Skip to content

Latest commit

 

History

History
150 lines (110 loc) · 11 KB

README.md

File metadata and controls

150 lines (110 loc) · 11 KB
Raw

If you want to use conda, not required

  1. Make sure that you have conda installed. Recommend this article if on Mac, just do through step 2.

  2. Create and activate a new conda environment, e.g., transformers-api with python 3.10.

conda create --name transformers-api python==3.10.15
conda activate transformers-api
  1. Run which pip and which python to verify path to make sure that your python and pip binaries are coming from your conda virtual environment. Note that the order in which you install conda vs. pip matters to set virtual env priorities.

Getting Started Locally (Start here if not using conda, just make sure you have the right version of python and pip installed)

  1. Install poetry: pip install poetry (or use pipx on link here if you prefer isolated envs and you don't have conda managing your env)

  2. Create and enter the virtual environment: poetry shell. Note: if you use conda, this step may not be necessary.

  3. Install the dependencies poetry install

  4. In c3po-model-server/app/core/env_var, create a secrets.env file and ensure it is on the .gitignore. Add the following for local dev:

MM_TOKEN="<your_preprod_mattermost_token>"

  1. Launch postgres, pgadmin, and minio via docker-compose docker-compose up --build.

  2. Visit localhost:9001. Login with user:miniouser and password:minioadmin. This is the minio console.

  3. Visit localhost:5050. Login with email:[email protected] and password:admin. This is the pgadmin console. See notes below for important details

  4. Run the app db init script ./scripts/init.sh

  5. Keeping your docker containers running, start the app in a new terminal (activate your conda env first) with ENVIRONMENT=local uvicorn app.main:versioned_app --reload.

  6. Open localhost:8000/v1/docs and start interacting with swagger!

  7. Run tests and get coverage with ENVIRONMENT=local pytest --cov, and get html reports for vs code live server (or any server) with ENVIRONMENT=local pytest --cov --cov-report=html:coverage_re

  8. You can shut down and your db / minio data will persist via docker volumes.

Adding a package

Note: instructions included in tutorial linked here

  1. Add the package, e.g., poetry add transformers or poetry add transformers --group <group_name> where <group_name> is the dependency group name, e.g., test or dev.
  2. Update the lockfile with poetry lock or poetry lock --no-update if you don't want poetry to try to update other deps within your existing versioning constraints
  3. Install the packages with poetry install, exclude certain groups if desired via adding --without <group_name>.

Updating packages

poetry update or for a specific package, poetry update transformers

Notes

  • You will see that POSTGRES_SERVER=localhost in the above steps, however, make sure that you login with hostname db in pgAdmin (under the "connection" tab in server properties). This is because the pgAdmin container is launched in the same docker network as the postgres container, so it uses the service name, whereas launching this app from command line uses port forwarding to localhost. The user, password, and db name will all be postgres, port 5432.
  • We specificy ENVIRONMENT=local because the test stage needs the default to be its variables
  • For basic CRUD, you can follow this format:
from .base import CRUDBase
from app.models.item import Item
from app.schemas.item import ItemCreate, ItemUpdate

item = CRUDBase[Item, ItemCreate, ItemUpdate](Item)
  • the env_vars for minio in P1 say secure False, but that is only because the intra-namespace comms between pods get automatically mTLS encrypted via istio, so they keep http://minio.minio:9000 as the URL inside the namespace. -aiohttp is a subdep of langchain, however, do not use it for handling web connections as there are disputed CVEs in that context (disputed as in not official, but it is possible that the risk exists). See issues here: aio-libs/aiohttp#6772 and https://github.com/aio-libs/aiohttp/issues/7208

Patching a CVE

Usually CVEs can be addressed by easily updating a release, realizing it is a false-positive, or finding a new package. Inside of P1, if there is a fix and the CVE is low-threat, you can request a whitelist and wait for the official version. However, if that does not work, you can request that git be installed in the pipeline pip install runner and use pip install with a specific commit addressing the patch. For example, before 4.30.0 was released, this transformers CVE could be patched via

pip install git+https://github.com/huggingface/transformers.git@80ca92470938bbcc348e2d9cf4734c7c25cb1c43#egg=transformers

and adding

transformers @ git+https://github.com/huggingface/transformers.git@80ca92470938bbcc348e2d9cf4734c7c25cb1c43

to the requirements.txt in place of the previous transformers installation.

Knowledge and helpful links

Tools for this repo

Environment updates

  • P1 uses pip for environment setup; locally, both poetry and pip are acceptable
  • However, ppg-common broke the pre-commit hook that keeps the poetry and pip requirements in sync
  • Process for environment updates:
  1. Update poetry: $ poetry add package==version
  2. Sync with pip: $ ./hooks/output-requirements-txt.sh
  3. Manually edit ppg-common entry in requirements.txt to ./ppg-common ; ...

Testing

In general, tensorflow and pytorch use the underlying unittest framework that comes stock with Python. However, FastAPI has a ton of great features through pytest that make testing HTTP much, much easier. Good news is that, for the most part, pytest as the runner will also handle unittest, so we can use the TF or pytorch frameworks with unittest and FastAPI with pytest. Some articles on this:

Tools for git

Tools for Docker

P1 Links

Basic Links

DevOps Links

SonarQube

Trufflehog

K8s configs

Twistlock

Iron Bank

Helpdesk Links