diff --git a/.bumpversion.cfg b/.bumpversion.cfg index ad0c22faaf1..bc1454f470f 100644 --- a/.bumpversion.cfg +++ b/.bumpversion.cfg @@ -44,14 +44,6 @@ first_value = 1 [bumpversion:file:packages/grid/helm/syft/Chart.yaml] -[bumpversion:file:packages/grid/podman/podman-kube/podman-syft-kube.yaml] - -[bumpversion:file:packages/grid/podman/podman-kube/podman-syft-kube-config.yaml] - [bumpversion:file:packages/grid/helm/syft/values.yaml] -[bumpversion:file:packages/hagrid/hagrid/manifest_template.yml] - -[bumpversion:file:packages/hagrid/hagrid/deps.py] - [bumpversion:file:packages/syftcli/manifest.yml] diff --git a/.bumpversion_stable.cfg b/.bumpversion_stable.cfg index 806698f59f1..52b011ac7b1 100644 --- a/.bumpversion_stable.cfg +++ b/.bumpversion_stable.cfg @@ -13,7 +13,3 @@ serialize = {major}.{minor}.{patch} [bumpversion:file:packages/syft/src/syft/stable_version.py] - -[bumpversion:file:packages/hagrid/hagrid/stable_version.py] - -[bumpversion:file:packages/hagrid/hagrid/cache.py] diff --git a/.github/file-filters.yml b/.github/file-filters.yml index 1d0a44134cc..be000a84640 100644 --- a/.github/file-filters.yml +++ b/.github/file-filters.yml @@ -27,17 +27,6 @@ backend: - packages/grid/backend/**/*.sh - packages/grid/backend/**/*.mako -hagrid: - - .github/workflows/pr-tests-hagrid.yml - - packages/hagrid/**/*.py - - packages/hagrid/**/*.cfg - - packages/hagrid/**/*.yml - - packages/hagrid/**/*.dockerfile - - packages/hagrid/**/*.toml - - packages/hagrid/**/*.txt - - packages/hagrid/**/*.ini - - packages/hagrid/**/*.sh - syft: - .github/workflows/pr-tests-syft.yml - packages/syft/**/*.py diff --git a/.github/workflows/cd-hagrid.yml b/.github/workflows/cd-hagrid.yml deleted file mode 100644 index a17f61ec519..00000000000 --- a/.github/workflows/cd-hagrid.yml +++ /dev/null @@ -1,108 +0,0 @@ -name: CD - HAGrid - -on: - schedule: - - cron: "00 10 * * */3" # At 10:00 UTC on every three days - - workflow_dispatch: - inputs: - skip_tests: - description: "If true, skip tests" - required: false - default: "false" - -# Prevents concurrent runs of the same workflow -# while the previous run is still in progress -concurrency: - group: "CD - Hagrid" - cancel-in-progress: false - -jobs: - call-pr-tests-linting: - if: github.repository == 'OpenMined/PySyft' && (github.event.inputs.skip_tests == 'false' || github.event_name == 'schedule') # don't run on forks - uses: OpenMined/PySyft/.github/workflows/pr-tests-linting.yml@dev - - call-pr-tests-syft: - if: github.repository == 'OpenMined/PySyft' && (github.event.inputs.skip_tests == 'false' || github.event_name == 'schedule') # don't run on forks - uses: OpenMined/PySyft/.github/workflows/pr-tests-syft.yml@dev - - call-pr-tests-stack: - if: github.repository == 'OpenMined/PySyft' && (github.event.inputs.skip_tests == 'false' || github.event_name == 'schedule') # don't run on forks - uses: OpenMined/PySyft/.github/workflows/pr-tests-stack.yml@dev - secrets: inherit - - call-hagrid-tests: - if: github.repository == 'OpenMined/PySyft' && (github.event.inputs.skip_tests == 'false' || github.event_name == 'schedule') # don't run on forks - uses: OpenMined/PySyft/.github/workflows/pr-tests-hagrid.yml@dev - - deploy-hagrid: - needs: - [ - call-pr-tests-linting, - call-pr-tests-syft, - call-pr-tests-stack, - call-hagrid-tests, - ] - if: always() && (needs.call-pr-tests-linting.result == 'success' && needs.call-pr-tests-syft.result == 'success' && needs.call-pr-tests-stack.result == 'success' && needs.call-hagrid-tests.result == 'success' || github.event.inputs.skip_tests == 'true') - runs-on: ubuntu-latest - - outputs: - current_hash: ${{ steps.get_hash.outputs.current_hash }} - previous_hash: ${{ steps.get_hash.outputs.previous_hash }} - steps: - - uses: actions/checkout@v4 - with: - token: ${{ secrets.SYFT_BOT_COMMIT_TOKEN }} - - name: Install checksumdir - run: | - pip install --upgrade checksumdir - - name: Get the hashes - id: get-hashes - shell: bash - run: | - current_hash=$(checksumdir ./packages/hagrid) - echo "current_hash=$current_hash" >> $GITHUB_OUTPUT - previous_hash=$(cat ./scripts/hagrid_hash) - - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: "3.12" - - - name: Install dependencies - if: ${{needs.hagrid-deploy.outputs.current_hash}} != ${{needs.hagrid-deploy.outputs.previous_hash}} - run: | - python -m pip install --upgrade pip - pip install --upgrade tox setuptools wheel twine bump2version PyYAML - - - name: Bump the Version - if: ${{needs.hagrid-deploy.outputs.current_hash}} != ${{needs.hagrid-deploy.outputs.previous_hash}} - run: | - python3 hagrid/version.py - python3 scripts/update_manifest.py - bump2version patch --allow-dirty --no-commit - tox -e lint || true - python3 hagrid/version.py - working-directory: ./packages/hagrid - - - name: Write the new hash - if: ${{needs.hagrid-deploy.outputs.current_hash}} != ${{needs.hagrid-deploy.outputs.previous_hash}} - run: echo $(checksumdir packages/hagrid) > ./scripts/hagrid_hash - - - name: Commit changes - if: ${{needs.hagrid-deploy.outputs.current_hash}} != ${{needs.hagrid-deploy.outputs.previous_hash}} - uses: EndBug/add-and-commit@v9 - with: - author_name: ${{ secrets.OM_BOT_NAME }} - author_email: ${{ secrets.OM_BOT_EMAIL }} - message: "[hagrid] bump version" - add: "['./packages/hagrid/.bumpversion.cfg','./packages/hagrid/setup.py','./packages/hagrid/hagrid/version.py', './scripts/hagrid_hash', './packages/hagrid/hagrid/manifest_template.yml']" - - - name: Build and publish - if: ${{needs.hagrid-deploy.outputs.current_hash}} != ${{needs.hagrid-deploy.outputs.previous_hash}} - env: - TWINE_USERNAME: __token__ - TWINE_PASSWORD: ${{ secrets.HAGRID_BUMP_TOKEN }} - run: | - tox -e hagrid.publish - twine upload packages/hagrid/dist/* diff --git a/.github/workflows/cd-post-release-tests.yml b/.github/workflows/cd-post-release-tests.yml index 36bd38c6131..370469ea0bb 100644 --- a/.github/workflows/cd-post-release-tests.yml +++ b/.github/workflows/cd-post-release-tests.yml @@ -30,105 +30,6 @@ on: default: "REAL_PYPI" jobs: - notebook-test-hagrid: - if: github.event.inputs.release_platform == 'REAL_PYPI' - strategy: - max-parallel: 99 - matrix: - os: [ubuntu-latest] - python-version: ["3.12"] - - runs-on: ${{ matrix.os }} - steps: - - uses: actions/checkout@v4 - - # free 10GB of space - - name: Remove unnecessary files - if: matrix.os == 'ubuntu-latest' - run: | - sudo rm -rf /usr/share/dotnet - sudo rm -rf "$AGENT_TOOLSDIRECTORY" - docker image prune --all --force - docker builder prune --all --force - docker system prune --all --force - - - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v5 - - with: - python-version: ${{ matrix.python-version }} - - - name: Upgrade pip - run: | - python -m pip install --upgrade --user pip - - - name: Get pip cache dir - id: pip-cache - shell: bash - run: | - echo "dir=$(pip cache dir)" >> $GITHUB_OUTPUT - - - name: pip cache - uses: actions/cache@v4 - with: - path: ${{ steps.pip-cache.outputs.dir }} - key: ${{ runner.os }}-pip-py${{ matrix.python-version }}-${{ hashFiles('setup.cfg') }} - restore-keys: | - ${{ runner.os }}-pip-py${{ matrix.python-version }}- - - - name: Install Hagrid, tox and uv - run: | - pip install -U hagrid - pip install --upgrade pip uv==0.1.35 tox tox-uv==1.5.1 - - - name: Hagrid Version - run: | - hagrid version - - - name: Remove existing containers - continue-on-error: true - shell: bash - run: | - docker rm $(docker ps -aq) --force || true - docker volume prune -f || true - docker buildx use default || true - - - name: Launch Domain - run: | - hagrid launch test-domain-1 to docker:8081 --tag=${{ inputs.syft_version }} --low-side - - - name: Run tests - env: - NODE_PORT: "8081" - SYFT_VERSION: ${{ inputs.syft_version }} - EXCLUDE_NOTEBOOKS: "not 11-container-images-k8s.ipynb" - run: | - tox -e e2e.test.notebook - - #Run log collector python script - - name: Run log collector - timeout-minutes: 5 - if: failure() - shell: bash - run: | - python ./scripts/container_log_collector.py - - # Get Job name and url - - name: Get job name and url - id: job_name - if: failure() - shell: bash - run: | - echo "job_name=$(echo ${{ github.job }})" >> $GITHUB_OUTPUT - echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT - - - name: Upload logs to GitHub - uses: actions/upload-artifact@master - if: failure() - with: - name: ${{ matrix.os }}-${{ steps.job_name.outputs.job_name }}-logs-${{ steps.job_name.outputs.date }} - path: ./logs/${{ steps.job_name.outputs.job_name}}/ - syft-install-check: strategy: max-parallel: 99 @@ -290,9 +191,8 @@ jobs: pip install syft[data_science,dev]==${{ inputs.syft_version }} fi - - name: Install Hagrid, tox and uv + - name: Install tox and uv run: | - pip install -U hagrid pip install --upgrade pip uv==0.1.35 tox tox-uv==1.5.1 tox-current-env - name: Run unit tests diff --git a/.github/workflows/cd-syft.yml b/.github/workflows/cd-syft.yml index b842cd0d84e..486196ecbdb 100644 --- a/.github/workflows/cd-syft.yml +++ b/.github/workflows/cd-syft.yml @@ -396,7 +396,6 @@ jobs: bump2version prenum --allow-dirty --no-commit ls **/VERSION | xargs -I {} python {} cat packages/grid/devspace.yaml | grep '0\.' - python packages/hagrid/scripts/update_manifest.py $(python packages/grid/VERSION) - name: Generate Release Metadata id: release_checks @@ -460,7 +459,7 @@ jobs: author_name: ${{ secrets.OM_BOT_NAME }} author_email: ${{ secrets.OM_BOT_EMAIL }} message: "[syft]bump version" - add: "['.bumpversion.cfg', 'VERSION', 'packages/grid/VERSION','packages/syft/PYPI.md', 'packages/grid/devspace.yaml', 'packages/syft/src/syft/VERSION', 'packages/syft/setup.cfg', 'packages/grid/frontend/package.json', 'packages/syft/src/syft/__init__.py', 'packages/hagrid/hagrid/manifest_template.yml', 'packages/grid/helm/syft/Chart.yaml','packages/grid/helm/repo', 'packages/hagrid/hagrid/deps.py', 'packages/grid/podman/podman-kube/podman-syft-kube.yaml' ,'packages/grid/podman/podman-kube/podman-syft-kube-config.yaml', 'packages/syftcli/manifest.yml', 'packages/syft/src/syft/protocol/protocol_version.json', 'packages/syft/src/syft/protocol/releases/', 'packages/grid/backend/grid/images/worker_cpu.dockerfile','packages/grid/helm/syft/values.yaml','packages/grid/helm/syft']" + add: "['.bumpversion.cfg', 'VERSION', 'packages/grid/VERSION','packages/syft/PYPI.md', 'packages/grid/devspace.yaml', 'packages/syft/src/syft/VERSION', 'packages/syft/setup.cfg', 'packages/grid/frontend/package.json', 'packages/syft/src/syft/__init__.py', 'packages/grid/helm/syft/Chart.yaml','packages/grid/helm/repo', 'packages/syftcli/manifest.yml', 'packages/syft/src/syft/protocol/protocol_version.json', 'packages/syft/src/syft/protocol/releases/', 'packages/grid/backend/grid/images/worker_cpu.dockerfile','packages/grid/helm/syft/values.yaml','packages/grid/helm/syft']" - name: Changes to commit to Syft Repo during stable release if: needs.merge-docker-images.outputs.release_tag == 'latest' @@ -539,7 +538,6 @@ jobs: files: | ./packages/syftcli/manifest.yml ./build/syftcli-config/* - ./packages/hagrid/hagrid/manifest_template.yml tag_name: v${{ steps.release_checks.outputs.github_release_version }} # Checkout to gh-pages and update helm repo diff --git a/.github/workflows/e2e-tests-notebook.yml b/.github/workflows/e2e-tests-notebook.yml index a7fe68cee6b..10c3eb84e2d 100644 --- a/.github/workflows/e2e-tests-notebook.yml +++ b/.github/workflows/e2e-tests-notebook.yml @@ -40,7 +40,7 @@ on: type: string jobs: - notebook-test-hagrid: + notebook-test-e2e: strategy: max-parallel: 99 matrix: diff --git a/.github/workflows/manual-delete-buildjet-cache.yml b/.github/workflows/manual-delete-buildjet-cache.yml deleted file mode 100644 index 97370c02406..00000000000 --- a/.github/workflows/manual-delete-buildjet-cache.yml +++ /dev/null @@ -1,22 +0,0 @@ -name: Manually Delete BuildJet Cache -on: - workflow_dispatch: - inputs: - cache_key: - description: "BuildJet Cache Key to Delete" - required: true - type: string -jobs: - manually-delete-buildjet-cache: - strategy: - matrix: - os: [ubuntu-latest] - python-version: ["3.10", "3.11", "3.12"] - - runs-on: ${{ matrix.os }} - steps: - - name: Checkout - uses: actions/checkout@v4 - - uses: buildjet/cache-delete@v1 - with: - cache_key: ${{ inputs.cache_key }} diff --git a/.github/workflows/nightlies.yml b/.github/workflows/nightlies.yml index 6db4d8df53c..491b4dd6aad 100644 --- a/.github/workflows/nightlies.yml +++ b/.github/workflows/nightlies.yml @@ -14,10 +14,6 @@ jobs: if: github.repository == 'OpenMined/PySyft' # don't run on forks uses: OpenMined/PySyft/.github/workflows/pr-tests-linting.yml@dev - call-pr-tests-hagrid: - if: github.repository == 'OpenMined/PySyft' # don't run on forks - uses: OpenMined/PySyft/.github/workflows/pr-tests-hagrid.yml@dev - call-pr-tests-syft: if: github.repository == 'OpenMined/PySyft' # don't run on forks uses: OpenMined/PySyft/.github/workflows/pr-tests-syft.yml@dev diff --git a/.github/workflows/pr-tests-frontend.yml b/.github/workflows/pr-tests-frontend.yml index 7d669b61da8..bf36991a385 100644 --- a/.github/workflows/pr-tests-frontend.yml +++ b/.github/workflows/pr-tests-frontend.yml @@ -61,13 +61,13 @@ jobs: if: steps.changes.outputs.frontend == 'true' with: path: ${{ steps.pip-cache.outputs.dir }} - key: ${{ runner.os }}-uv-py${{ matrix.python-version }}-${{ hashFiles('packages/hagrid/setup.cfg') }} + key: ${{ runner.os }}-uv-py${{ matrix.python-version }}-frontend restore-keys: | ${{ runner.os }}-uv-py${{ matrix.python-version }}- - name: Docker on MacOS if: steps.changes.outputs.frontend == 'true' && matrix.os == 'macos-latest' - uses: crazy-max/ghaction-setup-docker@v3.1.0 + uses: crazy-max/ghaction-setup-docker@v3.2.0 - name: Install Tox if: steps.changes.outputs.frontend == 'true' diff --git a/.github/workflows/pr-tests-hagrid.yml b/.github/workflows/pr-tests-hagrid.yml deleted file mode 100644 index a8e0e30e93f..00000000000 --- a/.github/workflows/pr-tests-hagrid.yml +++ /dev/null @@ -1,81 +0,0 @@ -name: PR Tests - HAGrid - -on: - workflow_call: - - pull_request: - branches: - - dev - - main - - "0.8" - -concurrency: - group: hagrid-${{ github.event_name == 'pull_request' && format('{0}-{1}', github.workflow, github.event.pull_request.number) || github.workflow_ref }} - cancel-in-progress: true - -defaults: - run: - working-directory: ./packages/hagrid - -jobs: - pr-tests-syft-hagrid-comptability: - strategy: - max-parallel: 99 - matrix: - os: [ubuntu-latest] - python-version: ["3.11"] - syft-version: ["0.8.2", "0.8.2b6", "0.8.3"] - - runs-on: ${{ matrix.os }} - steps: - - uses: actions/checkout@v4 - - - name: Check for file changes - uses: dorny/paths-filter@v3 - id: changes - with: - base: ${{ github.ref }} - token: ${{ github.token }} - filters: .github/file-filters.yml - - - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v5 - if: steps.changes.outputs.hagrid == 'true' - with: - python-version: ${{ matrix.python-version }} - - - name: Upgrade pip - if: steps.changes.outputs.hagrid == 'true' - run: | - python -m pip install --upgrade --user pip - - - name: Get pip cache dir - id: pip-cache - if: steps.changes.outputs.hagrid == 'true' - shell: bash - run: | - echo "dir=$(pip cache dir)" >> $GITHUB_OUTPUT - - - name: pip cache - uses: actions/cache@v4 - if: steps.changes.outputs.hagrid == 'true' - with: - path: ${{ steps.pip-cache.outputs.dir }} - key: ${{ runner.os }}-pip-py${{ matrix.python-version }}-${{ hashFiles('packages/syft/setup.cfg') }} - restore-keys: | - ${{ runner.os }}-pip-py${{ matrix.python-version }}-${{ hashFiles('packages/syft/setup.cfg') }} - - # https://github.com/google/jax/issues/17693 - # pinning ml-dtypes due to jax version==0.4.10 - - name: Install Syft ${{ matrix.syft-version }} - if: steps.changes.outputs.hagrid == 'true' - run: | - pip install ml-dtypes==0.2.0 - pip install syft==${{ matrix.syft-version }} - pip install . - - - name: Run Orchestra Command - if: steps.changes.outputs.hagrid == 'true' - run: | - python -c "import syft as sy; domain1 = sy.orchestra.launch(name='test-domain-1', dev_mode=True, reset=True)" - python -c "import syft as sy; domain2 = sy.orchestra.launch(name='test-domain-2',dev_mode=False, reset=True)" diff --git a/.github/workflows/pr-tests-stack-arm64.yml b/.github/workflows/pr-tests-stack-arm64.yml index 6dc275c8f6b..7bb4e07de40 100644 --- a/.github/workflows/pr-tests-stack-arm64.yml +++ b/.github/workflows/pr-tests-stack-arm64.yml @@ -1,102 +1,104 @@ -name: PR Tests - Stack - Arm64 - -on: - workflow_call: - - workflow_dispatch: - inputs: - none: - description: "Run Version Tests Manually" - required: false - -concurrency: - group: stackarm64-${{ github.event_name == 'pull_request' && format('{0}-{1}', github.workflow, github.event.pull_request.number) || github.workflow_ref }} - cancel-in-progress: true - -jobs: - pr-tests-stack-arm64: - strategy: - max-parallel: 3 - matrix: - os: [ubuntu-latest] - python-version: ["3.12"] - - runs-on: ${{matrix.os}} - - steps: - # - name: set permissions on work folder for self-runners - # run: | - # sudo chown -R $USER:$USER ~/actions-runner/_work/ - - - uses: actions/checkout@v4 - - # free 10GB of space - - name: Remove unnecessary files - if: matrix.os == 'ubuntu-latest' - run: | - sudo rm -rf /usr/share/dotnet - sudo rm -rf "$AGENT_TOOLSDIRECTORY" - docker image prune --all --force - docker builder prune --all --force - docker system prune --all --force - - - name: Check for file changes - uses: dorny/paths-filter@v3 - id: changes - with: - base: ${{ github.ref }} - token: ${{ github.token }} - filters: .github/file-filters.yml - - - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v5 - with: - python-version: ${{ matrix.python-version }} - - - name: Upgrade pip - run: | - pip install --upgrade pip uv==0.1.35 - uv --version - - # - name: Get pip cache dir - # id: pip-cache - # shell: bash - # run: | - # echo "dir=$(uv cache dir)" >> $GITHUB_OUTPUT - - # - name: pip cache - # uses: actions/cache@v3 - # with: - # path: ${{ steps.pip-cache.outputs.dir }} - # key: ${{ runner.os }}-uv-py${{ matrix.python-version }} - # restore-keys: | - # ${{ runner.os }}-uv-py${{ matrix.python-version }} - - - name: Install tox - run: | - pip install --upgrade tox tox-uv==1.5.1 - - - name: Install Docker Compose - if: runner.os == 'Linux' - shell: bash - run: | - mkdir -p ~/.docker/cli-plugins - DOCKER_COMPOSE_VERSION=v2.21.0 - curl -sSL https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE_VERSION}/docker-compose-linux-x86_64 -o ~/.docker/cli-plugins/docker-compose - chmod +x ~/.docker/cli-plugins/docker-compose - - - name: Setup linux/arm64 Docker - run: | - docker rm $(docker ps -aq) --force || true - docker volume prune -f || true - docker buildx create --platform linux/arm64 --name arm64builder || true - docker buildx use arm64builder || true - docker run --privileged --rm tonistiigi/binfmt --install arm64 - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes - - - name: Run integration tests - uses: nick-fields/retry@v3 - with: - timeout_seconds: 36000 - max_attempts: 3 - command: EMULATION="true" HAGRID_FLAGS="--tag=local --test --platform linux/arm64" tox -e stack.test.integration +# The following test is disable temporarily until we switch to +# Self hosted runners for running the arm64 tests +# name: PR Tests - Stack - Arm64 + +# on: +# workflow_call: + +# workflow_dispatch: +# inputs: +# none: +# description: "Run Version Tests Manually" +# required: false + +# concurrency: +# group: stackarm64-${{ github.event_name == 'pull_request' && format('{0}-{1}', github.workflow, github.event.pull_request.number) || github.workflow_ref }} +# cancel-in-progress: true + +# jobs: +# pr-tests-stack-arm64: +# strategy: +# max-parallel: 3 +# matrix: +# os: [ubuntu-latest] +# python-version: ["3.12"] + +# runs-on: ${{matrix.os}} + +# steps: +# # - name: set permissions on work folder for self-runners +# # run: | +# # sudo chown -R $USER:$USER ~/actions-runner/_work/ + +# - uses: actions/checkout@v4 + +# # free 10GB of space +# - name: Remove unnecessary files +# if: matrix.os == 'ubuntu-latest' +# run: | +# sudo rm -rf /usr/share/dotnet +# sudo rm -rf "$AGENT_TOOLSDIRECTORY" +# docker image prune --all --force +# docker builder prune --all --force +# docker system prune --all --force + +# - name: Check for file changes +# uses: dorny/paths-filter@v3 +# id: changes +# with: +# base: ${{ github.ref }} +# token: ${{ github.token }} +# filters: .github/file-filters.yml + +# - name: Set up Python ${{ matrix.python-version }} +# uses: actions/setup-python@v5 +# with: +# python-version: ${{ matrix.python-version }} + +# - name: Upgrade pip +# run: | +# pip install --upgrade pip uv==0.1.35 +# uv --version + +# # - name: Get pip cache dir +# # id: pip-cache +# # shell: bash +# # run: | +# # echo "dir=$(uv cache dir)" >> $GITHUB_OUTPUT + +# # - name: pip cache +# # uses: actions/cache@v3 +# # with: +# # path: ${{ steps.pip-cache.outputs.dir }} +# # key: ${{ runner.os }}-uv-py${{ matrix.python-version }} +# # restore-keys: | +# # ${{ runner.os }}-uv-py${{ matrix.python-version }} + +# - name: Install tox +# run: | +# pip install --upgrade tox tox-uv==1.5.1 + +# - name: Install Docker Compose +# if: runner.os == 'Linux' +# shell: bash +# run: | +# mkdir -p ~/.docker/cli-plugins +# DOCKER_COMPOSE_VERSION=v2.21.0 +# curl -sSL https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE_VERSION}/docker-compose-linux-x86_64 -o ~/.docker/cli-plugins/docker-compose +# chmod +x ~/.docker/cli-plugins/docker-compose + +# - name: Setup linux/arm64 Docker +# run: | +# docker rm $(docker ps -aq) --force || true +# docker volume prune -f || true +# docker buildx create --platform linux/arm64 --name arm64builder || true +# docker buildx use arm64builder || true +# docker run --privileged --rm tonistiigi/binfmt --install arm64 +# docker run --rm --privileged multiarch/qemu-user-static --reset -p yes + +# - name: Run integration tests +# uses: nick-fields/retry@v3 +# with: +# timeout_seconds: 36000 +# max_attempts: 3 +# command: tox -e stack.test.integration diff --git a/.github/workflows/pr-tests-stack-public.yml b/.github/workflows/pr-tests-stack-public.yml deleted file mode 100644 index 46f71b40b3f..00000000000 --- a/.github/workflows/pr-tests-stack-public.yml +++ /dev/null @@ -1,217 +0,0 @@ -name: PR Tests - Stack - Public - -on: - workflow_call: - - workflow_dispatch: - inputs: - none: - description: "Run Stack Integration Tests Manually" - required: false - -concurrency: - group: stackpublic-${{ github.event_name == 'pull_request' && format('{0}-{1}', github.workflow, github.event.pull_request.number) || github.workflow_ref }} - cancel-in-progress: true - -jobs: - pr-tests-stack-public: - strategy: - max-parallel: 99 - matrix: - # issues with macos 14 arm https://github.com/crazy-max/ghaction-setup-docker/pull/53 - os: [ubuntu-latest, macos-13, windows-latest] - python-version: ["3.12"] - pytest-modules: ["frontend network"] - fail-fast: false - - runs-on: ${{matrix.os}} - - steps: - - name: "clean .git/config" - if: matrix.os == 'windows-latest' - continue-on-error: true - shell: bash - run: | - echo "deleting ${GITHUB_WORKSPACE}/.git/config" - rm ${GITHUB_WORKSPACE}/.git/config - - - uses: actions/checkout@v4 - - - name: Check for file changes - uses: dorny/paths-filter@v3 - id: changes - with: - base: ${{ github.ref }} - token: ${{ github.token }} - filters: .github/file-filters.yml - - - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v5 - if: steps.changes.outputs.stack == 'true' - with: - python-version: ${{ matrix.python-version }} - - - name: Upgrade pip - if: steps.changes.outputs.stack == 'true' - run: | - pip install --upgrade pip uv==0.1.35 - uv --version - - - name: Get pip cache dir - if: steps.changes.outputs.stack == 'true' - id: pip-cache - shell: bash - run: | - echo "dir=$(uv cache dir)" >> $GITHUB_OUTPUT - - - name: pip cache - uses: actions/cache@v4 - if: steps.changes.outputs.stack == 'true' - with: - path: ${{ steps.pip-cache.outputs.dir }} - key: ${{ runner.os }}-uv-py${{ matrix.python-version }} - restore-keys: | - ${{ runner.os }}-uv-py${{ matrix.python-version }} - - - name: Install tox - if: steps.changes.outputs.stack == 'true' - run: | - pip install --upgrade tox tox-uv==1.5.1 - - - name: Show choco installed packages - if: steps.changes.outputs.stack == 'true' && matrix.os == 'windows-latest' - uses: crazy-max/ghaction-chocolatey@v3 - with: - args: list - - - name: Install git - if: steps.changes.outputs.stack == 'true' && matrix.os == 'windows-latest' - uses: crazy-max/ghaction-chocolatey@v3 - with: - args: install git.install --params "/GitAndUnixToolsOnPath /WindowsTerminal /NoAutoCrlf" -y - - - name: Install cmake - if: steps.changes.outputs.stack == 'true' && matrix.os == 'windows-latest' - uses: crazy-max/ghaction-chocolatey@v3 - with: - args: install cmake.portable --installargs 'ADD_CMAKE_TO_PATH=System' -y - - - name: Check cmake version - if: steps.changes.outputs.stack == 'true' && matrix.os == 'windows-latest' - run: | - cmake --version - shell: cmd - - - name: Install visualcpp-build-tools - if: steps.changes.outputs.stack == 'true' && matrix.os == 'windows-latest' - uses: crazy-max/ghaction-chocolatey@v3 - with: - args: install visualstudio2019-workload-vctools -y - - - name: Install Docker Compose - if: steps.changes.outputs.stack == 'true' && runner.os == 'Linux' - shell: bash - run: | - mkdir -p ~/.docker/cli-plugins - DOCKER_COMPOSE_VERSION=v2.21.0 - curl -sSL https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE_VERSION}/docker-compose-linux-x86_64 -o ~/.docker/cli-plugins/docker-compose - chmod +x ~/.docker/cli-plugins/docker-compose - - - name: Docker on MacOS - if: steps.changes.outputs.stack == 'true' && matrix.os == 'macos-13' - uses: crazy-max/ghaction-setup-docker@v3.2.0 - - - name: Docker Compose on MacOS - if: steps.changes.outputs.stack == 'true' && matrix.os == 'macos-13' - shell: bash - run: | - brew install docker-compose - mkdir -p ~/.docker/cli-plugins - ln -sfn /usr/local/opt/docker-compose/bin/docker-compose ~/.docker/cli-plugins/docker-compose || true - docker compose version - - - name: Remove existing containers - if: steps.changes.outputs.stack == 'true' - continue-on-error: true - shell: bash - run: | - docker rm $(docker ps -aq) --force || true - docker volume prune -f || true - docker buildx use default || true - - # - name: Run integration tests - # if: steps.changes.outputs.stack == 'true' - # timeout-minutes: 60 - # env: - # HAGRID_ART: false - # PYTEST_MODULES: "${{ matrix.pytest-modules }}" - # HAGRID_FLAGS: "--tag=beta --test --build-src=dev" - # run: | - # tox -e stack.test.integration - - - name: Run integration tests - uses: nick-fields/retry@v3 - if: steps.changes.outputs.stack == 'true' - env: - HAGRID_ART: false - PYTEST_MODULES: "${{ matrix.pytest-modules }}" - HAGRID_FLAGS: "--tag=beta --test --build-src=dev" - with: - timeout_seconds: 1800 - max_attempts: 3 - command: tox -e stack.test.integration - continue-on-error: true - - - name: Reboot node - if: matrix.os == 'windows-latest' && failure() - run: | - shutdown /r /t 1 - - - name: Run log collector - timeout-minutes: 5 - if: failure() - shell: bash - run: | - python ./scripts/container_log_collector.py - - - name: Get job name and url - id: job_name - if: failure() - shell: bash - run: | - echo "job_name=$(echo ${{ github.job }})" >> $GITHUB_OUTPUT - echo "url=$(echo ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})" >> $GITHUB_OUTPUT - - - name: Get current date - id: date - if: failure() - shell: bash - run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT - - - name: Upload logs to GitHub - uses: actions/upload-artifact@master - if: failure() - with: - name: ${{ matrix.os }}-${{ steps.job_name.outputs.job_name }}-${{ matrix.pytest-modules }}-logs-${{ steps.date.outputs.date }} - path: ./logs/${{ steps.job_name.outputs.job_name}}/ - - - name: Get pull request url - id: pull_request - if: failure() - shell: bash - run: | - echo "url=$(echo ${{ github.event.pull_request.html_url }})" >> $GITHUB_OUTPUT - - - name: Job Report Status - if: github.repository == 'OpenMined/PySyft' && failure() - uses: ravsamhq/notify-slack-action@v2 - with: - status: ${{ job.status }} - notify_when: "failure" - notification_title: " {workflow} has {status_message}" - message_format: "${{matrix.os}} {emoji} *{job}* {status_message} in {run_url}" - footer: "Find the PR here ${{ steps.pull_request.outputs.url }}" - mention_users: "U01LNCACY03,U8KUAD396,UNMQ2SJSW,U01SAESBJA0" - mention_users_when: "failure,warnings" - env: - SLACK_WEBHOOK_URL: ${{ secrets.ACTION_MONITORING_SLACK_WEBHOOK_URL }} diff --git a/.github/workflows/pr-tests-syft.yml b/.github/workflows/pr-tests-syft.yml index f2bee6a78cf..046dea143e0 100644 --- a/.github/workflows/pr-tests-syft.yml +++ b/.github/workflows/pr-tests-syft.yml @@ -86,7 +86,7 @@ jobs: # - name: Docker on MacOS # if: steps.changes.outputs.syft == 'true' && matrix.os == 'macos-latest' - # uses: crazy-max/ghaction-setup-docker@v3.1.0 + # uses: crazy-max/ghaction-setup-docker@v3.2.0 # with: # set-host: true @@ -278,7 +278,7 @@ jobs: - name: Docker on MacOS if: (steps.changes.outputs.stack == 'true' || steps.changes.outputs.notebooks == 'true') && matrix.os == 'macos-latest' - uses: crazy-max/ghaction-setup-docker@v3.1.0 + uses: crazy-max/ghaction-setup-docker@v3.2.0 - name: Docker Compose on MacOS if: (steps.changes.outputs.stack == 'true' || steps.changes.outputs.notebooks == 'true') && matrix.os == 'macos-latest' diff --git a/.github/workflows/rhel-tests.yml b/.github/workflows/rhel-tests.yml deleted file mode 100644 index 9180635362d..00000000000 --- a/.github/workflows/rhel-tests.yml +++ /dev/null @@ -1,50 +0,0 @@ -name: Rhel Podman Stack Tests - -on: - workflow_call: - - workflow_dispatch: - inputs: - none: - description: "Run Version Tests Manually" - required: false - -jobs: - podman-tests-stack: - strategy: - max-parallel: 99 - matrix: - os: [om-ci-rhel-9] - python-version: ["3.12"] - fail-fast: false - - runs-on: ${{matrix.os}} - - steps: - - name: set permissions on work folder for self-runners - run: | - sudo chown -R $USER:$USER ~/actions-runner/_work/ - - - uses: actions/checkout@v4 - - - name: check python version - run: | - python${{matrix.python-version}} --version - - # - name: Check for file changes - # uses: dorny/paths-filter@v2 - # id: changes - # with: - # base: ${{ github.ref }} - # token: ${{ github.token }} - # filters: .github/file-filters.yml - - - name: Install tox - # if: steps.changes.outputs.stack == 'true' - run: | - pip${{matrix.python-version}} install -U tox - - - name: Run notebook tests - #if: steps.changes.outputs.stack == 'true' - run: | - tox -e stack.test.podman diff --git a/.github/workflows/test-github-arc.yml b/.github/workflows/test-github-arc.yml deleted file mode 100644 index 4f3dfacfa29..00000000000 --- a/.github/workflows/test-github-arc.yml +++ /dev/null @@ -1,28 +0,0 @@ -name: Actions Runner Controller Demo -on: - workflow_dispatch: - -jobs: - Test-Github-ARC-x64: - # You need to use the INSTALLATION_NAME from the previous step - runs-on: sh-arc-linux-x64 - steps: - - name: "Test Github ARC" - run: | - echo "πŸŽ‰ This job uses runner scale set runners!" - - - name: "Check Architecture" - run: | - uname -a - - Test-Github-ARC-arm64: - # You need to use the INSTALLATION_NAME from the previous step - runs-on: sh-arc-linux-arm64 - steps: - - name: "Test Github ARC" - run: | - echo "πŸŽ‰ This job uses runner scale set runners!" - - - name: "Check Architecture" - run: | - uname -a diff --git a/.github/workflows/vm-tests.yml b/.github/workflows/vm-tests.yml deleted file mode 100644 index be07b4a42a3..00000000000 --- a/.github/workflows/vm-tests.yml +++ /dev/null @@ -1,78 +0,0 @@ -name: VM Tests - Stack - -on: - workflow_call: - - # pull_request: - # branches: - # - dev - # - main - # - "0.8" - - workflow_dispatch: - inputs: - none: - description: "Run Version Tests Manually" - required: false - -jobs: - vm-tests-stack: - strategy: - max-parallel: 99 - matrix: - os: [macos-12] - python-version: ["3.12"] - deployment-type: ["vm"] - fail-fast: false - - runs-on: ${{matrix.os}} - - steps: - - uses: actions/checkout@v4 - - - name: Check for file changes - uses: dorny/paths-filter@v3 - id: changes - with: - base: ${{ github.ref }} - token: ${{ github.token }} - filters: .github/file-filters.yml - - - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v5 - if: steps.changes.outputs.stack == 'true' - with: - python-version: ${{ matrix.python-version }} - - - name: Get pip cache dir - if: steps.changes.outputs.stack == 'true' - id: pip-cache - shell: bash - run: | - echo "dir=$(pip cache dir)" >> $GITHUB_OUTPUT - - - name: pip cache - uses: actions/cache@v4 - if: steps.changes.outputs.stack == 'true' - with: - path: ${{ steps.pip-cache.outputs.dir }} - key: ${{ runner.os }}-pip-py${{ matrix.python-version }} - restore-keys: | - ${{ runner.os }}-pip-py${{ matrix.python-version }} - - - name: Upgrade pip - if: steps.changes.outputs.stack == 'true' - run: | - python -m pip install --upgrade --user pip - - - name: Install tox - if: steps.changes.outputs.stack == 'true' - run: | - pip install -U tox - - - name: Run notebook tests - if: steps.changes.outputs.stack == 'true' - env: - ORCHESTRA_DEPLOYMENT_TYPE: "${{ matrix.deployment-type }}" - run: | - tox -e stack.test.vm diff --git a/.gitignore b/.gitignore index ae0b09e4342..fc3d10b8733 100644 --- a/.gitignore +++ b/.gitignore @@ -28,9 +28,6 @@ build # docker compose volumes docker/data/* -# hagrid temps -packages/hagrid/syft -packages/hagrid/grid # vagrant .vagrant @@ -60,7 +57,6 @@ notebooks/**/*.pkl k3d-registry .envfile -packages/hagrid/.envfile # rendered template dir diff --git a/.gitpod.yml b/.gitpod.yml deleted file mode 100644 index 584f776b221..00000000000 --- a/.gitpod.yml +++ /dev/null @@ -1,11 +0,0 @@ -tasks: - - init: pip install -e packages/hagrid - command: hagrid quickstart -ports: - - name: Jupyter - port: 8888 - visibility: public - - name: Nodes - port: 8081-8083 - onOpen: open-browser - visibility: public diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index d243ca60d91..a9269f8f90b 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -3,14 +3,14 @@ repos: rev: v4.5.0 hooks: - id: check-ast - exclude: ^(packages/grid/ansible/|packages/syft/tests/mongomock) + exclude: ^(packages/syft/tests/mongomock) always_run: true - id: trailing-whitespace always_run: true exclude: ^(docs/|.+\.md|.bumpversion.cfg|packages/syft/tests/mongomock) - id: check-docstring-first always_run: true - exclude: ^(packages/grid/ansible/|packages/syft/tests/mongomock) + exclude: ^(packages/syft/tests/mongomock) - id: check-json always_run: true exclude: ^(packages/grid/frontend/|packages/syft/tests/mongomock) @@ -25,10 +25,10 @@ repos: args: ["--assume-in-merge"] - id: check-executables-have-shebangs always_run: true - exclude: ^(packages/grid/ansible/|packages/syft/tests/mongomock) + exclude: ^(packages/syft/tests/mongomock) - id: debug-statements always_run: true - exclude: ^(packages/grid/ansible/|packages/syft/tests/mongomock) + exclude: ^(packages/syft/tests/mongomock) - id: name-tests-test always_run: true exclude: ^(.*/tests/utils/)|^(.*fixtures.py|packages/syft/tests/mongomock) @@ -52,7 +52,6 @@ repos: packages/syft/src/syft/proto.*| packages/syft/tests/syft/lib/python.*| packages/grid.*| - packages/hagrid.*| packages/syft/src/syft/federated/model_serialization/protos.py )$ @@ -95,31 +94,6 @@ repos: - id: ruff-format types_or: [python, pyi, jupyter] - - repo: https://github.com/pre-commit/mirrors-mypy - rev: v1.8.0 - hooks: - - id: mypy - name: "mypy: hagrid" - always_run: true - files: ^packages/hagrid - args: [ - "--ignore-missing-imports", - "--scripts-are-modules", - "--disallow-incomplete-defs", - "--no-implicit-optional", - "--warn-unused-ignores", - "--warn-redundant-casts", - "--strict-equality", - "--warn-unreachable", - # "--disallow-untyped-decorators", - "--disallow-untyped-defs", - "--disallow-untyped-calls", - "--namespace-packages", - "--install-types", - "--non-interactive", - "--config-file=tox.ini", - ] - - repo: https://github.com/pre-commit/mirrors-mypy rev: v1.8.0 hooks: @@ -206,7 +180,7 @@ repos: rev: "v3.0.0-alpha.9-for-vscode" hooks: - id: prettier - exclude: ^(packages/grid/helm|packages/grid/frontend/pnpm-lock.yaml|packages/hagrid/hagrid/manifest_template.yml|packages/syft/tests/mongomock) + exclude: ^(packages/grid/helm|packages/grid/frontend/pnpm-lock.yaml|packages/syft/tests/mongomock) # - repo: meta # hooks: diff --git a/README.md b/README.md index 25230bb43f9..2a68d0d07ce 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,7 @@ Perform data science on `data` that remains in `someone else's` server # Quickstart -βœ… `Linux` βœ… `macOS` βœ… `Windows` βœ… `Docker` βœ… `Podman` βœ… `Kubernetes` +βœ… `Linux` βœ… `macOS` βœ… `Windows` βœ… `Docker` βœ… `Kubernetes` ## Install Client @@ -108,18 +108,11 @@ For Google GKE we need the [`gce` annotation](https://cloud.google.com/kubernete helm install ... --set ingress.class="gce" ``` -## Deploy to a Container Engine or Cloud +## Note: -1. Install our handy πŸ›΅ cli tool which makes deploying a Domain or Gateway server to Docker or VM a one-liner: - `pip install -U hagrid` +🚨 Our old deployment tool `Hagrid` has been `Deprecated`. For the updated deployment options kindly refer to -2. Then run our interactive jupyter Install πŸ§™πŸ½β€β™‚οΈ WizardBETA: - `hagrid quickstart` - -3. In the tutorial you will learn how to install and deploy: - `PySyft` = our `numpy`-like 🐍 Python library for computing on `private data` in someone else's `Domain` - - `PyGrid` = our 🐳 `docker` / 🐧 `vm` `Domain` & `Gateway` Servers where `private data` lives +- πŸ“š Deployments ## Docs and Support @@ -128,10 +121,8 @@ helm install ... --set ingress.class="gce" # Install Notes -- HAGrid 0.3 Requires: 🐍 `python` πŸ™ `git` - Run: `pip install -U hagrid` -- Interactive Install πŸ§™πŸ½β€β™‚οΈ WizardBETA Requires πŸ›΅ `hagrid`: - Run: `hagrid quickstart` - PySyft 0.8.1 Requires: 🐍 `python 3.10 - 3.12` - Run: `pip install -U syft` -- PyGrid Requires: 🐳 `docker`, 🦦 `podman` or ☸️ `kubernetes` - Run: `hagrid launch ...` +- PyGrid Requires: 🐳 `docker` or ☸️ `kubernetes` # Versions @@ -154,13 +145,9 @@ Deprecated: PySyft and PyGrid use the same `version` and its best to match them up where possible. We release weekly betas which can be used in each context: -PySyft (Stable): `pip install -U syft` -PyGrid (Stable) `hagrid launch ... tag=latest` - -PySyft (Beta): `pip install -U syft --pre` -PyGrid (Beta): `hagrid launch ... tag=beta` +PySyft (Stable): `pip install -U syft` -HAGrid is a cli / deployment tool so the latest version of `hagrid` is usually the best. +PySyft (Beta): `pip install -U syft --pre` # What is Syft? diff --git a/docs/requirements.txt b/docs/requirements.txt index 6f3176dae92..a16817917de 100644 --- a/docs/requirements.txt +++ b/docs/requirements.txt @@ -4,7 +4,7 @@ jinja2>=3.1.3 # not directly required, pinned by Snyk to avoid a vulnerability markupsafe==2.0.1 pydata-sphinx-theme==0.7.2 pygments>=2.15.0 # not directly required, pinned by Snyk to avoid a vulnerability -requests>=2.31.0 # not directly required, pinned by Snyk to avoid a vulnerability +requests>=2.32.0 # not directly required, pinned by Snyk to avoid a vulnerability setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability sphinx==4.3.0 sphinx-autoapi==1.8.4 diff --git a/docs/source/api_reference/syft.rst b/docs/source/api_reference/syft.rst index f2bf2008e6c..d10b471583a 100644 --- a/docs/source/api_reference/syft.rst +++ b/docs/source/api_reference/syft.rst @@ -33,10 +33,3 @@ syft.abstract\_node module :undoc-members: :show-inheritance: -syft.gevent\_patch module -------------------------- - -.. automodule:: syft.gevent_patch - :members: - :undoc-members: - :show-inheritance: diff --git a/notebooks/quickstart/00-quickstart.ipynb b/notebooks/quickstart/00-quickstart.ipynb deleted file mode 100644 index d5b14e2d8e0..00000000000 --- a/notebooks/quickstart/00-quickstart.ipynb +++ /dev/null @@ -1,115 +0,0 @@ -{ - "cells": [ - { - "cell_type": "markdown", - "id": "9c0d3bd0-cd25-4794-81de-c413f260de3c", - "metadata": {}, - "source": [ - "# HAGrid Quickstart BETA" - ] - }, - { - "cell_type": "markdown", - "id": "b4813d9f-daec-4954-96aa-90c01159d396", - "metadata": {}, - "source": [ - "\n", - " \n", - " \n", - " \n", - " \n", - "
\n", - " πŸ“š quickstart\n", - " \n", - " πŸ§™β€β™‚οΈ Install Wizard\n", - "
" - ] - }, - { - "cell_type": "markdown", - "id": "a50d74d3-66f0-4181-8c2f-b07fdf6b0979", - "metadata": {}, - "source": [ - " " - ] - }, - { - "cell_type": "markdown", - "id": "df038714-df01-4c56-a84c-b66a42d6cd81", - "metadata": {}, - "source": [ - "
Step 1. Run quickstart
" - ] - }, - { - "cell_type": "markdown", - "id": "3e0dd95e-38f8-46d4-b75a-d1bc9c6ac103", - "metadata": {}, - "source": [ - "Simply `import` and run `quickstart` by clicking in the grey cell below πŸ‘‡πŸ½ and pressing `Shift` + `Return` on your keyboard, or use the `Run` menu at the top of the window." - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "c71be622-bb83-4d32-aeaa-00f2aca6ee80", - "metadata": { - "tags": [] - }, - "outputs": [], - "source": [ - "# third party\n", - "from hagrid import quickstart\n", - "\n", - "quickstart" - ] - }, - { - "cell_type": "markdown", - "id": "ec809a11-95c7-4783-a397-58c93eb19dcf", - "metadata": {}, - "source": [ - "
Step 2. Download a Tutorial
" - ] - }, - { - "cell_type": "markdown", - "id": "27a1c075-3082-408e-8486-ab9df41a8442", - "metadata": {}, - "source": [ - "Above you will see a list of available tutorials, simply add the name in `quotes` into the `quickstart.download` function and run the cell below just like before." - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "f5507b20-5149-4b6d-b7e0-0883a2358ceb", - "metadata": {}, - "outputs": [], - "source": [ - "# paste and run any commands here" - ] - } - ], - "metadata": { - "kernelspec": { - "display_name": "Python 3 (ipykernel)", - "language": "python", - "name": "python3" - }, - "language_info": { - "codemirror_mode": { - "name": "ipython", - "version": 3 - }, - "file_extension": ".py", - "mimetype": "text/x-python", - "name": "python", - "nbconvert_exporter": "python", - "pygments_lexer": "ipython3", - "version": "3.10.9" - } - }, - "nbformat": 4, - "nbformat_minor": 5 -} diff --git a/notebooks/quickstart/01-install-wizard.ipynb b/notebooks/quickstart/01-install-wizard.ipynb deleted file mode 100644 index 7050c8b5b8f..00000000000 --- a/notebooks/quickstart/01-install-wizard.ipynb +++ /dev/null @@ -1,500 +0,0 @@ -{ - "cells": [ - { - "attachments": {}, - "cell_type": "markdown", - "id": "5198b587-cf2f-4354-bdbb-08f9ecb46abf", - "metadata": {}, - "source": [ - "# HAGrid Install πŸ§™πŸ½β€β™‚οΈ Wizard BETA" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "a156040f-39cc-4660-a32a-5d2c2ff586b7", - "metadata": {}, - "source": [ - "\n", - " \n", - " \n", - " \n", - "
\n", - " πŸ“š quickstart / 01-install-wizard.ipynb\n", - "
" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "cf271e52-b3aa-48f6-b85f-353b328dd463", - "metadata": {}, - "source": [ - "Welcome to the HAGrid Quickstart Install Wizard. \n", - "There are several different components required to use `Syft`. To make setup easy this wizard will automatically detect your current system configuration and make recommendations on what you need to complete setup.\n", - "\n", - "Run each step by clicking in the grey cell below πŸ‘‡πŸ½ and pressing `Shift` + `Return` on your keyboard, or use the `Run` menu at the top of the window.\n", - "\n", - "**How the Install Wizard Works** \n", - "At each step the πŸ§™πŸ½β€β™‚οΈ Wizard will try to find various software and packages on your machine. \n", - "If you see an item marked with a ❌ red cross and the message `🚨 Some issues were found` it should include a description of the issue, a solution and optionally a way to resolve the solution directly by running a command. These commands can br Copy + Pasted into a cell and ran here, or if you know how to use the terminal on your computer simply remove the `!` at the start of the command and paste it there instead. After you have resolved the issue you can run the step again to verify it is fixed with a βœ… green tick." - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "d657c28d-5388-45cc-ba37-f5e6401c0c88", - "metadata": {}, - "source": [ - "
Step 1. Import Install πŸ§™πŸ½β€β™‚οΈ Wizard BETA
" - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "ad558ade-ee9b-4c61-8cbd-68eadd2f07fa", - "metadata": { - "tags": [] - }, - "outputs": [], - "source": [ - "# third party\n", - "import hagrid\n", - "from hagrid import wizard" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "5568b6bd-0015-458a-bb33-be9a927d0ffa", - "metadata": {}, - "source": [ - "
Step 2. HAGrid Updates
" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "f5ab8626-0da1-4a8e-be94-8871724da34c", - "metadata": {}, - "source": [ - "It's a good idea to keep `HAGrid` updated as we push out fixes and features very frequently. " - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "a546b80e-ec38-4662-9f6b-0caa5b581bdc", - "metadata": { - "tags": [] - }, - "outputs": [], - "source": [ - "wizard.check_hagrid" - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "8060ab70-f5e1-4a09-bcb5-0646c84c478c", - "metadata": { - "tags": [] - }, - "outputs": [], - "source": [ - "# paste and run any commands here" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "871d2ad4-77ff-4381-a26c-036717d948b8", - "metadata": {}, - "source": [ - "
Step 3. Installing PySyft
" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "1998c1a5-2fb4-4730-98e1-a4e2c360c5b7", - "metadata": {}, - "source": [ - "`PySyft` is a python library which requires Python 3.9+." - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "b954a90e-ad48-417f-bbe7-cd2d75cecc5e", - "metadata": { - "tags": [] - }, - "outputs": [], - "source": [ - "wizard.check_syft" - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "554dfac3-9022-44f2-8c32-30af1b3a8dd8", - "metadata": {}, - "outputs": [], - "source": [ - "# paste and run any commands here" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "3d82f627-6fb6-4f03-a0c4-2ef68c6bf7f9", - "metadata": { - "tags": [] - }, - "source": [ - "
Step 4. Python Server
" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "7278fdb2-f1ba-4f12-a10b-50a43270c59f", - "metadata": { - "tags": [] - }, - "source": [ - "To do the `quickstart` tutorials, you can just run a basic `PyGrid` domain directly in python.\n", - "\n", - "You can do this either from `jupyter` / `python` or from the command line." - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "8b205fc3-c84e-4638-82cf-0bfa25b206b5", - "metadata": { - "tags": [] - }, - "outputs": [], - "source": [ - "# syft absolute\n", - "import syft as sy\n", - "\n", - "sy.requires(\">=0.8.2.b0\")\n", - "node = sy.orchestra.launch(name=\"test-domain-1\", port=8080, dev_mode=True, reset=True)" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "aa136f0a-debc-4219-858b-1814ed3cad46", - "metadata": { - "tags": [] - }, - "source": [ - "We can now log into the node with the default credentials." - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "4dd63cc9-5fe1-42af-9863-65a74eb2fc28", - "metadata": { - "tags": [] - }, - "outputs": [], - "source": [ - "domain = sy.login(email=\"info@openmined.org\", password=\"changethis\", port=8080)" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "5259b7f2-b480-4346-9cc7-86305fef76b5", - "metadata": {}, - "source": [ - "Let's see whats available on the API." - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "312d1e50-99c4-4120-9dfc-caa56cee62fd", - "metadata": { - "tags": [] - }, - "outputs": [], - "source": [ - "domain.api" - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "cda9bf88-4273-48aa-b656-005a8f456e6c", - "metadata": {}, - "outputs": [], - "source": [ - "# paste and run any commands here" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "956202c6-1d24-4889-aeda-6a7efe4a4055", - "metadata": {}, - "source": [ - "Okay, now let's shutdown the server." - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "cb2a0096-6c15-4ac9-9446-6532c1524381", - "metadata": { - "tags": [] - }, - "outputs": [], - "source": [ - "node.land()" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "7b2f1e6c-e469-4be5-b771-3724f92d2305", - "metadata": {}, - "source": [ - "πŸ‘ˆπŸΏ Click here to go back to Quickstart Home" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "efc6ebc7-43e6-4612-bf44-7ce14e488d01", - "metadata": {}, - "source": [ - "
\n", - "
" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "e05d1893-3347-41a3-8ee3-c04fd8f12d0f", - "metadata": {}, - "source": [ - "
Step 5. Docker Setup (Optional)
" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "2fa85963-4635-4ce3-8be6-36b308aa26d5", - "metadata": {}, - "source": [ - "`PyGrid` can also run as a set of containerized services on a container host. Let's ask `hagrid` to check if we have all the right dependencies installed. If we don't it will make some recommendations on what to install." - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "83f58a56-7c5e-4dfb-94c6-0fd1ce950a3f", - "metadata": { - "tags": [] - }, - "outputs": [], - "source": [ - "# third party\n", - "from hagrid import wizard\n", - "\n", - "wizard.check_docker" - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "98b47e48-582f-4261-838b-1b7b2844f945", - "metadata": {}, - "outputs": [], - "source": [ - "# paste and run any commands here" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "ee41f9c5-8014-41e6-b9a1-542694cf2d31", - "metadata": {}, - "source": [ - "
Step 6. Start a Test Domain
" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "068440ad-f0a0-4a71-bcca-52e598bf1968", - "metadata": {}, - "source": [ - "You are now ready to start a `domain` on your local machine with 🐳 Docker. Simply run the next cell and wait until it is completed." - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "2f06b0bf-c8c1-4b3c-87c8-b0f0809fcbfc", - "metadata": { - "tags": [] - }, - "outputs": [], - "source": [ - "# syft absolute\n", - "import syft as sy\n", - "\n", - "sy.requires(\">=0.8.2.b0\")\n", - "node = sy.orchestra.launch(\n", - " name=\"test-domain-1\", node_type=\"domain\", port=8081, tag=\"beta\", verbose=True\n", - ")" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "7d5c9892-1b70-4a68-b41d-8c9c06c19df0", - "metadata": {}, - "source": [ - "
Step 7. Check Domain Health
" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "b7846431-69b1-46bb-a611-e2ce47eb277f", - "metadata": {}, - "source": [ - "To ensure our domain has finished starting we can ask `hagrid` to check its health for us. Run the below cell to check your `domain` on localhost. You can also visit the links to see the `UI` and `api` endpoints in your browser." - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "71c1fd7d-fb7b-43dc-9608-053a6313b1b4", - "metadata": { - "tags": [] - }, - "outputs": [], - "source": [ - "hagrid.check(\"localhost:8081\", timeout=120)" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "91148fc9-a26f-4964-bb17-efd5a26f465d", - "metadata": {}, - "source": [ - "
Step 8. Domain Login
" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "07093a4b-d463-4fe5-9861-09e7d32b63e0", - "metadata": {}, - "source": [ - "We now log into the Domain Node using the default admin username and password." - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "01126584-3449-4c4b-9fe4-1c727a7a0ee3", - "metadata": { - "tags": [] - }, - "outputs": [], - "source": [ - "# syft absolute\n", - "import syft as sy\n", - "\n", - "sy.requires(\">=0.8.2.b0\")\n", - "domain = sy.login(email=\"info@openmined.org\", password=\"changethis\", port=8081)" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "d4d7ccbb-0b48-41cf-bf7c-9b41f77924d0", - "metadata": {}, - "source": [ - "
Step 9. Shutdown Domain
" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "8e3fc2ee-5247-4fa1-9e31-9d9464765e0d", - "metadata": {}, - "source": [ - "If your domain started correctly you are now done with the Install Wizard and ready to do some tutorials. We can shutdown this domain by running the `hagrid` land command in the below cell. If you are done now you can go ahead and shutdown your domain, or if you would prefer to keep it running skip this step." - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "f0d12f71-26eb-4317-a8ea-7e45579b7b59", - "metadata": { - "tags": [] - }, - "outputs": [], - "source": [ - "node.land()" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "c288eae3-6109-4b26-ac68-7ab772518919", - "metadata": {}, - "source": [ - "
βœ… Install πŸ§™πŸ½β€β™‚οΈ Wizard Complete
" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "6663f1cc-648c-43e0-aca8-4d55039e8a6d", - "metadata": {}, - "source": [ - "πŸ‘ˆπŸΏ Click here to go back to Quickstart Home" - ] - } - ], - "metadata": { - "kernelspec": { - "display_name": "Python 3 (ipykernel)", - "language": "python", - "name": "python3" - }, - "language_info": { - "codemirror_mode": { - "name": "ipython", - "version": 3 - }, - "file_extension": ".py", - "mimetype": "text/x-python", - "name": "python", - "nbconvert_exporter": "python", - "pygments_lexer": "ipython3", - "version": "3.11.1" - }, - "vscode": { - "interpreter": { - "hash": "1e7e90b573593ba97b24c163dae9a6c9173808a1bc968e87367841cbed28165e" - } - } - }, - "nbformat": 4, - "nbformat_minor": 5 -} diff --git a/notebooks/quickstart/img/edit.png b/notebooks/quickstart/img/edit.png deleted file mode 100644 index 3ceaaf9438d..00000000000 Binary files a/notebooks/quickstart/img/edit.png and /dev/null differ diff --git a/notebooks/quickstart/img/head.png b/notebooks/quickstart/img/head.png deleted file mode 100644 index 9d220749f31..00000000000 Binary files a/notebooks/quickstart/img/head.png and /dev/null differ diff --git a/notebooks/quickstart/img/run.png b/notebooks/quickstart/img/run.png deleted file mode 100644 index c3a678a9fd1..00000000000 Binary files a/notebooks/quickstart/img/run.png and /dev/null differ diff --git a/notebooks/tutorials/data-engineer/01-setting-up-dev-mode.ipynb b/notebooks/tutorials/data-engineer/01-setting-up-dev-mode.ipynb deleted file mode 100644 index ed84817235f..00000000000 --- a/notebooks/tutorials/data-engineer/01-setting-up-dev-mode.ipynb +++ /dev/null @@ -1,370 +0,0 @@ -{ - "cells": [ - { - "cell_type": "markdown", - "id": "0", - "metadata": {}, - "source": [ - "# Setting up Dev Mode" - ] - }, - { - "cell_type": "markdown", - "id": "1", - "metadata": {}, - "source": [ - "If you would like to work on the PySyft codebase, you can set up PySyft in dev mode. You will need to clone the repository, install syft locally and run the code you installed" - ] - }, - { - "cell_type": "markdown", - "id": "2", - "metadata": {}, - "source": [ - "## Cloning the Repo" - ] - }, - { - "cell_type": "markdown", - "id": "3", - "metadata": {}, - "source": [ - "First, we start by cloning the repo" - ] - }, - { - "cell_type": "markdown", - "id": "4", - "metadata": {}, - "source": [ - "If you have an SSH key enabled in your github account, use" - ] - }, - { - "cell_type": "markdown", - "id": "5", - "metadata": {}, - "source": [ - "`git clone git@github.com:OpenMined/PySyft.git`" - ] - }, - { - "cell_type": "markdown", - "id": "6", - "metadata": {}, - "source": [ - "Otherwise use" - ] - }, - { - "cell_type": "markdown", - "id": "7", - "metadata": {}, - "source": [ - "`git clone https://github.com/OpenMined/PySyft.git`" - ] - }, - { - "cell_type": "markdown", - "id": "8", - "metadata": {}, - "source": [ - "## Installing Syft" - ] - }, - { - "cell_type": "markdown", - "id": "9", - "metadata": {}, - "source": [ - "To install Syft `cd` into the directory in which you cloned PySyft and type\n", - "\n", - "```bash\n", - "pip install -e packages/syft\n", - "```\n", - "\n", - "This installs `syft` in editable mode, such any change in code are reflected in your environment." - ] - }, - { - "cell_type": "markdown", - "id": "10", - "metadata": {}, - "source": [ - "## Running Tox Tests" - ] - }, - { - "cell_type": "markdown", - "id": "11", - "metadata": {}, - "source": [ - "[Tox](https://tox.wiki/en/latest/) is a project that \"aims to automate and standardize testing in Python\". For PySyft development, it is used to simplify testing and setting up several environment in a way that works for every developer working on PySyft. You can list the commands that you can execute using `tox-l`, which will give a result similar to this" - ] - }, - { - "cell_type": "markdown", - "id": "12", - "metadata": {}, - "source": [ - "```\n", - "> tox -l\n", - "\n", - "hagrid.publish\n", - "lint\n", - "stack.test.integration\n", - "syft.docs\n", - "syft.jupyter\n", - "syft.publish\n", - "syft.test.security\n", - "syft.test.unit\n", - "syft.test.notebook\n", - "stack.test.notebook\n", - "stack.test.vm\n", - "frontend.test.unit\n", - "frontend.test.e2e\n", - "frontend.generate.types\n", - "```" - ] - }, - { - "cell_type": "markdown", - "id": "13", - "metadata": {}, - "source": [ - "This shows us the list of environments that are specified for PySyft. To see what these environments do, have a look at the `tox.ini` file in the main PySyft repo." - ] - }, - { - "cell_type": "markdown", - "id": "14", - "metadata": {}, - "source": [ - "You can run an environment using `tox -e `. For instance, to run the unit tests, run" - ] - }, - { - "cell_type": "markdown", - "id": "15", - "metadata": {}, - "source": [ - "```\n", - "tox -e syft.test.unit\n", - "```" - ] - }, - { - "cell_type": "markdown", - "id": "16", - "metadata": {}, - "source": [ - "This tox environment is relatively simple, and just uses pytest to run all the tests for the syft packages. However, some environments are more complicated, and run a series of commands that start multiple processes, docker containers and set up a lot of infrastructure before running the tests. The good thing is that with tox, you dont need to worry about that, you can just run the commands." - ] - }, - { - "cell_type": "markdown", - "id": "17", - "metadata": {}, - "source": [ - "## Using Jupyter Environment" - ] - }, - { - "cell_type": "markdown", - "id": "18", - "metadata": {}, - "source": [ - "Pysyft has a tox command to set up a local jupyter notebook environment, which is useful for development." - ] - }, - { - "cell_type": "markdown", - "id": "19", - "metadata": {}, - "source": [ - "```\n", - "tox -e syft.jupyter\n", - "```" - ] - }, - { - "cell_type": "markdown", - "id": "20", - "metadata": {}, - "source": [ - "PySyft makes extensive use of jupyter notebook, and a lot of developers use it for experiments when writing code. It can be useful to setup a local gitignore (only for you, not pushed to git) to have a playground where you can experiment, without needing to push files to git, or change the .gitignore. You can do this by adding a folder to your `.git/info/exclude` file, which works similar to the `.gitignore` file, e.g. if we add\n", - "```\n", - "notebooks/experimental/* \n", - "```\n", - "to `.git/info/exclude`, git wont sync the changes to the `experimental` folder to github\n", - "\n", - "`Note:` For developers in MS Windows, before development make sure that your development path does not contain any white spaces in between.\n", - "\n", - "Example:\n", - " \n", - "**Invalid Path:** `D:/test space/new env/openmined/PySyft`\n", - "\n", - "**Valid Path:** `D:/test-space/new_env/openmined/PySyft`\n", - "\n", - "The issue with paths containing spaces causing problems on Windows is due to the way that Windows handles file paths, but as long as the development path is free of white spaces, you are good to go. This is not a specific issue related to PySyft." - ] - }, - { - "cell_type": "markdown", - "id": "21", - "metadata": {}, - "source": [ - "## Working with Python Domain" - ] - }, - { - "cell_type": "markdown", - "id": "22", - "metadata": {}, - "source": [ - "PySyft enables a network of computers to connect to each other and do privacy preserving data analysis. The Nodes in the network that hold some data are called `Domains`. When we develop with PySyft, it is very common to start a domain as the first step. `PySyft` makes it very easy to develop against a domain in a notebook by providing an interface (`sy.orchestra`) that allows you to start a domain with a webserver in a notebook in the background, which is a lightweight version of a Domain that would be used in production. You can specify options such as what kind of database you are using, whether you want to use networking and how many processes you want to use. You can launch a Domain by simply executing:" - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "23", - "metadata": {}, - "outputs": [], - "source": [ - "# syft absolute\n", - "import syft as sy" - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "24", - "metadata": { - "tags": [] - }, - "outputs": [], - "source": [ - "node = sy.orchestra.launch(\n", - " name=\"dev-mode-example-domain-1\", port=8020, reset=True, dev_mode=True\n", - ")" - ] - }, - { - "cell_type": "markdown", - "id": "25", - "metadata": {}, - "source": [ - "If we dont need a webserver (for development this is true in many cases), we can omit the port and use. \n", - "```\n", - "node = sy.orchestra.launch(name=\"dev-mode-example-domain-1\", dev_mode=True, reset=True)\n", - "```" - ] - }, - { - "cell_type": "markdown", - "id": "26", - "metadata": {}, - "source": [ - "**One of the benefits of not using a port is that you can use a debugger and set breakpoints within api calls. This makes debugging way faster in many cases**" - ] - }, - { - "cell_type": "markdown", - "id": "27", - "metadata": {}, - "source": [ - "Now, we are ready to start using the domain. The domain comes with standard login credentials for the admin (just for development)" - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "28", - "metadata": {}, - "outputs": [], - "source": [ - "client = node.login(email=\"info@openmined.org\", password=\"changethis\")" - ] - }, - { - "cell_type": "markdown", - "id": "29", - "metadata": {}, - "source": [ - "Once you are logged in, you are ready to start using the domain, for instance for creating a dataset (this one is empty, just as a example)." - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "30", - "metadata": {}, - "outputs": [], - "source": [ - "dataset = sy.Dataset(name=\"my dataset\", asset_list=[])\n", - "client.upload_dataset(dataset)" - ] - }, - { - "cell_type": "markdown", - "id": "31", - "metadata": {}, - "source": [ - "Lastly to stop or terminate your Domain, we can execute the following command:" - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "32", - "metadata": {}, - "outputs": [], - "source": [ - "node.land()" - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "33", - "metadata": {}, - "outputs": [], - "source": [] - } - ], - "metadata": { - "kernelspec": { - "display_name": "Python 3 (ipykernel)", - "language": "python", - "name": "python3" - }, - "language_info": { - "codemirror_mode": { - "name": "ipython", - "version": 3 - }, - "file_extension": ".py", - "mimetype": "text/x-python", - "name": "python", - "nbconvert_exporter": "python", - "pygments_lexer": "ipython3", - "version": "3.9.16" - }, - "toc": { - "base_numbering": 1, - "nav_menu": {}, - "number_sections": true, - "sideBar": true, - "skip_h1_title": false, - "title_cell": "Table of Contents", - "title_sidebar": "Contents", - "toc_cell": false, - "toc_position": {}, - "toc_section_display": true, - "toc_window_display": true - } - }, - "nbformat": 4, - "nbformat_minor": 5 -} diff --git a/notebooks/tutorials/data-engineer/02-deployment-types.ipynb b/notebooks/tutorials/data-engineer/02-deployment-types.ipynb deleted file mode 100644 index 1bd572a26fe..00000000000 --- a/notebooks/tutorials/data-engineer/02-deployment-types.ipynb +++ /dev/null @@ -1,378 +0,0 @@ -{ - "cells": [ - { - "cell_type": "markdown", - "id": "0", - "metadata": {}, - "source": [ - "# Deployment Types" - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "1", - "metadata": {}, - "outputs": [], - "source": [ - "# syft absolute\n", - "import syft as sy" - ] - }, - { - "cell_type": "markdown", - "id": "2", - "metadata": {}, - "source": [ - "## Dev Python Domain\n" - ] - }, - { - "cell_type": "markdown", - "id": "3", - "metadata": {}, - "source": [ - "Syft supports creating a Python domain in editable mode.\n", - "This is used mainly for experimental and development purposes.\n", - "In __Dev Python Domain__ the domain instance runs locally using the SQLite as the main storage.\n", - "This enables faster development and requires less recources to operate.\n", - "\n", - "The __Dev Python Domain__ supports two options:\n", - "1. Memory node - full `syft` functionality __locally__, SQLite as a local storage.\n", - "2. Webserver node - full `syft` functionality with API \n", - "\n", - "__When you need this?__
\n", - "_When you want to develop Syft or try-out new funcitonality from separate branch._\n", - "\n", - "__Prerequistes:__
\n", - "1. Syft repository pulled from Github - [github.com/OpenMined/PySyft](https://github.com/OpenMined/PySyft)\n", - "\n", - "For broader explanation refer to the notebook [01-setting-dev-mode.ipynb](https://github.com/OpenMined/PySyft/blob/dev/notebooks/tutorials/data-engineer/01-setting-up-dev-mode.ipynb)\n", - "\n", - "To launch the local __Dev Python Domain__ use the following steps:" - ] - }, - { - "cell_type": "markdown", - "id": "4", - "metadata": {}, - "source": [ - "#### 1.1 Launch Dev Memory Node" - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "5", - "metadata": {}, - "outputs": [], - "source": [ - "memory_node = sy.orchestra.launch(\n", - " name=\"Arbitrary Dev Node\",\n", - " dev_mode=True,\n", - " reset=True,\n", - ")" - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "6", - "metadata": {}, - "outputs": [], - "source": [ - "assert memory_node is not None" - ] - }, - { - "cell_type": "markdown", - "id": "7", - "metadata": {}, - "source": [ - "#### 1.2 Launch Dev Webserver Node" - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "8", - "metadata": {}, - "outputs": [], - "source": [ - "webserver_node = sy.orchestra.launch(\n", - " name=\"Arbitrary Webserver Dev Node\", dev_mode=True, reset=True, port=8081\n", - ")" - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "9", - "metadata": {}, - "outputs": [], - "source": [ - "assert webserver_node is not None" - ] - }, - { - "cell_type": "markdown", - "id": "10", - "metadata": {}, - "source": [ - "#### 2. Login Into Nodes" - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "11", - "metadata": {}, - "outputs": [], - "source": [ - "memory_node_client = memory_node.login(\n", - " email=\"info@openmined.org\", password=\"changethis\"\n", - ")\n", - "memory_node_client" - ] - }, - { - "cell_type": "markdown", - "id": "12", - "metadata": {}, - "source": [ - "#### 3. Landing Memory and Webserver Node" - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "13", - "metadata": {}, - "outputs": [], - "source": [ - "memory_node.land()" - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "14", - "metadata": {}, - "outputs": [], - "source": [ - "webserver_node.land()" - ] - }, - { - "cell_type": "markdown", - "id": "15", - "metadata": {}, - "source": [ - "----" - ] - }, - { - "cell_type": "markdown", - "id": "16", - "metadata": {}, - "source": [ - "## Single Container / Enclave (TBD)" - ] - }, - { - "cell_type": "markdown", - "id": "17", - "metadata": {}, - "source": [ - "Single Container deployment is used when fast and painless deployment of `syft` with all essential functionality is needed. This deployment type contains the `syft` and SQLite as a light-weight database in a single container.\n", - "\n", - "__When you need this?__
\n", - "_When you quickly want to test syft in a single container._\n", - "\n", - "__Prerequistes:__
\n", - "1. Syft repository pulled from Github - [github.com/OpenMined/PySyft](https://github.com/OpenMined/PySyft)\n", - "1. Docker Installed - [docs.docker.com/get-docker](https://docs.docker.com/get-docker/)\n" - ] - }, - { - "cell_type": "markdown", - "id": "18", - "metadata": {}, - "source": [ - "#### Deploy Syft in Single Container Mode" - ] - }, - { - "cell_type": "markdown", - "id": "19", - "metadata": {}, - "source": [ - "Enter the PySyft Repository and run the following command\n", - "\n", - "`docker run -it -e DEFAULT_ROOT_PASSWORD=secret -e PORT=8080 -p 8080:8080 openmined/grid-enclave:0.8.1`\n", - "\n", - "----" - ] - }, - { - "cell_type": "markdown", - "id": "20", - "metadata": {}, - "source": [ - "## Full Container Stack" - ] - }, - { - "cell_type": "markdown", - "id": "21", - "metadata": {}, - "source": [ - "Syft can operate as a container stack. This setting consider deployment of following containers:\n", - " - Backend - contains `Syft` and corresponding logic to execute code in _sync_ manner\n", - " - Backend Stream - contains `Syft` and logic to queue message in RabbitMQ\n", - " - Celery Worker - contains `Syft` and logic to execute message received from RabbitMQ\n", - " - RabbitMQ - receives messages from Backend Stream and passes them into Celery Worker\n", - " - Redis - each `syft` object has a `UUID`, and stored in Redis as a `key`/`value` pair\n", - " - Mongo - Stores non-private metadata that are related to `grid` operation, such as __RBAC__ or `BLOB`s metadata \n", - " - SeaweedFS - Stores the `BLOB`s, compatible with Amazon S3 protocols\n", - " - Jaeger - distributed end-to-end tracing\n", - "\n", - "__When you need this?__
