml create mode 100644 packages/api/values/upstream-values.yaml diff --git a/.github/actions/lfai-core/action.yaml b/.github/actions/lfai-core/action.yaml index 40807f8c38..29221c0aab 100644 --- a/.github/actions/lfai-core/action.yaml +++ b/.github/actions/lfai-core/action.yaml @@ -22,7 +22,7 @@ runs: - name: Deploy LFAI-API shell: bash run: | - make build-api LOCAL_VERSION=e2e-test + make build-api LOCAL_VERSION=e2e-test FLAVOR=upstream docker image prune -af uds zarf package deploy packages/api/zarf-package-leapfrogai-api-amd64-e2e-test.tar.zst --confirm rm packages/api/zarf-package-leapfrogai-api-amd64-e2e-test.tar.zst diff --git a/Makefile b/Makefile index bf5442755e..7f02b06f22 100644 --- a/Makefile +++ b/Makefile @@ -4,6 +4,7 @@ REG_NAME ?= registry LOCAL_VERSION ?= $(shell git rev-parse --short HEAD) DOCKER_FLAGS := ZARF_FLAGS := +FLAVOR := upstream SILENT_DOCKER_FLAGS := --quiet SILENT_ZARF_FLAGS := --no-progress -l warn --no-color MAX_JOBS := 4 @@ -64,21 +65,24 @@ build-supabase: local-registry docker-supabase docker-api: local-registry sdk-wheel @echo $(DOCKER_FLAGS) @echo $(ZARF_FLAGS) +ifeq ($(FLAVOR),upstream) ## Build the API image (and tag it for the local registry) docker build ${DOCKER_FLAGS} --platform=linux/${ARCH} --build-arg LOCAL_VERSION=${LOCAL_VERSION} -t ghcr.io/defenseunicorns/leapfrogai/leapfrogai-api:${LOCAL_VERSION} -f packages/api/Dockerfile . docker tag ghcr.io/defenseunicorns/leapfrogai/leapfrogai-api:${LOCAL_VERSION} localhost:${REG_PORT}/defenseunicorns/leapfrogai/leapfrogai-api:${LOCAL_VERSION} - +endif ## Build the migration container for this version of the API docker build ${DOCKER_FLAGS} --platform=linux/${ARCH} -t ghcr.io/defenseunicorns/leapfrogai/api-migrations:${LOCAL_VERSION} -f Dockerfile.migrations --build-arg="MIGRATIONS_DIR=packages/api/supabase/migrations" . docker tag ghcr.io/defenseunicorns/leapfrogai/api-migrations:${LOCAL_VERSION} localhost:${REG_PORT}/defenseunicorns/leapfrogai/api-migrations:${LOCAL_VERSION} build-api: local-registry docker-api ## Build the leapfrogai_api container and Zarf package +ifeq ($(FLAVOR),upstream) ## Push the images to the local registry (Zarf is super slow if the image is only in the local daemon) docker push ${DOCKER_FLAGS} localhost:${REG_PORT}/defenseunicorns/leapfrogai/leapfrogai-api:${LOCAL_VERSION} +endif docker push ${DOCKER_FLAGS} localhost:${REG_PORT}/defenseunicorns/leapfrogai/api-migrations:${LOCAL_VERSION} ## Build the Zarf package - uds zarf package create packages/api -a ${ARCH} -o packages/api --registry-override=ghcr.io=localhost:${REG_PORT} --insecure --set LEAPFROGAI_IMAGE_VERSION=${LOCAL_VERSION} ${ZARF_FLAGS} --confirm + uds zarf package create packages/api --flavor ${FLAVOR} -a ${ARCH} -o packages/api --registry-override=ghcr.io=localhost:${REG_PORT} --insecure --set IMAGE_VERSION=${LOCAL_VERSION} ${ZARF_FLAGS} --confirm docker-ui: ## Build the UI image (and tag it for the local registry) diff --git a/packages/api/Dockerfile b/packages/api/Dockerfile index 4bd36c4adc..de2256e9a4 100644 --- a/packages/api/Dockerfile +++ b/packages/api/Dockerfile @@ -2,8 +2,11 @@ ARG LOCAL_VERSION FROM ghcr.io/defenseunicorns/leapfrogai/leapfrogai-sdk:${LOCAL_VERSION} AS sdk FROM ghcr.io/defenseunicorns/leapfrogai/python:3.11-dev AS builder + ARG SDK_DEST=src/leapfrogai_sdk/build + USER root + WORKDIR /leapfrogai # copy the api dependencies over @@ -13,9 +16,9 @@ COPY src/leapfrogai_api src/leapfrogai_api RUN python -m venv .venv ENV PATH="/leapfrogai/.venv/bin:$PATH" -RUN rm -f packages/api/build/*.whl -RUN python -m pip wheel src/leapfrogai_api -w packages/api/build --find-links=${SDK_DEST} -RUN pip install packages/api/build/leapfrogai_api*.whl --no-index --find-links=packages/api/build/ +RUN rm -f packages/api/build/*.whl && \ + python -m pip wheel src/leapfrogai_api -w packages/api/build --find-links=${SDK_DEST} && \ + pip install packages/api/build/leapfrogai_api*.whl --no-index --find-links=packages/api/build/ FROM ghcr.io/defenseunicorns/leapfrogai/python:3.11 ENV PATH="/leapfrogai/.venv/bin:$PATH" diff --git a/packages/api/chart/Chart.yaml b/packages/api/chart/Chart.yaml index 744281aff8..6d3ad6b847 100644 --- a/packages/api/chart/Chart.yaml +++ b/packages/api/chart/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 -name: leapfrogai -description: A deployment of AI tools +name: leapfrogai-api +description: "A Python API that shadows the OpenAI API specification" # A chart can be either an 'application' or a 'library' chart. # @@ -23,4 +23,6 @@ version: 0.10.0 # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "1.16.0" +# x-release-please-start-version +appVersion: 0.10.0 +# x-release-please-end diff --git a/packages/api/chart/templates/_helpers.tpl b/packages/api/chart/templates/_helpers.tpl new file mode 100644 index 0000000000..f16219e252 --- /dev/null +++ b/packages/api/chart/templates/_helpers.tpl @@ -0,0 +1,63 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "chart.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "chart.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "chart.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "chart.labels" -}} +helm.sh/chart: {{ include "chart.chart" . }} +{{ include "chart.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} +app: {{ include "chart.fullname" . }} + +{{/* +Selector labels +*/}} +{{- define "chart.selectorLabels" -}} +app.kubernetes.io/name: {{ include "chart.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "chart.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "chart.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/packages/api/chart/templates/api/deployment.yaml b/packages/api/chart/templates/api/deployment.yaml index 8ed6a176cc..bca68efc03 100644 --- a/packages/api/chart/templates/api/deployment.yaml +++ b/packages/api/chart/templates/api/deployment.yaml @@ -1,10 +1,10 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: api-deployment + name: {{ include "chart.fullname" . }} namespace: {{ .Release.Namespace }} spec: - replicas: {{ .Values.api.replcias }} + replicas: {{ .Values.api.replicas }} strategy: rollingUpdate: maxUnavailable: 0 @@ -18,64 +18,67 @@ spec: app: api spec: serviceAccountName: read-configmaps + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} containers: - name: sidecar - image: kiwigrid/k8s-sidecar:{{ .Values.image.kiwigridTag }} + image: "{{ .Values.kiwigrid.image.repository }}:{{ .Values.kiwigrid.image.tag }}" + imagePullPolicy: {{ .Values.kiwigrid.image.imagePullPolicy }} volumeMounts: - - name: api-model - mountPath: /config/ + - name: api-model + mountPath: /config/ env: - - name: LABEL - value: "leapfrogai" - - name: FOLDER - value: /config/ - - name: RESOURCE - value: both - - name: UNIQUE_FILENAMES - value: "true" - - name: NAMESPACE - value: leapfrogai + - name: LABEL + value: "leapfrogai" + - name: FOLDER + value: /config/ + - name: RESOURCE + value: both + - name: UNIQUE_FILENAMES + value: "true" + - name: NAMESPACE + value: leapfrogai + securityContext: + {{- toYaml .Values.kiwigrid.securityContext | nindent 12 }} - name: api-container - image: ghcr.io/defenseunicorns/leapfrogai/leapfrogai-api:{{ .Values.image.lfaiAPITag }} - imagePullPolicy: Always + image: "{{ .Values.api.image.repository }}:{{ .Values.api.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.api.image.imagePullPolicy }} env: - - name: LFAI_CONFIG_PATH - value: /config/ - - name: LFAI_CONFIG_FILENAME - value: "*.toml" - - name: DEFAULT_EMBEDDINGS_MODEL - value: "{{ .Values.api.defaultEmbeddingsModel }}" - - name: PORT - value: "{{ .Values.api.port }}" - - name: SUPABASE_URL - value: "{{ .Values.supabase.url }}" - - name: SUPABASE_ANON_KEY - valueFrom: - secretKeyRef: - name: supabase-bootstrap-jwt - key: anon-key - optional: true + - name: LFAI_CONFIG_PATH + value: /config/ + - name: LFAI_CONFIG_FILENAME + value: "*.toml" + - name: DEFAULT_EMBEDDINGS_MODEL + value: "{{ .Values.api.env.defaultEmbeddingsModel }}" + - name: PORT + value: "{{ .Values.api.env.port }}" + - name: SUPABASE_URL + value: "{{ .Values.supabase.env.url }}" + - name: SUPABASE_ANON_KEY + valueFrom: + secretKeyRef: + name: supabase-bootstrap-jwt + key: anon-key + optional: true ports: - - containerPort: 8080 + - containerPort: {{ .Values.api.env.port }} livenessProbe: httpGet: path: /healthz - port: 8080 + port: {{ .Values.api.env.port }} initialDelaySeconds: 10 periodSeconds: 10 readinessProbe: httpGet: path: /healthz - port: 8080 + port: {{ .Values.api.env.port }} initialDelaySeconds: 10 periodSeconds: 10 securityContext: - runAsUser: 65532 - runAsGroup: 65532 - fsGroup: 65532 + {{- toYaml .Values.api.securityContext | nindent 12 }} volumeMounts: - - name: api-model - mountPath: /config + - name: api-model + mountPath: /config volumes: - - name: api-model - emptyDir: {} + - name: api-model + emptyDir: {} diff --git a/packages/api/chart/templates/api/permissions.yaml b/packages/api/chart/templates/api/permissions.yaml index 21790f415b..78645d484b 100644 --- a/packages/api/chart/templates/api/permissions.yaml +++ b/packages/api/chart/templates/api/permissions.yaml @@ -10,15 +10,15 @@ metadata: name: read-configmaps namespace: {{ .Release.Namespace }} rules: -- apiGroups: - - "" - resources: - - configmaps - - secrets - verbs: - - get - - list - - watch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding @@ -30,5 +30,5 @@ roleRef: kind: Role name: read-configmaps subjects: -- kind: ServiceAccount - name: read-configmaps + - kind: ServiceAccount + name: read-configmaps diff --git a/packages/api/chart/templates/api/service.yaml b/packages/api/chart/templates/api/service.yaml index 6244f5723a..8f46ac6b94 100644 --- a/packages/api/chart/templates/api/service.yaml +++ b/packages/api/chart/templates/api/service.yaml @@ -1,19 +1,19 @@ apiVersion: v1 kind: Service metadata: - name: api + name: {{ include "chart.fullname" . }} namespace: {{ .Release.Namespace }} annotations: - zarf.dev/connect-description: "Load the OpenAPI spec for the LFAI API" + zarf.dev/connect-description: "Load the OpenAPI specification for the LeapfrogAI API" zarf.dev/connect-url: "/docs" labels: - zarf.dev/connect-name: lfai-api + zarf.dev/connect-name: {{ include "chart.fullname" . }} spec: selector: - app: api + app: {{ include "chart.fullname" . }} ports: - name: http protocol: TCP - port: 8080 - targetPort: 8080 + port: {{ .Values.api.env.port }} + targetPort: {{ .Values.api.env.port }} type: ClusterIP diff --git a/packages/api/chart/templates/migration-job.yaml b/packages/api/chart/templates/migration-job.yaml index 64543b0c70..d28a6cfd2b 100644 --- a/packages/api/chart/templates/migration-job.yaml +++ b/packages/api/chart/templates/migration-job.yaml @@ -1,36 +1,37 @@ apiVersion: batch/v1 kind: Job metadata: - name: api-migrations-{{ .Values.image.lfaiAPITag }} + name: api-migrations + namespace: {{ .Release.Namespace }} spec: template: spec: + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} containers: - - name: supabase-cli - image: "ghcr.io/defenseunicorns/leapfrogai/api-migrations:{{ .Values.image.lfaiAPITag }}" - env: + - name: supabase-cli + image: "{{ .Values.api.migration.image.repository }}:{{ .Values.api.migration.image.tag | default .Chart.AppVersion }}" + env: - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: name: supabase-postgresql key: postgres-password - name: MIGRATION_NAMESPACE - value: "{{ .Values.api.migration.namespace }}" + value: "{{ .Release.Namespace }}" - name: MIGRATION_SERVICE_NAME - value: "{{ .Values.api.migration.serviceName }}" + value: "{{ .Values.api.migration.env.serviceName }}" - name: MIGRATION_SERVICE_PORT - value: "{{ .Values.api.migration.servicePort }}" + value: "{{ .Values.api.migration.env.servicePort }}" - # NOTE: This command is assuming the default username. - command: ["/bin/sh"] - args: - - -c - - >- - supabase migration fetch --db-url="postgresql://postgres:$POSTGRES_PASSWORD@$MIGRATION_SERVICE_NAME.