Skip to content

Commit

Permalink
Update guardrails controller and guardrails controller test
Browse files Browse the repository at this point in the history
  • Loading branch information
christinaexyou committed Dec 20, 2024
1 parent b2fdcc9 commit 8f379c1
Show file tree
Hide file tree
Showing 25 changed files with 2,626 additions and 352 deletions.
15 changes: 14 additions & 1 deletion .github/workflows/build-and-push.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,8 @@ jobs:
echo "MAIN IMAGE AT: ${{ vars.QUAY_RELEASE_REPO }}:latest"
echo "LMES DRIVER IMAGE AT: ${{ vars.QUAY_RELEASE_LMES_DRIVER_REPO }}:latest"
echo "LMES JOB IMAGE AT: ${{ vars.QUAY_RELEASE_LMES_JOB_REPO }}:latest"
echo "GUARDRAILS ORCH IMAGE AT: ${{ vars.QUAY_RELEASE_GUARDRAILS_REPO }}:latest"
echo "CI IMAGE AT: quay.io/trustyai/trustyai-service-operator-ci:${{ github.event.pull_request.head.sha }}"
#
# Set environments depending on context
Expand All @@ -68,20 +70,25 @@ jobs:
echo "IMAGE_NAME=quay.io/trustyai/trustyai-service-operator-ci" >> $GITHUB_ENV
echo "DRIVER_IMAGE_NAME=quay.io/trustyai/ta-lmes-driver-ci" >> $GITHUB_ENV
echo "JOB_IMAGE_NAME=quay.io/trustyai/ta-lmes-job-ci" >> $GITHUB_ENV
echo "ORCH_IMAGE_NAME=quay.io/trustyai/ta-guardrails-orchestrator-ci" >> $GITHUB_ENV
- name: Set main-branch environment
if: env.BUILD_CONTEXT == 'main'
run: |
echo "TAG=latest" >> $GITHUB_ENV
echo "IMAGE_NAME=${{ vars.QUAY_RELEASE_REPO }}" >> $GITHUB_ENV
echo "DRIVER_IMAGE_NAME=${{ vars.QUAY_RELEASE_LMES_DRIVER_REPO }}" >> $GITHUB_ENV
echo "JOB_IMAGE_NAME=${{ vars.QUAY_RELEASE_LMES_JOB_REPO }}" >> $GITHUB_ENV
echo "ORCH_IMAGE_NAME=${{ vars.QUAY_RELEASE_GUARDRAILS_REPO }}" >> $GITHUB_ENV
- name: Set tag environment
if: env.BUILD_CONTEXT == 'tag'
run: |
echo "TAG=${{ github.ref_name }}" >> $GITHUB_ENV
echo "IMAGE_NAME=${{ vars.QUAY_RELEASE_REPO }}" >> $GITHUB_ENV
echo "DRIVER_IMAGE_NAME=${{ vars.QUAY_RELEASE_LMES_DRIVER_REPO }}" >> $GITHUB_ENV
echo "JOB_IMAGE_NAME=${{ vars.QUAY_RELEASE_LMES_JOB_REPO }}" >> $GITHUB_ENV
echo "ORCH_IMAGE_NAME=${{ vars.QUAY_RELEASE_GUARDRAILS_REPO }}" >> $GITHUB_ENV
# Run docker commands
- name: Put expiry date on CI-tagged image
Expand All @@ -101,6 +108,10 @@ jobs:
run: docker build -f Dockerfile.lmes-job -t ${{ env.JOB_IMAGE_NAME }}:$TAG .
- name: Push LMES job image to Quay
run: docker push ${{ env.JOB_IMAGE_NAME }}:$TAG
- name: Build Guardrails orchestrator image
run: docker build -f Dockerfile.guardrails -t ${{ env.ORCH_IMAGE_NAME }}:$TAG .
- name: Push Guardrails orchestrator image to Quay
run: docker push ${{ env.ORCH_IMAGE_NAME }}:$TAG

