Merge pull request #27 from guardrails-ai/lambda-to-fargate

Guardrails As A Service Latest State
guardrails-ai · May 28, 2024 · c3f9149 · c3f9149
2 parents c332922 + 6dbe917
commit c3f9149
Show file tree

Hide file tree

Showing 64 changed files with 1,864 additions and 1,377 deletions.
diff --git a/.coveragerc b/.coveragerc
@@ -0,0 +1,4 @@
+[run]
+omit =
+    # omit any struct classes bc they will go away soon
+    src/classes/*_struct.py
diff --git a/.dockerignore b/.dockerignore
@@ -6,4 +6,5 @@ tests
 docker*
 Docker*
 *.sh
+!buildspecs/hub-install.sh
 ingestion-service-spec.yml
diff --git a/.github/workflows/pr_qa.yml b/.github/workflows/pr_qa.yml
@@ -18,7 +18,8 @@ jobs:
       - name: Quality Checks
         run: |
           python -m pip install --upgrade pip;
-          make build;
+          make install-lock;
+          opentelemetry-bootstrap -a install;
           make qa;
           
           ##

diff --git a/.github/workflows/publish_image.yml b/.github/workflows/publish_image.yml
@@ -1,10 +1,13 @@
-name: Publish Image To ER
+name: Publish Image To ECR
 on:
   push:
     branches: 
       - 'main'
   workflow_dispatch:
 
+permissions:
+  contents: read
+
 jobs:
   build:
     name: Build Image
@@ -30,9 +33,17 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
-      - name: Build, tag, and push image to Amazon ECR
+      - name: Build, tag, and push base image to Amazon ECR
         env:
           IMAGE_NAME: api
           ECR_REPO_NAME: guardrails-validation-service-test
+        run: |
+          bash buildspecs/build.sh
+      
+      - name: Build, tag, and push heavy image to Amazon ECR
+        env:
+          IMAGE_NAME: graas-heavy
+          ECR_REPO_NAME: guardrails-as-a-service-heavy-test
+          DOCKERFILE: Dockerfile.heavy
         run: |
           bash buildspecs/build.sh
diff --git a/.gitignore b/.gitignore
@@ -19,4 +19,8 @@ guardrails-custom-validators
 guardrails-api-client
 guardrails
 *.env
-opentelemetry-lambda-layer
+opentelemetry-lambda-layer
+open-api-spec.json
+open-api-spec.yml
+.python-version
+requirements-lock-old.txt
diff --git a/.guardrailsrc b/.guardrailsrc
@@ -0,0 +1 @@
+no_metrics=true
diff --git a/Dockerfile.dev b/Dockerfile.dev
@@ -1,4 +1,9 @@
-FROM public.ecr.aws/docker/library/python:3.11.5-slim
+FROM public.ecr.aws/docker/library/python:3.11.6-slim
+
+ARG GITHUB_TOKEN
+ARG HF_TOKEN
+
+# COPY .guardrailsrc /root/.guardrailsrc
 
 # Create app directory
 WORKDIR /app
@@ -13,32 +18,34 @@ ENV PATH="/opt/venv/bin:$PATH"
 
 # Install gcc
 RUN apt-get update
-RUN apt-get install -y gcc
+RUN apt-get install -y git gcc
 
-COPY ./guardrails-sdk ./guardrails-sdk
+# COPY ./guardrails-sdk ./guardrails-sdk
 
-COPY ./guard-rails-api-client ./guard-rails-api-client
+# COPY ./guard-rails-api-client ./guard-rails-api-client
 
-COPY ./guardrails-custom-validators ./guardrails-custom-validators
+# COPY ./guardrails-custom-validators ./guardrails-custom-validators
 
 # Copy the requirements file
-COPY requirements.txt .
+COPY requirements*.txt .
 
-RUN pip install ./guardrails-sdk
-RUN pip install ./guard-rails-api-client
+# RUN pip install ./guardrails-sdk
+# RUN pip install ./guard-rails-api-client
 