$MIGRATION_NAMESPACE.svc.cluster.local:$MIGRATION_SERVICE_PORT/postgres" --debug || true && - supabase db push --db-url="postgresql://postgres:$POSTGRES_PASSWORD@$MIGRATION_SERVICE_NAME.$MIGRATION_NAMESPACE.svc.cluster.local:$MIGRATION_SERVICE_PORT/postgres" --include-all --debug - securityContext: - runAsUser: {{ .Values.image.securityContext.runAsUser }} - runAsGroup: {{ .Values.image.securityContext.runAsGroup }} - fsGroup: {{ .Values.image.securityContext.fsGroup }} + # NOTE: This command is assuming the default username. + command: ["/bin/sh"] + args: + - -c + - >- + supabase migration fetch --db-url="postgresql://postgres:$POSTGRES_PASSWORD@$MIGRATION_SERVICE_NAME.$MIGRATION_NAMESPACE.svc.cluster.local:$MIGRATION_SERVICE_PORT/postgres" --debug || true && + supabase db push --db-url="postgresql://postgres:$POSTGRES_PASSWORD@$MIGRATION_SERVICE_NAME.$MIGRATION_NAMESPACE.svc.cluster.local:$MIGRATION_SERVICE_PORT/postgres" --include-all --debug + securityContext: + {{- toYaml .Values.api.migration.securityContext | nindent 12 }} restartPolicy: Never backoffLimit: 4 diff --git a/packages/api/chart/templates/uds-package.yaml b/packages/api/chart/templates/uds-package.yaml index 188fafe905..f8ee536544 100644 --- a/packages/api/chart/templates/uds-package.yaml +++ b/packages/api/chart/templates/uds-package.yaml @@ -1,8 +1,8 @@ -{{- if .Values.api.exposeAPI }} +{{- if .Values.api.env.exposeAPI }} apiVersion: uds.dev/v1alpha1 kind: Package metadata: - name: leapfrogai-api + name: {{ include "chart.fullname" . }} namespace: {{ .Release.Namespace }} spec: network: @@ -10,9 +10,9 @@ spec: - service: api podLabels: app: api - host: {{ .Values.package.host }} + host: {{ include "chart.fullname" . }} gateway: tenant - port: 8080 + port: {{ .Values.api.env.port }} allow: - direction: Ingress diff --git a/packages/api/chart/values.yaml b/packages/api/chart/values.yaml index d96db89fd4..13fe754049 100644 --- a/packages/api/chart/values.yaml +++ b/packages/api/chart/values.yaml @@ -1,27 +1,58 @@ -image: - # x-release-please-start-version - lfaiAPITag: 0.10.0 - # x-release-please-end - kiwigridTag: 1.23.3 +podSecurityContext: + runAsNonRoot: true + fsGroup: 65532 +api: + image: + repository: ghcr.io/defenseunicorns/leapfrogai/leapfrogai-api + # x-release-please-start-version + tag: 0.10.0 + # x-release-please-end + imagePullPolicy: Always + replicas: 1 securityContext: runAsUser: 65532 runAsGroup: 65532 - fsGroup: 65532 - -supabase: - url: "http://supabase-kong.leapfrogai.svc.cluster.local:80" - -api: - replicas: 1 - port: 8080 - exposeAPI: true - defaultEmbeddingsModel: "###ZARF_VAR_DEFAULT_EMBEDDINGS_MODEL###" + runAsNonRoot: true + capabilities: + drop: + - ALL + env: + port: 8080 + exposeAPI: "###ZARF_VAR_EXPOSE_API###" + defaultEmbeddingsModel: "###ZARF_VAR_DEFAULT_EMBEDDINGS_MODEL###" migration: - namespace: "leapfrogai" - serviceName: "supabase-postgresql" - servicePort: "5432" + image: + repository: ghcr.io/defenseunicorns/leapfrogai/api-migrations + # x-release-please-start-version + tag: 0.10.0 + # x-release-please-end + imagePullPolicy: Always + securityContext: + runAsUser: 65532 + runAsGroup: 65532 + runAsNonRoot: true + capabilities: + drop: + - ALL + env: + serviceName: "supabase-postgresql" + servicePort: 5432 + +supabase: + env: + url: "http://supabase-kong.leapfrogai.svc.cluster.local:80" -package: - host: leapfrogai-api +kiwigrid: + image: + repository: kiwigrid/k8s-sidecar + tag: 1.23.3 + imagePullPolicy: Always + securityContext: + runAsUser: 65532 + runAsGroup: 65532 + runAsNonRoot: true + capabilities: + drop: + - ALL diff --git a/packages/api/common/zarf.yaml b/packages/api/common/zarf.yaml new file mode 100644 index 0000000000..898dca4d5f --- /dev/null +++ b/packages/api/common/zarf.yaml @@ -0,0 +1,28 @@ +# yaml-language-server: $schema=https://raw.githubusercontent.com/zarf-dev/zarf/main/zarf.schema.json + +kind: ZarfPackageConfig +metadata: + description: "LeapfrogAI API common" + name: leapfrogai-api-common + version: "###ZARF_PKG_TMPL_IMAGE_VERSION###" + +components: + - name: leapfrogai-api + description: "The LeapfrogAI Python API that shadows the OpenAI API specification" + required: true + charts: + - name: leapfrogai-api + namespace: leapfrogai + localPath: ../chart + # x-release-please-start-version + version: 0.10.0 + # x-release-please-end + actions: + onDeploy: + after: + - wait: + cluster: + kind: Job + name: api-migrations + namespace: leapfrogai + condition: complete diff --git a/packages/api/config.example.yaml b/packages/api/config.example.yaml deleted file mode 100644 index 07d9242d0f..0000000000 --- a/packages/api/config.example.yaml +++ /dev/null @@ -1,6 +0,0 @@ -# This is an example configuration file for the API service -# If deploying onto kubernetes, the helm chart will automatically generate the configuration based on config-maps in the cluster -# The code that reads this file exists in `src/leapfrogai_api/utils/config.py` -models: -- name: vllm - backend: localhost:50051 \ No newline at end of file diff --git a/packages/api/lfai-values.yaml b/packages/api/lfai-values.yaml deleted file mode 100644 index 9a7ce1bfa5..0000000000 --- a/packages/api/lfai-values.yaml +++ /dev/null @@ -1,6 +0,0 @@ -image: - lfaiAPITag: ###ZARF_CONST_LEAPFROGAI_API_VERSION### - kiwigridTag: ###ZARF_CONST_KIWIGRID_VERSION### - -api: - exposeAPI: ###ZARF_VAR_EXPOSE_API### diff --git a/packages/api/values/registry1-values.yaml b/packages/api/values/registry1-values.yaml new file mode 100644 index 0000000000..72d6a77b1a --- /dev/null +++ b/packages/api/values/registry1-values.yaml @@ -0,0 +1,19 @@ +api: + image: + repository: registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api + # x-release-please-start-version + tag: v0.10.0 + # x-release-please-end + + migration: + image: + # TODO: replace with Ironbank image once hardened: registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api/migrations + repository: ghcr.io/defenseunicorns/leapfrogai/api-migrations + # x-release-please-start-version + tag: ###ZARF_CONST_IMAGE_VERSION### + # x-release-please-end + +kiwigrid: + image: + repository: registry1.dso.mil/ironbank/kiwigrid/k8s-sidecar + tag: 1.23.3 diff --git a/packages/api/values/upstream-values.yaml b/packages/api/values/upstream-values.yaml new file mode 100644 index 0000000000..844e51c262 --- /dev/null +++ b/packages/api/values/upstream-values.yaml @@ -0,0 +1,14 @@ +api: + image: + repository: ghcr.io/defenseunicorns/leapfrogai/leapfrogai-api + tag: ###ZARF_CONST_IMAGE_VERSION### + + migration: + image: + repository: ghcr.io/defenseunicorns/leapfrogai/api-migrations + tag: ###ZARF_CONST_IMAGE_VERSION### + +kiwigrid: + image: + repository: kiwigrid/k8s-sidecar + tag: 1.23.3 diff --git a/packages/api/zarf.yaml b/packages/api/zarf.yaml index e7bb8e76f8..12e908c0fd 100644 --- a/packages/api/zarf.yaml +++ b/packages/api/zarf.yaml @@ -2,16 +2,13 @@ kind: ZarfPackageConfig metadata: - description: "LeapfrogAI" + description: "LeapfrogAI API" name: leapfrogai-api - version: "###ZARF_PKG_TMPL_LEAPFROGAI_IMAGE_VERSION###" + version: "###ZARF_PKG_TMPL_IMAGE_VERSION###" constants: - - name: LEAPFROGAI_API_VERSION - value: "###ZARF_PKG_TMPL_LEAPFROGAI_IMAGE_VERSION###" - - - name: KIWIGRID_VERSION - value: "1.23.3" + - name: IMAGE_VERSION + value: "###ZARF_PKG_TMPL_IMAGE_VERSION###" variables: - name: EXPOSE_API @@ -21,27 +18,34 @@ variables: default: "text-embeddings" components: - - name: leapfrogai + - name: leapfrogai-api + description: "A Python API that shadows the OpenAI API specification" + only: + flavor: upstream required: true + import: + path: common charts: - - name: leapfrogai - namespace: leapfrogai - localPath: chart - # x-release-please-start-version - version: 0.10.0 - # x-release-please-end - valuesFiles: - - "lfai-values.yaml" + - name: leapfrogai-api + valuesFiles: + - "values/upstream-values.yaml" images: - - "ghcr.io/defenseunicorns/leapfrogai/leapfrogai-api:###ZARF_PKG_TMPL_LEAPFROGAI_IMAGE_VERSION###" - - "ghcr.io/defenseunicorns/leapfrogai/api-migrations:###ZARF_PKG_TMPL_LEAPFROGAI_IMAGE_VERSION###" + - "ghcr.io/defenseunicorns/leapfrogai/leapfrogai-api:###ZARF_PKG_TMPL_IMAGE_VERSION###" + - "ghcr.io/defenseunicorns/leapfrogai/api-migrations:###ZARF_PKG_TMPL_IMAGE_VERSION###" - "kiwigrid/k8s-sidecar:1.23.3" - actions: - onDeploy: - after: - - wait: - cluster: - kind: Job - name: api-migrations-###ZARF_PKG_TMPL_LEAPFROGAI_IMAGE_VERSION### - namespace: leapfrogai - condition: complete + + - name: leapfrogai-api + only: + flavor: registry1 + required: true + import: + path: common + charts: + - name: leapfrogai-api + valuesFiles: + - "values/registry1-values.yaml" + images: + - "registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api:v0.10.0" + # TODO: replace with Ironbank image once hardened: registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api/migrations + - "ghcr.io/defenseunicorns/leapfrogai/api-migrations:###ZARF_PKG_TMPL_IMAGE_VERSION###" + - "registry1.dso.mil/ironbank/kiwigrid/k8s-sidecar:1.23.3" diff --git a/packages/ui/zarf.yaml b/packages/ui/zarf.yaml index 83a233f1fc..88464647cd 100644 --- a/packages/ui/zarf.yaml +++ b/packages/ui/zarf.yaml @@ -12,7 +12,7 @@ constants: variables: - name: LEAPFROGAI_API_BASE_URL #LEAPFROGAI_API_BASE_URL description: The base URL for the LeapfrogAI API - default: http://api.leapfrogai.svc.cluster.local:8080 + default: http://leapfrogai-api.leapfrogai.svc.cluster.local:8080 prompt: true sensitive: true - name: OPENAI_API_KEY From 548a4e0fd8053bfa7815535f3bf059ae45550be8 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Fri, 16 Aug 2024 15:46:27 -0400 Subject: [PATCH 02/36] fixes to service names --- packages/api/chart/templates/api/deployment.yaml | 4 ++-- packages/api/chart/templates/uds-package.