# Create CI Manifests
- name: Set up manifests for CI
Expand Down Expand Up @@ -147,8 +158,10 @@ jobs:
📦 [LMES job image](https://quay.io/trustyai/ta-lmes-job:${{ github.event.pull_request.head.sha }}): `quay.io/trustyai/ta-lmes-job:${{ github.event.pull_request.head.sha }}`
📦 [Guardrails orchestrator image](https://quay.io/trustyai/ta-guardrails-orchestrator:${{ github.event.pull_request.head.sha }}): `quay.io/trustyai/ta-guardrails-orchestrator:${{ github.event.pull_request.head.sha }}`
🗂️ [CI manifests](https://github.com/trustyai-explainability/trustyai-service-operator-ci/tree/operator-${{ env.TAG }})
```
devFlags:
manifests:
Expand Down
68 changes: 68 additions & 0 deletions Dockerfile.orchestrator
Original file line number Diff line number Diff line change
@@ -0,0 +1,68 @@
ARG UBI_MINIMAL_BASE_IMAGE=registry.access.redhat.com/ubi9/ubi-minimal
ARG UBI_BASE_IMAGE_TAG=latest
ARG PROTOC_VERSION=26.0
ARG CONFIG_FILE=config/config.yaml

## Rust builder ################################################################
# Specific debian version so that compatible glibc version is used
FROM rust:1.80.1-bullseye as rust-builder
ARG PROTOC_VERSION

ENV CARGO_REGISTRIES_CRATES_IO_PROTOCOL=sparse

# Install protoc, no longer included in prost crate
RUN cd /tmp && \
curl -L -O https://github.com/protocolbuffers/protobuf/releases/download/v${PROTOC_VERSION}/protoc-${PROTOC_VERSION}-linux-x86_64.zip && \
unzip protoc-*.zip -d /usr/local && rm protoc-*.zip

WORKDIR /app

COPY rust-toolchain.toml rust-toolchain.toml

RUN rustup component add rustfmt

## Orchestrator builder #########################################################
FROM rust-builder as fms-guardrails-orchestr8-builder

COPY build.rs *.toml LICENSE /app/
COPY ${CONFIG_FILE} /app/config/config.yaml
COPY protos/ /app/protos/
COPY src/ /app/src/

WORKDIR /app

# TODO: Make releases via cargo-release
RUN cargo install --root /app/ --path .

## Tests stage ##################################################################
FROM fms-guardrails-orchestr8-builder as tests
RUN cargo test

## Lint stage ###################################################################
FROM fms-guardrails-orchestr8-builder as lint
RUN cargo clippy --all-targets --all-features -- -D warnings

## Formatting check stage #######################################################
FROM fms-guardrails-orchestr8-builder as format
RUN cargo fmt --check

## Release Image ################################################################

FROM ${UBI_MINIMAL_BASE_IMAGE}:${UBI_BASE_IMAGE_TAG} as fms-guardrails-orchestr8-release

COPY --from=fms-guardrails-orchestr8-builder /app/bin/ /app/bin/
COPY ${CONFIG_FILE} /app/config/config.yaml

RUN microdnf install -y --disableplugin=subscription-manager shadow-utils compat-openssl11 && \
microdnf clean all --disableplugin=subscription-manager

RUN groupadd --system orchestr8 --gid 1001 && \
adduser --system --uid 1001 --gid 0 --groups orchestr8 \
--create-home --home-dir /app --shell /sbin/nologin \
--comment "FMS Orchestrator User" orchestr8

USER orchestr8

ENV ORCHESTRATOR_CONFIG /app/config/config.yaml

CMD /app/bin/fms-guardrails-orchestr8
5 changes: 4 additions & 1 deletion api/guardrails/v1alpha1/guardrailsorchestrator_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -76,11 +76,13 @@ type GuardrailsOrchestratorSpec struct {
Detectors []DetectorSpec `json:"detectors"`
// TLS
TLS TLSSpec `json:"tls"`
// Pod configuration
Pod GuardrailsOrchestratorPod `json:"pod"`
}

type GuardrailsOrchestratorPod struct {
Container *GuardrailsOrchestratorContainer `json:"container"`
Volumes []corev1.Volume `json:"volumes, omitempty"`
Volumes []corev1.Volume `json:"volumes,omitempty"`
}

// The following Getter-ish functions avoid nil pointer panic
Expand Down Expand Up @@ -109,6 +111,7 @@ type GuardrailsOrchestratorContainer struct {
// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
// +optional
Resources *corev1.ResourceRequirements `json:"resources,omitempty"`
Image string `json:"image"`
}

// The following Getter-ish functions avoid nil pointer panic
Expand Down
20 changes: 18 additions & 2 deletions api/guardrails/v1alpha1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions cmd/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@ import (
"sigs.k8s.io/controller-runtime/pkg/healthz"
"sigs.k8s.io/controller-runtime/pkg/log/zap"

guardrailsv1alpha1 "github.com/trustyai-explainability/trustyai-service-operator/api/guardrails/v1alpha1"
lmesv1alpha1 "github.com/trustyai-explainability/trustyai-service-operator/api/lmes/v1alpha1"
tasv1alpha1 "github.com/trustyai-explainability/trustyai-service-operator/api/tas/v1alpha1"
"github.com/trustyai-explainability/trustyai-service-operator/controllers"
Expand All @@ -55,6 +56,7 @@ func init() {
utilruntime.Must(clientgoscheme.AddToScheme(scheme))
utilruntime.Must(tasv1alpha1.AddToScheme(scheme))
utilruntime.Must(lmesv1alpha1.AddToScheme(scheme))
utilruntime.Must(guardrailsv1alpha1.AddToScheme(scheme))
utilruntime.Must(monitoringv1.AddToScheme(scheme))
utilruntime.Must(kservev1alpha1.AddToScheme(scheme))
utilruntime.Must(kservev1beta1.AddToScheme(scheme))
Expand Down
1 change: 1 addition & 0 deletions config/base/params.env
Original file line number Diff line number Diff line change
Expand Up @@ -9,4 +9,5 @@ lmes-image-pull-policy=Always
lmes-max-batch-size=24
lmes-default-batch-size=8
lmes-detect-device=true
guardrails-orchestrator-image=quay.io/rh-ee-mmisiura/fms-orchestr8-nlp:0.7.0

Loading

0 comments on commit 8f379c1

Please sign in to comment.