 # Install app dependencies
-RUN pip install -r requirements.txt
+RUN pip install -r requirements-lock.txt
 
 # Download punkt data
 RUN python -m nltk.downloader -d /opt/nltk_data punkt
 
+RUN guardrails hub install hub://guardrails/valid_length
+
 # Freeze dependencies
-RUN pip freeze > requirements.txt
+RUN pip freeze > requirements-lock.txt
 
 # Copy the whole folder inside the Image filesystem
 COPY . .
 
 EXPOSE 8000
 
-CMD opentelemetry-instrument gunicorn --bind 0.0.0.0:8000 --timeout=5 --threads=10 "app:create_app()"
+CMD opentelemetry-instrument gunicorn --bind 0.0.0.0:8000 --timeout=90 --threads=10 "app:create_app()"
diff --git a/Dockerfile.heavy b/Dockerfile.heavy
@@ -0,0 +1,48 @@
+FROM public.ecr.aws/docker/library/python:3.11.6-slim
+
+ARG GITHUB_TOKEN
+ARG HF_TOKEN
+
+# COPY --from=public.ecr.aws/awsguru/aws-lambda-adapter:0.7.1 /lambda-adapter /opt/extensions/lambda-adapter
+# COPY ./opentelemetry-lambda-layer /opt
+
+# Create app directory
+WORKDIR /app
+
+# check the version
+RUN python3 --version
+# start the virtual environment
+RUN python3 -m venv /opt/venv
+
+# Enable venv
+ENV PATH="/opt/venv/bin:$PATH"
+
+# Install git and curl
+RUN apt-get update
+RUN apt-get install -y git curl gcc jq
+
+# Copy the requirements file
+COPY requirements*.txt .
+
+RUN curl https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem -o ./global-bundle.pem
+
+# Install app dependencies
+RUN pip install -r requirements-lock.txt
+
+# Download punkt data
+RUN python -m nltk.downloader -d /opt/nltk_data punkt
+
+COPY buildspecs/hub-install.sh ./buildspecs/hub-install.sh
+RUN chmod +x ./buildspecs/hub-install.sh
+RUN ./buildspecs/hub-install.sh
+
+# Freeze dependencies
+RUN pip freeze > requirements-lock.txt
+
+# Copy the whole folder inside the Image filesystem
+COPY . .
+
+EXPOSE 8000
+
+CMD opentelemetry-instrument gunicorn --bind 0.0.0.0:8000 --timeout=90 --threads=10 "app:create_app()"
+# CMD gunicorn --forwarded-allow-ips="*" --bind 0.0.0.0:8000 --timeout=60 --threads=10 "app:create_app()"
diff --git a/Dockerfile.prod b/Dockerfile.prod
@@ -1,7 +1,7 @@
-FROM public.ecr.aws/docker/library/python:3.11.5-slim
+FROM public.ecr.aws/docker/library/python:3.11.6-slim
 
-COPY --from=public.ecr.aws/awsguru/aws-lambda-adapter:0.7.1 /lambda-adapter /opt/extensions/lambda-adapter
-COPY ./opentelemetry-lambda-layer /opt
+# COPY --from=public.ecr.aws/awsguru/aws-lambda-adapter:0.7.1 /lambda-adapter /opt/extensions/lambda-adapter
+# COPY ./opentelemetry-lambda-layer /opt
 
 # Create app directory
 WORKDIR /app
@@ -18,28 +18,24 @@ ENV PATH="/opt/venv/bin:$PATH"
 RUN apt-get update
 RUN apt-get install -y git curl gcc
 
-# Copy pre-built api client
-COPY ./guard-rails-api-client ./guard-rails-api-client
-
 # Copy the requirements file
-COPY requirements.txt .
+COPY requirements*.txt .
 