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/packages/api/chart/templates/api/deployment.yaml b/packages/api/chart/templates/api/deployment.yaml index bca68efc03..a3c7a1f5bb 100644 --- a/packages/api/chart/templates/api/deployment.yaml +++ b/packages/api/chart/templates/api/deployment.yaml @@ -11,11 +11,11 @@ spec: type: RollingUpdate selector: matchLabels: - app: api + app: {{ include "chart.fullname" . }} template: metadata: labels: - app: api + app: {{ include "chart.fullname" . }} spec: serviceAccountName: read-configmaps securityContext: diff --git a/packages/api/chart/templates/uds-package.yaml b/packages/api/chart/templates/uds-package.yaml index f8ee536544..adcddc569e 100644 --- a/packages/api/chart/templates/uds-package.yaml +++ b/packages/api/chart/templates/uds-package.yaml @@ -7,9 +7,9 @@ metadata: spec: network: expose: - - service: api + - service: {{ include "chart.fullname" . }} podLabels: - app: api + app: {{ include "chart.fullname" . }} host: {{ include "chart.fullname" . }} gateway: tenant port: {{ .Values.api.env.port }} From 3d80ed035805ad17f6572988e0f45ca9714f1bf0 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Fri, 16 Aug 2024 15:53:19 -0400 Subject: [PATCH 03/36] helper template functions --- packages/api/chart/templates/api/deployment.yaml | 8 +++++--- .../api/chart/templates/api/permissions.yaml | 16 +++++++++++----- packages/api/chart/templates/api/service.yaml | 3 ++- packages/api/chart/templates/migration-job.yaml | 9 ++++++--- packages/api/chart/templates/namespace.yaml | 4 +++- packages/api/chart/templates/uds-package.yaml | 6 ++++-- 6 files changed, 31 insertions(+), 15 deletions(-) diff --git a/packages/api/chart/templates/api/deployment.yaml b/packages/api/chart/templates/api/deployment.yaml index a3c7a1f5bb..95b5a9a368 100644 --- a/packages/api/chart/templates/api/deployment.yaml +++ b/packages/api/chart/templates/api/deployment.yaml @@ -3,6 +3,8 @@ kind: Deployment metadata: name: {{ include "chart.fullname" . }} namespace: {{ .Release.Namespace }} + labels: + {{- include "chart.labels" . | nindent 4 }} spec: replicas: {{ .Values.api.replicas }} strategy: @@ -11,13 +13,13 @@ spec: type: RollingUpdate selector: matchLabels: - app: {{ include "chart.fullname" . }} + {{- include "chart.selectorLabels" . | nindent 6 }} template: metadata: labels: - app: {{ include "chart.fullname" . }} + {{- include "chart.selectorLabels" . | nindent 8 }} spec: - serviceAccountName: read-configmaps + serviceAccountName: {{ include "chart.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} containers: diff --git a/packages/api/chart/templates/api/permissions.yaml b/packages/api/chart/templates/api/permissions.yaml index 78645d484b..3ca06df4b2 100644 --- a/packages/api/chart/templates/api/permissions.yaml +++ b/packages/api/chart/templates/api/permissions.yaml @@ -1,14 +1,18 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: read-configmaps + name: {{ include "chart.serviceAccountName" . }} namespace: {{ .Release.Namespace }} + labels: + {{- include "chart.labels" . | nindent 4 }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: read-configmaps + name: {{ include "chart.fullname" . }}-read-configmaps namespace: {{ .Release.Namespace }} + labels: + {{- include "chart.labels" . | nindent 4 }} rules: - apiGroups: - "" @@ -23,12 +27,14 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: read-configmaps + name: {{ include "chart.fullname" . }}-read-configmaps namespace: {{ .Release.Namespace }} + labels: + {{- include "chart.labels" . | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: read-configmaps + name: {{ include "chart.fullname" . }}-read-configmaps subjects: - kind: ServiceAccount - name: read-configmaps + name: {{ include "chart.serviceAccountName" . }} diff --git a/packages/api/chart/templates/api/service.yaml b/packages/api/chart/templates/api/service.yaml index 8f46ac6b94..8dc6e2fac1 100644 --- a/packages/api/chart/templates/api/service.yaml +++ b/packages/api/chart/templates/api/service.yaml @@ -7,10 +7,11 @@ metadata: zarf.dev/connect-description: "Load the OpenAPI specification for the LeapfrogAI API" zarf.dev/connect-url: "/docs" labels: + {{- include "chart.labels" . | nindent 4 }} zarf.dev/connect-name: {{ include "chart.fullname" . }} spec: selector: - app: {{ include "chart.fullname" . }} + {{- include "chart.selectorLabels" . | nindent 4 }} ports: - name: http protocol: TCP diff --git a/packages/api/chart/templates/migration-job.yaml b/packages/api/chart/templates/migration-job.yaml index d28a6cfd2b..c2242f7ec8 100644 --- a/packages/api/chart/templates/migration-job.yaml +++ b/packages/api/chart/templates/migration-job.yaml @@ -1,10 +1,15 @@ apiVersion: batch/v1 kind: Job metadata: - name: api-migrations + name: {{ include "chart.fullname" . }}-migrations namespace: {{ .Release.Namespace }} + labels: + {{- include "chart.labels" . | nindent 4 }} spec: template: + metadata: + labels: + {{- include "chart.selectorLabels" . | nindent 8 }} spec: securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} @@ -23,8 +28,6 @@ spec: value: "{{ .Values.api.migration.env.serviceName }}" - name: MIGRATION_SERVICE_PORT value: "{{ .Values.api.migration.env.servicePort }}" - - # NOTE: This command is assuming the default username. command: ["/bin/sh"] args: - -c diff --git a/packages/api/chart/templates/namespace.yaml b/packages/api/chart/templates/namespace.yaml index 0172d64054..8044650e6e 100644 --- a/packages/api/chart/templates/namespace.yaml +++ b/packages/api/chart/templates/namespace.yaml @@ -1,4 +1,6 @@ apiVersion: v1 kind: Namespace metadata: - name: leapfrogai + name: {{ .Release.Namespace | default "leapfrogai" }} + labels: + {{- include "chart.labels" . | nindent 4 }} diff --git a/packages/api/chart/templates/uds-package.yaml b/packages/api/chart/templates/uds-package.yaml index adcddc569e..21e2bc69e7 100644 --- a/packages/api/chart/templates/uds-package.yaml +++ b/packages/api/chart/templates/uds-package.yaml @@ -4,12 +4,14 @@ kind: Package metadata: name: {{ include "chart.fullname" . }} namespace: {{ .Release.Namespace }} + labels: + {{- include "chart.labels" . | nindent 4 }} spec: network: expose: - service: {{ include "chart.fullname" . }} podLabels: - app: {{ include "chart.fullname" . }} + {{- include "chart.selectorLabels" . | nindent 10 }} host: {{ include "chart.fullname" . }} gateway: tenant port: {{ .Values.api.env.port }} @@ -23,6 +25,6 @@ spec: - direction: Egress podLabels: - app: api + {{- include "chart.selectorLabels" . | nindent 10 }} remoteGenerated: Anywhere {{- end }} From ed30584bcb3cc4d25e3b9d5e0a188cbb43dc5ca4 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Fri, 16 Aug 2024 16:12:02 -0400 Subject: [PATCH 04/36] missing serviceAccount vars --- packages/api/chart/templates/_helpers.tpl | 6 +++--- packages/api/chart/values.yaml | 3 +++ 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/packages/api/chart/templates/_helpers.tpl b/packages/api/chart/templates/_helpers.tpl index f16219e252..d400861417 100644 --- a/packages/api/chart/templates/_helpers.tpl +++ b/packages/api/chart/templates/_helpers.tpl @@ -55,9 +55,9 @@ app.kubernetes.io/instance: {{ .Release.Name }} Create the name of the service account to use */}} {{- define "chart.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "chart.fullname" .) .Values.serviceAccount.name }} +{{- if .Values.api.serviceAccount.create }} +{{- default (include "chart.fullname" .) .Values.api.serviceAccount.name }} {{- else }} -{{- default "default" .Values.serviceAccount.name }} +{{- default "default" .Values.api.serviceAccount.name }} {{- end }} {{- end }} diff --git a/packages/api/chart/values.yaml b/packages/api/chart/values.yaml index 34569d5bd9..60ec41317d 100644 --- a/packages/api/chart/values.yaml +++ b/packages/api/chart/values.yaml @@ -21,6 +21,9 @@ api: port: 8080 exposeAPI: "###ZARF_VAR_EXPOSE_API###" defaultEmbeddingsModel: "###ZARF_VAR_DEFAULT_EMBEDDINGS_MODEL###" + serviceAccount: + name: leapfrogai-api + create: true migration: image: From 045b8621bdde79abeaeb0ff01d79729ed1d6e0ef Mon Sep 17 00:00:00 2001 From: Justin Law Date: Fri, 16 Aug 2024 17:02:39 -0400 Subject: [PATCH 05/36] fix zarf wait-for --- packages/api/chart/templates/migration-job.yaml | 2 +- packages/api/common/zarf.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/api/chart/templates/migration-job.yaml b/packages/api/chart/templates/migration-job.yaml index c2242f7ec8..6b511d7f50 100644 --- a/packages/api/chart/templates/migration-job.yaml +++ b/packages/api/chart/templates/migration-job.yaml @@ -1,7 +1,7 @@ apiVersion: batch/v1 kind: Job metadata: - name: {{ include "chart.fullname" . }}-migrations + name: {{ include "chart.fullname" . }}-migrations-{{ .Values.api.migration.image.tag | default .Chart.AppVersion }} namespace: {{ .Release.Namespace }} labels: {{- include "chart.labels" . | nindent 4 }} diff --git a/packages/api/common/zarf.yaml b/packages/api/common/zarf.yaml index fbbb004647..d83a14619f 100644 --- a/packages/api/common/zarf.yaml +++ b/packages/api/common/zarf.yaml @@ -23,6 +23,6 @@ components: - wait: cluster: kind: Job - name: api-migrations + name: leapfrogai-api-migrations-###ZARF_PKG_TMPL_IMAGE_VERSION### namespace: leapfrogai condition: complete From 058f8811d88ca28f86335e4f74e6f59b854076c5 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 12:06:38 -0400 Subject: [PATCH 06/36] update docs for flavors, typos --- README.md | 24 +++++++++++++++- docs/DEVELOPMENT.md | 28 +++++++++---------- packages/api/README.md | 2 +- .../en/docs/local-deploy-guide/components.md | 4 +-- 4 files changed, 40 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index e60eb4af32..2263e32eb8 100644 --- a/README.md +++ b/README.md @@ -42,7 +42,7 @@ Large Language Models (LLMs) are a powerful resource for AI-driven decision maki 2 minute demo of features of LeapfrogAI -LeapfrogAI, built on top of [Unicorn Delivery Service (UDS)](https://github.com/defenseunicorns/uds-core), which includes several features including: +LeapfrogAI is built on top of [Unicorn Delivery Service (UDS) Kubernetes runtime](https://github.com/defenseunicorns/uds-core), which includes several features: - **Single Sign-On** - **Non-proprietary API Compatible with OpenAI's API** @@ -114,6 +114,28 @@ LeapfrogAI provides several backends for a variety of use cases. Below is the ba The [repeater](packages/repeater/) "model" is a basic "backend" that parrots all inputs it receives back to the user. It is built out the same way all the actual backends are and it is primarily used for testing the API. +### Flavors + +Each component has different images and values that refer to a specific image registry and/or hardening source. These images are packaged using [Zarf Flavors](https://docs.zarf.dev/ref/examples/package-flavors/): + +1. `upstream`: uses upstream vendor images from open source container registries and repositories +2. 🚧 `registry1`: uses [IronBank hardened images](https://repo1.dso.mil/dsop) from the Repo1 harbor registry +3. 