\n", - "_When you need a Syft domain/gateway node locally._\n", - "\n", - "__Prerequistes:__
\n", - "1. Syft installed - [pypi.org/project/syft](https://pypi.org/project/syft/)\n", - "1. Hagrid installed - [pypi.org/project/syft](https://pypi.org/project/syft/)\n", - "1. Docker Installed - [docs.docker.com/get-docker](https://docs.docker.com/get-docker/)\n", - "\n", - "\n", - "Easiest way to launch the Full Container Stack is the `hagrid` cli tool.\n", - "\n", - "Basic syntax of Hagrdi deployment command is the following:
\n", - "> `hagrid launch to :`\n", - "\n", - "To deploy the full container stack use the following command:
\n", - "\n", - "> `hagrid launch test_domain domain to docker:8081`\n", - "\n", - "For detailed explanation of Full Container Stack deployment refer to the notebook [05-deploy-stack.ipynb](https://github.com/OpenMined/PySyft/blob/dev/notebooks/tutorials/data-engineer/05-deploy-stack.ipynb)" - ] - }, - { - "cell_type": "markdown", - "id": "22", - "metadata": {}, - "source": [ - "----" - ] - }, - { - "cell_type": "markdown", - "id": "23", - "metadata": {}, - "source": [ - "## VM Container Host" - ] - }, - { - "cell_type": "markdown", - "id": "24", - "metadata": {}, - "source": [ - "Ability to easily deploy `syft` stack to __anywhere__. By anywhere we mean an existing linux server accessible via `ssh` connection. `hagrid` cli tool can do all the hard work for us, by defining the desired system state using `ansible` and deploying all containers (defined in the previous section).\n", - "\n", - "__When you need this?__
\n", - "_When you need to deploy Syft domain/gateway node on a remote host, whether Virtual Machine or real Linux server._\n", - "\n", - "__Prerequistes:__
\n", - "1. Syft installed - [pypi.org/project/syft](https://pypi.org/project/syft/)\n", - "2. Hagrid installed - [pypi.org/project/syft](https://pypi.org/project/syft/)\n", - "3. VM accessible via SSH\n", - "\n", - "Deploy Syft `domain`/`network` node to the remote VM using following command:\n", - "\n", - "> `hagrid launch test_domain domain to 100.0.0.1 --username=ubuntu --auth-type=key --key-path=~/.ssh/hagrid_ssh_key`\n", - "\n", - "All flags marked with `--` are optional, if not provided `hagrid` will interactively ask you to provide all necessary details. More details on `hagrid` usage can be found in following notebook [03-hagrid.ipynb](https://github.com/OpenMined/PySyft/blob/dev/notebooks/tutorials/data-engineer/03-hagrid.ipynb)\n", - "\n", - "If you want to deploy to Cloud providers reffer to corresponding notebook:\n", - "- Azure - [06-deploy-to-azure.ipynb](https://github.com/OpenMined/PySyft/blob/dev/notebooks/tutorials/data-engineer/06-deploy-to-azure.ipynb)\n", - "- GCP - [07-deploy-to-gcp.ipynb](https://github.com/OpenMined/PySyft/blob/dev/notebooks/tutorials/data-engineer/07-deploy-to-gcp.ipynb)\n", - "- AWS - [08-deploy-to-aws.ipynb](https://github.com/OpenMined/PySyft/blob/dev/notebooks/tutorials/data-engineer/08-deploy-to-aws.ipynb)\n", - "\n", - ">__Note__: VM Container Host supports deployment _only from Linux or MacOS_ machines, since it requires `ansible`
that is not supported by Windows \n" - ] - }, - { - "cell_type": "markdown", - "id": "25", - "metadata": {}, - "source": [ - "----" - ] - }, - { - "cell_type": "markdown", - "id": "26", - "metadata": {}, - "source": [ - "## Gateway Nodes" - ] - }, - { - "cell_type": "markdown", - "id": "27", - "metadata": {}, - "source": [ - "Gateway Nodes are used to interconnect multiple `domain` nodes.\n", - "Essentially, `gateway` nodes use the same containers and code, although with different configurations.\n", - "`gateway` nodes do not have the Frontend and Blob storage. \n", - "\n", - "__When you need this?__
\n", - "_When you need to interconnect two or more domain nodes._\n", - "\n", - "__Prerequistes:__
\n", - "1. Syft installed - [pypi.org/project/syft](https://pypi.org/project/syft/)\n", - "1. Hagrid installed - [pypi.org/project/syft](https://pypi.org/project/syft/)\n", - "1. Docker installed or SSH connection to VM\n", - "\n", - "The `hagrid` cli can be used to deploy the `gateway` nodes, as a local container stack deployment or remote VM host deployment.\n", - "\n", - "To deploy `gateway` node us the following command:
\n", - "> `hagrid launch gateway to :`\n", - "\n", - "Example of launching the `gateway` node called `test-gateway`:
\n", - "> `hagrid launch test-gateway gateway to docker:9082`\n" - ] - }, - { - "cell_type": "markdown", - "id": "28", - "metadata": {}, - "source": [ - "----" - ] - } - ], - "metadata": { - "kernelspec": { - "display_name": "Python 3 (ipykernel)", - "language": "python", - "name": "python3" - }, - "language_info": { - "codemirror_mode": { - "name": "ipython", - "version": 3 - }, - "file_extension": ".py", - "mimetype": "text/x-python", - "name": "python", - "nbconvert_exporter": "python", - "pygments_lexer": "ipython3", - "version": "3.10.12" - } - }, - "nbformat": 4, - "nbformat_minor": 5 -} diff --git a/notebooks/tutorials/data-engineer/03-hagrid.ipynb b/notebooks/tutorials/data-engineer/03-hagrid.ipynb deleted file mode 100644 index 3ad7cf9c25d..00000000000 --- a/notebooks/tutorials/data-engineer/03-hagrid.ipynb +++ /dev/null @@ -1,73 +0,0 @@ -{ - "cells": [ - { - "cell_type": "markdown", - "id": "0", - "metadata": {}, - "source": [ - "# HAGrid" - ] - }, - { - "cell_type": "markdown", - "id": "1", - "metadata": {}, - "source": [ - "## Installing HAGrid" - ] - }, - { - "cell_type": "markdown", - "id": "2", - "metadata": {}, - "source": [ - "## Python PATH" - ] - }, - { - "cell_type": "markdown", - "id": "3", - "metadata": {}, - "source": [ - "## Debugging HAGrid" - ] - }, - { - "cell_type": "markdown", - "id": "4", - "metadata": {}, - "source": [ - "## Ansible and Windows" - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "5", - "metadata": {}, - "outputs": [], - "source": [] - } - ], - "metadata": { - "kernelspec": { - "display_name": "Python 3 (ipykernel)", - "language": "python", - "name": "python3" - }, - "language_info": { - "codemirror_mode": { - "name": "ipython", - "version": 3 - }, - "file_extension": ".py", - "mimetype": "text/x-python", - "name": "python", - "nbconvert_exporter": "python", - "pygments_lexer": "ipython3", - "version": "3.10.9" - } - }, - "nbformat": 4, - "nbformat_minor": 5 -} diff --git a/notebooks/tutorials/data-engineer/04-deploy-container.ipynb b/notebooks/tutorials/data-engineer/04-deploy-container.ipynb deleted file mode 100644 index dd016d74ae5..00000000000 --- a/notebooks/tutorials/data-engineer/04-deploy-container.ipynb +++ /dev/null @@ -1,107 +0,0 @@ -{ - "cells": [ - { - "attachments": {}, - "cell_type": "markdown", - "id": "0", - "metadata": {}, - "source": [ - "# Deploying a Container" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "1", - "metadata": {}, - "source": [ - "## Docker 1-liner" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "2", - "metadata": {}, - "source": [ - "```\n", - "$ docker run -it -e DEFAULT_ROOT_PASSWORD=secret -e PORT=8080 -p 8080:8080 openmined/grid-enclave:0.8.2.b0\n", - "```" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "3", - "metadata": {}, - "source": [ - "## Azure CLI" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "4", - "metadata": {}, - "source": [ - "$ az group create --name test-container --location eastus" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "5", - "metadata": {}, - "source": [ - "$ az container create --resource-group test-container --name syft --image openmined/grid-enclave:0.8.2.b0 --dns-name-label syft-demo --ports 80 --environment-variables PORT=80 DEFAULT_ROOT_PASSWORD=secret" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "6", - "metadata": {}, - "source": [ - "## From HAGrid" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "7", - "metadata": {}, - "source": [ - "## Volume Mounts" - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "8", - "metadata": {}, - "outputs": [], - "source": [] - } - ], - "metadata": { - "kernelspec": { - "display_name": "Python 3 (ipykernel)", - "language": "python", - "name": "python3" - }, - "language_info": { - "codemirror_mode": { - "name": "ipython", - "version": 3 - }, - "file_extension": ".py", - "mimetype": "text/x-python", - "name": "python", - "nbconvert_exporter": "python", - "pygments_lexer": "ipython3", - "version": "3.10.9" - } - }, - "nbformat": 4, - "nbformat_minor": 5 -} diff --git a/notebooks/tutorials/data-engineer/05-deploy-stack.ipynb b/notebooks/tutorials/data-engineer/05-deploy-stack.ipynb deleted file mode 100644 index 2ac0fcc7dff..00000000000 --- a/notebooks/tutorials/data-engineer/05-deploy-stack.ipynb +++ /dev/null @@ -1,81 +0,0 @@ -{ - "cells": [ - { - "cell_type": "markdown", - "id": "0", - "metadata": {}, - "source": [ - "# Deploy the Stack" - ] - }, - { - "cell_type": "markdown", - "id": "1", - "metadata": {}, - "source": [ - "## Docker Compose" - ] - }, - { - "cell_type": "markdown", - "id": "2", - "metadata": {}, - "source": [ - "## HAGrid" - ] - }, - { - "cell_type": "markdown", - "id": "3", - "metadata": {}, - "source": [ - "## Build Source" - ] - }, - { - "cell_type": "markdown", - "id": "4", - "metadata": {}, - "source": [ - "## Volume Mounts" - ] - }, - { - "cell_type": "markdown", - "id": "5", - "metadata": {}, - "source": [ - "## Docker Networks" - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "6", - "metadata": {}, - "outputs": [], - "source": [] - } - ], - "metadata": { - "kernelspec": { - "display_name": "Python 3 (ipykernel)", - "language": "python", - "name": "python3" - }, - "language_info": { - "codemirror_mode": { - "name": "ipython", - "version": 3 - }, - "file_extension": ".py", - "mimetype": "text/x-python", - "name": "python", - "nbconvert_exporter": "python", - "pygments_lexer": "ipython3", - "version": "3.10.9" - } - }, - "nbformat": 4, - "nbformat_minor": 5 -} diff --git a/notebooks/tutorials/data-engineer/06-deploy-to-azure.ipynb b/notebooks/tutorials/data-engineer/06-deploy-to-azure.ipynb deleted file mode 100644 index 397d3f1016b..00000000000 --- a/notebooks/tutorials/data-engineer/06-deploy-to-azure.ipynb +++ /dev/null @@ -1,114 +0,0 @@ -{ - "cells": [ - { - "attachments": {}, - "cell_type": "markdown", - "id": "0", - "metadata": {}, - "source": [ - "# Deploy to Azure" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "1", - "metadata": {}, - "source": [ - "## Installing CLI Tool" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "2", - "metadata": {}, - "source": [ - "## Authorizing CLI Tool" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "3", - "metadata": {}, - "source": [ - "## Deploying a Single Container" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "4", - "metadata": {}, - "source": [ - "$ az group create --name test-container --location eastus" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "5", - "metadata": {}, - "source": [ - "$ az container create --resource-group test-container --name syft --image openmined/grid-enclave:0.8.2.b0 --dns-name-label syft-demo --ports 80 --environment-variables PORT=80 DEFAULT_ROOT_PASSWORD=secret" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "6", - "metadata": {}, - "source": [ - "## Deploying a Domain" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "7", - "metadata": {}, - "source": [ - "## Checking Firewall Rules" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "8", - "metadata": {}, - "source": [ - "## Logging in via SSH" - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "9", - "metadata": {}, - "outputs": [], - "source": [] - } - ], - "metadata": { - "kernelspec": { - "display_name": "Python 3 (ipykernel)", - "language": "python", - "name": "python3" - }, - "language_info": { - "codemirror_mode": { - "name": "ipython", - "version": 3 - }, - "file_extension": ".py", - "mimetype": "text/x-python", - "name": "python", - "nbconvert_exporter": "python", - "pygments_lexer": "ipython3", - "version": "3.10.9" - } - }, - "nbformat": 4, - "nbformat_minor": 5 -} diff --git a/notebooks/tutorials/data-engineer/07-deploy-to-gcp.ipynb b/notebooks/tutorials/data-engineer/07-deploy-to-gcp.ipynb deleted file mode 100644 index 827f1d5e129..00000000000 --- a/notebooks/tutorials/data-engineer/07-deploy-to-gcp.ipynb +++ /dev/null @@ -1,73 +0,0 @@ -{ - "cells": [ - { - "cell_type": "markdown", - "id": "0", - "metadata": {}, - "source": [ - "# Deploy to Google Cloud Platform (GCP)" - ] - }, - { - "cell_type": "markdown", - "id": "1", - "metadata": {}, - "source": [ - "## Installing CLI Tool" - ] - }, - { - "cell_type": "markdown", - "id": "2", - "metadata": {}, - "source": [ - "## Authorizing CLI Tool" - ] - }, - { - "cell_type": "markdown", - "id": "3", - "metadata": {}, - "source": [ - "## Deploying a Domain" - ] - }, - { - "cell_type": "markdown", - "id": "4", - "metadata": {}, - "source": [ - "## Checking Firewall Rules" - ] - }, - { - "cell_type": "markdown", - "id": "5", - "metadata": {}, - "source": [ - "## Logging in via SSH" - ] - } - ], - "metadata": { - "kernelspec": { - "display_name": "Python 3 (ipykernel)", - "language": "python", - "name": "python3" - }, - "language_info": { - "codemirror_mode": { - "name": "ipython", - "version": 3 - }, - "file_extension": ".py", - "mimetype": "text/x-python", - "name": "python", - "nbconvert_exporter": "python", - "pygments_lexer": "ipython3", - "version": "3.10.9" - } - }, - "nbformat": 4, - "nbformat_minor": 5 -} diff --git a/notebooks/tutorials/data-engineer/08-deploy-to-aws.ipynb b/notebooks/tutorials/data-engineer/08-deploy-to-aws.ipynb deleted file mode 100644 index 7b8a28ec777..00000000000 --- a/notebooks/tutorials/data-engineer/08-deploy-to-aws.ipynb +++ /dev/null @@ -1,152 +0,0 @@ -{ - "cells": [ - { - "cell_type": "markdown", - "id": "0", - "metadata": {}, - "source": [ - "# Deploy to AWS" - ] - }, - { - "cell_type": "markdown", - "id": "1", - "metadata": {}, - "source": [ - "## Installing CLI Tool" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "2", - "metadata": {}, - "source": [ - "Please refer to the docs for installing the AWS CLI tool: https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html. It has instructions for the different operating systems such as Mac, Windows and Linux" - ] - }, - { - "cell_type": "markdown", - "id": "3", - "metadata": {}, - "source": [ - "## Authorizing CLI Tool" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "4", - "metadata": {}, - "source": [ - "Please go through this for setting up the CLI: https://docs.aws.amazon.com/cli/latest/userguide/getting-started-quickstart.html. \n", - "\n", - "A common/quick way is to use to authenticate using IAM user credentials. Please refer to this doc for the steps involved: https://docs.aws.amazon.com/cli/latest/userguide/cli-authentication-user.html" - ] - }, - { - "cell_type": "markdown", - "id": "5", - "metadata": {}, - "source": [ - "## Deploying a Domain" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "6", - "metadata": {}, - "source": [ - "Use `hagrid launch {domain_name} domain to aws [--no-provision]` command to launch your domain to an AWS EC2 instance. The --no-provision flag is optional and can be used if you do not want to provision all the resources using ansible (If you're not familiar with this, just ignore this flag) " - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "7", - "metadata": {}, - "source": [ - "You would be prompted with a series of questions.\n", - "\n", - "Please specify the region where you want your EC2 instance to be deployed.\n", - "\n", - "Please specify a name for the security group to be created. A security group is used to control the inbound and outbound traffic to/from the EC2 instance. Please check https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-security-groups.html for more information.\n", - "Then specify the IP addresses to be white-listed for incoming traffic to the EC2 instance. Please ensure that you enter it in CIDR notation. The default is 0.0.0.0/0 which means that all inbound traffic is allowed.\n", - "On these IP addresses, we open the following ports: 80, 443, 22.\n", - "\n", - "Then, please specify the EC2 instance type. By default, it is t2.xlarge.\n", - "\n", - "We need an EC2 key pair in order to SSH into the instance. If you already have a key-pair, please specify the name and the path where it is stored. Otherwise, if you do not have one, we will create one with the given name and store it in the path you specify. (Note: creating a keypair might not work properly with windows powershell).\n", - "\n", - "\n", - "Then specify the repo and branch for the source code. You can leave it as the default.\n", - "\n", - "\n", - "\n", - "\n" - ] - }, - { - "cell_type": "markdown", - "id": "8", - "metadata": {}, - "source": [ - "## Checking Firewall Rules" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "9", - "metadata": {}, - "source": [ - "You could go to the AWS console, and navigate to the region where you deployed your instance. Search for EC2 and go over to the Security Groups tab (or directly search for Security Group). In the list of security groups, identify the one you created using the name. If you go inside, you would see the inbound and outbound rules." - ] - }, - { - "cell_type": "markdown", - "id": "10", - "metadata": {}, - "source": [ - "## Logging in via SSH" - ] - }, - { - "attachments": {}, - "cell_type": "markdown", - "id": "11", - "metadata": {}, - "source": [ - "Please refer to the steps in the doc to connect to your EC2 instance using SSH: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AccessingInstancesLinux.html" - ] - }, - { - "cell_type": "markdown", - "id": "12", - "metadata": {}, - "source": [] - } - ], - "metadata": { - "kernelspec": { - "display_name": "Python 3 (ipykernel)", - "language": "python", - "name": "python3" - }, - "language_info": { - "codemirror_mode": { - "name": "ipython", - "version": 3 - }, - "file_extension": ".py", - "mimetype": "text/x-python", - "name": "python", - "nbconvert_exporter": "python", - "pygments_lexer": "ipython3", - "version": "3.10.9" - } - }, - "nbformat": 4, - "nbformat_minor": 5 -} diff --git a/notebooks/tutorials/data-engineer/09-deploying-enclave.ipynb b/notebooks/tutorials/data-engineer/09-deploying-enclave.ipynb deleted file mode 100644 index 11c0fba438e..00000000000 --- a/notebooks/tutorials/data-engineer/09-deploying-enclave.ipynb +++ /dev/null @@ -1,41 +0,0 @@ -{ - "cells": [ - { - "cell_type": "markdown", - "id": "0", - "metadata": {}, - "source": [ - "# Deploying an Enclave" - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "1", - "metadata": {}, - "outputs": [], - "source": [] - } - ], - "metadata": { - "kernelspec": { - "display_name": "Python 3 (ipykernel)", - "language": "python", - "name": "python3" - }, - "language_info": { - "codemirror_mode": { - "name": "ipython", - "version": 3 - }, - "file_extension": ".py", - "mimetype": "text/x-python", - "name": "python", - "nbconvert_exporter": "python", - "pygments_lexer": "ipython3", - "version": "3.10.9" - } - }, - "nbformat": 4, - "nbformat_minor": 5 -} diff --git a/notebooks/tutorials/data-engineer/10-custom-deployment.ipynb b/notebooks/tutorials/data-engineer/10-custom-deployment.ipynb deleted file mode 100644 index 11b2f707b35..00000000000 --- a/notebooks/tutorials/data-engineer/10-custom-deployment.ipynb +++ /dev/null @@ -1,97 +0,0 @@ -{ - "cells": [ - { - "cell_type": "markdown", - "id": "0", - "metadata": {}, - "source": [ - "# Custom Deployment" - ] - }, - { - "cell_type": "markdown", - "id": "1", - "metadata": {}, - "source": [ - "## What you need" - ] - }, - { - "cell_type": "markdown", - "id": "2", - "metadata": {}, - "source": [ - "### Container Engine" - ] - }, - { - "cell_type": "markdown", - "id": "3", - "metadata": {}, - "source": [ - "### File Mounts" - ] - }, - { - "cell_type": "markdown", - "id": "4", - "metadata": {}, - "source": [ - "### Network Access" - ] - }, - { - "cell_type": "markdown", - "id": "5", - "metadata": {}, - "source": [ - "### Python Client" - ] - }, - { - "cell_type": "markdown", - "id": "6", - "metadata": {}, - "source": [ - "### Red Hat and Podman" - ] - }, - { - "cell_type": "markdown", - "id": "7", - "metadata": {}, - "source": [ - "### Kubernetes" - ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "8", - "metadata": {}, - "outputs": [], - "source": [] - } - ], - "metadata": { - "kernelspec": { - "display_name": "Python 3 (ipykernel)", - "language": "python", - "name": "python3" - }, - "language_info": { - "codemirror_mode": { - "name": "ipython", - "version": 3 - }, - "file_extension": ".py", - "mimetype": "text/x-python", - "name": "python", - "nbconvert_exporter": "python", - "pygments_lexer": "ipython3", - "version": "3.10.9" - } - }, - "nbformat": 4, - "nbformat_minor": 5 -} diff --git a/notebooks/tutorials/data-engineer/11-installing-and-upgrading-via-helm.ipynb b/notebooks/tutorials/data-engineer/11-installing-and-upgrading-via-helm.ipynb deleted file mode 100644 index 4775672f760..00000000000 --- a/notebooks/tutorials/data-engineer/11-installing-and-upgrading-via-helm.ipynb +++ /dev/null @@ -1,364 +0,0 @@ -{ - "cells": [ - { - "cell_type": "markdown", - "id": "0", - "metadata": {}, - "source": [ - "# Installing using Helm" - ] - }, - { - "cell_type": "markdown", - "id": "1", - "metadata": {}, - "source": [ - "## Add Helm Repo" - ] - }, - { - "cell_type": "markdown", - "id": "2", - "metadata": {}, - "source": [ - "```bash\n", - "helm repo add openmined https://openmined.github.io/PySyft/helm\n", - "```" - ] - }, - { - "cell_type": "markdown", - "id": "3", - "metadata": {}, - "source": [ - "## Update Repo" - ] - }, - { - "cell_type": "markdown", - "id": "4", - "metadata": {}, - "source": [ - "```bash\n", - "helm repo update openmined\n", - "```" - ] - }, - { - "cell_type": "markdown", - "id": "5", - "metadata": {}, - "source": [ - "## Search for available Chart versions" - ] - }, - { - "cell_type": "markdown", - "id": "6", - "metadata": {}, - "source": [ - "### Search for available versionsΒΆ" - ] - }, - { - "cell_type": "markdown", - "id": "7", - "metadata": {}, - "source": [ - "```bash\n", - "helm search repo openmined/syft --versions --devel\n", - "```" - ] - }, - { - "cell_type": "markdown", - "id": "8", - "metadata": {}, - "source": [ - "### Set the version to install" - ] - }, - { - "cell_type": "markdown", - "id": "9", - "metadata": {}, - "source": [ - "```bash\n", - "export SYFT_VERSION=\"\"\n", - "```" - ] - }, - { - "cell_type": "markdown", - "id": "10", - "metadata": {}, - "source": [ - "## Setup a registry" - ] - }, - { - "cell_type": "markdown", - "id": "11", - "metadata": {}, - "source": [ - "One needs to setup a registry either locally or on the cloud. To set one up locally, one can follow the following commands." - ] - }, - { - "cell_type": "markdown", - "id": "12", - "metadata": {}, - "source": [ - "```bash\n", - "k3d registry create registry.localhost --port 12345 -v `pwd`/k3d-registry:/var/lib/registry || true\n", - "```" - ] - }, - { - "cell_type": "markdown", - "id": "13", - "metadata": {}, - "source": [ - "Setup a load balancer\n", - "\n", - "```bash\n", - "NODE_NAME=syft NODE_PORT=8080 && \\\n", - "k3d cluster create syft -p \"$NODE_PORT:80@loadbalancer\" --registry-use k3d-registry.localhost || true \\\n", - "k3d cluster start syft\n", - "```" - ] - }, - { - "cell_type": "markdown", - "id": "14", - "metadata": {}, - "source": [ - "## Install using Helm" - ] - }, - { - "cell_type": "markdown", - "id": "15", - "metadata": {}, - "source": [ - "```bash\n", - "helm install my-domain openmined/syft --version $SYFT_VERSION --namespace syft --create-namespace --set ingress.className=traefik\n", - "```" - ] - }, - { - "cell_type": "markdown", - "id": "16", - "metadata": {}, - "source": [ - "# Upgrading using Helm" - ] - }, - { - "cell_type": "markdown", - "id": "17", - "metadata": {}, - "source": [ - "## Add Helm Repo" - ] - }, - { - "cell_type": "markdown", - "id": "18", - "metadata": {}, - "source": [ - "```bash\n", - "helm repo add openmined https://openmined.github.io/PySyft/helm\n", - "```" - ] - }, - { - "cell_type": "markdown", - "id": "19", - "metadata": {}, - "source": [ - "## Update Repo" - ] - }, - { - "cell_type": "markdown", - "id": "20", - "metadata": {}, - "source": [ - "```bash\n", - "helm repo update openmined\n", - "```" - ] - }, - { - "cell_type": "markdown", - "id": "21", - "metadata": {}, - "source": [ - "## Search for available Helm Chart versions" - ] - }, - { - "cell_type": "markdown", - "id": "22", - "metadata": {}, - "source": [ - "### Search for available versions" - ] - }, - { - "cell_type": "markdown", - "id": "23", - "metadata": {}, - "source": [ - "```bash\n", - "helm search repo openmined/syft --versions --devel\n", - "```" - ] - }, - { - "cell_type": "markdown", - "id": "24", - "metadata": {}, - "source": [ - "### Set the target version" - ] - }, - { - "cell_type": "markdown", - "id": "25", - "metadata": {}, - "source": [ - "```bash\n", - "export TARGET_VERSION=\"\"\n", - "```" - ] - }, - { - "cell_type": "markdown", - "id": "26", - "metadata": {}, - "source": [ - "## Get the current Helm release values (User Defined)" - ] - }, - { - "cell_type": "markdown", - "id": "27", - "metadata": {}, - "source": [ - "Set the release name and namespace\n", - "\n", - "```bash\n", - "export RELEASE_NAME=\"\"\n", - "export NAMESPACE=\"\"\n", - "```" - ] - }, - { - "cell_type": "markdown", - "id": "28", - "metadata": {}, - "source": [ - "```bash\n", - "helm get values $RELEASE_NAME -n $NAMESPACE -o yaml > values.yaml\n", - "```\n", - "\n", - "
\n", - "\n", - "Use this file in the argument to helm upgrade command, for example:\n", - "\n", - "\n", - "`-f /home/user/values.yaml`\n", - "\n", - "\n", - "Save the path to a variable:\n", - "\n", - "```bash\n", - "export PATH_TO_VALUES=/home/user/values.yaml\n", - "```" - ] - }, - { - "cell_type": "markdown", - "id": "29", - "metadata": {}, - "source": [ - "## Upgrade the Helm Chart" - ] - }, - { - "cell_type": "markdown", - "id": "30", - "metadata": {}, - "source": [ - "### Find out the number of nodes in the cluster." - ] - }, - { - "cell_type": "markdown", - "id": "31", - "metadata": {}, - "source": [ - "```bash\n", - "kubectl describe sts --namespace $NAMESPACE | grep 'Replicas'\n", - "```" - ] - }, - { - "cell_type": "markdown", - "id": "32", - "metadata": {}, - "source": [ - "### Upgrade the Helm chart." - ] - }, - { - "cell_type": "markdown", - "id": "33", - "metadata": {}, - "source": [ - "```bash\n", - "helm upgrade $RELEASE_NAME openmined/syft \\\n", - " --version $TARGET_VERSION \\\n", - " -f $PATH_TO_VALUES \\\n", - " --namespace $NAMESPACE\n", - "```" - ] - } - ], - "metadata": { - "kernelspec": { - "display_name": "Python 3 (ipykernel)", - "language": "python", - "name": "python3" - }, - "language_info": { - "codemirror_mode": { - "name": "ipython", - "version": 3 - }, - "file_extension": ".py", - "mimetype": "text/x-python", - "name": "python", - "nbconvert_exporter": "python", - "pygments_lexer": "ipython3", - "version": "3.9.7" - }, - "toc": { - "base_numbering": 1, - "nav_menu": {}, - "number_sections": true, - "sideBar": true, - "skip_h1_title": false, - "title_cell": "Table of Contents", - "title_sidebar": "Contents", - "toc_cell": false, - "toc_position": {}, - "toc_section_display": true, - "toc_window_display": false - } - }, - "nbformat": 4, - "nbformat_minor": 5 -} diff --git a/notebooks/tutorials/deployments/00-deployment-types.ipynb b/notebooks/tutorials/deployments/00-deployment-types.ipynb new file mode 100644 index 00000000000..b9283a0c94c --- /dev/null +++ b/notebooks/tutorials/deployments/00-deployment-types.ipynb @@ -0,0 +1,99 @@ +{ + "cells": [ + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "# Introduction to PySyft Deployment Options\n", + "\n", + "PySyft offers various deployment options catering to different needs and environments. Each deployment option provides a unique set of advantages, allowing users to seamlessly integrate PySyft into their workflows, whether for local development, production deployment, or experimentation in cloud environments. Below, we explore the different deployment options supported by PySyft and provide insights into when each option is most suitable." + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### 1. Local Python Deployment\n", + "\n", + "This deployment option runs PySyft locally within a Python environment. It is lightweight and runs everything in-memory, making it ideal for quick prototyping and testing.\n", + "\n", + "**Recommended For:** \n", + "- Development and testing on resource-constrained systems without Docker support.\n", + "- Rapid experimentation with PySyft APIs.\n", + "\n", + "Follow [01-deploy-python.ipynb](./01-deploy-python.ipynb) for deployment instructions." + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### 2. Single Container Deployment\n", + "\n", + "In this deployment, PySyft is encapsulated within a single Docker container, providing better isolation and portability compared to the local Python deployment.\n", + "\n", + "**Recommended For:**\n", + "- Resource-constrained systems with Docker support.\n", + "- Standardizing PySyft deployment across different environments.\n", + "\n", + "Follow [02-deploy-container.ipynb](./02-deploy-container.ipynb) for deployment instructions." + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### 3. Kubernetes Deployment\n", + "\n", + "This deployment option orchestrates the entire PySyft stack on a Kubernetes cluster, enabling scalable and efficient deployment in cloud or on-premises environments. Various Kubernetes configurations are available for deployment flexibility.\n", + "\n", + "**Recommended For:**\n", + "- Production-grade deployments requiring scalability and fault tolerance.\n", + "- Cloud-native environments where Kubernetes is the preferred orchestration tool.\n", + "\n", + " **[a. Local k3d Cluster Deployment](./03-deploy-k8s-k3d.ipynb)**\n", + " - Quick setup for local development and testing using a lightweight Kubernetes cluster.\n", + "\n", + " **[b. Azure Deployment](./04-deploy-k8s-azure.ipynb)**\n", + " - Deployment on Microsoft Azure cloud infrastructure for scalable and reliable operation.\n", + "\n", + " **[c. GCP Deployment](./05-deploy-k8s-gcp.ipynb)**\n", + " - Deployment on Google Cloud Platform for seamless integration with GCP services.\n", + "\n", + " **[d. AWS Deployment](./06-deploy-k8s-aws.ipynb)**\n", + " - Deployment on Amazon Web Services for robust and flexible cloud-based deployment." + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### 4. Devspace Deployment\n", + "\n", + "This deployment option utilizes Devspace to streamline the development process for PySyft. It provides features such as local image building, port-forwarding, volume mounting, hot-reloading, and debugging to enhance the development experience.\n", + "\n", + "**Recommended For:**\n", + "- Developers contributing to PySyft codebase.\n", + "- Simplifying local development setup and debugging processes.\n", + "\n", + "Follow [07-deploy-devspace.ipynb](./07-deploy-devspace.ipynb) for deployment instructions." + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Choosing the Right Deployment Option\n", + "\n", + "Selecting the appropriate deployment option depends on factors such as development objectives, resource constraints, scalability requirements, and familiarity with the deployment environment. For quick experimentation and local development, the local Python deployment or single container deployment may suffice. However, for production-grade deployments requiring scalability and reliability, Kubernetes deployment is recommended. Developers actively contributing to PySyft can benefit from the Devspace deployment option for a streamlined development experience." + ] + } + ], + "metadata": { + "language_info": { + "name": "python" + } + }, + "nbformat": 4, + "nbformat_minor": 2 +} diff --git a/notebooks/tutorials/deployments/01-deploy-python.ipynb b/notebooks/tutorials/deployments/01-deploy-python.ipynb new file mode 100644 index 00000000000..b0de2c53fa3 --- /dev/null +++ b/notebooks/tutorials/deployments/01-deploy-python.ipynb @@ -0,0 +1,191 @@ +{ + "cells": [ + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "# Local in-memory python deployment" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "## Introduction\n", + "\n", + "One of the quickest way to try out PySyft is to install the pre-built python package on your local environment using pip. The python package is lightweight and runs the PySyft stack in-memory.\n", + "\n", + "**Recommended For:**\n", + "- Development and testing on resource-constrained systems without Docker support.\n", + "- Rapid experimentation with PySyft APIs." + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "## Prerequisites\n", + "Before we begin, ensure you have the following prerequisites installed on your system:\n", + "1. Python (3.10 - 3.12)\n", + "2. pip (or uv)\n", + "3. venv (optional, but recommended)" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "# Deployment Steps" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "## Installing Syft\n", + "1. Create and activate a python virtual environment (Optional, but recommended)\n", + " ```bash\n", + " python -m venv venv/\n", + " source venv/bin/activate\n", + " ```\n", + "\n", + "2. Install PySyft\n", + " ```bash\n", + " pip install syft\n", + " ```" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "## Working with Python Domain\n", + "\n", + "`PySyft` makes it very easy to develop against a domain in a notebook by providing the `sy.orchestra` interface. It allows you to start a domain with a webserver in a notebook in the background, which is a lightweight version of a Domain that would be used in production. You can specify options such as what kind of database you are using, whether you want to use networking and how many processes you want to use. You can launch a Domain by simply executing:" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": {}, + "outputs": [], + "source": [ + "# syft absolute\n", + "import syft as sy" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": {}, + "outputs": [], + "source": [ + "node = sy.orchestra.launch(\n", + " name=\"dev-mode-example-domain-1\", port=8020, reset=True, dev_mode=True\n", + ")" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "If we don't need a webserver (for development this is true in many cases), we can omit the port and instead use\n", + "\n", + "```python\n", + "node = sy.orchestra.launch(name=\"dev-mode-example-domain-1\", dev_mode=True, reset=True)\n", + "```\n", + "\n", + "One of the benefits of not using a port is that you can use a debugger and set breakpoints within api calls. This makes debugging way faster in many cases.\n", + "\n", + "Now, we are ready to start using the domain. The domain comes with test login credentials for the admin." + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": {}, + "outputs": [], + "source": [ + "client = node.login(email=\"info@openmined.org\", password=\"changethis\")" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "Once you are logged in, you are ready to start using the domain, for instance for creating a dataset (this one is empty, just as a example)." + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": {}, + "outputs": [], + "source": [ + "dataset = sy.Dataset(name=\"my dataset\", asset_list=[])\n", + "client.upload_dataset(dataset)" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "Lastly to stop or terminate your Domain, we can execute the following command:" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": {}, + "outputs": [], + "source": [ + "node.land()" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "## Next Steps\n", + "Congratulations! You have successfully deployed a local in-memory PySyft stack using python. Now, you can explore its capabilities and use cases through our API example notebooks:\n", + "\n", + "πŸ“ [API Example Notebooks](../../api)\n", + "- [00-load-data.ipynb](../../api/0.8/00-load-data.ipynb)\n", + "- [01-submit-code.ipynb](../../api/0.8/01-submit-code.ipynb)\n", + "- [02-review-code-and-approve.ipynb](../../api/0.8/02-review-code-and-approve.ipynb)\n", + "- [03-data-scientist-download-result.ipynb](../../api/0.8/03-data-scientist-download-result.ipynb)\n", + "- [04-jax-example.ipynb](../../api/0.8/04-jax-example.ipynb)\n", + "- [05-custom-policy.ipynb](../../api/0.8/05-custom-policy.ipynb)\n", + "- [06-multiple-code-requests.ipynb](../../api/0.8/06-multiple-code-requests.ipynb)\n", + "- [07-domain-register-control-flow.ipynb](../../api/0.8/07-domain-register-control-flow.ipynb)\n", + "- [08-code-version.ipynb](../../api/0.8/08-code-version.ipynb)\n", + "- [09-blob-storage.ipynb](../../api/0.8/09-blob-storage.ipynb)\n", + "- [10-container-images.ipynb](../../api/0.8/10-container-images.ipynb)\n", + "- [11-container-images-k8s.ipynb](../../api/0.8/11-container-images-k8s.ipynb)\n", + "\n", + "Feel free to explore these notebooks to get started with PySyft and unlock its full potential for privacy-preserving machine learning!" + ] + } + ], + "metadata": { + "kernelspec": { + "display_name": "PySyft", + "language": "python", + "name": "python3" + }, + "language_info": { + "codemirror_mode": { + "name": "ipython", + "version": 3 + }, + "file_extension": ".py", + "mimetype": "text/x-python", + "name": "python", + "nbconvert_exporter": "python", + "pygments_lexer": "ipython3", + "version": "3.11.7" + } + }, + "nbformat": 4, + "nbformat_minor": 2 +} diff --git a/notebooks/tutorials/deployments/02-deploy-container.ipynb b/notebooks/tutorials/deployments/02-deploy-container.ipynb new file mode 100644 index 00000000000..be1c530ab2b --- /dev/null +++ b/notebooks/tutorials/deployments/02-deploy-container.ipynb @@ -0,0 +1,171 @@ +{ + "cells": [ + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "# Single container deployment" + ] + }, + { + "cell_type": "markdown", + "metadata": { + "vscode": { + "languageId": "plaintext" + } + }, + "source": [ + "## Introduction\n", + "\n", + "In this deployment, PySyft is encapsulated within a single Docker container, providing better isolation and portability compared to the local Python deployment.\n", + "\n", + "**Recommended For:**\n", + "- Resource-constrained systems with Docker support.\n", + "- Standardizing PySyft deployment across different environments." + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "## Prerequisites\n", + "Before we begin, ensure you have [Docker](https://docs.docker.com/install/) installed on your system." + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "## Deployment steps\n", + "\n", + "You can execute the below command in your terminal to run the PySyft stack within a single docker container on port `8080`." + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "#### Set Your Preferred Syft Version\n", + "\n", + "```sh\n", + "SYFT_VERSION=\"\"\n", + "```" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "``` bash\n", + "docker run -it \\\n", + " -e NODE_NAME=syft-example-domain-1 \\\n", + " -e NODE_TYPE=domain \\\n", + " -e N_CONSUMERS=1 \\\n", + " -e SINGLE_CONTAINER_MODE=true \\\n", + " -e CREATE_PRODUCER=true \\\n", + " -e INMEMORY_WORKERS=true \\\n", + " -p 8080:80 --add-host=host.docker.internal:host-gateway \\\n", + " --name syft-example-domain-1 openmined/grid-backend:$SYFT_VERSION\n", + "```" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "## Working with the single container deployment\n", + "\n", + "PySyft makes it very simple to connect to any existing Syft cluster by providing the `sy.orchestra` interface. You can connect to the domain by executing these steps in your jupyter notebook:" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "```python3\n", + "# syft absolute\n", + "import syft as sy\n", + "\n", + "node = sy.orchestra.launch(name=\"syft-example-domain-1\", deploy_to=\"remote\")\n", + "```" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "This will return a node handle by connecting to `http://localhost:8080` which is the default host and port where your docker container will be running. You can connect to a different host and port by setting the environment variables `NODE_URL` and `NODE_PORT`.\n", + "```python\n", + "import os\n", + "\n", + "os.environ[\"NODE_URL\"] = \"\"\n", + "os.environ[\"NODE_PORT\"] = \"\"\n", + "```" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "Now, we are ready to start using the domain. The domain comes with default login credentials for the admin." + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "```python3\n", + "client = node.login(email=\"info@openmined.org\", password=\"changethis\")\n", + "```" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "Once you are logged in, you are ready to start using the domain, for instance for creating a dataset (this one is empty, just as a example)." + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "```python3\n", + "dataset = sy.Dataset(name=\"my dataset\", asset_list=[])\n", + "client.upload_dataset(dataset)\n", + "```" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "## Next Steps\n", + "Congratulations! You have successfully deployed PySyft on your local Kubernetes cluster. Now, you can explore its capabilities and use cases through our API example notebooks:\n", + "\n", + "πŸ“ [API Example Notebooks](../../api)\n", + "- [00-load-data.ipynb](../../api/0.8/00-load-data.ipynb)\n", + "- [01-submit-code.ipynb](../../api/0.8/01-submit-code.ipynb)\n", + "- [02-review-code-and-approve.ipynb](../../api/0.8/02-review-code-and-approve.ipynb)\n", + "- [03-data-scientist-download-result.ipynb](../../api/0.8/03-data-scientist-download-result.ipynb)\n", + "- [04-jax-example.ipynb](../../api/0.8/04-jax-example.ipynb)\n", + "- [05-custom-policy.ipynb](../../api/0.8/05-custom-policy.ipynb)\n", + "- [06-multiple-code-requests.ipynb](../../api/0.8/06-multiple-code-requests.ipynb)\n", + "- [07-domain-register-control-flow.ipynb](../../api/0.8/07-domain-register-control-flow.ipynb)\n", + "- [08-code-version.ipynb](../../api/0.8/08-code-version.ipynb)\n", + "- [09-blob-storage.ipynb](../../api/0.8/09-blob-storage.ipynb)\n", + "- [10-container-images.ipynb](../../api/0.8/10-container-images.ipynb)\n", + "- [11-container-images-k8s.ipynb](../../api/0.8/11-container-images-k8s.ipynb)\n", + "\n", + "Feel free to explore these notebooks to get started with PySyft and unlock its full potential for privacy-preserving machine learning!" + ] + } + ], + "metadata": { + "language_info": { + "name": "python" + } + }, + "nbformat": 4, + "nbformat_minor": 2 +} diff --git a/notebooks/tutorials/deployments/03-deploy-k8s-k3d.ipynb b/notebooks/tutorials/deployments/03-deploy-k8s-k3d.ipynb new file mode 100644 index 00000000000..c9cb2e1ebd8 --- /dev/null +++ b/notebooks/tutorials/deployments/03-deploy-k8s-k3d.ipynb @@ -0,0 +1,193 @@ +{ + "cells": [ + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "# Deploying PySyft on a Local Kubernetes Cluster" + ] + }, + { + "cell_type": "markdown", + "metadata": { + "vscode": { + "languageId": "plaintext" + } + }, + "source": [ + "## Introduction\n", + "Welcome to our quick start guide for deploying PySyft on a local Kubernetes cluster! PySyft is a powerful framework for privacy-preserving machine learning, and deploying it on Kubernetes allows an easy way to quickly try out the full PySyft stack on your own system. This guide will walk you through the process step by step." + ] + }, + { + "cell_type": "markdown", + "metadata": { + "vscode": { + "languageId": "plaintext" + } + }, + "source": [ + "## Prerequisites\n", + "Before we begin, ensure you have the following prerequisites installed on your system:\n", + "1. [Docker](https://docs.docker.com/install/): Docker is required to create and manage containers.\n", + "2. [kubectl](https://kubernetes.io/docs/tasks/tools/#kubectl): kubectl is the command-line tool for interacting with Kubernetes clusters.\n", + "3. [k3d](https://k3d.io/v5.6.3/#installation): k3d is used to create local Kubernetes clusters.\n", + "4. [Helm](https://helm.sh/docs/intro/install/): Helm is the package manager for Kubernetes, used to install and manage applications on Kubernetes clusters." + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "## Deployment Steps\n", + "\n", + "### 1. Create a Local Kubernetes Cluster\n", + "First, create a local Kubernetes cluster named \"syft\" using k3d:\n", + "```sh\n", + "k3d cluster create syft -p \"8080:80@loadbalancer\"\n", + "```\n", + "\n", + "### 2. Add and Update Helm Repo for Syft\n", + "Add the Helm repository for PySyft and update it:\n", + "```sh\n", + "helm repo add openmined https://openmined.github.io/PySyft/helm\n", + "helm repo update openmined\n", + "```\n", + "\n", + "### 3. Search for Available Syft Versions\n", + "Explore available versions of PySyft using Helm:\n", + "```sh\n", + "helm search repo openmined/syft --versions --devel\n", + "```\n", + "\n", + "### 4. Set Your Preferred Syft Chart Version\n", + "Set the version of PySyft you want to install:\n", + "```sh\n", + "SYFT_VERSION=\"\"\n", + "```\n", + "\n", + "### 5. Provision Helm Charts\n", + "Install PySyft on the Kubernetes cluster with your preferred version:\n", + "```sh\n", + "helm install my-syft openmined/syft --version $SYFT_VERSION --namespace syft --create-namespace --set ingress.className=\"traefik\"\n", + "```" + ] + }, + { + "cell_type": "markdown", + "metadata": { + "vscode": { + "languageId": "plaintext" + } + }, + "source": [ + "## Working with the local Kubernetes deployment\n", + "\n", + "PySyft makes it very simple to connect to your existing Syft cluster by providing the `sy.orchestra` interface. You can connect to the domain by executing these steps in your jupyter notebook:" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "```python3\n", + "# syft absolute\n", + "import syft as sy\n", + "\n", + "node = sy.orchestra.launch(name=\"syft-example-domain-1\", deploy_to=\"remote\")\n", + "```" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "This will return a node handle by connecting to `http://localhost:8080` which is the default host and port where your kubernetes cluster will be running. You can connect to a different host and port by setting the environment variables `NODE_URL` and `NODE_PORT`.\n", + "```python\n", + "import os\n", + "\n", + "os.environ[\"NODE_URL\"] = \"\"\n", + "os.environ[\"NODE_PORT\"] = \"\"\n", + "```" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "Now, we are ready to start using the domain. The domain comes with default login credentials for the admin." + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "```python3\n", + "client = node.login(email=\"info@openmined.org\", password=\"changethis\")\n", + "```" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "Once you are logged in, you are ready to start using the domain, for instance for creating a dataset (this one is empty, just as a example)." + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "```python3\n", + "dataset = sy.Dataset(name=\"my dataset\", asset_list=[])\n", + "client.upload_dataset(dataset)\n", + "```" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "## Next Steps\n", + "Congratulations! You have successfully deployed PySyft on your local Kubernetes cluster. Now, you can explore its capabilities and use cases through our API example notebooks:\n", + "\n", + "πŸ“ [API Example Notebooks](../../api)\n", + "- [00-load-data.ipynb](../../api/0.8/00-load-data.ipynb)\n", + "- [01-submit-code.ipynb](../../api/0.8/01-submit-code.ipynb)\n", + "- [02-review-code-and-approve.ipynb](../../api/0.8/02-review-code-and-approve.ipynb)\n", + "- [03-data-scientist-download-result.ipynb](../../api/0.8/03-data-scientist-download-result.ipynb)\n", + "- [04-jax-example.ipynb](../../api/0.8/04-jax-example.ipynb)\n", + "- [05-custom-policy.ipynb](../../api/0.8/05-custom-policy.ipynb)\n", + "- [06-multiple-code-requests.ipynb](../../api/0.8/06-multiple-code-requests.ipynb)\n", + "- [07-domain-register-control-flow.ipynb](../../api/0.8/07-domain-register-control-flow.ipynb)\n", + "- [08-code-version.ipynb](../../api/0.8/08-code-version.ipynb)\n", + "- [09-blob-storage.ipynb](../../api/0.8/09-blob-storage.ipynb)\n", + "- [10-container-images.ipynb](../../api/0.8/10-container-images.ipynb)\n", + "- [11-container-images-k8s.ipynb](../../api/0.8/11-container-images-k8s.ipynb)\n", + "\n", + "Feel free to explore these notebooks to get started with PySyft and unlock its full potential for privacy-preserving machine learning!" + ] + } + ], + "metadata": { + "kernelspec": { + "display_name": "PySyft", + "language": "python", + "name": "python3" + }, + "language_info": { + "codemirror_mode": { + "name": "ipython", + "version": 3 + }, + "file_extension": ".py", + "mimetype": "text/x-python", + "name": "python", + "nbconvert_exporter": "python", + "pygments_lexer": "ipython3", + "version": "3.11.7" + } + }, + "nbformat": 4, + "nbformat_minor": 2 +} diff --git a/notebooks/tutorials/deployments/04-deploy-k8s-azure.ipynb b/notebooks/tutorials/deployments/04-deploy-k8s-azure.ipynb new file mode 100644 index 00000000000..71c158afddd --- /dev/null +++ b/notebooks/tutorials/deployments/04-deploy-k8s-azure.ipynb @@ -0,0 +1,18 @@ +{ + "cells": [ + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "TODO" + ] + } + ], + "metadata": { + "language_info": { + "name": "python" + } + }, + "nbformat": 4, + "nbformat_minor": 2 +} diff --git a/notebooks/tutorials/deployments/05-deploy-k8s-gcp.ipynb b/notebooks/tutorials/deployments/05-deploy-k8s-gcp.ipynb new file mode 100644 index 00000000000..71c158afddd --- /dev/null +++ b/notebooks/tutorials/deployments/05-deploy-k8s-gcp.ipynb @@ -0,0 +1,18 @@ +{ + "cells": [ + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "TODO" + ] + } + ], + "metadata": { + "language_info": { + "name": "python" + } + }, + "nbformat": 4, + "nbformat_minor": 2 +} diff --git a/notebooks/tutorials/deployments/06-deploy-k8s-aws.ipynb b/notebooks/tutorials/deployments/06-deploy-k8s-aws.ipynb new file mode 100644 index 00000000000..71c158afddd --- /dev/null +++ b/notebooks/tutorials/deployments/06-deploy-k8s-aws.ipynb @@ -0,0 +1,18 @@ +{ + "cells": [ + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "TODO" + ] + } + ], + "metadata": { + "language_info": { + "name": "python" + } + }, + "nbformat": 4, + "nbformat_minor": 2 +} diff --git a/notebooks/tutorials/deployments/07-deploy-devspace.ipynb b/notebooks/tutorials/deployments/07-deploy-devspace.ipynb new file mode 100644 index 00000000000..71c158afddd --- /dev/null +++ b/notebooks/tutorials/deployments/07-deploy-devspace.ipynb @@ -0,0 +1,18 @@ +{ + "cells": [ + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "TODO" + ] + } + ], + "metadata": { + "language_info": { + "name": "python" + } + }, + "nbformat": 4, + "nbformat_minor": 2 +} diff --git a/notebooks/tutorials/model-auditing/colab/01-user-log.ipynb b/notebooks/tutorials/model-auditing/colab/01-user-log.ipynb index 226ac4f4006..036c21f9ed6 100644 --- a/notebooks/tutorials/model-auditing/colab/01-user-log.ipynb +++ b/notebooks/tutorials/model-auditing/colab/01-user-log.ipynb @@ -110,7 +110,7 @@ " \n", "**C) From the command line (supports docker/kubernetes)**\n", " - setup for production\n", - " - run `syft launch` or `hagrid launch` from the terminal\n", + " - run `syft launch` from the terminal\n", " \n", " \n", "We are using the **A)** here, as it is the only option available using google colab, switching to a real webserver is as easy as running this notebook in jupyter locally and adding a port. Read more about deployment on our [README.md](https://github.com/OpenMined/PySyft) and other setups for syft [here](https://github.com/OpenMined/PySyft/tree/dev/notebooks/tutorials/data-engineer)" diff --git a/packages/grid/README.md b/packages/grid/README.md deleted file mode 100644 index c9dd9508514..00000000000 --- a/packages/grid/README.md +++ /dev/null @@ -1,791 +0,0 @@ -# grid - -## Backend Requirements - -- [Docker](https://www.docker.com/). -- [Docker Compose](https://docs.docker.com/compose/install/). -- [Poetry](https://python-poetry.org/) for Python package and environment management. - -## Frontend Requirements - -- Node.js (with `npm`). - -## Backend local development - -- Start the stack with Docker Compose: - -```bash -docker-compose up -d -``` - -- Now you can open your browser and interact with these URLs: - -Frontend, built with Docker, with routes handled based on the path: http://localhost - -Backend, JSON based web API based on OpenAPI: http://localhost/api/ - -Automatic interactive documentation with Swagger UI (from the OpenAPI backend): http://localhost/docs - -Alternative automatic documentation with ReDoc (from the OpenAPI backend): http://localhost/redoc - -PGAdmin, PostgreSQL web administration: http://localhost:5050 - -Flower, administration of Celery tasks: http://localhost:5555 - -Traefik UI, to see how the routes are being handled by the proxy: http://localhost:8090 - -**Note**: The first time you start your stack, it might take a minute for it to be ready. While the backend waits for the database to be ready and configures everything. You can check the logs to monitor it. - -To check the logs, run: - -```bash -docker-compose logs -``` - -To check the logs of a specific service, add the name of the service, e.g.: - -```bash -docker-compose logs backend -``` - -If your Docker is not running in `localhost` (the URLs above wouldn't work) check the sections below on **Development with Docker Toolbox** and **Development with a custom IP**. - -## Backend local development, additional details - -### General workflow - -By default, the dependencies are managed with [Poetry](https://python-poetry.org/), go there and install it. - -From `./backend/app/` you can install all the dependencies with: - -```console -$ poetry install -``` - -Then you can start a shell session with the new environment with: - -```console -$ poetry shell -``` - -Next, open your editor at `./backend/app/` (instead of the project root: `./`), so that you see an `./app/` directory with your code inside. That way, your editor will be able to find all the imports, etc. Make sure your editor uses the environment you just created with Poetry. - -Add and modify tasks to the Celery worker in `./backend/app/app/worker.py`. - -If you need to install any additional package to the worker, add it to the file `./backend/app/celeryworker.dockerfile`. - -### Docker Compose Override - -During development, you can change Docker Compose settings that will only affect the local development environment, in the file `docker-compose.override.yml`. - -The changes to that file only affect the local development environment, not the production environment. So, you can add "temporary" changes that help the development workflow. - -For example, the directory with the backend code is mounted as a Docker "host volume", mapping the code you change live to the directory inside the container. That allows you to test your changes right away, without having to build the Docker image again. It should only be done during development, for production, you should build the Docker image with a recent version of the backend code. But during development, it allows you to iterate very fast. - -There is also a command override that runs `/start-reload.sh` (included in the base image) instead of the default `/start.sh` (also included in the base image). It starts a single server process (instead of multiple, as would be for production) and reloads the process whenever the code changes. Have in mind that if you have a syntax error and save the Python file, it will break and exit, and the container will stop. After that, you can restart the container by fixing the error and running again: - -```console -$ docker-compose up -d -``` - -There is also a commented out `command` override, you can uncomment it and comment the default one. It makes the backend container run a process that does "nothing", but keeps the container alive. That allows you to get inside your running container and execute commands inside, for example a Python interpreter to test installed dependencies, or start the development server that reloads when it detects changes, or start a Jupyter Notebook session. - -To get inside the container with a `bash` session you can start the stack with: - -```console -$ docker-compose up -d -``` - -and then `exec` inside the running container: - -```console -$ docker-compose exec backend bash -``` - -You should see an output like: - -```console -root@7f2607af31c3:/app# -``` - -that means that you are in a `bash` session inside your container, as a `root` user, under the `/app` directory. - -There you can use the script `/start-reload.sh` to run the debug live reloading server. You can run that script from inside the container with: - -```console -$ bash /start-reload.sh -``` - -...it will look like: - -```console -root@7f2607af31c3:/app# bash /start-reload.sh -``` - -and then hit enter. That runs the live reloading server that auto reloads when it detects code changes. - -Nevertheless, if it doesn't detect a change but a syntax error, it will just stop with an error. But as the container is still alive and you are in a Bash session, you can quickly restart it after fixing the error, running the same command ("up arrow" and "Enter"). - -...this previous detail is what makes it useful to have the container alive doing nothing and then, in a Bash session, make it run the live reload server. - -### Backend tests - -To test the backend run: - -```console -$ DOMAIN=backend sh ./scripts/test.sh -``` - -The file `./scripts/test.sh` has the commands to generate a testing `docker-stack.yml` file, start the stack and test it. - -The tests run with Pytest, modify and add tests to `./backend/app/app/tests/`. - -If you use GitLab CI the tests will run automatically. - -#### Local tests - -Start the stack with this command: - -```Bash -DOMAIN=backend sh ./scripts/test-local.sh -``` - -The `./backend/app` directory is mounted as a "host volume" inside the docker container (set in the file `docker-compose.dev.volumes.yml`). -You can rerun the test on live code: - -```Bash -docker-compose exec backend /app/tests-start.sh -``` - -#### Test running stack - -If your stack is already up and you just want to run the tests, you can use: - -```bash -docker-compose exec backend /app/tests-start.sh -``` - -That `/app/tests-start.sh` script just calls `pytest` after making sure that the rest of the stack is running. If you need to pass extra arguments to `pytest`, you can pass them to that command and they will be forwarded. - -For example, to stop on first error: - -```bash -docker-compose exec backend bash /app/tests-start.sh -x -``` - -#### Test Coverage - -Because the test scripts forward arguments to `pytest`, you can enable test coverage HTML report generation by passing `--cov-report=html`. - -To run the local tests with coverage HTML reports: - -```Bash -DOMAIN=backend sh ./scripts/test-local.sh --cov-report=html -``` - -To run the tests in a running stack with coverage HTML reports: - -```bash -docker-compose exec backend bash /app/tests-start.sh --cov-report=html -``` - -### Live development with Python Jupyter Notebooks - -If you know about Python [Jupyter Notebooks](http://jupyter.org/), you can take advantage of them during local development. - -The `docker-compose.override.yml` file sends a variable `env` with a value `dev` to the build process of the Docker image (during local development) and the `Dockerfile` has steps to then install and configure Jupyter inside your Docker container. - -So, you can enter into the running Docker container: - -```bash -docker-compose exec backend bash -``` - -And use the environment variable `$JUPYTER` to run a Jupyter Notebook with everything configured to listen on the public port (so that you can use it from your browser). - -It will output something like: - -```console -root@73e0ec1f1ae6:/app# $JUPYTER -[I 12:02:09.975 NotebookApp] Writing notebook server cookie secret to /root/.local/share/jupyter/runtime/notebook_cookie_secret -[I 12:02:10.317 NotebookApp] Serving notebooks from local directory: /app -[I 12:02:10.317 NotebookApp] The Jupyter Notebook is running at: -[I 12:02:10.317 NotebookApp] http://(73e0ec1f1ae6 or 127.0.0.1):8888/?token=f20939a41524d021fbfc62b31be8ea4dd9232913476f4397 -[I 12:02:10.317 NotebookApp] Use Control-C to stop this server and shut down all kernels (twice to skip confirmation). -[W 12:02:10.317 NotebookApp] No web browser found: could not locate runnable browser. -[C 12:02:10.317 NotebookApp] - - Copy/paste this URL into your browser when you connect for the first time, - to login with a token: - http://(73e0ec1f1ae6 or 127.0.0.1):8888/?token=f20939a41524d021fbfc62b31be8ea4dd9232913476f4397 -``` - -you can copy that URL and modify the "host" to be `localhost` or the domain you are using for development (e.g. `local.dockertoolbox.tiangolo.com`), in the case above, it would be, e.g.: - -``` -http://localhost:8888/token=f20939a41524d021fbfc62b31be8ea4dd9232913476f4397 -``` - -and then open it in your browser. - -You will have a full Jupyter Notebook running inside your container that has direct access to your database by the container name (`db`), etc. So, you can just run sections of your backend code directly, for example with [VS Code Python Jupyter Interactive Window](https://code.visualstudio.com/docs/python/jupyter-support-py) or [Hydrogen](https://github.com/nteract/hydrogen). - -### Development with Docker Toolbox - -If you are using **Docker Toolbox** in Windows or macOS instead of **Docker for Windows** or **Docker for Mac**, Docker will be running in a VirtualBox Virtual Machine, and it will have a local IP different than `127.0.0.1`, which is the IP address for `localhost` in your machine. - -The address of your Docker Toolbox virtual machine would probably be `192.168.99.100` (that is the default). - -As this is a common case, the domain `local.dockertoolbox.tiangolo.com` points to that (private) IP, just to help with development (actually `dockertoolbox.tiangolo.com` and all its subdomains point to that IP). That way, you can start the stack in Docker Toolbox, and use that domain for development. You will be able to open that URL in Chrome and it will communicate with your local Docker Toolbox directly as if it was a cloud server, including CORS (Cross Origin Resource Sharing). - -If you used the default CORS enabled domains while generating the project, `local.dockertoolbox.tiangolo.com` was configured to be allowed. If you didn't, you will need to add it to the list in the variable `BACKEND_CORS_ORIGINS` in the `.env` file. - -To configure it in your stack, follow the section **Change the development "domain"** below, using the domain `local.dockertoolbox.tiangolo.com`. - -After performing those steps you should be able to open: http://local.dockertoolbox.tiangolo.com and it will be server by your stack in your Docker Toolbox virtual machine. - -Check all the corresponding available URLs in the section at the end. - -### Development in `localhost` with a custom domain - -You might want to use something different than `localhost` as the domain. For example, if you are having problems with cookies that need a subdomain, and Chrome is not allowing you to use `localhost`. - -In that case, you have two options: you could use the instructions to modify your system `hosts` file with the instructions below in **Development with a custom IP** or you can just use `localhost.tiangolo.com`, it is set up to point to `localhost` (to the IP `127.0.0.1`) and all its subdomains too. And as it is an actual domain, the browsers will store the cookies you set during development, etc. - -If you used the default CORS enabled domains while generating the project, `localhost.tiangolo.com` was configured to be allowed. If you didn't, you will need to add it to the list in the variable `BACKEND_CORS_ORIGINS` in the `.env` file. - -To configure it in your stack, follow the section **Change the development "domain"** below, using the domain `localhost.tiangolo.com`. - -After performing those steps you should be able to open: http://localhost.tiangolo.com and it will be server by your stack in `localhost`. - -Check all the corresponding available URLs in the section at the end. - -### Development with a custom IP - -If you are running Docker in an IP address different than `127.0.0.1` (`localhost`) and `192.168.99.100` (the default of Docker Toolbox), you will need to perform some additional steps. That will be the case if you are running a custom Virtual Machine, a secondary Docker Toolbox or your Docker is located in a different machine in your network. - -In that case, you will need to use a fake local domain (`dev.grid.openmined.org`) and make your computer think that the domain is is served by the custom IP (e.g. `192.168.99.150`). - -If you used the default CORS enabled domains, `dev.grid.openmined.org` was configured to be allowed. If you want a custom one, you need to add it to the list in the variable `BACKEND_CORS_ORIGINS` in the `.env` file. - -- Open your `hosts` file with administrative privileges using a text editor: - - - **Note for Windows**: If you are in Windows, open the main Windows menu, search for "notepad", right click on it, and select the option "open as Administrator" or similar. Then click the "File" menu, "Open file", go to the directory `c:\Windows\System32\Drivers\etc\`, select the option to show "All files" instead of only "Text (.txt) files", and open the `hosts` file. - - **Note for Mac and Linux**: Your `hosts` file is probably located at `/etc/hosts`, you can edit it in a terminal running `sudo nano /etc/hosts`. - -- Additional to the contents it might have, add a new line with the custom IP (e.g. `192.168.99.150`) a space character, and your fake local domain: `dev.grid.openmined.org`. - -The new line might look like: - -``` -192.168.99.100 dev.grid.openmined.org -``` - -- Save the file. - - **Note for Windows**: Make sure you save the file as "All files", without an extension of `.txt`. By default, Windows tries to add the extension. Make sure the file is saved as is, without extension. - -...that will make your computer think that the fake local domain is served by that custom IP, and when you open that URL in your browser, it will talk directly to your locally running server when it is asked to go to `dev.grid.openmined.org` and think that it is a remote server while it is actually running in your computer. - -To configure it in your stack, follow the section **Change the development "domain"** below, using the domain `dev.grid.openmined.org`. - -After performing those steps you should be able to open: http://dev.grid.openmined.org and it will be server by your stack in `localhost`. - -Check all the corresponding available URLs in the section at the end. - -### Change the development "domain" - -If you need to use your local stack with a different domain than `localhost`, you need to make sure the domain you use points to the IP where your stack is set up. See the different ways to achieve that in the sections above (i.e. using Docker Toolbox with `local.dockertoolbox.tiangolo.com`, using `localhost.tiangolo.com` or using `dev.grid.openmined.org`). - -To simplify your Docker Compose setup, for example, so that the API docs (Swagger UI) knows where is your API, you should let it know you are using that domain for development. You will need to edit 1 line in 2 files. - -- Open the file located at `./.env`. It would have a line like: - -``` -DOMAIN=localhost -``` - -- Change it to the domain you are going to use, e.g.: - -``` -DOMAIN=localhost.tiangolo.com -``` - -That variable will be used by the Docker Compose files. - -- Now open the file located at `./frontend/.env`. It would have a line like: - -``` -VUE_APP_DOMAIN_DEV=localhost -``` - -- Change that line to the domain you are going to use, e.g.: - -``` -VUE_APP_DOMAIN_DEV=localhost.tiangolo.com -``` - -That variable will make your frontend communicate with that domain when interacting with your backend API, when the other variable `VUE_APP_ENV` is set to `development`. - -After changing the two lines, you can re-start your stack with: - -```bash -docker-compose up -d -``` - -and check all the corresponding available URLs in the section at the end. - -## Frontend development - -- Enter the `frontend` directory, install the NPM packages and start the live server using the `npm` scripts: - -```bash -cd frontend -npm install -npm run serve -``` - -Then open your browser at http://localhost:8080 - -Notice that this live server is not running inside Docker, it is for local development, and that is the recommended workflow. Once you are happy with your frontend, you can build the frontend Docker image and start it, to test it in a production-like environment. But compiling the image at every change will not be as productive as running the local development server with live reload. - -Check the file `package.json` to see other available options. - -If you have Vue CLI installed, you can also run `vue ui` to control, configure, serve, and analyze your application using a nice local web user interface. - -If you are only developing the frontend (e.g. other team members are developing the backend) and there is a staging environment already deployed, you can make your local development code use that staging API instead of a full local Docker Compose stack. - -To do that, modify the file `./frontend/.env`, there's a section with: - -``` -VUE_APP_ENV=development -# VUE_APP_ENV=staging -``` - -- Switch the comment, to: - -``` -# VUE_APP_ENV=development -VUE_APP_ENV=staging -``` - -### Removing the frontend - -If you are developing an API-only app and want to remove the frontend, you can do it easily: - -- Remove the `./frontend` directory. -- In the `docker-compose.yml` file, remove the whole service / section `frontend`. -- In the `docker-compose.override.yml` file, remove the whole service / section `frontend`. - -Done, you have a frontend-less (api-only) app. πŸ”₯ πŸš€ - ---- - -If you want, you can also remove the `FRONTEND` environment variables from: - -- `.env` -- `.gitlab-ci.yml` -- `./scripts/*.sh` - -But it would be only to clean them up, leaving them won't really have any effect either way. - -## Deployment - -You can deploy the stack to a Docker Swarm mode cluster with a main Traefik proxy, set up using the ideas from DockerSwarm.rocks, to get automatic HTTPS certificates, etc. - -And you can use CI (continuous integration) systems to do it automatically. - -But you have to configure a couple things first. - -### Traefik network - -This stack expects the public Traefik network to be named `traefik-public`, just as in the tutorials in DockerSwarm.rocks. - -If you need to use a different Traefik public network name, update it in the `docker-compose.yml` files, in the section: - -```YAML -networks: - traefik-public: - external: true -``` - -Change `traefik-public` to the name of the used Traefik network. And then update it in the file `.env`: - -```bash -TRAEFIK_PUBLIC_NETWORK=traefik-public -``` - -### Persisting Docker named volumes - -You need to make sure that each service (Docker container) that uses a volume is always deployed to the same Docker "node" in the cluster, that way it will preserve the data. Otherwise, it could be deployed to a different node each time, and each time the volume would be created in that new node before starting the service. As a result, it would look like your service was starting from scratch every time, losing all the previous data. - -That's specially important for a service running a database. But the same problem would apply if you were saving files in your main backend service (for example, if those files were uploaded by your users, or if they were created by your system). - -To solve that, you can put constraints in the services that use one or more data volumes (like databases) to make them be deployed to a Docker node with a specific label. And of course, you need to have that label assigned to one (only one) of your nodes. - -#### Adding services with volumes - -For each service that uses a volume (databases, services with uploaded files, etc) you should have a label constraint in your `docker-compose.yml` file. - -To make sure that your labels are unique per volume per stack (for example, that they are not the same for `prod` and `stag`) you should prefix them with the name of your stack and then use the same name of the volume. - -Then you need to have those constraints in your `docker-compose.yml` file for the services that need to be fixed with each volume. - -To be able to use different environments, like `prod` and `stag`, you should pass the name of the stack as an environment variable. Like: - -```bash -STACK_NAME=stag-grid-openmined-org sh ./scripts/deploy.sh -``` - -To use and expand that environment variable inside the `docker-compose.yml` files you can add the constraints to the services like: - -```yaml -version: "3" -services: - db: - volumes: - - "app-db-data:/var/lib/postgresql/data/pgdata" - deploy: - placement: - constraints: - - node.labels.