-RUN pip install ./guard-rails-api-client
-RUN pip install git+https://github.com/guardrails-ai/guardrails-internal.git@telemetry
 RUN curl https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem -o ./global-bundle.pem
 
 # Install app dependencies
-RUN pip install -r requirements.txt
+RUN pip install -r requirements-lock.txt
 
 # Download punkt data
 RUN python -m nltk.downloader -d /opt/nltk_data punkt
 
 # Freeze dependencies
-RUN pip freeze > requirements.txt
+RUN pip freeze > requirements-lock.txt
 
 # Copy the whole folder inside the Image filesystem
 COPY . .
 
 EXPOSE 8000
 
 CMD opentelemetry-instrument gunicorn --bind 0.0.0.0:8000 --timeout=5 --threads=10 "app:create_app()"
+# CMD gunicorn --forwarded-allow-ips="*" --bind 0.0.0.0:8000 --timeout=60 --threads=10 "app:create_app()"
diff --git a/Makefile b/Makefile
@@ -1,11 +1,21 @@
-build-sdk:
-	bash build-sdk.sh
+# Installs production dependencies
+install:
+	pip install -r requirements.txt;
+	opentelemetry-bootstrap -a install
+
+# Installs development dependencies
+install-dev:
+	make install
+	pip install -r requirements-dev.txt;
+
+lock:
+	pip freeze --exclude guardrails-api-client > requirements-lock.txt
+
+install-lock:
+	pip install -r requirements-lock.txt
 
 build:
-	pip install -r requirements.txt;
-	pip install git+https://github.com/guardrails-ai/guardrails-internal.git@telemetry;
-	make build-sdk;
-	pip install ./guard-rails-api-client
+	make install
 
 dev:
 	bash ./dev.sh
@@ -16,14 +26,23 @@ local:
 env:
 	if [ ! -d "./.venv" ]; then echo "Creating virtual environment..."; python3 -m venv ./.venv; fi;
 
+refresh:
+	echo "Removing old virtual environment"
+	rm -rf ./.venv;
+	echo "Creating new virtual environment"
+	python3 -m venv ./.venv;
+	echo "Sourcing and installing"
+	source ./.venv/bin/activate && make install-lock;
+
+
 format:
-	black -l 80 ./src app.py wsgi.py
+	ruff check app.py wsgi.py src/ tests/ --fix
+	ruff format app.py wsgi.py src/ tests/
 
-install:
-	pip install -r requirements.txt
 
 lint:
-	flake8 --count ./src app.py wsgi.py
+	ruff check app.py wsgi.py src/ tests/
+	ruff format app.py wsgi.py src/ tests/
 
 qa:
 	make lint
@@ -38,7 +57,7 @@ test:
 
 test-cov:
 	coverage run --source=./src -m pytest ./tests
-	coverage report --fail-under=0 ## TODO: Update with real coverage threshold after tests are backfilled
+	coverage report --fail-under=70
 
 view-test-cov:
 	coverage run --source=./src -m pytest ./tests

diff --git a/app.py b/app.py
@@ -1,18 +1,37 @@
+import os
 from flask import Flask
-from swagger_ui import api_doc
 from flask_cors import CORS
+from werkzeug.middleware.proxy_fix import ProxyFix
+from urllib.parse import urlparse
+from guardrails import configure_logging
+# from opentelemetry.instrumentation.flask import FlaskInstrumentor
 
-app = Flask(__name__)
-CORS(app)
+
+class ReverseProxied(object):
+    def __init__(self, app):
+        self.app = app
+
+    def __call__(self, environ, start_response):
+        self_endpoint = os.environ.get("SELF_ENDPOINT", "http://localhost:8000")
+        url = urlparse(self_endpoint)
+        environ["wsgi.url_scheme"] = url.scheme
+        return self.app(environ, start_response)
 
 
 def create_app():
-    api_doc(
-        app,
-        config_path="./open-api-spec.yml",
-        url_prefix="/docs",
-        title="GuardRails API Docs",
-    )
+    app = Flask(__name__)
+
+    app.config["APPLICATION_ROOT"] = "/"
+    app.config["PREFERRED_URL_SCHEME"] = "https"
+    app.wsgi_app = ReverseProxied(app.wsgi_app)
+    CORS(app)
+
+    app.wsgi_app = ProxyFix(app.wsgi_app, x_for=1, x_proto=1, x_host=1, x_port=1)
+
+    guardrails_log_level = os.environ.get("GUARDRAILS_LOG_LEVEL", "INFO")
+    configure_logging(log_level=guardrails_log_level)
+
+    # FlaskInstrumentor().instrument_app(app)
 