🚧 `unicorn`: uses [Chainguard hardened images](https://www.chainguard.dev/chainguard-images) from the Chainguard registry + +Below is the current component flavors list: + +| Component | `upstream` | `registry1` | `chainguard` | +| ---------------------------------------------- | ------------ | ------------- | -------------- | +| [api](packages/api/) | ✅ | ✅ | 🚧 | +| [ui](packages/ui/) | ✅ | 🚧 | 🚧 | +| [supabase](packages/supabase/) | ✅ | 🚧 | 🚧 | +| [migrations](./Dockerfile.migrations) | ✅ | 🚧 | 🚧 | +| [llama-cpp-python](packages/llama-cpp-python/) | ✅ | 🚧 | 🚧 | +| [whisper](packages/whisper/) | ✅ | 🚧 | 🚧 | +| [text-embeddings](packages/text-embeddings/) | ✅ | 🚧 | 🚧 | +| [vllm](packages/vllm/) | ✅ | 🚧 | 🚧 | +| [vllm](packages/vllm/) | ✅ | 🚧 | 🚧 | + ## Usage To build a LeapfrogAI UDS bundle and deploy it, please refer to the [LeapfrogAI Documentation Website](https://docs.leapfrog.ai/docs/). In the documentation website, you'll find system requirements and instructions for all things LeapfrogAI that aren't associated to local development and contributing. diff --git a/docs/DEVELOPMENT.md b/docs/DEVELOPMENT.md index 06fdd82557..2993c37a1e 100644 --- a/docs/DEVELOPMENT.md +++ b/docs/DEVELOPMENT.md @@ -80,8 +80,8 @@ uds zarf package remove leapfrogai-api --confirm uds zarf tools registry prune --confirm # create and deploy the new package -LOCAL_VERSION=dev REGISTRY_PORT=5000 ARCH=amd64 make build-api -LOCAL_VERSION=dev REGISTRY_PORT=5000 ARCH=amd64 make deploy-api +LOCAL_VERSION=dev FLAVOR=upstream REGISTRY_PORT=5000 ARCH=amd64 make build-api +LOCAL_VERSION=dev FLAVOR=upstream REGISTRY_PORT=5000 ARCH=amd64 make deploy-api ``` For example, this is how you pull and deploy a LATEST version of a package: @@ -103,11 +103,11 @@ uds zarf package deploy zarf-package-*.tar.zst --confirm 2. Build all of the packages you need at once with **ONE** of the following Make targets: ```bash - LOCAL_VERSION=dev ARCH=amd64 make build-cpu # ui, api, llama-cpp-python, text-embeddings, whisper, supabase + LOCAL_VERSION=dev FLAVOR=upstream ARCH=amd64 make build-cpu # ui, api, llama-cpp-python, text-embeddings, whisper, supabase # OR - LOCAL_VERSION=dev ARCH=amd64 make build-gpu # ui, api, vllm, text-embeddings, whisper, supabase + LOCAL_VERSION=dev FLAVOR=upstream ARCH=amd64 make build-gpu # ui, api, vllm, text-embeddings, whisper, supabase # OR - LOCAL_VERSION=dev ARCH=amd64 make build-all # all of the components + LOCAL_VERSION=dev FLAVOR=upstream ARCH=amd64 make build-all # all of the components ``` **OR** @@ -115,13 +115,13 @@ uds zarf package deploy zarf-package-*.tar.zst --confirm You can build components individually using the following Make targets: ```bash - LOCAL_VERSION=dev ARCH=amd64 make build-ui - LOCAL_VERSION=dev ARCH=amd64 make build-api - LOCAL_VERSION=dev ARCH=amd64 make build-supabase - LOCAL_VERSION=dev ARCH=amd64 make build-vllm # if you have NVIDIA GPUs (AMR64 not supported) - LOCAL_VERSION=dev ARCH=amd64 make build-llama-cpp-python # if you have CPU only - LOCAL_VERSION=dev ARCH=amd64 make build-text-embeddings - LOCAL_VERSION=dev ARCH=amd64 make build-whisper + LOCAL_VERSION=dev FLAVOR=upstream ARCH=amd64 make build-ui + LOCAL_VERSION=dev FLAVOR=upstream ARCH=amd64 make build-api + LOCAL_VERSION=dev FLAVOR=upstream ARCH=amd64 make build-supabase + LOCAL_VERSION=dev FLAVOR=upstream ARCH=amd64 make build-vllm # if you have NVIDIA GPUs (AMR64 not supported) + LOCAL_VERSION=dev FLAVOR=upstream ARCH=amd64 make build-llama-cpp-python # if you have CPU only + LOCAL_VERSION=dev FLAVOR=upstream ARCH=amd64 make build-text-embeddings + LOCAL_VERSION=dev FLAVOR=upstream ARCH=amd64 make build-whisper ``` 3. Create the UDS bundle, modifying the `uds-config.yaml` as required: @@ -149,13 +149,13 @@ To run the same commands in MacOS, you will need to prepend your command with a To demonstrate what this would look like for an Apple Silicon Mac: ``` shell -REG_PORT=5001 ARCH=arm64 LOCAL_VERSION=dev make build-cpu +REG_PORT=5001 ARCH=arm64 LOCAL_VERSION=dev FLAVOR=upstream make build-cpu ``` To demonstrate what this would look like for an older Intel Mac: ``` shell -REG_PORT=5001 ARCH=arm64 LOCAL_VERSION=dev make build-cpu +REG_PORT=5001 ARCH=arm64 LOCAL_VERSION=dev FLAVOR=upstream make build-cpu ``` ## Access diff --git a/packages/api/README.md b/packages/api/README.md index 3d451decb1..aa2b34690a 100644 --- a/packages/api/README.md +++ b/packages/api/README.md @@ -23,7 +23,7 @@ To build and deploy the API Zarf package into an existing [UDS Kubernetes cluste > Execute the following commands from the root of the LeapfrogAI repository ```bash -make build-api LOCAL_VERSION=dev +make build-api LOCAL_VERSION=dev FLAVOR=upstream uds zarf package deploy packages/api/zarf-package-leapfrogai-api-*-dev.tar.zst --confirm ``` diff --git a/website/content/en/docs/local-deploy-guide/components.md b/website/content/en/docs/local-deploy-guide/components.md index 7bf1b65501..bb252c97ea 100644 --- a/website/content/en/docs/local-deploy-guide/components.md +++ b/website/content/en/docs/local-deploy-guide/components.md @@ -31,11 +31,11 @@ Each component has different images and values that refer to a specific image re ### Artifact Support -LeapfrogAI contains built-in embeddings for RAG and transcription / translation solutions that can handle many different file types. Many of these capabilities are accessible via the LeapfrogAI API. The support artifact types are as follows: +LeapfrogAI contains built-in embeddings for RAG and transcription / translation solutions that can handle many different file types. Many of these capabilities are accessible via the LeapfrogAI API. The supported artifact types are as follows: #### Transcription / Translation -- All formats supported by `ffmpeg -formats`, e.g., `.mp3`, `.wav`, `.mp4`, etc. +- All formats supported by `ffmpeg` as listed using `ffmpeg -formats`, e.g., `.mp3`, `.wav`, `.mp4`, etc. #### Embeddings for RAG From eaedb5fed62a434c31f79c0edbec979e4d807cd4 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 16:22:35 -0400 Subject: [PATCH 07/36] update release name, add weekly test --- .github/workflows/e2e-registry1-nightly.yaml | 88 ++++++++++++++++++++ packages/api/chart/Chart.yaml | 2 +- packages/api/common/zarf.yaml | 2 +- packages/api/zarf.yaml | 4 +- 4 files changed, 92 insertions(+), 4 deletions(-) create mode 100644 .github/workflows/e2e-registry1-nightly.yaml diff --git a/.github/workflows/e2e-registry1-nightly.yaml b/.github/workflows/e2e-registry1-nightly.yaml new file mode 100644 index 0000000000..c2f6ee047c --- /dev/null +++ b/.github/workflows/e2e-registry1-nightly.yaml @@ -0,0 +1,88 @@ +name: e2e-registry1-nightly + +on: + schedule: + - cron: "0 0 * * 6" # Run every Sunday at 12 AM EST + workflow_dispatch: # trigger manually as needed + +concurrency: + group: e2e-e2e-registry1-nightly-${{ github.ref }} + cancel-in-progress: true + +jobs: + test-flavor: + runs-on: "uds-ubuntu-big-boy-8-core" + name: Test LeapfrogAI Flavor + + permissions: + contents: read + packages: write + id-token: write # This is needed for OIDC federation. + + steps: + - name: Checkout Repo + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + + - name: Setup Python + uses: ./.github/actions/python + + - name: Setup UDS Cluster + uses: ./.github/actions/uds-cluster + with: + registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} + registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + + - name: Setup LFAI-API and Supabase + uses: ./.github/actions/lfai-core + + - name: Set Flavor and Version + run: | + uds zarf tools yq -i '.metadata.version = "registry1"' \ + uds-bundles/latest/cpu/uds-bundle.yaml + + uds zarf tools yq -i '.packages[1].repository = "registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api"' \ + uds-bundles/latest/cpu/uds-bundle.yaml + + - name: Create Bundle + run: | + cd uds-bundles/latest/cpu + uds create . --confirm + + - name: Deploy Bundle + run: | + uds deploy uds-bundle-leapfrogai-amd64-registry1.tar.zst + rm -rf uds-bundle-leapfrogai-amd64-registry1.tar.zst + cd ../../../ + + - name: Install UI/Playwright Dependencies + run: | + npm --prefix src/leapfrogai_ui ci + npx --prefix src/leapfrogai_ui playwright install + + - name: Setup Python + uses: ./.github/actions/python + + - name: Test llama-cpp-python + run: | + python -m pytest ./tests/e2e/test_llama.py -v + + - name: Test text-embeddings + run: | + python -m pytest ./tests/e2e/test_text_embeddings.py -v + + - name: Test whisper + run: | + python -m pytest ./tests/e2e/test_whisper.py -v + + - name: Test UI + run: | + cp src/leapfrogai_ui/.env.example src/leapfrogai_ui/.env + TEST_ENV=CI PUBLIC_DISABLE_KEYCLOAK=true PUBLIC_SUPABASE_ANON_KEY=$ANON_KEY npm --prefix src/leapfrogai_ui run test:integration:ci + + - name: Archive Playwright Report + uses: actions/upload-artifact@v4 + if: ${{ !cancelled() }} + with: + name: playwright-report + path: src/leapfrogai_ui/e2e-report/ + retention-days: 30 diff --git a/packages/api/chart/Chart.yaml b/packages/api/chart/Chart.yaml index 17ed015f06..fda0acd45a 100644 --- a/packages/api/chart/Chart.yaml +++ b/packages/api/chart/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -name: leapfrogai-api +name: api description: "A Python API that shadows the OpenAI API specification" # A chart can be either an 'application' or a 'library' chart. diff --git a/packages/api/common/zarf.yaml b/packages/api/common/zarf.yaml index d83a14619f..a4709c24a6 100644 --- a/packages/api/common/zarf.yaml +++ b/packages/api/common/zarf.yaml @@ -11,7 +11,7 @@ components: description: "The LeapfrogAI Python API that shadows the OpenAI API specification" required: true charts: - - name: leapfrogai-api + - name: leapfrogai namespace: leapfrogai localPath: ../chart # x-release-please-start-version diff --git a/packages/api/zarf.yaml b/packages/api/zarf.yaml index 12e908c0fd..2c8cc43cf2 100644 --- a/packages/api/zarf.yaml +++ b/packages/api/zarf.yaml @@ -26,7 +26,7 @@ components: import: path: common charts: - - name: leapfrogai-api + - name: leapfrogai valuesFiles: - "values/upstream-values.yaml" images: @@ -41,7 +41,7 @@ components: import: path: common charts: - - name: leapfrogai-api + - name: leapfrogai valuesFiles: - "values/registry1-values.yaml" images: From 32081c85ca87ebc8589eb09bf5b4db73c4c58da8 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 16:29:47 -0400 Subject: [PATCH 08/36] weekly test name and triggers --- ...istry1-nightly.yaml => e2e-registry1-weekly.yaml} | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) rename .github/workflows/{e2e-registry1-nightly.yaml => e2e-registry1-weekly.yaml} (88%) diff --git a/.github/workflows/e2e-registry1-nightly.yaml b/.github/workflows/e2e-registry1-weekly.yaml similarity index 88% rename from .github/workflows/e2e-registry1-nightly.yaml rename to .github/workflows/e2e-registry1-weekly.yaml index c2f6ee047c..d4264235a2 100644 --- a/.github/workflows/e2e-registry1-nightly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -1,9 +1,19 @@ -name: e2e-registry1-nightly +name: e2e-registry1-weekly on: schedule: - cron: "0 0 * * 6" # Run every Sunday at 12 AM EST workflow_dispatch: # trigger manually as needed + pull_request: + types: + - opened # default trigger + - reopened # default trigger + - synchronize # default trigger + - ready_for_review # don't run on draft PRs + - milestoned # allows us to trigger on bot PRs + paths: + - .github/workflows/e2e-registry1-weekly.yaml + - uds-bundles/latest/** concurrency: group: e2e-e2e-registry1-nightly-${{ github.ref }} From d8f3a149db13c204b8f64cad801c1df03d524faf Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 16:38:37 -0400 Subject: [PATCH 09/36] more triggers --- .github/workflows/e2e-registry1-weekly.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index d4264235a2..dd022d1330 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -16,7 +16,7 @@ on: - uds-bundles/latest/** concurrency: - group: e2e-e2e-registry1-nightly-${{ github.ref }} + group: e2e-registry1-weekly-${{ github.ref }} cancel-in-progress: true jobs: From bb31b7ae23addd05f744a4b7948f3aedb93175f0 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 17:16:48 -0400 Subject: [PATCH 10/36] correct runner --- .github/workflows/e2e-registry1-weekly.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index dd022d1330..52716a37f5 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -21,7 +21,7 @@ concurrency: jobs: test-flavor: - runs-on: "uds-ubuntu-big-boy-8-core" + runs-on: ai-ubuntu-big-boy-8-core name: Test LeapfrogAI Flavor permissions: From f47907a061fafc45c6d5c5f53a3b8edb2bc67bac Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 17:19:51 -0400 Subject: [PATCH 11/36] remove extra python setup step --- .github/workflows/e2e-registry1-weekly.yaml | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index 52716a37f5..809094d258 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -64,14 +64,6 @@ jobs: rm -rf uds-bundle-leapfrogai-amd64-registry1.tar.zst cd ../../../ - - name: Install UI/Playwright Dependencies - run: | - npm --prefix src/leapfrogai_ui ci - npx --prefix src/leapfrogai_ui playwright install - - - name: Setup Python - uses: ./.github/actions/python - - name: Test llama-cpp-python run: | python -m pytest ./tests/e2e/test_llama.py -v @@ -84,6 +76,11 @@ jobs: run: | python -m pytest ./tests/e2e/test_whisper.py -v + - name: Install UI/Playwright Dependencies + run: | + npm --prefix src/leapfrogai_ui ci + npx --prefix src/leapfrogai_ui playwright install + - name: Test UI run: | cp src/leapfrogai_ui/.env.example src/leapfrogai_ui/.env From 1835070e946804d2fc4c10d083307d6fb807bcb8 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 17:41:18 -0400 Subject: [PATCH 12/36] fix UDS CLI version --- .github/actions/uds-cluster/action.