${STACK_NAME?Variable not set}.app-db-data == true -``` - -note the `${STACK_NAME?Variable not set}`. In the script `./scripts/deploy.sh`, the `docker-compose.yml` would be converted, and saved to a file `docker-stack.yml` containing: - -```yaml -version: "3" -services: - db: - volumes: - - "app-db-data:/var/lib/postgresql/data/pgdata" - deploy: - placement: - constraints: - - node.labels.grid-openmined-org.app-db-data == true -``` - -**Note**: The `${STACK_NAME?Variable not set}` means "use the environment variable `STACK_NAME`, but if it is not set, show an error `Variable not set`". - -If you add more volumes to your stack, you need to make sure you add the corresponding constraints to the services that use that named volume. - -Then you have to create those labels in some nodes in your Docker Swarm mode cluster. You can use `docker-auto-labels` to do it automatically. - -#### `docker-auto-labels` - -You can use [`docker-auto-labels`](https://github.com/tiangolo/docker-auto-labels) to automatically read the placement constraint labels in your Docker stack (Docker Compose file) and assign them to a random Docker node in your Swarm mode cluster if those labels don't exist yet. - -To do that, you can install `docker-auto-labels`: - -```bash -pip install docker-auto-labels -``` - -And then run it passing your `docker-stack.yml` file as a parameter: - -```bash -docker-auto-labels docker-stack.yml -``` - -You can run that command every time you deploy, right before deploying, as it doesn't modify anything if the required labels already exist. - -#### (Optionally) adding labels manually - -If you don't want to use `docker-auto-labels` or for any reason you want to manually assign the constraint labels to specific nodes in your Docker Swarm mode cluster, you can do the following: - -- First, connect via SSH to your Docker Swarm mode cluster. - -- Then check the available nodes with: - -```console -$ docker node ls - - -// you would see an output like: - -ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS -nfa3d4df2df34as2fd34230rm * dog.example.com Ready Active Reachable -2c2sd2342asdfasd42342304e cat.example.com Ready Active Leader -c4sdf2342asdfasd4234234ii snake.example.com Ready Active Reachable -``` - -then chose a node from the list. For example, `dog.example.com`. - -- Add the label to that node. Use as label the name of the stack you are deploying followed by a dot (`.`) followed by the named volume, and as value, just `true`, e.g.: - -```bash -docker node update --label-add grid-openmined-org.app-db-data=true dog.example.com -``` - -- Then you need to do the same for each stack version you have. For example, for staging you could do: - -```bash -docker node update --label-add stag-grid-openmined-org.app-db-data=true cat.example.com -``` - -### Deploy to a Docker Swarm mode cluster - -There are 3 steps: - -1. **Build** your app images -2. Optionally, **push** your custom images to a Docker Registry -3. **Deploy** your stack - ---- - -Here are the steps in detail: - -1. **Build your app images** - -- Set these environment variables, right before the next command: - - `TAG=prod` - - `FRONTEND_ENV=production` -- Use the provided `scripts/build.sh` file with those environment variables: - -```bash -TAG=prod FRONTEND_ENV=production bash ./scripts/build.sh -``` - -2. **Optionally, push your images to a Docker Registry** - -**Note**: if the deployment Docker Swarm mode "cluster" has more than one server, you will have to push the images to a registry or build the images in each server, so that when each of the servers in your cluster tries to start the containers it can get the Docker images for them, pulling them from a Docker Registry or because it has them already built locally. - -If you are using a registry and pushing your images, you can omit running the previous script and instead using this one, in a single shot. - -- Set these environment variables: - - `TAG=prod` - - `FRONTEND_ENV=production` -- Use the provided `scripts/build-push.sh` file with those environment variables: - -```bash -TAG=prod FRONTEND_ENV=production bash ./scripts/build-push.sh -``` - -3. **Deploy your stack** - -- Set these environment variables: - - `DOMAIN=grid.openmined.org` - - `TRAEFIK_TAG=grid.openmined.org` - - `STACK_NAME=grid-openmined-org` - - `TAG=prod` -- Use the provided `scripts/deploy.sh` file with those environment variables: - -```bash -DOMAIN=grid.openmined.org \ -TRAEFIK_TAG=grid.openmined.org \ -STACK_NAME=grid-openmined-org \ -TAG=prod \ -bash ./scripts/deploy.sh -``` - ---- - -If you change your mind and, for example, want to deploy everything to a different domain, you only have to change the `DOMAIN` environment variable in the previous commands. If you wanted to add a different version / environment of your stack, like "`preproduction`", you would only have to set `TAG=preproduction` in your command and update these other environment variables accordingly. And it would all work, that way you could have different environments and deployments of the same app in the same cluster. - -#### Deployment Technical Details - -Building and pushing is done with the `docker-compose.yml` file, using the `docker-compose` command. The file `docker-compose.yml` uses the file `.env` with default environment variables. And the scripts set some additional environment variables as well. - -The deployment requires using `docker stack` instead of `docker-swarm`, and it can't read environment variables or `.env` files. Because of that, the `deploy.sh` script generates a file `docker-stack.yml` with the configurations from `docker-compose.yml` and injecting the environment variables in it. And then uses it to deploy the stack. - -You can do the process by hand based on those same scripts if you wanted. The general structure is like this: - -```bash -# Use the environment variables passed to this script, as TAG and FRONTEND_ENV -# And re-create those variables as environment variables for the next command -TAG=${TAG?Variable not set} \ -# Set the environment variable FRONTEND_ENV to the same value passed to this script with -# a default value of "production" if nothing else was passed -FRONTEND_ENV=${FRONTEND_ENV-production?Variable not set} \ -# The actual comand that does the work: docker-compose -docker-compose \ -# Pass the file that should be used, setting explicitly docker-compose.yml avoids the -# default of also using docker-compose.override.yml --f docker-compose.yml \ -# Use the docker-compose sub command named "config", it just uses the docker-compose.yml -# file passed to it and prints their combined contents -# Put those contents in a file "docker-stack.yml", with ">" -config > docker-stack.yml - -# The previous only generated a docker-stack.yml file, -# but didn't do anything with it yet - -# docker-auto-labels makes sure the labels used for constraints exist in the cluster -docker-auto-labels docker-stack.yml - -# Now this command uses that same file to deploy it -docker stack deploy -c docker-stack.yml --with-registry-auth "${STACK_NAME?Variable not set}" -``` - -### Continuous Integration / Continuous Delivery - -If you use GitLab CI, the included `.gitlab-ci.yml` can automatically deploy it. You may need to update it according to your GitLab configurations. - -If you use any other CI / CD provider, you can base your deployment from that `.gitlab-ci.yml` file, as all the actual script steps are performed in `bash` scripts that you can easily re-use. - -GitLab CI is configured assuming 2 environments following GitLab flow: - -- `prod` (production) from the `production` branch. -- `stag` (staging) from the `master` branch. - -If you need to add more environments, for example, you could imagine using a client-approved `preprod` branch, you can just copy the configurations in `.gitlab-ci.yml` for `stag` and rename the corresponding variables. The Docker Compose file and environment variables are configured to support as many environments as you need, so that you only need to modify `.gitlab-ci.yml` (or whichever CI system configuration you are using). - -## Docker Compose files and env vars - -There is a main `docker-compose.yml` file with all the configurations that apply to the whole stack, it is used automatically by `docker-compose`. - -And there's also a `docker-compose.override.yml` with overrides for development, for example to mount the source code as a volume. It is used automatically by `docker-compose` to apply overrides on top of `docker-compose.yml`. - -These Docker Compose files use the `.env` file containing configurations to be injected as environment variables in the containers. - -They also use some additional configurations taken from environment variables set in the scripts before calling the `docker-compose` command. - -It is all designed to support several "stages", like development, building, testing, and deployment. Also, allowing the deployment to different environments like staging and production (and you can add more environments very easily). - -They are designed to have the minimum repetition of code and configurations, so that if you need to change something, you have to change it in the minimum amount of places. That's why files use environment variables that get auto-expanded. That way, if for example, you want to use a different domain, you can call the `docker-compose` command with a different `DOMAIN` environment variable instead of having to change the domain in several places inside the Docker Compose files. - -Also, if you want to have another deployment environment, say `preprod`, you just have to change environment variables, but you can keep using the same Docker Compose files. - -### The .env file - -The `.env` file is the one that contains all your configurations, generated keys and passwords, etc. - -Depending on your workflow, you could want to exclude it from Git, for example if your project is public. In that case, you would have to make sure to set up a way for your CI tools to obtain it while building or deploying your project. - -One way to do it could be to add each environment variable to your CI/CD system, and updating the `docker-compose.yml` file to read that specific env var instead of reading the `.env` file. - -## URLs - -These are the URLs that will be used and generated by the project. - -### Production URLs - -Production URLs, from the branch `production`. - -Frontend: https://grid.openmined.org - -Backend: https://grid.openmined.org/api/ - -Automatic Interactive Docs (Swagger UI): https://grid.openmined.org/docs - -Automatic Alternative Docs (ReDoc): https://grid.openmined.org/redoc - -PGAdmin: https://pgadmin.grid.openmined.org - -Flower: https://flower.grid.openmined.org - -### Staging URLs - -Staging URLs, from the branch `master`. - -Frontend: https://stag.grid.openmined.org - -Backend: https://stag.grid.openmined.org/api/ - -Automatic Interactive Docs (Swagger UI): https://stag.grid.openmined.org/docs - -Automatic Alternative Docs (ReDoc): https://stag.grid.openmined.org/redoc - -PGAdmin: https://pgadmin.stag.grid.openmined.org - -Flower: https://flower.stag.grid.openmined.org - -### Development URLs - -Development URLs, for local development. - -Frontend: http://localhost - -Backend: http://localhost/api/ - -Automatic Interactive Docs (Swagger UI): https://localhost/docs - -Automatic Alternative Docs (ReDoc): https://localhost/redoc - -PGAdmin: http://localhost:5050 - -Flower: http://localhost:5555 - -Traefik UI: http://localhost:8090 - -### Development with Docker Toolbox URLs - -Development URLs, for local development. - -Frontend: http://local.dockertoolbox.tiangolo.com - -Backend: http://local.dockertoolbox.tiangolo.com/api/ - -Automatic Interactive Docs (Swagger UI): https://local.dockertoolbox.tiangolo.com/docs - -Automatic Alternative Docs (ReDoc): https://local.dockertoolbox.tiangolo.com/redoc - -PGAdmin: http://local.dockertoolbox.tiangolo.com:5050 - -Flower: http://local.dockertoolbox.tiangolo.com:5555 - -Traefik UI: http://local.dockertoolbox.tiangolo.com:8090 - -### Development with a custom IP URLs - -Development URLs, for local development. - -Frontend: http://dev.grid.openmined.org - -Backend: http://dev.grid.openmined.org/api/ - -Automatic Interactive Docs (Swagger UI): https://dev.grid.openmined.org/docs - -Automatic Alternative Docs (ReDoc): https://dev.grid.openmined.org/redoc - -PGAdmin: http://dev.grid.openmined.org:5050 - -Flower: http://dev.grid.openmined.org:5555 - -Traefik UI: http://dev.grid.openmined.org:8090 - -### Development in localhost with a custom domain URLs - -Development URLs, for local development. - -Frontend: http://localhost.tiangolo.com - -Backend: http://localhost.tiangolo.com/api/ - -Automatic Interactive Docs (Swagger UI): https://localhost.tiangolo.com/docs - -Automatic Alternative Docs (ReDoc): https://localhost.tiangolo.com/redoc - -PGAdmin: http://localhost.tiangolo.com:5050 - -Flower: http://localhost.tiangolo.com:5555 - -Traefik UI: http://localhost.tiangolo.com:8090 - -## Project generation and updating, or re-generating - -This project was generated using https://github.com/tiangolo/full-stack-fastapi-postgresql with: - -```bash -pip install cookiecutter -cookiecutter https://github.com/tiangolo/full-stack-fastapi-postgresql -``` - -You can check the variables used during generation in the file `cookiecutter-config-file.yml`. - -You can generate the project again with the same configurations used the first time. - -That would be useful if, for example, the project generator (`tiangolo/full-stack-fastapi-postgresql`) was updated and you wanted to integrate or review the changes. - -You could generate a new project with the same configurations as this one in a parallel directory. And compare the differences between the two, without having to overwrite your current code but being able to use the same variables used for your current project. - -To achieve that, the generated project includes the file `cookiecutter-config-file.yml` with the current variables used. - -You can use that file while generating a new project to reuse all those variables. - -For example, run: - -```console -$ cookiecutter --config-file ./cookiecutter-config-file.yml --output-dir ../project-copy https://github.com/tiangolo/full-stack-fastapi-postgresql -``` - -That will use the file `cookiecutter-config-file.yml` in the current directory (in this project) to generate a new project inside a sibling directory `project-copy`. diff --git a/packages/grid/Vagrantfile b/packages/grid/Vagrantfile deleted file mode 100644 index 04ab6f7a212..00000000000 --- a/packages/grid/Vagrantfile +++ /dev/null @@ -1,57 +0,0 @@ -# -*- mode: ruby -*- -# vi: set ft=ruby : - -VAGRANTFILE_API_VERSION = "2" - -Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| - config.ssh.insert_key = true - config.vm.provision :ansible do |ansible| - ansible.extra_vars = { vagrant: true} - ansible.raw_arguments = Shellwords.shellsplit(ENV['ANSIBLE_ARGS']) if ENV['ANSIBLE_ARGS'] - ansible.compatibility_mode = "auto" - ansible.playbook = "./ansible/site.yml" - ansible.groups = { - "domain" => [ - "ubuntu", - ], - } - end - - config.vm.define "ubuntu-22-04-arm64" do |node| - node.vm.box = "bento/ubuntu-22.04-arm64" - - node.vm.box_check_update = false - - node.vm.hostname = "ubuntu-22-04-arm64.openmined.grid" - node.vm.network :private_network, ip: "192.168.56.2" - - node.vm.synced_folder "../../", "/home/om/PySyft", - mount_options: ["dmode=775,fmode=774"] - - node.vm.provider "parallels" do |vb, override| - vb.memory = "8096" - vb.cpus = "4" - vb.name = "ubuntu-22-04-arm64" - override.vm.synced_folder "../../", "/home/om/PySyft", owner: "vagrant", group: "vagrant", create: true, mount_options: [ "share" ] - end - end - - config.vm.define "ubuntu-22-04-x86" do |node| - node.vm.box = "bento/ubuntu-22.04" - - node.vm.box_check_update = false - - node.vm.hostname = "ubuntu-22-04-x86.openmined.grid" - node.vm.network :private_network, ip: "192.168.56.2" - - node.vm.synced_folder "../../", "/home/om/PySyft", - mount_options: ["dmode=775,fmode=774"] - - node.vm.provider "virtualbox" do |vb| - vb.memory = "4096" - vb.cpus = "2" - vb.name = "ubuntu-22-04-x86" - end - end - -end diff --git a/packages/grid/ansible.cfg b/packages/grid/ansible.cfg deleted file mode 100644 index 007cefdba32..00000000000 --- a/packages/grid/ansible.cfg +++ /dev/null @@ -1,5 +0,0 @@ -[defaults] -# allow_world_readable_tmpfiles=true -pipelining = True -host_key_checking = false -interpreter_python = auto diff --git a/packages/grid/ansible/group_vars/all/vars.yml b/packages/grid/ansible/group_vars/all/vars.yml deleted file mode 100755 index bebf2f16bb9..00000000000 --- a/packages/grid/ansible/group_vars/all/vars.yml +++ /dev/null @@ -1,26 +0,0 @@ ---- -om_user: om -om_group: om -om_homedir: "/home/{{ om_user }}" -syft_dir: "/home/om/PySyft" -build_dir: "/home/om/build" -github_repo: OpenMined/PySyft.git -repo_branch: "dev" -docker_compose_plugin_dir: ".docker/cli-plugins" -node_name: node -node_type: domain -root_user: root -root_homedir: "/{{ root_user }}" -docker_compose_url_x86: https://github.com/docker/compose/releases/download/v2.17.1/docker-compose-linux-x86_64 -docker_compose_url_arm64: https://github.com/docker/compose/releases/download/v2.17.1/docker-compose-linux-aarch64 -tls: "false" -release: "production" -cert_store_path: "{{ om_homedir }}/certs" -upload_tls_key: "" -upload_tls_cert: "" -install: "true" -jupyter: "false" -docker_tag: "local" -node_side_type: "high" -root_user_email: "info@openmined.org" -root_user_password: "changethis" diff --git a/packages/grid/ansible/roles/aa_demo/tasks/main.yml b/packages/grid/ansible/roles/aa_demo/tasks/main.yml deleted file mode 100644 index 81b62321fe8..00000000000 --- a/packages/grid/ansible/roles/aa_demo/tasks/main.yml +++ /dev/null @@ -1,57 +0,0 @@ ---- -- name: Install System Packages - package: - name: "{{ item }}" - state: present - autoclean: yes - update_cache: yes - loop: - - python3-pip - when: aa_demo is defined and aa_demo == "true" - -- name: Install HAGrid - shell: "runuser -l {{ om_user }} -c 'pip install -U hagrid'" - become: yes - when: aa_demo is defined and aa_demo == "true" - -- name: Install Syft - shell: "runuser -l {{ om_user }} -c 'pip install -U syft'" - become: yes - when: aa_demo is defined and aa_demo == "true" - -- name: Create HAGrid PySyft src - file: - path: "{{ syft_dir }}/.tox/syft.jupyter/lib/python3.8/site-packages/hagrid" - state: directory - mode: "0775" - owner: "{{ om_user }}" - group: "{{ om_user }}" - when: aa_demo is defined and aa_demo == "true" - -- name: Clone PySyft Repo - git: - repo: "https://github.com/{{ github_repo }}" - dest: "{{ syft_dir }}/.tox/syft.jupyter/lib/python3.8/site-packages/hagrid/PySyft" - version: "{{ repo_branch }}" - force: yes - become_user: "{{ om_user }}" - ignore_errors: yes - when: aa_demo is defined and aa_demo == "true" - -- name: Kill Docker Containers - shell: "docker rm $(docker ps -qa) --force || true" - become: yes - ignore_errors: yes - when: aa_demo is defined and aa_demo == "true" - -- name: Start Docker Containers - shell: - cmd: runuser -l {{ om_user }} -c 'hagrid launch domain to docker:80 --tag=latest' - become: yes - when: aa_demo is defined and aa_demo == "true" - -- name: Kill Docker Containers - shell: "docker rm $(docker ps -qa) --force || true" - become: yes - ignore_errors: yes - when: aa_demo is defined and aa_demo == "true" diff --git a/packages/grid/ansible/roles/containers/handlers/main.yml b/packages/grid/ansible/roles/containers/handlers/main.yml deleted file mode 100755 index 2965b21f99b..00000000000 --- a/packages/grid/ansible/roles/containers/handlers/main.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: restart docker - service: - name: docker - state: restarted - daemon_reload: yes diff --git a/packages/grid/ansible/roles/containers/tasks/containers.yml b/packages/grid/ansible/roles/containers/tasks/containers.yml deleted file mode 100755 index 123caea95b5..00000000000 --- a/packages/grid/ansible/roles/containers/tasks/containers.yml +++ /dev/null @@ -1,56 +0,0 @@ ---- -# - name: Build Docker Images -# shell: "docker compose build" -# args: -# chdir: "{{ build_dir }}/packages/grid" -# become_user: "{{ om_user }}" -# when: vagrant is not defined and install == "true" and docker_tag == "local" - -# - name: Build Docker Images -# shell: "docker compose build" -# args: -# chdir: "{{ syft_dir }}/packages/grid" -# become_user: "{{ om_user }}" -# when: vagrant is defined and install == "true" and docker_tag == "local" - -- name: Remove old Docker Images - shell: "docker rmi $(docker images -qa -f 'dangling=true') || true" - become_user: "{{ om_user }}" - ignore_errors: yes - when: install == "true" and docker_tag == "local" - -# - name: Remove Docker Volumes -# shell: "docker volume prune -f" -# become_user: "{{ om_user }}" -# ignore_errors: yes -# when: docker_volume_destroy is defined - -- name: Restart Docker Service - service: - name: docker - state: restarted - daemon_reload: yes - -- name: Start Docker Containers - shell: - cmd: runuser -l {{ om_user }} -c 'hagrid launch {{ node_name }} {{ node_type }} to docker:80 --release={{ release }} --tag={{ docker_tag }} --set-root-email={{ root_user_email }} --set-root-password={{ root_user_password }}' - become: yes - when: tls == "false" and install == "true" and node_side_type == "high" - -- name: Start Low Side Docker Containers - shell: - cmd: runuser -l {{ om_user }} -c 'hagrid launch {{ node_name }} {{ node_type }} to docker:80 --release={{ release }} --tag={{ docker_tag }} --low-side --set-root-email={{ root_user_email }} --set-root-password={{ root_user_password }}' - become: yes - when: tls == "false" and install == "true" and node_side_type == "low" - -- name: Start Docker Containers with TLS - shell: - cmd: runuser -l {{ om_user }} -c 'hagrid launch {{ node_name }} {{ node_type }} to docker:80 --release={{ release }} --tag={{ docker_tag }} --set-root-email={{ root_user_email }} --set-root-password={{ root_user_password }} --tls --cert-store-path={{ cert_store_path }}' - become: yes - when: tls == "true" and install == "true" and node_side_type == "high" - -- name: Start Low Docker Containers with TLS - shell: - cmd: runuser -l {{ om_user }} -c 'hagrid launch {{ node_name }} {{ node_type }} to docker:80 --release={{ release }} --tag={{ docker_tag }} --low-side --set-root-email={{ root_user_email }} --set-root-password={{ root_user_password }} --tls --cert-store-path={{ cert_store_path }}' - become: yes - when: tls == "true" and install == "true" and node_side_type == "low" diff --git a/packages/grid/ansible/roles/containers/tasks/hagrid.yml b/packages/grid/ansible/roles/containers/tasks/hagrid.yml deleted file mode 100755 index b715e9e6d96..00000000000 --- a/packages/grid/ansible/roles/containers/tasks/hagrid.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- -- name: Add /home/{{ om_user }}/.local/bin to PATH in .profile - ansible.builtin.lineinfile: - create: true - path: "/home/{{ om_user }}/.profile" - line: 'export PATH="$HOME/.local/bin:$PATH"' - insertafter: EOF - state: present - become: yes - become_user: om - become_method: sudo - -- name: Install HAGrid - shell: "runuser -l {{ om_user }} -c 'pip install -e {{ build_dir }}/packages/hagrid'" - become: yes - when: vagrant is not defined and install == "true" - -- name: Install HAGrid - shell: "runuser -l {{ om_user }} -c 'pip install -e {{ syft_dir }}/packages/hagrid'" - become: yes - when: vagrant is defined and install == "true" diff --git a/packages/grid/ansible/roles/containers/tasks/main.yml b/packages/grid/ansible/roles/containers/tasks/main.yml deleted file mode 100755 index 154d4933d37..00000000000 --- a/packages/grid/ansible/roles/containers/tasks/main.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- import_tasks: src.yml -- import_tasks: hagrid.yml -- import_tasks: tls.yml -- import_tasks: containers.yml diff --git a/packages/grid/ansible/roles/containers/tasks/src.yml b/packages/grid/ansible/roles/containers/tasks/src.yml deleted file mode 100644 index 1096fb4eced..00000000000 --- a/packages/grid/ansible/roles/containers/tasks/src.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: Kill Docker Containers - shell: "docker rm $(docker ps -qa) --force || true" - become_user: "{{ om_user }}" - ignore_errors: yes - -- name: Check Build Directory - stat: - path: "{{ build_dir }}" - get_checksum: no - get_md5: no - mime: no - register: build_dir_exists - -- name: Delete build directory - shell: "rm -rf {{ build_dir }} || true" - become: yes - ignore_errors: yes - when: build_dir_exists.stat.exists == True and vagrant is not defined and install == "true" - -- name: Copy code checkout to build - ansible.builtin.copy: - src: "{{ syft_dir }}/" - dest: "{{ build_dir }}" - force: yes - remote_src: yes - owner: "{{ om_user }}" - group: "{{ om_user }}" - become_user: "{{ om_user }}" - ignore_errors: yes - when: vagrant is not defined and install == "true" diff --git a/packages/grid/ansible/roles/containers/tasks/tls.yml b/packages/grid/ansible/roles/containers/tasks/tls.yml deleted file mode 100644 index 10910c9cce9..00000000000 --- a/packages/grid/ansible/roles/containers/tasks/tls.yml +++ /dev/null @@ -1,28 +0,0 @@ ---- -# these should only be run from your host to the target machine not during localhost -- name: Create cert_store_path - file: - path: "{{ cert_store_path }}" - state: directory - mode: 0600 - owner: "{{ om_user }}" - group: "{{ om_group }}" - when: install == "true" - -- name: Install key.pem - copy: - src: "{{ upload_tls_key }}" - dest: "{{ cert_store_path }}/key.pem" - owner: "{{ om_user }}" - group: "{{ om_user }}" - mode: 0600 - when: upload_tls_key != "" and install == "true" - -- name: Install cert.pem - copy: - src: "{{ upload_tls_cert }}" - dest: "{{ cert_store_path }}/cert.pem" - owner: "{{ om_user }}" - group: "{{ om_user }}" - mode: 0600 - when: upload_tls_cert != "" and install == "true" diff --git a/packages/grid/ansible/roles/jupyter/tasks/main.yml b/packages/grid/ansible/roles/jupyter/tasks/main.yml deleted file mode 100644 index 929f975b678..00000000000 --- a/packages/grid/ansible/roles/jupyter/tasks/main.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -- name: Install Tox - shell: "runuser -l {{ om_user }} -c 'pip install -U tox'" - become: yes - when: vagrant is not defined and jupyter == "true" - -- name: Keep Jupyter Notebooks server running - ansible.builtin.cron: - disabled: "{{ (jupyter == 'true') | ternary('false', 'true') }}" - name: "Jupyter Notebooks server" - job: "{{ syft_dir }}/packages/grid/scripts/jupyter.sh {{ syft_dir }} {{ om_user }} {{ jupyter_token }}" - become: yes - when: vagrant is not defined and jupyter == "true" diff --git a/packages/grid/ansible/roles/network/tasks/main.yml b/packages/grid/ansible/roles/network/tasks/main.yml deleted file mode 100644 index 81ac22ceff4..00000000000 --- a/packages/grid/ansible/roles/network/tasks/main.yml +++ /dev/null @@ -1,19 +0,0 @@ -# --- -# - name: Display all variables/facts known for a host -# ansible.builtin.debug: -# var: hostvars[inventory_hostname] -# verbosity: 1 - -# - name: Network Stuff -# shell: "echo network_stuff" -# become_user: "{{ om_user }}" -# ignore_errors: yes -# when: "'network' in group_names" - -# - name: Domain Stuff -# shell: "echo domain_stuff" -# become_user: "{{ om_user }}" -# ignore_errors: yes -# when: "'domain' in group_names" -# ## todo -# # apt install wireguard diff --git a/packages/grid/ansible/roles/node/handlers/main.yml b/packages/grid/ansible/roles/node/handlers/main.yml deleted file mode 100755 index 2965b21f99b..00000000000 --- a/packages/grid/ansible/roles/node/handlers/main.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: restart docker - service: - name: docker - state: restarted - daemon_reload: yes diff --git a/packages/grid/ansible/roles/node/tasks/docker.yml b/packages/grid/ansible/roles/node/tasks/docker.yml deleted file mode 100755 index 49aa2c335b4..00000000000 --- a/packages/grid/ansible/roles/node/tasks/docker.yml +++ /dev/null @@ -1,105 +0,0 @@ ---- -- name: Install Docker GPG Key - apt_key: - id: 7EA0A9C3F273FCD8 - url: https://download.docker.com/linux/ubuntu/gpg - state: present - -- name: Install Docker Repo - apt_repository: - repo: deb https://download.docker.com/linux/ubuntu focal stable - state: present - -- name: Install Docker Packages - package: - name: "{{ item }}" - state: present - update_cache: yes - autoclean: yes - loop: - - apt-transport-https - - ca-certificates - - curl - - gnupg - - lsb-release - - docker-ce - - docker-ce-cli - - containerd.io - -- name: Get the system architecture - ansible.builtin.setup: - gather_subset: hardware - register: system_info - -- name: Set docker compose arm64 binary URL - set_fact: - docker_compose_binary_url: "{{ docker_compose_url_arm64 }}" - when: "'aarch64' in system_info['ansible_facts']['ansible_architecture']" - -- name: Set docker compose x86 binary URL - set_fact: - docker_compose_binary_url: "{{ docker_compose_url_x86 }}" - when: "'x86' in system_info['ansible_facts']['ansible_architecture']" - -- name: Install Docker Compose - stat: - path: "{{ om_homedir }}/{{ docker_compose_plugin_dir }}" - get_checksum: no - get_md5: no - mime: no - register: docker_cli_dir_present - -- name: Create Docker Compose Plugin Dir - file: - path: "{{ om_homedir }}/{{ docker_compose_plugin_dir }}" - state: directory - mode: "0755" - owner: "{{ om_user }}" - group: "{{ om_user }}" - become: yes - -- name: Create Docker Compose Plugin Dir root - file: - path: "{{ root_homedir }}/{{ docker_compose_plugin_dir }}" - state: directory - mode: "0770" - owner: "{{ root_user }}" - group: "{{ root_user }}" - become: yes - -- name: Download Docker CLI - get_url: - url: "{{ docker_compose_binary_url }}" - dest: "{{ om_homedir }}/{{ docker_compose_plugin_dir }}/docker-compose" - when: docker_cli_dir_present.stat.exists == False - -- name: Download Docker CLI root - get_url: - url: "{{ docker_compose_binary_url }}" - dest: "{{ root_homedir }}/{{ docker_compose_plugin_dir }}/docker-compose" - become: yes - when: docker_cli_dir_present.stat.exists == False - -- name: Change permissions - file: - path: "{{ om_homedir }}/{{ docker_compose_plugin_dir }}/docker-compose" - state: touch - mode: a+x - owner: "{{ om_user }}" - group: "{{ om_user }}" - become: yes - -- name: Change permissions for root - file: - path: "{{ root_homedir }}/{{ docker_compose_plugin_dir }}/docker-compose" - state: touch - mode: a+x - owner: "{{ root_user }}" - group: "{{ root_user }}" - become: yes - -- name: Ensuring docker service is always running - systemd: - enabled: yes - state: started - name: docker diff --git a/packages/grid/ansible/roles/node/tasks/main.yml b/packages/grid/ansible/roles/node/tasks/main.yml deleted file mode 100755 index 929d975537c..00000000000 --- a/packages/grid/ansible/roles/node/tasks/main.yml +++ /dev/null @@ -1,47 +0,0 @@ ---- -- name: Display all variables/facts known for a host - ansible.builtin.debug: - var: hostvars[inventory_hostname] - verbosity: 0 - -- name: Stop existing cronjobs if provisioning from outside - shell: (crontab -r || true) && sudo kill -9 $(pgrep cron) - become: yes - when: inventory_hostname != "localhost" - -- name: Stop existing ansible provisioning running against localhost - shell: pgrep ansible | xargs -I {} bash -c "ps -o cmd fp {} | grep 'connection=local' | kill {}" - become: yes - when: inventory_hostname != "localhost" - -- name: Apply system changes - import_tasks: system.yml - when: deploy_only is not defined and install == "true" - -- name: Apply security updates - import_tasks: security.yml - when: deploy_only is not defined and install == "true" - -- name: Install docker - import_tasks: docker.yml - when: deploy_only is not defined and install == "true" - -- name: Archive Logs - ansible.builtin.cron: - disabled: "{{ not install | bool }}" - minute: "0" - hour: "0" - name: "Archive Logs" - job: "{{ syft_dir }}/packages/grid/scripts/rotate_logs.sh 2>&1 | logger -t cron" - become: yes - when: vagrant is not defined - -- name: Clone PySyft Repo - git: - repo: "https://github.com/{{ github_repo }}" - dest: "{{ syft_dir }}" - version: "{{ repo_branch }}" - force: yes - become_user: "{{ om_user }}" - ignore_errors: yes - when: vagrant is not defined diff --git a/packages/grid/ansible/roles/node/tasks/security.yml b/packages/grid/ansible/roles/node/tasks/security.yml deleted file mode 100644 index 38fc1ccc655..00000000000 --- a/packages/grid/ansible/roles/node/tasks/security.yml +++ /dev/null @@ -1,8 +0,0 @@ -- name: Install Security Updates - package: - name: "{{ item }}" - state: present - autoclean: yes - update_cache: yes - loop: - - policykit-1 diff --git a/packages/grid/ansible/roles/node/tasks/system.yml b/packages/grid/ansible/roles/node/tasks/system.yml deleted file mode 100755 index 91ecbbf1a6b..00000000000 --- a/packages/grid/ansible/roles/node/tasks/system.yml +++ /dev/null @@ -1,133 +0,0 @@ ---- -# - name: Install security updates -# shell: "sudo apt list --upgradable | grep security |cut -d\/ -f1|xargs sudo apt-get install -y --only-upgrade" -# become: yes -# args: -# executable: /bin/bash - -- name: Allow sudo without password - ansible.builtin.lineinfile: - path: /etc/sudoers - state: present - regexp: "^%sudo" - line: "%sudo ALL=(ALL) NOPASSWD: ALL" - validate: "visudo -cf %s" - -- name: Create docker group - group: - name: "docker" - state: present - -- name: Create om group - group: - name: "{{ om_group }}" - state: present - -- name: Create om user - user: - name: "{{ om_user }}" - append: yes - createhome: yes - -- name: Add user to om and docker - user: - name: "{{ om_user }}" - comment: "OpenMined user for running node" - groups: - - "{{ om_group }}" - - sudo - - docker - shell: /bin/bash - -- name: Give permission to home dir - file: - path: "{{ om_homedir }}" - state: directory - mode: "0775" - owner: "{{ om_user }}" - group: "{{ om_group }}" - # recurse: yes - -- name: Add user to vagrant group - user: - name: "{{ om_user }}" - groups: - - vagrant - append: yes - when: vagrant is defined - -- name: Add vagrant user to docker - user: - name: "vagrant" - groups: - - vagrant - - docker - - om - append: yes - when: vagrant is defined - -- name: Install System Packages - package: - name: "{{ item }}" - state: present - autoclean: yes - update_cache: yes - loop: - - acl - - python3-pip - - ntp - - tmux - - vim - - ufw - - git - - python-is-python3 - - net-tools - - ifupdown - - python3-venv - - cron - -- name: Upgrade pip and some packages - pip: - name: pip - extra_args: --upgrade - -- name: Check ctop exists - stat: - path: /usr/local/bin/ctop - register: ctop_exists - -- name: Get the system architecture - ansible.builtin.setup: - gather_subset: hardware - register: system_info - -- name: Install ctop Docker CLI Utility - arm64 - shell: sudo wget https://github.com/bcicen/ctop/releases/download/v0.7.7/ctop-0.7.7-linux-arm64 -O /usr/local/bin/ctop && sudo chmod +x /usr/local/bin/ctop - become: yes - when: "not ctop_exists.stat.exists and 'aarch64' in system_info['ansible_facts']['ansible_architecture']" - -- name: Install ctop Docker CLI Utility - x86 - shell: sudo wget https://github.com/bcicen/ctop/releases/download/v0.7.7/ctop-0.7.7-linux-amd64 -O /usr/local/bin/ctop && sudo chmod +x /usr/local/bin/ctop - become: yes - when: "not ctop_exists.stat.exists and 'x86' in system_info['ansible_facts']['ansible_architecture']" - -- name: Ensuring ufw service is always running - systemd: - enabled: yes - state: started - name: ufw - when: wsl is not defined - -- name: Set timezone to UTC - timezone: - name: UTC - -- name: Ensuring ntp service is always running - systemd: - enabled: yes - state: started - name: ntp - -- name: Set git dir as safe - shell: git config --global --add safe.directory {{ syft_dir }} - become: yes diff --git a/packages/grid/ansible/roles/update/tasks/main.yml b/packages/grid/ansible/roles/update/tasks/main.yml deleted file mode 100644 index 170ca4f26ae..00000000000 --- a/packages/grid/ansible/roles/update/tasks/main.yml +++ /dev/null @@ -1,37 +0,0 @@ ---- -# cronjob logs: $ tail -f /var/log/syslog | grep -i cron -# - name: PySyft Repo Update Cron Job -# ansible.builtin.cron: -# disabled: "{{ not install | bool }}" -# minute: "*/2" -# name: "Update PySyft Repo" -# job: "{{ syft_dir }}/packages/grid/scripts/cron.sh {{ syft_dir }} {{ github_repo }} {{ repo_branch }} {{ om_user }} {{ om_group }} {{ node_type }} {{ node_name }} {{ build_dir }} {{ tls }} {{ cert_store_path }} {{ release }} {{ docker_tag }} 2>&1 | logger -t cron" -# become: yes -# when: vagrant is not defined - -- name: Keep Containers Running - ansible.builtin.cron: - disabled: "{{ not install | bool }}" - name: "Restart Containers" - job: "{{ syft_dir }}/packages/grid/scripts/containers.sh" - become: yes - when: vagrant is not defined - -- name: - copy: - src: "../../../../scripts/" - dest: "{{ cert_store_path }}/cert.pem" - owner: "{{ om_user }}" - group: "{{ om_user }}" - mode: 0600 - when: upload_tls_cert != "" and install == "true" - -- name: Run containers.sh on startup - ansible.builtin.template: - src: "../../../../scripts/rc.local.j2" - dest: /etc/rc.local - owner: root - group: root - mode: "0655" - become: yes - when: vagrant is not defined diff --git a/packages/grid/ansible/site.yml b/packages/grid/ansible/site.yml deleted file mode 100755 index f0c14773983..00000000000 --- a/packages/grid/ansible/site.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -- hosts: all - gather_facts: False - environment: - LC_ALL: en_US.UTF-8 - become: yes - roles: - - node - - jupyter - - containers - - update - - aa_demo diff --git a/packages/grid/backend/grid/start.sh b/packages/grid/backend/grid/start.sh index 297f242ff78..bcb36c5e5a9 100755 --- a/packages/grid/backend/grid/start.sh +++ b/packages/grid/backend/grid/start.sh @@ -29,7 +29,6 @@ export CREDENTIALS_PATH=${CREDENTIALS_PATH:-$HOME/data/creds/credentials.json} export NODE_PRIVATE_KEY=$(python $APPDIR/grid/bootstrap.py --private_key) export NODE_UID=$(python $APPDIR/grid/bootstrap.py --uid) export NODE_TYPE=$NODE_TYPE -export GEVENT_MONKEYPATCH="False" echo "NODE_UID=$NODE_UID" echo "NODE_TYPE=$NODE_TYPE" diff --git a/packages/grid/docker-compose.build.yml b/packages/grid/docker-compose.build.yml deleted file mode 100644 index 7dc60d3fe41..00000000000 --- a/packages/grid/docker-compose.build.yml +++ /dev/null @@ -1,24 +0,0 @@ -version: "3.8" -services: - frontend: - build: - context: ${RELATIVE_PATH}./frontend - dockerfile: frontend.dockerfile - target: "${FRONTEND_TARGET:-grid-ui-development}" - - backend: - build: - context: ${RELATIVE_PATH}../ - dockerfile: ./grid/backend/backend.dockerfile - target: "backend" - - seaweedfs: - build: - context: ${RELATIVE_PATH}./seaweedfs - dockerfile: seaweedfs.dockerfile - - worker: - build: - context: ${RELATIVE_PATH}../ - dockerfile: ./grid/backend/backend.dockerfile - target: "backend" diff --git a/packages/grid/docker-compose.dev.yml b/packages/grid/docker-compose.dev.yml deleted file mode 100644 index d2b1f142053..00000000000 --- a/packages/grid/docker-compose.dev.yml +++ /dev/null @@ -1,77 +0,0 @@ -version: "3.8" -services: - proxy: - ports: - - "8080" - command: - - "--api" # admin panel - - "--api.insecure=true" # admin panel no password - - frontend: - volumes: - - ${RELATIVE_PATH}./frontend/src:/app/src - - ${RELATIVE_PATH}./frontend/static:/app/static - - ${RELATIVE_PATH}./frontend/svelte.config.js:/app/svelte.config.js - - ${RELATIVE_PATH}./frontend/tsconfig.json:/app/tsconfig.json - - ${RELATIVE_PATH}./frontend/vite.config.ts:/app/vite.config.ts - environment: - - FRONTEND_TARGET=grid-ui-development - - # redis: - # ports: - # - "6379" - - # queue: - # image: rabbitmq:3-management - # ports: - # - "15672" # admin web port - # # - "5672" # AMQP port - - mongo: - ports: - - "27017" - - backend: - volumes: - - ${RELATIVE_PATH}./backend/grid:/root/app/grid - - ${RELATIVE_PATH}../syft:/root/app/syft - - ${RELATIVE_PATH}./data/package-cache:/root/.cache - environment: - - DEV_MODE=True - stdin_open: true - tty: true - - worker: - volumes: - - ${RELATIVE_PATH}./backend/grid:/root/app/grid - - ${RELATIVE_PATH}../syft:/root/app/syft - - ${RELATIVE_PATH}./data/package-cache:/root/.cache - environment: - - DEV_MODE=True - - WATCHFILES_FORCE_POLLING=true - stdin_open: true - tty: true - - # backend_stream: - # volumes: - # - ${RELATIVE_PATH}./backend/grid:/root/app/grid - # - ${RELATIVE_PATH}../syft:/root/app/syft - # - ${RELATIVE_PATH}./data/package-cache:/root/.cache - # environment: - # - DEV_MODE=True - - # celeryworker: - # volumes: - # - ${RELATIVE_PATH}./backend/grid:/root/app/grid - # - ${RELATIVE_PATH}../syft/:/root/app/syft - # - ${RELATIVE_PATH}./data/package-cache:/root/.cache - # environment: - # - DEV_MODE=True - - seaweedfs: - volumes: - - ./data/seaweedfs:/data - ports: - - "9333" # admin web port - - "8888" # filer web port - - "8333" # S3 API port diff --git a/packages/grid/docker-compose.pull.yml b/packages/grid/docker-compose.pull.yml deleted file mode 100644 index db2329b04df..00000000000 --- a/packages/grid/docker-compose.pull.yml +++ /dev/null @@ -1,26 +0,0 @@ -version: "3.8" -services: - # redis: - # image: redis:${REDIS_VERSION?Variable not set} - - # queue: - # image: rabbitmq:${RABBITMQ_VERSION?Variable not Set}${RABBITMQ_MANAGEMENT:-} - - seaweedfs: - image: "${DOCKER_IMAGE_SEAWEEDFS?Variable not set}:${VERSION-latest}" - - # docker-host: - # image: qoomon/docker-host - - proxy: - image: ${DOCKER_IMAGE_TRAEFIK?Variable not set}:${TRAEFIK_VERSION?Variable not set} - - mongo: - image: "${MONGO_IMAGE}:${MONGO_VERSION}" - - jaeger: - image: jaegertracing/all-in-one:1.37 - - # Temporary fix until we refactor pull, build, launch UI step during hagrid launch - worker: - image: "${DOCKER_IMAGE_BACKEND?Variable not set}:${VERSION-latest}" diff --git a/packages/grid/docker-compose.test.yml b/packages/grid/docker-compose.test.yml deleted file mode 100644 index a9e323831bb..00000000000 --- a/packages/grid/docker-compose.test.yml +++ /dev/null @@ -1,37 +0,0 @@ -version: "3.8" -services: - proxy: - ports: - - "8080" - - # redis: - # ports: - # - "6379" - - # queue: - # image: rabbitmq:3-management - # ports: - # - "5672" - # - "15672" - - seaweedfs: - ports: - - "9333" # admin - - "8888" # filer - - "8333" # S3 - - backend: - environment: - - TEST_MODE=1 - - worker: - environment: - - TEST_MODE=1 - - # backend_stream: - # environment: - # - TEST_MODE=1 - - # celeryworker: - # environment: - # - TEST_MODE=1 diff --git a/packages/grid/docker-compose.tls.yml b/packages/grid/docker-compose.tls.yml deleted file mode 100644 index 6bfa5d7d1d7..00000000000 --- a/packages/grid/docker-compose.tls.yml +++ /dev/null @@ -1,14 +0,0 @@ -version: "3.8" -services: - proxy: - ports: - - "${HTTPS_PORT}:${HTTPS_PORT}" - environment: - - TRAEFIK_TLS_CONF=${TRAEFIK_TLS_CONF} - - TRAEFIK_TLS_CERTS=${TRAEFIK_TLS_CERTS} - volumes: - - "${TRAEFIK_TLS_CONF}:/etc/traefik/conf/certs.yaml" - - "${TRAEFIK_TLS_CERTS}:/etc/traefik/certs" - - "./traefik/docker/traefik-tls.template.yml:/etc/traefik/traefik-tls.template.yml" - - "./traefik/docker/dynamic-tls.yml:/etc/traefik/conf/dynamic.yml" - command: /bin/ash -c "apk add gettext && envsubst < /etc/traefik/traefik-tls.template.yml > /etc/traefik/traefik-tls.yml && traefik --configFile=/etc/traefik/traefik-tls.yml" diff --git a/packages/grid/docker-compose.yml b/packages/grid/docker-compose.yml deleted file mode 100644 index c7a2bb7e709..00000000000 --- a/packages/grid/docker-compose.yml +++ /dev/null @@ -1,314 +0,0 @@ -version: "3.8" -services: - # docker-host: - # image: qoomon/docker-host - # cap_add: - # - net_admin - # - net_raw - - proxy: - restart: always - hostname: ${NODE_NAME?Variable not set} - image: ${DOCKER_IMAGE_TRAEFIK?Variable not set}:${TRAEFIK_VERSION?Variable not set} - profiles: - - proxy - networks: - - "${TRAEFIK_PUBLIC_NETWORK?Variable not set}" - - default - volumes: - - "./traefik/docker/traefik.yml:/etc/traefik/traefik.yml" - - "./traefik/docker/dynamic.yml:/etc/traefik/conf/dynamic.yml" - environment: - - SERVICE_NAME=proxy - - RELEASE=${RELEASE:-production} - - HOSTNAME=${NODE_NAME?Variable not set} - - HTTP_PORT=${HTTP_PORT} - - HTTPS_PORT=${HTTPS_PORT} - ports: - - "${HTTP_PORT}:81" - extra_hosts: - - "host.docker.internal:host-gateway" - labels: - - "orgs.openmined.syft=this is a syft proxy container" - - # depends_on: - # - "docker-host" - - frontend: - restart: always - image: "${DOCKER_IMAGE_FRONTEND?Variable not set}:${VERSION-latest}" - profiles: - - frontend - depends_on: - - proxy - environment: - - SERVICE_NAME=frontend - - RELEASE=${RELEASE:-production} - - NODE_TYPE=${NODE_TYPE?Variable not set} - - FRONTEND_TARGET=${FRONTEND_TARGET} - - VERSION=${VERSION} - - VERSION_HASH=${VERSION_HASH} - - PORT=80 - - HTTP_PORT=${HTTP_PORT} - - HTTPS_PORT=${HTTPS_PORT} - - BACKEND_API_BASE_URL=${BACKEND_API_BASE_URL} - extra_hosts: - - "host.docker.internal:host-gateway" - labels: - - "orgs.openmined.syft=this is a syft frontend container" - - # redis: - # restart: always - # image: redis:${REDIS_VERSION?Variable not set} - # volumes: - # - app-redis-data:/data - # - ./redis/redis.conf:/usr/local/etc/redis/redis.conf - # environment: - # - SERVICE_NAME=redis - # - RELEASE=${RELEASE:-production} - # env_file: - # - .env - - # queue: - # restart: always - # image: rabbitmq:3 - # environment: - # - SERVICE_NAME=queue - # - RELEASE=${RELEASE:-production} - # volumes: - # - ./rabbitmq/rabbitmq.conf:/etc/rabbitmq/rabbitmq.conf - - worker: - restart: always - image: "${DOCKER_IMAGE_BACKEND?Variable not set}:${VERSION-latest}" - hostname: ${NODE_NAME?Variable not set} - profiles: - - worker - env_file: - - .env - environment: - - SERVICE_NAME=worker - - RELEASE=${RELEASE:-production} - - VERSION=${VERSION} - - VERSION_HASH=${VERSION_HASH} - - NODE_TYPE=${NODE_TYPE?Variable not set} - - NODE_NAME=${NODE_NAME?Variable not set} - - STACK_API_KEY=${STACK_API_KEY} - - PORT=${HTTP_PORT} - - IGNORE_TLS_ERRORS=${IGNORE_TLS_ERRORS?False} - - HTTP_PORT=${HTTP_PORT} - - HTTPS_PORT=${HTTPS_PORT} - - USE_BLOB_STORAGE=${USE_BLOB_STORAGE} - - CONTAINER_HOST=${CONTAINER_HOST} - - TRACE=False # TODO: Trace Mode is set to False, until jaegar is integrated - - JAEGER_HOST=${JAEGER_HOST} - - JAEGER_PORT=${JAEGER_PORT} - - ASSOCIATION_TIMEOUT=${ASSOCIATION_TIMEOUT} - - DEV_MODE=${DEV_MODE} - - QUEUE_PORT=${QUEUE_PORT} - - CREATE_PRODUCER=true - - NODE_SIDE_TYPE=${NODE_SIDE_TYPE} - - ENABLE_WARNINGS=${ENABLE_WARNINGS} - - INMEMORY_WORKERS=True # hardcoding is intentional, since single_container don't share databases - ports: - - "${HTTP_PORT}:${HTTP_PORT}" - volumes: - - credentials-data:/root/data/creds/ - - /var/run/docker.sock:/var/run/docker.sock - extra_hosts: - - "host.docker.internal:host-gateway" - labels: - - "orgs.openmined.syft=this is a syft worker container" - - backend: - restart: always - image: "${DOCKER_IMAGE_BACKEND?Variable not set}:${VERSION-latest}" - profiles: - - backend - depends_on: - - proxy - - mongo - env_file: - - .env - environment: - - SERVICE_NAME=backend - - RELEASE=${RELEASE:-production} - - VERSION=${VERSION} - - VERSION_HASH=${VERSION_HASH} - - NODE_TYPE=${NODE_TYPE?Variable not set} - - NODE_NAME=${NODE_NAME?Variable not set} - - STACK_API_KEY=${STACK_API_KEY} - - PORT=8001 - - IGNORE_TLS_ERRORS=${IGNORE_TLS_ERRORS?False} - - HTTP_PORT=${HTTP_PORT} - - HTTPS_PORT=${HTTPS_PORT} - - USE_BLOB_STORAGE=${USE_BLOB_STORAGE} - - CONTAINER_HOST=${CONTAINER_HOST} - - TRACE=${TRACE} - - JAEGER_HOST=${JAEGER_HOST} - - JAEGER_PORT=${JAEGER_PORT} - - ASSOCIATION_TIMEOUT=${ASSOCIATION_TIMEOUT} - - DEV_MODE=${DEV_MODE} - - DEFAULT_ROOT_EMAIL=${DEFAULT_ROOT_EMAIL} - - DEFAULT_ROOT_PASSWORD=${DEFAULT_ROOT_PASSWORD} - - QUEUE_PORT=${QUEUE_PORT} - - CREATE_PRODUCER=true - - N_CONSUMERS=1 - - INMEMORY_WORKERS=${INMEMORY_WORKERS} - - HOST_GRID_PATH=${PWD} - command: "./grid/start.sh" - network_mode: service:proxy - volumes: - - ${CREDENTIALS_VOLUME}:/root/data/creds/ - - /var/run/docker.sock:/var/run/docker.sock - stdin_open: true - tty: true - labels: - - "orgs.openmined.syft=this is a syft backend container" - - # backend_stream: - # restart: always - # image: "${DOCKER_IMAGE_BACKEND?Variable not set}:${VERSION-latest}" - # depends_on: - # - proxy - # env_file: - # - .env - # environment: - # - SERVICE_NAME=backend_stream - # - RELEASE=${RELEASE:-production} - # - VERSION=${VERSION} - # - VERSION_HASH=${VERSION_HASH} - # - NODE_TYPE=${NODE_TYPE?Variable not set} - # - DOMAIN_NAME=${DOMAIN_NAME?Variable not set} - # - STACK_API_KEY=${STACK_API_KEY} - # - PORT=8011 - # - STREAM_QUEUE=1 - # - IGNORE_TLS_ERRORS=${IGNORE_TLS_ERRORS?False} - # - HTTP_PORT=${HTTP_PORT} - # - HTTPS_PORT=${HTTPS_PORT} - # - USE_BLOB_STORAGE=${USE_BLOB_STORAGE} - # - CONTAINER_HOST=${CONTAINER_HOST} - # - TRACE=${TRACE} - # - JAEGER_HOST=${JAEGER_HOST} - # - JAEGER_PORT=${JAEGER_PORT} - # - DEV_MODE=${DEV_MODE} - # network_mode: service:proxy - # volumes: - # - credentials-data:/root/data/creds/ - - # celeryworker: - # restart: always - # image: "${DOCKER_IMAGE_BACKEND?Variable not set}:${VERSION-latest}" - # depends_on: - # - proxy - # - queue - # env_file: - # - .env - # environment: - # - SERVICE_NAME=celeryworker - # - RELEASE=${RELEASE:-production} - # - VERSION=${VERSION} - # - VERSION_HASH=${VERSION_HASH} - # - NODE_TYPE=${NODE_TYPE?Variable not set} - # - DOMAIN_NAME=${DOMAIN_NAME?Variable not set} - # - C_FORCE_ROOT=1 - # - STACK_API_KEY=${STACK_API_KEY} - # - IGNORE_TLS_ERRORS=${IGNORE_TLS_ERRORS?False} - # - HTTP_PORT=${HTTP_PORT} - # - HTTPS_PORT=${HTTPS_PORT} - # - USE_BLOB_STORAGE=${USE_BLOB_STORAGE} - # - CONTAINER_HOST=${CONTAINER_HOST} - # - NETWORK_CHECK_INTERVAL=${NETWORK_CHECK_INTERVAL} - # - DOMAIN_CHECK_INTERVAL=${DOMAIN_CHECK_INTERVAL} - # - TRACE=${TRACE} - # - JAEGER_HOST=${JAEGER_HOST} - # - JAEGER_PORT=${JAEGER_PORT} - # - DEV_MODE=${DEV_MODE} - # command: "/app/grid/worker-start.sh" - # network_mode: service:proxy - # volumes: - # - credentials-data:/storage - - seaweedfs: - profiles: - - blob-storage - depends_on: - - proxy - env_file: - - .env - image: "${DOCKER_IMAGE_SEAWEEDFS?Variable not set}:${VERSION-latest}" - environment: - - SWFS_VOLUME_SIZE_LIMIT_MB=${SWFS_VOLUME_SIZE_LIMIT_MB:-1000} - - S3_ROOT_USER=${S3_ROOT_USER:-admin} - - S3_ROOT_PWD=${S3_ROOT_PWD:-admin} - - MOUNT_API_PORT=${MOUNT_API_PORT:-4001} - volumes: - - seaweedfs-data:/data - labels: - - "orgs.openmined.syft=this is a syft seaweedfs container" - - mongo: - image: "${MONGO_IMAGE}:${MONGO_VERSION}" - profiles: - - mongo - restart: always - environment: - - MONGO_INITDB_ROOT_USERNAME=${MONGO_USERNAME} - - MONGO_INITDB_ROOT_PASSWORD=${MONGO_PASSWORD} - volumes: - - mongo-data:/data/db - - mongo-config-data:/data/configdb - labels: - - "orgs.openmined.syft=this is a syft mongo container" - - jaeger: - profiles: - - telemetry - image: jaegertracing/all-in-one:1.37 - environment: - - COLLECTOR_ZIPKIN_HOST_PORT=9411 - - COLLECTOR_OTLP_ENABLED=true - extra_hosts: - - "host.docker.internal:host-gateway" - ports: - - "${JAEGER_PORT}:14268" # http collector - - "16686" # ui - # - "6831:6831/udp" - # - "6832:6832/udp" - # - "5778:5778" - # - "4317:4317" - # - "4318:4318" - # - "14250:14250" - # - "14269:14269" - # - "9411:9411" - volumes: - - jaeger-data:/tmp - labels: - - "orgs.openmined.syft=this is a syft jaeger container" - -volumes: - credentials-data: - labels: - orgs.openmined.syft: "this is a syft credentials volume" - seaweedfs-data: - labels: - orgs.openmined.syft: "this is a syft seaweedfs volume" - mongo-data: - labels: - orgs.openmined.syft: "this is a syft mongo volume" - mongo-config-data: - labels: - orgs.openmined.syft: "this is a syft mongo volume" - jaeger-data: - labels: - orgs.openmined.syft: "this is a syft jaeger volume" - -networks: - traefik-public: - # Allow setting it to false for testing - external: ${TRAEFIK_PUBLIC_NETWORK_IS_EXTERNAL-true} - labels: - orgs.openmined.syft: "this is a syft traefik public network" - default: - labels: - orgs.openmined.syft: "this is a syft default network" diff --git a/packages/grid/packer/Vagrantfile b/packages/grid/packer/Vagrantfile deleted file mode 100644 index c42c7d5be1d..00000000000 --- a/packages/grid/packer/Vagrantfile +++ /dev/null @@ -1,25 +0,0 @@ -# -*- mode: ruby -*- -# vi: set ft=ruby : - -VAGRANTFILE_API_VERSION = "2" - -Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| - - config.ssh.username = "ubuntu" - config.ssh.password = "ubuntu" - - config.vm.define "domain" do |node| - node.vm.box = "output-domain/openmined.domain.ubuntu2004.box" - node.vm.box_check_update = false - - node.vm.hostname = "node.openmined.grid" - node.vm.network :private_network, ip: "192.168.56.2", - virtualbox__intnet: true - node.vm.network "forwarded_port", guest: 80, host: 8080 - - node.vm.provider "virtualbox" do |vb| - vb.memory = "4096" - vb.name = "domain" - end - end -end diff --git a/packages/grid/packer/azure.pkr.hcl b/packages/grid/packer/azure.pkr.hcl deleted file mode 100644 index 9d79e5a13d1..00000000000 --- a/packages/grid/packer/azure.pkr.hcl +++ /dev/null @@ -1,67 +0,0 @@ -variable "appId" { - type = string - default = "" - sensitive = true -} - -variable "displayName" {} - -variable "password" { - type = string - default = "" - sensitive = true -} - -variable "tenant" { - type = string - default = "" - sensitive = true -} - -variable "subscription_id" { - type = string - default = "" - sensitive = true -} - -source "azure-arm" "domain" { - azure_tags = { - node_type = "domain" - os_version = "ubuntu2004" - } - client_id = "${var.appId}" - client_secret = "${var.password}" - image_publisher = "canonical" - image_offer = "0001-com-ubuntu-server-focal" - image_version = "latest" - image_sku = "20_04-lts" - location = "West US" - os_type = "Linux" - subscription_id = "${var.subscription_id}" - tenant_id = "${var.tenant}" - vm_size = "Standard_D4s_v3" - os_disk_size_gb = 128 - # vhd - # capture_container_name = "openmined-domain-ubuntu2004" # vhd - # capture_name_prefix = "openmined-domain" # vhd - # resource_group_name = "openmined-images" # vhd - # storage_account = "openminedimgs" # vhd - # managed image - managed_image_name = "openmined-domain-ubuntu2004-5" # managed image - managed_image_resource_group_name = "openmined-images" # managed image -} - -build { - name = "openmined.node.domain" - sources = ["source.azure-arm.domain"] - - provisioner "ansible" { - playbook_file = "../ansible/site.yml" - extra_arguments = [ "-v", "-e", "packer=true", "-e", "repo_branch=0.7.0" ] - } - - provisioner "shell" { - expect_disconnect = true - scripts = ["${path.root}/scripts/update.sh", "${path.root}/scripts/motd.sh", "${path.root}/scripts/hyperv.sh", "${path.root}/scripts/cleanup.sh"] - } -} diff --git a/packages/grid/packer/base.pkr.hcl b/packages/grid/packer/base.pkr.hcl deleted file mode 100644 index d88b509d8b3..00000000000 --- a/packages/grid/packer/base.pkr.hcl +++ /dev/null @@ -1,46 +0,0 @@ -variable "ubuntu_version" { - type = string - default = "20.04.5" - sensitive = true -} - -source "virtualbox-iso" "ubuntu2004" { - boot_command = [ - " ", - "autoinstall", - ] - cd_files = [ - "./cloud-config/meta-data", - "./cloud-config/user-data" - ] - cd_label = "cidata" - boot_wait = "5s" - guest_os_type = "ubuntu-64" - iso_checksum = "file:http://no.releases.ubuntu.com/${var.ubuntu_version}/SHA256SUMS" - iso_url = "http://no.releases.ubuntu.com/${var.ubuntu_version}/ubuntu-${var.ubuntu_version}-live-server-amd64.iso" - memory = 4096 - disk_size = 64000 - output_directory = "output-base" - output_filename = "openmined.base.ubuntu2004" - shutdown_command = "sudo shutdown -P now" - ssh_handshake_attempts = "1000" - ssh_password = "ubuntu" - ssh_pty = true - ssh_timeout = "20m" - ssh_username = "ubuntu" - host_port_min = 2222 - host_port_max = 2222 -} - -build { - name = "openmined.node.base" - sources = ["source.virtualbox-iso.ubuntu2004"] - - provisioner "shell" { - inline = ["echo initial provisioning"] - } - - post-processor "manifest" { - output = "base-manifest.json" - } -} diff --git a/packages/grid/packer/build_azure.sh b/packages/grid/packer/build_azure.sh deleted file mode 100755 index 9c839fa62c5..00000000000 --- a/packages/grid/packer/build_azure.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -packer init azure.pkr.hcl -PACKER_LOG=1 PACKER_LOG_PATH=./packer.log packer build -var-file=azure_vars.json -on-error=ask -var "subscription_id=${1}" azure.pkr.hcl diff --git a/packages/grid/packer/build_vagrant.sh b/packages/grid/packer/build_vagrant.sh deleted file mode 100755 index cd54ffb9c36..00000000000 --- a/packages/grid/packer/build_vagrant.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -packer init base.pkr.hcl -packer init domain.pkr.hcl -PACKER_LOG=1 PACKER_LOG_PATH=./packer.log packer build -on-error=ask base.pkr.hcl -PACKER_LOG=1 PACKER_LOG_PATH=./packer.log packer build -on-error=ask domain.pkr.hcl \ No newline at end of file diff --git a/packages/grid/packer/cloud-config/meta-data b/packages/grid/packer/cloud-config/meta-data deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/packages/grid/packer/cloud-config/user-data b/packages/grid/packer/cloud-config/user-data deleted file mode 100644 index 000b0317d62..00000000000 --- a/packages/grid/packer/cloud-config/user-data +++ /dev/null @@ -1,30 +0,0 @@ -#cloud-config -autoinstall: - version: 1 - locale: en_US - keyboard: - layout: en - variant: us - network: - version: 2 - ethernets: - enp0s3: - dhcp4: true - storage: - layout: - name: lvm - identity: - hostname: ubuntu - username: ubuntu - password: "$6$exDY1mhS4KUYCE/2$zmn9ToZwTKLhCw.b4/b.ZRTIZM30JZ4QrOQ2aOXJ8yk96xpcCof0kxKwuX1kqLG/ygbJ1f8wxED22bTL4F46P0" - user-data: - disable_root: false - ssh: - install-server: true - allow-pw: true - early-commands: - # otherwise packer tries to connect and exceed max attempts: - - sudo systemctl stop ssh - late-commands: - - 'sed -i "s/dhcp4: true/&\n dhcp-identifier: mac/" /target/etc/netplan/00-installer-config.yaml' - - echo 'ubuntu ALL=(ALL) NOPASSWD:ALL' > /target/etc/sudoers.d/ubuntu diff --git a/packages/grid/packer/domain.pkr.hcl b/packages/grid/packer/domain.pkr.hcl deleted file mode 100644 index 93a6564c5b5..00000000000 --- a/packages/grid/packer/domain.pkr.hcl +++ /dev/null @@ -1,33 +0,0 @@ -source "virtualbox-ovf" "domain" { - shutdown_command = "echo 'vagrant' | sudo -S shutdown -P now" - source_path = "output-base/openmined.base.ubuntu2004.ovf" - ssh_password = "ubuntu" - ssh_port = 22 - ssh_username = "ubuntu" - host_port_min = 2222 - host_port_max = 2222 - output_directory = "output-domain" - output_filename = "openmined.domain.ubuntu2004" -} - -build { - name = "openmined.node.domain" - sources = ["source.virtualbox-ovf.domain"] - - provisioner "ansible" { - playbook_file = "../ansible/site.yml" - extra_arguments = [ "-v", "-e", "packer=true", "-e", "repo_branch=0.7.0" ] - } - - provisioner "shell" { - expect_disconnect = true - scripts = ["${path.root}/scripts/update.sh", "${path.root}/scripts/motd.sh", "${path.root}/scripts/hyperv.sh", "${path.root}/scripts/cleanup.sh", "${path.root}/scripts/minimize.sh"] - } - - post-processor "vagrant" { - keep_input_artifact = true - provider_override = "virtualbox" - output = "output-domain/openmined.domain.ubuntu2004.box" - vagrantfile_template = "Vagrantfile" - } -} diff --git a/packages/grid/packer/scripts/cleanup.sh b/packages/grid/packer/scripts/cleanup.sh deleted file mode 100644 index f07c8054368..00000000000 --- a/packages/grid/packer/scripts/cleanup.sh +++ /dev/null @@ -1,81 +0,0 @@ -#!/bin/sh -eux - -# Delete all Linux headers -sudo dpkg --list \ -| awk '{ print $2 }' \ -| grep 'linux-headers' \ -| xargs sudo apt-get -y purge; - -# Remove specific Linux kernels, such as linux-image-3.11.0-15-generic but -# keeps the current kernel and does not touch the virtual packages, -# e.g. 'linux-image-generic', etc. -sudo dpkg --list \ -| awk '{ print $2 }' \ -| grep 'linux-image-.*-generic' \ -| grep -v `uname -r` \ -| xargs sudo apt-get -y purge; - -# Delete Linux source -sudo dpkg --list \ -| awk '{ print $2 }' \ -| grep linux-source \ -| xargs sudo apt-get -y purge; - -# Delete development packages -sudo dpkg --list \ -| awk '{ print $2 }' \ -| grep -- '-dev$' \ -| xargs sudo apt-get -y purge; - -# delete docs packages -sudo dpkg --list \ -| awk '{ print $2 }' \ -| grep -- '-doc$' \ -| xargs sudo apt-get -y purge; - -# Delete X11 libraries -sudo apt-get -y purge libx11-data xauth libxmuu1 libxcb1 libx11-6 libxext6; - -# Delete obsolete networking -sudo apt-get -y purge ppp pppconfig pppoeconf; - -# Delete oddities -sudo apt-get -y purge popularity-contest installation-report command-not-found friendly-recovery bash-completion fonts-ubuntu-font-family-console laptop-detect; - -# 19.10+ don't have this package so fail gracefully -sudo apt-get -y purge command-not-found-data || true; - -# Exlude the files we don't need w/o uninstalling linux-firmware -echo "==> Setup dpkg excludes for linux-firmware" -sudo su -c 'cat <<_EOF_ | cat >> /etc/dpkg/dpkg.cfg.d/excludes -#OM-BEGIN -path-exclude=/lib/firmware/* -path-exclude=/usr/share/doc/linux-firmware/* -#OM-END -_EOF_' - -# Delete the massive firmware packages -sudo rm -rf /lib/firmware/* -sudo rm -rf /usr/share/doc/linux-firmware/* - -sudo apt-get -y autoremove; -sudo apt-get -y clean; - -# Remove docs -sudo rm -rf /usr/share/doc/* - -# Remove caches -sudo find /var/cache -type f -exec rm -rf {} \; - -# truncate any logs that have built up during the install -sudo find /var/log -type f -exec truncate --size=0 {} \; - -# Blank netplan machine-id (DUID) so machines get unique ID generated on boot. -sudo truncate -s 0 /etc/machine-id - -# remove the contents of /tmp and /var/tmp -sudo rm -rf /tmp/* /var/tmp/* - -# clear the history so our install isn't there -export HISTSIZE=0 -sudo rm -f /root/.wget-hsts \ No newline at end of file diff --git a/packages/grid/packer/scripts/hyperv.sh b/packages/grid/packer/scripts/hyperv.sh deleted file mode 100755 index 293dd6d1f62..00000000000 --- a/packages/grid/packer/scripts/hyperv.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/sh -eux -ubuntu_version=$(lsb_release -r | awk '{print $2}') -major_version=$(echo $ubuntu_version | awk -F. '{print $1}') - -case "$PACKER_BUILDER_TYPE" in - hyperv-iso) - if [ "$major_version" -eq "16" ]; then - sudo apt-get install -y linux-tools-virtual-lts-xenial linux-cloud-tools-virtual-lts-xenial; - else - sudo apt-get -y install linux-image-virtual linux-tools-virtual linux-cloud-tools-virtual; - fi -esac diff --git a/packages/grid/packer/scripts/minimize.sh b/packages/grid/packer/scripts/minimize.sh deleted file mode 100644 index feed5a009f9..00000000000 --- a/packages/grid/packer/scripts/minimize.sh +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/sh -eux - -case "$PACKER_BUILDER_TYPE" in - qemu) exit 0 ;; -esac - -# Whiteout root -count=$(df --sync -kP / | tail -n1 | awk -F ' ' '{print $4}') -count=$(($count-1)) -sudo dd if=/dev/zero of=/tmp/whitespace bs=1M count=$count || echo "dd exit code $? is suppressed"; -sudo rm /tmp/whitespace - -# Whiteout /boot -count=$(df --sync -kP /boot | tail -n1 | awk -F ' ' '{print $4}') -count=$(($count-1)) -sudo dd if=/dev/zero of=/boot/whitespace bs=1M count=$count || echo "dd exit code $? is suppressed"; -sudo rm /boot/whitespace - -set +e -swapuuid="`/sbin/blkid -o value -l -s UUID -t TYPE=swap`"; -case "$?" in - 2|0) ;; - *) exit 1 ;; -esac -set -e - -if [ "x${swapuuid}" != "x" ]; then - # Whiteout the swap partition to reduce box size - # Swap is disabled till reboot - sudo swappart="`readlink -f /dev/disk/by-uuid/$swapuuid`"; - sudo /sbin/swapoff "$swappart"; - sudo dd if=/dev/zero of="$swappart" bs=1M || echo "dd exit code $? is suppressed"; - sudo /sbin/mkswap -U "$swapuuid" "$swappart"; -fi - -sudo sync; diff --git a/packages/grid/packer/scripts/motd.sh b/packages/grid/packer/scripts/motd.sh deleted file mode 100644 index ea5dd260b35..00000000000 --- a/packages/grid/packer/scripts/motd.