     from src.clients.postgres_client import PostgresClient
 

diff --git a/build-sdk.sh b/build-sdk.sh
diff --git a/buildspecs/build.sh b/buildspecs/build.sh
@@ -6,22 +6,29 @@ imageName="${IMAGE_NAME:-validation-service}";
 repoName="${ECR_REPO_NAME:-guardrails-validation-service-test}";
 commitSha=$(git rev-parse HEAD);
 region="${AWS_DEFAULT_REGION:-us-east-1}";
+dockerfile="${DOCKERFILE:-Dockerfile.prod}";
 defaultEcrEndpoint="${accountId}.dkr.ecr.${region}.amazonaws.com";
 ecrEndpoint="${ECR_ENDPOINT:-$defaultEcrEndpoint}"
 ecrImageUrl="${ecrEndpoint}/${repoName}";
 
+# Fetch latest API Specification
+curl https://raw.githubusercontent.com/guardrails-ai/guardrails-api-client/main/service-specs/guardrails-service-spec.yml -o ./open-api-spec.yml
+# Dereference API Spec to JSON
+npx @redocly/cli bundle --dereferenced --output ./open-api-spec.json --ext json ./open-api-spec.yml
+
+
 # Setup unpublished api client
-echo "Building api client..."
-bash build-sdk.sh
+# echo "Building api client..."
+# bash build-sdk.sh
 
 # Building OTEL Collector extension
-if [ -d "opentelemetry-lambda-layer" ]; then
-  rm -rf opentelemetry-lambda-layer
-fi
+# if [ -d "opentelemetry-lambda-layer" ]; then
+#   rm -rf opentelemetry-lambda-layer
+# fi
 
-curl $(aws lambda get-layer-version-by-arn --arn arn:aws:lambda:us-east-1:184161586896:layer:opentelemetry-collector-arm64-0_2_0:1 --query 'Content.Location' --output text) --output otel-collector.zip
-unzip otel-collector.zip -d ./opentelemetry-lambda-layer
-rm otel-collector.zip
+# curl $(aws lambda get-layer-version-by-arn --arn arn:aws:lambda:us-east-1:184161586896:layer:opentelemetry-collector-arm64-0_2_0:1 --query 'Content.Location' --output text) --output otel-collector.zip
+# unzip otel-collector.zip -d ./opentelemetry-lambda-layer
+# rm otel-collector.zip
 
 echo "Performing docker build"
 docker login -u AWS -p $(aws ecr get-login-password --region $region) $ecrEndpoint;
@@ -31,7 +38,9 @@ docker buildx build \
   --progress plain \
   --no-cache \
   --build-arg CACHEBUST="$(date)" \
-  -f Dockerfile.prod \
+  --build-arg GITHUB_TOKEN="$GITHUB_TOKEN" \
+  --build-arg HF_TOKEN="$HF_TOKEN" \
+  -f "$DOCKERFILE" \
   -t "$imageName:$commitSha" \
   -t "$imageName:latest" . \
   || exit 1;

diff --git a/buildspecs/heavy-build.sh b/buildspecs/heavy-build.sh
@@ -0,0 +1,5 @@
+export IMAGE_NAME="graas-heavy"
+export ECR_REPO_NAME="guardrails-as-a-service-heavy-test"
+export DOCKERFILE="Dockerfile.heavy"
+
+bash buildspecs/build.sh
-Original file line number
+Diff line change
@@ Expand Up / @@ -6,4 +6,5 @@ tests @@
     docker*
     Docker*
     *.sh
+    !buildspecs/hub-install.sh
     ingestion-service-spec.yml