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/uds-cluster/action.yaml b/.github/actions/uds-cluster/action.yaml index 19b23c61ef..875205dfbd 100644 --- a/.github/actions/uds-cluster/action.yaml +++ b/.github/actions/uds-cluster/action.yaml @@ -11,7 +11,7 @@ runs: using: composite steps: - name: Setup UDS Environment - uses: defenseunicorns/uds-common/.github/actions/setup@05f42bb3117b66ebef8c72ae050b34bce19385f5 + uses: defenseunicorns/uds-common/.github/actions/setup@822dac4452e6815aadcf09f487406ff258756a0c with: username: ${{ inputs.registry1Username }} password: ${{ inputs.registry1Password }} @@ -19,4 +19,4 @@ runs: - name: Create UDS Cluster shell: bash run: | - make create-uds-cpu-cluster \ No newline at end of file + make create-uds-cpu-cluster From e67c320cf3c6c3b02525b1e39bf76d71fccf24ef Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 17:51:18 -0400 Subject: [PATCH 13/36] fix UDS CLI version, pt.2 --- .github/actions/uds-cluster/action.yaml | 8 +++++--- .github/workflows/e2e-llama-cpp-python.yaml | 3 --- .github/workflows/e2e-playwright.yaml | 3 --- .github/workflows/e2e-registry1-weekly.yaml | 3 --- .github/workflows/e2e-text-embeddings.yaml | 3 --- .github/workflows/e2e-whisper.yaml | 3 --- 6 files changed, 5 insertions(+), 18 deletions(-) diff --git a/.github/actions/uds-cluster/action.yaml b/.github/actions/uds-cluster/action.yaml index 875205dfbd..4a7b25b872 100644 --- a/.github/actions/uds-cluster/action.yaml +++ b/.github/actions/uds-cluster/action.yaml @@ -11,10 +11,12 @@ runs: using: composite steps: - name: Setup UDS Environment - uses: defenseunicorns/uds-common/.github/actions/setup@822dac4452e6815aadcf09f487406ff258756a0c + uses: defenseunicorns/uds-common/.github/actions/setup@822dac4452e6815aadcf09f487406ff258756a0c # v0.14.0 with: - username: ${{ inputs.registry1Username }} - password: ${{ inputs.registry1Password }} + registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} + registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + udsCliVersion: 0.14.0 + ghToken: ${{ secrets.GITHUB_TOKEN }} - name: Create UDS Cluster shell: bash diff --git a/.github/workflows/e2e-llama-cpp-python.yaml b/.github/workflows/e2e-llama-cpp-python.yaml index 66cd16bfb4..b9f3767448 100644 --- a/.github/workflows/e2e-llama-cpp-python.yaml +++ b/.github/workflows/e2e-llama-cpp-python.yaml @@ -65,9 +65,6 @@ jobs: - name: Setup UDS Cluster uses: ./.github/actions/uds-cluster - with: - registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} - registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} - name: Setup LFAI-API and Supabase uses: ./.github/actions/lfai-core diff --git a/.github/workflows/e2e-playwright.yaml b/.github/workflows/e2e-playwright.yaml index 0eea84eb0a..3ce993de56 100644 --- a/.github/workflows/e2e-playwright.yaml +++ b/.github/workflows/e2e-playwright.yaml @@ -74,9 +74,6 @@ jobs: - name: Setup UDS Cluster uses: ./.github/actions/uds-cluster - with: - registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} - registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} - name: Setup LFAI-API and Supabase uses: ./.github/actions/lfai-core diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index 809094d258..879ea09124 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -38,9 +38,6 @@ jobs: - name: Setup UDS Cluster uses: ./.github/actions/uds-cluster - with: - registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} - registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} - name: Setup LFAI-API and Supabase uses: ./.github/actions/lfai-core diff --git a/.github/workflows/e2e-text-embeddings.yaml b/.github/workflows/e2e-text-embeddings.yaml index eba01378d4..d297b7feb4 100644 --- a/.github/workflows/e2e-text-embeddings.yaml +++ b/.github/workflows/e2e-text-embeddings.yaml @@ -67,9 +67,6 @@ jobs: - name: Setup UDS Cluster uses: ./.github/actions/uds-cluster - with: - registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} - registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} - name: Setup LFAI-API and Supabase uses: ./.github/actions/lfai-core diff --git a/.github/workflows/e2e-whisper.yaml b/.github/workflows/e2e-whisper.yaml index 7c3908aa57..1aca21a2da 100644 --- a/.github/workflows/e2e-whisper.yaml +++ b/.github/workflows/e2e-whisper.yaml @@ -67,9 +67,6 @@ jobs: - name: Setup UDS Cluster uses: ./.github/actions/uds-cluster - with: - registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} - registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} - name: Setup LFAI-API and Supabase uses: ./.github/actions/lfai-core From ce960a64424350cbfc48defb08ec41d284f4c0a5 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 17:57:24 -0400 Subject: [PATCH 14/36] fix UDS CLI version, pt.3 --- .github/actions/uds-cluster/action.yaml | 8 +++++--- .github/workflows/e2e-llama-cpp-python.yaml | 4 ++++ .github/workflows/e2e-playwright.yaml | 4 ++++ .github/workflows/e2e-registry1-weekly.yaml | 4 ++++ .github/workflows/e2e-text-embeddings.yaml | 4 ++++ .github/workflows/e2e-vllm.yaml | 5 +++-- .github/workflows/e2e-whisper.yaml | 4 ++++ 7 files changed, 28 insertions(+), 5 deletions(-) diff --git a/.github/actions/uds-cluster/action.yaml b/.github/actions/uds-cluster/action.yaml index 4a7b25b872..2683b9910b 100644 --- a/.github/actions/uds-cluster/action.yaml +++ b/.github/actions/uds-cluster/action.yaml @@ -6,6 +6,8 @@ inputs: description: Registry1 Username registry1Password: description: Registry1 Password + ghToken: + description: GitHub Token runs: using: composite @@ -13,10 +15,10 @@ runs: - name: Setup UDS Environment uses: defenseunicorns/uds-common/.github/actions/setup@822dac4452e6815aadcf09f487406ff258756a0c # v0.14.0 with: - registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} - registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + registry1Username: ${{ inputs.IRON_BANK_ROBOT_USERNAME }} + registry1Password: ${{ inputs.IRON_BANK_ROBOT_PASSWORD }} + ghToken: ${{ inputs.ghToken }} udsCliVersion: 0.14.0 - ghToken: ${{ secrets.GITHUB_TOKEN }} - name: Create UDS Cluster shell: bash diff --git a/.github/workflows/e2e-llama-cpp-python.yaml b/.github/workflows/e2e-llama-cpp-python.yaml index b9f3767448..5c67685965 100644 --- a/.github/workflows/e2e-llama-cpp-python.yaml +++ b/.github/workflows/e2e-llama-cpp-python.yaml @@ -65,6 +65,10 @@ jobs: - name: Setup UDS Cluster uses: ./.github/actions/uds-cluster + with: + registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} + registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + ghToken: ${{ secrets.GITHUB_TOKEN }} - name: Setup LFAI-API and Supabase uses: ./.github/actions/lfai-core diff --git a/.github/workflows/e2e-playwright.yaml b/.github/workflows/e2e-playwright.yaml index 3ce993de56..4d48bfd256 100644 --- a/.github/workflows/e2e-playwright.yaml +++ b/.github/workflows/e2e-playwright.yaml @@ -74,6 +74,10 @@ jobs: - name: Setup UDS Cluster uses: ./.github/actions/uds-cluster + with: + registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} + registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + ghToken: ${{ secrets.GITHUB_TOKEN }} - name: Setup LFAI-API and Supabase uses: ./.github/actions/lfai-core diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index 879ea09124..e5e59f64fd 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -38,6 +38,10 @@ jobs: - name: Setup UDS Cluster uses: ./.github/actions/uds-cluster + with: + registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} + registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + ghToken: ${{ secrets.GITHUB_TOKEN }} - name: Setup LFAI-API and Supabase uses: ./.github/actions/lfai-core diff --git a/.github/workflows/e2e-text-embeddings.yaml b/.github/workflows/e2e-text-embeddings.yaml index d297b7feb4..20f7eb97a1 100644 --- a/.github/workflows/e2e-text-embeddings.yaml +++ b/.github/workflows/e2e-text-embeddings.yaml @@ -67,6 +67,10 @@ jobs: - name: Setup UDS Cluster uses: ./.github/actions/uds-cluster + with: + registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} + registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + ghToken: ${{ secrets.GITHUB_TOKEN }} - name: Setup LFAI-API and Supabase uses: ./.github/actions/lfai-core diff --git a/.github/workflows/e2e-vllm.yaml b/.github/workflows/e2e-vllm.yaml index cedfab53e9..5931ef3593 100644 --- a/.github/workflows/e2e-vllm.yaml +++ b/.github/workflows/e2e-vllm.yaml @@ -70,8 +70,9 @@ jobs: - name: Setup UDS Environment uses: defenseunicorns/uds-common/.github/actions/setup@05f42bb3117b66ebef8c72ae050b34bce19385f5 with: - username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} - password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} + registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + ghToken: ${{ secrets.GITHUB_TOKEN }} ########## c # vLLM diff --git a/.github/workflows/e2e-whisper.yaml b/.github/workflows/e2e-whisper.yaml index 1aca21a2da..dee2cf45ae 100644 --- a/.github/workflows/e2e-whisper.yaml +++ b/.github/workflows/e2e-whisper.yaml @@ -67,6 +67,10 @@ jobs: - name: Setup UDS Cluster uses: ./.github/actions/uds-cluster + with: + registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} + registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + ghToken: ${{ secrets.GITHUB_TOKEN }} - name: Setup LFAI-API and Supabase uses: ./.github/actions/lfai-core From 1ef8606491cbdd0f23f6a708bdf8f360e728f535 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 18:01:12 -0400 Subject: [PATCH 15/36] fix UDS CLI version, pt.4 --- .github/actions/uds-cluster/action.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/uds-cluster/action.yaml b/.github/actions/uds-cluster/action.yaml index 2683b9910b..b52e66b8d5 100644 --- a/.github/actions/uds-cluster/action.yaml +++ b/.github/actions/uds-cluster/action.yaml @@ -15,8 +15,8 @@ runs: - name: Setup UDS Environment uses: defenseunicorns/uds-common/.github/actions/setup@822dac4452e6815aadcf09f487406ff258756a0c # v0.14.0 with: - registry1Username: ${{ inputs.IRON_BANK_ROBOT_USERNAME }} - registry1Password: ${{ inputs.IRON_BANK_ROBOT_PASSWORD }} + registry1Username: ${{ inputs.registry1Username }} + registry1Password: ${{ inputs.registry1Password }} ghToken: ${{ inputs.ghToken }} udsCliVersion: 0.14.0 From a1aa182e9b757961f482fe991ac4097afe178119 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 18:03:57 -0400 Subject: [PATCH 16/36] fix vllm uds setup --- .github/workflows/e2e-vllm.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/e2e-vllm.yaml b/.github/workflows/e2e-vllm.yaml index 5931ef3593..836cddf61a 100644 --- a/.github/workflows/e2e-vllm.yaml +++ b/.github/workflows/e2e-vllm.yaml @@ -67,8 +67,8 @@ jobs: with: additionalOptionalDep: dev-vllm - - name: Setup UDS Environment - uses: defenseunicorns/uds-common/.github/actions/setup@05f42bb3117b66ebef8c72ae050b34bce19385f5 + - name: Setup UDS Cluster + uses: ./.github/actions/uds-cluster with: registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} From e05998a02e553a09b821822ca5686ad0165ee9ae Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 18:06:15 -0400 Subject: [PATCH 17/36] fix vllm uds setup, pt.2 --- .github/workflows/e2e-vllm.