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/sh -eux - -msg=' -This system is built by OpenMined. -More information can be found at https://github.com/OpenMined/PySyft' - -if [ -d /etc/update-motd.d ]; then - MOTD_CONFIG='/etc/update-motd.d/99-grid' - -sudo su -c "cat >> $MOTD_CONFIG <> /etc/motd' -fi diff --git a/packages/grid/packer/scripts/update.sh b/packages/grid/packer/scripts/update.sh deleted file mode 100644 index a69e0ca20bd..00000000000 --- a/packages/grid/packer/scripts/update.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/sh -eux -export DEBIAN_FRONTEND=noninteractive - -ubuntu_version=$(lsb_release -r | awk '{print $2}') -major_version=$(echo $ubuntu_version | awk -F. '{print $1}') - -# Disable release-upgrades -sudo sed -i.bak 's/^Prompt=.*$/Prompt=never/' /etc/update-manager/release-upgrades; - -# Disable systemd apt timers/services -if [ "$major_version" -ge "16" ]; then - sudo systemctl stop apt-daily.timer; - sudo systemctl stop apt-daily-upgrade.timer; - sudo systemctl disable apt-daily.timer; - sudo systemctl disable apt-daily-upgrade.timer; - sudo systemctl mask apt-daily.service; - sudo systemctl mask apt-daily-upgrade.service; - sudo systemctl daemon-reload; -fi - -# Disable periodic activities of apt to be safe -sudo su -c "cat </etc/apt/apt.conf.d/10periodic; -APT::Periodic::Enable "0"; -APT::Periodic::Update-Package-Lists "0"; -APT::Periodic::Download-Upgradeable-Packages "0"; -APT::Periodic::AutocleanInterval "0"; -APT::Periodic::Unattended-Upgrade "0"; -EOF"; - -# Clean and nuke the package from orbit -sudo rm -rf /var/log/unattended-upgrades; -sudo apt-get -y purge unattended-upgrades; - -# Update the package list -sudo apt-get -y update; - -# Upgrade all installed packages incl. kernel and kernel headers -sudo apt-get -y dist-upgrade -o Dpkg::Options::="--force-confnew"; - -sudo reboot diff --git a/packages/grid/podman/podman-kube/podman-syft-kube-config.yaml b/packages/grid/podman/podman-kube/podman-syft-kube-config.yaml deleted file mode 100644 index 079b81e15e4..00000000000 --- a/packages/grid/podman/podman-kube/podman-syft-kube-config.yaml +++ /dev/null @@ -1,104 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: podman-syft-config -data: - #!/bin/bash - DOMAIN: localhost - NODE_NAME: default_node_name - NODE_TYPE: domain - FRONTEND_TARGET: grid-ui-production - HTTP_PORT: 80 - HTTPS_PORT: 443 - NETWORK_NAME: omnet - RELEASE: production - - # tls - IGNORE_TLS_ERRORS: False - TRAEFIK_TLS_CONF: ./traefik/dynamic-configurations - TRAEFIK_TLS_CERTS: ./traefik/certs - TRAEFIK_PUBLIC_NETWORK: traefik-public - TRAEFIK_TAG: grid.openmined.org - TRAEFIK_PUBLIC_TAG: traefik-public - - STACK_NAME: grid-openmined-org - DOCKER_IMAGE_BACKEND: openmined/grid-backend - DOCKER_IMAGE_FRONTEND: openmined/grid-frontend - DOCKER_IMAGE_SEAWEEDFS: openmined/grid-seaweedfs - DOCKER_IMAGE_TRAEFIK: traefik - TRAEFIK_VERSION: v2.11.0 - REDIS_VERSION: 6.2 - RABBITMQ_VERSION: 3 - VERSION: 0.8.7-beta.7 - VERSION_HASH: unknown - STACK_API_KEY: "" - - # Backend - BACKEND_CORS_ORIGINS: '["http://localhost","http://localhost:4200","http://localhost:3000","http://localhost:8080","https://localhost","https://localhost:4200","https://localhost:3000","https://localhost:8080","http://dev.grid.openmined.org","https://stag.grid.openmined.org","https://grid.openmined.org"]' - PROJECT_NAME: grid - SECRET_KEY: changethis - DEFAULT_ROOT_EMAIL: info@openmined.org - DEFAULT_ROOT_PASSWORD: changethis - SMTP_TLS: True - SMTP_PORT: 587 - SMTP_HOST: - SMTP_USER: - SMTP_PASSWORD: - EMAILS_FROM_EMAIL: info@openmined.org - SERVER_HOST: "https://${DOMAIN}" - NETWORK_CHECK_INTERVAL: 60 - DOMAIN_CHECK_INTERVAL: 60 - ASSOCIATION_TIMEOUT: 10 - USERS_OPEN_REGISTRATION: False - DEV_MODE: False - - # New Service Flag - USE_NEW_SERVICE: False - - # Frontend - BACKEND_API_BASE_URL: "/api/v2" - - # SeaweedFS - S3_ENDPOINT: "seaweedfs" - S3_PORT: 8333 - S3_ROOT_USER: "admin" - S3_ROOT_PWD: "admin" - S3_REGION: "us-east-1" - S3_PRESIGNED_TIMEOUT_SECS: 1800 - - # Jax - JAX_ENABLE_X64: True - - # Mongo - MONGO_HOST: localhost - MONGO_PORT: 27017 - MONGO_USERNAME: root - MONGO_PASSWORD: example - MONGO_INITDB_ROOT_USERNAME: root - MONGO_INITDB_ROOT_PASSWORD: example - - # Redis - REDIS_PORT: 6379 - REDIS_STORE_DB_ID: 0 - REDIS_LEDGER_DB_ID: 1 - REDIS_HOST: redis - - # System - CONTAINER_HOST: podman - RELATIVE_PATH: "" - - # Jaeger - TRACE: False - JAEGER_HOST: localhost - JAEGER_PORT: 14268 - - # Syft - SYFT_TUTORIAL_MODE: False - CREDENTIALS_VOLUME: credentials-data - NODE_SIDE_TYPE: high - - # Worker - USE_BLOB_STORAGE: False - - # Registation - ENABLE_SIGNUP: False diff --git a/packages/grid/podman/podman-kube/podman-syft-kube.yaml b/packages/grid/podman/podman-kube/podman-syft-kube.yaml deleted file mode 100644 index 6c639bec7b8..00000000000 --- a/packages/grid/podman/podman-kube/podman-syft-kube.yaml +++ /dev/null @@ -1,92 +0,0 @@ -# Save the output of this file and use kubectl create -f to import -# it into Kubernetes. -# -# Created with podman-4.4.1 -apiVersion: v1 -kind: Pod -metadata: - annotations: - bind-mount-options: ./traefik:Z - creationTimestamp: "2023-07-28T10:22:55Z" - labels: - app: syft - name: syft -spec: - containers: - - name: mongo-db - args: - - mongod - env: - - name: MONGO_INITDB_ROOT_USERNAME - value: root - - name: MONGO_INITDB_ROOT_PASSWORD - value: example - image: docker.io/library/mongo:7.0.4 - imagePullPolicy: IfNotPresent - resources: {} - tty: true - volumeMounts: - - mountPath: /data/configdb - name: f1b3ce32d0fb1a523f83e89dbd0446a37a8609c85507deaaba0567f98155d84b-pvc - - mountPath: /data/db - name: 89196523be4d26c2ec522a40974fd101abd2fc1ec608db27ad40758cc2b52215-pvc - - - name: backend - env: - - name: PORT - value: "8001" - - name: ENABLE_WARNINGS - value: "False" - envFrom: - - configMapRef: - name: podman-syft-config - - image: docker.io/openmined/grid-backend:0.8.7-beta.7 - imagePullPolicy: IfNotPresent - resources: {} - tty: true - - - name: frontend - args: - - /bin/sh - - -c - - pnpm dev - env: - - name: PORT - value: "80" - envFrom: - - configMapRef: - name: podman-syft-config - image: docker.io/openmined/grid-frontend:0.8.7-beta.7 - imagePullPolicy: IfNotPresent - resources: {} - tty: true - - - name: traefik - ports: - - containerPort: 81 - hostPort: 8080 - args: - - --configFile=/traefik_config/traefik.yml - image: docker.io/library/traefik:v2.8.1 - imagePullPolicy: IfNotPresent - resources: {} - tty: true - volumeMounts: - - mountPath: /traefik_config - name: traefik-host-0 - readOnly: true - hostname: syft - restartPolicy: Always - volumes: - - name: f1b3ce32d0fb1a523f83e89dbd0446a37a8609c85507deaaba0567f98155d84b-pvc - persistentVolumeClaim: - claimName: f1b3ce32d0fb1a523f83e89dbd0446a37a8609c85507deaaba0567f98155d84b - - name: 89196523be4d26c2ec522a40974fd101abd2fc1ec608db27ad40758cc2b52215-pvc - persistentVolumeClaim: - claimName: 89196523be4d26c2ec522a40974fd101abd2fc1ec608db27ad40758cc2b52215 - - hostPath: - path: ./traefik - type: Directory - name: traefik-host-0 -status: {} diff --git a/packages/grid/podman/podman-kube/traefik/conf/dynamic.yml b/packages/grid/podman/podman-kube/traefik/conf/dynamic.yml deleted file mode 100644 index 4d8e61900ce..00000000000 --- a/packages/grid/podman/podman-kube/traefik/conf/dynamic.yml +++ /dev/null @@ -1,28 +0,0 @@ -#since the containers are in the same pod, they could communicate using localhost - -http: - services: - frontend: - loadBalancer: - servers: - - url: "http://localhost:80" - backend: - loadBalancer: - servers: - - url: "http://localhost:8001" - routers: - frontend: - rule: "PathPrefix(`/`)" - entryPoints: - - web - service: "frontend" - backend: - rule: "PathPrefix(`/api`) || PathPrefix(`/docs`) || PathPrefix(`/redoc`)" - entryPoints: - - web - service: "backend" - ping: - rule: "PathPrefix(`/ping`)" - entryPoints: - - web - service: "ping@internal" diff --git a/packages/grid/podman/podman-kube/traefik/traefik.yml b/packages/grid/podman/podman-kube/traefik/traefik.yml deleted file mode 100644 index 4e2f3434049..00000000000 --- a/packages/grid/podman/podman-kube/traefik/traefik.yml +++ /dev/null @@ -1,18 +0,0 @@ -global: - checkNewVersion: false - sendAnonymousUsage: false - -log: - level: INFO - -entryPoints: - web: - address: :81 - -ping: - manualRouting: true - -providers: - file: - directory: /traefik_config/conf - watch: true diff --git a/packages/grid/rabbitmq/rabbitmq.conf b/packages/grid/rabbitmq/rabbitmq.conf deleted file mode 100644 index 5eb0c0d8819..00000000000 --- a/packages/grid/rabbitmq/rabbitmq.conf +++ /dev/null @@ -1,3 +0,0 @@ -max_message_size = 536870911 -heartbeat = 600 -loopback_users.guest = true diff --git a/packages/grid/redis/redis.conf b/packages/grid/redis/redis.conf deleted file mode 100644 index 8a486c47104..00000000000 --- a/packages/grid/redis/redis.conf +++ /dev/null @@ -1,2051 +0,0 @@ -# Redis configuration file example. -# -# Note that in order to read the configuration file, Redis must be -# started with the file path as first argument: -# -# ./redis-server /path/to/redis.conf - -# Note on units: when memory size is needed, it is possible to specify -# it in the usual form of 1k 5GB 4M and so forth: -# -# 1k => 1000 bytes -# 1kb => 1024 bytes -# 1m => 1000000 bytes -# 1mb => 1024*1024 bytes -# 1g => 1000000000 bytes -# 1gb => 1024*1024*1024 bytes -# -# units are case insensitive so 1GB 1Gb 1gB are all the same. - -################################## INCLUDES ################################### - -# Include one or more other config files here. This is useful if you -# have a standard template that goes to all Redis servers but also need -# to customize a few per-server settings. Include files can include -# other files, so use this wisely. -# -# Note that option "include" won't be rewritten by command "CONFIG REWRITE" -# from admin or Redis Sentinel. Since Redis always uses the last processed -# line as value of a configuration directive, you'd better put includes -# at the beginning of this file to avoid overwriting config change at runtime. -# -# If instead you are interested in using includes to override configuration -# options, it is better to use include as the last line. -# -# include /path/to/local.conf -# include /path/to/other.conf - -################################## MODULES ##################################### - -# Load modules at startup. If the server is not able to load modules -# it will abort. It is possible to use multiple loadmodule directives. -# -# loadmodule /path/to/my_module.so -# loadmodule /path/to/other_module.so - -################################## NETWORK ##################################### - -# By default, if no "bind" configuration directive is specified, Redis listens -# for connections from all available network interfaces on the host machine. -# It is possible to listen to just one or multiple selected interfaces using -# the "bind" configuration directive, followed by one or more IP addresses. -# Each address can be prefixed by "-", which means that redis will not fail to -# start if the address is not available. Being not available only refers to -# addresses that does not correspond to any network interfece. Addresses that -# are already in use will always fail, and unsupported protocols will always BE -# silently skipped. -# -# Examples: -# -# bind 192.168.1.100 10.0.0.1 # listens on two specific IPv4 addresses -# bind 127.0.0.1 ::1 # listens on loopback IPv4 and IPv6 -# bind * -::* # like the default, all available interfaces -# -# ~~~ WARNING ~~~ If the computer running Redis is directly exposed to the -# internet, binding to all the interfaces is dangerous and will expose the -# instance to everybody on the internet. So by default we uncomment the -# following bind directive, that will force Redis to listen only on the -# IPv4 and IPv6 (if available) loopback interface addresses (this means Redis -# will only be able to accept client connections from the same host that it is -# running on). -# -# IF YOU ARE SURE YOU WANT YOUR INSTANCE TO LISTEN TO ALL THE INTERFACES -# JUST COMMENT OUT THE FOLLOWING LINE. -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -bind 127.0.0.1 -::1 - -# Protected mode is a layer of security protection, in order to avoid that -# Redis instances left open on the internet are accessed and exploited. -# -# When protected mode is on and if: -# -# 1) The server is not binding explicitly to a set of addresses using the -# "bind" directive. -# 2) No password is configured. -# -# The server only accepts connections from clients connecting from the -# IPv4 and IPv6 loopback addresses 127.0.0.1 and ::1, and from Unix domain -# sockets. -# -# By default protected mode is enabled. You should disable it only if -# you are sure you want clients from other hosts to connect to Redis -# even if no authentication is configured, nor a specific set of interfaces -# are explicitly listed using the "bind" directive. -protected-mode yes - -# Accept connections on the specified port, default is 6379 (IANA #815344). -# If port 0 is specified Redis will not listen on a TCP socket. -port 6379 - -# TCP listen() backlog. -# -# In high requests-per-second environments you need a high backlog in order -# to avoid slow clients connection issues. Note that the Linux kernel -# will silently truncate it to the value of /proc/sys/net/core/somaxconn so -# make sure to raise both the value of somaxconn and tcp_max_syn_backlog -# in order to get the desired effect. -tcp-backlog 511 - -# Unix socket. -# -# Specify the path for the Unix socket that will be used to listen for -# incoming connections. There is no default, so Redis will not listen -# on a unix socket when not specified. -# -# unixsocket /run/redis.sock -# unixsocketperm 700 - -# Close the connection after a client is idle for N seconds (0 to disable) -timeout 0 - -# TCP keepalive. -# -# If non-zero, use SO_KEEPALIVE to send TCP ACKs to clients in absence -# of communication. This is useful for two reasons: -# -# 1) Detect dead peers. -# 2) Force network equipment in the middle to consider the connection to be -# alive. -# -# On Linux, the specified value (in seconds) is the period used to send ACKs. -# Note that to close the connection the double of the time is needed. -# On other kernels the period depends on the kernel configuration. -# -# A reasonable value for this option is 300 seconds, which is the new -# Redis default starting with Redis 3.2.1. -tcp-keepalive 300 - -################################# TLS/SSL ##################################### - -# By default, TLS/SSL is disabled. To enable it, the "tls-port" configuration -# directive can be used to define TLS-listening ports. To enable TLS on the -# default port, use: -# -# port 0 -# tls-port 6379 - -# Configure a X.509 certificate and private key to use for authenticating the -# server to connected clients, masters or cluster peers. These files should be -# PEM formatted. -# -# tls-cert-file redis.crt -# tls-key-file redis.key -# -# If the key file is encrypted using a passphrase, it can be included here -# as well. -# -# tls-key-file-pass secret - -# Normally Redis uses the same certificate for both server functions (accepting -# connections) and client functions (replicating from a master, establishing -# cluster bus connections, etc.). -# -# Sometimes certificates are issued with attributes that designate them as -# client-only or server-only certificates. In that case it may be desired to use -# different certificates for incoming (server) and outgoing (client) -# connections. To do that, use the following directives: -# -# tls-client-cert-file client.crt -# tls-client-key-file client.key -# -# If the key file is encrypted using a passphrase, it can be included here -# as well. -# -# tls-client-key-file-pass secret - -# Configure a DH parameters file to enable Diffie-Hellman (DH) key exchange: -# -# tls-dh-params-file redis.dh - -# Configure a CA certificate(s) bundle or directory to authenticate TLS/SSL -# clients and peers. Redis requires an explicit configuration of at least one -# of these, and will not implicitly use the system wide configuration. -# -# tls-ca-cert-file ca.crt -# tls-ca-cert-dir /etc/ssl/certs - -# By default, clients (including replica servers) on a TLS port are required -# to authenticate using valid client side certificates. -# -# If "no" is specified, client certificates are not required and not accepted. -# If "optional" is specified, client certificates are accepted and must be -# valid if provided, but are not required. -# -# tls-auth-clients no -# tls-auth-clients optional - -# By default, a Redis replica does not attempt to establish a TLS connection -# with its master. -# -# Use the following directive to enable TLS on replication links. -# -# tls-replication yes - -# By default, the Redis Cluster bus uses a plain TCP connection. To enable -# TLS for the bus protocol, use the following directive: -# -# tls-cluster yes - -# By default, only TLSv1.2 and TLSv1.3 are enabled and it is highly recommended -# that older formally deprecated versions are kept disabled to reduce the attack surface. -# You can explicitly specify TLS versions to support. -# Allowed values are case insensitive and include "TLSv1", "TLSv1.1", "TLSv1.2", -# "TLSv1.3" (OpenSSL >= 1.1.1) or any combination. -# To enable only TLSv1.2 and TLSv1.3, use: -# -# tls-protocols "TLSv1.2 TLSv1.3" - -# Configure allowed ciphers. See the ciphers(1ssl) manpage for more information -# about the syntax of this string. -# -# Note: this configuration applies only to <= TLSv1.2. -# -# tls-ciphers DEFAULT:!MEDIUM - -# Configure allowed TLSv1.3 ciphersuites. See the ciphers(1ssl) manpage for more -# information about the syntax of this string, and specifically for TLSv1.3 -# ciphersuites. -# -# tls-ciphersuites TLS_CHACHA20_POLY1305_SHA256 - -# When choosing a cipher, use the server's preference instead of the client -# preference. By default, the server follows the client's preference. -# -# tls-prefer-server-ciphers yes - -# By default, TLS session caching is enabled to allow faster and less expensive -# reconnections by clients that support it. Use the following directive to disable -# caching. -# -# tls-session-caching no - -# Change the default number of TLS sessions cached. A zero value sets the cache -# to unlimited size. The default size is 20480. -# -# tls-session-cache-size 5000 - -# Change the default timeout of cached TLS sessions. The default timeout is 300 -# seconds. -# -# tls-session-cache-timeout 60 - -################################# GENERAL ##################################### - -# By default Redis does not run as a daemon. Use 'yes' if you need it. -# Note that Redis will write a pid file in /var/run/redis.pid when daemonized. -# When Redis is supervised by upstart or systemd, this parameter has no impact. -daemonize no - -# If you run Redis from upstart or systemd, Redis can interact with your -# supervision tree. Options: -# supervised no - no supervision interaction -# supervised upstart - signal upstart by putting Redis into SIGSTOP mode -# requires "expect stop" in your upstart job config -# supervised systemd - signal systemd by writing READY=1 to $NOTIFY_SOCKET -# on startup, and updating Redis status on a regular -# basis. -# supervised auto - detect upstart or systemd method based on -# UPSTART_JOB or NOTIFY_SOCKET environment variables -# Note: these supervision methods only signal "process is ready." -# They do not enable continuous pings back to your supervisor. -# -# The default is "no". To run under upstart/systemd, you can simply uncomment -# the line below: -# -# supervised auto - -# If a pid file is specified, Redis writes it where specified at startup -# and removes it at exit. -# -# When the server runs non daemonized, no pid file is created if none is -# specified in the configuration. When the server is daemonized, the pid file -# is used even if not specified, defaulting to "/var/run/redis.pid". -# -# Creating a pid file is best effort: if Redis is not able to create it -# nothing bad happens, the server will start and run normally. -# -# Note that on modern Linux systems "/run/redis.pid" is more conforming -# and should be used instead. -pidfile /var/run/redis_6379.pid - -# Specify the server verbosity level. -# This can be one of: -# debug (a lot of information, useful for development/testing) -# verbose (many rarely useful info, but not a mess like the debug level) -# notice (moderately verbose, what you want in production probably) -# warning (only very important / critical messages are logged) -loglevel notice - -# Specify the log file name. Also the empty string can be used to force -# Redis to log on the standard output. Note that if you use standard -# output for logging but daemonize, logs will be sent to /dev/null -logfile "" - -# To enable logging to the system logger, just set 'syslog-enabled' to yes, -# and optionally update the other syslog parameters to suit your needs. -# syslog-enabled no - -# Specify the syslog identity. -# syslog-ident redis - -# Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7. -# syslog-facility local0 - -# To disable the built in crash log, which will possibly produce cleaner core -# dumps when they are needed, uncomment the following: -# -# crash-log-enabled no - -# To disable the fast memory check that's run as part of the crash log, which -# will possibly let redis terminate sooner, uncomment the following: -# -# crash-memcheck-enabled no - -# Set the number of databases. The default database is DB 0, you can select -# a different one on a per-connection basis using SELECT where -# dbid is a number between 0 and 'databases'-1 -databases 16 - -# By default Redis shows an ASCII art logo only when started to log to the -# standard output and if the standard output is a TTY and syslog logging is -# disabled. Basically this means that normally a logo is displayed only in -# interactive sessions. -# -# However it is possible to force the pre-4.0 behavior and always show a -# ASCII art logo in startup logs by setting the following option to yes. -always-show-logo no - -# By default, Redis modifies the process title (as seen in 'top' and 'ps') to -# provide some runtime information. It is possible to disable this and leave -# the process name as executed by setting the following to no. -set-proc-title yes - -# When changing the process title, Redis uses the following template to construct -# the modified title. -# -# Template variables are specified in curly brackets. The following variables are -# supported: -# -# {title} Name of process as executed if parent, or type of child process. -# {listen-addr} Bind address or '*' followed by TCP or TLS port listening on, or -# Unix socket if only that's available. -# {server-mode} Special mode, i.e. "[sentinel]" or "[cluster]". -# {port} TCP port listening on, or 0. -# {tls-port} TLS port listening on, or 0. -# {unixsocket} Unix domain socket listening on, or "". -# {config-file} Name of configuration file used. -# -proc-title-template "{title} {listen-addr} {server-mode}" - -################################ SNAPSHOTTING ################################ - -# Save the DB to disk. -# -# save -# -# Redis will save the DB if both the given number of seconds and the given -# number of write operations against the DB occurred. -# -# Snapshotting can be completely disabled with a single empty string argument -# as in following example: -# -# save "" -# -# Unless specified otherwise, by default Redis will save the DB: -# * After 3600 seconds (an hour) if at least 1 key changed -# * After 300 seconds (5 minutes) if at least 100 keys changed -# * After 60 seconds if at least 10000 keys changed -# -# You can set these explicitly by uncommenting the three following lines. -# -# save 3600 1 -# save 300 100 -# save 60 10000 - -# By default Redis will stop accepting writes if RDB snapshots are enabled -# (at least one save point) and the latest background save failed. -# This will make the user aware (in a hard way) that data is not persisting -# on disk properly, otherwise chances are that no one will notice and some -# disaster will happen. -# -# If the background saving process will start working again Redis will -# automatically allow writes again. -# -# However if you have setup your proper monitoring of the Redis server -# and persistence, you may want to disable this feature so that Redis will -# continue to work as usual even if there are problems with disk, -# permissions, and so forth. -stop-writes-on-bgsave-error yes - -# Compress string objects using LZF when dump .rdb databases? -# By default compression is enabled as it's almost always a win. -# If you want to save some CPU in the saving child set it to 'no' but -# the dataset will likely be bigger if you have compressible values or keys. -rdbcompression yes - -# Since version 5 of RDB a CRC64 checksum is placed at the end of the file. -# This makes the format more resistant to corruption but there is a performance -# hit to pay (around 10%) when saving and loading RDB files, so you can disable it -# for maximum performances. -# -# RDB files created with checksum disabled have a checksum of zero that will -# tell the loading code to skip the check. -rdbchecksum yes - -# Enables or disables full sanitation checks for ziplist and listpack etc when -# loading an RDB or RESTORE payload. This reduces the chances of a assertion or -# crash later on while processing commands. -# Options: -# no - Never perform full sanitation -# yes - Always perform full sanitation -# clients - Perform full sanitation only for user connections. -# Excludes: RDB files, RESTORE commands received from the master -# connection, and client connections which have the -# skip-sanitize-payload ACL flag. -# The default should be 'clients' but since it currently affects cluster -# resharding via MIGRATE, it is temporarily set to 'no' by default. -# -# sanitize-dump-payload no - -# The filename where to dump the DB -dbfilename dump.rdb - -# Remove RDB files used by replication in instances without persistence -# enabled. By default this option is disabled, however there are environments -# where for regulations or other security concerns, RDB files persisted on -# disk by masters in order to feed replicas, or stored on disk by replicas -# in order to load them for the initial synchronization, should be deleted -# ASAP. Note that this option ONLY WORKS in instances that have both AOF -# and RDB persistence disabled, otherwise is completely ignored. -# -# An alternative (and sometimes better) way to obtain the same effect is -# to use diskless replication on both master and replicas instances. However -# in the case of replicas, diskless is not always an option. -rdb-del-sync-files no - -# The working directory. -# -# The DB will be written inside this directory, with the filename specified -# above using the 'dbfilename' configuration directive. -# -# The Append Only File will also be created inside this directory. -# -# Note that you must specify a directory here, not a file name. -dir ./ - -################################# REPLICATION ################################# - -# Master-Replica replication. Use replicaof to make a Redis instance a copy of -# another Redis server. A few things to understand ASAP about Redis replication. -# -# +------------------+ +---------------+ -# | Master | ---> | Replica | -# | (receive writes) | | (exact copy) | -# +------------------+ +---------------+ -# -# 1) Redis replication is asynchronous, but you can configure a master to -# stop accepting writes if it appears to be not connected with at least -# a given number of replicas. -# 2) Redis replicas are able to perform a partial resynchronization with the -# master if the replication link is lost for a relatively small amount of -# time. You may want to configure the replication backlog size (see the next -# sections of this file) with a sensible value depending on your needs. -# 3) Replication is automatic and does not need user intervention. After a -# network partition replicas automatically try to reconnect to masters -# and resynchronize with them. -# -# replicaof - -# If the master is password protected (using the "requirepass" configuration -# directive below) it is possible to tell the replica to authenticate before -# starting the replication synchronization process, otherwise the master will -# refuse the replica request. -# -# masterauth -# -# However this is not enough if you are using Redis ACLs (for Redis version -# 6 or greater), and the default user is not capable of running the PSYNC -# command and/or other commands needed for replication. In this case it's -# better to configure a special user to use with replication, and specify the -# masteruser configuration as such: -# -# masteruser -# -# When masteruser is specified, the replica will authenticate against its -# master using the new AUTH form: AUTH . - -# When a replica loses its connection with the master, or when the replication -# is still in progress, the replica can act in two different ways: -# -# 1) if replica-serve-stale-data is set to 'yes' (the default) the replica will -# still reply to client requests, possibly with out of date data, or the -# data set may just be empty if this is the first synchronization. -# -# 2) If replica-serve-stale-data is set to 'no' the replica will reply with -# an error "SYNC with master in progress" to all commands except: -# INFO, REPLICAOF, AUTH, PING, SHUTDOWN, REPLCONF, ROLE, CONFIG, SUBSCRIBE, -# UNSUBSCRIBE, PSUBSCRIBE, PUNSUBSCRIBE, PUBLISH, PUBSUB, COMMAND, POST, -# HOST and LATENCY. -# -replica-serve-stale-data yes - -# You can configure a replica instance to accept writes or not. Writing against -# a replica instance may be useful to store some ephemeral data (because data -# written on a replica will be easily deleted after resync with the master) but -# may also cause problems if clients are writing to it because of a -# misconfiguration. -# -# Since Redis 2.6 by default replicas are read-only. -# -# Note: read only replicas are not designed to be exposed to untrusted clients -# on the internet. It's just a protection layer against misuse of the instance. -# Still a read only replica exports by default all the administrative commands -# such as CONFIG, DEBUG, and so forth. To a limited extent you can improve -# security of read only replicas using 'rename-command' to shadow all the -# administrative / dangerous commands. -replica-read-only yes - -# Replication SYNC strategy: disk or socket. -# -# New replicas and reconnecting replicas that are not able to continue the -# replication process just receiving differences, need to do what is called a -# "full synchronization". An RDB file is transmitted from the master to the -# replicas. -# -# The transmission can happen in two different ways: -# -# 1) Disk-backed: The Redis master creates a new process that writes the RDB -# file on disk. Later the file is transferred by the parent -# process to the replicas incrementally. -# 2) Diskless: The Redis master creates a new process that directly writes the -# RDB file to replica sockets, without touching the disk at all. -# -# With disk-backed replication, while the RDB file is generated, more replicas -# can be queued and served with the RDB file as soon as the current child -# producing the RDB file finishes its work. With diskless replication instead -# once the transfer starts, new replicas arriving will be queued and a new -# transfer will start when the current one terminates. -# -# When diskless replication is used, the master waits a configurable amount of -# time (in seconds) before starting the transfer in the hope that multiple -# replicas will arrive and the transfer can be parallelized. -# -# With slow disks and fast (large bandwidth) networks, diskless replication -# works better. -repl-diskless-sync no - -# When diskless replication is enabled, it is possible to configure the delay -# the server waits in order to spawn the child that transfers the RDB via socket -# to the replicas. -# -# This is important since once the transfer starts, it is not possible to serve -# new replicas arriving, that will be queued for the next RDB transfer, so the -# server waits a delay in order to let more replicas arrive. -# -# The delay is specified in seconds, and by default is 5 seconds. To disable -# it entirely just set it to 0 seconds and the transfer will start ASAP. -repl-diskless-sync-delay 5 - -# ----------------------------------------------------------------------------- -# WARNING: RDB diskless load is experimental. Since in this setup the replica -# does not immediately store an RDB on disk, it may cause data loss during -# failovers. RDB diskless load + Redis modules not handling I/O reads may also -# cause Redis to abort in case of I/O errors during the initial synchronization -# stage with the master. Use only if you know what you are doing. -# ----------------------------------------------------------------------------- -# -# Replica can load the RDB it reads from the replication link directly from the -# socket, or store the RDB to a file and read that file after it was completely -# received from the master. -# -# In many cases the disk is slower than the network, and storing and loading -# the RDB file may increase replication time (and even increase the master's -# Copy on Write memory and salve buffers). -# However, parsing the RDB file directly from the socket may mean that we have -# to flush the contents of the current database before the full rdb was -# received. For this reason we have the following options: -# -# "disabled" - Don't use diskless load (store the rdb file to the disk first) -# "on-empty-db" - Use diskless load only when it is completely safe. -# "swapdb" - Keep a copy of the current db contents in RAM while parsing -# the data directly from the socket. note that this requires -# sufficient memory, if you don't have it, you risk an OOM kill. -repl-diskless-load disabled - -# Replicas send PINGs to server in a predefined interval. It's possible to -# change this interval with the repl_ping_replica_period option. The default -# value is 10 seconds. -# -# repl-ping-replica-period 10 - -# The following option sets the replication timeout for: -# -# 1) Bulk transfer I/O during SYNC, from the point of view of replica. -# 2) Master timeout from the point of view of replicas (data, pings). -# 3) Replica timeout from the point of view of masters (REPLCONF ACK pings). -# -# It is important to make sure that this value is greater than the value -# specified for repl-ping-replica-period otherwise a timeout will be detected -# every time there is low traffic between the master and the replica. The default -# value is 60 seconds. -# -# repl-timeout 60 - -# Disable TCP_NODELAY on the replica socket after SYNC? -# -# If you select "yes" Redis will use a smaller number of TCP packets and -# less bandwidth to send data to replicas. But this can add a delay for -# the data to appear on the replica side, up to 40 milliseconds with -# Linux kernels using a default configuration. -# -# If you select "no" the delay for data to appear on the replica side will -# be reduced but more bandwidth will be used for replication. -# -# By default we optimize for low latency, but in very high traffic conditions -# or when the master and replicas are many hops away, turning this to "yes" may -# be a good idea. -repl-disable-tcp-nodelay no - -# Set the replication backlog size. The backlog is a buffer that accumulates -# replica data when replicas are disconnected for some time, so that when a -# replica wants to reconnect again, often a full resync is not needed, but a -# partial resync is enough, just passing the portion of data the replica -# missed while disconnected. -# -# The bigger the replication backlog, the longer the replica can endure the -# disconnect and later be able to perform a partial resynchronization. -# -# The backlog is only allocated if there is at least one replica connected. -# -# repl-backlog-size 1mb - -# After a master has no connected replicas for some time, the backlog will be -# freed. The following option configures the amount of seconds that need to -# elapse, starting from the time the last replica disconnected, for the backlog -# buffer to be freed. -# -# Note that replicas never free the backlog for timeout, since they may be -# promoted to masters later, and should be able to correctly "partially -# resynchronize" with other replicas: hence they should always accumulate backlog. -# -# A value of 0 means to never release the backlog. -# -# repl-backlog-ttl 3600 - -# The replica priority is an integer number published by Redis in the INFO -# output. It is used by Redis Sentinel in order to select a replica to promote -# into a master if the master is no longer working correctly. -# -# A replica with a low priority number is considered better for promotion, so -# for instance if there are three replicas with priority 10, 100, 25 Sentinel -# will pick the one with priority 10, that is the lowest. -# -# However a special priority of 0 marks the replica as not able to perform the -# role of master, so a replica with priority of 0 will never be selected by -# Redis Sentinel for promotion. -# -# By default the priority is 100. -replica-priority 100 - -# ----------------------------------------------------------------------------- -# By default, Redis Sentinel includes all replicas in its reports. A replica -# can be excluded from Redis Sentinel's announcements. An unannounced replica -# will be ignored by the 'sentinel replicas ' command and won't be -# exposed to Redis Sentinel's clients. -# -# This option does not change the behavior of replica-priority. Even with -# replica-announced set to 'no', the replica can be promoted to master. To -# prevent this behavior, set replica-priority to 0. -# -# replica-announced yes - -# It is possible for a master to stop accepting writes if there are less than -# N replicas connected, having a lag less or equal than M seconds. -# -# The N replicas need to be in "online" state. -# -# The lag in seconds, that must be <= the specified value, is calculated from -# the last ping received from the replica, that is usually sent every second. -# -# This option does not GUARANTEE that N replicas will accept the write, but -# will limit the window of exposure for lost writes in case not enough replicas -# are available, to the specified number of seconds. -# -# For example to require at least 3 replicas with a lag <= 10 seconds use: -# -# min-replicas-to-write 3 -# min-replicas-max-lag 10 -# -# Setting one or the other to 0 disables the feature. -# -# By default min-replicas-to-write is set to 0 (feature disabled) and -# min-replicas-max-lag is set to 10. - -# A Redis master is able to list the address and port of the attached -# replicas in different ways. For example the "INFO replication" section -# offers this information, which is used, among other tools, by -# Redis Sentinel in order to discover replica instances. -# Another place where this info is available is in the output of the -# "ROLE" command of a master. -# -# The listed IP address and port normally reported by a replica is -# obtained in the following way: -# -# IP: The address is auto detected by checking the peer address -# of the socket used by the replica to connect with the master. -# -# Port: The port is communicated by the replica during the replication -# handshake, and is normally the port that the replica is using to -# listen for connections. -# -# However when port forwarding or Network Address Translation (NAT) is -# used, the replica may actually be reachable via different IP and port -# pairs. The following two options can be used by a replica in order to -# report to its master a specific set of IP and port, so that both INFO -# and ROLE will report those values. -# -# There is no need to use both the options if you need to override just -# the port or the IP address. -# -# replica-announce-ip 5.5.5.5 -# replica-announce-port 1234 - -############################### KEYS TRACKING ################################# - -# Redis implements server assisted support for client side caching of values. -# This is implemented using an invalidation table that remembers, using -# a radix key indexed by key name, what clients have which keys. In turn -# this is used in order to send invalidation messages to clients. Please -# check this page to understand more about the feature: -# -# https://redis.io/topics/client-side-caching -# -# When tracking is enabled for a client, all the read only queries are assumed -# to be cached: this will force Redis to store information in the invalidation -# table. When keys are modified, such information is flushed away, and -# invalidation messages are sent to the clients. However if the workload is -# heavily dominated by reads, Redis could use more and more memory in order -# to track the keys fetched by many clients. -# -# For this reason it is possible to configure a maximum fill value for the -# invalidation table. By default it is set to 1M of keys, and once this limit -# is reached, Redis will start to evict keys in the invalidation table -# even if they were not modified, just to reclaim memory: this will in turn -# force the clients to invalidate the cached values. Basically the table -# maximum size is a trade off between the memory you want to spend server -# side to track information about who cached what, and the ability of clients -# to retain cached objects in memory. -# -# If you set the value to 0, it means there are no limits, and Redis will -# retain as many keys as needed in the invalidation table. -# In the "stats" INFO section, you can find information about the number of -# keys in the invalidation table at every given moment. -# -# Note: when key tracking is used in broadcasting mode, no memory is used -# in the server side so this setting is useless. -# -# tracking-table-max-keys 1000000 - -################################## SECURITY ################################### - -# Warning: since Redis is pretty fast, an outside user can try up to -# 1 million passwords per second against a modern box. This means that you -# should use very strong passwords, otherwise they will be very easy to break. -# Note that because the password is really a shared secret between the client -# and the server, and should not be memorized by any human, the password -# can be easily a long string from /dev/urandom or whatever, so by using a -# long and unguessable password no brute force attack will be possible. - -# Redis ACL users are defined in the following format: -# -# user ... acl rules ... -# -# For example: -# -# user worker +@list +@connection ~jobs:* on >ffa9203c493aa99 -# -# The special username "default" is used for new connections. If this user -# has the "nopass" rule, then new connections will be immediately authenticated -# as the "default" user without the need of any password provided via the -# AUTH command. Otherwise if the "default" user is not flagged with "nopass" -# the connections will start in not authenticated state, and will require -# AUTH (or the HELLO command AUTH option) in order to be authenticated and -# start to work. -# -# The ACL rules that describe what a user can do are the following: -# -# on Enable the user: it is possible to authenticate as this user. -# off Disable the user: it's no longer possible to authenticate -# with this user, however the already authenticated connections -# will still work. -# skip-sanitize-payload RESTORE dump-payload sanitation is skipped. -# sanitize-payload RESTORE dump-payload is sanitized (default). -# + Allow the execution of that command -# - Disallow the execution of that command -# +@ Allow the execution of all the commands in such category -# with valid categories are like @admin, @set, @sortedset, ... -# and so forth, see the full list in the server.c file where -# the Redis command table is described and defined. -# The special category @all means all the commands, but currently -# present in the server, and that will be loaded in the future -# via modules. -# +|subcommand Allow a specific subcommand of an otherwise -# disabled command. Note that this form is not -# allowed as negative like -DEBUG|SEGFAULT, but -# only additive starting with "+". -# allcommands Alias for +@all. Note that it implies the ability to execute -# all the future commands loaded via the modules system. -# nocommands Alias for -@all. -# ~ Add a pattern of keys that can be mentioned as part of -# commands. For instance ~* allows all the keys. The pattern -# is a glob-style pattern like the one of KEYS. -# It is possible to specify multiple patterns. -# allkeys Alias for ~* -# resetkeys Flush the list of allowed keys patterns. -# & Add a glob-style pattern of Pub/Sub channels that can be -# accessed by the user. It is possible to specify multiple channel -# patterns. -# allchannels Alias for &* -# resetchannels Flush the list of allowed channel patterns. -# > Add this password to the list of valid password for the user. -# For example >mypass will add "mypass" to the list. -# This directive clears the "nopass" flag (see later). -# < Remove this password from the list of valid passwords. -# nopass All the set passwords of the user are removed, and the user -# is flagged as requiring no password: it means that every -# password will work against this user. If this directive is -# used for the default user, every new connection will be -# immediately authenticated with the default user without -# any explicit AUTH command required. Note that the "resetpass" -# directive will clear this condition. -# resetpass Flush the list of allowed passwords. Moreover removes the -# "nopass" status. After "resetpass" the user has no associated -# passwords and there is no way to authenticate without adding -# some password (or setting it as "nopass" later). -# reset Performs the following actions: resetpass, resetkeys, off, -# -@all. The user returns to the same state it has immediately -# after its creation. -# -# ACL rules can be specified in any order: for instance you can start with -# passwords, then flags, or key patterns. However note that the additive -# and subtractive rules will CHANGE MEANING depending on the ordering. -# For instance see the following example: -# -# user alice on +@all -DEBUG ~* >somepassword -# -# This will allow "alice" to use all the commands with the exception of the -# DEBUG command, since +@all added all the commands to the set of the commands -# alice can use, and later DEBUG was removed. However if we invert the order -# of two ACL rules the result will be different: -# -# user alice on -DEBUG +@all ~* >somepassword -# -# Now DEBUG was removed when alice had yet no commands in the set of allowed -# commands, later all the commands are added, so the user will be able to -# execute everything. -# -# Basically ACL rules are processed left-to-right. -# -# For more information about ACL configuration please refer to -# the Redis web site at https://redis.io/topics/acl - -# ACL LOG -# -# The ACL Log tracks failed commands and authentication events associated -# with ACLs. The ACL Log is useful to troubleshoot failed commands blocked -# by ACLs. The ACL Log is stored in memory. You can reclaim memory with -# ACL LOG RESET. Define the maximum entry length of the ACL Log below. -acllog-max-len 128 - -# Using an external ACL file -# -# Instead of configuring users here in this file, it is possible to use -# a stand-alone file just listing users. The two methods cannot be mixed: -# if you configure users here and at the same time you activate the external -# ACL file, the server will refuse to start. -# -# The format of the external ACL user file is exactly the same as the -# format that is used inside redis.conf to describe users. -# -# aclfile /etc/redis/users.acl - -# IMPORTANT NOTE: starting with Redis 6 "requirepass" is just a compatibility -# layer on top of the new ACL system. The option effect will be just setting -# the password for the default user. Clients will still authenticate using -# AUTH as usually, or more explicitly with AUTH default -# if they follow the new protocol: both will work. -# -# The requirepass is not compatable with aclfile option and the ACL LOAD -# command, these will cause requirepass to be ignored. -# -# requirepass foobared - -# New users are initialized with restrictive permissions by default, via the -# equivalent of this ACL rule 'off resetkeys -@all'. Starting with Redis 6.2, it -# is possible to manage access to Pub/Sub channels with ACL rules as well. The -# default Pub/Sub channels permission if new users is controlled by the -# acl-pubsub-default configuration directive, which accepts one of these values: -# -# allchannels: grants access to all Pub/Sub channels -# resetchannels: revokes access to all Pub/Sub channels -# -# To ensure backward compatibility while upgrading Redis 6.0, acl-pubsub-default -# defaults to the 'allchannels' permission. -# -# Future compatibility note: it is very likely that in a future version of Redis -# the directive's default of 'allchannels' will be changed to 'resetchannels' in -# order to provide better out-of-the-box Pub/Sub security. Therefore, it is -# recommended that you explicitly define Pub/Sub permissions for all users -# rather then rely on implicit default values. Once you've set explicit -# Pub/Sub for all existing users, you should uncomment the following line. -# -# acl-pubsub-default resetchannels - -# Command renaming (DEPRECATED). -# -# ------------------------------------------------------------------------ -# WARNING: avoid using this option if possible. Instead use ACLs to remove -# commands from the default user, and put them only in some admin user you -# create for administrative purposes. -# ------------------------------------------------------------------------ -# -# It is possible to change the name of dangerous commands in a shared -# environment. For instance the CONFIG command may be renamed into something -# hard to guess so that it will still be available for internal-use tools -# but not available for general clients. -# -# Example: -# -# rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52 -# -# It is also possible to completely kill a command by renaming it into -# an empty string: -# -# rename-command CONFIG "" -# -# Please note that changing the name of commands that are logged into the -# AOF file or transmitted to replicas may cause problems. - -################################### CLIENTS #################################### - -# Set the max number of connected clients at the same time. By default -# this limit is set to 10000 clients, however if the Redis server is not -# able to configure the process file limit to allow for the specified limit -# the max number of allowed clients is set to the current file limit -# minus 32 (as Redis reserves a few file descriptors for internal uses). -# -# Once the limit is reached Redis will close all the new connections sending -# an error 'max number of clients reached'. -# -# IMPORTANT: When Redis Cluster is used, the max number of connections is also -# shared with the cluster bus: every node in the cluster will use two -# connections, one incoming and another outgoing. It is important to size the -# limit accordingly in case of very large clusters. -# -# maxclients 10000 - -############################## MEMORY MANAGEMENT ################################ - -# Set a memory usage limit to the specified amount of bytes. -# When the memory limit is reached Redis will try to remove keys -# according to the eviction policy selected (see maxmemory-policy). -# -# If Redis can't remove keys according to the policy, or if the policy is -# set to 'noeviction', Redis will start to reply with errors to commands -# that would use more memory, like SET, LPUSH, and so on, and will continue -# to reply to read-only commands like GET. -# -# This option is usually useful when using Redis as an LRU or LFU cache, or to -# set a hard memory limit for an instance (using the 'noeviction' policy). -# -# WARNING: If you have replicas attached to an instance with maxmemory on, -# the size of the output buffers needed to feed the replicas are subtracted -# from the used memory count, so that network problems / resyncs will -# not trigger a loop where keys are evicted, and in turn the output -# buffer of replicas is full with DELs of keys evicted triggering the deletion -# of more keys, and so forth until the database is completely emptied. -# -# In short... if you have replicas attached it is suggested that you set a lower -# limit for maxmemory so that there is some free RAM on the system for replica -# output buffers (but this is not needed if the policy is 'noeviction'). -# -# maxmemory - -# MAXMEMORY POLICY: how Redis will select what to remove when maxmemory -# is reached. You can select one from the following behaviors: -# -# volatile-lru -> Evict using approximated LRU, only keys with an expire set. -# allkeys-lru -> Evict any key using approximated LRU. -# volatile-lfu -> Evict using approximated LFU, only keys with an expire set. -# allkeys-lfu -> Evict any key using approximated LFU. -# volatile-random -> Remove a random key having an expire set. -# allkeys-random -> Remove a random key, any key. -# volatile-ttl -> Remove the key with the nearest expire time (minor TTL) -# noeviction -> Don't evict anything, just return an error on write operations. -# -# LRU means Least Recently Used -# LFU means Least Frequently Used -# -# Both LRU, LFU and volatile-ttl are implemented using approximated -# randomized algorithms. -# -# Note: with any of the above policies, when there are no suitable keys for -# eviction, Redis will return an error on write operations that require -# more memory. These are usually commands that create new keys, add data or -# modify existing keys. A few examples are: SET, INCR, HSET, LPUSH, SUNIONSTORE, -# SORT (due to the STORE argument), and EXEC (if the transaction includes any -# command that requires memory). -# -# The default is: -# -# maxmemory-policy noeviction - -# LRU, LFU and minimal TTL algorithms are not precise algorithms but approximated -# algorithms (in order to save memory), so you can tune it for speed or -# accuracy. By default Redis will check five keys and pick the one that was -# used least recently, you can change the sample size using the following -# configuration directive. -# -# The default of 5 produces good enough results. 10 Approximates very closely -# true LRU but costs more CPU. 3 is faster but not very accurate. -# -# maxmemory-samples 5 - -# Eviction processing is designed to function well with the default setting. -# If there is an unusually large amount of write traffic, this value may need to -# be increased. Decreasing this value may reduce latency at the risk of -# eviction processing effectiveness -# 0 = minimum latency, 10 = default, 100 = process without regard to latency -# -# maxmemory-eviction-tenacity 10 - -# Starting from Redis 5, by default a replica will ignore its maxmemory setting -# (unless it is promoted to master after a failover or manually). It means -# that the eviction of keys will be just handled by the master, sending the -# DEL commands to the replica as keys evict in the master side. -# -# This behavior ensures that masters and replicas stay consistent, and is usually -# what you want, however if your replica is writable, or you want the replica -# to have a different memory setting, and you are sure all the writes performed -# to the replica are idempotent, then you may change this default (but be sure -# to understand what you are doing). -# -# Note that since the replica by default does not evict, it may end using more -# memory than the one set via maxmemory (there are certain buffers that may -# be larger on the replica, or data structures may sometimes take more memory -# and so forth). So make sure you monitor your replicas and make sure they -# have enough memory to never hit a real out-of-memory condition before the -# master hits the configured maxmemory setting. -# -# replica-ignore-maxmemory yes - -# Redis reclaims expired keys in two ways: upon access when those keys are -# found to be expired, and also in background, in what is called the -# "active expire key". The key space is slowly and interactively scanned -# looking for expired keys to reclaim, so that it is possible to free memory -# of keys that are expired and will never be accessed again in a short time. -# -# The default effort of the expire cycle will try to avoid having more than -# ten percent of expired keys still in memory, and will try to avoid consuming -# more than 25% of total memory and to add latency to the system. However -# it is possible to increase the expire "effort" that is normally set to -# "1", to a greater value, up to the value "10". At its maximum value the -# system will use more CPU, longer cycles (and technically may introduce -# more latency), and will tolerate less already expired keys still present -# in the system. It's a tradeoff between memory, CPU and latency. -# -# active-expire-effort 1 - -############################# LAZY FREEING #################################### - -# Redis has two primitives to delete keys. One is called DEL and is a blocking -# deletion of the object. It means that the server stops processing new commands -# in order to reclaim all the memory associated with an object in a synchronous -# way. If the key deleted is associated with a small object, the time needed -# in order to execute the DEL command is very small and comparable to most other -# O(1) or O(log_N) commands in Redis. However if the key is associated with an -# aggregated value containing millions of elements, the server can block for -# a long time (even seconds) in order to complete the operation. -# -# For the above reasons Redis also offers non blocking deletion primitives -# such as UNLINK (non blocking DEL) and the ASYNC option of FLUSHALL and -# FLUSHDB commands, in order to reclaim memory in background. Those commands -# are executed in constant time. Another thread will incrementally free the -# object in the background as fast as possible. -# -# DEL, UNLINK and ASYNC option of FLUSHALL and FLUSHDB are user-controlled. -# It's up to the design of the application to understand when it is a good -# idea to use one or the other. However the Redis server sometimes has to -# delete keys or flush the whole database as a side effect of other operations. -# Specifically Redis deletes objects independently of a user call in the -# following scenarios: -# -# 1) On eviction, because of the maxmemory and maxmemory policy configurations, -# in order to make room for new data, without going over the specified -# memory limit. -# 2) Because of expire: when a key with an associated time to live (see the -# EXPIRE command) must be deleted from memory. -# 3) Because of a side effect of a command that stores data on a key that may -# already exist. For example the RENAME command may delete the old key -# content when it is replaced with another one. Similarly SUNIONSTORE -# or SORT with STORE option may delete existing keys. The SET command -# itself removes any old content of the specified key in order to replace -# it with the specified string. -# 4) During replication, when a replica performs a full resynchronization with -# its master, the content of the whole database is removed in order to -# load the RDB file just transferred. -# -# In all the above cases the default is to delete objects in a blocking way, -# like if DEL was called. However you can configure each case specifically -# in order to instead release memory in a non-blocking way like if UNLINK -# was called, using the following configuration directives. - -lazyfree-lazy-eviction no -lazyfree-lazy-expire no -lazyfree-lazy-server-del no -replica-lazy-flush no - -# It is also possible, for the case when to replace the user code DEL calls -# with UNLINK calls is not easy, to modify the default behavior of the DEL -# command to act exactly like UNLINK, using the following configuration -# directive: - -lazyfree-lazy-user-del no - -# FLUSHDB, FLUSHALL, and SCRIPT FLUSH support both asynchronous and synchronous -# deletion, which can be controlled by passing the [SYNC|ASYNC] flags into the -# commands. When neither flag is passed, this directive will be used to determine -# if the data should be deleted asynchronously. - -lazyfree-lazy-user-flush no - -################################ THREADED I/O ################################# - -# Redis is mostly single threaded, however there are certain threaded -# operations such as UNLINK, slow I/O accesses and other things that are -# performed on side threads. -# -# Now it is also possible to handle Redis clients socket reads and writes -# in different I/O threads. Since especially writing is so slow, normally -# Redis users use pipelining in order to speed up the Redis performances per -# core, and spawn multiple instances in order to scale more. Using I/O -# threads it is possible to easily speedup two times Redis without resorting -# to pipelining nor sharding of the instance. -# -# By default threading is disabled, we suggest enabling it only in machines -# that have at least 4 or more cores, leaving at least one spare core. -# Using more than 8 threads is unlikely to help much. We also recommend using -# threaded I/O only if you actually have performance problems, with Redis -# instances being able to use a quite big percentage of CPU time, otherwise -# there is no point in using this feature. -# -# So for instance if you have a four cores boxes, try to use 2 or 3 I/O -# threads, if you have a 8 cores, try to use 6 threads. In order to -# enable I/O threads use the following configuration directive: -# -# io-threads 4 -# -# Setting io-threads to 1 will just use the main thread as usual. -# When I/O threads are enabled, we only use threads for writes, that is -# to thread the write(2) syscall and transfer the client buffers to the -# socket. However it is also possible to enable threading of reads and -# protocol parsing using the following configuration directive, by setting -# it to yes: -# -# io-threads-do-reads no -# -# Usually threading reads doesn't help much. -# -# NOTE 1: This configuration directive cannot be changed at runtime via -# CONFIG SET. Aso this feature currently does not work when SSL is -# enabled. -# -# NOTE 2: If you want to test the Redis speedup using redis-benchmark, make -# sure you also run the benchmark itself in threaded mode, using the -# --threads option to match the number of Redis threads, otherwise you'll not -# be able to notice the improvements. - -############################ KERNEL OOM CONTROL ############################## - -# On Linux, it is possible to hint the kernel OOM killer on what processes -# should be killed first when out of memory. -# -# Enabling this feature makes Redis actively control the oom_score_adj value -# for all its processes, depending on their role. The default scores will -# attempt to have background child processes killed before all others, and -# replicas killed before masters. -# -# Redis supports three options: -# -# no: Don't make changes to oom-score-adj (default). -# yes: Alias to "relative" see below. -# absolute: Values in oom-score-adj-values are written as is to the kernel. -# relative: Values are used relative to the initial value of oom_score_adj when -# the server starts and are then clamped to a range of -1000 to 1000. -# Because typically the initial value is 0, they will often match the -# absolute values. -oom-score-adj no - -# When oom-score-adj is used, this directive controls the specific values used -# for master, replica and background child processes. Values range -2000 to -# 2000 (higher means more likely to be killed). -# -# Unprivileged processes (not root, and without CAP_SYS_RESOURCE capabilities) -# can freely increase their value, but not decrease it below its initial -# settings. This means that setting oom-score-adj to "relative" and setting the -# oom-score-adj-values to positive values will always succeed. -oom-score-adj-values 0 200 800 - - -#################### KERNEL transparent hugepage CONTROL ###################### - -# Usually the kernel Transparent Huge Pages control is set to "madvise" or -# or "never" by default (/sys/kernel/mm/transparent_hugepage/enabled), in which -# case this config has no effect. On systems in which it is set to "always", -# redis will attempt to disable it specifically for the redis process in order -# to avoid latency problems specifically with fork(2) and CoW. -# If for some reason you prefer to keep it enabled, you can set this config to -# "no" and the kernel global to "always". - -disable-thp yes - -############################## APPEND ONLY MODE ############################### - -# By default Redis asynchronously dumps the dataset on disk. This mode is -# good enough in many applications, but an issue with the Redis process or -# a power outage may result into a few minutes of writes lost (depending on -# the configured save points). -# -# The Append Only File is an alternative persistence mode that provides -# much better durability. For instance using the default data fsync policy -# (see later in the config file) Redis can lose just one second of writes in a -# dramatic event like a server power outage, or a single write if something -# wrong with the Redis process itself happens, but the operating system is -# still running correctly. -# -# AOF and RDB persistence can be enabled at the same time without problems. -# If the AOF is enabled on startup Redis will load the AOF, that is the file -# with the better durability guarantees. -# -# Please check https://redis.io/topics/persistence for more information. - -appendonly no - -# The name of the append only file (default: "appendonly.aof") - -appendfilename "appendonly.aof" - -# The fsync() call tells the Operating System to actually write data on disk -# instead of waiting for more data in the output buffer. Some OS will really flush -# data on disk, some other OS will just try to do it ASAP. -# -# Redis supports three different modes: -# -# no: don't fsync, just let the OS flush the data when it wants. Faster. -# always: fsync after every write to the append only log. Slow, Safest. -# everysec: fsync only one time every second. Compromise. -# -# The default is "everysec", as that's usually the right compromise between -# speed and data safety. It's up to you to understand if you can relax this to -# "no" that will let the operating system flush the output buffer when -# it wants, for better performances (but if you can live with the idea of -# some data loss consider the default persistence mode that's snapshotting), -# or on the contrary, use "always" that's very slow but a bit safer than -# everysec. -# -# More details please check the following article: -# http://antirez.com/post/redis-persistence-demystified.html -# -# If unsure, use "everysec". - -# appendfsync always -appendfsync everysec -# appendfsync no - -# When the AOF fsync policy is set to always or everysec, and a background -# saving process (a background save or AOF log background rewriting) is -# performing a lot of I/O against the disk, in some Linux configurations -# Redis may block too long on the fsync() call. Note that there is no fix for -# this currently, as even performing fsync in a different thread will block -# our synchronous write(2) call. -# -# In order to mitigate this problem it's possible to use the following option -# that will prevent fsync() from being called in the main process while a -# BGSAVE or BGREWRITEAOF is in progress. -# -# This means that while another child is saving, the durability of Redis is -# the same as "appendfsync none". In practical terms, this means that it is -# possible to lose up to 30 seconds of log in the worst scenario (with the -# default Linux settings). -# -# If you have latency problems turn this to "yes". Otherwise leave it as -# "no" that is the safest pick from the point of view of durability. - -no-appendfsync-on-rewrite no - -# Automatic rewrite of the append only file. -# Redis is able to automatically rewrite the log file implicitly calling -# BGREWRITEAOF when the AOF log size grows by the specified percentage. -# -# This is how it works: Redis remembers the size of the AOF file after the -# latest rewrite (if no rewrite has happened since the restart, the size of -# the AOF at startup is used). -# -# This base size is compared to the current size. If the current size is -# bigger than the specified percentage, the rewrite is triggered. Also -# you need to specify a minimal size for the AOF file to be rewritten, this -# is useful to avoid rewriting the AOF file even if the percentage increase -# is reached but it is still pretty small. -# -# Specify a percentage of zero in order to disable the automatic AOF -# rewrite feature. - -auto-aof-rewrite-percentage 100 -auto-aof-rewrite-min-size 64mb - -# An AOF file may be found to be truncated at the end during the Redis -# startup process, when the AOF data gets loaded back into memory. -# This may happen when the system where Redis is running -# crashes, especially when an ext4 filesystem is mounted without the -# data=ordered option (however this can't happen when Redis itself -# crashes or aborts but the operating system still works correctly). -# -# Redis can either exit with an error when this happens, or load as much -# data as possible (the default now) and start if the AOF file is found -# to be truncated at the end. The following option controls this behavior. -# -# If aof-load-truncated is set to yes, a truncated AOF file is loaded and -# the Redis server starts emitting a log to inform the user of the event. -# Otherwise if the option is set to no, the server aborts with an error -# and refuses to start. When the option is set to no, the user requires -# to fix the AOF file using the "redis-check-aof" utility before to restart -# the server. -# -# Note that if the AOF file will be found to be corrupted in the middle -# the server will still exit with an error. This option only applies when -# Redis will try to read more data from the AOF file but not enough bytes -# will be found. -aof-load-truncated yes - -# When rewriting the AOF file, Redis is able to use an RDB preamble in the -# AOF file for faster rewrites and recoveries. When this option is turned -# on the rewritten AOF file is composed of two different stanzas: -# -# [RDB file][AOF tail] -# -# When loading, Redis recognizes that the AOF file starts with the "REDIS" -# string and loads the prefixed RDB file, then continues loading the AOF -# tail. -aof-use-rdb-preamble yes - -################################ LUA SCRIPTING ############################### - -# Max execution time of a Lua script in milliseconds. -# -# If the maximum execution time is reached Redis will log that a script is -# still in execution after the maximum allowed time and will start to -# reply to queries with an error. -# -# When a long running script exceeds the maximum execution time only the -# SCRIPT KILL and SHUTDOWN NOSAVE commands are available. The first can be -# used to stop a script that did not yet call any write commands. The second -# is the only way to shut down the server in the case a write command was -# already issued by the script but the user doesn't want to wait for the natural -# termination of the script. -# -# Set it to 0 or a negative value for unlimited execution without warnings. -lua-time-limit 5000 - -################################ REDIS CLUSTER ############################### - -# Normal Redis instances can't be part of a Redis Cluster; only nodes that are -# started as cluster nodes can. In order to start a Redis instance as a -# cluster node enable the cluster support uncommenting the following: -# -# cluster-enabled yes - -# Every cluster node has a cluster configuration file. This file is not -# intended to be edited by hand. It is created and updated by Redis nodes. -# Every Redis Cluster node requires a different cluster configuration file. -# Make sure that instances running in the same system do not have -# overlapping cluster configuration file names. -# -# cluster-config-file nodes-6379.conf - -# Cluster node timeout is the amount of milliseconds a node must be unreachable -# for it to be considered in failure state. -# Most other internal time limits are a multiple of the node timeout. -# -# cluster-node-timeout 15000 - -# A replica of a failing master will avoid to start a failover if its data -# looks too old. -# -# There is no simple way for a replica to actually have an exact measure of -# its "data age", so the following two checks are performed: -# -# 1) If there are multiple replicas able to failover, they exchange messages -# in order to try to give an advantage to the replica with the best -# replication offset (more data from the master processed). -# Replicas will try to get their rank by offset, and apply to the start -# of the failover a delay proportional to their rank. -# -# 2) Every single replica computes the time of the last interaction with -# its master. This can be the last ping or command received (if the master -# is still in the "connected" state), or the time that elapsed since the -# disconnection with the master (if the replication link is currently down). -# If the last interaction is too old, the replica will not try to failover -# at all. -# -# The point "2" can be tuned by user. Specifically a replica will not perform -# the failover if, since the last interaction with the master, the time -# elapsed is greater than: -# -# (node-timeout * cluster-replica-validity-factor) + repl-ping-replica-period -# -# So for example if node-timeout is 30 seconds, and the cluster-replica-validity-factor -# is 10, and assuming a default repl-ping-replica-period of 10 seconds, the -# replica will not try to failover if it was not able to talk with the master -# for longer than 310 seconds. -# -# A large cluster-replica-validity-factor may allow replicas with too old data to failover -# a master, while a too small value may prevent the cluster from being able to -# elect a replica at all. -# -# For maximum availability, it is possible to set the cluster-replica-validity-factor -# to a value of 0, which means, that replicas will always try to failover the -# master regardless of the last time they interacted with the master. -# (However they'll always try to apply a delay proportional to their -# offset rank). -# -# Zero is the only value able to guarantee that when all the partitions heal -# the cluster will always be able to continue. -# -# cluster-replica-validity-factor 10 - -# Cluster replicas are able to migrate to orphaned masters, that are masters -# that are left without working replicas. This improves the cluster ability -# to resist to failures as otherwise an orphaned master can't be failed over -# in case of failure if it has no working replicas. -# -# Replicas migrate to orphaned masters only if there are still at least a -# given number of other working replicas for their old master. This number -# is the "migration barrier". A migration barrier of 1 means that a replica -# will migrate only if there is at least 1 other working replica for its master -# and so forth. It usually reflects the number of replicas you want for every -# master in your cluster. -# -# Default is 1 (replicas migrate only if their masters remain with at least -# one replica). To disable migration just set it to a very large value or -# set cluster-allow-replica-migration to 'no'. -# A value of 0 can be set but is useful only for debugging and dangerous -# in production. -# -# cluster-migration-barrier 1 - -# Turning off this option allows to use less automatic cluster configuration. -# It both disables migration to orphaned masters and migration from masters -# that became empty. -# -# Default is 'yes' (allow automatic migrations). -# -# cluster-allow-replica-migration yes - -# By default Redis Cluster nodes stop accepting queries if they detect there -# is at least a hash slot uncovered (no available node is serving it). -# This way if the cluster is partially down (for example a range of hash slots -# are no longer covered) all the cluster becomes, eventually, unavailable. -# It automatically returns available as soon as all the slots are covered again. -# -# However sometimes you want the subset of the cluster which is working, -# to continue to accept queries for the part of the key space that is still -# covered. In order to do so, just set the cluster-require-full-coverage -# option to no. -# -# cluster-require-full-coverage yes - -# This option, when set to yes, prevents replicas from trying to failover its -# master during master failures. However the replica can still perform a -# manual failover, if forced to do so. -# -# This is useful in different scenarios, especially in the case of multiple -# data center operations, where we want one side to never be promoted if not -# in the case of a total DC failure. -# -# cluster-replica-no-failover no - -# This option, when set to yes, allows nodes to serve read traffic while the -# the cluster is in a down state, as long as it believes it owns the slots. -# -# This is useful for two cases. The first case is for when an application -# doesn't require consistency of data during node failures or network partitions. -# One example of this is a cache, where as long as the node has the data it -# should be able to serve it. -# -# The second use case is for configurations that don't meet the recommended -# three shards but want to enable cluster mode and scale later. A -# master outage in a 1 or 2 shard configuration causes a read/write outage to the -# entire cluster without this option set, with it set there is only a write outage. -# Without a quorum of masters, slot ownership will not change automatically. -# -# cluster-allow-reads-when-down no - -# In order to setup your cluster make sure to read the documentation -# available at https://redis.io web site. - -########################## CLUSTER DOCKER/NAT support ######################## - -# In certain deployments, Redis Cluster nodes address discovery fails, because -# addresses are NAT-ted or because ports are forwarded (the typical case is -# Docker and other containers). -# -# In order to make Redis Cluster working in such environments, a static -# configuration where each node knows its public address is needed. The -# following four options are used for this scope, and are: -# -# * cluster-announce-ip -# * cluster-announce-port -# * cluster-announce-tls-port -# * cluster-announce-bus-port -# -# Each instructs the node about its address, client ports (for connections -# without and with TLS) and cluster message bus port. The information is then -# published in the header of the bus packets so that other nodes will be able to -# correctly map the address of the node publishing the information. -# -# If cluster-tls is set to yes and cluster-announce-tls-port is omitted or set -# to zero, then cluster-announce-port refers to the TLS port. Note also that -# cluster-announce-tls-port has no effect if cluster-tls is set to no. -# -# If the above options are not used, the normal Redis Cluster auto-detection -# will be used instead. -# -# Note that when remapped, the bus port may not be at the fixed offset of -# clients port + 10000, so you can specify any port and bus-port depending -# on how they get remapped. If the bus-port is not set, a fixed offset of -# 10000 will be used as usual. -# -# Example: -# -# cluster-announce-ip 10.1.1.5 -# cluster-announce-tls-port 6379 -# cluster-announce-port 0 -# cluster-announce-bus-port 6380 - -################################## SLOW LOG ################################### - -# The Redis Slow Log is a system to log queries that exceeded a specified -# execution time. The execution time does not include the I/O operations -# like talking with the client, sending the reply and so forth, -# but just the time needed to actually execute the command (this is the only -# stage of command execution where the thread is blocked and can not serve -# other requests in the meantime). -# -# You can configure the slow log with two parameters: one tells Redis -# what is the execution time, in microseconds, to exceed in order for the -# command to get logged, and the other parameter is the length of the -# slow log. When a new command is logged the oldest one is removed from the -# queue of logged commands. - -# The following time is expressed in microseconds, so 1000000 is equivalent -# to one second. Note that a negative number disables the slow log, while -# a value of zero forces the logging of every command. -slowlog-log-slower-than 10000 - -# There is no limit to this length. Just be aware that it will consume memory. -# You can reclaim memory used by the slow log with SLOWLOG RESET. -slowlog-max-len 128 - -################################ LATENCY MONITOR ############################## - -# The Redis latency monitoring subsystem samples different operations -# at runtime in order to collect data related to possible sources of -# latency of a Redis instance. -# -# Via the LATENCY command this information is available to the user that can -# print graphs and obtain reports. -# -# The system only logs operations that were performed in a time equal or -# greater than the amount of milliseconds specified via the -# latency-monitor-threshold configuration directive. When its value is set -# to zero, the latency monitor is turned off. -# -# By default latency monitoring is disabled since it is mostly not needed -# if you don't have latency issues, and collecting data has a performance -# impact, that while very small, can be measured under big load. Latency -# monitoring can easily be enabled at runtime using the command -# "CONFIG SET latency-monitor-threshold " if needed. -latency-monitor-threshold 0 - -############################# EVENT NOTIFICATION ############################## - -# Redis can notify Pub/Sub clients about events happening in the key space. -# This feature is documented at https://redis.io/topics/notifications -# -# For instance if keyspace events notification is enabled, and a client -# performs a DEL operation on key "foo" stored in the Database 0, two -# messages will be published via Pub/Sub: -# -# PUBLISH __keyspace@0__:foo del -# PUBLISH __keyevent@0__:del foo -# -# It is possible to select the events that Redis will notify among a set -# of classes. Every class is identified by a single character: -# -# K Keyspace events, published with __keyspace@__ prefix. -# E Keyevent events, published with __keyevent@__ prefix. -# g Generic commands (non-type specific) like DEL, EXPIRE, RENAME, ... -# $ String commands -# l List commands -# s Set commands -# h Hash commands -# z Sorted set commands -# x Expired events (events generated every time a key expires) -# e Evicted events (events generated when a key is evicted for maxmemory) -# t Stream commands -# d Module key type events -# m Key-miss events (Note: It is not included in the 'A' class) -# A Alias for g$lshzxetd, so that the "AKE" string means all the events -# (Except key-miss events which are excluded from 'A' due to their -# unique nature). -# -# The "notify-keyspace-events" takes as argument a string that is composed -# of zero or multiple characters. The empty string means that notifications -# are disabled. -# -# Example: to enable list and generic events, from the point of view of the -# event name, use: -# -# notify-keyspace-events Elg -# -# Example 2: to get the stream of the expired keys subscribing to channel -# name __keyevent@0__:expired use: -# -# notify-keyspace-events Ex -# -# By default all notifications are disabled because most users don't need -# this feature and the feature has some overhead. Note that if you don't -# specify at least one of K or E, no events will be delivered. -notify-keyspace-events "" - -############################### GOPHER SERVER ################################# - -# Redis contains an implementation of the Gopher protocol, as specified in -# the RFC 1436 (https://www.ietf.org/rfc/rfc1436.txt). -# -# The Gopher protocol was very popular in the late '90s. It is an alternative -# to the web, and the implementation both server and client side is so simple -# that the Redis server has just 100 lines of code in order to implement this -# support. -# -# What do you do with Gopher nowadays? Well Gopher never *really* died, and -# lately there is a movement in order for the Gopher more hierarchical content -# composed of just plain text documents to be resurrected. Some want a simpler -# internet, others believe that the mainstream internet became too much -# controlled, and it's cool to create an alternative space for people that -# want a bit of fresh air. -# -# Anyway for the 10nth birthday of the Redis, we gave it the Gopher protocol -# as a gift. -# -# --- HOW IT WORKS? --- -# -# The Redis Gopher support uses the inline protocol of Redis, and specifically -# two kind of inline requests that were anyway illegal: an empty request -# or any request that starts with "/" (there are no Redis commands starting -# with such a slash). Normal RESP2/RESP3 requests are completely out of the -# path of the Gopher protocol implementation and are served as usual as well. -# -# If you open a connection to Redis when Gopher is enabled and send it -# a string like "/foo", if there is a key named "/foo" it is served via the -# Gopher protocol. -# -# In order to create a real Gopher "hole" (the name of a Gopher site in Gopher -# talking), you likely need a script like the following: -# -# https://github.com/antirez/gopher2redis -# -# --- SECURITY WARNING --- -# -# If you plan to put Redis on the internet in a publicly accessible address -# to server Gopher pages MAKE SURE TO SET A PASSWORD to the instance. -# Once a password is set: -# -# 1. The Gopher server (when enabled, not by default) will still serve -# content via Gopher. -# 2. However other commands cannot be called before the client will -# authenticate. -# -# So use the 'requirepass' option to protect your instance. -# -# Note that Gopher is not currently supported when 'io-threads-do-reads' -# is enabled. -# -# To enable Gopher support, uncomment the following line and set the option -# from no (the default) to yes. -# -# gopher-enabled no - -############################### ADVANCED CONFIG ############################### - -# Hashes are encoded using a memory efficient data structure when they have a -# small number of entries, and the biggest entry does not exceed a given -# threshold. These thresholds can be configured using the following directives. -hash-max-ziplist-entries 512 -hash-max-ziplist-value 64 - -# Lists are also encoded in a special way to save a lot of space. -# The number of entries allowed per internal list node can be specified -# as a fixed maximum size or a maximum number of elements. -# For a fixed maximum size, use -5 through -1, meaning: -# -5: max size: 64 Kb <-- not recommended for normal workloads -# -4: max size: 32 Kb <-- not recommended -# -3: max size: 16 Kb <-- probably not recommended -# -2: max size: 8 Kb <-- good -# -1: max size: 4 Kb <-- good -# Positive numbers mean store up to _exactly_ that number of elements -# per list node. -# The highest performing option is usually -2 (8 Kb size) or -1 (4 Kb size), -# but if your use case is unique, adjust the settings as necessary. -list-max-ziplist-size -2 - -# Lists may also be compressed. -# Compress depth is the number of quicklist ziplist nodes from *each* side of -# the list to *exclude* from compression. The head and tail of the list -# are always uncompressed for fast push/pop operations. Settings are: -# 0: disable all list compression -# 1: depth 1 means "don't start compressing until after 1 node into the list, -# going from either the head or tail" -# So: [head]->node->node->...->node->[tail] -# [head], [tail] will always be uncompressed; inner nodes will compress. -# 2: [head]->[next]->node->node->...->node->[prev]->[tail] -# 2 here means: don't compress head or head->next or tail->prev or tail, -# but compress all nodes between them. -# 3: [head]->[next]->[next]->node->node->...->node->[prev]->[prev]->[tail] -# etc. -list-compress-depth 0 - -# Sets have a special encoding in just one case: when a set is composed -# of just strings that happen to be integers in radix 10 in the range -# of 64 bit signed integers. -# The following configuration setting sets the limit in the size of the -# set in order to use this special memory saving encoding. -set-max-intset-entries 512 - -# Similarly to hashes and lists, sorted sets are also specially encoded in -# order to save a lot of space. This encoding is only used when the length and -# elements of a sorted set are below the following limits: -zset-max-ziplist-entries 128 -zset-max-ziplist-value 64 - -# HyperLogLog sparse representation bytes limit. The limit includes the -# 16 bytes header. When an HyperLogLog using the sparse representation crosses -# this limit, it is converted into the dense representation. -# -# A value greater than 16000 is totally useless, since at that point the -# dense representation is more memory efficient. -# -# The suggested value is ~ 3000 in order to have the benefits of -# the space efficient encoding without slowing down too much PFADD, -# which is O(N) with the sparse encoding. The value can be raised to -# ~ 10000 when CPU is not a concern, but space is, and the data set is -# composed of many HyperLogLogs with cardinality in the 0 - 15000 range. -hll-sparse-max-bytes 3000 - -# Streams macro node max size / items. The stream data structure is a radix -# tree of big nodes that encode multiple items inside. Using this configuration -# it is possible to configure how big a single node can be in bytes, and the -# maximum number of items it may contain before switching to a new node when -# appending new stream entries. If any of the following settings are set to -# zero, the limit is ignored, so for instance it is possible to set just a -# max entries limit by setting max-bytes to 0 and max-entries to the desired -# value. -stream-node-max-bytes 4096 -stream-node-max-entries 100 - -# Active rehashing uses 1 millisecond every 100 milliseconds of CPU time in -# order to help rehashing the main Redis hash table (the one mapping top-level -# keys to values). The hash table implementation Redis uses (see dict.c) -# performs a lazy rehashing: the more operation you run into a hash table -# that is rehashing, the more rehashing "steps" are performed, so if the -# server is idle the rehashing is never complete and some more memory is used -# by the hash table. -# -# The default is to use this millisecond 10 times every second in order to -# actively rehash the main dictionaries, freeing memory when possible. -# -# If unsure: -# use "activerehashing no" if you have hard latency requirements and it is -# not a good thing in your environment that Redis can reply from time to time -# to queries with 2 milliseconds delay. -# -# use "activerehashing yes" if you don't have such hard requirements but -# want to free memory asap when possible. -activerehashing yes - -# The client output buffer limits can be used to force disconnection of clients -# that are not reading data from the server fast enough for some reason (a -# common reason is that a Pub/Sub client can't consume messages as fast as the -# publisher can produce them). -# -# The limit can be set differently for the three different classes of clients: -# -# normal -> normal clients including MONITOR clients -# replica -> replica clients -# pubsub -> clients subscribed to at least one pubsub channel or pattern -# -# The syntax of every client-output-buffer-limit directive is the following: -# -# client-output-buffer-limit -# -# A client is immediately disconnected once the hard limit is reached, or if -# the soft limit is reached and remains reached for the specified number of -# seconds (continuously). -# So for instance if the hard limit is 32 megabytes and the soft limit is -# 16 megabytes / 10 seconds, the client will get disconnected immediately -# if the size of the output buffers reach 32 megabytes, but will also get -# disconnected if the client reaches 16 megabytes and continuously overcomes -# the limit for 10 seconds. -# -# By default normal clients are not limited because they don't receive data -# without asking (in a push way), but just after a request, so only -# asynchronous clients may create a scenario where data is requested faster -# than it can read. -# -# Instead there is a default limit for pubsub and replica clients, since -# subscribers and replicas receive data in a push fashion. -# -# Both the hard or the soft limit can be disabled by setting them to zero. -client-output-buffer-limit normal 0 0 0 -client-output-buffer-limit replica 256mb 64mb 60 -client-output-buffer-limit pubsub 32mb 8mb 60 - -# Client query buffers accumulate new commands. They are limited to a fixed -# amount by default in order to avoid that a protocol desynchronization (for -# instance due to a bug in the client) will lead to unbound memory usage in -# the query buffer. However you can configure it here if you have very special -# needs, such us huge multi/exec requests or alike. -# -# client-query-buffer-limit 1gb - -# In the Redis protocol, bulk requests, that are, elements representing single -# strings, are normally limited to 512 mb. However you can change this limit -# here, but must be 1mb or greater -# -# proto-max-bulk-len 512mb - -# Redis calls an internal function to perform many background tasks, like -# closing connections of clients in timeout, purging expired keys that are -# never requested, and so forth. -# -# Not all tasks are performed with the same frequency, but Redis checks for -# tasks to perform according to the specified "hz" value. -# -# By default "hz" is set to 10. Raising the value will use more CPU when -# Redis is idle, but at the same time will make Redis more responsive when -# there are many keys expiring at the same time, and timeouts may be -# handled with more precision. -# -# The range is between 1 and 500, however a value over 100 is usually not -# a good idea. Most users should use the default of 10 and raise this up to -# 100 only in environments where very low latency is required. -hz 10 - -# Normally it is useful to have an HZ value which is proportional to the -# number of clients connected. This is useful in order, for instance, to -# avoid too many clients are processed for each background task invocation -# in order to avoid latency spikes. -# -# Since the default HZ value by default is conservatively set to 10, Redis -# offers, and enables by default, the ability to use an adaptive HZ value -# which will temporarily raise when there are many connected clients. -# -# When dynamic HZ is enabled, the actual configured HZ will be used -# as a baseline, but multiples of the configured HZ value will be actually -# used as needed once more clients are connected. In this way an idle -# instance will use very little CPU time while a busy instance will be -# more responsive. -dynamic-hz yes - -# When a child rewrites the AOF file, if the following option is enabled -# the file will be fsync-ed every 32 MB of data generated. This is useful -# in order to commit the file to the disk more incrementally and avoid -# big latency spikes. -aof-rewrite-incremental-fsync yes - -# When redis saves RDB file, if the following option is enabled -# the file will be fsync-ed every 32 MB of data generated. This is useful -# in order to commit the file to the disk more incrementally and avoid -# big latency spikes. -rdb-save-incremental-fsync yes - -# Redis LFU eviction (see maxmemory setting) can be tuned. However it is a good -# idea to start with the default settings and only change them after investigating -# how to improve the performances and how the keys LFU change over time, which -# is possible to inspect via the OBJECT FREQ command. -# -# There are two tunable parameters in the Redis LFU implementation: the -# counter logarithm factor and the counter decay time. It is important to -# understand what the two parameters mean before changing them. -# -# The LFU counter is just 8 bits per key, it's maximum value is 255, so Redis -# uses a probabilistic increment with logarithmic behavior. Given the value -# of the old counter, when a key is accessed, the counter is incremented in -# this way: -# -# 1. A random number R between 0 and 1 is extracted. -# 2. A probability P is calculated as 1/(old_value*lfu_log_factor+1). -# 3. The counter is incremented only if R < P. -# -# The default lfu-log-factor is 10. This is a table of how the frequency -# counter changes with a different number of accesses with different -# logarithmic factors: -# -# +--------+------------+------------+------------+------------+------------+ -# | factor | 100 hits | 1000 hits | 100K hits | 1M hits | 10M hits | -# +--------+------------+------------+------------+------------+------------+ -# | 0 | 104 | 255 | 255 | 255 | 255 | -# +--------+------------+------------+------------+------------+------------+ -# | 1 | 18 | 49 | 255 | 255 | 255 | -# +--------+------------+------------+------------+------------+------------+ -# | 10 | 10 | 18 | 142 | 255 | 255 | -# +--------+------------+------------+------------+------------+------------+ -# | 100 | 8 | 11 | 49 | 143 | 255 | -# +--------+------------+------------+------------+------------+------------+ -# -# NOTE: The above table was obtained by running the following commands: -# -# redis-benchmark -n 1000000 incr foo -# redis-cli object freq foo -# -# NOTE 2: The counter initial value is 5 in order to give new objects a chance -# to accumulate hits. -# -# The counter decay time is the time, in minutes, that must elapse in order -# for the key counter to be divided by two (or decremented if it has a value -# less <= 10). -# -# The default value for the lfu-decay-time is 1. A special value of 0 means to -# decay the counter every time it happens to be scanned. -# -# lfu-log-factor 10 -# lfu-decay-time 1 - -########################### ACTIVE DEFRAGMENTATION ####################### -# -# What is active defragmentation? -# ------------------------------- -# -# Active (online) defragmentation allows a Redis server to compact the -# spaces left between small allocations and deallocations of data in memory, -# thus allowing to reclaim back memory. -# -# Fragmentation is a natural process that happens with every allocator (but -# less so with Jemalloc, fortunately) and certain workloads. Normally a server -# restart is needed in order to lower the fragmentation, or at least to flush -# away all the data and create it again. However thanks to this feature -# implemented by Oran Agra for Redis 4.0 this process can happen at runtime -# in a "hot" way, while the server is running. -# -# Basically when the fragmentation is over a certain level (see the -# configuration options below) Redis will start to create new copies of the -# values in contiguous memory regions by exploiting certain specific Jemalloc -# features (in order to understand if an allocation is causing fragmentation -# and to allocate it in a better place), and at the same time, will release the -# old copies of the data. This process, repeated incrementally for all the keys -# will cause the fragmentation to drop back to normal values. -# -# Important things to understand: -# -# 1. This feature is disabled by default, and only works if you compiled Redis -# to use the copy of Jemalloc we ship with the source code of Redis. -# This is the default with Linux builds. -# -# 2. You never need to enable this feature if you don't have fragmentation -# issues. -# -# 3. Once you experience fragmentation, you can enable this feature when -# needed with the command "CONFIG SET activedefrag yes". -# -# The configuration parameters are able to fine tune the behavior of the -# defragmentation process. If you are not sure about what they mean it is -# a good idea to leave the defaults untouched. - -# Enabled active defragmentation -# activedefrag no - -# Minimum amount of fragmentation waste to start active defrag -# active-defrag-ignore-bytes 100mb - -# Minimum percentage of fragmentation to start active defrag -# active-defrag-threshold-lower 10 - -# Maximum percentage of fragmentation at which we use maximum effort -# active-defrag-threshold-upper 100 - -# Minimal effort for defrag in CPU percentage, to be used when the lower -# threshold is reached -# active-defrag-cycle-min 1 - -# Maximal effort for defrag in CPU percentage, to be used when the upper -# threshold is reached -# active-defrag-cycle-max 25 - -# Maximum number of set/hash/zset/list fields that will be processed from -# the main dictionary scan -# active-defrag-max-scan-fields 1000 - -# Jemalloc background thread for purging will be enabled by default -jemalloc-bg-thread yes - -# It is possible to pin different threads and processes of Redis to specific -# CPUs in your system, in order to maximize the performances of the server. -# This is useful both in order to pin different Redis threads in different -# CPUs, but also in order to make sure that multiple Redis instances running -# in the same host will be pinned to different CPUs. -# -# Normally you can do this using the "taskset" command, however it is also -# possible to this via Redis configuration directly, both in Linux and FreeBSD. -# -# You can pin the server/IO threads, bio threads, aof rewrite child process, and -# the bgsave child process. The syntax to specify the cpu list is the same as -# the taskset command: -# -# Set redis server/io threads to cpu affinity 0,2,4,6: -# server_cpulist 0-7:2 -# -# Set bio threads to cpu affinity 1,3: -# bio_cpulist 1,3 -# -# Set aof rewrite child process to cpu affinity 8,9,10,11: -# aof_rewrite_cpulist 8-11 -# -# Set bgsave child process to cpu affinity 1,10,11 -# bgsave_cpulist 1,10-11 - -# In some cases redis will emit warnings and even refuse to start if it detects -# that the system is in bad state, it is possible to suppress these warnings -# by setting the following config which takes a space delimited list of warnings -# to suppress -# -# ignore-warnings ARM64-COW-BUG diff --git a/packages/grid/scripts/cron.sh b/packages/grid/scripts/cron.sh deleted file mode 100755 index 9b0bfe530a6..00000000000 --- a/packages/grid/scripts/cron.sh +++ /dev/null @@ -1,104 +0,0 @@ -#!/bin/bash - -# cronjob logs: $ tail -f /var/log/syslog | grep -i cron - -# $1 is the PySyft dir -# $2 is the git repo like: https://github.com/OpenMined/PySyft -# $3 is the branch like: dev -# $4 is the permission user like: om -# $5 is the permission group like: om -# $6 is the node type like: domain -# $7 is the node name like: node -# $8 is the build directory where we copy the source so we dont trigger hot reloading -# $9 is a bool for enabling tls or not, where true is tls enabled -# $10 is the path to tls certs if available -# $11 release mode, production or development with hot reloading -# $12 docker_tag if set to local, normal local build occurs, otherwise use dockerhub - -# these commands cant be used because they trigger hot reloading -# however without them accidental changes to the working tree might cause issues -# with the fetch process so we should consider changing how this works perhaps by -# copying the code into a folder for execution and keeping the git repo seperate - -# git checkout main --force -# git branch -D $3 || true -# git checkout $3 --force - -pidof -o %PPID -x $0 >/dev/null && echo "ERROR: Script $0 already running" && exit 1 - -cd $1 -START_HASH=$(git rev-parse HEAD) -CURRENT_REMOTE=$(git remote -v | head -n 1 | cut -d ' ' -f 1 | awk '{print $2}') -CURRENT_BRANCH=$(git branch --show-current) -echo "Running autoupdate CRON" - -# does https://github.com/OpenMined/PySyft contain OpenMined/PySyft -if [[ ! "$CURRENT_REMOTE" == *"$2"* ]] -then - echo "Switching remotes to: ${2}" - git remote rm origin || true - git remote add origin https://github.com/$2 - git fetch origin - echo "Checking out branch: ${3}" - git reset --hard "origin/${3}" - git checkout "origin/${3}" --force - chown -R $4:$5 . -fi - -if [ "$CURRENT_BRANCH" != "$3" ] -then - echo "Checking out branch: ${3}" -fi - -git fetch origin -git reset --hard "origin/${3}" -git checkout "origin/${3}" --force -chown -R $4:$5 . - -END_HASH=$(git rev-parse HEAD) -CONTAINER_VERSION=$(docker ps --format "{{.Names}}" | grep 'backend' | head -1l | xargs -I {} docker exec {} env | grep ^VERSION= | sed 's/VERSION=//') -CONTAINER_HASH=$(docker ps --format "{{.Names}}" | grep 'backend' | head -1l | xargs -I {} docker exec {} env | grep VERSION_HASH | sed 's/VERSION_HASH=//') - -REDEPLOY="0" - - -# see hagrid --release options -if [[ ${11} = "development" ]]; then - RELEASE=development -else - RELEASE=production -fi - -if [[ -z "${12}" ]]; then - DOCKER_TAG="local" -else - DOCKER_TAG="${12}" -fi - -if [[ "$CONTAINER_HASH" == "dockerhub" ]] -then - echo "Version: $CONTAINER_VERSION from dockerhub deployed" -elif [[ "$START_HASH" != "$END_HASH" ]] -then - echo "Git hashes $START_HASH vs $END_HASH dont match, redeploying" - REDEPLOY="1" -elif [[ ! "$END_HASH" == *"$CONTAINER_HASH"* ]] -then - echo "Container hash $END_HASH not in $CONTAINER_HASH, redeploying" - REDEPLOY="1" -elif [[ -z "$CONTAINER_HASH" ]] -then - echo "Container hash $CONTAINER_HASH is not valid, redeploying" - REDEPLOY="1" -fi - -echo "START_HASH=$START_HASH" -echo "END_HASH=$END_HASH" -echo "CONTAINER_HASH=$CONTAINER_HASH" -echo "REDEPLOY=$REDEPLOY" - -if [[ ${REDEPLOY} != "0" ]]; then - bash /home/om/PySyft/packages/grid/scripts/redeploy.sh $1 $2 $3 $4 $5 $6 $7 $8 $9 ${10} ${RELEASE} ${DOCKER_TAG} -fi - -echo "Finished autoupdate CRON" diff --git a/packages/grid/scripts/deploy.sh b/packages/grid/scripts/deploy.sh deleted file mode 100644 index 55a86ee94ce..00000000000 --- a/packages/grid/scripts/deploy.sh +++ /dev/null @@ -1,16 +0,0 @@ -#! /usr/bin/env sh - -# Exit in case of error -set -e - -DOMAIN=${DOMAIN?Variable not set} \ -TRAEFIK_TAG=${TRAEFIK_TAG?Variable not set} \ -STACK_NAME=${STACK_NAME?Variable not set} \ -TAG=${TAG?Variable not set} \ -docker-compose \ --f docker-compose.yml \ -config > docker-stack.yml - -docker-auto-labels docker-stack.yml - -docker stack deploy -c docker-stack.yml --with-registry-auth "${STACK_NAME?Variable not set}" diff --git a/packages/grid/scripts/rc.local.j2 b/packages/grid/scripts/rc.local.j2 deleted file mode 100644 index 63bfdc410e8..00000000000 --- a/packages/grid/scripts/rc.local.j2 +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash - -until systemctl is-active --quiet docker -do - echo "Waiting for docker service to start" - sleep 1 -done - -sudo {{ syft_dir }}/packages/grid/scripts/containers.sh diff --git a/packages/grid/scripts/redeploy.sh b/packages/grid/scripts/redeploy.sh deleted file mode 100755 index 121f11c62f3..00000000000 --- a/packages/grid/scripts/redeploy.sh +++ /dev/null @@ -1,49 +0,0 @@ -#!/bin/bash - -# only run one redeploy.sh at a time -pidof -o %PPID -x $0 >/dev/null && echo "ERROR: Script $0 already running" && exit 1 - -# cronjob logs: $ tail -f /var/log/syslog | grep -i cron - -# $1 is the PySyft dir -# $2 is the git repo like: https://github.com/OpenMined/PySyft -# $3 is the branch like: dev -# $4 is the permission user like: om -# $5 is the permission group like: om -# $6 is the node type like: domain -# $7 is the node name like: node -# $8 is the build directory where we copy the source so we dont trigger hot reloading -# $9 is a bool for enabling tls or not, where true is tls enabled -# $10 is the path to tls certs if available -# $11 release mode, production or development with hot reloading -# $12 docker_tag if set to local, normal local build occurs, otherwise use dockerhub - -if [[ ${11} = "development" ]]; then - RELEASE=development -else - RELEASE=production -fi - -if [[ -z "${12}" ]]; then - DOCKER_TAG="local" -else - DOCKER_TAG="${12}" -fi - -echo "Code has changed so redeploying with HAGrid" -rm -rf ${8} -cp -r ${1} ${8} -chown -R ${4}:${5} ${8} -/usr/sbin/runuser -l ${4} -c "pip install -e ${8}/packages/hagrid" -# /usr/sbin/runuser -l ${4} -c "hagrid launch ${7} ${6} to localhost --repo=${2} --branch=${3} --ansible-extras='docker_volume_destroy=true'" -if [[ "${9}" = "true" ]]; then - echo "Starting Grid with TLS" - HAGRID_CMD="hagrid launch ${7} ${6} to localhost --repo=${2} --branch=${3} --release=${RELEASE} --tag=${DOCKER_TAG} --tls --cert-store-path=${10}" - echo $HAGRID_CMD - /usr/sbin/runuser -l ${4} -c "$HAGRID_CMD" -else - echo "Starting Grid without TLS" - HAGRID_CMD="hagrid launch ${7} ${6} to localhost --repo=${2} --branch=${3} --release=${RELEASE} --tag=${DOCKER_TAG}" - echo $HAGRID_CMD - /usr/sbin/runuser -l ${4} -c "$HAGRID_CMD" -fi diff --git a/packages/grid/scripts/start_notebook.sh b/packages/grid/scripts/start_notebook.sh deleted file mode 100755 index 648368c0f4d..00000000000 --- a/packages/grid/scripts/start_notebook.sh +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/bash -docker-compose exec backend bash -c \$JUPYTER diff --git a/packages/grid/scripts/test-local.sh b/packages/grid/scripts/test-local.sh deleted file mode 100644 index 4c180f21d3a..00000000000 --- a/packages/grid/scripts/test-local.sh +++ /dev/null @@ -1,15 +0,0 @@ -#! /usr/bin/env bash - -# Exit in case of error -set -e - -docker-compose down -v --remove-orphans # Remove possibly previous broken stacks left hanging after an error - -if [ $(uname -s) = "Linux" ]; then - echo "Remove __pycache__ files" - sudo find . -type d -name __pycache__ -exec rm -r {} \+ -fi - -docker-compose build -docker-compose up -d -docker-compose exec -T backend bash /app/tests-start.sh "$@" diff --git a/packages/grid/scripts/test.sh b/packages/grid/scripts/test.sh deleted file mode 100644 index 78b4db90e05..00000000000 --- a/packages/grid/scripts/test.sh +++ /dev/null @@ -1,17 +0,0 @@ -#! /usr/bin/env sh - -# Exit in case of error -set -e - -DOMAIN=backend \ -SMTP_HOST="" \ -TRAEFIK_PUBLIC_NETWORK_IS_EXTERNAL=false \ -docker-compose \ --f docker-compose.yml \ -config > docker-stack.yml - -docker-compose -f docker-stack.yml build -docker-compose -f docker-stack.yml down -v --remove-orphans # Remove possibly previous broken stacks left hanging after an error -docker-compose -f docker-stack.yml up -d -docker-compose -f docker-stack.yml exec -T backend bash /app/tests-start.sh "$@" -docker-compose -f docker-stack.yml down -v --remove-orphans diff --git a/packages/grid/vagrant/almalinux_9/arm_64/Vagrantfile b/packages/grid/vagrant/almalinux_9/arm_64/Vagrantfile deleted file mode 100644 index 617003eb4f2..00000000000 --- a/packages/grid/vagrant/almalinux_9/arm_64/Vagrantfile +++ /dev/null @@ -1,38 +0,0 @@ -Vagrant.configure("2") do |config| - config.vm.box = "almalinux/9.aarch64" - config.vm.hostname = "almalinux-9" - - config.vm.provider "virtualbox" do |vb| - vb.memory = "4096" - vb.cpus = "2" - end - - config.vm.provider "vmware_desktop" do |vd| - vd.memory = "4096" - vd.cpus = "2" - end - - config.vm.box_check_update = false - - config.vm.provision "shell", inline: <<-SHELL - #!/bin/bash - echo "Hello from the inline Bash script!" - # Flush existing rules - iptables-save > rules.v4.old - iptables -F - - # Set the default policies to DROP - iptables -P INPUT DROP - iptables -P FORWARD DROP - iptables -P OUTPUT ACCEPT - - # Allow incoming SSH traffic - iptables -A INPUT -p tcp --dport 22 -j ACCEPT - - # Save the rules so they persist across reboots - iptables-save > rules.v4.new - pwd - - SHELL - - end \ No newline at end of file diff --git a/packages/grid/vagrant/almalinux_9/x86_64/Vagrantfile b/packages/grid/vagrant/almalinux_9/x86_64/Vagrantfile deleted file mode 100644 index 20fe9b8d652..00000000000 --- a/packages/grid/vagrant/almalinux_9/x86_64/Vagrantfile +++ /dev/null @@ -1,37 +0,0 @@ -Vagrant.configure("2") do |config| - config.vm.box = "almalinux/9" - config.vm.hostname = "almalinux-9" - - config.vm.provider "virtualbox" do |vb| - vb.memory = "4096" - vb.cpus = "2" - end - - config.vm.provider "vmware_desktop" do |vd| - vd.memory = "4096" - vd.cpus = "2" - end - config.vm.box_check_update = false - - config.vm.provision "shell", inline: <<-SHELL - #!/bin/bash - echo "Hello from the inline Bash script!" - # Flush existing rules - iptables-save > rules.v4.old - iptables -F - - # Set the default policies to DROP - iptables -P INPUT DROP - iptables -P FORWARD DROP - iptables -P OUTPUT ACCEPT - - # Allow incoming SSH traffic - iptables -A INPUT -p tcp --dport 22 -j ACCEPT - - # Save the rules so they persist across reboots - iptables-save > rules.v4.new - pwd - - SHELL - - end \ No newline at end of file diff --git a/packages/grid/vagrant/fedora_38/arm_64/Vagrantfile b/packages/grid/vagrant/fedora_38/arm_64/Vagrantfile deleted file mode 100644 index 8d4d9b73445..00000000000 --- a/packages/grid/vagrant/fedora_38/arm_64/Vagrantfile +++ /dev/null @@ -1,35 +0,0 @@ -Vagrant.configure("2") do |config| - config.vm.box = "bento/fedora-38-arm64" - config.vm.hostname = "fedora-38-arm64" - - config.vm.provider "virtualbox" do |vb| - vb.memory = "4096" - vb.cpus = "2" - end - - config.vm.provider "vmware_desktop" do |vd| - vd.memory = "4096" - vd.cpus = "2" - end - config.vm.synced_folder "../../../podman/podman-kube", "/home/vagrant/podman-kube" ,type: "rsync" - config.vm.box_check_update = false - config.vm.network "forwarded_port", guest: 8080, host: 8080, host_ip: "127.0.0.1" - - config.vm.provision "shell", inline: <<-SHELL - # Run shell script on the home folder - cd ~ - sudo dnf install podman -y - pwd - SHELL - - config.vm.provision "shell",privileged: false, inline: <<-SHELL - # Run shell script on the home folder - pwd - whoami - cd ~/podman-kube - podman play kube podman-syft-kube.yaml --configmap=podman-syft-kube-config.yaml - pwd - SHELL - - - end \ No newline at end of file diff --git a/packages/grid/vagrant/fedora_38/x86_64/Vagrantfile b/packages/grid/vagrant/fedora_38/x86_64/Vagrantfile deleted file mode 100644 index b39b162957c..00000000000 --- a/packages/grid/vagrant/fedora_38/x86_64/Vagrantfile +++ /dev/null @@ -1,35 +0,0 @@ -Vagrant.configure("2") do |config| - config.vm.box = "bento/fedora-38" - config.vm.hostname = "fedora-38-x86_64" - - config.vm.provider "virtualbox" do |vb| - vb.memory = "4096" - vb.cpus = "2" - end - - config.vm.provider "vmware_desktop" do |vd| - vd.memory = "4096" - vd.cpus = "2" - end - config.vm.synced_folder "../../../podman/podman-kube", "/home/vagrant/podman-kube" ,type: "rsync" - config.vm.box_check_update = false - config.vm.network "forwarded_port", guest: 8080, host: 8080, host_ip: "127.0.0.1" - - config.vm.provision "shell", inline: <<-SHELL - # Run shell script on the home folder - cd ~ - sudo dnf install podman -y - pwd - SHELL - - config.vm.provision "shell",privileged: false, inline: <<-SHELL - # Run shell script on the home folder - pwd - whoami - cd ~/podman-kube - podman play kube podman-syft-kube.yaml --configmap=podman-syft-kube-config.yaml - pwd - SHELL - - - end \ No newline at end of file diff --git a/packages/hagrid/.bumpversion.cfg b/packages/hagrid/.bumpversion.cfg deleted file mode 100644 index a30678ab82f..00000000000 --- a/packages/hagrid/.bumpversion.cfg +++ /dev/null @@ -1,12 +0,0 @@ -[bumpversion] -current_version = 0.3.121 -tag = False -tag_name = {new_version} -commit = True -commit_message = Bump version: {current_version} β†’ {new_version} - -[bumpversion:file:hagrid/version.py] - -[bumpversion:file:setup.py] - -[bumpversion:file:hagrid/manifest_template.yml] diff --git a/packages/hagrid/.dockerignore b/packages/hagrid/.dockerignore deleted file mode 100644 index 1effc400690..00000000000 --- a/packages/hagrid/.dockerignore +++ /dev/null @@ -1,11 +0,0 @@ -.git -.vscode -.mypy_cache -.benchmarks -build -dist -hagrid.egg-info -Pipfile -Dockerfile -README.md -.venv diff --git a/packages/hagrid/.gitattributes b/packages/hagrid/.gitattributes deleted file mode 100644 index dfe0770424b..00000000000 --- a/packages/hagrid/.gitattributes +++ /dev/null @@ -1,2 +0,0 @@ -# Auto detect text files and perform LF normalization -* text=auto diff --git a/packages/hagrid/.gitignore b/packages/hagrid/.gitignore deleted file mode 100644 index 7ebe0d7df82..00000000000 --- a/packages/hagrid/.gitignore +++ /dev/null @@ -1,128 +0,0 @@ -# Byte-compiled / optimized / DLL files -__pycache__/ -*.py[cod] -*$py.class - -# C extensions -*.so - -# Distribution / packaging -.Python -build/ -develop-eggs/ -dist/ -downloads/ -eggs/ -.eggs/ -lib/ -lib64/ -parts/ -sdist/ -var/ -wheels/ -pip-wheel-metadata/ -share/python-wheels/ -*.egg-info/ -.installed.cfg -*.egg -MANIFEST - -# PyInstaller -# Usually these files are written by a python script from a template -# before PyInstaller builds the exe, so as to inject date/other infos into it. -*.manifest -*.spec - -# Installer logs -pip-log.txt -pip-delete-this-directory.txt - -# Unit test / coverage reports -htmlcov/ -.tox/ -.nox/ -.coverage -.coverage.* -.cache -nosetests.xml -coverage.xml -*.cover -*.py,cover -.hypothesis/ -.pytest_cache/ - -# Translations -*.mo -*.pot - -# Django stuff: -*.log -local_settings.py -db.sqlite3 -db.sqlite3-journal - -# Flask stuff: -instance/ -.webassets-cache - -# Scrapy stuff: -.scrapy - -# Sphinx documentation -docs/_build/ - -# PyBuilder -target/ - -# Jupyter Notebook -.ipynb_checkpoints - -# IPython -profile_default/ -ipython_config.py - -# pyenv -.python-version - -# pipenv -# According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control. -# However, in case of collaboration, if having platform-specific dependencies or dependencies -# having no cross-platform support, pipenv may install dependencies that don't work, or not -# install all needed dependencies. -#Pipfile.lock - -# celery beat schedule file -celerybeat-schedule - -# SageMath parsed files -*.sage.py - -# Environments -.env -.venv -env/ -venv/ -ENV/ -env.bak/ -venv.bak/ - -# Spyder project settings -.spyderproject -.spyproject - -# Rope project settings -.ropeproject - -# mkdocs documentation -/site - -# mypy -.mypy_cache/ -.dmypy.json -dmypy.json - -# Pyre type checker -.pyre/ - -Pipfile -.envfile diff --git a/packages/hagrid/README.md b/packages/hagrid/README.md deleted file mode 100644 index a2d398960c1..00000000000 --- a/packages/hagrid/README.md +++ /dev/null @@ -1,219 +0,0 @@ -# hagrid - -Use this cli to deploy PyGrid Domain and Network nodes on your local machine. - -A Hagrid is a HAppy GRID! - -## Installation Linux and MacOS - -Python - -``` -$ pip install -U hagrid -``` - -Docker - -``` -$ docker run -it -v ~/:/root openmined/hagrid:latest hagrid -``` - -Then simply run hagrid as you would normally: - -``` -$ docker run -it -v ~/:/root openmined/hagrid:latest hagrid launch slytherin domain to azure -``` - -## Installation Windows - -Requirements: - -- docker - -### Docker - -You can manually install Docker Desktop: https://www.docker.com/products/docker-desktop - -or alternatively use the windows package manager `chocolatey`. - -### Chocolatey - -To install `chocolatey` you need to open "Windows PowerShell" in Administrator mode. -You can type `powershell` into the search bar and right-click and select "Run as administrator". If when you start Powershell in Administrator mode it asks you whether you want to allow powershell to make changes to your computer, select "Yes". -Then copy and paste this command and run it. - -Run this inside PowerShell (Admin Mode): - -```powershell -Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1')) -``` - -You should now be able to type: `choco` in PowerShell terminal to use the tool. - -### Docker with Chocolatey - -To install Docker Desktop with chocolatey run this inside PowerShell (Admin Mode): - -```powershell -choco install docker-desktop -y -``` - -You will likely need to restart after installing Docker Desktop for the first time. Also occasionally Powershell looks like its taking for ever but if you hit then it'll show that the command is actually done. - -### Restart the computer and start Docker Desktop - -After you've rebooted your Windows machine, launch the application "Docker Desktop" and continue. - -### Docker Backend - -Docker on Windows has two possible backends, one which uses a virtual machine and the other which uses Windows Subsystem for Linux 2. - -Try running Docker Desktop and seeing that it starts. -If you get an error saying "Docker Engine failed to start..." you may not have Virtualization enabled. -Either have it enabled in your BIOS if your CPU supports it, or you may need to use the Windows Subsystem for Linux 2 backend. - -To install WSL2 with chocolately run this inside PowerShell (Admin Mode): - -```powershell -choco install wsl2 -y -``` - -If you needed to install wsl2, restart docker by clicking the little whale in the bottom right corner, clicking "Stop" and then starting Docker Desktop application again. - -### Enable Docker Compose v2 - -Inside Docker Desktop click on the settings wheel in the top right. -Click on the menu item "Experimental Features" on the left. -Check the box that says: "Use Docker Desktop V2". - -## SSH Keys - -HAGrid allows you to select an SSH key, to setup a remote node. When using Docker on Windows we recommend you mount your Users %USERPROFILE% directory into the container so that any keys you already have can be accessed. If you have a key inside C:\Users\John Smith\.ssh\mykey.pem then when asked for the path to your key you would enter: `~/mykey.pem`. - -If HAGrid complains that you have no key, it can generate one for you, or you can always generate one yourself manually using the ssh-keygen.exe tool. - -To generate a key using ssh-keygen run in a Powershell: - -``` -ssh-keygen -``` - -Unless you know what the options are simply pressing enter and going with the defaults is perfectly fine. This will create a file called `~/.ssh/id_rsa` which is also the default that HAGrid asks you if you want to use. - -## Run HAGrid Docker Container - -```powershell -docker run -it -v "$($env:USERPROFILE):/root" openmined/hagrid:latest hagrid -``` - -Then simply run hagrid as you would normally: - -```powershell -docker run -it -v "$($env:USERPROFILE):/root" openmined/hagrid:latest hagrid launch slytherin to azure -``` - -## Development - -#### Step 1 Dev Setup - -If you want hagrid to launch nodes based on your live-updating codebase, then install it using one of the live-updating install commands. This will mean that the codebase will hot-reload based on the current project. - -```bash -pip install -e . -``` - -## Launch a Node - -![alt text](cli2.png) - -## A Few Example Commands - -Start a node with: - -```bash -hagrid launch slytherin -``` - -... and then stop it with: - -```bash -hagrid land slytherin -``` - -You can specify ports if you want to: - -```bash -hagrid launch hufflepuff_house to docker:8081+ -``` - -... but if you don't it'll find an open one for you - -```bash -// finds hufflepuff already has 8081... tries 8082 -hagrid launch ravenclaw -``` - -You can also specify the node type (domain by default) - -```bash -hagrid launch gryffendor network to docker -``` - -## Credits - -## Testing HAGrid Remotely - -Sometimes you need to install HAGrid directly from source while developing and testing on a remote machine. You can use the pip git syntax like so: - -``` -$ pip install "git+https://github.com/OpenMined/PySyft@demo_strike_team_branch_4#subdirectory=packages/hagrid" -``` - -## Deploying HAGrid to a running Linux Machine (Ubuntu 20.x) - -Log into your linux machine and run the following: - -``` -pip install -U hagrid -``` - -Often on a remote linux box hagrid will not by default show up in the path. Re-login via SSH terminal and hagrid should appear. - -``` -hagrid launch domain to localhost -``` - -Then folllow the instructions in the prompt. Note that occasionally you'll see a harmless (but red and scary looking) error at the very end of the deploy which looks something like: - -``` -"Container slytherin_flower_1 Starting", "Container slytherin_db_1 Starting", "Container slytherin_proxy_1 Starting", "Container slytherin_queue_1 Starting", "Container slytherin_queue_1 Started", "Container slytherin_db_1 Started", "Container slytherin_backend_1 Starting", "Container slytherin_celeryworker_1 Starting", "Container slytherin_pgadmin_1 Starting", "Container slytherin_proxy_1 Started", "Container slytherin_flower_1 Started", "Container slytherin_backend_1 Started", "Container slytherin_celeryworker_1 Started", "Container slytherin_pgadmin_1 Started", "Container slytherin_backend_stream_1 Starting", "Container slytherin_frontend_1 Starting", "Container slytherin_frontend_1 Started", "Container slytherin_backend_stream_1 Started", "Error response from daemon: cannot start a stopped process: unknown"], "stdout": "", "stdout_lines": []} -: cannot start a stopped process: unknown"], "stdout": "", "stdout_lines": []} - -PLAY RECAP *************************************************************************************************************************** -104.42.1.158 : ok=26 changed=21 unreachable=0 failed=1 skipped=1 rescued=0 ignored=0 -``` - -If you see this don't worry about it. - -### Post install checks. - -Log into the openmined user. - -``` -sudo su - om -``` - -Check that the autoupdater is running correctly and pointed to the branch you specified. - -``` -sudo crontab -l -``` - -Should return something like - -``` -#Ansible: Update PySyft Repo -* * * * * /home/om/PySyft/packages/grid/scripts/cron.sh /home/om/PySyft The-PET-Lab-at-the-UN-PPTTT/PySyft ungp_pet_lab om om domain slytherin -``` - -**Super Cool Code Images** by [Carbon](https://carbon.now.sh/) diff --git a/packages/hagrid/build_docker.ps1 b/packages/hagrid/build_docker.ps1 deleted file mode 100644 index 29951ee1e4b..00000000000 --- a/packages/hagrid/build_docker.ps1 +++ /dev/null @@ -1,2 +0,0 @@ -$env:HAGRID_VERSION = $(python hagrid/version.py) -docker buildx build -f hagrid.dockerfile -t openmined/hagrid:"$env:HAGRID_VERSION" -t openmined/hagrid:latest . \ No newline at end of file diff --git a/packages/hagrid/build_docker.sh b/packages/hagrid/build_docker.sh deleted file mode 100755 index 8c0bf150398..00000000000 --- a/packages/hagrid/build_docker.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -HAGRID_VERSION=$(python3 hagrid/version.py) -docker buildx build -f hagrid.dockerfile -t openmined/hagrid:"${HAGRID_VERSION}" -t openmined/hagrid:latest . diff --git a/packages/hagrid/build_wheel.sh b/packages/hagrid/build_wheel.sh deleted file mode 100755 index a5343a06a69..00000000000 --- a/packages/hagrid/build_wheel.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -rm -rf build dist -python setup.py bdist_wheel -rm -rf build diff --git a/packages/hagrid/cli2.png b/packages/hagrid/cli2.png deleted file mode 100644 index 1a31e027921..00000000000 Binary files a/packages/hagrid/cli2.png and /dev/null differ diff --git a/packages/hagrid/hagrid.dockerfile b/packages/hagrid/hagrid.dockerfile deleted file mode 100644 index 878aff613df..00000000000 --- a/packages/hagrid/hagrid.dockerfile +++ /dev/null @@ -1,27 +0,0 @@ -FROM python:3.12-slim as build - -WORKDIR /hagrid -COPY ./ /hagrid - -RUN pip install --upgrade pip setuptools wheel twine -RUN python setup.py bdist_wheel -RUN twine check `find -L ./dist -name "*.whl"` - -FROM python:3.12-slim as backend - -# set UTC timezone -ENV TZ=Etc/UTC -RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone - -RUN DEBIAN_FRONTEND=noninteractive \ - apt-get update && \ - apt-get install -yqq \ - git && \ - rm -rf /var/lib/apt/lists/* - -COPY --from=build /hagrid/dist /hagrid -RUN pip install `find -L /hagrid -name "*.whl"` - -# warm the cache -RUN hagrid -CMD hagrid diff --git a/packages/hagrid/hagrid/__init__.py b/packages/hagrid/hagrid/__init__.py deleted file mode 100644 index eabd22f9f19..00000000000 --- a/packages/hagrid/hagrid/__init__.py +++ /dev/null @@ -1,43 +0,0 @@ -from .git_check import verify_git_installation # noqa - -# stdlib -import sys -from typing import Any - -# relative -from .cli import check_status as check # noqa: F401 -from .quickstart_ui import QuickstartUI -from .version import __version__ # noqa: F401 -from .wizard_ui import WizardUI - -from .orchestra import Orchestra # noqa - - -def module_property(func: Any) -> None: - """Decorator to turn module functions into properties. - Function names must be prefixed with an underscore.""" - module = sys.modules[func.__module__] - - def base_getattr(name: str) -> None: - raise AttributeError(f"module '{module.__name__}' has no attribute '{name}'") - - old_getattr = getattr(module, "__getattr__", base_getattr) - - def new_getattr(name: str) -> Any: - if f"_{name}" == func.__name__: - return func() - else: - return old_getattr(name) - - module.__getattr__ = new_getattr # type: ignore - return func - - -@module_property -def _quickstart() -> QuickstartUI: - return QuickstartUI() - - -@module_property -def _wizard() -> WizardUI: - return WizardUI() diff --git a/packages/hagrid/hagrid/art.py b/packages/hagrid/hagrid/art.py deleted file mode 100644 index a272ab9d52f..00000000000 --- a/packages/hagrid/hagrid/art.py +++ /dev/null @@ -1,125 +0,0 @@ -# stdlib -import locale -import secrets - -# third party -import ascii_magic -import rich -from rich.emoji import Emoji - - -def motorcycle() -> None: - print( - """ - ` - `.+yys/.` - ``/NMMMNNs` - `./shNMMMMMMNs`` `..` - `-smNMMNNMMMMMMN/.``......` - `.yNMMMMNmmmmNNMMm/.`....` - `:sdNMMMMMMNNNNddddds-`.`` `--. ` - `.+dNNNNMMMMMMMMMNNNNmddohmh//hddy/.```..` - `-hNMMMMMMMMMMMMNNdmNNMNNdNNd:sdyoo+/++:..` - ../mMMMMMMMMMMMMMMNNmmmmNMNmNNmdmd/hNNNd+:` - `:mMNNMMMMMMMMMMMMNMNNmmmNNNNNdNNd/NMMMMm:: - `:mMNNNMMMMMMMMMMMMMMMNNNNdNMNNmmNd:smMMmh// - ``/mMMMMMMMMMMMMMMMMMMMMMMNmdmNNMMNNNy/osoo/-` - `-sNMMMMMMMMMMMMMMMMMMMMMMMMNNmmMMMMNh-....` - `/dNMMMMMMMMMMMMMMMMMMMMMMMMMMMNNMMMNy.` - ``.omNNMMMMMMMMMMMMNMMMMMMMNmmmmNNMMMMN+` - `:hmNNMMMMMMMMMMMNo/ohNNNNho+os+-+hNys/` - -mNNNNNNMMMMMMMMm+``-yNdd+/mMMMms.-:` - .+dmNNNNMMMMMMNd:``:dNN+y`oMMMMMm-.` - `+dmmmNNNmmmmy+. `-+m/s/+MMMMm/-- - `+mmmhNy/-...``` ``-.-sosyys+/-` - ``.smmmsoo`` .oh+-:/:. - `.:odmdh/```` `.+d+`````` - ```/sydNdhy+.` ``-sds. - `:hdmhs::-```` `oNs.` -```.sdmh/`` `-ym+` - ``ssy+` `-yms.` - `` `:hNy-`` - ` `-yMN/``` - `-yNhy- - `/yNd/` - `:dNMs`` - `.+mNy/.` - `.+hNMMs`` - `:dMMMMh.`""" # noqa: W605 - ) - - -def hold_on_tight() -> None: - pass - - -def hagrid1() -> None: - # relative - from .lib import asset_path - - try: - ascii_magic.to_terminal( - ascii_magic.from_image_file( - img_path=str(asset_path()) + "/img/hagrid.png", columns=83 - ) - ) - except Exception: # nosec - pass - - -def hagrid2() -> None: - # relative - from .lib import asset_path - - try: - ascii_magic.to_terminal( - ascii_magic.from_image_file( - img_path=str(asset_path()) + "/img/hagrid2.png", columns=83 - ) - ) - except Exception: # nosec - pass - - -def quickstart_art() -> None: - text = """ -888 888 d8888 .d8888b. d8b 888 -888 888 d88888 d88P Y88b Y8P 888 -888 888 d88P888 888 888 888 -8888888888 d88P 888 888 888d888 888 .d88888 -888 888 d88P 888 888 88888 888P" 888 d88" 888 -888 888 d88P 888 888 888 888 888 888 888 -888 888 d8888888888 Y88b d88P 888 888 Y88b 888 -888 888 d88P 888 "Y8888P88 888 888 "Y88888 - - - .d88888b. d8b 888 888 888 -d88P" "Y88b Y8P 888 888 888 -888 888 888 888 888 -888 888 888 888 888 .d8888b 888 888 .d8888b 888888 8888b. 888d888 888888 -888 888 888 888 888 d88P" 888 .88P 88K 888 "88b 888P" 888 -888 Y8b 888 888 888 888 888 888888K "Y8888b. 888 .d888888 888 888 -Y88b.Y8b88P Y88b 888 888 Y88b. 888 "88b X88 Y88b. 888 888 888 Y88b. - "Y888888" "Y88888 888 "Y8888P 888 888 88888P' "Y888 "Y888888 888 "Y888 - Y8b -""" - console = rich.get_console() - console.print( - text, - style="bold", - justify="left", - new_line_start=True, - ) - - -def hagrid() -> None: - """Print a random hagrid image with the caption "hold on tight harry".""" - options = [motorcycle, hagrid1, hagrid2] - i = secrets.randbelow(3) - options[i]() - hold_on_tight() - - -class RichEmoji(Emoji): - def to_str(self) -> str: - return self._char.encode("utf-8").decode(locale.getpreferredencoding()) diff --git a/packages/hagrid/hagrid/auth.py b/packages/hagrid/hagrid/auth.py deleted file mode 100644 index b3cca8a35e5..00000000000 --- a/packages/hagrid/hagrid/auth.py +++ /dev/null @@ -1,25 +0,0 @@ -# stdlib - - -class AuthCredentials: - def __init__( - self, - username: str, - key_path: str | None = None, - password: str | None = None, - ) -> None: - self.username = username - self.key_path = key_path - self.password = password - - @property - def uses_key(self) -> bool: - return bool(self.username and self.key_path) - - @property - def uses_password(self) -> bool: - return bool(self.username and self.password) - - @property - def valid(self) -> bool: - return bool(self.uses_key or self.uses_password) diff --git a/packages/hagrid/hagrid/azure.py b/packages/hagrid/hagrid/azure.py deleted file mode 100644 index b84e1f32bd7..00000000000 --- a/packages/hagrid/hagrid/azure.py +++ /dev/null @@ -1,67 +0,0 @@ -# stdlib -import json -import os -import subprocess # nosec - -# third party -from azure.identity import ClientSecretCredential -from azure.mgmt.resource import ResourceManagementClient - -# relative -from .file import user_hagrid_profile - -AZURE_SERVICE_PRINCIPAL_PATH = f"{user_hagrid_profile}/azure_sp.json" - - -class AzureException(Exception): - pass - - -def check_azure_authed() -> bool: - try: - azure_service_principal() - return True - except AzureException as e: - print(e) - - return False - - -def login_azure() -> bool: - cmd = "az login" - try: - subprocess.check_call(cmd, shell=True, stdout=subprocess.DEVNULL) # nosec - return True - except Exception: # nosec - pass - return False - - -def azure_service_principal() -> dict[str, str] | None: - sp_json = {} - if not os.path.exists(AZURE_SERVICE_PRINCIPAL_PATH): - raise AzureException("No service principal so we need to create one first") - with open(AZURE_SERVICE_PRINCIPAL_PATH) as f: - sp_json = json.loads(f.read()) - - required_keys = ["appId", "displayName", "name", "password", "tenant"] - for key in required_keys: - if key not in sp_json: - raise AzureException(f"{key} missing from {AZURE_SERVICE_PRINCIPAL_PATH}") - return sp_json - - -def azure_credentials( - tenant_id: str, client_id: str, client_secret: str -) -> ClientSecretCredential: - return ClientSecretCredential( - tenant_id=tenant_id, - client_id=client_id, - client_secret=client_secret, - ) - - -def resource_management_client( - credentials: ClientSecretCredential, subscription_id: str -) -> ResourceManagementClient: - return ResourceManagementClient(credentials, subscription_id) diff --git a/packages/hagrid/hagrid/cache.py b/packages/hagrid/hagrid/cache.py deleted file mode 100644 index 5a94d6180aa..00000000000 --- a/packages/hagrid/hagrid/cache.py +++ /dev/null @@ -1,69 +0,0 @@ -# stdlib -import json -import os -from typing import Any - -STABLE_BRANCH = "0.8.6" -DEFAULT_BRANCH = "0.8.6" -DEFAULT_REPO = "OpenMined/PySyft" - -arg_defaults = { - "repo": DEFAULT_REPO, - "branch": STABLE_BRANCH, - "username": "root", - "auth_type": "key", - "key_path": "~/.ssh/id_rsa", - "azure_repo": DEFAULT_REPO, - "azure_branch": STABLE_BRANCH, - "azure_username": "azureuser", - "azure_key_path": "~/.ssh/id_rsa", - "azure_resource_group": "openmined", - "azure_location": "westus", - "azure_size": "Standard_D4s_v3", - "gcp_zone": "us-central1-c", - "gcp_machine_type": "e2-standard-4", - "gcp_project_id": "", - "gcp_username": "", - "gcp_key_path": "~/.ssh/google_compute_engine", - "gcp_repo": DEFAULT_REPO, - "gcp_branch": STABLE_BRANCH, - "install_wizard_complete": False, - "aws_region": "us-east-1", - "aws_security_group_name": "openmined_sg", - "aws_security_group_cidr": "0.0.0.0/0", - "aws_image_id": "ami-05de688637f3e33ee", # Ubuntu Server 22.04 LTS (HVM), SSD Volume Type - "aws_ec2_instance_type": "t2.xlarge", - "aws_ec2_instance_username": "ubuntu", # For Ubuntu AMI, the default user name is ubuntu - "aws_repo": DEFAULT_REPO, - "aws_branch": STABLE_BRANCH, -} - - -class ArgCache: - @staticmethod - def cache_file_path() -> str: - dir_path = os.path.expanduser("~/.hagrid") - os.makedirs(dir_path, exist_ok=True) - return f"{dir_path}/cache.json" - - def __init__(self) -> None: - try: - with open(ArgCache.cache_file_path()) as f: - self.__cache = json.loads(f.read()) - except Exception: # nosec - self.__cache = {} - - def __setitem__(self, key: str, value: Any) -> None: - self.__cache[key] = value - with open(ArgCache.cache_file_path(), "w") as f: - f.write(json.dumps(self.__cache)) - - def __getitem__(self, key: str) -> Any: - if key in self.__cache: - return self.