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/e2e-vllm.yaml b/.github/workflows/e2e-vllm.yaml index 836cddf61a..1d037fc573 100644 --- a/.github/workflows/e2e-vllm.yaml +++ b/.github/workflows/e2e-vllm.yaml @@ -67,12 +67,13 @@ jobs: with: additionalOptionalDep: dev-vllm - - name: Setup UDS Cluster - uses: ./.github/actions/uds-cluster + - name: Setup UDS Environment + uses: defenseunicorns/uds-common/.github/actions/setup@822dac4452e6815aadcf09f487406ff258756a0c # v0.14.0 with: registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} ghToken: ${{ secrets.GITHUB_TOKEN }} + udsCliVersion: 0.14.0 ########## c # vLLM From 8a06f5840503e17579ca07f4c51fdd4ae3ac1786 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 18:23:47 -0400 Subject: [PATCH 18/36] fix version for registry1 image --- .github/release-please-config.json | 5 +++++ .github/workflows/e2e-registry1-weekly.yaml | 6 ++++++ 2 files changed, 11 insertions(+) diff --git a/.github/release-please-config.json b/.github/release-please-config.json index 6cf564cdb6..4458cae051 100644 --- a/.github/release-please-config.json +++ b/.github/release-please-config.json @@ -45,6 +45,11 @@ "type": "generic", "path": "**/hugo.toml", "glob": true + }, + { + "type": "generic", + "path": ".github/workflows/e2e-registry1-weekly.yaml", + "glob": true } ] } diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index e5e59f64fd..379306c6af 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -15,6 +15,11 @@ on: - .github/workflows/e2e-registry1-weekly.yaml - uds-bundles/latest/** +env: + # x-release-please-start-version + VERSION: 0.11.0 + # x-release-please-end + concurrency: group: e2e-registry1-weekly-${{ github.ref }} cancel-in-progress: true @@ -53,6 +58,7 @@ jobs: uds zarf tools yq -i '.packages[1].repository = "registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api"' \ uds-bundles/latest/cpu/uds-bundle.yaml + uds zarf tools yq -i '.packages[1].ref = v${{ env.VERSION }}' uds-bundles/latest/cpu/uds-bundle.yaml - name: Create Bundle run: | From 839a66f95d575e3b7ff676edeb23ccbe5737cf54 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 18:28:07 -0400 Subject: [PATCH 19/36] fix version for registry1 image, pt.2 --- packages/api/values/registry1-values.yaml | 4 +--- packages/api/zarf.yaml | 2 +- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/packages/api/values/registry1-values.yaml b/packages/api/values/registry1-values.yaml index 72d6a77b1a..56d7e6e4e0 100644 --- a/packages/api/values/registry1-values.yaml +++ b/packages/api/values/registry1-values.yaml @@ -2,16 +2,14 @@ api: image: repository: registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api # x-release-please-start-version - tag: v0.10.0 + tag: v0.11.0 # x-release-please-end migration: image: # TODO: replace with Ironbank image once hardened: registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api/migrations repository: ghcr.io/defenseunicorns/leapfrogai/api-migrations - # x-release-please-start-version tag: ###ZARF_CONST_IMAGE_VERSION### - # x-release-please-end kiwigrid: image: diff --git a/packages/api/zarf.yaml b/packages/api/zarf.yaml index 2c8cc43cf2..fb3e6a0891 100644 --- a/packages/api/zarf.yaml +++ b/packages/api/zarf.yaml @@ -45,7 +45,7 @@ components: valuesFiles: - "values/registry1-values.yaml" images: - - "registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api:v0.10.0" + - "registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api:v0.11.0" # TODO: replace with Ironbank image once hardened: registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api/migrations - "ghcr.io/defenseunicorns/leapfrogai/api-migrations:###ZARF_PKG_TMPL_IMAGE_VERSION###" - "registry1.dso.mil/ironbank/kiwigrid/k8s-sidecar:1.23.3" From 152e5a6b4466e455dc9b66d5310f1e72cb7c15fd Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 18:42:11 -0400 Subject: [PATCH 20/36] missing double quotes yq --- .github/workflows/e2e-registry1-weekly.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index 379306c6af..80af6df393 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -58,7 +58,7 @@ jobs: uds zarf tools yq -i '.packages[1].repository = "registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api"' \ uds-bundles/latest/cpu/uds-bundle.yaml - uds zarf tools yq -i '.packages[1].ref = v${{ env.VERSION }}' uds-bundles/latest/cpu/uds-bundle.yaml + uds zarf tools yq -i '.packages[1].ref = "v${{ env.VERSION }}"' uds-bundles/latest/cpu/uds-bundle.yaml - name: Create Bundle run: | From dd78a7f17e2db629053aec83b11c57ee9b56053f Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 20 Aug 2024 21:52:04 -0400 Subject: [PATCH 21/36] zarf package yq commands --- .github/release-please-config.json | 5 ----- .github/workflows/e2e-registry1-weekly.yaml | 24 +++++++++------------ 2 files changed, 10 insertions(+), 19 deletions(-) diff --git a/.github/release-please-config.json b/.github/release-please-config.json index 4458cae051..6cf564cdb6 100644 --- a/.github/release-please-config.json +++ b/.github/release-please-config.json @@ -45,11 +45,6 @@ "type": "generic", "path": "**/hugo.toml", "glob": true - }, - { - "type": "generic", - "path": ".github/workflows/e2e-registry1-weekly.yaml", - "glob": true } ] } diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index 80af6df393..aea3c85552 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -15,19 +15,14 @@ on: - .github/workflows/e2e-registry1-weekly.yaml - uds-bundles/latest/** -env: - # x-release-please-start-version - VERSION: 0.11.0 - # x-release-please-end - concurrency: group: e2e-registry1-weekly-${{ github.ref }} cancel-in-progress: true jobs: - test-flavor: + test-flavors: runs-on: ai-ubuntu-big-boy-8-core - name: Test LeapfrogAI Flavor + name: Test LeapfrogAI Flavors permissions: contents: read @@ -48,17 +43,18 @@ jobs: registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} ghToken: ${{ secrets.GITHUB_TOKEN }} - - name: Setup LFAI-API and Supabase + - name: Setup LeapfrogAI API and Supabase uses: ./.github/actions/lfai-core - - name: Set Flavor and Version + - name: Set Bundle Flavor Fields run: | - uds zarf tools yq -i '.metadata.version = "registry1"' \ - uds-bundles/latest/cpu/uds-bundle.yaml + uds zarf tools yq -i '.packages[1] |= del(.repository)' uds-bundles/latest/cpu/uds-bundle.yaml + uds zarf tools yq -i '.packages[1] |= .ref = "registry1"' uds-bundles/latest/cpu/uds-bundle.yaml + uds zarf tools yq -i '.packages[1] |= .path = "../../../packages/api"' uds-bundles/latest/cpu/uds-bundle.yaml - uds zarf tools yq -i '.packages[1].repository = "registry1.dso.mil/ironbank/opensource/defenseunicorns/leapfrogai/api"' \ - uds-bundles/latest/cpu/uds-bundle.yaml - uds zarf tools yq -i '.packages[1].ref = "v${{ env.VERSION }}"' uds-bundles/latest/cpu/uds-bundle.yaml + - name: Create Registry1 Package(s) + run: | + LOCAL_VERSION=registry1 FLAVOR=registry1 make build-api - name: Create Bundle run: | From 70b3988f3d4d92a0dd9bd376ca546e1e469cc7e2 Mon Sep 17 00:00:00 2001 From: Justin Law <81255462+justinthelaw@users.noreply.github.com> Date: Tue, 20 Aug 2024 22:33:57 -0400 Subject: [PATCH 22/36] Update e2e-registry1-weekly.yaml --- .github/workflows/e2e-registry1-weekly.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index aea3c85552..38c6e6f24b 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -51,6 +51,7 @@ jobs: uds zarf tools yq -i '.packages[1] |= del(.repository)' uds-bundles/latest/cpu/uds-bundle.yaml uds zarf tools yq -i '.packages[1] |= .ref = "registry1"' uds-bundles/latest/cpu/uds-bundle.yaml uds zarf tools yq -i '.packages[1] |= .path = "../../../packages/api"' uds-bundles/latest/cpu/uds-bundle.yaml + uds zarf tools yq -i '.metadata.version = "registry1"' uds-bundles/latest/cpu/uds-bundle.yaml - name: Create Registry1 Package(s) run: | From 84b31f9e496b6bf000fb3bc92d67e59b71aa1c18 Mon Sep 17 00:00:00 2001 From: Justin Law <81255462+justinthelaw@users.noreply.github.com> Date: Tue, 20 Aug 2024 23:02:35 -0400 Subject: [PATCH 23/36] Update e2e-registry1-weekly.yaml --- .github/workflows/e2e-registry1-weekly.yaml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index 38c6e6f24b..782b3c52bf 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -57,13 +57,10 @@ jobs: run: | LOCAL_VERSION=registry1 FLAVOR=registry1 make build-api - - name: Create Bundle + - name: Create and Deploy Bundle run: | cd uds-bundles/latest/cpu uds create . --confirm - - - name: Deploy Bundle - run: | uds deploy uds-bundle-leapfrogai-amd64-registry1.tar.zst rm -rf uds-bundle-leapfrogai-amd64-registry1.tar.zst cd ../../../ From bd37b7feb1fe1029c4fbde1cb686d32df5521082 Mon Sep 17 00:00:00 2001 From: Justin Law <81255462+justinthelaw@users.noreply.github.com> Date: Tue, 20 Aug 2024 23:21:43 -0400 Subject: [PATCH 24/36] Update e2e-registry1-weekly.yaml --- .github/workflows/e2e-registry1-weekly.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index 782b3c52bf..fc61d93fb2 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -61,7 +61,7 @@ jobs: run: | cd uds-bundles/latest/cpu uds create . --confirm - uds deploy uds-bundle-leapfrogai-amd64-registry1.tar.zst + uds deploy uds-bundle-leapfrogai-amd64-registry1.tar.zst --confirm rm -rf uds-bundle-leapfrogai-amd64-registry1.tar.zst cd ../../../ From 081e60f539c5d2a11003971b208cb51634259aea Mon Sep 17 00:00:00 2001 From: Justin Law Date: Thu, 29 Aug 2024 10:18:32 -0400 Subject: [PATCH 25/36] revert default ui api service --- packages/ui/zarf.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/ui/zarf.yaml b/packages/ui/zarf.yaml index c85d5bfa8e..93ae958960 100644 --- a/packages/ui/zarf.yaml +++ b/packages/ui/zarf.yaml @@ -12,7 +12,7 @@ constants: variables: - name: LEAPFROGAI_API_BASE_URL #LEAPFROGAI_API_BASE_URL description: The base URL for the LeapfrogAI API - default: http://leapfrogai-api.leapfrogai.svc.cluster.local:8080 + default: http://api.leapfrogai.svc.cluster.local:8080 prompt: true sensitive: true - name: OPENAI_API_KEY From 12498813ca63c58c7b697a8508afe9f3386a3d46 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Thu, 29 Aug 2024 11:41:54 -0400 Subject: [PATCH 26/36] default ui URL for api service --- .github/workflows/e2e-registry1-weekly.yaml | 2 +- packages/ui/zarf.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index fc61d93fb2..df333c6182 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -85,7 +85,7 @@ jobs: - name: Test UI run: | cp src/leapfrogai_ui/.env.example src/leapfrogai_ui/.env - TEST_ENV=CI PUBLIC_DISABLE_KEYCLOAK=true PUBLIC_SUPABASE_ANON_KEY=$ANON_KEY npm --prefix src/leapfrogai_ui run test:integration:ci + LEAPFROGAI_API_BASE_URL="http://leapfrogai-api.leapfrogai.svc.cluster.local:8080" TEST_ENV=CI PUBLIC_DISABLE_KEYCLOAK=true PUBLIC_SUPABASE_ANON_KEY=$ANON_KEY npm --prefix src/leapfrogai_ui run test:integration:ci - name: Archive Playwright Report uses: actions/upload-artifact@v4 diff --git a/packages/ui/zarf.yaml b/packages/ui/zarf.yaml index 93ae958960..c85d5bfa8e 100644 --- a/packages/ui/zarf.yaml +++ b/packages/ui/zarf.yaml @@ -12,7 +12,7 @@ constants: variables: - name: LEAPFROGAI_API_BASE_URL #LEAPFROGAI_API_BASE_URL description: The base URL for the LeapfrogAI API - default: http://api.leapfrogai.svc.cluster.local:8080 + default: http://leapfrogai-api.leapfrogai.svc.cluster.local:8080 prompt: true sensitive: true - name: OPENAI_API_KEY From 284f292b59598bfb5ee9b4a4fe749a762907c033 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Thu, 29 Aug 2024 13:20:12 -0400 Subject: [PATCH 27/36] fix setup and deploy bundle --- .github/actions/uds-cluster/action.yaml | 5 +++-- .github/workflows/e2e-registry1-weekly.yaml | 7 +++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/actions/uds-cluster/action.yaml b/.github/actions/uds-cluster/action.yaml index 7fa16098ed..683aa26524 100644 --- a/.github/actions/uds-cluster/action.yaml +++ b/.github/actions/uds-cluster/action.yaml @@ -15,8 +15,9 @@ runs: - name: Setup UDS Environment uses: defenseunicorns/uds-common/.github/actions/setup@822dac4452e6815aadcf09f487406ff258756a0c # v0.14.0 with: - username: ${{ inputs.registry1Username }} - password: ${{ inputs.registry1Password }} + registry1Username: ${{ inputs.registry1Username }} + registry1Password: ${{ inputs.registry1Password }} + ghToken: ${{ inputs.ghToken }} udsCliVersion: 0.14.0 - name: Checkout Repo diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index df333c6182..a7ebce63f4 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -60,10 +60,9 @@ jobs: - name: Create and Deploy Bundle run: | cd uds-bundles/latest/cpu - uds create . --confirm - uds deploy uds-bundle-leapfrogai-amd64-registry1.tar.zst --confirm - rm -rf uds-bundle-leapfrogai-amd64-registry1.tar.zst - cd ../../../ + uds create . --confirm && \ + uds deploy uds-bundle-leapfrogai-amd64-registry1.tar.zst --confirm --no-progress && \ + rm -rf uds-bundle-leapfrogai-amd64-registry1.tar.zst - name: Test llama-cpp-python run: | From 410cd2188fd4b2be1142daa3c8c4621df7c0d162 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Thu, 29 Aug 2024 13:28:00 -0400 Subject: [PATCH 28/36] remove extraneous setup step --- .github/workflows/e2e-registry1-weekly.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index a7ebce63f4..e8fa602cc8 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -43,9 +43,6 @@ jobs: registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} ghToken: ${{ secrets.GITHUB_TOKEN }} - - name: Setup LeapfrogAI API and Supabase - uses: ./.github/actions/lfai-core - - name: Set Bundle Flavor Fields run: | uds zarf tools yq -i '.packages[1] |= del(.repository)' uds-bundles/latest/cpu/uds-bundle.yaml From 5cdd8b0a7e1185093d7bb727ac830e3a91eb12bc Mon Sep 17 00:00:00 2001 From: Justin Law Date: Thu, 29 Aug 2024 14:05:04 -0400 Subject: [PATCH 29/36] add ANON_KEY back in manually --- .github/workflows/e2e-registry1-weekly.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index e8fa602cc8..9d2259f233 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -54,6 +54,12 @@ jobs: run: | LOCAL_VERSION=registry1 FLAVOR=registry1 make build-api + - name: Set environment variable + shell: bash + id: set-env-var + run: | + echo "ANON_KEY=$(uds zarf tools kubectl get secret supabase-bootstrap-jwt -n leapfrogai -o jsonpath='{.data.anon-key}' | base64 -d)" >> "$GITHUB_ENV" + - name: Create and Deploy Bundle run: | cd uds-bundles/latest/cpu From 37b8a5aefb33d94c76de4a9e735329f525fce692 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Thu, 29 Aug 2024 15:22:56 -0400 Subject: [PATCH 30/36] move ANON_KEY to correct step --- .github/workflows/e2e-registry1-weekly.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index 9d2259f233..d402f54a7b 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -54,12 +54,6 @@ jobs: run: | LOCAL_VERSION=registry1 FLAVOR=registry1 make build-api - - name: Set environment variable - shell: bash - id: set-env-var - run: | - echo "ANON_KEY=$(uds zarf tools kubectl get secret supabase-bootstrap-jwt -n leapfrogai -o jsonpath='{.data.anon-key}' | base64 -d)" >> "$GITHUB_ENV" - - name: Create and Deploy Bundle run: | cd uds-bundles/latest/cpu @@ -67,6 +61,12 @@ jobs: uds deploy uds-bundle-leapfrogai-amd64-registry1.tar.zst --confirm --no-progress && \ rm -rf uds-bundle-leapfrogai-amd64-registry1.tar.zst + - name: Set environment variable + shell: bash + id: set-env-var + run: | + echo "ANON_KEY=$(uds zarf tools kubectl get secret supabase-bootstrap-jwt -n leapfrogai -o jsonpath='{.data.anon-key}' | base64 -d)" >> "$GITHUB_ENV" + - name: Test llama-cpp-python run: | python -m pytest ./tests/e2e/test_llama.py -v From 2e67af914c24b3af2d28d4d19bf6ba14cfd6e1e3 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Thu, 29 Aug 2024 16:05:34 -0400 Subject: [PATCH 31/36] add other Playwright E2E test steps --- .github/workflows/e2e-registry1-weekly.yaml | 33 +++++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index d402f54a7b..4877653f67 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -43,6 +43,7 @@ jobs: registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} ghToken: ${{ secrets.GITHUB_TOKEN }} + # Set flavored package within UDS bundle definition - name: Set Bundle Flavor Fields run: | uds zarf tools yq -i '.packages[1] |= del(.repository)' uds-bundles/latest/cpu/uds-bundle.yaml @@ -61,12 +62,14 @@ jobs: uds deploy uds-bundle-leapfrogai-amd64-registry1.tar.zst --confirm --no-progress && \ rm -rf uds-bundle-leapfrogai-amd64-registry1.tar.zst + # API Key Prep - name: Set environment variable shell: bash id: set-env-var run: | echo "ANON_KEY=$(uds zarf tools kubectl get secret supabase-bootstrap-jwt -n leapfrogai -o jsonpath='{.data.anon-key}' | base64 -d)" >> "$GITHUB_ENV" + # Backends - name: Test llama-cpp-python run: | python -m pytest ./tests/e2e/test_llama.py -v @@ -79,15 +82,41 @@ jobs: run: | python -m pytest ./tests/e2e/test_whisper.py -v + # Setup for application layer testing + - name: Generate Fake Playwright User Password + id: generate-password + run: | + PASSWORD=$(cat <(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9!@#$%^&*()_+-=[]{}|;:,.<>?' | head -c 20) <(echo '!@1Aa') | fold -w1 | shuf | tr -d '\n') + echo "::add-mask::$PASSWORD" + echo "FAKE_E2E_USER_PASSWORD=$PASSWORD" >> $GITHUB_ENV + + - name: Create Test User + run: | + chmod +x ./.github/scripts/createUser.sh + ./.github/scripts/createUser.sh + + # Supabase + - name: Test Supabase + run: | + python -m pytest ./tests/e2e/test_supabase.py -v + + # API + - name: Test API + run: | + python -m pytest ./tests/e2e/test_api.py -v + + # UI - name: Install UI/Playwright Dependencies run: | npm --prefix src/leapfrogai_ui ci npx --prefix src/leapfrogai_ui playwright install - - name: Test UI + - name: UI/API/Supabase E2E Playwright Tests run: | cp src/leapfrogai_ui/.env.example src/leapfrogai_ui/.env - LEAPFROGAI_API_BASE_URL="http://leapfrogai-api.leapfrogai.svc.cluster.local:8080" TEST_ENV=CI PUBLIC_DISABLE_KEYCLOAK=true PUBLIC_SUPABASE_ANON_KEY=$ANON_KEY npm --prefix src/leapfrogai_ui run test:integration:ci + mkdir -p playwright/auth + touch playwright/auth.user.json + LEAPFROGAI_API_BASE_URL="http://leapfrogai-api.leapfrogai.svc.cluster.local:8080" SERVICE_ROLE_KEY=$ANON_KEY TEST_ENV=CI USERNAME=doug PASSWORD=$FAKE_E2E_USER_PASSWORD PUBLIC_SUPABASE_ANON_KEY=$ANON_KEY npm --prefix src/leapfrogai_ui run test:integration:ci - name: Archive Playwright Report uses: actions/upload-artifact@v4 From ab6b9dd703bed697ce2e629a6d32305c3a960993 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Thu, 29 Aug 2024 16:43:15 -0400 Subject: [PATCH 32/36] remove extraneous url env in playwright --- .github/workflows/e2e-registry1-weekly.yaml | 2 +- README.md | 2 ++ docs/DEVELOPMENT.md | 3 ++- .../en/docs/local-deploy-guide/components.md | 16 ++++++++++++++++ .../en/docs/local-deploy-guide/quick_start.md | 2 +- 5 files changed, 22 insertions(+), 3 deletions(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index 4877653f67..7f7013a75f 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -116,7 +116,7 @@ jobs: cp src/leapfrogai_ui/.env.example src/leapfrogai_ui/.env mkdir -p playwright/auth touch playwright/auth.user.json - LEAPFROGAI_API_BASE_URL="http://leapfrogai-api.leapfrogai.svc.cluster.local:8080" SERVICE_ROLE_KEY=$ANON_KEY TEST_ENV=CI USERNAME=doug PASSWORD=$FAKE_E2E_USER_PASSWORD PUBLIC_SUPABASE_ANON_KEY=$ANON_KEY npm --prefix src/leapfrogai_ui run test:integration:ci + SERVICE_ROLE_KEY=$ANON_KEY TEST_ENV=CI USERNAME=doug PASSWORD=$FAKE_E2E_USER_PASSWORD PUBLIC_SUPABASE_ANON_KEY=$ANON_KEY npm --prefix src/leapfrogai_ui run test:integration:ci - name: Archive Playwright Report uses: actions/upload-artifact@v4 diff --git a/README.md b/README.md index 35ae93a7c9..cfd5bbff62 100644 --- a/README.md +++ b/README.md @@ -137,6 +137,8 @@ Below is the current component flavors list: | [vllm](packages/vllm/) | ✅ | 🚧 | 🚧 | | [vllm](packages/vllm/) | ✅ | 🚧 | 🚧 | +Flavors with any components labelled as 🚧 are not available as a quick start bundle deployment yet. Please refer to the [DEVELOPMENT.md](./docs/DEVELOPMENT.md) for instructions on how to build a component's Zarf package for local testing. + ## Usage To build a LeapfrogAI UDS bundle and deploy it, please refer to the [LeapfrogAI Documentation Website](https://docs.leapfrog.ai/docs/). In the documentation website, you'll find system requirements and instructions for all things LeapfrogAI that aren't associated to local development and contributing. diff --git a/docs/DEVELOPMENT.md b/docs/DEVELOPMENT.md index 2993c37a1e..ff05e2fa76 100644 --- a/docs/DEVELOPMENT.md +++ b/docs/DEVELOPMENT.md @@ -70,7 +70,7 @@ For example, the LeapfrogAI API requires a `config.yaml` be supplied when spun u ## Package Development -If you don't want to [build an entire bundle](#bundle-development), or you want to "dev-loop" on a single package in an existing [UDS Kubernetes cluster](../packages/k3d-gpu/README.md) you can do so by performing the following. +If you don't want to [build an entire bundle](#bundle-development), or you want to "dev-loop" on a single package in an existing [UDS Kubernetes cluster](../packages/k3d-gpu/README.md) you can do so by following the instructions below. For example, this is how you build and (re)deploy a local DEV version of a package: @@ -80,6 +80,7 @@ uds zarf package remove leapfrogai-api --confirm uds zarf tools registry prune --confirm # create and deploy the new package +# FLAVOR can be registry1, upstream, or unicorn - see README for availability details LOCAL_VERSION=dev FLAVOR=upstream REGISTRY_PORT=5000 ARCH=amd64 make build-api LOCAL_VERSION=dev FLAVOR=upstream REGISTRY_PORT=5000 ARCH=amd64 make deploy-api ``` diff --git a/website/content/en/docs/local-deploy-guide/components.md b/website/content/en/docs/local-deploy-guide/components.md index bb252c97ea..e4e96c0da7 100644 --- a/website/content/en/docs/local-deploy-guide/components.md +++ b/website/content/en/docs/local-deploy-guide/components.md @@ -29,6 +29,22 @@ Each component has different images and values that refer to a specific image re 2. 🚧 `registry1`: uses [IronBank hardened images](https://repo1.dso.mil/dsop) from the Repo1 harbor registry 3. 