__cache[key] - elif key in arg_defaults: - return arg_defaults[key] - raise KeyError(f"Can't find key {key} in ArgCache") - - -arg_cache = ArgCache() diff --git a/packages/hagrid/hagrid/cli.py b/packages/hagrid/hagrid/cli.py deleted file mode 100644 index 0e8efdc06a4..00000000000 --- a/packages/hagrid/hagrid/cli.py +++ /dev/null @@ -1,4404 +0,0 @@ -# stdlib -from collections import namedtuple -from collections.abc import Callable -from enum import Enum -import json -import os -from pathlib import Path -import platform -from queue import Queue -import re -import shutil -import socket -import stat -import subprocess # nosec -import sys -import tempfile -from threading import Event -from threading import Thread -import time -from typing import Any -from typing import cast -from urllib.parse import urlparse -import webbrowser - -# third party -import click -import requests -import rich -from rich.console import Console -from rich.live import Live -from rich.progress import BarColumn -from rich.progress import Progress -from rich.progress import SpinnerColumn -from rich.progress import TextColumn -from virtualenvapi.manage import VirtualEnvironment - -# relative -from .art import RichEmoji -from .art import hagrid -from .art import quickstart_art -from .auth import AuthCredentials -from .cache import DEFAULT_BRANCH -from .cache import DEFAULT_REPO -from .cache import arg_cache -from .deps import DEPENDENCIES -from .deps import LATEST_BETA_SYFT -from .deps import allowed_hosts -from .deps import check_docker_service_status -from .deps import check_docker_version -from .deps import check_grid_docker -from .deps import gather_debug -from .deps import get_version_string -from .deps import is_windows -from .exceptions import MissingDependency -from .grammar import BadGrammar -from .grammar import GrammarVerb -from .grammar import parse_grammar -from .land import get_land_verb -from .launch import get_launch_verb -from .lib import GIT_REPO -from .lib import GRID_SRC_PATH -from .lib import GRID_SRC_VERSION -from .lib import check_api_metadata -from .lib import check_host -from .lib import check_jupyter_server -from .lib import check_login_page -from .lib import commit_hash -from .lib import docker_desktop_memory -from .lib import find_available_port -from .lib import generate_process_status_table -from .lib import generate_user_table -from .lib import gitpod_url -from .lib import hagrid_root -from .lib import is_gitpod -from .lib import name_tag -from .lib import save_vm_details_as_json -from .lib import update_repo -from .lib import use_branch -from .mode import EDITABLE_MODE -from .parse_template import deployment_dir -from .parse_template import get_template_yml -from .parse_template import manifest_cache_path -from .parse_template import render_templates -from .parse_template import setup_from_manifest_template -from .quickstart_ui import fetch_notebooks_for_url -from .quickstart_ui import fetch_notebooks_from_zipfile -from .quickstart_ui import quickstart_download_notebook -from .rand_sec import generate_sec_random_password -from .stable_version import LATEST_STABLE_SYFT -from .style import RichGroup -from .util import fix_windows_virtualenv_api -from .util import from_url -from .util import shell - -# fix VirtualEnvironment bug in windows -fix_windows_virtualenv_api(VirtualEnvironment) - - -class NodeSideType(Enum): - LOW_SIDE = "low" - HIGH_SIDE = "high" - - -def get_azure_image(short_name: str) -> str: - prebuild_070 = ( - "madhavajay1632269232059:openmined_mj_grid_domain_ubuntu_1:domain_070:latest" - ) - fresh_ubuntu = "Canonical:0001-com-ubuntu-server-jammy:22_04-lts-gen2:latest" - if short_name == "default": - return fresh_ubuntu - elif short_name == "domain_0.7.0": - return prebuild_070 - raise Exception(f"Image name doesn't exist: {short_name}. Try: default or 0.7.0") - - -@click.group(cls=RichGroup) -def cli() -> None: - pass - - -def get_compose_src_path( - node_name: str, - template_location: str | None = None, - **kwargs: Any, -) -> str: - grid_path = GRID_SRC_PATH() - tag = kwargs["tag"] - # Use local compose files if in editable mode and - # template_location is None and (kwargs["dev"] is True or tag is local) - if ( - EDITABLE_MODE - and template_location is None - and (kwargs["dev"] is True or tag == "local") - ): - path = grid_path - else: - path = deployment_dir(node_name) - - os.makedirs(path, exist_ok=True) - return path - - -@click.command( - help="Restore some part of the hagrid installation or deployment to its initial/starting state.", - context_settings={"show_default": True}, -) -@click.argument("location", type=str, nargs=1) -def clean(location: str) -> None: - if location == "library" or location == "volumes": - print("Deleting all Docker volumes in 2 secs (Ctrl-C to stop)") - time.sleep(2) - subprocess.call("docker volume rm $(docker volume ls -q)", shell=True) # nosec - - if location == "containers" or location == "pantry": - print("Deleting all Docker containers in 2 secs (Ctrl-C to stop)") - time.sleep(2) - subprocess.call("docker rm -f $(docker ps -a -q)", shell=True) # nosec - - if location == "images": - print("Deleting all Docker images in 2 secs (Ctrl-C to stop)") - time.sleep(2) - subprocess.call("docker rmi $(docker images -q)", shell=True) # nosec - - -@click.command( - help="Start a new PyGrid domain/network node!", - context_settings={"show_default": True}, -) -@click.argument("args", type=str, nargs=-1) -@click.option( - "--username", - default=None, - required=False, - type=str, - help="Username for provisioning the remote host", -) -@click.option( - "--key-path", - default=None, - required=False, - type=str, - help="Path to the key file for provisioning the remote host", -) -@click.option( - "--password", - default=None, - required=False, - type=str, - help="Password for provisioning the remote host", -) -@click.option( - "--repo", - default=None, - required=False, - type=str, - help="Repo to fetch source from", -) -@click.option( - "--branch", - default=None, - required=False, - type=str, - help="Branch to monitor for updates", -) -@click.option( - "--tail", - is_flag=True, - help="Tail logs on launch", -) -@click.option( - "--headless", - is_flag=True, - help="Start the frontend container", -) -@click.option( - "--cmd", - is_flag=True, - help="Print the cmd without running it", -) -@click.option( - "--jupyter", - is_flag=True, - help="Enable Jupyter Notebooks", -) -@click.option( - "--in-mem-workers", - is_flag=True, - help="Enable InMemory Workers", -) -@click.option( - "--enable-signup", - is_flag=True, - help="Enable Signup for Node", -) -@click.option( - "--build", - is_flag=True, - help="Disable forcing re-build", -) -@click.option( - "--no-provision", - is_flag=True, - help="Disable provisioning VMs", -) -@click.option( - "--node-count", - default=1, - required=False, - type=click.IntRange(1, 250), - help="Number of independent nodes/VMs to launch", -) -@click.option( - "--auth-type", - default=None, - type=click.Choice(["key", "password"], case_sensitive=False), -) -@click.option( - "--ansible-extras", - default="", - type=str, -) -@click.option("--tls", is_flag=True, help="Launch with TLS configuration") -@click.option("--test", is_flag=True, help="Launch with test configuration") -@click.option("--dev", is_flag=True, help="Shortcut for development mode") -@click.option( - "--release", - default="production", - required=False, - type=click.Choice(["production", "staging", "development"], case_sensitive=False), - help="Choose between production and development release", -) -@click.option( - "--deployment-type", - default="container_stack", - required=False, - type=click.Choice(["container_stack", "single_container"], case_sensitive=False), - help="Choose between container_stack and single_container deployment", -) -@click.option( - "--cert-store-path", - default="/home/om/certs", - required=False, - type=str, - help="Remote path to store and load TLS cert and key", -) -@click.option( - "--upload-tls-cert", - default="", - required=False, - type=str, - help="Local path to TLS cert to upload and store at --cert-store-path", -) -@click.option( - "--upload-tls-key", - default="", - required=False, - type=str, - help="Local path to TLS private key to upload and store at --cert-store-path", -) -@click.option( - "--no-blob-storage", - is_flag=True, - help="Disable blob storage", -) -@click.option( - "--image-name", - default=None, - required=False, - type=str, - help="Image to use for the VM", -) -@click.option( - "--tag", - default=None, - required=False, - type=str, - help="Container image tag to use", -) -@click.option( - "--smtp-username", - default=None, - required=False, - type=str, - help="Username used to auth in email server and enable notification via emails", -) -@click.option( - "--smtp-password", - default=None, - required=False, - type=str, - help="Password used to auth in email server and enable notification via emails", -) -@click.option( - "--smtp-port", - default=None, - required=False, - type=str, - help="Port used by email server to send notification via emails", -) -@click.option( - "--smtp-host", - default=None, - required=False, - type=str, - help="Address used by email server to send notification via emails", -) -@click.option( - "--smtp-sender", - default=None, - required=False, - type=str, - help="Sender email used to deliver PyGrid email notifications.", -) -@click.option( - "--build-src", - default=DEFAULT_BRANCH, - required=False, - type=str, - help="Git branch to use for launch / build operations", -) -@click.option( - "--platform", - default=None, - required=False, - type=str, - help="Run docker with a different platform like linux/arm64", -) -@click.option( - "--verbose", - is_flag=True, - help="Show verbose output", -) -@click.option( - "--trace", - required=False, - type=str, - help="Optional: allow trace to be turned on or off", -) -@click.option( - "--template", - required=False, - default=None, - help="Path or URL to manifest template", -) -@click.option( - "--template-overwrite", - is_flag=True, - help="Force re-downloading of template manifest", -) -@click.option( - "--no-health-checks", - is_flag=True, - help="Turn off auto health checks post node launch", -) -@click.option( - "--set-root-email", - default=None, - required=False, - type=str, - help="Set root email of node", -) -@click.option( - "--set-root-password", - default=None, - required=False, - type=str, - help="Set root password of node", -) -@click.option( - "--azure-resource-group", - default=None, - required=False, - type=str, - help="Azure Resource Group", -) -@click.option( - "--azure-location", - default=None, - required=False, - type=str, - help="Azure Resource Group Location", -) -@click.option( - "--azure-size", - default=None, - required=False, - type=str, - help="Azure VM Size", -) -@click.option( - "--azure-username", - default=None, - required=False, - type=str, - help="Azure VM Username", -) -@click.option( - "--azure-key-path", - default=None, - required=False, - type=str, - help="Azure Key Path", -) -@click.option( - "--azure-repo", - default=None, - required=False, - type=str, - help="Azure Source Repo", -) -@click.option( - "--azure-branch", - default=None, - required=False, - type=str, - help="Azure Source Branch", -) -@click.option( - "--render", - is_flag=True, - help="Render Docker Files", -) -@click.option( - "--no-warnings", - is_flag=True, - help="Enable API warnings on the node.", -) -@click.option( - "--low-side", - is_flag=True, - help="Launch a low side node type else a high side node type", -) -@click.option( - "--set-s3-username", - default=None, - required=False, - type=str, - help="Set root username for s3 blob storage", -) -@click.option( - "--set-s3-password", - default=None, - required=False, - type=str, - help="Set root password for s3 blob storage", -) -@click.option( - "--set-volume-size-limit-mb", - default=1024, - required=False, - type=click.IntRange(1024, 50000), - help="Set the volume size limit (in MBs)", -) -@click.option( - "--association-request-auto-approval", - is_flag=True, - help="Enable auto approval of association requests", -) -def launch(args: tuple[str], **kwargs: Any) -> None: - verb = get_launch_verb() - try: - grammar = parse_grammar(args=args, verb=verb) - verb.load_grammar(grammar=grammar) - except BadGrammar as e: - print(e) - return - - node_name = verb.get_named_term_type(name="node_name") - snake_name = str(node_name.snake_input) - node_type = verb.get_named_term_type(name="node_type") - - # For enclave currently it is only a single container deployment - # This would change when we have side car containers to enclave - if node_type.input == "enclave": - kwargs["deployment_type"] = "single_container" - - compose_src_path = get_compose_src_path( - node_type=node_type, - node_name=snake_name, - template_location=kwargs["template"], - **kwargs, - ) - kwargs["compose_src_path"] = compose_src_path - - try: - update_repo(repo=GIT_REPO(), branch=str(kwargs["build_src"])) - except Exception as e: - print(f"Failed to update repo. {e}") - try: - cmds = create_launch_cmd(verb=verb, kwargs=kwargs) - cmds = [cmds] if isinstance(cmds, str) else cmds - except Exception as e: - print(f"Error: {e}\n\n") - return - - dry_run = bool(kwargs["cmd"]) - - health_checks = not bool(kwargs["no_health_checks"]) - render_only = bool(kwargs["render"]) - - try: - tail = bool(kwargs["tail"]) - verbose = bool(kwargs["verbose"]) - silent = not verbose - if tail: - silent = False - - if render_only: - print( - "Docker Compose Files Rendered: {}".format(kwargs["compose_src_path"]) - ) - return - - execute_commands( - cmds, - dry_run=dry_run, - silent=silent, - compose_src_path=kwargs["compose_src_path"], - node_type=node_type.input, - ) - - host_term = verb.get_named_term_hostgrammar(name="host") - run_health_checks = ( - health_checks and not dry_run and host_term.host == "docker" and silent - ) - - if run_health_checks: - docker_cmds = cast(dict[str, list[str]], cmds) - - # get the first command (cmd1) from docker_cmds which is of the form - # {"": [cmd1, cmd2], "": [cmd3, cmd4]} - (command, *_), *_ = docker_cmds.values() - - match_port = re.search("HTTP_PORT=[0-9]{1,5}", command) - if match_port: - rich.get_console().print( - "\n[bold green]β ‹[bold blue] Checking node API [/bold blue]\t" - ) - port = match_port.group().replace("HTTP_PORT=", "") - - check_status("localhost" + ":" + port, node_name=node_name.snake_input) - - rich.get_console().print( - rich.panel.Panel.fit( - f"✨ To view container logs run [bold green]hagrid logs {node_name.snake_input}[/bold green]\t" - ) - ) - - except Exception as e: - print(f"Error: {e}\n\n") - return - - -def check_errors( - line: str, process: subprocess.Popen, cmd_name: str, progress_bar: Progress -) -> None: - task = progress_bar.tasks[0] - if "Error response from daemon: " in line: - if progress_bar: - progress_bar.update( - 0, - description=f"❌ [bold red]{cmd_name}[/bold red] [{task.completed} / {task.total}]", - refresh=True, - ) - progress_bar.update(0, visible=False) - progress_bar.console.clear_live() - progress_bar.console.quiet = True - progress_bar.stop() - console = rich.get_console() - progress_bar.console.quiet = False - console.print(f"\n\n [red] ERROR [/red]: [bold]{line}[/bold]\n") - process.terminate() - raise Exception - - -def check_pulling(line: str, cmd_name: str, progress_bar: Progress) -> None: - task = progress_bar.tasks[0] - if "Pulling" in line and "fs layer" not in line: - progress_bar.update( - 0, - description=f"[bold]{cmd_name} [{task.completed} / {task.total+1}]", - total=task.total + 1, - refresh=True, - ) - if "Pulled" in line: - progress_bar.update( - 0, - description=f"[bold]{cmd_name} [{task.completed + 1} / {task.total}]", - completed=task.completed + 1, - refresh=True, - ) - if progress_bar.finished: - progress_bar.update( - 0, - description=f"βœ… [bold green]{cmd_name} [{task.completed} / {task.total}]", - refresh=True, - ) - - -def check_building(line: str, cmd_name: str, progress_bar: Progress) -> None: - load_pattern = re.compile( - r"^#.* load build definition from [A-Za-z0-9]+\.dockerfile$", re.IGNORECASE - ) - build_pattern = re.compile( - r"^#.* naming to docker\.io/openmined/.* done$", re.IGNORECASE - ) - task = progress_bar.tasks[0] - - if load_pattern.match(line): - progress_bar.update( - 0, - description=f"[bold]{cmd_name} [{task.completed} / {task.total +1}]", - total=task.total + 1, - refresh=True, - ) - if build_pattern.match(line): - progress_bar.update( - 0, - description=f"[bold]{cmd_name} [{task.completed+1} / {task.total}]", - completed=task.completed + 1, - refresh=True, - ) - - if progress_bar.finished: - progress_bar.update( - 0, - description=f"βœ… [bold green]{cmd_name} [{task.completed} / {task.total}]", - refresh=True, - ) - - -def check_launching(line: str, cmd_name: str, progress_bar: Progress) -> None: - task = progress_bar.tasks[0] - if "Starting" in line: - progress_bar.update( - 0, - description=f" [bold]{cmd_name} [{task.completed} / {task.total+1}]", - total=task.total + 1, - refresh=True, - ) - if "Started" in line: - progress_bar.update( - 0, - description=f" [bold]{cmd_name} [{task.completed + 1} / {task.total}]", - completed=task.completed + 1, - refresh=True, - ) - if progress_bar.finished: - progress_bar.update( - 0, - description=f"βœ… [bold green]{cmd_name} [{task.completed} / {task.total}]", - refresh=True, - ) - - -DOCKER_FUNC_MAP = { - "Pulling": check_pulling, - "Building": check_building, - "Launching": check_launching, -} - - -def read_thread_logs( - progress_bar: Progress, process: subprocess.Popen, queue: Queue, cmd_name: str -) -> None: - line = queue.get() - line = str(line, encoding="utf-8").strip() - - if progress_bar: - check_errors(line, process, cmd_name, progress_bar=progress_bar) - DOCKER_FUNC_MAP[cmd_name](line, cmd_name, progress_bar=progress_bar) - - -def create_thread_logs(process: subprocess.Popen) -> Queue: - def enqueue_output(out: Any, queue: Queue) -> None: - for line in iter(out.readline, b""): - queue.put(line) - out.close() - - queue: Queue = Queue() - thread_1 = Thread(target=enqueue_output, args=(process.stdout, queue)) - thread_2 = Thread(target=enqueue_output, args=(process.stderr, queue)) - - thread_1.daemon = True # thread dies with the program - thread_1.start() - thread_2.daemon = True # thread dies with the program - thread_2.start() - return queue - - -def process_cmd( - cmds: list[str], - node_type: str, - dry_run: bool, - silent: bool, - compose_src_path: str, - progress_bar: Progress | None = None, - cmd_name: str = "", -) -> None: - process_list: list = [] - cwd = compose_src_path - - username, password = ( - extract_username_and_pass(cmds[0]) if len(cmds) > 0 else ("-", "-") - ) - # display VM credentials - console = rich.get_console() - credentials = generate_user_table(username=username, password=password) - if credentials: - console.print(credentials) - - for cmd in cmds: - if dry_run: - print(f"\nRunning:\ncd {cwd}\n", hide_password(cmd=cmd)) - continue - - # use powershell if environment is Windows - cmd_to_exec = ["powershell.exe", "-Command", cmd] if is_windows() else cmd - - try: - if len(cmds) > 1: - process = subprocess.Popen( # nosec - cmd_to_exec, - stdout=subprocess.PIPE, - stderr=subprocess.PIPE, - cwd=cwd, - shell=True, - ) - ip_address = extract_host_ip_from_cmd(cmd) - jupyter_token = extract_jupyter_token(cmd) - process_list.append((ip_address, process, jupyter_token)) - else: - display_jupyter_token(cmd) - if silent: - ON_POSIX = "posix" in sys.builtin_module_names - - process = subprocess.Popen( # nosec - cmd_to_exec, - stdout=subprocess.PIPE, - stderr=subprocess.PIPE, - cwd=cwd, - close_fds=ON_POSIX, - shell=True, - ) - - # Creates two threads to get docker stdout and sterr - logs_queue = create_thread_logs(process=process) - - read_thread_logs(progress_bar, process, logs_queue, cmd_name) - while process.poll() != 0: - while not logs_queue.empty(): - # Read stdout and sterr to check errors or update progress bar. - read_thread_logs( - progress_bar, process, logs_queue, cmd_name - ) - else: - if progress_bar: - progress_bar.stop() - - subprocess.run( # nosec - cmd_to_exec, - shell=True, - cwd=cwd, - ) - except Exception as e: - print(f"Failed to run cmd: {cmd}. {e}") - - if dry_run is False and len(process_list) > 0: - # display VM launch status - display_vm_status(process_list) - - # save vm details as json - save_vm_details_as_json(username, password, process_list) - - -def execute_commands( - cmds: list[str] | dict[str, list[str]], - node_type: str, - compose_src_path: str, - dry_run: bool = False, - silent: bool = False, -) -> None: - """Execute the launch commands and display their status in realtime. - - Args: - cmds (list): list of commands to be executed - dry_run (bool, optional): If `True` only displays cmds to be executed. Defaults to False. - """ - console = rich.get_console() - if isinstance(cmds, dict): - console.print("[bold green]β ‹[bold blue] Launching Containers [/bold blue]\t") - for cmd_name, cmd in cmds.items(): - with Progress( - SpinnerColumn(), - TextColumn("[progress.description]{task.description}"), - BarColumn(), - TextColumn("[progress.percentage]{task.percentage:.2f}% "), - console=console, - auto_refresh=True, - ) as progress: - if silent: - progress.add_task( - f"[bold green]{cmd_name} Images", - total=0, - ) - process_cmd( - cmds=cmd, - node_type=node_type, - dry_run=dry_run, - silent=silent, - compose_src_path=compose_src_path, - progress_bar=progress, - cmd_name=cmd_name, - ) - else: - process_cmd( - cmds=cmds, - node_type=node_type, - dry_run=dry_run, - silent=silent, - compose_src_path=compose_src_path, - ) - - -def display_vm_status(process_list: list) -> None: - """Display the status of the processes being executed on the VM. - - Args: - process_list (list): list of processes executed. - """ - - # Generate the table showing the status of each process being executed - status_table, process_completed = generate_process_status_table(process_list) - - # Render the live table - with Live(status_table, refresh_per_second=1) as live: - # Loop till all processes have not completed executing - while not process_completed: - status_table, process_completed = generate_process_status_table( - process_list - ) - live.update(status_table) # Update the process status table - - -def display_jupyter_token(cmd: str) -> None: - token = extract_jupyter_token(cmd=cmd) - if token is not None: - print(f"Jupyter Token: {token}") - - -def extract_username_and_pass(cmd: str) -> tuple: - # Extract username - matcher = r"--user (.+?) " - username = re.findall(matcher, cmd) - username = username[0] if len(username) > 0 else None - - # Extract password - matcher = r"ansible_ssh_pass='(.+?)'" - password = re.findall(matcher, cmd) - password = password[0] if len(password) > 0 else None - - return username, password - - -def extract_jupyter_token(cmd: str) -> str | None: - matcher = r"jupyter_token='(.+?)'" - token = re.findall(matcher, cmd) - if len(token) == 1: - return token[0] - return None - - -def hide_password(cmd: str) -> str: - try: - matcher = r"ansible_ssh_pass='(.+?)'" - passwords = re.findall(matcher, cmd) - if len(passwords) > 0: - password = passwords[0] - stars = "*" * 4 - cmd = cmd.replace( - f"ansible_ssh_pass='{password}'", f"ansible_ssh_pass='{stars}'" - ) - return cmd - except Exception as e: - print("Failed to hide password.") - raise e - - -def hide_azure_vm_password(azure_cmd: str) -> str: - try: - matcher = r"admin-password '(.+?)'" - passwords = re.findall(matcher, azure_cmd) - if len(passwords) > 0: - password = passwords[0] - stars = "*" * 4 - azure_cmd = azure_cmd.replace( - f"admin-password '{password}'", f"admin-password '{stars}'" - ) - return azure_cmd - except Exception as e: - print("Failed to hide password.") - raise e - - -class QuestionInputError(Exception): - pass - - -class QuestionInputPathError(Exception): - pass - - -class Question: - def __init__( - self, - var_name: str, - question: str, - kind: str, - default: str | None = None, - cache: bool = False, - options: list[str] | None = None, - ) -> None: - self.var_name = var_name - self.question = question - self.default = default - self.kind = kind - self.cache = cache - self.options = options if options is not None else [] - - def validate(self, value: str) -> str: - value = value.strip() - if self.default is not None and value == "": - return self.default - - if self.kind == "path": - value = os.path.expanduser(value) - if not os.path.exists(value): - error = f"{value} is not a valid path." - if self.default is not None: - error += f" Try {self.default}" - raise QuestionInputPathError(f"{error}") - - if self.kind == "yesno": - if value.lower().startswith("y"): - return "y" - elif value.lower().startswith("n"): - return "n" - else: - raise QuestionInputError(f"{value} is not an yes or no answer") - - if self.kind == "options": - if value in self.options: - return value - first_letter = value.lower()[0] - for option in self.options: - if option.startswith(first_letter): - return option - - raise QuestionInputError( - f"{value} is not one of the options: {self.options}" - ) - - if self.kind == "password": - try: - return validate_password(password=value) - except Exception as e: - raise QuestionInputError(f"Invalid password. {e}") - return value - - -def ask(question: Question, kwargs: dict[str, str]) -> str: - if question.var_name in kwargs and kwargs[question.var_name] is not None: - value = kwargs[question.var_name] - else: - if question.default is not None: - value = click.prompt(question.question, type=str, default=question.default) - elif question.var_name == "password": - value = click.prompt( - question.question, type=str, hide_input=True, confirmation_prompt=True - ) - else: - value = click.prompt(question.question, type=str) - - try: - value = question.validate(value=value) - except QuestionInputError as e: - print(e) - return ask(question=question, kwargs=kwargs) - if question.cache: - arg_cache[question.var_name] = value - - return value - - -def fix_key_permission(private_key_path: str) -> None: - key_permission = oct(stat.S_IMODE(os.stat(private_key_path).st_mode)) - chmod_permission = "400" - octal_permission = f"0o{chmod_permission}" - if key_permission != octal_permission: - print( - f"Fixing key permission: {private_key_path}, setting to {chmod_permission}" - ) - try: - os.chmod(private_key_path, int(octal_permission, 8)) - except Exception as e: - print("Failed to fix key permission", e) - raise e - - -def private_to_public_key(private_key_path: str, temp_path: str, username: str) -> str: - # check key permission - fix_key_permission(private_key_path=private_key_path) - output_path = f"{temp_path}/hagrid_{username}_key.pub" - cmd = f"ssh-keygen -f {private_key_path} -y > {output_path}" - try: - subprocess.check_call(cmd, shell=True) # nosec - except Exception as e: - print("failed to make ssh key", e) - raise e - return output_path - - -def check_azure_authed() -> bool: - cmd = "az account show" - try: - subprocess.check_call(cmd, shell=True, stdout=subprocess.DEVNULL) # nosec - return True - except Exception: # nosec - pass - return False - - -def login_azure() -> bool: - cmd = "az login" - try: - subprocess.check_call(cmd, shell=True, stdout=subprocess.DEVNULL) # nosec - return True - except Exception: # nosec - pass - return False - - -def check_azure_cli_installed() -> bool: - try: - result = subprocess.run( # nosec - ["az", "--version"], stdout=subprocess.DEVNULL, stderr=subprocess.STDOUT - ) - if result.returncode != 0: - raise FileNotFoundError("az not installed") - except Exception: # nosec - msg = "\nYou don't appear to have the Azure CLI installed!!! \n\n\ -Please install it and then retry your command.\ -\n\nInstallation Instructions: https://docs.microsoft.com/en-us/cli/azure/install-azure-cli\n" - raise FileNotFoundError(msg) - - return True - - -def check_gcloud_cli_installed() -> bool: - try: - subprocess.call(["gcloud", "version"]) # nosec - print("Gcloud cli installed!") - except FileNotFoundError: - msg = "\nYou don't appear to have the gcloud CLI tool installed! \n\n\ -Please install it and then retry again.\ -\n\nInstallation Instructions: https://cloud.google.com/sdk/docs/install-sdk \n" - raise FileNotFoundError(msg) - - return True - - -def check_aws_cli_installed() -> bool: - try: - result = subprocess.run( # nosec - ["aws", "--version"], stdout=subprocess.DEVNULL, stderr=subprocess.STDOUT - ) - if result.returncode != 0: - raise FileNotFoundError("AWS CLI not installed") - except Exception: # nosec - msg = "\nYou don't appear to have the AWS CLI installed! \n\n\ -Please install it and then retry your command.\ -\n\nInstallation Instructions: https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html\n" - raise FileNotFoundError(msg) - - return True - - -def check_gcloud_authed() -> bool: - try: - result = subprocess.run( # nosec - ["gcloud", "auth", "print-identity-token"], stdout=subprocess.PIPE - ) - if result.returncode == 0: - return True - except Exception: # nosec - pass - return False - - -def login_gcloud() -> bool: - cmd = "gcloud auth login" - try: - subprocess.check_call(cmd, shell=True, stdout=subprocess.DEVNULL) # nosec - return True - except Exception: # nosec - pass - return False - - -def str_to_bool(bool_str: str | None) -> bool: - result = False - bool_str = str(bool_str).lower() - if bool_str == "true" or bool_str == "1": - result = True - return result - - -ART = str_to_bool(os.environ.get("HAGRID_ART", "True")) - - -def generate_gcloud_key_at_path(key_path: str) -> str: - key_path = os.path.expanduser(key_path) - if os.path.exists(key_path): - raise Exception(f"Can't generate key since path already exists. {key_path}") - else: - # triggers a key check - cmd = "gcloud compute ssh '' --dry-run" - try: - subprocess.check_call(cmd, shell=True) # nosec - except Exception: # nosec - pass - if not os.path.exists(key_path): - raise Exception(f"gcloud failed to generate ssh-key at: {key_path}") - - return key_path - - -def generate_aws_key_at_path(key_path: str, key_name: str) -> str: - key_path = os.path.expanduser(key_path) - if os.path.exists(key_path): - raise Exception(f"Can't generate key since path already exists. {key_path}") - else: - # TODO we need to do differently for powershell. - # Ex: aws ec2 create-key-pair --key-name MyKeyPair --query 'KeyMaterial' - # --output text | out-file -encoding ascii -filepath MyKeyPair.pem - - print(f"Creating AWS key pair with name {key_name} at path {key_path}..") - cmd = f"aws ec2 create-key-pair --key-name {key_name} --query 'KeyMaterial' --output text > {key_path}" - try: - subprocess.check_call(cmd, shell=True) # nosec - subprocess.check_call(f"chmod 400 {key_path}", shell=True) # nosec - except Exception as e: # nosec - print(f"Failed to create key: {e}") - if not os.path.exists(key_path): - raise Exception(f"AWS failed to generate key pair at: {key_path}") - - return key_path - - -def generate_key_at_path(key_path: str) -> str: - key_path = os.path.expanduser(key_path) - if os.path.exists(key_path): - raise Exception(f"Can't generate key since path already exists. {key_path}") - else: - cmd = f"ssh-keygen -N '' -f {key_path}" - try: - subprocess.check_call(cmd, shell=True) # nosec - if not os.path.exists(key_path): - raise Exception(f"Failed to generate ssh-key at: {key_path}") - except Exception as e: - raise e - - return key_path - - -def validate_password(password: str) -> str: - """Validate if the password entered by the user is valid. - - Password length should be between 12 - 123 characters - Passwords must also meet 3 out of the following 4 complexity requirements: - - Have lower characters - - Have upper characters - - Have a digit - - Have a special character - - Args: - password (str): password for the vm - - Returns: - str: password if it is valid - """ - # Validate password length - if len(password) < 12 or len(password) > 123: - raise ValueError("Password length should be between 12 - 123 characters") - - # Valid character types - character_types = { - "upper_case": False, - "lower_case": False, - "digit": False, - "special": False, - } - - for ch in password: - if ch.islower(): - character_types["lower_case"] = True - elif ch.isupper(): - character_types["upper_case"] = True - elif ch.isdigit(): - character_types["digit"] = True - elif ch.isascii(): - character_types["special"] = True - else: - raise ValueError(f"{ch} is not a valid character for password") - - # Validate characters in the password - required_character_type_count = sum( - [int(value) for value in character_types.values()] - ) - - if required_character_type_count >= 3: - return password - - absent_character_types = ", ".join( - char_type for char_type, value in character_types.items() if value is False - ).strip(", ") - - raise ValueError( - f"At least one {absent_character_types} character types must be present" - ) - - -def create_launch_cmd( - verb: GrammarVerb, - kwargs: dict[str, Any], - ignore_docker_version_check: bool | None = False, -) -> str | list[str] | dict[str, list[str]]: - parsed_kwargs: dict[str, Any] = {} - host_term = verb.get_named_term_hostgrammar(name="host") - - host = host_term.host - auth: AuthCredentials | None = None - - tail = bool(kwargs["tail"]) - - parsed_kwargs = {} - - parsed_kwargs["build"] = bool(kwargs["build"]) - - parsed_kwargs["use_blob_storage"] = not bool(kwargs["no_blob_storage"]) - - parsed_kwargs["in_mem_workers"] = bool(kwargs["in_mem_workers"]) - - if parsed_kwargs["use_blob_storage"]: - parsed_kwargs["set_s3_username"] = kwargs["set_s3_username"] - parsed_kwargs["set_s3_password"] = kwargs["set_s3_password"] - parsed_kwargs["set_volume_size_limit_mb"] = kwargs["set_volume_size_limit_mb"] - - parsed_kwargs["association_request_auto_approval"] = str( - kwargs["association_request_auto_approval"] - ) - - parsed_kwargs["node_count"] = ( - int(kwargs["node_count"]) if "node_count" in kwargs else 1 - ) - - if parsed_kwargs["node_count"] > 1 and host not in ["azure"]: - print("\nArgument `node_count` is only supported with `azure`.\n") - else: - # Default to detached mode if running more than one nodes - tail = False if parsed_kwargs["node_count"] > 1 else tail - - headless = bool(kwargs["headless"]) - parsed_kwargs["headless"] = headless - - parsed_kwargs["tls"] = bool(kwargs["tls"]) - parsed_kwargs["test"] = bool(kwargs["test"]) - parsed_kwargs["dev"] = bool(kwargs["dev"]) - - parsed_kwargs["silent"] = not bool(kwargs["verbose"]) - - parsed_kwargs["trace"] = False - if ("trace" not in kwargs or kwargs["trace"] is None) and parsed_kwargs["dev"]: - # default to trace on in dev mode - parsed_kwargs["trace"] = False - elif "trace" in kwargs: - parsed_kwargs["trace"] = str_to_bool(cast(str, kwargs["trace"])) - - parsed_kwargs["release"] = "production" - if "release" in kwargs and kwargs["release"] != "production": - parsed_kwargs["release"] = kwargs["release"] - - # if we use --dev override it - if parsed_kwargs["dev"] is True: - parsed_kwargs["release"] = "development" - - # derive node type - if kwargs["low_side"]: - parsed_kwargs["node_side_type"] = NodeSideType.LOW_SIDE.value - else: - parsed_kwargs["node_side_type"] = NodeSideType.HIGH_SIDE.value - - parsed_kwargs["smtp_username"] = kwargs["smtp_username"] - parsed_kwargs["smtp_password"] = kwargs["smtp_password"] - parsed_kwargs["smtp_port"] = kwargs["smtp_port"] - parsed_kwargs["smtp_host"] = kwargs["smtp_host"] - parsed_kwargs["smtp_sender"] = kwargs["smtp_sender"] - - parsed_kwargs["enable_warnings"] = not kwargs["no_warnings"] - - # choosing deployment type - parsed_kwargs["deployment_type"] = "container_stack" - if "deployment_type" in kwargs and kwargs["deployment_type"] is not None: - parsed_kwargs["deployment_type"] = kwargs["deployment_type"] - - if "cert_store_path" in kwargs: - parsed_kwargs["cert_store_path"] = kwargs["cert_store_path"] - if "upload_tls_cert" in kwargs: - parsed_kwargs["upload_tls_cert"] = kwargs["upload_tls_cert"] - if "upload_tls_key" in kwargs: - parsed_kwargs["upload_tls_key"] = kwargs["upload_tls_key"] - - parsed_kwargs["provision"] = not bool(kwargs["no_provision"]) - - if "image_name" in kwargs and kwargs["image_name"] is not None: - parsed_kwargs["image_name"] = kwargs["image_name"] - else: - parsed_kwargs["image_name"] = "default" - - if parsed_kwargs["dev"] is True: - parsed_kwargs["tag"] = "local" - else: - if "tag" in kwargs and kwargs["tag"] is not None and kwargs["tag"] != "": - parsed_kwargs["tag"] = kwargs["tag"] - else: - parsed_kwargs["tag"] = "latest" - - if "jupyter" in kwargs and kwargs["jupyter"] is not None: - parsed_kwargs["jupyter"] = str_to_bool(cast(str, kwargs["jupyter"])) - else: - parsed_kwargs["jupyter"] = False - - # allows changing docker platform to other cpu architectures like arm64 - parsed_kwargs["platform"] = kwargs["platform"] if "platform" in kwargs else None - - parsed_kwargs["tail"] = tail - - parsed_kwargs["set_root_password"] = ( - kwargs["set_root_password"] if "set_root_password" in kwargs else None - ) - - parsed_kwargs["set_root_email"] = ( - kwargs["set_root_email"] if "set_root_email" in kwargs else None - ) - - parsed_kwargs["template"] = kwargs["template"] if "template" in kwargs else None - parsed_kwargs["template_overwrite"] = bool(kwargs["template_overwrite"]) - - parsed_kwargs["compose_src_path"] = kwargs["compose_src_path"] - - parsed_kwargs["enable_signup"] = str_to_bool(cast(str, kwargs["enable_signup"])) - - # Override template tag with user input tag - if ( - parsed_kwargs["tag"] is not None - and parsed_kwargs["template"] is None - and parsed_kwargs["tag"] not in ["local"] - ): - # third party - from packaging import version - - pattern = r"[0-9].[0-9].[0-9]" - input_tag = parsed_kwargs["tag"] - if ( - not re.match(pattern, input_tag) - and input_tag != "latest" - and input_tag != "beta" - and "b" not in input_tag - ): - raise Exception( - f"Not a valid tag: {parsed_kwargs['tag']}" - + "\nValid tags: latest, beta, beta version(ex: 0.8.2b35),[0-9].[0-9].[0-9]" - ) - - # TODO: we need to redo this so that pypi and docker mappings are in a single - # file inside dev - if parsed_kwargs["tag"] == "latest": - parsed_kwargs["template"] = LATEST_STABLE_SYFT - parsed_kwargs["tag"] = LATEST_STABLE_SYFT - elif parsed_kwargs["tag"] == "beta" or "b" in parsed_kwargs["tag"]: - tag = ( - LATEST_BETA_SYFT - if parsed_kwargs["tag"] == "beta" - else parsed_kwargs["tag"] - ) - - # Currently, manifest_template.yml is only supported for beta versions >= 0.8.2b34 - beta_version = version.parse(tag) - MINIMUM_BETA_VERSION = "0.8.2b34" - if beta_version < version.parse(MINIMUM_BETA_VERSION): - raise Exception( - f"Minimum beta version tag supported is {MINIMUM_BETA_VERSION}" - ) - - # Check if the beta version is available - template_url = f"https://github.com/OpenMined/PySyft/releases/download/v{str(beta_version)}/manifest_template.yml" - response = requests.get(template_url) # nosec - if response.status_code != 200: - raise Exception( - f"Tag {parsed_kwargs['tag']} is not available" - + " \n for download. Please check the available tags at: " - + "\n https://github.com/OpenMined/PySyft/releases" - ) - - parsed_kwargs["template"] = template_url - parsed_kwargs["tag"] = tag - else: - MINIMUM_TAG_VERSION = version.parse("0.8.0") - tag = version.parse(parsed_kwargs["tag"]) - if tag < MINIMUM_TAG_VERSION: - raise Exception( - f"Minimum supported stable tag version is {MINIMUM_TAG_VERSION}" - ) - parsed_kwargs["template"] = parsed_kwargs["tag"] - - if host in ["docker"] and parsed_kwargs["template"] and host is not None: - # Setup the files from the manifest_template.yml - kwargs = setup_from_manifest_template( - host_type=host, - deployment_type=parsed_kwargs["deployment_type"], - template_location=parsed_kwargs["template"], - overwrite=parsed_kwargs["template_overwrite"], - verbose=kwargs["verbose"], - ) - - parsed_kwargs.update(kwargs) - - if host in ["docker"]: - # Check docker service status - if not ignore_docker_version_check: - check_docker_service_status() - - # Check grid docker versions - if not ignore_docker_version_check: - check_grid_docker(display=True, output_in_text=True) - - if not ignore_docker_version_check: - version = check_docker_version() - else: - version = "n/a" - - if version: - # If the user is using docker desktop (OSX/Windows), check to make sure there's enough RAM. - # If the user is using Linux this isn't an issue because Docker scales to the avaialble RAM, - # but on Docker Desktop it defaults to 2GB which isn't enough. - dd_memory = docker_desktop_memory() - if dd_memory < 8192 and dd_memory != -1: - raise Exception( - "You appear to be using Docker Desktop but don't have " - "enough memory allocated. It appears you've configured " - f"Memory:{dd_memory} MB when 8192MB (8GB) is required. " - f"Please open Docker Desktop Preferences panel and set Memory" - f" to 8GB or higher. \n\n" - f"\tOSX Help: https://docs.docker.com/desktop/mac/\n" - f"\tWindows Help: https://docs.docker.com/desktop/windows/\n\n" - f"Then re-run your hagrid command.\n\n" - f"If you see this warning on Linux then something isn't right. " - f"Please file a Github Issue on PySyft's Github.\n\n" - f"Alternatively in case no more memory could be allocated, " - f"you can run hagrid on the cloud with GitPod by visiting " - f"https://gitpod.io/#https://github.com/OpenMined/PySyft." - ) - - if is_windows() and not DEPENDENCIES["wsl"]: - raise Exception( - "You must install wsl2 for Windows to use HAGrid.\n" - "In PowerShell or Command Prompt type:\n> wsl --install\n\n" - "Read more here: https://docs.microsoft.com/en-us/windows/wsl/install" - ) - - return create_launch_docker_cmd( - verb=verb, - docker_version=version, - tail=tail, - kwargs=parsed_kwargs, - silent=parsed_kwargs["silent"], - ) - - elif host in ["azure"]: - check_azure_cli_installed() - - while not check_azure_authed(): - print("You need to log into Azure") - login_azure() - - if DEPENDENCIES["ansible-playbook"]: - resource_group = ask( - question=Question( - var_name="azure_resource_group", - question="What resource group name do you want to use (or create)?", - default=arg_cache["azure_resource_group"], - kind="string", - cache=True, - ), - kwargs=kwargs, - ) - - location = ask( - question=Question( - var_name="azure_location", - question="If this is a new resource group what location?", - default=arg_cache["azure_location"], - kind="string", - cache=True, - ), - kwargs=kwargs, - ) - - size = ask( - question=Question( - var_name="azure_size", - question="What size machine?", - default=arg_cache["azure_size"], - kind="string", - cache=True, - ), - kwargs=kwargs, - ) - - username = ask( - question=Question( - var_name="azure_username", - question="What do you want the username for the VM to be?", - default=arg_cache["azure_username"], - kind="string", - cache=True, - ), - kwargs=kwargs, - ) - - parsed_kwargs["auth_type"] = ask( - question=Question( - var_name="auth_type", - question="Do you want to login with a key or password", - default=arg_cache["auth_type"], - kind="option", - options=["key", "password"], - cache=True, - ), - kwargs=kwargs, - ) - - key_path = None - if parsed_kwargs["auth_type"] == "key": - key_path_question = Question( - var_name="azure_key_path", - question=f"Absolute path of the private key to access {username}@{host}?", - default=arg_cache["azure_key_path"], - kind="path", - cache=True, - ) - try: - key_path = ask( - key_path_question, - kwargs=kwargs, - ) - except QuestionInputPathError as e: - print(e) - key_path = str(e).split("is not a valid path")[0].strip() - - create_key_question = Question( - var_name="azure_key_path", - question=f"Key {key_path} does not exist. Do you want to create it? (y/n)", - default="y", - kind="yesno", - ) - create_key = ask( - create_key_question, - kwargs=kwargs, - ) - if create_key == "y": - key_path = generate_key_at_path(key_path=key_path) - else: - raise QuestionInputError( - "Unable to create VM without a private key" - ) - elif parsed_kwargs["auth_type"] == "password": - auto_generate_password = ask( - question=Question( - var_name="auto_generate_password", - question="Do you want to auto-generate the password? (y/n)", - kind="yesno", - ), - kwargs=kwargs, - ) - if auto_generate_password == "y": # nosec - parsed_kwargs["password"] = generate_sec_random_password(length=16) - elif auto_generate_password == "n": # nosec - parsed_kwargs["password"] = ask( - question=Question( - var_name="password", - question=f"Password for {username}@{host}?", - kind="password", - ), - kwargs=kwargs, - ) - - repo = ask( - Question( - var_name="azure_repo", - question="Repo to fetch source from?", - default=arg_cache["azure_repo"], - kind="string", - cache=True, - ), - kwargs=kwargs, - ) - branch = ask( - Question( - var_name="azure_branch", - question="Branch to monitor for updates?", - default=arg_cache["azure_branch"], - kind="string", - cache=True, - ), - kwargs=kwargs, - ) - - use_branch(branch=branch) - - password = parsed_kwargs.get("password") - - auth = AuthCredentials( - username=username, key_path=key_path, password=password - ) - - if not auth.valid: - raise Exception(f"Login Credentials are not valid. {auth}") - - return create_launch_azure_cmd( - verb=verb, - resource_group=resource_group, - location=location, - size=size, - username=username, - password=password, - key_path=key_path, - repo=repo, - branch=branch, - auth=auth, - ansible_extras=kwargs["ansible_extras"], - kwargs=parsed_kwargs, - ) - else: - errors = [] - if not DEPENDENCIES["ansible-playbook"]: - errors.append("ansible-playbook") - msg = "\nERROR!!! MISSING DEPENDENCY!!!" - msg += f"\n\nLaunching a Cloud VM requires: {' '.join(errors)}" - msg += "\n\nPlease follow installation instructions: " - msg += "https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#" - msg += "\n\nNote: we've found the 'conda' based installation instructions to work best" - msg += " (e.g. something lke 'conda install -c conda-forge ansible'). " - msg += "The pip based instructions seem to be a bit buggy if you're using a conda environment" - msg += "\n" - raise MissingDependency(msg) - - elif host in ["gcp"]: - check_gcloud_cli_installed() - - while not check_gcloud_authed(): - print("You need to log into Google Cloud") - login_gcloud() - - if DEPENDENCIES["ansible-playbook"]: - project_id = ask( - question=Question( - var_name="gcp_project_id", - question="What PROJECT ID do you want to use?", - default=arg_cache["gcp_project_id"], - kind="string", - cache=True, - ), - kwargs=kwargs, - ) - - zone = ask( - question=Question( - var_name="gcp_zone", - question="What zone do you want your VM in?", - default=arg_cache["gcp_zone"], - kind="string", - cache=True, - ), - kwargs=kwargs, - ) - - machine_type = ask( - question=Question( - var_name="gcp_machine_type", - question="What size machine?", - default=arg_cache["gcp_machine_type"], - kind="string", - cache=True, - ), - kwargs=kwargs, - ) - - username = ask( - question=Question( - var_name="gcp_username", - question="What is your shell username?", - default=arg_cache["gcp_username"], - kind="string", - cache=True, - ), - kwargs=kwargs, - ) - - key_path_question = Question( - var_name="gcp_key_path", - question=f"Private key to access user@{host}?", - default=arg_cache["gcp_key_path"], - kind="path", - cache=True, - ) - try: - key_path = ask( - key_path_question, - kwargs=kwargs, - ) - except QuestionInputPathError as e: - print(e) - key_path = str(e).split("is not a valid path")[0].strip() - - create_key_question = Question( - var_name="gcp_key_path", - question=f"Key {key_path} does not exist. Do you want gcloud to make it? (y/n)", - default="y", - kind="yesno", - ) - create_key = ask( - create_key_question, - kwargs=kwargs, - ) - if create_key == "y": - key_path = generate_gcloud_key_at_path(key_path=key_path) - else: - raise QuestionInputError( - "Unable to create VM without a private key" - ) - - repo = ask( - Question( - var_name="gcp_repo", - question="Repo to fetch source from?", - default=arg_cache["gcp_repo"], - kind="string", - cache=True, - ), - kwargs=kwargs, - ) - branch = ask( - Question( - var_name="gcp_branch", - question="Branch to monitor for updates?", - default=arg_cache["gcp_branch"], - kind="string", - cache=True, - ), - kwargs=kwargs, - ) - - use_branch(branch=branch) - - auth = AuthCredentials(username=username, key_path=key_path) - - return create_launch_gcp_cmd( - verb=verb, - project_id=project_id, - zone=zone, - machine_type=machine_type, - repo=repo, - auth=auth, - branch=branch, - ansible_extras=kwargs["ansible_extras"], - kwargs=parsed_kwargs, - ) - else: - errors = [] - if not DEPENDENCIES["ansible-playbook"]: - errors.append("ansible-playbook") - msg = "\nERROR!!! MISSING DEPENDENCY!!!" - msg += f"\n\nLaunching a Cloud VM requires: {' '.join(errors)}" - msg += "\n\nPlease follow installation instructions: " - msg += "https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#" - msg += "\n\nNote: we've found the 'conda' based installation instructions to work best" - msg += " (e.g. something lke 'conda install -c conda-forge ansible'). " - msg += "The pip based instructions seem to be a bit buggy if you're using a conda environment" - msg += "\n" - raise MissingDependency(msg) - - elif host in ["aws"]: - check_aws_cli_installed() - - if DEPENDENCIES["ansible-playbook"]: - aws_region = ask( - question=Question( - var_name="aws_region", - question="In what region do you want to deploy the EC2 instance?", - default=arg_cache["aws_region"], - kind="string", - cache=True, - ), - kwargs=kwargs, - ) - aws_security_group_name = ask( - question=Question( - var_name="aws_security_group_name", - question="Name of the security group to be created?", - default=arg_cache["aws_security_group_name"], - kind="string", - cache=True, - ), - kwargs=kwargs, - ) - aws_security_group_cidr = ask( - question=Question( - var_name="aws_security_group_cidr", - question="What IP addresses to allow for incoming network traffic? Please use CIDR notation", - default=arg_cache["aws_security_group_cidr"], - kind="string", - cache=True, - ), - kwargs=kwargs, - ) - ec2_instance_type = ask( - question=Question( - var_name="aws_ec2_instance_type", - question="What EC2 instance type do you want to deploy?", - default=arg_cache["aws_ec2_instance_type"], - kind="string", - cache=True, - ), - kwargs=kwargs, - ) - - aws_key_name = ask( - question=Question( - var_name="aws_key_name", - question="Enter the name of the key pair to use to connect to the EC2 instance", - kind="string", - cache=True, - ), - kwargs=kwargs, - ) - - key_path_qn_str = ( - "Please provide the path of the private key to connect to the instance" - ) - key_path_qn_str += " (if it does not exist, this path corresponds to " - key_path_qn_str += "where you want to store the key upon creation)" - key_path_question = Question( - var_name="aws_key_path", - question=key_path_qn_str, - kind="path", - cache=True, - ) - try: - key_path = ask( - key_path_question, - kwargs=kwargs, - ) - except QuestionInputPathError as e: - print(e) - key_path = str(e).split("is not a valid path")[0].strip() - - create_key_question = Question( - var_name="aws_key_path", - question=f"Key {key_path} does not exist. Do you want AWS to make it? (y/n)", - default="y", - kind="yesno", - ) - create_key = ask( - create_key_question, - kwargs=kwargs, - ) - if create_key == "y": - key_path = generate_aws_key_at_path( - key_path=key_path, key_name=aws_key_name - ) - else: - raise QuestionInputError( - "Unable to create EC2 instance without key" - ) - - repo = ask( - Question( - var_name="aws_repo", - question="Repo to fetch source from?", - default=arg_cache["aws_repo"], - kind="string", - cache=True, - ), - kwargs=kwargs, - ) - branch = ask( - Question( - var_name="aws_branch", - question="Branch to monitor for updates?", - default=arg_cache["aws_branch"], - kind="string", - cache=True, - ), - kwargs=kwargs, - ) - - use_branch(branch=branch) - - username = arg_cache["aws_ec2_instance_username"] - auth = AuthCredentials(username=username, key_path=key_path) - - return create_launch_aws_cmd( - verb=verb, - region=aws_region, - ec2_instance_type=ec2_instance_type, - security_group_name=aws_security_group_name, - aws_security_group_cidr=aws_security_group_cidr, - key_path=key_path, - key_name=aws_key_name, - repo=repo, - branch=branch, - ansible_extras=kwargs["ansible_extras"], - kwargs=parsed_kwargs, - ami_id=arg_cache["aws_image_id"], - username=username, - auth=auth, - ) - - else: - errors = [] - if not DEPENDENCIES["ansible-playbook"]: - errors.append("ansible-playbook") - msg = "\nERROR!!! MISSING DEPENDENCY!!!" - msg += f"\n\nLaunching a Cloud VM requires: {' '.join(errors)}" - msg += "\n\nPlease follow installation instructions: " - msg += "https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#" - msg += "\n\nNote: we've found the 'conda' based installation instructions to work best" - msg += " (e.g. something lke 'conda install -c conda-forge ansible'). " - msg += "The pip based instructions seem to be a bit buggy if you're using a conda environment" - msg += "\n" - raise MissingDependency(msg) - else: - if DEPENDENCIES["ansible-playbook"]: - if host != "localhost": - parsed_kwargs["username"] = ask( - question=Question( - var_name="username", - question=f"Username for {host} with sudo privledges?", - default=arg_cache["username"], - kind="string", - cache=True, - ), - kwargs=kwargs, - ) - parsed_kwargs["auth_type"] = ask( - question=Question( - var_name="auth_type", - question="Do you want to login with a key or password", - default=arg_cache["auth_type"], - kind="option", - options=["key", "password"], - cache=True, - ), - kwargs=kwargs, - ) - if parsed_kwargs["auth_type"] == "key": - parsed_kwargs["key_path"] = ask( - question=Question( - var_name="key_path", - question=f"Private key to access {parsed_kwargs['username']}@{host}?", - default=arg_cache["key_path"], - kind="path", - cache=True, - ), - kwargs=kwargs, - ) - elif parsed_kwargs["auth_type"] == "password": - parsed_kwargs["password"] = ask( - question=Question( - var_name="password", - question=f"Password for {parsed_kwargs['username']}@{host}?", - kind="password", - ), - kwargs=kwargs, - ) - - parsed_kwargs["repo"] = ask( - question=Question( - var_name="repo", - question="Repo to fetch source from?", - default=arg_cache["repo"], - kind="string", - cache=True, - ), - kwargs=kwargs, - ) - - parsed_kwargs["branch"] = ask( - Question( - var_name="branch", - question="Branch to monitor for updates?", - default=arg_cache["branch"], - kind="string", - cache=True, - ), - kwargs=kwargs, - ) - - auth = None - if host != "localhost": - if parsed_kwargs["auth_type"] == "key": - auth = AuthCredentials( - username=parsed_kwargs["username"], - key_path=parsed_kwargs["key_path"], - ) - else: - auth = AuthCredentials( - username=parsed_kwargs["username"], - key_path=parsed_kwargs["password"], - ) - if not auth.valid: - raise Exception(f"Login Credentials are not valid. {auth}") - parsed_kwargs["ansible_extras"] = kwargs["ansible_extras"] - return create_launch_custom_cmd(verb=verb, auth=auth, kwargs=parsed_kwargs) - else: - errors = [] - if not DEPENDENCIES["ansible-playbook"]: - errors.append("ansible-playbook") - raise MissingDependency( - f"Launching a Custom VM requires: {' '.join(errors)}" - ) - - host_options = ", ".join(allowed_hosts) - raise MissingDependency( - f"Launch requires a correct host option, try: {host_options}" - ) - - -def pull_command(cmd: str, kwargs: dict[str, Any]) -> list[str]: - pull_cmd = str(cmd) - if kwargs["release"] == "production": - pull_cmd += " --file docker-compose.yml" - else: - pull_cmd += " --file docker-compose.pull.yml" - pull_cmd += " pull --ignore-pull-failures" # ignore missing version from Dockerhub - return [pull_cmd] - - -def build_command(cmd: str) -> list[str]: - build_cmd = str(cmd) - build_cmd += " --file docker-compose.build.yml" - build_cmd += " build" - return [build_cmd] - - -def deploy_command(cmd: str, tail: bool, dev_mode: bool) -> list[str]: - up_cmd = str(cmd) - up_cmd += " --file docker-compose.dev.yml" if dev_mode else "" - up_cmd += " up" - if not tail: - up_cmd += " -d" - return [up_cmd] - - -def create_launch_docker_cmd( - verb: GrammarVerb, - docker_version: str, - kwargs: dict[str, Any], - tail: bool = True, - silent: bool = False, -) -> dict[str, list[str]]: - host_term = verb.get_named_term_hostgrammar(name="host") - node_name = verb.get_named_term_type(name="node_name") - node_type = verb.get_named_term_type(name="node_type") - - snake_name = str(node_name.snake_input) - tag = name_tag(name=str(node_name.input)) - - if ART and not silent: - hagrid() - - print( - "Launching a PyGrid " - + str(node_type.input).capitalize() - + " node on port " - + str(host_term.free_port) - + "!\n" - ) - - version_string = kwargs["tag"] - version_hash = "dockerhub" - build = kwargs["build"] - - # if in development mode, generate a version_string which is either - # the one you inputed concatenated with -dev or the contents of the VERSION file - version = GRID_SRC_VERSION() - if "release" in kwargs and kwargs["release"] == "development": - # force version to have -dev at the end in dev mode - # during development we can use the latest beta version - if version_string is None: - version_string = version[0] - version_string += "-dev" - version_hash = version[1] - build = True - else: - # whereas if in production mode and tag == "local" use the local VERSION file - # or if its not set somehow, which should never happen, use stable - # otherwise use the kwargs["tag"] from above - - # during production the default would be stable - if version_string == "local": - # this can be used in VMs in production to auto update from src - version_string = version[0] - version_hash = version[1] - build = True - elif version_string is None: - version_string = "latest" - - if platform.uname().machine.lower() in ["x86_64", "amd64"]: - docker_platform = "linux/amd64" - else: - docker_platform = "linux/arm64" - - if "platform" in kwargs and kwargs["platform"] is not None: - docker_platform = kwargs["platform"] - - if kwargs["template"]: - _, template_hash = get_template_yml(kwargs["template"]) - template_dir = manifest_cache_path(template_hash) - template_grid_dir = f"{template_dir}/packages/grid" - else: - template_grid_dir = GRID_SRC_PATH() - - compose_src_path = kwargs["compose_src_path"] - if not compose_src_path: - compose_src_path = get_compose_src_path( - node_type=node_type, - node_name=snake_name, - template_location=kwargs["template"], - **kwargs, - ) - - default_env = f"{template_grid_dir}/default.env" - if not os.path.exists(default_env): - # old path - default_env = f"{template_grid_dir}/.env" - default_envs = {} - with open(default_env) as f: - for line in f.readlines(): - if "=" in line: - parts = line.strip().split("=") - key = parts[0] - value = "" - if len(parts) > 1: - value = parts[1] - default_envs[key] = value - - single_container_mode = kwargs["deployment_type"] == "single_container" - in_mem_workers = kwargs.get("in_mem_workers") - smtp_username = kwargs.get("smtp_username") - smtp_sender = kwargs.get("smtp_sender") - smtp_password = kwargs.get("smtp_password") - smtp_port = kwargs.get("smtp_port") - if smtp_port is None or smtp_port == "": - smtp_port = int(default_envs["SMTP_PORT"]) - smtp_host = kwargs.get("smtp_host") - - print(" - NAME: " + str(snake_name)) - print(" - TEMPLATE DIR: " + template_grid_dir) - if compose_src_path: - print(" - COMPOSE SOURCE: " + compose_src_path) - print(" - RELEASE: " + f'{kwargs["node_side_type"]}-{kwargs["release"]}') - print(" - DEPLOYMENT:", kwargs["deployment_type"]) - print(" - ARCH: " + docker_platform) - print(" - TYPE: " + str(node_type.input)) - print(" - DOCKER_TAG: " + version_string) - if version_hash != "dockerhub": - print(" - GIT_HASH: " + version_hash) - print(" - HAGRID_VERSION: " + get_version_string()) - if EDITABLE_MODE: - print(" - HAGRID_REPO_SHA: " + commit_hash()) - print(" - PORT: " + str(host_term.free_port)) - print(" - DOCKER COMPOSE: " + docker_version) - print(" - IN-MEMORY WORKERS: " + str(in_mem_workers)) - print("\n") - - use_blob_storage = ( - False - if str(node_type.input) in ["network", "gateway"] - else bool(kwargs["use_blob_storage"]) - ) - - # use a docker volume - host_path = "credentials-data" - - # # in development use a folder mount - # if kwargs.get("release", "") == "development": - # RELATIVE_PATH = "" - # # if EDITABLE_MODE: - # # RELATIVE_PATH = "../" - # # we might need to change this for the hagrid template mode - # host_path = f"{RELATIVE_PATH}./data/storage/{snake_name}" - - envs = { - "RELEASE": "production", - "COMPOSE_DOCKER_CLI_BUILD": 1, - "DOCKER_BUILDKIT": 1, - "HTTP_PORT": int(host_term.free_port), - "HTTPS_PORT": int(host_term.free_port_tls), - "TRAEFIK_TAG": str(tag), - "NODE_NAME": str(snake_name), - "NODE_TYPE": str(node_type.input), - "TRAEFIK_PUBLIC_NETWORK_IS_EXTERNAL": "False", - "VERSION": version_string, - "VERSION_HASH": version_hash, - "USE_BLOB_STORAGE": str(use_blob_storage), - "FRONTEND_TARGET": "grid-ui-production", - "STACK_API_KEY": str( - generate_sec_random_password(length=48, special_chars=False) - ), - "CREDENTIALS_VOLUME": host_path, - "NODE_SIDE_TYPE": kwargs["node_side_type"], - "SINGLE_CONTAINER_MODE": single_container_mode, - "INMEMORY_WORKERS": in_mem_workers, - } - - if smtp_host and smtp_port and smtp_username and smtp_password: - envs["SMTP_HOST"] = smtp_host - envs["SMTP_PORT"] = smtp_port - envs["SMTP_USERNAME"] = smtp_username - envs["SMTP_PASSWORD"] = smtp_password - envs["EMAIL_SENDER"] = smtp_sender - - if "trace" in kwargs and kwargs["trace"] is True: - envs["TRACE"] = "True" - envs["JAEGER_HOST"] = "host.docker.internal" - envs["JAEGER_PORT"] = int( - find_available_port(host="localhost", port=14268, search=True) - ) - - if "association_request_auto_approval" in kwargs: - envs["ASSOCIATION_REQUEST_AUTO_APPROVAL"] = kwargs[ - "association_request_auto_approval" - ] - - if "enable_warnings" in kwargs: - envs["ENABLE_WARNINGS"] = kwargs["enable_warnings"] - - if "platform" in kwargs and kwargs["platform"] is not None: - envs["DOCKER_DEFAULT_PLATFORM"] = docker_platform - - if "tls" in kwargs and kwargs["tls"] is True and len(kwargs["cert_store_path"]) > 0: - envs["TRAEFIK_TLS_CERTS"] = kwargs["cert_store_path"] - - if ( - "tls" in kwargs - and kwargs["tls"] is True - and "test" in kwargs - and kwargs["test"] is True - ): - envs["IGNORE_TLS_ERRORS"] = "True" - - if "test" in kwargs and kwargs["test"] is True: - envs["SWFS_VOLUME_SIZE_LIMIT_MB"] = "100" # GitHub CI is small - - if kwargs.get("release", "") == "development": - envs["RABBITMQ_MANAGEMENT"] = "-management" - - # currently we only have a domain frontend for dev mode - if kwargs.get("release", "") == "development" and ( - str(node_type.input) not in ["network", "gateway"] - ): - envs["FRONTEND_TARGET"] = "grid-ui-development" - - if "set_root_password" in kwargs and kwargs["set_root_password"] is not None: - envs["DEFAULT_ROOT_PASSWORD"] = kwargs["set_root_password"] - - if "set_root_email" in kwargs and kwargs["set_root_email"] is not None: - envs["DEFAULT_ROOT_EMAIL"] = kwargs["set_root_email"] - - if "set_s3_username" in kwargs and kwargs["set_s3_username"] is not None: - envs["S3_ROOT_USER"] = kwargs["set_s3_username"] - - if "set_s3_password" in kwargs and kwargs["set_s3_password"] is not None: - envs["S3_ROOT_PWD"] = kwargs["set_s3_password"] - - if ( - "set_volume_size_limit_mb" in kwargs - and kwargs["set_volume_size_limit_mb"] is not None - ): - envs["SWFS_VOLUME_SIZE_LIMIT_MB"] = kwargs["set_volume_size_limit_mb"] - - if "release" in kwargs: - envs["RELEASE"] = kwargs["release"] - - if "enable_signup" in kwargs: - envs["ENABLE_SIGNUP"] = kwargs["enable_signup"] - - cmd = "" - args = [] - for k, v in envs.items(): - if is_windows(): - # powershell envs - quoted = f"'{v}'" if not isinstance(v, int) else v - args.append(f"$env:{k}={quoted}") - else: - args.append(f"{k}={v}") - if is_windows(): - cmd += "; ".join(args) - cmd += "; " - else: - cmd += " ".join(args) - - cmd += " docker compose -p " + snake_name - - # new docker compose regression work around - # default_env = os.path.expanduser("~/.hagrid/app/.env") - - default_envs.update(envs) - - # env file path - env_file_path = compose_src_path + "/.env" - - # Render templates if creating stack from the manifest_template.yml - if kwargs["template"] and host_term.host is not None: - # If release is development, update relative path - # if EDITABLE_MODE: - # default_envs["RELATIVE_PATH"] = "../" - - render_templates( - node_name=snake_name, - deployment_type=kwargs["deployment_type"], - template_location=kwargs["template"], - env_vars=default_envs, - host_type=host_term.host, - ) - - try: - env_file = "" - for k, v in default_envs.items(): - env_file += f"{k}={v}\n" - - with open(env_file_path, "w") as f: - f.write(env_file) - - # cmd += f" --env-file {env_file_path}" - except Exception: # nosec - pass - - if single_container_mode: - cmd += " --profile worker" - else: - cmd += " --profile backend" - cmd += " --profile proxy" - cmd += " --profile mongo" - - if str(node_type.input) in ["network", "gateway"]: - cmd += " --profile network" - - if use_blob_storage: - cmd += " --profile blob-storage" - - # no frontend container so expect bad gateway on the / route - if not bool(kwargs["headless"]): - cmd += " --profile frontend" - - if "trace" in kwargs and kwargs["trace"]: - cmd += " --profile telemetry" - - final_commands = {} - final_commands["Pulling"] = pull_command(cmd, kwargs) - - cmd += " --file docker-compose.yml" - if "tls" in kwargs and kwargs["tls"] is True: - cmd += " --file docker-compose.tls.yml" - if "test" in kwargs and kwargs["test"] is True: - cmd += " --file docker-compose.test.yml" - - if build: - my_build_command = build_command(cmd) - final_commands["Building"] = my_build_command - - dev_mode = kwargs.get("dev", False) - final_commands["Launching"] = deploy_command(cmd, tail, dev_mode) - return final_commands - - -def create_launch_vagrant_cmd(verb: GrammarVerb) -> str: - host_term = verb.get_named_term_hostgrammar(name="host") - node_name = verb.get_named_term_type(name="node_name") - node_type = verb.get_named_term_type(name="node_type") - - snake_name = str(node_name.snake_input) - - if ART: - hagrid() - - print( - "Launching a " - + str(node_type.input) - + " PyGrid node on port " - + str(host_term.port) - + "!\n" - ) - - print(" - TYPE: " + str(node_type.input)) - print(" - NAME: " + str(snake_name)) - print(" - PORT: " + str(host_term.port)) - # print(" - VAGRANT: " + "1") - # print(" - VIRTUALBOX: " + "1") - print("\n") - - cmd = "" - cmd += 'ANSIBLE_ARGS="' - cmd += f"-e 'node_name={snake_name}'" - cmd += f"-e 'node_type={node_type.input}'" - cmd += '" ' - cmd += "vagrant up --provision" - cmd = "cd " + GRID_SRC_PATH() + ";" + cmd - return cmd - - -def get_or_make_resource_group(resource_group: str, location: str = "westus") -> None: - cmd = f"az group show --resource-group {resource_group}" - exists = True - try: - subprocess.check_call(cmd, shell=True) # nosec - except Exception: # nosec - # group doesn't exist so lets create it - exists = False - - if not exists: - cmd = f"az group create -l {location} -n {resource_group}" - try: - print(f"Creating resource group.\nRunning: {cmd}") - subprocess.check_call(cmd, shell=True) # nosec - except Exception as e: - raise Exception( - f"Unable to create resource group {resource_group} @ {location}. {e}" - ) - - -def extract_host_ip(stdout: bytes) -> str | None: - output = stdout.decode("utf-8") - - try: - j = json.loads(output) - if "publicIpAddress" in j: - return str(j["publicIpAddress"]) - except Exception: # nosec - matcher = r'publicIpAddress":\s+"(.+)"' - ips = re.findall(matcher, output) - if len(ips) > 0: - return ips[0] - - return None - - -def get_vm_host_ips(node_name: str, resource_group: str) -> list | None: - cmd = f"az vm list-ip-addresses -g {resource_group} --query " - cmd += f""""[?starts_with(virtualMachine.name, '{node_name}')]""" - cmd += '''.virtualMachine.network.publicIpAddresses[0].ipAddress"''' - output = subprocess.check_output(cmd, shell=True) # nosec - try: - host_ips = json.loads(output) - return host_ips - except Exception as e: - print(f"Failed to extract ips: {e}") - - return None - - -def is_valid_ip(host_or_ip: str) -> bool: - matcher = r"(?:[0-9]{1,3}\.){3}[0-9]{1,3}" - ips = re.findall(matcher, host_or_ip.strip()) - if len(ips) == 1: - return True - return False - - -def extract_host_ip_gcp(stdout: bytes) -> str | None: - output = stdout.decode("utf-8") - - try: - matcher = r"(?:[0-9]{1,3}\.){3}[0-9]{1,3}" - ips = re.findall(matcher, output) - if len(ips) == 2: - return ips[1] - except Exception: # nosec - pass - - return None - - -def extract_host_ip_from_cmd(cmd: str) -> str | None: - try: - matcher = r"(?:[0-9]{1,3}\.){3}[0-9]{1,3}" - ips = re.findall(matcher, cmd) - if ips: - return ips[0] - except Exception: # nosec - pass - - return None - - -def check_ip_for_ssh( - host_ip: str, timeout: int = 600, wait_time: int = 5, silent: bool = False -) -> bool: - if not silent: - print(f"Checking VM at {host_ip} is up") - checks = int(timeout / wait_time) # 10 minutes in 5 second chunks - first_run = True - while checks > 0: - checks -= 1 - try: - sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - sock.settimeout(wait_time) - result = sock.connect_ex((host_ip, 22)) - sock.close() - if result == 0: - if not silent: - print(f"VM at {host_ip} is up!") - return True - else: - if first_run: - if not silent: - print("Waiting for VM to start", end="", flush=True) - first_run = False - else: - if not silent: - print(".", end="", flush=True) - except Exception: # nosec - pass - return False - - -def create_aws_security_group( - security_group_name: str, region: str, snake_name: str -) -> str: - sg_description = f"{snake_name} security group" - create_cmd = f"aws ec2 create-security-group --group-name {security_group_name} " - create_cmd += f'--region {region} --description "{sg_description}" ' - sg_output = subprocess.check_output( # nosec - create_cmd, - shell=True, - ) - sg_output_dict = json.loads(sg_output) - if "GroupId" in sg_output_dict: - return sg_output_dict["GroupId"] - - return "" - - -def open_port_aws( - security_group_name: str, port_no: int, cidr: str, region: str -) -> None: - cmd = f"aws ec2 authorize-security-group-ingress --group-name {security_group_name} --protocol tcp " - cmd += f"--port {port_no} --cidr {cidr} --region {region}" - subprocess.check_call( # nosec - cmd, - shell=True, - ) - - -def extract_instance_ids_aws(stdout: bytes) -> list: - output = stdout.decode("utf-8") - output_dict = json.loads(output) - instance_ids: list = [] - if "Instances" in output_dict: - for ec2_instance_metadata in output_dict["Instances"]: - if "InstanceId" in ec2_instance_metadata: - instance_ids.append(ec2_instance_metadata["InstanceId"]) - - return instance_ids - - -def get_host_ips_given_instance_ids( - instance_ids: list, timeout: int = 600, wait_time: int = 10 -) -> list: - checks = int(timeout / wait_time) # 10 minutes in 10 second chunks - instance_ids_str = " ".join(instance_ids) - cmd = f"aws ec2 describe-instances --instance-ids {instance_ids_str}" - cmd += " --query 'Reservations[*].Instances[*].{StateName:State.Name,PublicIpAddress:PublicIpAddress}'" - cmd += " --output json" - while checks > 0: - checks -= 1 - time.sleep(wait_time) - desc_ec2_output = subprocess.check_output(cmd, shell=True) # nosec - instances_output_json = json.loads(desc_ec2_output.decode("utf-8")) - host_ips: list = [] - all_instances_running = True - for reservation in instances_output_json: - for instance_metadata in reservation: - if instance_metadata["StateName"] != "running": - all_instances_running = False - break - else: - host_ips.append(instance_metadata["PublicIpAddress"]) - if all_instances_running: - return host_ips - # else, wait another wait_time seconds and try again - - return [] - - -def make_aws_ec2_instance( - ami_id: str, ec2_instance_type: str, key_name: str, security_group_name: str -) -> list: - # From the docs: "For security groups in a nondefault VPC, you must specify the security group ID". - # Right now, since we're using default VPC, we can use security group name instead of ID. - - ebs_size = 200 # gb - cmd = f"aws ec2 run-instances --image-id {ami_id} --count 1 --instance-type {ec2_instance_type} " - cmd += f"--key-name {key_name} --security-groups {security_group_name} " - tmp_cmd = rf"[{{\"DeviceName\":\"/dev/sdf\",\"Ebs\":{{\"VolumeSize\":{ebs_size},\"DeleteOnTermination\":false}}}}]" - cmd += f'--block-device-mappings "{tmp_cmd}"' - - host_ips: list = [] - try: - print(f"Creating EC2 instance.\nRunning: {cmd}") - create_ec2_output = subprocess.check_output(cmd, shell=True) # nosec - instance_ids = extract_instance_ids_aws(create_ec2_output) - host_ips = get_host_ips_given_instance_ids(instance_ids=instance_ids) - except Exception as e: - print("failed", e) - - if not (host_ips): - raise Exception("Failed to create EC2 instance(s) or get public ip(s)") - - return host_ips - - -def create_launch_aws_cmd( - verb: GrammarVerb, - region: str, - ec2_instance_type: str, - security_group_name: str, - aws_security_group_cidr: str, - key_name: str, - key_path: str, - ansible_extras: str, - kwargs: dict[str, Any], - repo: str, - branch: str, - ami_id: str, - username: str, - auth: AuthCredentials, -) -> list[str]: - node_name = verb.get_named_term_type(name="node_name") - snake_name = str(node_name.snake_input) - create_aws_security_group(security_group_name, region, snake_name) - open_port_aws( - security_group_name=security_group_name, - port_no=80, - cidr=aws_security_group_cidr, - region=region, - ) # HTTP - open_port_aws( - security_group_name=security_group_name, - port_no=443, - cidr=aws_security_group_cidr, - region=region, - ) # HTTPS - open_port_aws( - security_group_name=security_group_name, - port_no=22, - cidr=aws_security_group_cidr, - region=region, - ) # SSH - if kwargs["jupyter"]: - open_port_aws( - security_group_name=security_group_name, - port_no=8888, - cidr=aws_security_group_cidr, - region=region, - ) # Jupyter - - host_ips = make_aws_ec2_instance( - ami_id=ami_id, - ec2_instance_type=ec2_instance_type, - key_name=key_name, - security_group_name=security_group_name, - ) - - launch_cmds: list[str] = [] - - for host_ip in host_ips: - # get old host - host_term = verb.get_named_term_hostgrammar(name="host") - - # replace - host_term.parse_input(host_ip) - verb.set_named_term_type(name="host", new_term=host_term) - - if not bool(kwargs["provision"]): - print("Skipping automatic provisioning.") - print("VM created with:") - print(f"IP: {host_ip}") - print(f"Key: {key_path}") - print("\nConnect with:") - print(f"ssh -i {key_path} {username}@{host_ip}") - - else: - extra_kwargs = { - "repo": repo, - "branch": branch, - "ansible_extras": ansible_extras, - } - kwargs.update(extra_kwargs) - - # provision - host_up = check_ip_for_ssh(host_ip=host_ip) - if not host_up: - print(f"Warning: {host_ip} ssh not available yet") - launch_cmd = create_launch_custom_cmd(verb=verb, auth=auth, kwargs=kwargs) - launch_cmds.append(launch_cmd) - - return launch_cmds - - -def make_vm_azure( - node_name: str, - resource_group: str, - username: str, - password: str | None, - key_path: str | None, - size: str, - image_name: str, - node_count: int, -) -> list: - disk_size_gb = "200" - try: - temp_dir = tempfile.TemporaryDirectory() - public_key_path = ( - private_to_public_key( - private_key_path=key_path, temp_path=temp_dir.name, username=username - ) - if key_path - else None - ) - except Exception: # nosec - temp_dir.cleanup() - - authentication_type = "ssh" if key_path else "password" - cmd = f"az vm create -n {node_name} -g {resource_group} --size {size} " - cmd += f"--image {image_name} --os-disk-size-gb {disk_size_gb} " - cmd += f"--public-ip-sku Standard --authentication-type {authentication_type} --admin-username {username} " - cmd += f"--ssh-key-values {public_key_path} " if public_key_path else "" - cmd += f"--admin-password '{password}' " if password else "" - cmd += f"--count {node_count} " if node_count > 1 else "" - - host_ips: list | None = [] - try: - print(f"Creating vm.\nRunning: {hide_azure_vm_password(cmd)}") - subprocess.check_output(cmd, shell=True) # nosec - host_ips = get_vm_host_ips(node_name=node_name, resource_group=resource_group) - except Exception as e: - print("failed", e) - finally: - temp_dir.cleanup() - - if not host_ips: - raise Exception("Failed to create vm or get VM public ip") - - try: - # clean up temp public key - if public_key_path: - os.unlink(public_key_path) - except Exception: # nosec - pass - - return host_ips - - -def open_port_vm_azure( - resource_group: str, node_name: str, port_name: str, port: int, priority: int -) -> None: - cmd = f"az network nsg rule create --resource-group {resource_group} " - cmd += f"--nsg-name {node_name}NSG --name {port_name} --destination-port-ranges {port} --priority {priority}" - try: - print(f"Creating {port_name} {port} ngs rule.\nRunning: {cmd}") - output = subprocess.check_call(cmd, shell=True) # nosec - print("output", output) - pass - except Exception as e: - print("failed", e) - - -def create_project(project_id: str) -> None: - cmd = f"gcloud projects create {project_id} --set-as-default" - try: - print(f"Creating project.\nRunning: {cmd}") - subprocess.check_call(cmd, shell=True) # nosec - except Exception as e: - print("failed", e) - - print("create project complete") - - -def create_launch_gcp_cmd( - verb: GrammarVerb, - project_id: str, - zone: str, - machine_type: str, - ansible_extras: str, - kwargs: dict[str, Any], - repo: str, - branch: str, - auth: AuthCredentials, -) -> str: - # create project if it doesn't exist - create_project(project_id) - # vm - node_name = verb.get_named_term_type(name="node_name") - kebab_name = str(node_name.kebab_input) - disk_size_gb = "200" - host_ip = make_gcp_vm( - vm_name=kebab_name, - project_id=project_id, - zone=zone, - machine_type=machine_type, - disk_size_gb=disk_size_gb, - ) - - # get old host - host_term = verb.get_named_term_hostgrammar(name="host") - - host_up = check_ip_for_ssh(host_ip=host_ip) - if not host_up: - raise Exception(f"Something went wrong launching the VM at IP: {host_ip}.") - - if not bool(kwargs["provision"]): - print("Skipping automatic provisioning.") - print("VM created with:") - print(f"IP: {host_ip}") - print(f"User: {auth.username}") - print(f"Key: {auth.key_path}") - print("\nConnect with:") - print(f"ssh -i {auth.key_path} {auth.username}@{host_ip}") - sys.exit(0) - - # replace - host_term.parse_input(host_ip) - verb.set_named_term_type(name="host", new_term=host_term) - - extra_kwargs = { - "repo": repo, - "branch": branch, - "auth_type": "key", - "ansible_extras": ansible_extras, - } - kwargs.update(extra_kwargs) - - # provision - return create_launch_custom_cmd(verb=verb, auth=auth, kwargs=kwargs) - - -def make_gcp_vm( - vm_name: str, project_id: str, zone: str, machine_type: str, disk_size_gb: str -) -> str: - create_cmd = "gcloud compute instances create" - network_settings = "network=default,network-tier=PREMIUM" - maintenance_policy = "MIGRATE" - scopes = [ - "https://www.googleapis.com/auth/devstorage.read_only", - "https://www.googleapis.com/auth/logging.write", - "https://www.googleapis.com/auth/monitoring.write", - "https://www.googleapis.com/auth/servicecontrol", - "https://www.googleapis.com/auth/service.management.readonly", - "https://www.googleapis.com/auth/trace.append", - ] - tags = "http-server,https-server" - disk_image = "projects/ubuntu-os-cloud/global/images/ubuntu-2204-jammy-v20230429" - disk = ( - f"auto-delete=yes,boot=yes,device-name={vm_name},image={disk_image}," - + f"mode=rw,size={disk_size_gb},type=pd-ssd" - ) - security_flags = ( - "--no-shielded-secure-boot --shielded-vtpm " - + "--shielded-integrity-monitoring --reservation-affinity=any" - ) - - cmd = ( - f"{create_cmd} {vm_name} " - + f"--project={project_id} " - + f"--zone={zone} " - + f"--machine-type={machine_type} " - + f"--create-disk={disk} " - + f"--network-interface={network_settings} " - + f"--maintenance-policy={maintenance_policy} " - + f"--scopes={','.join(scopes)} --tags={tags} " - + f"{security_flags}" - ) - - host_ip = None - try: - print(f"Creating vm.\nRunning: {cmd}") - output = subprocess.check_output(cmd, shell=True) # nosec - host_ip = extract_host_ip_gcp(stdout=output) - except Exception as e: - print("failed", e) - - if host_ip is None: - raise Exception("Failed to create vm or get VM public ip") - - return host_ip - - -def create_launch_azure_cmd( - verb: GrammarVerb, - resource_group: str, - location: str, - size: str, - username: str, - password: str | None, - key_path: str | None, - repo: str, - branch: str, - auth: AuthCredentials, - ansible_extras: str, - kwargs: dict[str, Any], -) -> list[str]: - get_or_make_resource_group(resource_group=resource_group, location=location) - - node_count = kwargs.get("node_count", 1) - print("Total VMs to create: ", node_count) - - # vm - node_name = verb.get_named_term_type(name="node_name") - snake_name = str(node_name.snake_input) - image_name = get_azure_image(kwargs["image_name"]) - host_ips = make_vm_azure( - snake_name, - resource_group, - username, - password, - key_path, - size, - image_name, - node_count, - ) - - # open port 80 - open_port_vm_azure( - resource_group=resource_group, - node_name=snake_name, - port_name="HTTP", - port=80, - priority=500, - ) - - # open port 443 - open_port_vm_azure( - resource_group=resource_group, - node_name=snake_name, - port_name="HTTPS", - port=443, - priority=501, - ) - - if kwargs["jupyter"]: - # open port 8888 - open_port_vm_azure( - resource_group=resource_group, - node_name=snake_name, - port_name="Jupyter", - port=8888, - priority=502, - ) - - launch_cmds: list[str] = [] - - for host_ip in host_ips: - # get old host - host_term = verb.get_named_term_hostgrammar(name="host") - - # replace - host_term.parse_input(host_ip) - verb.set_named_term_type(name="host", new_term=host_term) - - if not bool(kwargs["provision"]): - print("Skipping automatic provisioning.") - print("VM created with:") - print(f"Name: {snake_name}") - print(f"IP: {host_ip}") - print(f"User: {username}") - print(f"Password: {password}") - print(f"Key: {key_path}") - print("\nConnect with:") - if kwargs["auth_type"] == "key": - print(f"ssh -i {key_path} {username}@{host_ip}") - else: - print(f"ssh {username}@{host_ip}") - else: - extra_kwargs = { - "repo": repo, - "branch": branch, - "ansible_extras": ansible_extras, - } - kwargs.update(extra_kwargs) - - # provision - host_up = check_ip_for_ssh(host_ip=host_ip) - if not host_up: - print(f"Warning: {host_ip} ssh not available yet") - launch_cmd = create_launch_custom_cmd(verb=verb, auth=auth, kwargs=kwargs) - launch_cmds.append(launch_cmd) - - return launch_cmds - - -def create_ansible_land_cmd( - verb: GrammarVerb, auth: AuthCredentials | None, kwargs: dict[str, Any] -) -> str: - try: - host_term = verb.get_named_term_hostgrammar(name="host") - print("Landing PyGrid node on port " + str(host_term.port) + "!\n") - - print(" - PORT: " + str(host_term.port)) - print("\n") - - grid_path = GRID_SRC_PATH() - playbook_path = grid_path + "/ansible/site.yml" - ansible_cfg_path = grid_path + "/ansible.cfg" - auth = cast(AuthCredentials, auth) - - if not os.path.exists(playbook_path): - print(f"Can't find playbook site.yml at: {playbook_path}") - cmd = f"ANSIBLE_CONFIG={ansible_cfg_path} ansible-playbook " - if host_term.host == "localhost": - cmd += "--connection=local " - cmd += f"-i {host_term.host}, {playbook_path}" - if host_term.host != "localhost" and kwargs["auth_type"] == "key": - cmd += f" --private-key {auth.key_path} --user {auth.username}" - elif host_term.host != "localhost" and kwargs["auth_type"] == "password": - cmd += f" -c paramiko --user {auth.username}" - - ANSIBLE_ARGS = {"install": "false"} - - if host_term.host != "localhost" and kwargs["auth_type"] == "password": - ANSIBLE_ARGS["ansible_ssh_pass"] = kwargs["password"] - - if host_term.host == "localhost": - ANSIBLE_ARGS["local"] = "true" - - if "ansible_extras" in kwargs and kwargs["ansible_extras"] != "": - options = kwargs["ansible_extras"].split(",") - for option in options: - parts = option.strip().split("=") - if len(parts) == 2: - ANSIBLE_ARGS[parts[0]] = parts[1] - - for k, v in ANSIBLE_ARGS.items(): - cmd += f" -e \"{k}='{v}'\"" - - cmd = "cd " + grid_path + ";" + cmd - return cmd - except Exception as e: - print(f"Failed to construct custom deployment cmd: {cmd}. {e}") - raise e - - -def create_launch_custom_cmd( - verb: GrammarVerb, auth: AuthCredentials | None, kwargs: dict[str, Any] -) -> str: - try: - host_term = verb.get_named_term_hostgrammar(name="host") - node_name = verb.get_named_term_type(name="node_name") - node_type = verb.get_named_term_type(name="node_type") - # source_term = verb.get_named_term_type(name="source") - - snake_name = str(node_name.snake_input) - - if ART: - hagrid() - - print( - "Launching a " - + str(node_type.input) - + " PyGrid node on port " - + str(host_term.port) - + "!\n" - ) - - print(" - TYPE: " + str(node_type.input)) - print(" - NAME: " + str(snake_name)) - print(" - PORT: " + str(host_term.port)) - print("\n") - - grid_path = GRID_SRC_PATH() - playbook_path = grid_path + "/ansible/site.yml" - ansible_cfg_path = grid_path + "/ansible.cfg" - auth = cast(AuthCredentials, auth) - - if not os.path.exists(playbook_path): - print(f"Can't find playbook site.yml at: {playbook_path}") - cmd = f"ANSIBLE_CONFIG={ansible_cfg_path} ansible-playbook " - if host_term.host == "localhost": - cmd += "--connection=local " - cmd += f"-i {host_term.host}, {playbook_path}" - if host_term.host != "localhost" and kwargs["auth_type"] == "key": - cmd += f" --private-key {auth.key_path} --user {auth.username}" - elif host_term.host != "localhost" and kwargs["auth_type"] == "password": - cmd += f" -c paramiko --user {auth.username}" - - version_string = kwargs["tag"] - if version_string is None: - version_string = "local" - - ANSIBLE_ARGS = { - "node_type": node_type.input, - "node_name": snake_name, - "github_repo": kwargs["repo"], - "repo_branch": kwargs["branch"], - "docker_tag": version_string, - } - - if host_term.host != "localhost" and kwargs["auth_type"] == "password": - ANSIBLE_ARGS["ansible_ssh_pass"] = kwargs["password"] - - if host_term.host == "localhost": - ANSIBLE_ARGS["local"] = "true" - - if "node_side_type" in kwargs: - ANSIBLE_ARGS["node_side_type"] = kwargs["node_side_type"] - - if kwargs["tls"] is True: - ANSIBLE_ARGS["tls"] = "true" - - if "release" in kwargs: - ANSIBLE_ARGS["release"] = kwargs["release"] - - if "set_root_email" in kwargs and kwargs["set_root_email"] is not None: - ANSIBLE_ARGS["root_user_email"] = kwargs["set_root_email"] - - if "set_root_password" in kwargs and kwargs["set_root_password"] is not None: - ANSIBLE_ARGS["root_user_password"] = kwargs["set_root_password"] - - if ( - kwargs["tls"] is True - and "cert_store_path" in kwargs - and len(kwargs["cert_store_path"]) > 0 - ): - ANSIBLE_ARGS["cert_store_path"] = kwargs["cert_store_path"] - - if ( - kwargs["tls"] is True - and "upload_tls_key" in kwargs - and len(kwargs["upload_tls_key"]) > 0 - ): - ANSIBLE_ARGS["upload_tls_key"] = kwargs["upload_tls_key"] - - if ( - kwargs["tls"] is True - and "upload_tls_cert" in kwargs - and len(kwargs["upload_tls_cert"]) > 0 - ): - ANSIBLE_ARGS["upload_tls_cert"] = kwargs["upload_tls_cert"] - - if kwargs["jupyter"] is True: - ANSIBLE_ARGS["jupyter"] = "true" - ANSIBLE_ARGS["jupyter_token"] = generate_sec_random_password( - length=48, upper_case=False, special_chars=False - ) - - if "ansible_extras" in kwargs and kwargs["ansible_extras"] != "": - options = kwargs["ansible_extras"].split(",") - for option in options: - parts = option.strip().split("=") - if len(parts) == 2: - ANSIBLE_ARGS[parts[0]] = parts[1] - - # if mode == "deploy": - # ANSIBLE_ARGS["deploy"] = "true" - - for k, v in ANSIBLE_ARGS.items(): - cmd += f" -e \"{k}='{v}'\"" - - cmd = "cd " + grid_path + ";" + cmd - return cmd - except Exception as e: - print(f"Failed to construct custom deployment cmd: {cmd}. {e}") - raise e - - -def create_land_cmd(verb: GrammarVerb, kwargs: dict[str, Any]) -> str: - host_term = verb.get_named_term_hostgrammar(name="host") - host = host_term.host if host_term.host is not None else "" - - if host in ["docker"]: - target = verb.get_named_term_grammar("node_name").input - prune_volumes: bool = kwargs.get("prune_vol", False) - - if target == "all": - # land all syft nodes - if prune_volumes: - land_cmd = "docker rm `docker ps --filter label=orgs.openmined.syft -q` --force " - land_cmd += "&& docker volume rm " - land_cmd += "$(docker volume ls --filter label=orgs.openmined.syft -q)" - return land_cmd - else: - return "docker rm `docker ps --filter label=orgs.openmined.syft -q` --force" - - version = check_docker_version() - if version: - return create_land_docker_cmd(verb=verb, prune_volumes=prune_volumes) - - elif host == "localhost" or is_valid_ip(host): - parsed_kwargs = {} - if DEPENDENCIES["ansible-playbook"]: - if host != "localhost": - parsed_kwargs["username"] = ask( - question=Question( - var_name="username", - question=f"Username for {host} with sudo privledges?", - default=arg_cache["username"], - kind="string", - cache=True, - ), - kwargs=kwargs, - ) - parsed_kwargs["auth_type"] = ask( - question=Question( - var_name="auth_type", - question="Do you want to login with a key or password", - default=arg_cache["auth_type"], - kind="option", - options=["key", "password"], - cache=True, - ), - kwargs=kwargs, - ) - if parsed_kwargs["auth_type"] == "key": - parsed_kwargs["key_path"] = ask( - question=Question( - var_name="key_path", - question=f"Private key to access {parsed_kwargs['username']}@{host}?", - default=arg_cache["key_path"], - kind="path", - cache=True, - ), - kwargs=kwargs, - ) - elif parsed_kwargs["auth_type"] == "password": - parsed_kwargs["password"] = ask( - question=Question( - var_name="password", - question=f"Password for {parsed_kwargs['username']}@{host}?", - kind="password", - ), - kwargs=kwargs, - ) - - auth = None - if host != "localhost": - if parsed_kwargs["auth_type"] == "key": - auth = AuthCredentials( - username=parsed_kwargs["username"], - key_path=parsed_kwargs["key_path"], - ) - else: - auth = AuthCredentials( - username=parsed_kwargs["username"], - key_path=parsed_kwargs["password"], - ) - if not auth.valid: - raise Exception(f"Login Credentials are not valid. {auth}") - parsed_kwargs["ansible_extras"] = kwargs["ansible_extras"] - return create_ansible_land_cmd(verb=verb, auth=auth, kwargs=parsed_kwargs) - else: - errors = [] - if not DEPENDENCIES["ansible-playbook"]: - errors.append("ansible-playbook") - raise MissingDependency( - f"Launching a Custom VM requires: {' '.join(errors)}" - ) - - host_options = ", ".join(allowed_hosts) - raise MissingDependency( - f"Launch requires a correct host option, try: {host_options}" - ) - - -def create_land_docker_cmd(verb: GrammarVerb, prune_volumes: bool = False) -> str: - """ - Create docker `land` command to remove containers when a node's name is specified - """ - node_name = verb.get_named_term_type(name="node_name") - snake_name = str(node_name.snake_input) - - path = GRID_SRC_PATH() - env_var = ";export $(cat .env | sed 's/#.*//g' | xargs);" - - cmd = "" - cmd += "docker compose" - cmd += ' --file "docker-compose.yml"' - cmd += ' --project-name "' + snake_name + '"' - cmd += " down --remove-orphans" - - if prune_volumes: - cmd += ( - f' && docker volume rm $(docker volume ls --filter name="{snake_name}" -q)' - ) - - cmd += f" && docker rm $(docker ps --filter name={snake_name} -q) --force" - - cmd = "cd " + path + env_var + cmd - return cmd - - -@click.command( - help="Stop a running PyGrid domain/network node.", - context_settings={"show_default": True}, -) -@click.argument("args", type=str, nargs=-1) -@click.option( - "--cmd", - is_flag=True, - help="Print the cmd without running it", -) -@click.option( - "--ansible-extras", - default="", - type=str, -) -@click.option( - "--build-src", - default=DEFAULT_BRANCH, - required=False, - type=str, - help="Git branch to use for launch / build operations", -) -@click.option( - "--silent", - is_flag=True, - help="Suppress extra outputs", -) -@click.option( - "--force", - is_flag=True, - help="Bypass the prompt during hagrid land", -) -@click.option( - "--prune-vol", - is_flag=True, - help="Prune docker volumes after land.", -) -def land(args: tuple[str], **kwargs: Any) -> None: - verb = get_land_verb() - silent = bool(kwargs["silent"]) - force = bool(kwargs["force"]) - try: - grammar = parse_grammar(args=args, verb=verb) - verb.load_grammar(grammar=grammar) - except BadGrammar as e: - print(e) - return - - try: - update_repo(repo=GIT_REPO(), branch=str(kwargs["build_src"])) - except Exception as e: - print(f"Failed to update repo. {e}") - - try: - cmd = create_land_cmd(verb=verb, kwargs=kwargs) - except Exception as e: - print(f"{e}") - return - - target = verb.get_named_term_grammar("node_name").input - - if not force: - _land_domain = ask( - Question( - var_name="_land_domain", - question=f"Are you sure you want to land {target} (y/n)", - kind="yesno", - ), - kwargs={}, - ) - - grid_path = GRID_SRC_PATH() - - if force or _land_domain == "y": - if not bool(kwargs["cmd"]): - if not silent: - print("Running: \n", cmd) - try: - if silent: - process = subprocess.Popen( # nosec - cmd, - stdout=subprocess.PIPE, - stderr=subprocess.PIPE, - cwd=grid_path, - shell=True, - ) - process.communicate() - - print(f"HAGrid land {target} complete!") - else: - subprocess.call(cmd, shell=True, cwd=grid_path) # nosec - except Exception as e: - print(f"Failed to run cmd: {cmd}. {e}") - else: - print("Hagrid land aborted.") - - -cli.add_command(launch) -cli.add_command(land) -cli.add_command(clean) - - -@click.command( - help="Show HAGrid debug information", context_settings={"show_default": True} -) -@click.argument("args", type=str, nargs=-1) -def debug(args: tuple[str], **kwargs: Any) -> None: - debug_info = gather_debug() - print("\n\nWhen reporting bugs, please copy everything between the lines.") - print("==================================================================\n") - print(json.dumps(debug_info)) - print("\n=================================================================\n\n") - - -cli.add_command(debug) - - -DEFAULT_HEALTH_CHECKS = ["host", "UI (Ξ²eta)", "api", "ssh", "jupyter"] -HEALTH_CHECK_FUNCTIONS = { - "host": check_host, - "UI (Ξ²eta)": check_login_page, - "api": check_api_metadata, - "ssh": check_ip_for_ssh, - "jupyter": check_jupyter_server, -} - -HEALTH_CHECK_ICONS = { - "host": "πŸ”Œ", - "UI (Ξ²eta)": "πŸ–±", - "api": "βš™οΈ", - "ssh": "πŸ”", - "jupyter": "πŸ“—", -} - -HEALTH_CHECK_URLS = { - "host": "{ip_address}", - "UI (Ξ²eta)": "http://{ip_address}/login", - "api": "http://{ip_address}/api/v2/openapi.json", - "ssh": "hagrid ssh {ip_address}", - "jupyter": "http://{ip_address}:8888", -} - - -def check_host_health(ip_address: str, keys: list[str]) -> dict[str, bool]: - status = {} - for key in keys: - func: Callable = HEALTH_CHECK_FUNCTIONS[key] # type: ignore - status[key] = func(ip_address, silent=True) - return status - - -def icon_status(status: bool) -> str: - return "βœ…" if status else "❌" - - -def get_health_checks(ip_address: str) -> tuple[bool, list[list[str]]]: - keys = list(DEFAULT_HEALTH_CHECKS) - if "localhost" in ip_address: - new_keys = [] - for key in keys: - if key not in ["host", "jupyter", "ssh"]: - new_keys.append(key) - keys = new_keys - - health_status = check_host_health(ip_address=ip_address, keys=keys) - complete_status = all(health_status.values()) - - # find port from ip_address - try: - port = int(ip_address.split(":")[1]) - except Exception: - # default to 80 - port = 80 - - # url to display based on running environment - display_url = gitpod_url(port).split("//")[1] if is_gitpod() else ip_address - - # figure out how to add this back? - # console.print("[bold magenta]Checking host:[/bold magenta]", ip_address, ":mage:") - table_contents = [] - for key, value in health_status.items(): - table_contents.append( - [ - HEALTH_CHECK_ICONS[key], - key, - HEALTH_CHECK_URLS[key].replace("{ip_address}", display_url), - icon_status(value), - ] - ) - - return complete_status, table_contents - - -def create_check_table( - table_contents: list[list[str]], time_left: int = 0 -) -> rich.table.Table: - table = rich.table.Table() - table.add_column("PyGrid", style="magenta") - table.add_column("Info", justify="left", overflow="fold") - time_left_str = "" if time_left == 0 else str(time_left) - table.add_column(time_left_str, justify="left") - for row in table_contents: - table.add_row(row[1], row[2], row[3]) - return table - - -def get_host_name(container_name: str, by_suffix: str) -> str: - # Assumption we always get proxy containers first. - # if users have old docker compose versios. - # the container names are _ instead of - - # canada_proxy_1 instead of canada-proxy-1 - try: - host_name = container_name[0 : container_name.find(by_suffix) - 1] # noqa: E203 - except Exception: - host_name = "" - return host_name - - -def get_docker_status( - ip_address: str, node_name: str | None -) -> tuple[bool, tuple[str, str]]: - url = from_url(ip_address) - port = url[2] - network_container = ( - shell( - "docker ps --format '{{.Names}} {{.Ports}}' | " + f"grep '0.0.0.0:{port}'" - ) - .strip() - .split(" ")[0] - ) - - # Second conditional handle the case when internal port of worker container - # matches with host port of launched Domain/Network Container - if not network_container or (node_name and node_name not in network_container): - # check if it is a worker container and an internal port was passed - worker_containers_output: str = shell( - "docker ps --format '{{.Names}} {{.Ports}}' | " + f"grep '{port}/tcp'" - ).strip() - if not worker_containers_output or not node_name: - return False, ("", "") - - # If there are worker containers with an internal port - # fetch the worker container with the launched worker name - worker_containers = worker_containers_output.split("\n") - for worker_container in worker_containers: - container_name = worker_container.split(" ")[0] - if node_name in container_name: - network_container = container_name - break - else: - # If the worker container is not created yet - return False, ("", "") - - if "proxy" in network_container: - host_name = get_host_name(network_container, by_suffix="proxy") - - backend_containers = shell( - "docker ps --format '{{.Names}}' | grep 'backend' " - ).split() - - _backend_exists = False - for container in backend_containers: - if host_name in container and "stream" not in container: - _backend_exists = True - break - if not _backend_exists: - return False, ("", "") - - node_type = "Domain" - - # TODO: Identify if node_type is Gateway - # for container in headscale_containers: - # if host_name in container: - # node_type = "Gateway" - # break - - return True, (host_name, node_type) - else: - # health check for worker node - host_name = get_host_name(network_container, by_suffix="worker") - return True, (host_name, "Worker") - - -def get_syft_install_status(host_name: str, node_type: str) -> bool: - container_search = "backend" if node_type != "Worker" else "worker" - search_containers = shell( - "docker ps --format '{{.Names}}' | " + f"grep '{container_search}' " - ).split() - - context_container = None - for container in search_containers: - # stream keyword is for our old container stack - if host_name in container and "stream" not in container: - context_container = container - break - - if not context_container: - print(f"❌ {container_search} Docker Stack for: {host_name} not found") - exit(0) - else: - container_log = shell(f"docker logs {context_container}") - if "Application startup complete" not in container_log: - return False - return True - - -@click.command( - help="Check health of an IP address/addresses or a resource group", - context_settings={"show_default": True}, -) -@click.argument("ip_addresses", type=str, nargs=-1) -@click.option( - "--timeout", - default=300, - help="Timeout for hagrid check command", -) -@click.option( - "--verbose", - is_flag=True, - help="Refresh output", -) -def check( - ip_addresses: list[str], verbose: bool = False, timeout: int | str = 300 -) -> None: - check_status(ip_addresses=ip_addresses, silent=not verbose, timeout=timeout) - - -def _check_status( - ip_addresses: str | list[str], - silent: bool = True, - signal: Event | None = None, - node_name: str | None = None, -) -> None: - OK_EMOJI = RichEmoji("white_heavy_check_mark").to_str() - # Check if ip_addresses is str, then convert to list - if ip_addresses and isinstance(ip_addresses, str): - ip_addresses = [ip_addresses] - console = Console() - node_info = None - if len(ip_addresses) == 0: - headers = {"User-Agent": "curl/7.79.1"} - print("Detecting External IP...") - ip_res = requests.get("https://ifconfig.co", headers=headers) # nosec - ip_address = ip_res.text.strip() - ip_addresses = [ip_address] - - if len(ip_addresses) == 1: - ip_address = ip_addresses[0] - status, table_contents = get_health_checks(ip_address=ip_address) - table = create_check_table(table_contents=table_contents) - max_timeout = 600 - if not status: - table = create_check_table( - table_contents=table_contents, time_left=max_timeout - ) - if silent: - with console.status("Gathering Node information") as console_status: - console_status.update( - "[bold orange_red1]Waiting for Container Creation" - ) - docker_status, node_info = get_docker_status(ip_address, node_name) - while not docker_status: - docker_status, node_info = get_docker_status( - ip_address, node_name - ) - time.sleep(1) - if ( - signal and signal.is_set() - ): # Stop execution if timeout is triggered - return - console.print( - f"{OK_EMOJI} {node_info[0]} {node_info[1]} Containers Created" - ) - - console_status.update("[bold orange_red1]Starting Backend") - syft_install_status = get_syft_install_status( - node_info[0], node_info[1] - ) - while not syft_install_status: - syft_install_status = get_syft_install_status( - node_info[0], node_info[1] - ) - time.sleep(1) - # Stop execution if timeout is triggered - if signal and signal.is_set(): - return - console.print(f"{OK_EMOJI} Backend") - console.print(f"{OK_EMOJI} Startup Complete") - - status, table_contents = get_health_checks(ip_address) - table = create_check_table( - table_contents=table_contents, time_left=max_timeout - ) - else: - while not status: - # Stop execution if timeout is triggered - if signal is not None and signal.is_set(): - return - with Live( - table, refresh_per_second=2, screen=True, auto_refresh=False - ) as live: - max_timeout -= 1 - if max_timeout % 5 == 0: - status, table_contents = get_health_checks(ip_address) - table = create_check_table( - table_contents=table_contents, time_left=max_timeout - ) - live.update(table) - if status: - break - time.sleep(1) - - # TODO: Create new health checks table for Worker Container - if (node_info and node_info[1] != "Worker") or not node_info: - console.print(table) - else: - for ip_address in ip_addresses: - _, table_contents = get_health_checks(ip_address) - table = create_check_table(table_contents=table_contents) - console.print(table) - - -def check_status( - ip_addresses: str | list[str], - silent: bool = True, - timeout: int | str = 300, - node_name: str | None = None, -) -> None: - timeout = int(timeout) - # third party - from rich import print - - signal = Event() - - t = Thread( - target=_check_status, - kwargs={ - "ip_addresses": ip_addresses, - "silent": silent, - "signal": signal, - "node_name": node_name, - }, - ) - t.start() - t.join(timeout=timeout) - - if t.is_alive(): - signal.set() - t.join() - - print(f"Hagrid check command timed out after: {timeout} seconds πŸ•›") - print( - "Please try increasing the timeout or kindly check the docker containers for error logs." - ) - print("You can view your container logs using the following tool:") - print("Tool: [link=https://ctop.sh]Ctop[/link]") - print("Video Explanation: https://youtu.be/BJhlCxerQP4 \n") - - -cli.add_command(check) - - -# add Hagrid info to the cli -@click.command(help="Show HAGrid info", context_settings={"show_default": True}) -def version() -> None: - print(f"HAGRID_VERSION: {get_version_string()}") - if EDITABLE_MODE: - print(f"HAGRID_REPO_SHA: {commit_hash()}") - - -cli.add_command(version) - - -def run_quickstart( - url: str | None = None, - syft: str = "latest", - reset: bool = False, - quiet: bool = False, - pre: bool = False, - test: bool = False, - repo: str = DEFAULT_REPO, - branch: str = DEFAULT_BRANCH, - commit: str | None = None, - python: str | None = None, - zip_file: str | None = None, -) -> None: - try: - quickstart_art() - directory = os.path.expanduser("~/.hagrid/quickstart/") - confirm_reset = None - if reset: - if not quiet: - confirm_reset = click.confirm( - "This will create a new quickstart virtualenv and reinstall Syft and " - "Jupyter. Are you sure you want to continue?" - ) - else: - confirm_reset = True - if confirm_reset is False: - return - - if reset and confirm_reset or not os.path.isdir(directory): - quickstart_setup( - directory=directory, - syft_version=syft, - reset=reset, - pre=pre, - python=python, - ) - downloaded_files = [] - if zip_file: - downloaded_files = fetch_notebooks_from_zipfile( - zip_file, - directory=directory, - reset=reset, - ) - elif url: - downloaded_files = fetch_notebooks_for_url( - url=url, - directory=directory, - reset=reset, - repo=repo, - branch=branch, - commit=commit, - ) - else: - file_path = add_intro_notebook(directory=directory, reset=reset) - downloaded_files.append(file_path) - - if len(downloaded_files) == 0: - raise Exception(f"Unable to find files at: {url}") - file_path = sorted(downloaded_files)[0] - - # add virtualenv path - environ = os.environ.copy() - os_bin_path = "Scripts" if is_windows() else "bin" - venv_dir = directory + ".venv" - environ["PATH"] = venv_dir + os.sep + os_bin_path + os.pathsep + environ["PATH"] - jupyter_binary = "jupyter.exe" if is_windows() else "jupyter" - - if is_windows(): - env_activate_cmd = ( - "(Powershell): " - + "cd " - + venv_dir - + "; " - + os_bin_path - + os.sep - + "activate" - ) - else: - env_activate_cmd = ( - "(Linux): source " + venv_dir + os.sep + os_bin_path + "/activate" - ) - - print(f"To activate your virtualenv {env_activate_cmd}") - - try: - allow_browser = " --no-browser" if is_gitpod() else "" - cmd = ( - venv_dir - + os.sep - + os_bin_path - + os.sep - + f"{jupyter_binary} lab{allow_browser} --ip 0.0.0.0 --notebook-dir={directory} {file_path}" - ) - if test: - jupyter_path = venv_dir + os.sep + os_bin_path + os.sep + jupyter_binary - if not os.path.exists(jupyter_path): - print(f"Failed to install Jupyter in path: {jupyter_path}") - sys.exit(1) - print(f"Jupyter exists at: {jupyter_path}. CI Test mode exiting.") - sys.exit(0) - - disable_toolbar_extension = ( - venv_dir - + os.sep - + os_bin_path - + os.sep - + f"{jupyter_binary} labextension disable @jupyterlab/cell-toolbar-extension" - ) - - subprocess.run( # nosec - disable_toolbar_extension.split(" "), cwd=directory, env=environ - ) - - ON_POSIX = "posix" in sys.builtin_module_names - - def enqueue_output(out: Any, queue: Queue) -> None: - for line in iter(out.readline, b""): - queue.put(line) - out.close() - - proc = subprocess.Popen( # nosec - cmd.split(" "), - cwd=directory, - env=environ, - stdout=subprocess.PIPE, - stderr=subprocess.PIPE, - close_fds=ON_POSIX, - ) - queue: Queue = Queue() - thread_1 = Thread(target=enqueue_output, args=(proc.stdout, queue)) - thread_2 = Thread(target=enqueue_output, args=(proc.stderr, queue)) - thread_1.daemon = True # thread dies with the program - thread_1.start() - thread_2.daemon = True # thread dies with the program - thread_2.start() - - display_url = None - console = rich.get_console() - - # keepn reading the queue of stdout + stderr - while True: - try: - if not display_url: - # try to read the line and extract a jupyter url: - with console.status( - "Starting Jupyter service" - ) as console_status: - line = queue.get() - display_url = extract_jupyter_url(line.decode("utf-8")) - if display_url: - display_jupyter_url(url_parts=display_url) - console_status.stop() - except KeyboardInterrupt: - proc.kill() # make sure jupyter gets killed - sys.exit(1) - except Exception: # nosec - pass # nosec - except KeyboardInterrupt: - proc.kill() # make sure jupyter gets killed - sys.exit(1) - except Exception as e: - print(f"Error running quickstart: {e}") - raise e - - -@click.command( - help="Launch a Syft + Jupyter Session with a Notebook URL / Path", - context_settings={"show_default": True}, -) -@click.argument("url", type=str, required=False) -@click.option( - "--reset", - is_flag=True, - default=False, - help="Force hagrid quickstart to setup a fresh virtualenv", -) -@click.option( - "--syft", - default="latest", - help="Choose a syft version or just use latest", -) -@click.option( - "--quiet", - is_flag=True, - help="Silence confirmation prompts", -) -@click.option( - "--pre", - is_flag=True, - help="Install pre-release versions of syft", -) -@click.option( - "--python", - default=None, - help="Specify the path to which python to use", -) -@click.option( - "--test", - is_flag=True, - help="CI Test Mode, don't hang on Jupyter", -) -@click.option( - "--repo", - default=DEFAULT_REPO, - help="Choose a repo to fetch the notebook from or just use OpenMined/PySyft", -) -@click.option( - "--branch", - default=DEFAULT_BRANCH, - help="Choose a branch to fetch from or just use dev", -) -@click.option( - "--commit", - help="Choose a specific commit to fetch the notebook from", -) -def quickstart_cli( - url: str | None = None, - syft: str = "latest", - reset: bool = False, - quiet: bool = False, - pre: bool = False, - test: bool = False, - repo: str = DEFAULT_REPO, - branch: str = DEFAULT_BRANCH, - commit: str | None = None, - python: str | None = None, -) -> None: - return run_quickstart( - url=url, - syft=syft, - reset=reset, - quiet=quiet, - pre=pre, - test=test, - repo=repo, - branch=branch, - commit=commit, - python=python, - ) - - -cli.add_command(quickstart_cli, "quickstart") - - -def display_jupyter_url(url_parts: tuple[str, str, int]) -> None: - url = url_parts[0] - if is_gitpod(): - parts = urlparse(url) - query = getattr(parts, "query", "") - url = gitpod_url(port=url_parts[2]) + "?" + query - - console = rich.get_console() - - tick_emoji = RichEmoji("white_heavy_check_mark").to_str() - link_emoji = RichEmoji("link").to_str() - - console.print( - f"[bold white]{tick_emoji} Jupyter Server is running at:\n{link_emoji} [bold blue]{url}\n" - + "[bold white]Use Control-C to stop this server and shut down all kernels.", - new_line_start=True, - ) - - # if is_gitpod(): - # open_browser_with_url(url=url) - - -def open_browser_with_url(url: str) -> None: - webbrowser.open(url) - - -def extract_jupyter_url(line: str) -> tuple[str, str, int] | None: - jupyter_regex = r"^.*(http.*127.*)" - try: - matches = re.match(jupyter_regex, line) - if matches is not None: - url = matches.group(1).strip() - parts = urlparse(url) - host_or_ip_parts = parts.netloc.split(":") - # netloc is host:port - port = 8888 - if len(host_or_ip_parts) > 1: - port = int(host_or_ip_parts[1]) - host_or_ip = host_or_ip_parts[0] - return (url, host_or_ip, port) - except Exception as e: - print("failed to parse jupyter url", e) - return None - - -def quickstart_setup( - directory: str, - syft_version: str, - reset: bool = False, - pre: bool = False, - python: str | None = None, -) -> None: - console = rich.get_console() - OK_EMOJI = RichEmoji("white_heavy_check_mark").to_str() - - try: - with console.status( - "[bold blue]Setting up Quickstart Environment" - ) as console_status: - os.makedirs(directory, exist_ok=True) - virtual_env_dir = os.path.abspath(directory + ".venv/") - if reset and os.path.exists(virtual_env_dir): - shutil.rmtree(virtual_env_dir) - env = VirtualEnvironment(virtual_env_dir, python=python) - console.print( - f"{OK_EMOJI} Created Virtual Environment {RichEmoji('evergreen_tree').to_str()}" - ) - - # upgrade pip - console_status.update("[bold blue]Installing pip") - env.install("pip", options=["-U"]) - console.print(f"{OK_EMOJI} pip") - - # upgrade packaging - console_status.update("[bold blue]Installing packaging") - env.install("packaging", options=["-U"]) - console.print(f"{OK_EMOJI} packaging") - - # Install jupyter lab - console_status.update("[bold blue]Installing Jupyter Lab") - env.install("jupyterlab") - env.install("ipywidgets") - console.print(f"{OK_EMOJI} Jupyter Lab") - - # Install hagrid - if EDITABLE_MODE: - local_hagrid_dir = Path( - os.path.abspath(Path(hagrid_root()) / "../hagrid") - ) - console_status.update( - f"[bold blue]Installing HAGrid in Editable Mode: {str(local_hagrid_dir)}" - ) - env.install("-e " + str(local_hagrid_dir)) - console.print( - f"{OK_EMOJI} HAGrid in Editable Mode: {str(local_hagrid_dir)}" - ) - else: - console_status.update("[bold blue]Installing hagrid") - env.install("hagrid", options=["-U"]) - console.print(f"{OK_EMOJI} HAGrid") - except Exception as e: - print(e) - raise e - - -def add_intro_notebook(directory: str, reset: bool = False) -> str: - filenames = ["00-quickstart.ipynb", "01-install-wizard.ipynb"] - - files = os.listdir(directory) - try: - files.remove(".venv") - except Exception: # nosec - pass - - existing = 0 - for file in files: - if file in filenames: - existing += 1 - - if existing != len(filenames) or reset: - if EDITABLE_MODE: - local_src_dir = Path(os.path.abspath(Path(hagrid_root()) / "../../")) - for filename in filenames: - file_path = os.path.abspath(f"{directory}/{filename}") - shutil.copyfile( - local_src_dir / f"notebooks/quickstart/{filename}", - file_path, - ) - else: - for filename in filenames: - url = ( - "https://raw.githubusercontent.com/OpenMined/PySyft/dev/" - + f"notebooks/quickstart/{filename}" - ) - file_path, _, _ = quickstart_download_notebook( - url=url, directory=directory, reset=reset - ) - if arg_cache["install_wizard_complete"]: - filename = filenames[0] - else: - filename = filenames[1] - return os.path.abspath(f"{directory}/{filename}") - - -@click.command(help="Walk the Path", context_settings={"show_default": True}) -@click.argument("zip_file", type=str, default="padawan.zip", metavar="ZIPFILE") -def dagobah(zip_file: str) -> None: - if not os.path.exists(zip_file): - for text in ( - f"{zip_file} does not exists.", - "Please specify the path to the zip file containing the notebooks.", - "hagrid dagobah [ZIPFILE]", - ): - print(text, file=sys.stderr) - sys.exit(1) - - return run_quickstart(zip_file=zip_file) - - -cli.add_command(dagobah) - - -def ssh_into_remote_machine( - host_ip: str, - username: str, - auth_type: str, - private_key_path: str | None, - cmd: str = "", -) -> None: - """Access or execute command on the remote machine. - - Args: - host_ip (str): ip address of the VM - private_key_path (str): private key of the VM - username (str): username on the VM - cmd (str, optional): Command to execute on the remote machine. Defaults to "". - """ - try: - if auth_type == "key": - subprocess.call( # nosec - ["ssh", "-i", f"{private_key_path}", f"{username}@{host_ip}", cmd] - ) - elif auth_type == "password": - subprocess.call(["ssh", f"{username}@{host_ip}", cmd]) # nosec - except Exception as e: - raise e - - -@click.command( - help="SSH into the IP address or a resource group", - context_settings={"show_default": True}, -) -@click.argument("ip_address", type=str) -@click.option( - "--cmd", - type=str, - required=False, - default="", - help="Optional: command to execute on the remote machine.", -) -def ssh(ip_address: str, cmd: str) -> None: - kwargs: dict = {} - key_path: str | None = None - - if check_ip_for_ssh(ip_address, timeout=10, silent=False): - username = ask( - question=Question( - var_name="azure_username", - question="What is the username for the VM?", - default=arg_cache["azure_username"], - kind="string", - cache=True, - ), - kwargs=kwargs, - ) - auth_type = ask( - question=Question( - var_name="auth_type", - question="Do you want to login with a key or password", - default=arg_cache["auth_type"], - kind="option", - options=["key", "password"], - cache=True, - ), - kwargs=kwargs, - ) - - if auth_type == "key": - key_path = ask( - question=Question( - var_name="azure_key_path", - question="Absolute path to the private key of the VM?", - default=arg_cache["azure_key_path"], - kind="string", - cache=True, - ), - kwargs=kwargs, - ) - - # SSH into the remote and execute the command - ssh_into_remote_machine( - host_ip=ip_address, - username=username, - auth_type=auth_type, - private_key_path=key_path, - cmd=cmd, - ) - - -cli.add_command(ssh) - - -# Add hagrid logs command to the CLI -@click.command( - help="Get the logs of the HAGrid node", context_settings={"show_default": True} -) -@click.argument("domain_name", type=str) -def logs(domain_name: str) -> None: # nosec - container_ids = ( - subprocess.check_output( # nosec - f"docker ps -qf name=^{domain_name}-*", shell=True - ) - .decode("utf-8") - .split() - ) - Container = namedtuple("Container", "id name logs") - container_names = [] - for container in container_ids: - container_name = ( - subprocess.check_output( # nosec - "docker inspect --format '{{.Name}}' " + container, shell=True - ) - .decode("utf-8") - .strip() - .replace("/", "") - ) - log_command = "docker logs -f " + container_name - container_names.append( - Container(id=container, name=container_name, logs=log_command) - ) - # Generate a table of the containers and their logs with Rich - table = rich.table.Table(title="Container Logs") - table.add_column("Container ID", justify="center", style="cyan", no_wrap=True) - table.add_column("Container Name", justify="right", style="cyan", no_wrap=True) - table.add_column("Log Command", justify="right", style="cyan", no_wrap=True) - for container in container_names: # type: ignore - table.add_row(container.id, container.name, container.logs) # type: ignore - console = rich.console.Console() - console.print(table) - # Print instructions on how to view the logs - console.print( - rich.panel.Panel( - long_string, - title="How to view logs", - border_style="white", - expand=False, - padding=1, - highlight=True, - ) - ) - - -long_string = ( - "β„Ή [bold green]To view the live logs of a container,copy the log command and paste it into your terminal.[/bold green]\n" # noqa: E501 - + "\n" - + "β„Ή [bold green]The logs will be streamed to your terminal until you exit the command.[/bold green]\n" - + "\n" - + "β„Ή [bold green]To exit the logs, press CTRL+C.[/bold green]\n" - + "\n" - + "🚨 The [bold white]backend,backend_stream & celery[/bold white] [bold green]containers are the most important to monitor for debugging.[/bold green]\n" # noqa: E501 - + "\n" - + " [bold white]--------------- Ctop 🦾 -------------------------[/bold white]\n" - + "\n" - + "🧠 To learn about using [bold white]ctop[/bold white] to monitor your containers,visit https://www.youtube.com/watch?v=BJhlCxerQP4n \n" # noqa: E501 - + "\n" - + " [bold white]----------------- How to view this. πŸ™‚ ---------------[/bold white]\n" - + "\n" - + """β„Ή [bold green]To view this panel again, run the command [bold white]hagrid logs {{NODE_NAME}}[/bold white] [/bold green]\n""" # noqa: E501 - + "\n" - + """🚨 NODE_NAME above is the name of your Hagrid deployment,without the curly braces. E.g hagrid logs canada [bold green]\n""" # noqa: E501 - + "\n" - + " [bold green]HAPPY DEBUGGING! πŸ›πŸžπŸ¦—πŸ¦ŸπŸ¦ πŸ¦ πŸ¦ [/bold green]\n " -) - -cli.add_command(logs) diff --git a/packages/hagrid/hagrid/deps.py b/packages/hagrid/hagrid/deps.py deleted file mode 100644 index 2a97353ce7c..00000000000 --- a/packages/hagrid/hagrid/deps.py +++ /dev/null @@ -1,911 +0,0 @@ -"""The purpose of these functions is to check the local dependencies of the person running the CLI -tool and ensure that things are properly configured for the cli's full use (depending on the user's -operating system.) When dependencies are missing the CLI tool should offer helpful hints about what -course of action to take to install missing dependencies, even offering to run appropriate -installation commands where applicable.""" - -# future -from __future__ import annotations - -# stdlib -from collections.abc import Callable -from dataclasses import dataclass -from dataclasses import field -from datetime import datetime -import getpass -import json -import os -import platform -import re -import shutil -import subprocess # nosec -import sys -import traceback -from typing import Any - -# third party -from packaging import version -from packaging.version import Version -import requests -from rich.console import Console - -# relative -from .exceptions import MissingDependency -from .lib import is_gitpod -from .mode import EDITABLE_MODE -from .nb_output import NBOutput -from .version import __version__ - -LATEST_BETA_SYFT = "0.8.7-beta.7" - -DOCKER_ERROR = """ -You are running an old version of docker, possibly on Linux. You need to install v2. -At the time of writing this, if you are on linux you need to run the following: - -DOCKER_COMPOSE_VERSION=v2.21.0 -curl -sSL https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE_VERSION}/docker-compose-linux-x86_64 \ - -o ~/.docker/cli-plugins/docker-compose -chmod +x ~/.docker/cli-plugins/docker-compose - -ALERT: you may need to run the following command to make sure you can run without sudo. - -echo $USER //(should return your username) -sudo usermod -aG docker $USER - -... now LOG ALL THE WAY OUT!!! - -...and then you should be good to go. You can check your installation by running: - -docker compose version -""" - -SYFT_MINIMUM_PYTHON_VERSION = (3, 10) -SYFT_MINIMUM_PYTHON_VERSION_STRING = "3.10" -SYFT_MAXIMUM_PYTHON_VERSION = (3, 12, 999) -SYFT_MAXIMUM_PYTHON_VERSION_STRING = "3.12" -WHITE = "\033[0;37m" -GREEN = "\033[0;32m" -YELLOW = "\033[0;33m" -BOLD = "\033[1m" -NO_COLOR = "\033[0;0m" -WARNING_MSG = f"\033[0;33mWARNING:{NO_COLOR}" - - -def get_version_string() -> str: - version = str(__version__) - if EDITABLE_MODE: - version += "-dev" - return version - - -@dataclass -class SetupIssue: - issue_name: str - description: str - command: str | None = None - solution: str | None = None - - -@dataclass -class Dependency: - of: str = "" - name: str = "" - display: str = "" - only_os: str = "" - version: Version | None = version.parse("0.0") - valid: bool = False - issues: list[SetupIssue] = field(default_factory=list) - output_in_text: bool = False - - def check(self) -> None: - pass - - -@dataclass -class DependencySyftOS(Dependency): - of: str = "syft" - - def check(self) -> None: - self.display = "βœ… " + ENVIRONMENT["os"] - if is_windows(): - pass - elif is_apple_silicon(): - pass - - -@dataclass -class DependencySyftPython(Dependency): - of: str = "syft" - - def check(self) -> None: - self.version = sys.version_info - if ( - sys.version_info >= SYFT_MINIMUM_PYTHON_VERSION - and sys.version_info <= SYFT_MAXIMUM_PYTHON_VERSION - ): - self.display = "βœ… Python " + ENVIRONMENT["python_version"] - else: - self.issues.append(python_version_unsupported()) - self.display = "❌ " + ENVIRONMENT["python_version"] - - -@dataclass -class DependencyGridGit(Dependency): - of: str = "grid" - - def check(self) -> None: - binary_info = BinaryInfo( - binary="git", version_cmd="git --version" - ).get_binary_info() - if binary_info.path and binary_info.version: - self.display = "βœ… Git " + str(binary_info.version) - else: - self.issues.append(git_install(self.output_in_text)) - self.display = "❌ Git not installed" - - -MINIMUM_DOCKER_VERSION = "20.0.0" - - -@dataclass -class DependencyGridDocker(Dependency): - of: str = "grid" - - def check(self) -> None: - binary_info = BinaryInfo( - binary="docker", version_cmd="docker --version" - ).get_binary_info() - if binary_info.path and binary_info.version > version.parse( - MINIMUM_DOCKER_VERSION - ): - self.display = "βœ… Docker " + str(binary_info.version) - else: - self.issues.append(docker_install()) - self.display = "❌ Docker not installed" - - -MINIMUM_DOCKER_COMPOSE_VERSION = "2.0.0" - - -@dataclass -class DependencyGridDockerCompose(Dependency): - of: str = "grid" - - def check(self) -> None: - binary_info = BinaryInfo( - binary="docker", version_cmd="docker compose version" - ).get_binary_info() - - if ( - binary_info.path - and binary_info.version - and binary_info.version > version.parse(MINIMUM_DOCKER_COMPOSE_VERSION) - ): - self.display = "βœ… Docker Compose " + str(binary_info.version) - else: - self.issues.append(docker_compose_install()) - self.display = "❌ Docker Compose v2 not installed" - - -@dataclass -class DependencyPyPI(Dependency): - of: str = "none" - package_name: str = "" - package_display_name: str = "" - pre: bool = False - install_issue: Callable = lambda: None # noqa: E731 - update_available_issue: Callable = lambda: None # noqa: E731 - - def check(self) -> None: - package_dict = get_pip_package(self.package_name) - - if package_dict is None: - self.display = "❌ " + f"{self.package_display_name} not installed" - self.issues.append(self.install_issue(pre=self.pre)) - else: - version_string = package_dict["version"] - current_version = version.parse(version_string) - if "editable_project_location" in package_dict: - self.display = ( - "🚨 " - + f"{self.package_name}=={str(current_version)} -e {package_dict['editable_project_location']}" - ) - else: - is_newer, latest_version = new_pypi_version( - package=self.package_name, current=current_version, pre=self.pre - ) - if not is_newer: - channel = "stable" - if current_version.is_prerelease: - channel = "pre-release" - self.display = ( - "βœ… " - + f"{self.package_name}=={str(version_string)} (latest {channel})" - ) - else: - self.display = ( - "βœ… " - + f"{self.package_name}=={str(current_version)} (Version {str(latest_version)} available)" - ) - self.issues.append( - self.update_available_issue(current_version, latest_version) - ) - - -def new_pypi_version( - package: str, current: Version, pre: bool = False -) -> tuple[bool, Version]: - pypi_json = get_pypi_versions(package_name=package) - if ( - "info" not in pypi_json - or "releases" not in pypi_json - or "version" not in pypi_json["info"] - ): - raise Exception("Bad response from PyPi") - - if not current.is_prerelease and not pre: - latest_stable = version.parse(pypi_json["info"]["version"]) - if current < latest_stable: - return (True, latest_stable) - else: - return (False, current) - else: - latest_release = current - - releases = sorted(pypi_json["releases"].keys()) - for release in releases: - pre_release_version = version.parse(release) - if latest_release < pre_release_version: - latest_release = pre_release_version - - if latest_release != current: - return (True, latest_release) - else: - return (False, latest_release) - - -def get_pypi_versions(package_name: str) -> dict[str, Any]: - try: - pypi_url = f"https://pypi.org/pypi/{package_name}/json" - req = requests.get(pypi_url) # nosec - # TODO: Fix JSON parsing of version keys - # this is broken on my machine for some reason, the version keys are wrong - pypi_info = json.loads(req.text) - # print(pypi_info["releases"].keys()) - return pypi_info - - except Exception as e: - print(f"Unable to get JSON from PyPI URL: {pypi_url}. {e}") - raise e - - -def get_pip_package(package_name: str) -> dict[str, str] | None: - packages = get_pip_packages() - for package in packages: - if package["name"] == package_name: - return package - return None - - -def get_pip_packages() -> list[dict[str, str]]: - try: - cmd = "python -m pip list --format=json --disable-pip-version-check" - output = subprocess.check_output(cmd, shell=True) # nosec - return json.loads(str(output.decode("utf-8")).strip()) - except Exception as e: - print("failed to pip list", e) - raise e - - -def get_location(binary: str) -> str | None: - return shutil.which(binary) - - -@dataclass -class BinaryInfo: - binary: str - version_cmd: str - error: str | None = None - path: str | None = None - version: str | Version | None = version.parse("0.0") - version_regex = ( - r"[^\d]*(" - + r"(0|[1-9][0-9]*)\.*(0|[1-9][0-9]*)\.*(0|[1-9][0-9]*)" - + r"(-((0|[1-9][0-9]*|[0-9]*[a-zA-Z-][0-9a-zA-Z-]*)" - + r"(\.(0|[1-9][0-9]*|[0-9]*[a-zA-Z-][0-9a-zA-Z-]*))*))?" - + r"(\+([0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*))?)" - + r"[^\d].*" - ) - - def extract_version(self, lines: list[str]) -> None: - for line in lines: - matches = re.match(self.version_regex, line) - if matches is not None: - self.version = matches.group(1) - try: - if "-gitpod" in self.version: - parts = self.version.split("-gitpod") - self.version = parts[0] - if "-desktop" in self.version: - parts = self.version.split("-desktop") - self.version = parts[0] - self.version = version.parse(self.version) - except Exception: # nosec - pass - break - - def get_binary_info(self) -> BinaryInfo: - self.path = get_location(self.binary) - if self.path: - returncode, lines = get_cli_output(self.version_cmd) - if returncode == 0: - self.extract_version(lines=lines) - else: - if len(lines) > 0: - self.error = lines[0] - else: - self.error = f"Error, no output from {self.binary}" - return self - - -def get_cli_output(cmd: str, timeout: float | None = None) -> tuple[int, list[str]]: - try: - proc = subprocess.Popen( # nosec - cmd.split(" "), - stdout=subprocess.PIPE, - stderr=subprocess.PIPE, - ) - lines = [] - if proc.stdout and hasattr(proc.stdout, "readlines"): - lines = [line.decode("utf-8") for line in proc.stdout.readlines()] - - if proc.stderr and hasattr(proc.stderr, "readlines"): - lines.extend([line.decode("utf-8") for line in proc.stderr.readlines()]) - - proc.communicate(timeout=timeout) - return (int(proc.returncode), lines) - except Exception as e: - return (-1, [str(e)]) - - -def gather_debug() -> dict[str, Any]: - # relative - from .lib import commit_hash - from .lib import hagrid_root - - now = datetime.now().astimezone() - dt_string = now.strftime("%d/%m/%Y %H:%M:%S %Z") - debug_info: dict[str, Any] = {} - debug_info["datetime"] = dt_string - debug_info["python_binary"] = sys.executable - debug_info["dependencies"] = DEPENDENCIES - debug_info["environment"] = ENVIRONMENT - debug_info["hagrid"] = get_version_string() - debug_info["hagrid_dev"] = EDITABLE_MODE - debug_info["hagrid_path"] = hagrid_root() - debug_info["hagrid_repo_sha"] = commit_hash() - debug_info["docker"] = docker_info() - if is_windows(): - debug_info["wsl"] = wsl_info() - debug_info["wsl_linux"] = wsl_linux_info() - return debug_info - - -def get_environment() -> dict[str, Any]: - return { - "uname": platform.uname(), - "platform": platform.system().lower(), - "os_version": platform.release(), - "python_version": platform.python_version(), - } - - -ENVIRONMENT = get_environment() - - -def os_name() -> str: - os_name = platform.system() - if os_name.lower() == "darwin": - return "macOS" - else: - return os_name - - -ENVIRONMENT["os"] = os_name() - - -def is_apple_silicon() -> bool: - if ( - "platform" in ENVIRONMENT - and ENVIRONMENT["platform"].lower() == "darwin" - and ENVIRONMENT["uname"].machine != "x86_64" - ): - return True - return False - - -ENVIRONMENT["apple_silicon"] = is_apple_silicon() - - -def is_windows() -> bool: - if "platform" in ENVIRONMENT and ENVIRONMENT["platform"].lower() == "windows": - return True - return False - - -allowed_hosts = ["docker", "azure", "aws", "gcp"] -commands = ["docker", "git", "ansible-playbook"] - -if is_windows(): - commands.append("wsl") - - -def check_deps_old() -> dict[str, str | None]: - paths = {} - for dep in commands: - paths[dep] = shutil.which(dep) - return paths - - -DEPENDENCIES = check_deps_old() - - -def docker_info() -> str: - try: - cmd = "docker info" - output = subprocess.check_output(cmd, shell=True) # nosec - return str(output.decode("utf-8")) - except Exception as e: - print("failed to get docker info", e) - return str(e) - - -def wsl_info() -> str: - try: - cmd = "wsl --status" - output = subprocess.check_output(cmd, shell=True) # nosec - return str(output.decode("utf-8")) - except Exception as e: - print("failed to get wsl info", e) - return str(e) - - -def wsl_linux_info() -> str: - try: - cmd = "wsl bash -c 'lsb_release -a'" - output = subprocess.check_output(cmd, shell=True) # nosec - return str(output.decode("utf-8")) - except Exception as e: - print("failed to get wsl linux info", e) - return str(e) - - -def check_docker_version() -> str | None: - if is_windows(): - return "N/A" # todo fix to work with windows - result = os.popen("docker compose version", "r").read() # nosec - version = None - if "version" in result: - version = result.split()[-1] - else: - print("This may be a linux machine, either that or docker compose isn't s") - print("Result:" + result) - out = subprocess.run( # nosec - ["docker", "compose"], capture_output=True, text=True - ) - if "'compose' is not a docker command" in out.stderr: - raise MissingDependency(DOCKER_ERROR) - - return version - - -def docker_running(timeout: float | None = None) -> tuple[bool, str]: - status, error_msg = False, "" - - try: - cmd = "docker info" - returncode, msg = get_cli_output(cmd, timeout=timeout) - if returncode == 0: - status, error_msg = True, "βœ… Docker service is running" - else: - error_msg = f"""❌ Docker service is either not installed or running.\n\n -To install docker, execute the following steps:\n -1 - Install docker on your machine by using the proper steps according to your OS.\n -{WHITE}MacOS: {GREEN}brew install --cask docker -{WHITE}Linux: {GREEN}curl -fsSL https://get.docker.com -o get-docker.sh && chmod +777 get-docker.sh && ./get-docker.sh -{WHITE}Windows: {GREEN}choco install docker-desktop -y{NO_COLOR} \n -2 - Run \'{GREEN}sudo usermod -a -G docker $USER\'{WHITE} to enable this user to execute docker. -3 - log out and log back in so that your group membership is re-evaluated {NO_COLOR}. --------------------------------------------------------------------------------------------------------\n -To start your docker service:\n -1 - {WHITE}MacOS/Windows: One can start docker by clicking on the "Docker" icon in your Applications folder.{NO_COLOR} -2 - {WHITE}Ubuntu: {GREEN}sudo service docker start {NO_COLOR} --------------------------------------------------------------------------------------------------------\n -""" - error_msg += f"""{YELLOW}{BOLD}Std Output Logs{NO_COLOR} -=================\n\n""" + "\n".join(msg) - - except Exception as e: # nosec - error_msg = str(e) - - return status, error_msg - - -def allowed_to_run_docker() -> tuple[bool, str]: - bool_result, msg = True, "" - if platform.system().lower() == "linux": - _, line = get_cli_output("getent group docker") - - # get user - user = getpass.getuser() - - # Check if current user is root. - if os.geteuid() == 0: - bool_result = True - - # Check if current user is member of docker group. - elif not is_gitpod() and user not in "".join(line): - msg = f"""⚠️ User is not a member of docker group. -{WHITE}You're currently not allowed to run docker, perform the following steps:\n - 1 - Run \'{GREEN}sudo usermod -a -G docker $USER\'{WHITE} to add docker permissions. - 2 - log out and log back in so that your group membership is re-evaluated {NO_COLOR}.""" - # NOTE: For some reason, inside of CI pipeline the user (runner) isn't a member of - # docker group and doesn't have sudo priviledges, but can execute docker without - # permission issues. This is just a workaround to avoid raising an exeception - # in this scenario without reason. - if user == "runner": - bool_result = True - else: - bool_result = False - - return bool_result, msg - - -def check_docker_service_status(animated: bool = True) -> None: - """Check the status of the docker service. - - Raises: - MissingDependency: If docker service is not running. - """ - - if not animated: - docker_installed, msg = docker_running(timeout=60) - user_allowed, permission_msg = allowed_to_run_docker() - else: - console = Console() - # putting \t at the end seems to prevent weird chars getting outputted - # during animations in the juypter notebook - with console.status("[bold blue]Checking for Docker Service[/bold blue]\t"): - docker_installed, msg = docker_running(timeout=60) - user_allowed, permission_msg = allowed_to_run_docker() - - # Check if user is allowed to execute docker - if not user_allowed: - raise MissingDependency(permission_msg) - - # If docker bin was not found. - if not docker_installed: - raise MissingDependency(msg) - - print("βœ… Docker service is running") - - -def check_deps( - deps: dict[str, Dependency], - of: str = "", - display: bool = True, - output_in_text: bool = False, -) -> dict[str, Dependency] | NBOutput: - output = "" - if len(of) > 0: - of = f" {of}" - # output += f"Checking{of} Dependencies:\n" - issues = [] - for dep in deps.values(): - dep.check() - output += (dep.display + "\n") if display else "" - issues += dep.issues - - if not output_in_text: - if len(issues) > 0: - output += "

🚨 Some issues were found

" - for issue in issues: - output += f"
Issue: {issue.description}
" - if issue.solution != "": - output += f"Solution:\n{issue.solution}" - if issue.command != "": - output += ( - "
Command:\n " - + f"[ ]!{issue.command}
" - ) - output += "\n" - - return NBOutput(output).to_html() - else: - if len(issues) > 0: - output += "🚨 Some issues were found\n" - for issue in issues: - output += f"\nIssue: {issue.description}\n" - if issue.solution != "": - output += f"\nSolution:\n{issue.solution}\n" - if issue.command != "": - output += "\nCommand:\n" + f"{issue.command} " - output += "\n" - - if len(output) > 0: - print(output) - return None # type: ignore - - -def check_grid_docker( - display: bool = True, output_in_text: bool = False -) -> dict[str, Dependency] | NBOutput: - try: - deps: dict[str, Dependency] = {} - deps["git"] = DependencyGridGit(name="git") - deps["docker"] = DependencyGridDocker(name="docker") - deps["docker_compose"] = DependencyGridDockerCompose(name="docker compose") - return check_deps( - of="Grid", deps=deps, display=display, output_in_text=output_in_text - ) - except Exception as e: - try: - if display and not output_in_text: - return NBOutput(debug_exception(e=e)).to_html() - except Exception: # nosec - pass - - print(e) - raise e - - -def debug_exception(e: Exception) -> str: - exception = ( - f'
An exception occured: {e}.