🚧 `unicorn`: uses [Chainguard hardened images](https://www.chainguard.dev/chainguard-images) from the Chainguard registry +Below is the current component flavors list: + +| Component | `upstream` | `registry1` | `chainguard` | +| ---------------------------------------------- | ------------ | ------------- | -------------- | +| [api](packages/api/) | ✅ | ✅ | 🚧 | +| [ui](packages/ui/) | ✅ | 🚧 | 🚧 | +| [supabase](packages/supabase/) | ✅ | 🚧 | 🚧 | +| [migrations](./Dockerfile.migrations) | ✅ | 🚧 | 🚧 | +| [llama-cpp-python](packages/llama-cpp-python/) | ✅ | 🚧 | 🚧 | +| [whisper](packages/whisper/) | ✅ | 🚧 | 🚧 | +| [text-embeddings](packages/text-embeddings/) | ✅ | 🚧 | 🚧 | +| [vllm](packages/vllm/) | ✅ | 🚧 | 🚧 | +| [vllm](packages/vllm/) | ✅ | 🚧 | 🚧 | + +Flavors with any components labelled as 🚧 are not available as a quick start bundle deployment yet. Please refer to the [DEVELOPMENT.md](https://github.com/defenseunicorns/leapfrogai/blob/main/docs/DEVELOPMENT.md) for instructions on how to build a component's Zarf package for local testing. + ### Artifact Support LeapfrogAI contains built-in embeddings for RAG and transcription / translation solutions that can handle many different file types. Many of these capabilities are accessible via the LeapfrogAI API. The supported artifact types are as follows: diff --git a/website/content/en/docs/local-deploy-guide/quick_start.md b/website/content/en/docs/local-deploy-guide/quick_start.md index 63d90ebc63..c58198a7f1 100644 --- a/website/content/en/docs/local-deploy-guide/quick_start.md +++ b/website/content/en/docs/local-deploy-guide/quick_start.md @@ -71,7 +71,7 @@ If you already have a pre-built UDS bundle, please skip to [Deploying the UDS Bu 2. Deploy the bundle you created in the [previous steps](#building-the-uds-bundle): ```bash - # make sure you ar ein the directory with the UDS bundle archive + # make sure you are in the directory with the UDS bundle archive uds deploy uds-bundle-leapfrogai*.tar.zst ``` From 42c0f6be5964c50b2b178498be9f49a7f01fb762 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Thu, 29 Aug 2024 17:27:23 -0400 Subject: [PATCH 33/36] fix version and env --- .github/workflows/e2e-registry1-weekly.yaml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index 7f7013a75f..a6c25d3a33 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -60,7 +60,8 @@ jobs: cd uds-bundles/latest/cpu uds create . --confirm && \ uds deploy uds-bundle-leapfrogai-amd64-registry1.tar.zst --confirm --no-progress && \ - rm -rf uds-bundle-leapfrogai-amd64-registry1.tar.zst + rm -rf uds-bundle-leapfrogai-amd64-registry1.tar.zst && \ + docker system prune -af # API Key Prep - name: Set environment variable @@ -116,10 +117,12 @@ jobs: cp src/leapfrogai_ui/.env.example src/leapfrogai_ui/.env mkdir -p playwright/auth touch playwright/auth.user.json - SERVICE_ROLE_KEY=$ANON_KEY TEST_ENV=CI USERNAME=doug PASSWORD=$FAKE_E2E_USER_PASSWORD PUBLIC_SUPABASE_ANON_KEY=$ANON_KEY npm --prefix src/leapfrogai_ui run test:integration:ci + SERVICE_ROLE_KEY=$(uds zarf tools kubectl get secret -n leapfrogai supabase-bootstrap-jwt -o jsonpath={.data.service-key} | base64 -d) + echo "::add-mask::$SERVICE_ROLE_KEY" + SERVICE_ROLE_KEY=$SERVICE_ROLE_KEY TEST_ENV=CI USERNAME=doug PASSWORD=$FAKE_E2E_USER_PASSWORD PUBLIC_SUPABASE_ANON_KEY=$ANON_KEY npm --prefix src/leapfrogai_ui run test:integration:ci - name: Archive Playwright Report - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 if: ${{ !cancelled() }} with: name: playwright-report From 6fd97b126874d94b362283c8306d9cabdacd171b Mon Sep 17 00:00:00 2001 From: Justin Law Date: Fri, 30 Aug 2024 10:19:52 -0400 Subject: [PATCH 34/36] fix up workflow, add LFAI API URL --- .github/workflows/e2e-registry1-weekly.yaml | 81 +++++++++------------ 1 file changed, 33 insertions(+), 48 deletions(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index a6c25d3a33..d1b777ddde 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -19,10 +19,14 @@ concurrency: group: e2e-registry1-weekly-${{ github.ref }} cancel-in-progress: true +defaults: + run: + shell: bash + jobs: test-flavors: runs-on: ai-ubuntu-big-boy-8-core - name: Test LeapfrogAI Flavors + name: e2e_registry1_weekly permissions: contents: read @@ -43,82 +47,63 @@ jobs: registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} ghToken: ${{ secrets.GITHUB_TOKEN }} - # Set flavored package within UDS bundle definition - - name: Set Bundle Flavor Fields + - name: Setup Playwright + run: | + npm --prefix src/leapfrogai_ui ci + npx --prefix src/leapfrogai_ui playwright install + + - name: Create Registry1 Packages + run: | + LOCAL_VERSION=registry1 FLAVOR=registry1 make build-api + + # Mutate UDS bundle definition to use Registry1 packages + - name: Mutation to Registry1 Bundle run: | uds zarf tools yq -i '.packages[1] |= del(.repository)' uds-bundles/latest/cpu/uds-bundle.yaml uds zarf tools yq -i '.packages[1] |= .ref = "registry1"' uds-bundles/latest/cpu/uds-bundle.yaml uds zarf tools yq -i '.packages[1] |= .path = "../../../packages/api"' uds-bundles/latest/cpu/uds-bundle.yaml uds zarf tools yq -i '.metadata.version = "registry1"' uds-bundles/latest/cpu/uds-bundle.yaml - - name: Create Registry1 Package(s) - run: | - LOCAL_VERSION=registry1 FLAVOR=registry1 make build-api - - name: Create and Deploy Bundle run: | cd uds-bundles/latest/cpu uds create . --confirm && \ - uds deploy uds-bundle-leapfrogai-amd64-registry1.tar.zst --confirm --no-progress && \ + uds deploy uds-bundle-leapfrogai-amd64-registry1.tar.zst \ + --set LEAPFROGAI_API_BASE_URL="http://leapfrogai-api.leapfrogai.svc.cluster.local:8080" --confirm --no-progress && \ rm -rf uds-bundle-leapfrogai-amd64-registry1.tar.zst && \ docker system prune -af - # API Key Prep - - name: Set environment variable - shell: bash - id: set-env-var - run: | - echo "ANON_KEY=$(uds zarf tools kubectl get secret supabase-bootstrap-jwt -n leapfrogai -o jsonpath='{.data.anon-key}' | base64 -d)" >> "$GITHUB_ENV" - - # Backends - - name: Test llama-cpp-python - run: | - python -m pytest ./tests/e2e/test_llama.py -v - - - name: Test text-embeddings - run: | - python -m pytest ./tests/e2e/test_text_embeddings.py -v - - - name: Test whisper - run: | - python -m pytest ./tests/e2e/test_whisper.py -v - - # Setup for application layer testing - - name: Generate Fake Playwright User Password - id: generate-password + - name: Generate Secrets and Test User run: | PASSWORD=$(cat <(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9!@#$%^&*()_+-=[]{}|;:,.<>?' | head -c 20) <(echo '!@1Aa') | fold -w1 | shuf | tr -d '\n') echo "::add-mask::$PASSWORD" echo "FAKE_E2E_USER_PASSWORD=$PASSWORD" >> $GITHUB_ENV - - name: Create Test User - run: | + ANON_KEY=$(uds zarf tools kubectl get secret supabase-bootstrap-jwt -n leapfrogai -o jsonpath='{.data.anon-key}' | base64 -d) + echo "::add-mask::$ANON_KEY" + echo "ANON_KEY=$ANON_KEY" >> "$GITHUB_ENV" + + SERVICE_ROLE_KEY=$(uds zarf tools kubectl get secret -n leapfrogai supabase-bootstrap-jwt -o jsonpath={.data.service-key} | base64 -d) + echo "::add-mask::$SERVICE_ROLE_KEY" + chmod +x ./.github/scripts/createUser.sh ./.github/scripts/createUser.sh - # Supabase - - name: Test Supabase + # Backends + - name: Run Backend Tests run: | + python -m pytest ./tests/e2e/test_llama.py -v + python -m pytest ./tests/e2e/test_text_embeddings.py -v + python -m pytest ./tests/e2e/test_whisper.py -v python -m pytest ./tests/e2e/test_supabase.py -v - - # API - - name: Test API - run: | python -m pytest ./tests/e2e/test_api.py -v - # UI - - name: Install UI/Playwright Dependencies - run: | - npm --prefix src/leapfrogai_ui ci - npx --prefix src/leapfrogai_ui playwright install - - - name: UI/API/Supabase E2E Playwright Tests + - name: Run Playwright E2E Tests run: | cp src/leapfrogai_ui/.env.example src/leapfrogai_ui/.env mkdir -p playwright/auth touch playwright/auth.user.json - SERVICE_ROLE_KEY=$(uds zarf tools kubectl get secret -n leapfrogai supabase-bootstrap-jwt -o jsonpath={.data.service-key} | base64 -d) - echo "::add-mask::$SERVICE_ROLE_KEY" + SERVICE_ROLE_KEY=$SERVICE_ROLE_KEY TEST_ENV=CI USERNAME=doug PASSWORD=$FAKE_E2E_USER_PASSWORD PUBLIC_SUPABASE_ANON_KEY=$ANON_KEY npm --prefix src/leapfrogai_ui run test:integration:ci - name: Archive Playwright Report From 05f52459d7beaaeaa969dec34457eaec28d6759d Mon Sep 17 00:00:00 2001 From: Justin Law Date: Fri, 30 Aug 2024 10:57:23 -0400 Subject: [PATCH 35/36] fix env in refactored workflow --- .github/workflows/e2e-registry1-weekly.yaml | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index d1b777ddde..5434a22d4f 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -74,21 +74,27 @@ jobs: docker system prune -af - name: Generate Secrets and Test User + id: generate_secrets run: | PASSWORD=$(cat <(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9!@#$%^&*()_+-=[]{}|;:,.<>?' | head -c 20) <(echo '!@1Aa') | fold -w1 | shuf | tr -d '\n') echo "::add-mask::$PASSWORD" - echo "FAKE_E2E_USER_PASSWORD=$PASSWORD" >> $GITHUB_ENV - + echo "FAKE_E2E_USER_PASSWORD=$PASSWORD" >> $GITHUB_OUTPUT ANON_KEY=$(uds zarf tools kubectl get secret supabase-bootstrap-jwt -n leapfrogai -o jsonpath='{.data.anon-key}' | base64 -d) echo "::add-mask::$ANON_KEY" - echo "ANON_KEY=$ANON_KEY" >> "$GITHUB_ENV" - + echo "ANON_KEY=$ANON_KEY" >> $GITHUB_OUTPUT SERVICE_ROLE_KEY=$(uds zarf tools kubectl get secret -n leapfrogai supabase-bootstrap-jwt -o jsonpath={.data.service-key} | base64 -d) echo "::add-mask::$SERVICE_ROLE_KEY" + echo "SERVICE_ROLE_KEY=$SERVICE_ROLE_KEY" >> $GITHUB_OUTPUT chmod +x ./.github/scripts/createUser.sh ./.github/scripts/createUser.sh + - name: Verify Secrets + run: | + echo "FAKE_E2E_USER_PASSWORD is set: ${{ steps.generate_secrets.outputs.FAKE_E2E_USER_PASSWORD != '' }}" + echo "ANON_KEY is set: ${{ steps.generate_secrets.outputs.ANON_KEY != '' }}" + echo "SERVICE_ROLE_KEY is set: ${{ steps.generate_secrets.outputs.SERVICE_ROLE_KEY != '' }}" + # Backends - name: Run Backend Tests run: | @@ -99,6 +105,10 @@ jobs: python -m pytest ./tests/e2e/test_api.py -v - name: Run Playwright E2E Tests + env: + SERVICE_ROLE_KEY: ${{ steps.generate_secrets.outputs.SERVICE_ROLE_KEY }} + FAKE_E2E_USER_PASSWORD: ${{ steps.generate_secrets.outputs.FAKE_E2E_USER_PASSWORD }} + ANON_KEY: ${{ steps.generate_secrets.outputs.ANON_KEY }} run: | cp src/leapfrogai_ui/.env.example src/leapfrogai_ui/.env mkdir -p playwright/auth From 8dfbcc0d2dc914cae3cf511208d6b57c7122a8de Mon Sep 17 00:00:00 2001 From: Justin Law <81255462+justinthelaw@users.noreply.github.com> Date: Fri, 30 Aug 2024 11:31:39 -0400 Subject: [PATCH 36/36] move create user step down --- .github/workflows/e2e-registry1-weekly.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/e2e-registry1-weekly.yaml b/.github/workflows/e2e-registry1-weekly.yaml index 5434a22d4f..72411d7d97 100644 --- a/.github/workflows/e2e-registry1-weekly.yaml +++ b/.github/workflows/e2e-registry1-weekly.yaml @@ -73,7 +73,7 @@ jobs: rm -rf uds-bundle-leapfrogai-amd64-registry1.tar.zst && \ docker system prune -af - - name: Generate Secrets and Test User + - name: Generate Secrets id: generate_secrets run: | PASSWORD=$(cat <(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9!@#$%^&*()_+-=[]{}|;:,.<>?' | head -c 20) <(echo '!@1Aa') | fold -w1 | shuf | tr -d '\n') @@ -86,9 +86,6 @@ jobs: echo "::add-mask::$SERVICE_ROLE_KEY" echo "SERVICE_ROLE_KEY=$SERVICE_ROLE_KEY" >> $GITHUB_OUTPUT - chmod +x ./.github/scripts/createUser.sh - ./.github/scripts/createUser.sh - - name: Verify Secrets run: | echo "FAKE_E2E_USER_PASSWORD is set: ${{ steps.generate_secrets.outputs.FAKE_E2E_USER_PASSWORD != '' }}" @@ -110,6 +107,9 @@ jobs: FAKE_E2E_USER_PASSWORD: ${{ steps.generate_secrets.outputs.FAKE_E2E_USER_PASSWORD }} ANON_KEY: ${{ steps.generate_secrets.outputs.ANON_KEY }} run: | + chmod +x ./.github/scripts/createUser.sh + ./.github/scripts/createUser.sh + cp src/leapfrogai_ui/.env.example src/leapfrogai_ui/.env mkdir -p playwright/auth touch playwright/auth.user.json