' - + "Please file a bug report on GitHub Issues or in Slack #support
" - ) - exception += "\n" - exception += ".\n" - exception += "https://slack.openmined.org/\n" - exception += "https://github.com/OpenMined/PySyft/issues\n" - exception += "\n\nWhen reporting bugs, please copy everything between the lines.\n" - exception += "==================================================================\n" - exception += ( - "" + json.dumps(gather_debug(), indent=4, sort_keys=True) + "" - ) - exception += "\n" - exception += traceback.format_exc() - exception += ( - "\n=================================================================\n\n" - ) - return exception - - -def check_syft_deps(display: bool = True) -> dict[str, Dependency] | NBOutput: - try: - deps: dict[str, Dependency] = {} - deps["os"] = DependencySyftOS(name="os") - deps["python"] = DependencySyftPython(name="python") - return check_deps(of="Syft", deps=deps, display=display) - except Exception as e: - try: - if display: - return NBOutput(debug_exception(e=e)).to_html() - except Exception: # nosec - pass - - print(e) - raise e - - -def check_hagrid(display: bool = True) -> dict[str, Dependency] | NBOutput: - try: - deps: dict[str, Dependency] = {} - deps["hagrid"] = DependencyPyPI( - package_name="hagrid", - package_display_name="HAGrid", - update_available_issue=hagrid_update_available, - ) - return check_deps(deps=deps, display=display) - except Exception as e: - try: - if display: - return NBOutput(debug_exception(e=e)).to_html() - except Exception: # nosec - pass - - print(e) - raise e - - -def check_syft( - display: bool = True, pre: bool = False -) -> dict[str, Dependency] | NBOutput: - try: - deps: dict[str, Dependency] = {} - deps["os"] = DependencySyftOS(name="os") - deps["python"] = DependencySyftPython(name="python") - deps["syft"] = DependencyPyPI( - package_name="syft", - package_display_name="Syft", - pre=pre, - install_issue=syft_install, - update_available_issue=syft_update_available, - ) - return check_deps(deps=deps, display=display) - except Exception as e: - try: - if display: - return NBOutput(debug_exception(e=e)).to_html() - except Exception: # nosec - pass - - print(e) - raise e - - -PACKAGE_MANAGER_COMMANDS = { - "git": { - "macos": "brew install git", - "windows": 'choco install git.install --params "/GitAndUnixToolsOnPath /WindowsTerminal /NoAutoCrlf" -y', - "linux": "sudo apt update && sudo apt install git", - "backup_url": "https://git-scm.com/downloads", - }, - "docker": { - "macos": "brew install --cask docker", - "windows": "choco install docker-desktop -y", - "linux": "curl -fsSL https://get.docker.com -o get-docker.sh && chmod +777 get-docker.sh && ./get-docker.sh", - "backup_url": "https://www.docker.com/products/docker-desktop/", - }, - "docker_compose": { - "macos": "brew install --cask docker", - "windows": "choco install docker-desktop -y", - "linux": ( - "mkdir -p ~/.docker/cli-plugins\n" - + "DOCKER_COMPOSE_VERSION=v2.21.0\n" - + "curl -sSL https://github.com/docker/compose/releases/download/" - + "${DOCKER_COMPOSE_VERSION}/docker-compose-linux-x86_64 " - + "-o ~/.docker/cli-plugins/docker-compose\n" - + "chmod +x ~/.docker/cli-plugins/docker-compose" - ), - "backup_url": "https://github.com/docker/compose", - }, -} - -PACKAGE_MANAGERS = { - "macos": "brew", - "windows": "choco", - "linux": "apt", -} - - -def os_package_manager_install_cmd( - package_name: str, package_display_name: str, output_in_text: bool = False -) -> tuple[str | None, str | None]: - os = ENVIRONMENT["os"].lower() - cmd = None - url = None - package_manager = PACKAGE_MANAGERS[os] - if ( - package_name in PACKAGE_MANAGER_COMMANDS - and os in PACKAGE_MANAGER_COMMANDS[package_name] - ): - cmd = PACKAGE_MANAGER_COMMANDS[package_name][os] - if ( - package_name in PACKAGE_MANAGER_COMMANDS - and "backup_url" in PACKAGE_MANAGER_COMMANDS[package_name] - ): - url = PACKAGE_MANAGER_COMMANDS[package_name]["backup_url"] - - solution = "" - - if not output_in_text: - if cmd: - solution += f"- You can install {package_display_name} with {package_manager}\n" - if url: - if cmd: - solution += "- Alternatively, you " - else: - solution += "- You " - solution += f"can download and install {package_display_name}" - solution += f'from {url}' - else: - if cmd: - solution += ( - f"- You can install {package_display_name} with {package_manager}\n" - ) - if url: - if cmd: - solution += "- Alternatively, you " - else: - solution += "- You " - solution += f"can download and install {package_display_name} from {url}" - - return (cmd, solution) - - -def docker_compose_install() -> SetupIssue: - command, solution = os_package_manager_install_cmd( - package_name="docker_compose", package_display_name="Docker Compose" - ) - return SetupIssue( - issue_name="docker_compose_install", - description="You do not have Docker Compose v2 installed.", - command=command, - solution=solution, - ) - - -def docker_install() -> SetupIssue: - command, solution = os_package_manager_install_cmd( - package_name="docker", package_display_name="Docker" - ) - return SetupIssue( - issue_name="docker_install", - description="You do not have Docker installed.", - command=command, - solution=solution, - ) - - -def git_install(output_in_text: bool = False) -> SetupIssue: - command, solution = os_package_manager_install_cmd( - package_name="git", package_display_name="Git", output_in_text=output_in_text - ) - return SetupIssue( - issue_name="git_install", - description="You do not have Git installed.", - command=command, - solution=solution, - ) - - -def syft_install(pre: bool = False) -> SetupIssue: - command = "pip install -U syft" - if pre: - # command += " --pre" - pass - return SetupIssue( - issue_name="syft_install", - description="You have not installed Syft.", - command=command, - solution="You can install Syft with pip.", - ) - - -def syft_update_available(current_version: Version, new_version: Version) -> SetupIssue: - return SetupIssue( - issue_name="syft_update_available", - description=( - "A new release of Syft is available: " - + f"{str(current_version)} -> {str(new_version)}." - ), - command=f"pip install syft=={new_version}", - solution="You can upgrade Syft with pip.", - ) - - -def hagrid_update_available( - current_version: Version, new_version: Version -) -> SetupIssue: - return SetupIssue( - issue_name="hagrid_update_available", - description=( - "A new release of HAGrid is available: " - + f"{str(current_version)} -> {str(new_version)}." - ), - command=f"pip install -U hagrid=={new_version}", - solution="You can upgrade HAGrid with pip.", - ) - - -def python_version_unsupported() -> SetupIssue: - return SetupIssue( - issue_name="python_version_unsupported", - description=( - f"Syft supports Python >= {SYFT_MINIMUM_PYTHON_VERSION_STRING} " - + f"and <= {SYFT_MAXIMUM_PYTHON_VERSION_STRING}" - ), - command="", - solution="You must install a compatible version of Python", - ) diff --git a/packages/hagrid/hagrid/dummynum.py b/packages/hagrid/hagrid/dummynum.py deleted file mode 100644 index 06b28f28682..00000000000 --- a/packages/hagrid/hagrid/dummynum.py +++ /dev/null @@ -1,28 +0,0 @@ -# stdlib -from typing import Any - -# a dummy enum - - -class Meta(type): - # any property returns another dummy which can also be executed - def __getattribute__(cls, name: str) -> Any: - try: - return super().__getattribute__(name) - except Exception: # nosec - pass - return return_dummy() - - -# this lets us prevent runtime errors of missing types in older syft -class DummyNum(metaclass=Meta): - def __init__(self, *args: Any, **kwargs: Any) -> None: - pass - - def __call__(self, *args: Any, **kwargs: Any) -> Any: - return self - - -def return_dummy() -> DummyNum: - # this lets us create the sub class in the parent meta on getattr - return DummyNum() diff --git a/packages/hagrid/hagrid/exceptions.py b/packages/hagrid/hagrid/exceptions.py deleted file mode 100644 index 0bb68a0dd55..00000000000 --- a/packages/hagrid/hagrid/exceptions.py +++ /dev/null @@ -1,2 +0,0 @@ -class MissingDependency(Exception): - pass diff --git a/packages/hagrid/hagrid/file.py b/packages/hagrid/hagrid/file.py deleted file mode 100644 index 378f5fdcf10..00000000000 --- a/packages/hagrid/hagrid/file.py +++ /dev/null @@ -1,8 +0,0 @@ -# stdlib -import os - - -def user_hagrid_profile() -> str: - dir_path = os.path.expanduser("~/.hagrid") - os.makedirs(dir_path, exist_ok=True) - return os.path.abspath(dir_path) diff --git a/packages/hagrid/hagrid/git_check.py b/packages/hagrid/hagrid/git_check.py deleted file mode 100644 index c98028f0c52..00000000000 --- a/packages/hagrid/hagrid/git_check.py +++ /dev/null @@ -1,15 +0,0 @@ -# relative -from .deps import DependencyGridGit -from .deps import check_deps - - -def verify_git_installation() -> None: - dep = DependencyGridGit(name="git", output_in_text=True) - deps = {} - deps["git"] = dep - check_deps(of="Git", deps=deps, display=False, output_in_text=True) # type: ignore - if dep.issues: - exit(1) - - -verify_git_installation() diff --git a/packages/hagrid/hagrid/grammar.py b/packages/hagrid/hagrid/grammar.py deleted file mode 100644 index 62f98d47fe8..00000000000 --- a/packages/hagrid/hagrid/grammar.py +++ /dev/null @@ -1,365 +0,0 @@ -# future -from __future__ import annotations - -# stdlib -from collections.abc import Callable -import socket -from typing import Any - -# relative -from .deps import allowed_hosts -from .lib import find_available_port - -ALLOWED_NODE_TYPES = ["domain", "network", "gateway", "enclave"] - - -class BadGrammar(Exception): - pass - - -class GrammarVerb: - def __init__( - self, - command: str, - full_sentence: list[dict[str, Any]], - abbreviations: dict[int, list[str | None]], - ) -> None: - self.grammar: list[GrammarTerm | HostGrammarTerm | SourceGrammarTerm] = [] - self.command = command - self.full_sentence = full_sentence - self.abbreviations = abbreviations - - def get_named_term_grammar(self, name: str) -> GrammarTerm: - for term in self.grammar: - if term.name == name and isinstance(term, GrammarTerm): - return term - raise BadGrammar(f"GrammarTerm with {name} not found in {self.grammar}") - - def get_named_term_hostgrammar(self, name: str) -> HostGrammarTerm: - for term in self.grammar: - if term.name == name and isinstance(term, HostGrammarTerm): - return term - raise BadGrammar(f"HostGrammarTerm with {name} not found in {self.grammar}") - - def get_named_term_type( - self, name: str, term_type: str | None = None - ) -> GrammarTerm | HostGrammarTerm: - if term_type == "host": - return self.get_named_term_hostgrammar(name=name) - return self.get_named_term_grammar(name=name) - - def set_named_term_type( - self, name: str, new_term: GrammarTerm, term_type: str | None = None - ) -> None: - new_grammar = [] - for term in self.grammar: - found = False - if term.name == name: - if term_type is not None and term.type == term_type: - found = True - elif term_type is None: - found = True - if not found: - new_grammar.append(term) - else: - new_grammar.append(new_term) - self.grammar = new_grammar - - def load_grammar( - self, grammar: list[GrammarTerm | HostGrammarTerm | SourceGrammarTerm] - ) -> None: - self.grammar = grammar - - -class GrammarTerm: - def __init__( - self, - type: str, - name: str, - default: str | Callable | None = None, - options: list | None = None, - example: str | None = None, - **kwargs: Any, - ) -> None: - self.raw_input: str | None = None - self.input: str | None = None - self.type = type - self.name = name - self.default = default - self.options = options if options is not None else [] - self.example = example - - @property - def snake_input(self) -> str | None: - if self.input: - return self.input.lower().replace(" ", "_") - return None - - @property - def kebab_input(self) -> str | None: - if self.input: - return self.input.lower().replace(" ", "-") - return None - - def __repr__(self) -> str: - return f"<{type(self).__name__}: {self.name}<{self.type}>: {self.input} [raw: {self.raw_input}]>" - - def get_example(self) -> str: - return_value = self.example if self.example else self.default - if callable(return_value): - return_value = return_value() - return str(return_value) - - # no op - def custom_parsing(self, input: str) -> str: - return input - - def parse_input(self, input: str | None) -> None: - self.raw_input = input - if input is None and self.default is None: - raise BadGrammar( - f"{self.name} has no default, please use one of the following options: {self.options}" - ) - if input is None: - if isinstance(self.default, str): - input = self.default - elif callable(self.default): - input = self.default() - - if len(self.options) > 0 and input not in self.options: - raise BadGrammar( - f"{input} is not valid for {self.name} please use one of the following options: {self.options}" - ) - - self.input = self.custom_parsing(input=input) if input else input - - -class HostGrammarTerm(GrammarTerm): - @property - def host(self) -> str | None: - return self.parts()[0] - - @property - def port(self) -> int | None: - return self.parts()[1] - - @property - def search(self) -> bool: - return bool(self.parts()[2]) - - @property - def port_tls(self) -> int: - if self.port == 80: - return 443 - return 444 - - @property - def free_port(self) -> int: - if self.port is None: - raise BadGrammar( - f"{type(self)} unable to check if port {self.port} is free" - ) - return find_available_port(host="localhost", port=self.port, search=self.search) - - @property - def free_port_tls(self) -> int: - if self.port_tls is None: - raise BadGrammar( - f"{type(self)} unable to check if tls port {self.port_tls} is free" - ) - return find_available_port(host="localhost", port=self.port_tls, search=True) - - def parts(self) -> tuple[str | None, int | None, bool]: - host = None - port: int | None = None - search = False - if self.input: - parts = self.input.split(":") - host = parts[0] - if len(parts) > 1: - port_str = parts[1] - if port_str.endswith("+"): - search = True - port_str = port_str[0:-1] - port = int(port_str) - return (host, port, search) - - def validate_host(self, host_or_ip: str) -> bool: - try: - if socket.gethostbyname(host_or_ip) == host_or_ip: - return True - elif socket.gethostbyname(host_or_ip) != host_or_ip: - return True - except socket.gaierror: - raise BadGrammar( - f"{host_or_ip} is not valid for {self.name}. Try an IP, hostname or docker, vm, aws, azure or gcp" - ) - return False - - def validate_port(self, port: str) -> bool: - try: - if port.endswith("+"): - int(port[0:-1]) - else: - int(port) - except Exception: # nosec - raise BadGrammar( - f"{port} is not a valid port option. Try: {self.get_example()}" - ) - return True - - def custom_parsing(self, input: str) -> str: - colons = input.count(":") - host = input - port = None - if colons > 1: - raise BadGrammar( - f"You cannot have more than one : for {self.name}, try: {self.get_example()}" - ) - elif colons == 1: - parts = input.split(":") - host = parts[0] - port = parts[1] - - if port is None: - if host == "docker": - port = "8081+" # default - else: - port = "80" # default - - if host not in allowed_hosts: - _ = self.validate_host(host_or_ip=host) - - _ = self.validate_port(port=port) - - return f"{host}:{port}" - - -class SourceGrammarTerm(GrammarTerm): - def custom_parsing(self, input: str) -> str: - trimmed = input - if trimmed.startswith("http://"): - trimmed = trimmed.replace("http://", "") - if trimmed.startswith("https://"): - trimmed = trimmed.replace("https://", "") - if trimmed.startswith("github.com/"): - trimmed = trimmed.replace("github.com/", "") - - parts = trimmed.split("/") - if "tree" not in input or len(parts) < 4: - raise BadGrammar( - f"{self.name} should be a valid github.com repo branch url. Try: {self.get_example()}" - ) - - repo = f"{parts[0]}/{parts[1]}" - branch = "/".join(parts[3:]) - - return f"{repo}:{branch}" - - -def validate_arg_count(arg_count: int, verb: GrammarVerb) -> bool: - valid = True - - if arg_count not in verb.abbreviations: - error_str = f"Command {verb.command} supports the following invocations:\n" - for count in sorted(verb.abbreviations.keys()): - abbreviation = verb.abbreviations[count] - example_terms = [] - for i, term_type in enumerate(abbreviation): - if term_type is not None: - term_settings = verb.full_sentence[i] - example = term_settings["klass"](**term_settings).get_example() - example_terms.append(example) - error_str += f"{count} args: {verb.command} {' '.join(example_terms)}\n" - - raise BadGrammar(error_str) - - return valid - - -def launch_shorthand_support(args: tuple) -> tuple: - """When launching, we want to be able to default to 'domain' if it's not provided, to launch - nodes when no name is provided, and to support node names which have multiple words. - - hagrid launch -> hagrid launch domain - hagrid launch United Nations -> hagrid launch "United Nations" domain - hagrid launch United Nations domain -> hagrid launch "United Nations" domain - hagrid launch on docker -> hagrid launch domain on docker - - """ - - # Some mild analysis - found_node_type = False - preposition_position = 10000 - for i, arg in enumerate(args): - if arg in ALLOWED_NODE_TYPES: - found_node_type = True - - if arg.strip() in ["to", "from"]: - if i < preposition_position: - preposition_position = i - - _args = list(args) - - # Default to domain if it's not provided - if not found_node_type: - if preposition_position != 10000: - _args.insert(preposition_position, "domain") - preposition_position += 1 - else: - _args = _args + ["domain"] - - # if there are no prepositions and the domain/network is the last word - if preposition_position == 10000 and _args[-1] in ALLOWED_NODE_TYPES: - _args = [" ".join(_args[:-1])] + _args[-1:] - - # if there are prepositions then combine the words in the name if there are multiple - elif preposition_position != 10000: - _args = [" ".join(_args[: preposition_position - 1])] + _args[ - preposition_position - 1 : - ] - - # if there wasn't a name provided - make sure we don't have an empty place in the list - # so that later logic will generate a name - if _args[0] == "": - _args = _args[1:] - - args = tuple(_args) - - return args - - -def parse_grammar(args: tuple, verb: GrammarVerb) -> list[GrammarTerm]: - # if the command is a launch, check if any shorthands were employed - if verb.command == "launch": - args = launch_shorthand_support(args=args) - - arg_list = list(args) - arg_count = len(arg_list) - errors = [] - if validate_arg_count(arg_count=arg_count, verb=verb): - terms = [] - abbreviation = verb.abbreviations[arg_count] - for i, term_type in enumerate(abbreviation): - if term_type is None: - arg = None # use None so we get the default - else: - arg = arg_list.pop(0) # use a real arg - - term_settings = verb.full_sentence[i] - - try: - term = term_settings["klass"](**term_settings) - term.parse_input(arg) - terms.append(term) - - except BadGrammar as e: - errors.append(str(e)) - - if len(errors) > 0: - raise BadGrammar("\n".join(errors)) - - # make command - return terms - else: - raise BadGrammar("Grammar is not valid") diff --git a/packages/hagrid/hagrid/img/hagrid.png b/packages/hagrid/hagrid/img/hagrid.png deleted file mode 100644 index 2b4dbd75d41..00000000000 Binary files a/packages/hagrid/hagrid/img/hagrid.png and /dev/null differ diff --git a/packages/hagrid/hagrid/img/hagrid2.png b/packages/hagrid/hagrid/img/hagrid2.png deleted file mode 100644 index 8df9d58d147..00000000000 Binary files a/packages/hagrid/hagrid/img/hagrid2.png and /dev/null differ diff --git a/packages/hagrid/hagrid/land.py b/packages/hagrid/hagrid/land.py deleted file mode 100644 index 1c138c1971b..00000000000 --- a/packages/hagrid/hagrid/land.py +++ /dev/null @@ -1,60 +0,0 @@ -# stdlib - -# relative -from .grammar import GrammarTerm -from .grammar import GrammarVerb -from .grammar import HostGrammarTerm - - -def get_land_verb() -> GrammarVerb: - full_sentence = [ - { - "name": "node_name", - "type": "adjective", - "klass": GrammarTerm, - "example": "'my_domain'", - }, - { - "name": "preposition", - "type": "preposition", - "klass": GrammarTerm, - "default": "at", - "options": ["at", "on"], - }, - { - "name": "host", - "type": "propernoun", - "klass": HostGrammarTerm, - "default": "docker", - "example": "docker", - }, - ] - - abbreviations: dict[int, list[str | None]] = { - 3: [ - "adjective", - "preposition", - "propernoun", - ], # node_name # at # host - 2: [ - "adjective", - None, - "propernoun", - ], # node_name # ignore # host - 1: [ - "adjective", - None, - None, - ], # node_name # ignore # ignore - 0: [ - None, - None, - None, - ], # ignore # ignore # ignore - } - - return GrammarVerb( - command="land", - full_sentence=full_sentence, - abbreviations=abbreviations, - ) diff --git a/packages/hagrid/hagrid/launch.py b/packages/hagrid/hagrid/launch.py deleted file mode 100644 index c6cc785da50..00000000000 --- a/packages/hagrid/hagrid/launch.py +++ /dev/null @@ -1,113 +0,0 @@ -# stdlib - -# relative -from .cache import DEFAULT_BRANCH -from .grammar import ALLOWED_NODE_TYPES -from .grammar import GrammarTerm -from .grammar import GrammarVerb -from .grammar import HostGrammarTerm -from .grammar import SourceGrammarTerm -from .names import random_name - - -def get_launch_verb() -> GrammarVerb: - full_sentence = [ - { - "name": "node_name", - "type": "propernoun", - "klass": GrammarTerm, - "default": random_name, - "example": "'my_domain'", - }, - { - "name": "node_type", - "type": "object", - "klass": GrammarTerm, - "default": "domain", - "options": ALLOWED_NODE_TYPES, - }, - { - "name": "preposition", - "type": "preposition", - "klass": GrammarTerm, - "default": "to", - "options": ["to"], - }, - { - "name": "host", - "type": "propernoun", - "klass": HostGrammarTerm, - "default": "docker", - "example": "docker:8081+", - }, - { - "name": "preposition", - "type": "preposition", - "klass": GrammarTerm, - "default": "from", - "options": ["from"], - }, - { - "name": "source", - "type": "propernoun", - "klass": SourceGrammarTerm, - "default": f"github.com/OpenMined/PySyft/tree/{DEFAULT_BRANCH}", - }, - ] - - abbreviations: dict[int, list[str | None]] = { - 6: [ - "propernoun", # name - "object", # node_type - "preposition", # to - "propernoun", # host - "preposition", # from - "propernoun", # source - ], - 5: [ - None, # name - "object", # node_type - "preposition", # to - "propernoun", # host - "preposition", # from - "propernoun", # source - ], - 4: [ - "propernoun", # name - "object", # node_type - "preposition", # to - "propernoun", # host - None, # ignore - None, # ignore - ], - 3: [ - None, # ignore - "object", # node_type - "preposition", # to - "propernoun", # host - None, # ignore - None, # ignore - ], - 2: [ - "propernoun", # name - "object", # node_type - None, # ignore - None, # ignore - None, # ignore - None, # ignore - ], - 1: [ - None, # ignore - "object", # node_type - None, # ignore - None, # ignore - None, # ignore - None, # ignore - ], - } - - return GrammarVerb( - command="launch", - full_sentence=full_sentence, - abbreviations=abbreviations, - ) diff --git a/packages/hagrid/hagrid/lib.py b/packages/hagrid/hagrid/lib.py deleted file mode 100644 index 057f77160f7..00000000000 --- a/packages/hagrid/hagrid/lib.py +++ /dev/null @@ -1,472 +0,0 @@ -# stdlib -from enum import Enum -import hashlib -import importlib -import importlib.machinery -import importlib.util -import json -import os -from pathlib import Path -import random -import shutil -import socket -import subprocess # nosec - -# third party -import git -import requests -import rich -from rich import console -from rich import progress -from rich.table import Table - -# relative -from .cache import DEFAULT_BRANCH -from .mode import EDITABLE_MODE -from .mode import hagrid_root - - -class GitRemoteProgress(git.RemoteProgress): - # CREDITS: https://splunktool.com/python-progress-bar-for-git-clone - OP_CODES = [ - "BEGIN", - "CHECKING_OUT", - "COMPRESSING", - "COUNTING", - "END", - "FINDING_SOURCES", - "RECEIVING", - "RESOLVING", - "WRITING", - ] - OP_CODE_MAP = { - getattr(git.RemoteProgress, _op_code): _op_code for _op_code in OP_CODES - } - - def __init__(self) -> None: - super().__init__() - self.progressbar = progress.Progress( - progress.SpinnerColumn(), - # *progress.Progress.get_default_columns(), - progress.TextColumn("[progress.description]{task.description}"), - progress.BarColumn(), - progress.TextColumn("[progress.percentage]{task.percentage:>3.0f}%"), - "eta", - progress.TimeRemainingColumn(), - progress.TextColumn("{task.fields[message]}"), - console=console.Console(), - transient=False, - ) - self.progressbar.start() - self.active_task = None - - def __del__(self) -> None: - # logger.info("Destroying bar...") - self.progressbar.stop() - - @classmethod - def get_curr_op(cls, op_code: int) -> str: - """Get OP name from OP code.""" - # Remove BEGIN- and END-flag and get op name - op_code_masked = op_code & cls.OP_MASK - return cls.OP_CODE_MAP.get(op_code_masked, "?").title() - - def update( - self, - op_code: int, - cur_count: str | float, - max_count: str | float | None = None, - message: str | None = None, - ) -> None: - # Start new bar on each BEGIN-flag - if op_code & self.BEGIN: - self.curr_op = self.get_curr_op(op_code) - # logger.info("Next: %s", self.curr_op) - self.active_task = self.progressbar.add_task( - description=self.curr_op, - total=max_count, - message=message, - ) - - self.progressbar.update( - task_id=self.active_task, - completed=cur_count, - message=message, - ) - - # End progress monitoring on each END-flag - if op_code & self.END: - # logger.info("Done: %s", self.curr_op) - self.progressbar.update( - task_id=self.active_task, - message=f"[bright_black]{message}", - ) - - -class ProcessStatus(Enum): - RUNNING = "[blue]Running" - DONE = "[green]Done" - FAILED = "[red]Failed" - - -def docker_desktop_memory() -> int: - path = str(Path.home()) + "/Library/Group Containers/group.com.docker/settings.json" - - try: - f = open(path) - out = f.read() - f.close() - return json.loads(out)["memoryMiB"] - - except Exception: # nosec - # docker desktop not found - probably running linux - return -1 - - -def asset_path() -> os.PathLike: - return Path(hagrid_root()) / "hagrid" - - -def manifest_template_path() -> os.PathLike: - return Path(asset_path()) / "manifest_template.yml" - - -def hagrid_cache_dir() -> os.PathLike: - return Path("~/.hagrid").expanduser() - - -def repo_src_path() -> Path: - if EDITABLE_MODE: - return Path(os.path.abspath(Path(hagrid_root()) / "../../")) - else: - return Path(os.path.join(Path(hagrid_cache_dir()) / "PySyft")) - - -def grid_src_path() -> str: - return str(repo_src_path() / "packages" / "grid") - - -def check_is_git(path: Path) -> bool: - is_repo = False - try: - git.Repo(path) - is_repo = True - except Exception: # nosec - pass - return is_repo - - -def is_gitpod() -> bool: - return bool(os.environ.get("GITPOD_WORKSPACE_URL", None)) - - -def gitpod_url(port: int | None = None) -> str: - workspace_url = os.environ.get("GITPOD_WORKSPACE_URL", "") - if port: - workspace_url = workspace_url.replace("https://", f"https://{port}-") - return workspace_url - - -def get_git_repo() -> git.Repo: - # relative - from .art import RichEmoji - - OK_EMOJI = RichEmoji("white_heavy_check_mark").to_str() - - is_git = check_is_git(path=repo_src_path()) - console = rich.get_console() - - if not EDITABLE_MODE and not is_git: - github_repo = "OpenMined/PySyft.git" - git_url = f"https://github.com/{github_repo}" - - print(f"Fetching Syft + Grid Source from {git_url} to {repo_src_path()}") - try: - repo_branch = DEFAULT_BRANCH - repo_path = repo_src_path() - - if repo_path.exists(): - shutil.rmtree(str(repo_path)) - - git.Repo.clone_from( - git_url, - str(repo_path), - single_branch=False, - b=repo_branch, - progress=GitRemoteProgress(), - ) - console.print(f"{OK_EMOJI} Fetched PySyft repo.") - except Exception as e: # nosec - print(f"Failed to clone {git_url} to {repo_src_path()} with error: {e}") - return git.Repo(repo_src_path()) - - -def update_repo(repo: git.Repo, branch: str) -> None: - # relative - from .art import RichEmoji - - OK_EMOJI = RichEmoji("white_heavy_check_mark").to_str() - console = rich.get_console() - if not EDITABLE_MODE: - with console.status("Updating hagrid") as console_status: - console_status.update(f"[bold blue]Updating HAGrid from branch: {branch}") - try: - if repo.is_dirty(): - repo.git.reset("--hard") - repo.remotes.origin.fetch() - repo.git.checkout(branch) - repo.remotes.origin.pull() - console.print(f"{OK_EMOJI} Updated HAGrid from branch: {branch}") - except Exception as e: - print(f"Error checking out branch {branch}.", e) - - -def commit_hash() -> str: - try: - repo = get_git_repo() - sha = repo.head.commit.hexsha - return sha - except Exception as e: - print("failed to get repo sha", e) - return "unknown" - - -def use_branch(branch: str) -> None: - if not EDITABLE_MODE: - print(f"Using HAGrid from branch: {branch}") - repo = get_git_repo() - try: - if repo.is_dirty(): - repo.git.reset("--hard") - repo.remotes.origin.fetch() - repo.git.checkout(branch) - repo.remotes.origin.pull() - except Exception as e: - print(f"Error checking out branch {branch}.", e) - - -def should_provision_remote( - username: str | None, password: str | None, key_path: str | None -) -> bool: - is_remote = username is not None or password is not None or key_path is not None - if username and password or username and key_path: - return is_remote - if is_remote: - raise Exception("--username requires either --password or --key-path") - return is_remote - - -def name_tag(name: str) -> str: - return hashlib.sha256(name.encode("utf8")).hexdigest() - - -def find_available_port( - host: str, port: int | None = None, search: bool = False -) -> int: - if port is None: - port = random.randint(1500, 65000) # nosec - port_available = False - while not port_available: - try: - sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - result_of_check = sock.connect_ex((host, port)) - - if result_of_check != 0: - port_available = True - break - else: - if search: - port += 1 - else: - break - sock.close() - - except Exception as e: - print(f"Failed to check port {port}. {e}") - sock.close() - - if search is False and port_available is False: - error = ( - f"{port} is in use, either free the port or " - + f"try: {port}+ to auto search for a port" - ) - raise Exception(error) - return port - - -def get_version_module() -> tuple[str, str]: - try: - version_file_path = f"{grid_src_path()}/VERSION" - loader = importlib.machinery.SourceFileLoader("VERSION", version_file_path) - spec = importlib.util.spec_from_loader(loader.name, loader) - if spec: - version_module = importlib.util.module_from_spec(spec) - loader.exec_module(version_module) - version = version_module.get_version() - hash = version_module.get_hash() - return (version, hash) - except Exception as e: - print(f"Failed to retrieve versions from: {version_file_path}. {e}") - return ("unknown", "unknown") - - -# Check base route of an IP address -def check_host(ip: str, silent: bool = False) -> bool: - try: - socket.gethostbyname(ip) - return True - except Exception as e: - if not silent: - print(f"Failed to resolve host {ip}. {e}") - return False - - -# Check status of login page -def check_login_page(ip: str, timeout: int = 30, silent: bool = False) -> bool: - try: - url = f"http://{ip}/login" - response = requests.get(url, timeout=timeout) - if response.status_code == 200: - return True - else: - return False - except Exception as e: - if not silent: - print(f"Failed to check login page {ip}. {e}") - return False - - -# Check api metadata -def check_api_metadata(ip: str, timeout: int = 30, silent: bool = False) -> bool: - try: - url = f"http://{ip}/api/v2/metadata" - response = requests.get(url, timeout=timeout) - if response.status_code == 200: - return True - else: - return False - except Exception as e: - if not silent: - print(f"Failed to check api metadata {ip}. {e}") - return False - - -def save_vm_details_as_json(username: str, password: str, process_list: list) -> None: - """Saves the launched hosts details as json.""" - - host_ip_details: list = [] - - # file path to save host details - dir_path = os.path.expanduser("~/.hagrid") - os.makedirs(dir_path, exist_ok=True) - file_path = f"{dir_path}/host_ips.json" - - for ip_address, _, jupyter_token in process_list: - _data = { - "username": username, - "password": password, - "ip_address": ip_address, - "jupyter_token": jupyter_token, - } - host_ip_details.append(_data) - - # save host details - with open(file_path, "w") as fp: - json.dump({"host_ips": host_ip_details}, fp) - - print(f"Saved vm details at: {file_path}") - - -def generate_user_table(username: str, password: str) -> Table | str: - if not username and not password: - return "" - - table = Table(title="Virtual Machine Credentials") - table.add_column("Username") - table.add_column("Password") - - table.add_row(f"[green]{username}", f"[green]{password}") - - return table - - -def get_process_status(process: subprocess.Popen) -> str: - poll_status = process.poll() - if poll_status is None: - return ProcessStatus.RUNNING.value - elif poll_status != 0: - return ProcessStatus.FAILED.value - else: - return ProcessStatus.DONE.value - - -def generate_process_status_table(process_list: list) -> tuple[Table, bool]: - """Generate a table to show the status of the processes being exected. - - Args: - process_list (list): each item in the list - is a tuple of ip_address, process and jupyter token - - Returns: - Tuple[Table, bool]: table of process status and flag to indicate if all processes are executed. - """ - - process_statuses: list[str] = [] - lines_to_display = 5 # Number of lines to display as output - - table = Table(title="Virtual Machine Status") - table.add_column("PID", style="cyan") - table.add_column("IpAddress", style="magenta") - table.add_column("Status") - table.add_column("Jupyter Token", style="white on black") - table.add_column("Log", overflow="fold", no_wrap=False) - - for ip_address, process, jupyter_token in process_list: - process_status = get_process_status(process) - - process_statuses.append(process_status) - - process_log = [] - if process_status == ProcessStatus.FAILED.value: - process_log += process.stderr.readlines(lines_to_display) - else: - process_log += process.stdout.readlines(lines_to_display) - - process_log_str = "\n".join(log.decode("utf-8") for log in process_log) - process_log_str = process_log_str if process_log else "-" - - table.add_row( - f"{process.pid}", - f"{ip_address}", - f"{process_status}", - f"{jupyter_token}", - f"{process_log_str}", - ) - - processes_completed = ProcessStatus.RUNNING.value not in process_statuses - - return table, processes_completed - - -def check_jupyter_server( - host_ip: str, wait_time: int = 5, silent: bool = False -) -> bool: - if not silent: - print(f"Checking Jupyter Server at VM {host_ip} is up") - - try: - url = f"http://{host_ip}:8888/" - response = requests.get(url, timeout=wait_time) - if response.status_code == 200: - return True - else: - return False - except Exception as e: - if not silent: - print(f"Failed to check jupyter server status {host_ip}. {e}") - return False - - -GIT_REPO = get_git_repo -GRID_SRC_VERSION = get_version_module -GRID_SRC_PATH = grid_src_path diff --git a/packages/hagrid/hagrid/manifest_template.yml b/packages/hagrid/hagrid/manifest_template.yml deleted file mode 100644 index 552fdb3efd7..00000000000 --- a/packages/hagrid/hagrid/manifest_template.yml +++ /dev/null @@ -1,31 +0,0 @@ -manifestVersion: 0.1 -hagrid_version: 0.3.121 -syft_version: 0.8.7-beta.7 -dockerTag: 0.8.7-beta.7 -baseUrl: https://raw.githubusercontent.com/OpenMined/PySyft/ -hash: 4333433d5bec7bb9bcd52db59029d3bcb23c74c2 -target_dir: ~/.hagrid/PySyft/ -files: - grid: - path: packages/grid/ - common: - - default.env - docker: - - default.env - - docker-compose.build.yml - - docker-compose.dev.yml - - docker-compose.pull.yml - - docker-compose.test.yml - - docker-compose.tls.yml - - docker-compose.yml - - traefik/docker/dynamic-tls.yml - - traefik/docker/dynamic.yml - - traefik/docker/traefik-tls.template.yml - - traefik/docker/traefik.yml - k8s: - - devspace.yaml - podman: - - podman/podman-kube/podman-syft-kube-config.yaml - - podman/podman-kube/podman-syft-kube.yaml - - podman/podman-kube/traefik/conf/dynamic.yml - - podman/podman-kube/traefik/traefik.yml diff --git a/packages/hagrid/hagrid/mode.py b/packages/hagrid/hagrid/mode.py deleted file mode 100644 index e21da8ccbba..00000000000 --- a/packages/hagrid/hagrid/mode.py +++ /dev/null @@ -1,47 +0,0 @@ -# stdlib -import os -from pathlib import Path -import site - - -def str_to_bool(bool_str: str | None) -> bool: - result = False - bool_str = str(bool_str).lower() - if bool_str == "true" or bool_str == "1": - result = True - return result - - -def hagrid_root() -> str: - return os.path.abspath(str(Path(__file__).parent.parent)) - - -def is_editable_mode() -> bool: - disable_editable_mode = str_to_bool( - os.environ.get("DISABLE_EDITABLE_MODE", "False") - ) - if disable_editable_mode: - print("🚨 Editable Mode DISABLED") - return False - current_package_root = hagrid_root() - - installed_as_editable = False - sitepackages_dirs = site.getsitepackages() - # check all site-packages returned if they have a hagrid.egg-link - for sitepackages_dir in sitepackages_dirs: - egg_link_file = Path(sitepackages_dir) / "hagrid.egg-link" - try: - linked_folder = egg_link_file.read_text() - # if the current code is in the same path as the egg-link its -e mode - installed_as_editable = current_package_root in linked_folder - break - except Exception: # nosec - pass - - if os.path.exists(Path(current_package_root) / "hagrid.egg-info"): - installed_as_editable = True - - return installed_as_editable - - -EDITABLE_MODE = is_editable_mode() diff --git a/packages/hagrid/hagrid/names.py b/packages/hagrid/hagrid/names.py deleted file mode 100644 index 26e6b92025d..00000000000 --- a/packages/hagrid/hagrid/names.py +++ /dev/null @@ -1,185 +0,0 @@ -# stdlib -from secrets import randbelow - -left_name = [ - "admiring", - "adoring", - "affectionate", - "agitated", - "amazing", - "angry", - "awesome", - "beautiful", - "blissful", - "bold", - "boring", - "brave", - "busy", - "charming", - "clever", - "cool", - "compassionate", - "competent", - "condescending", - "confident", - "cranky", - "crazy", - "dazzling", - "determined", - "distracted", - "dreamy", - "eager", - "ecstatic", - "elastic", - "elated", - "elegant", - "eloquent", - "epic", - "exciting", - "fervent", - "festive", - "flamboyant", - "focused", - "friendly", - "frosty", - "funny", - "gallant", - "gifted", - "goofy", - "gracious", - "great", - "happy", - "hardcore", - "heuristic", - "hopeful", - "hungry", - "infallible", - "inspiring", - "interesting", - "intelligent", - "jolly", - "jovial", - "keen", - "kellis", - "kind", - "laughing", - "loving", - "lucid", - "magical", - "mystifying", - "modest", - "musing", - "naughty", - "nervous", - "nice", - "nifty", - "nostalgic", - "objective", - "optimistic", - "peaceful", - "pedantic", - "pensive", - "practical", - "priceless", - "quirky", - "quizzical", - "recursing", - "relaxed", - "reverent", - "romantic", - "sad", - "serene", - "sharp", - "silly", - "sleepy", - "stoic", - "strange", - "stupefied", - "suspicious", - "sweet", - "tender", - "thirsty", - "trusting", - "unruffled", - "upbeat", - "vibrant", - "vigilant", - "vigorous", - "wizardly", - "wonderful", - "xenodochial", - "youthful", - "zealous", - "zen", -] - -right_name = [ - "altman", - "bach", - "bengios", - "bostrom", - "botvinick", - "brockman", - "chintala", - "chollet", - "chomsky", - "dean", - "dolgov", - "eckersley", - "fridman", - "gardner", - "goertzel", - "goodfellow", - "hassabis", - "he", - "hinton", - "hochreiter", - "hotz", - "howard", - "hutter", - "isbell", - "kaliouby", - "karp", - "karpathy", - "kearns", - "kellis", - "knuth", - "koller", - "krizhevsky", - "larochelle", - "lattner", - "lecun", - "li", - "lim", - "littman", - "malik", - "mironov", - "ng", - "norvig", - "olah", - "pearl", - "pesenti", - "russell", - "salakhutdinov", - "schmidhuber", - "silver", - "smola", - "song", - "sophia", - "sutskever", - "thomas", - "thrun", - "trask", - "vapnik", - "vaswani", - "vinyals", - "winston", - "wolf", - "wolfram", -] - - -def random_name() -> str: - left_i = randbelow(len(left_name) - 1) - right_i = randbelow(len(right_name) - 1) - return f"{left_name[left_i].capitalize()} {right_name[right_i].capitalize()}" diff --git a/packages/hagrid/hagrid/nb_output.py b/packages/hagrid/hagrid/nb_output.py deleted file mode 100644 index c0a4bb0d2fb..00000000000 --- a/packages/hagrid/hagrid/nb_output.py +++ /dev/null @@ -1,15 +0,0 @@ -# future -from __future__ import annotations - - -# alert-info, alert-warning, alert-success, alert-danger -class NBOutput: - def __init__(self, raw_output: str) -> None: - self.raw_output = raw_output - - def _repr_html_(self) -> str: - return self.raw_output - - def to_html(self) -> NBOutput: - self.raw_output = self.raw_output.replace("\n", "
") - return self diff --git a/packages/hagrid/hagrid/parse_template.py b/packages/hagrid/hagrid/parse_template.py deleted file mode 100644 index faa2c143ad6..00000000000 --- a/packages/hagrid/hagrid/parse_template.py +++ /dev/null @@ -1,327 +0,0 @@ -# stdlib -import hashlib -import os -import shutil -from urllib.parse import urlparse - -# third party -from jinja2 import Environment -from jinja2 import FileSystemLoader -from jinja2 import Template -import requests -from rich.progress import track -import yaml - -# relative -from .cache import DEFAULT_REPO -from .cache import STABLE_BRANCH -from .lib import hagrid_cache_dir -from .lib import manifest_template_path -from .lib import repo_src_path -from .mode import EDITABLE_MODE - -HAGRID_TEMPLATE_PATH = str(manifest_template_path()) - - -def read_yml_file(filename: str) -> tuple[dict | None, str]: - template = None - - with open(filename) as fp: - try: - text = fp.read() - template = yaml.safe_load(text) - template_hash = hashlib.sha256(text.encode("utf-8")).hexdigest() - except yaml.YAMLError as exc: - raise exc - - return template, template_hash - - -def read_yml_url(yml_url: str) -> tuple[dict | None, str]: - template = None - - try: - # download file - response = requests.get(yml_url) # nosec - if response.status_code != 200: - raise Exception(f"Failed to download: {yml_url}") - - # Save file to the local destination - try: - template = yaml.safe_load(response.content) - template_hash = hashlib.sha256(response.content).hexdigest() - except yaml.YAMLError as exc: - raise exc - - except Exception as e: - raise e - - return template, template_hash - - -def git_url_for_file(file_path: str, base_url: str, hash: str) -> str: - # url must have unix style slashes - return os.path.join(base_url, hash, file_path).replace(os.sep, "/") - - -def get_local_abs_path(target_dir: str, file_path: str) -> str: - local_path = os.path.join(target_dir, file_path) - return os.path.expanduser(local_path) - - -def is_url(string: str) -> bool: - try: - result = urlparse(string) - return all([result.scheme, result.netloc]) - except ValueError: - return False - - -def is_path(string: str) -> bool: - return os.path.exists(string) - - -def manifest_cache_path(template_hash: str) -> str: - return f"{hagrid_cache_dir()}/manifests/{template_hash}" - - -def url_from_repo(template_location: str | None) -> str | None: - if template_location is None: - return None - - if ":" in template_location and "/" in template_location: - parts = template_location.split(":") - branch_or_hash = parts[1] - repo = parts[0] - elif ":" not in template_location and "/" in template_location: - branch_or_hash = STABLE_BRANCH - repo = template_location - else: - branch_or_hash = template_location - repo = DEFAULT_REPO - - manifest_url = ( - f"https://raw.githubusercontent.com/{repo}/{branch_or_hash}" - "/packages/hagrid/hagrid/manifest_template.yml" - ) - - if is_url(manifest_url): - return manifest_url - return None - - -def get_template_yml(template_location: str | None) -> tuple[dict | None, str]: - if template_location: - if is_url(template_location): - template, template_hash = read_yml_url(template_location) - elif is_path(template_location): - template, template_hash = read_yml_file(template_location) - elif url_from_repo(template_location): - template, template_hash = read_yml_url(url_from_repo(template_location)) - else: - raise Exception(f"{template_location} is not valid") - else: - template_location = HAGRID_TEMPLATE_PATH - - template, template_hash = read_yml_file(template_location) - - if EDITABLE_MODE and is_path(template_location): - # save it to the same folder for dev mode - template_hash = "dev" - return template, template_hash - - -def setup_from_manifest_template( - host_type: str, - deployment_type: str, - template_location: str | None = None, - overwrite: bool = False, - verbose: bool = False, -) -> dict: - template, template_hash = get_template_yml(template_location) - - kwargs_to_parse = {} - - if template is None: - raise ValueError( - f"Failed to read {template_location}. Please check the file name or path is correct." - ) - - git_hash = template["hash"] - git_base_url = template["baseUrl"] - target_dir = manifest_cache_path(template_hash) - all_template_files = template["files"] - docker_tag = template["dockerTag"] - files_to_download = [] - - for package_name in all_template_files: - # Get all files w.r.t that package e.g. grid, syft, hagrid - template_files = all_template_files[package_name] - package_path = template_files["path"] - - # common files - files_to_download += [ - os.path.join(package_path, f) for f in template_files["common"] - ] - - # docker related files - if host_type in ["docker"]: - files_to_download += [ - os.path.join(package_path, f) for f in template_files["docker"] - ] - - # add k8s related files - # elif host_type in ["k8s"]: - # files_to_download += template_files["k8s"] - - else: - raise Exception(f"Hagrid template does not currently support {host_type}.") - - if EDITABLE_MODE and is_path(template_location): - # to test things in editable mode we can pass in a .yml file path and it will - # copy the files instead of download them - for src_file_path in track(files_to_download, description="Copying files"): - full_src_dir = f"{repo_src_path()}/{src_file_path}" - full_target_path = f"{target_dir}/{src_file_path}" - full_target_dir = os.path.dirname(full_target_path) - os.makedirs(full_target_dir, exist_ok=True) - - shutil.copyfile( - full_src_dir, - full_target_path, - ) - else: - download_files( - files_to_download=files_to_download, - git_hash=git_hash, - git_base_url=git_base_url, - target_dir=target_dir, - overwrite=overwrite, - verbose=verbose, - ) - - kwargs_to_parse["tag"] = docker_tag - return kwargs_to_parse - - -def deployment_dir(node_name: str) -> str: - return f"{hagrid_cache_dir()}/deployments/{node_name}" - - -def download_files( - files_to_download: list[str], - git_hash: str, - git_base_url: str, - target_dir: str, - overwrite: bool = False, - verbose: bool = False, -) -> None: - for src_file_path in track(files_to_download, description="Downloading files"): - # For now target file path is same as source file path - trg_file_path = src_file_path - local_destination = get_local_abs_path(target_dir, trg_file_path) - link_to_file = git_url_for_file(src_file_path, git_base_url, git_hash) - download_file( - link_to_file=link_to_file, - local_destination=local_destination, - overwrite=overwrite, - verbose=verbose, - ) - - -def render_templates( - node_name: str, - deployment_type: str, - template_location: str | None, - env_vars: dict, - host_type: str, -) -> None: - template, template_hash = get_template_yml(template_location) - - if template is None: - raise ValueError("Failed to read hagrid template.") - - src_dir = manifest_cache_path(template_hash) - target_dir = deployment_dir(node_name) - all_template_files = template["files"] - - jinja_template = JinjaTemplate(src_dir) - - files_to_render = [] - for package_name in all_template_files: - template_files = all_template_files[package_name] - - # Aggregate all the files to be rendered - - # common files - files_to_render += template_files["common"] - - if host_type in ["docker"]: - # docker related files - for template_file in template_files["docker"]: - if "default.env" not in template_file: - files_to_render.append(template_file) - - # Render the files - for file_path in files_to_render: - folder_path = template_files["path"] - # relative to src_dir - src_file_path = f"{folder_path}{file_path}" - target_file_path = f"{target_dir}/{file_path}" - os.makedirs(os.path.dirname(target_file_path), exist_ok=True) - jinja_template.substitute_vars(src_file_path, env_vars, target_file_path) - - -class JinjaTemplate: - def __init__(self, template_dir: str | os.PathLike) -> None: - self.directory = os.path.expanduser(template_dir) - self.environ = Environment( - loader=FileSystemLoader(self.directory), autoescape=True - ) - - def read_template_from_path(self, filepath: str) -> Template: - return self.environ.get_template(name=filepath) - - def substitute_vars( - self, template_path: str, vars_to_substitute: dict, target_path: str - ) -> None: - template = self.read_template_from_path(template_path) - rendered_template = template.render(vars_to_substitute) - self.save_to(rendered_template, target_path) - - def save_to(self, message: str, filename: str) -> None: - base_dir = self.directory - filepath = os.path.abspath(os.path.join(base_dir, filename)) - - # Create sub directories if does not exist - os.makedirs(os.path.dirname(filepath), exist_ok=True) - - # Save template to filepath - with open(filepath, "w") as fp: - fp.write(message) - - -def download_file( - link_to_file: str, - local_destination: str, - overwrite: bool = False, - verbose: bool = False, -) -> None: - file_dir = os.path.dirname(local_destination) - os.makedirs(file_dir, exist_ok=True) - - if not os.path.exists(local_destination) or overwrite: - try: - # download file - response = requests.get(link_to_file) # nosec - if response.status_code != 200: - raise Exception(f"Failed to download: {link_to_file}") - - # Save file to the local destination - open(local_destination, "wb").write(response.content) - - except Exception as e: - raise e - else: - if verbose: - print(f"Skipping download: {link_to_file} exists.") diff --git a/packages/hagrid/hagrid/quickstart_ui.py b/packages/hagrid/hagrid/quickstart_ui.py deleted file mode 100644 index 9d1f8fc2652..00000000000 --- a/packages/hagrid/hagrid/quickstart_ui.py +++ /dev/null @@ -1,356 +0,0 @@ -# stdlib -from dataclasses import dataclass -import os -from pathlib import Path -import sys -from urllib.parse import urlparse -import zipfile - -# third party -import click -import requests -from tqdm import tqdm - -# relative -from .cache import DEFAULT_BRANCH -from .cache import DEFAULT_REPO -from .cache import arg_cache -from .nb_output import NBOutput - -directory = os.path.expanduser("~/.hagrid/quickstart/") - - -def quickstart_download_notebook( - url: str, directory: str, reset: bool = False, overwrite_all: bool = False -) -> tuple[str, bool, bool]: - os.makedirs(directory, exist_ok=True) - file_name = os.path.basename(url).replace("%20", "_").replace(" ", "_") - file_path = directory + os.sep + file_name - file_path = os.path.abspath(file_path) - - file_exists = os.path.isfile(file_path) - if overwrite_all: - reset = True - - if file_exists and not reset: - response = click.prompt( - f"\nOverwrite {file_name}?", - prompt_suffix="(a/y/N)", - default="n", - show_default=False, - ) - if response.lower() == "a": - reset = True - overwrite_all = True - elif response.lower() == "y": - reset = True - else: - print(f"Skipping {file_name}") - reset = False - - downloaded = False - if not file_exists or file_exists and reset: - print(f"Downloading notebook: {file_name}") - r = requests.get(url, allow_redirects=True) # nosec - with open(os.path.expanduser(file_path), "wb") as f: - f.write(r.content) - downloaded = True - return file_path, downloaded, overwrite_all - - -def fetch_notebooks_for_url( - url: str, - directory: str, - reset: bool = False, - repo: str = DEFAULT_REPO, - branch: str = DEFAULT_BRANCH, - commit: str | None = None, -) -> list[str]: - downloaded_files = [] - allowed_schemes_as_url = ["http", "https"] - url_scheme = urlparse(url).scheme - # relative mode - if url_scheme not in allowed_schemes_as_url: - notebooks = get_urls_from_dir(repo=repo, branch=branch, commit=commit, url=url) - if url.endswith(".ipynb"): - file_name = os.path.basename(url) - url_parts = url.split("notebooks") - if len(url_parts) > 1: - url_dir = url_parts[-1] - else: - url_dir = url - url_dir = url_dir.replace(file_name, "") - else: - url_dir = url - notebook_files = [] - existing_count = 0 - for notebook_url in notebooks: - url_filename = os.path.basename(notebook_url) - url_dirname = os.path.dirname(notebook_url) - if ( - url_dirname.endswith(url_dir) - and os.path.isdir(directory + url_dir) - and os.path.isfile(directory + url_dir + os.sep + url_filename) - ): - notebook_files.append(url_dir + os.sep + url_filename) - existing_count += 1 - - if existing_count > 0: - plural = "s" if existing_count > 1 else "" - print( - f"You have {existing_count} existing notebook{plural} matching: {url}" - ) - for nb in notebook_files: - print(nb) - - overwrite_all = False - for notebook_url in tqdm(notebooks): - file_path, _, overwrite_all = quickstart_download_notebook( - url=notebook_url, - directory=os.path.abspath(directory + os.sep + str(url_dir) + os.sep), - reset=reset, - overwrite_all=overwrite_all, - ) - downloaded_files.append(file_path) - - else: - file_path, _, _ = quickstart_download_notebook( - url=url, directory=directory, reset=reset - ) - downloaded_files.append(file_path) - return downloaded_files - - -def quickstart_extract_notebook( - zip_file: str, - name: str, - directory: Path, - reset: bool = False, - overwrite_all: bool = False, -) -> tuple[str, bool, bool]: - directory.mkdir(exist_ok=True) - reset = overwrite_all - - base_name = os.path.basename(name) - file_path = directory / base_name - file_name = file_path.name - file_exists = file_path.exists() - - if file_exists and not reset: - response = click.prompt( - f"\nOverwrite {file_name}?", - prompt_suffix="(a/y/N)", - default="n", - show_default=False, - ) - if response.lower() == "a": - reset = True - overwrite_all = True - elif response.lower() == "y": - reset = True - else: - print(f"Skipping {file_name}") - reset = False - - extracted = False - if not file_exists or file_exists and reset: - print(f"Extracting notebook: {file_name}") - with zipfile.ZipFile(zip_file, "r") as zf: - zip_info = zf.getinfo(name) - zip_info.filename = base_name - zf.extract(zip_info, directory) - extracted = True - return str(file_path.absolute()), extracted, overwrite_all - - -def fetch_notebooks_from_zipfile( - path: str, directory: str, reset: bool = False -) -> list[str]: - dir_path = Path(directory) - - with zipfile.ZipFile(path, "r") as zf: - notebooks = [f for f in zf.namelist() if f.endswith(".ipynb")] - - notebook_files = [dir_path / os.path.basename(nb) for nb in notebooks] - existing_files = [nb for nb in notebook_files if nb.exists()] - - existing_count = len(existing_files) - - if existing_count > 0: - plural = "s" if existing_count > 1 else "" - print(f"You have {existing_count} existing notebook{plural}") - for nb in existing_files: - print(nb) - - extracted_files = [] - overwrite_all = False - for notebook in tqdm(notebooks): - file_path, _, overwrite_all = quickstart_extract_notebook( - zip_file=path, - name=notebook, - directory=dir_path, - reset=reset, - overwrite_all=overwrite_all, - ) - extracted_files.append(file_path) - - return extracted_files - - -@dataclass -class Tutorial: - filename: str - description: str - url: str - - -REPO_RAW_PATH = "https://raw.githubusercontent.com/OpenMined/PySyft" - -TUTORIALS = { - "api/0.8": Tutorial( - filename="api/0.8", - description="0.8 API Notebooks", - url="api/0.8", - ), - "hello-syft": Tutorial( - filename="tutorials/hello-syft", - description="Hello Syft", - url="tutorials/hello-syft", - ), - "data-engineer": Tutorial( - filename="tutorials/data-engineer", - description="Data Engineer", - url="tutorials/data-engineer", - ), - "data-owner": Tutorial( - filename="tutorials/data-owner", - description="Data Owner", - url="tutorials/data-owner", - ), - "data-scientist": Tutorial( - filename="tutorials/data-scientist", - description="Data Scientist", - url="tutorials/data-scientist", - ), - "pandas-cookbook": Tutorial( - filename="tutorials/pandas-cookbook", - description="Pandas Cookbook", - url="tutorials/pandas-cookbook", - ), -} - - -class QuickstartUI: - @property - def tutorials(self) -> dict[str, Tutorial]: - return TUTORIALS - - def download( - self, tutorial_name: str, reset: bool = False, branch: str = "dev" - ) -> NBOutput: - if tutorial_name not in TUTORIALS.keys(): - return NBOutput( - f'
{tutorial_name} is not a valid tutorial name.
' - ) - else: - tutorial = TUTORIALS[tutorial_name] - downloaded_files = fetch_notebooks_for_url( - url=tutorial.url, directory=directory, branch=branch - ) - html = "" - if len(downloaded_files) == 0: - html += f'
{tutorial_name} failed to download.' - else: - first = downloaded_files[0] - jupyter_path = first.replace(os.path.abspath(directory) + "/", "") - - html += f'
{tutorial_name} downloaded.' - html += f'
πŸ“– Click to Open Tutorial
' - return NBOutput(html) - - def _repr_html_(self) -> str: - html = "" - if not arg_cache["install_wizard_complete"]: - html += "

Step 1b: Install πŸ§™πŸ½β€β™‚οΈ Wizard (Recommended)

" - html += ( - "It looks like this might be your first time running Quickstart.
" - ) - html += ( - "
Please go through the Install Wizard notebook to " - + "install Syft and optionally start a Grid server." - ) - html += ( - '
πŸ“– Click to start ' - + "Install πŸ§™πŸ½β€β™‚οΈ Wizard
" - ) - html += "
" - - html += "

Download Tutorials

" - html += "Below is a list of tutorials to download using quickstart.
" - html += "
    " - for name, tutorial in TUTORIALS.items(): - html += ( - "
  • πŸ“– Tutorial Series: " - + f"{name}
    {tutorial.description}
    • " - ) - html += "
" - first = list(TUTORIALS.keys())[0] - html += ( - "
Try running:
" - + f'quickstart.download("{first}")
' - ) - - return html - - -def get_urls_from_dir( - url: str, - repo: str, - branch: str, - commit: str | None = None, -) -> list[str]: - notebooks = [] - slug = commit if commit else branch - - gh_api_call = ( - "https://api.github.com/repos/" + repo + "/git/trees/" + slug + "?recursive=1" - ) - r = requests.get(gh_api_call) # nosec - if r.status_code != 200: - print( - f"Failed to fetch notebook from: {gh_api_call}.\n" - + "Please try again with the correct parameters!" - ) - sys.exit(1) - - res = r.json() - - for file in res["tree"]: - if file["path"].startswith("notebooks/quickstart/" + url) or file[ - "path" - ].startswith("notebooks/" + url): - if file["path"].endswith(".ipynb"): - temp_url = ( - "https://raw.githubusercontent.com/" - + repo - + "/" - + slug - + "/" - + file["path"] - ) - notebooks.append(temp_url) - - if len(notebooks) == 0: - for file in res["tree"]: - if file["path"].startswith("notebooks/" + url): - if file["path"].endswith(".ipynb"): - temp_url = ( - "https://raw.githubusercontent.com/" - + repo - + "/" - + slug - + "/" - + file["path"] - ) - notebooks.append(temp_url) - return notebooks diff --git a/packages/hagrid/hagrid/rand_sec.py b/packages/hagrid/hagrid/rand_sec.py deleted file mode 100644 index 3323554a72f..00000000000 --- a/packages/hagrid/hagrid/rand_sec.py +++ /dev/null @@ -1,84 +0,0 @@ -# stdlib -from os import urandom -import string -import sys - - -def generate_sec_random_password( - length: int, - special_chars: bool = True, - digits: bool = True, - lower_case: bool = True, - upper_case: bool = True, -) -> str: - """Generates a random password of the given length. - - Args: - length (int): length of the password - special_chars (bool, optional): Include at least one specials char in the password. Defaults to True. - digits (bool, optional): Include at least one digit in the password. Defaults to True. - lower_case (bool, optional): Include at least one lower case character in the password. Defaults to True. - upper_case (bool, optional): Includde at least one upper case character in the password. Defaults to True. - - Raises: - ValueError: If password length if too short. - - Returns: - str: randomly generated password - """ - if not isinstance(length, int) or length < 10: - raise ValueError( - "Password should have a positive safe length of at least 10 characters!" - ) - - choices: str = "" - required_tokens: list[str] = [] - if special_chars: - special_characters = "!@#$%^&*()_+" - choices += special_characters - required_tokens.append( - special_characters[ - int.from_bytes(urandom(1), sys.byteorder) % len(special_characters) - ] - ) - if lower_case: - choices += string.ascii_lowercase - required_tokens.append( - string.ascii_lowercase[ - int.from_bytes(urandom(1), sys.byteorder) % len(string.ascii_lowercase) - ] - ) - if upper_case: - choices += string.ascii_uppercase - required_tokens.append( - string.ascii_uppercase[ - int.from_bytes(urandom(1), sys.byteorder) % len(string.ascii_uppercase) - ] - ) - if digits: - choices += string.digits - required_tokens.append( - string.digits[ - int.from_bytes(urandom(1), sys.byteorder) % len(string.digits) - ] - ) - - # Python 3 (urandom returns bytes) - password = [choices[c % len(choices)] for c in urandom(length)] - - # Pick some random indexes - random_indexes: set[int] = set() - while len(random_indexes) < len(required_tokens): - random_indexes.add(int.from_bytes(urandom(1), sys.byteorder) % len(password)) - - # Replace the random indexes with the required tokens - for i, idx in enumerate(random_indexes): - password[idx] = required_tokens[i] - - return "".join(password) - - -if __name__ == "__main__": - pwd_length = 48 - # generate_sec_random_password(pwd_length) - print(generate_sec_random_password(pwd_length, special_chars=False)) diff --git a/packages/hagrid/hagrid/stable_version.py b/packages/hagrid/hagrid/stable_version.py deleted file mode 100644 index d596aae77cd..00000000000 --- a/packages/hagrid/hagrid/stable_version.py +++ /dev/null @@ -1 +0,0 @@ -LATEST_STABLE_SYFT = "0.8.6" diff --git a/packages/hagrid/hagrid/style.py b/packages/hagrid/hagrid/style.py deleted file mode 100644 index f42d9f79061..00000000000 --- a/packages/hagrid/hagrid/style.py +++ /dev/null @@ -1,44 +0,0 @@ -# stdlib -import io - -# third party -import click -import rich - -# relative -from .deps import DEPENDENCIES -from .mode import EDITABLE_MODE - - -class RichGroup(click.Group): - def format_usage( - self, ctx: click.core.Context, formatter: click.formatting.HelpFormatter - ) -> None: - sio = io.StringIO() - console = rich.get_console() - mode = "" - if EDITABLE_MODE: - mode = "[bold red]EDITABLE DEV MODE[/bold red] :police_car_light:" - console.print( - "[bold red]HA[/bold red][bold magenta]Grid[/bold magenta]!", ":mage:", mode - ) - table = rich.table.Table() - - table.add_column("Dependency", style="magenta") - table.add_column("Found", justify="right") - - for dep in sorted(DEPENDENCIES.keys()): - path = DEPENDENCIES[dep] - installed_str = ":white_check_mark:" if path is not None else ":cross_mark:" - dep_emoji = ":gear:" - if dep == "docker": - dep_emoji = ":whale:" - if dep == "git": - dep_emoji = ":file_folder:" - if dep == "ansible-playbook": - dep_emoji = ":blue_book:" - table.add_row(f"{dep_emoji} {dep}", installed_str) - # console.print(dep_emoji, dep, installed_str) - console.print(table) - console.print("Usage: hagrid [OPTIONS] COMMAND [ARGS]...") - formatter.write(sio.getvalue()) diff --git a/packages/hagrid/hagrid/util.py b/packages/hagrid/hagrid/util.py deleted file mode 100644 index 73d1cf1e34e..00000000000 --- a/packages/hagrid/hagrid/util.py +++ /dev/null @@ -1,102 +0,0 @@ -# stdlib -from collections.abc import Callable -from enum import Enum -import os -import subprocess # nosec -import sys -from typing import Any -from urllib.parse import urlparse - -# relative -from .dummynum import DummyNum - - -class NodeSideType(str, Enum): - LOW_SIDE = "low" - HIGH_SIDE = "high" - - def __str__(self) -> str: - # Use values when transforming NodeType to str - return self.value - - -class ImportFromSyft: - @staticmethod - def import_syft_error() -> Callable: - try: - # syft absolute - from syft.service.response import SyftError - except Exception: - SyftError = DummyNum - - return SyftError - - @staticmethod - def import_stage_protocol_changes() -> Callable: - try: - # syft absolute - from syft.protocol.data_protocol import stage_protocol_changes - except Exception: - - def stage_protocol_changes(*args: Any, **kwargs: Any) -> None: - pass - - return stage_protocol_changes - - @staticmethod - def import_node_type() -> Callable: - try: - # syft absolute - from syft.abstract_node import NodeType - except Exception: - NodeType = DummyNum - - return NodeType - - -def from_url(url: str) -> tuple[str, str, int, str, Any | str]: - try: - # urlparse doesnt handle no protocol properly - if "://" not in url: - url = "http://" + url - parts = urlparse(url) - host_or_ip_parts = parts.netloc.split(":") - # netloc is host:port - port = 80 - if len(host_or_ip_parts) > 1: - port = int(host_or_ip_parts[1]) - host_or_ip = host_or_ip_parts[0] - return ( - host_or_ip, - parts.path, - port, - parts.scheme, - getattr(parts, "query", ""), - ) - except Exception as e: - print(f"Failed to convert url: {url} to GridURL. {e}") - raise e - - -def fix_windows_virtualenv_api(cls: type) -> None: - # fix bug in windows - def _python_rpath(self: Any) -> str: - """The relative path (from environment root) to python.""" - # Windows virtualenv installation installs pip to the [Ss]cripts - # folder. Here's a simple check to support: - if sys.platform == "win32": - # fix here https://github.com/sjkingo/virtualenv-api/issues/47 - return os.path.join(self.path, "Scripts", "python.exe") - return os.path.join("bin", "python") - - cls._python_rpath = property(_python_rpath) - - -def shell(command: str) -> str: - try: - output = subprocess.check_output( # nosec - command, shell=True, stderr=subprocess.STDOUT - ) - except Exception: - output = b"" - return output.decode("utf-8") diff --git a/packages/hagrid/hagrid/version.py b/packages/hagrid/hagrid/version.py deleted file mode 100644 index 22a3553ca00..00000000000 --- a/packages/hagrid/hagrid/version.py +++ /dev/null @@ -1,6 +0,0 @@ -#!/usr/bin/env python3 -# HAGrid Version -__version__ = "0.3.121" - -if __name__ == "__main__": - print(__version__) diff --git a/packages/hagrid/hagrid/win_bootstrap.py b/packages/hagrid/hagrid/win_bootstrap.py deleted file mode 100644 index 9cd79c24c36..00000000000 --- a/packages/hagrid/hagrid/win_bootstrap.py +++ /dev/null @@ -1,267 +0,0 @@ -# stdlib -from collections.abc import Callable -import subprocess # nosec - -# one liner to use bootstrap script: -# CMD: curl https://raw.githubusercontent.com/OpenMined/PySyft/dev/packages/hagrid/hagrid/win_bootstrap.py > win_bootstrap.py && python win_bootstrap.py # noqa -# Powershell is complaining about a utf-8 issue we need to fix, could be related to a -# bug with long lines in utf-8 -# PS: $r = Invoke-WebRequest "https://raw.githubusercontent.com/OpenMined/PySyft/dev/packages/hagrid/hagrid/win_bootstrap.py" -UseBasicParsing; echo $r.Content > win_bootstrap.py; python win_bootstrap.py # noqa - - -class Requirement: - def __init__( - self, full_name: str, choco_name: str, detect: Callable, extras: str = "" - ) -> None: - self.full_name = full_name - self.choco_name = choco_name - self.detect = detect - self.extras = extras - - def __repr__(self) -> str: - return self.full_name - - -install_choco_pwsh = """ -[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; -Invoke-Expression ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1')); -""" - -install_wsl2_pwsh = """ -wsl --update; wsl --shutdown; wsl --set-default-version 2; wsl --install -d Ubuntu; wsl --setdefault Ubuntu; -""" - -# add this to block powershell from existing for debugging -# Read-Host -Prompt string - - -def make_admin_cmd(admin_cmd: str) -> str: - return ( - f"Start-Process PowerShell -Wait -Verb RunAs -ArgumentList " - '"' - "Set-ExecutionPolicy Bypass -Scope Process -Force; " - f"{admin_cmd}; " - '"' - ) - - -def where_is(binary: str, req: Requirement) -> bool: - print(f"{req.full_name} - {binary}", end="", flush=True) - found = path_where_is(binary) - if not found: - found = full_where_is(binary) - if found: - print(" √") - else: - print(" Γ—") - return found - - -def path_where_is(binary: str) -> bool: - try: - cmds = ["where.exe", binary] - output = subprocess.run(cmds, capture_output=True, cwd="C:\\") # nosec - out = str(output.stdout.decode("utf-8")).split("\r\n") - if binary in out[0]: - return True - except Exception as e: - print("error", e) - pass - return False - - -def full_where_is(binary: str) -> bool: - try: - powershell_cmd = f"where.exe /R C:\ *.exe | findstr \\{binary}$" # noqa: W605 - cmds = ["powershell.exe", "-Command", powershell_cmd] - output = subprocess.run(cmds, capture_output=True, cwd="C:\\") # nosec - out = str(output.stdout.decode("utf-8")).split("\r\n") - if binary in out[0]: - return True - except Exception as e: - print("error", e) - pass - return False - - -def exe(binary: str) -> Callable: - def call(req: Requirement) -> bool: - return where_is(binary=binary, req=req) - - return call - - -def detect_wsl2(req: Requirement) -> bool: - print(f"{req.full_name} - wsl.exe ", end="") - try: - powershell_cmd = "wsl.exe --status" - cmds = ["powershell.exe", "-Command", powershell_cmd] - output = subprocess.run(cmds, capture_output=True) # nosec - out = output.stdout.decode("utf-16") - if "Default Distribution: Ubuntu" in out: - pass - if "Default Version: 2" in out: - print(" √") - return True - except Exception as e: - print("error", e) - pass - print(" Γ—") - return False - - -requirements = [] -requirements.append( - Requirement( - full_name="Windows Subsystem for Linux 2", - choco_name="wsl2", - detect=detect_wsl2, - ) -) -requirements.append( - Requirement( - full_name="Chocolatey Package Manager", - choco_name="choco", - detect=exe("choco.exe"), - ) -) -requirements.append( - Requirement( - full_name="Anaconda Individual Edition", - choco_name="anaconda3", - detect=exe("conda.exe"), - ) -) -requirements.append( - Requirement( - full_name="Git Version Control", - choco_name="git", - detect=exe("git.exe"), - ) -) -requirements.append( - Requirement( - full_name="Docker Desktop", - choco_name="docker-desktop", - detect=exe("docker.exe"), - ) -) - - -def install_elevated_powershell(full_name: str, powershell_cmd: str) -> None: - try: - input( - f"\nInstalling {full_name} requires Administrator.\n" - "When the UAC dialogue appears click Yes on the left.\n\n" - "Press enter to start..." - ) - powershell_cmds = ["-command", powershell_cmd] - output = subprocess.run( # nosec - ["powershell.exe"] + powershell_cmds, capture_output=True - ) - _ = output.stdout.decode("utf-8") - except Exception as e: - print("failed", e) - - -def install_choco() -> None: - return install_elevated_powershell( - full_name="Chocolatey", powershell_cmd=make_admin_cmd(install_choco_pwsh) - ) - - -def install_wsl2() -> None: - return install_elevated_powershell( - full_name="WSL2", powershell_cmd=make_admin_cmd(install_wsl2_pwsh) - ) - - -def install_deps(requirements: list[Requirement]) -> None: - package_names = [] - for req in requirements: - package_names.append(req.choco_name) - - try: - input( - "\nInstalling packages requires Administrator.\n" - "When the UAC dialogue appears click Yes on the left.\n\n" - "Press enter to start..." - ) - choco_args = f"choco.exe install {' '.join(package_names)} -y" - powershell_cmds = ["-command", make_admin_cmd(choco_args)] - output = subprocess.run( # nosec - ["powershell.exe"] + powershell_cmds, capture_output=True - ) - _ = str(output.stdout.decode("utf-8")) - except Exception as e: - print("failed", e) - - -def ask_install(requirement: Requirement) -> bool: - val = input(f"Do you want to install {requirement.full_name} (Y/n): ") - if "y" in val.lower(): - return True - return False - - -def check_all(requirements: list[Requirement]) -> list[Requirement]: - missing = [] - for req in requirements: - if not req.detect(req): - missing.append(req) - return missing - - -def main() -> None: - print("\nHAGrid Windows Dependency Installer") - print("===================================\n") - print("Searching your computer for:") - missing_deps = check_all(requirements=requirements) - - if len(missing_deps) > 0: - print("\nWe were unable to find the following dependencies:") - print("-----------------------------------") - for dep in missing_deps: - print(f"{dep.full_name}") - - print("") - desired = [] - choco_required = False - wsl2_required = False - for dep in missing_deps: - if ask_install(dep): - if dep.choco_name == "choco": - choco_required = True - elif dep.choco_name == "wsl2": - wsl2_required = True - else: - desired.append(dep) - elif dep.choco_name == "choco": - print("You must install Chocolatey to install other dependencies") - return - - if wsl2_required: - install_wsl2() - - if choco_required: - install_choco() - - if len(desired) > 0: - install_deps(desired) - - print("") - still_missing = check_all(requirements=missing_deps) - if len(still_missing) > 0: - print("We were still unable to find the following dependencies:") - print("-----------------------------------") - for dep in still_missing: - print(f"{dep.full_name}") - print("Please try again.") - else: - print("\nCongratulations. All done.") - print("===================================\n") - print("Now you can run HAGrid on Windows!") - - -if __name__ == "__main__": - main() diff --git a/packages/hagrid/hagrid/wizard_ui.py b/packages/hagrid/hagrid/wizard_ui.py deleted file mode 100644 index 7f4c5c1c0d4..00000000000 --- a/packages/hagrid/hagrid/wizard_ui.py +++ /dev/null @@ -1,62 +0,0 @@ -# stdlib - -# relative -from .cache import arg_cache -from .deps import Dependency -from .deps import check_grid_docker -from .deps import check_hagrid -from .deps import check_syft -from .deps import check_syft_deps -from .nb_output import NBOutput - -steps = {} -steps["check_hagrid"] = False -steps["check_syft"] = False -steps["check_grid"] = False - - -def complete_install_wizard( - output: dict[str, Dependency] | NBOutput, -) -> dict[str, Dependency] | NBOutput: - flipped = arg_cache["install_wizard_complete"] - if not flipped: - for _, v in steps.items(): - if v is False: - return output - arg_cache["install_wizard_complete"] = True - if isinstance(output, NBOutput): - if flipped != arg_cache["install_wizard_complete"]: - output.raw_output += "\n\nβœ… You have completed the Install Wizard" - return output - - -class WizardUI: - @property - def check_hagrid(self) -> dict[str, Dependency] | NBOutput: - steps["check_hagrid"] = True - return complete_install_wizard(check_hagrid()) - - @property - def check_syft_deps(self) -> dict[str, Dependency] | NBOutput: - steps["check_syft"] = True - return complete_install_wizard(check_syft_deps()) - - @property - def check_syft(self) -> dict[str, Dependency] | NBOutput: - steps["check_syft"] = True - return complete_install_wizard(check_syft()) - - @property - def check_syft_pre(self) -> dict[str, Dependency] | NBOutput: - steps["check_syft"] = True - return complete_install_wizard(check_syft(pre=True)) - - @property - def check_grid_docker(self) -> dict[str, Dependency] | NBOutput: - print("Deprecated. Please use .check_docker") - return self.check_docker - - @property - def check_docker(self) -> dict[str, Dependency] | NBOutput: - steps["check_grid"] = True - return complete_install_wizard(check_grid_docker()) diff --git a/packages/hagrid/scripts/install.sh b/packages/hagrid/scripts/install.sh deleted file mode 100755 index aa13f184093..00000000000 --- a/packages/hagrid/scripts/install.sh +++ /dev/null @@ -1,232 +0,0 @@ -#!/bin/sh - -# run with: -# curl https://raw.githubusercontent.com/OpenMined/PySyft/dev/packages/hagrid/scripts/install.sh | sh - -set -e - -cat /dev/null </dev/null - RETURN_CODE=$? - set +e - return $RETURN_CODE -} - -check_ubuntu() { - if [ -f /etc/os-release ] - then - . /etc/os-release - if [ "$ID" = "ubuntu" ] - then - return 0 - fi - fi - return 1 -} - -check_macos() { - if [ "$(uname)" = "Darwin" ] - then - return 0 - fi - return 1 -} - -check_os_supported() { - echo "Checking OS..." - if check_macos - then - echo "βœ… macOS detected" - return 0 - elif check_ubuntu - then - echo "βœ… Ubuntu detected" - return 0 - fi - echo $OS_NOT_SUPPORTED - exit 1 -} - -apt_install() { - execute_sudo "apt-get -qq -o=Dpkg::Use-Pty=0 update -y" - execute_sudo "apt-get -qq -o=Dpkg::Use-Pty=0 install $1 -y" -} - -brew_install() { - if is_command "brew" - then - # echo "Would run: brew install $1" - HOMEBREW_NO_AUTO_UPDATE=1 brew install $1 - else - echo "\nWe require brew to install packages.\nYou must install brew first: https://brew.sh/" - exit 1 - fi -} - -hagrid_install() { - echo "\nChecking hagrid ..." - if is_command "hagrid" - then - echo "βœ… hagrid detected" - else - echo "Installing hagrid" - pip install --quiet -U hagrid - fi -} - -# from: https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh -unset HAVE_SUDO_ACCESS # unset this from the environment - -abort() { - printf "%s\n" "$@" >&2 - exit 1 -} - - -have_sudo_access() { - if [[ ! -x "/usr/bin/sudo" ]] - then - return 1 - fi - - local -a SUDO=("/usr/bin/sudo") - if [[ -n "${SUDO_ASKPASS-}" ]] - then - SUDO+=("-A") - elif [[ -n "${NONINTERACTIVE-}" ]] - then - SUDO+=("-n") - fi - - if [[ -z "${HAVE_SUDO_ACCESS-}" ]] - then - if [[ -n "${NONINTERACTIVE-}" ]] - then - "${SUDO[@]}" -l mkdir &>/dev/null - else - "${SUDO[@]}" -v && "${SUDO[@]}" -l mkdir &>/dev/null - fi - HAVE_SUDO_ACCESS="$?" - fi - - if [[ -n "${HOMEBREW_ON_MACOS-}" ]] && [[ "${HAVE_SUDO_ACCESS}" -ne 0 ]] - then - abort "Need sudo access on macOS (e.g. the user ${USER} needs to be an Administrator)!" - fi - - return "${HAVE_SUDO_ACCESS}" -} - -execute() { - if ! "$@" - then - abort "$(printf "Failed during: %s" "$(shell_join "$@")")" - fi -} - -execute_sudo() { - local -a args=("$@") - if have_sudo_access - then - if [[ -n "${SUDO_ASKPASS-}" ]] - then - args=("-A" "${args[@]}") - fi - echo "/usr/bin/sudo" "${args[@]}" - execute "/usr/bin/sudo" "${args[@]}" - else - echo "${args[@]}" - execute "${args[@]}" - fi -} - -check_and_install() { - echo "\nChecking $1 ..." - if is_command $1 - then - echo "βœ… $1 detected" - return 0 - else - echo "Installing missing dependency $2" - if check_macos - then - brew_install $2 - elif check_ubuntu - then - apt_install $2 - fi - fi - - if is_command $1 - then - echo "βœ… $1 detected" - return 0 - else - echo "Failed to install $1. Please manually install it." - fi -} - -check_install_python() { - check_and_install python3 python3 -} - -check_install_pip() { - echo "\nChecking pip ..." - if is_command "pip" - then - echo "βœ… pip detected" - return 0 - else - if check_macos - then - echo "Installing missing dependency pip" - python3 -m ensurepip - else - check_and_install pip python3-pip - fi - fi - - if is_command "pip" - then - echo "βœ… pip detected" - else - echo "Failed to install pip. Please manually install it." - fi -} - -check_install_git() { - check_and_install git git -} - -execute() { - check_os_supported - check_install_python - check_install_pip - check_install_git - - hagrid_install - - if is_command "hagrid" - then - echo "\nπŸ§™β€β™‚οΈ HAGrid is installed!\n" - echo "To get started run: \n$ hagrid quickstart\n" - else - echo "\nHAGrid failed to install. Please try manually with:" - echo "pip install -U hagrid" - exit 1 - fi -} - -execute diff --git a/packages/hagrid/scripts/update_manifest.py b/packages/hagrid/scripts/update_manifest.py deleted file mode 100644 index 4f31428c2ab..00000000000 --- a/packages/hagrid/scripts/update_manifest.py +++ /dev/null @@ -1,47 +0,0 @@ -# stdlib -import os -import subprocess -import sys - -# third party -import yaml - - -def latest_commit_id() -> str: - cmd = 'git log --format="%H" -n 1' - commit_id = subprocess.check_output(cmd, shell=True) - return commit_id.decode("utf-8").strip() - - -def update_manifest(docker_tag: str | None) -> None: - """Update manifest_template file with latest commit hash.""" - - # Get latest commit id - commit_id = latest_commit_id() - - template_dir = os.path.abspath(os.path.join(os.path.realpath(__file__), "../../")) - template_filepath = os.path.join(template_dir, "hagrid/manifest_template.yml") - - # open the manifest file - with open(template_filepath) as stream: - template_dict = yaml.safe_load(stream) - - # update commit id - template_dict["hash"] = commit_id - - # update docker tag if available - if docker_tag: - template_dict["dockerTag"] = docker_tag - - # save manifest file - with open(template_filepath, "w") as fp: - yaml.dump(template_dict, fp, sort_keys=False) - - -if __name__ == "__main__": - docker_tag = None - - if len(sys.argv) > 1: - docker_tag = sys.argv[1] - - update_manifest(docker_tag) # Update manifest file diff --git a/packages/hagrid/setup.py b/packages/hagrid/setup.py deleted file mode 100644 index 5dc9c72f5e4..00000000000 --- a/packages/hagrid/setup.py +++ /dev/null @@ -1,47 +0,0 @@ -# stdlib -import platform - -# third party -from setuptools import find_packages -from setuptools import setup - -__version__ = "0.3.121" - -DATA_FILES = {"img": ["hagrid/img/*.png"], "hagrid": ["*.yml"]} - -packages = [ - "ascii_magic", - "click>=8.1.7", - "cryptography>=41.0.4", - "gitpython", - "jinja2", - "names", - "packaging>=23.0", - "paramiko", - "pyOpenSSL>=23.2.0", - "requests", - "rich", - "setuptools", - "virtualenv-api", - "virtualenv", - "PyYAML", - "tqdm", - "gevent>=22.10.2,<=23.9.1", -] - -if platform.system().lower() != "windows": - packages.extend(["ansible", "ansible-core"]) - -setup( - name="hagrid", - description="Happy Automation for Grid", - long_description="HAGrid is the swiss army knife of OpenMined's PySyft and PyGrid.", - long_description_content_type="text/plain", - version=__version__, - author="Andrew Trask ", - packages=find_packages(), - package_data=DATA_FILES, - install_requires=packages, - include_package_data=True, - entry_points={"console_scripts": ["hagrid = hagrid.cli:cli"]}, -) diff --git a/packages/hagrid/tests/__init__.py b/packages/hagrid/tests/__init__.py deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/packages/hagrid/tests/hagrid/__init__.py b/packages/hagrid/tests/hagrid/__init__.py deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/packages/hagrid/tests/hagrid/cli_test.py b/packages/hagrid/tests/hagrid/cli_test.py deleted file mode 100644 index 346988d527f..00000000000 --- a/packages/hagrid/tests/hagrid/cli_test.py +++ /dev/null @@ -1,199 +0,0 @@ -# stdlib -from collections import defaultdict - -# third party -from hagrid import cli -from hagrid import grammar - - -def test_hagrid_launch() -> None: - """This test is important because we want to make it convenient - for our users to just run 'hagrid launch' whenever they want to spin - up a new node with a randomly chosen name""" - - # COMMAND: "hagrid launch" - args: list[str] = [] - - verb = cli.get_launch_verb() - grammar = cli.parse_grammar(args=tuple(args), verb=verb) - verb.load_grammar(grammar=grammar) - cmd = cli.create_launch_cmd( - verb=verb, kwargs=defaultdict(lambda: None), ignore_docker_version_check=True - ) - - cmd = cmd["Launching"][0] # type: ignore - - # check that it's a domain by default - assert "NODE_TYPE=domain" in cmd or "NODE_TYPE='domain'" in cmd - - # check that the node has a name - assert "NODE_NAME=" in cmd - - # check that tail is on by default - assert " -d " not in cmd - - -def test_shortand_parse() -> None: - """This test is important because we want to make it convenient - for our users to just run 'hagrid launch' whenever they want to spin - up a new node with a randomly chosen name.""" - - # COMMAND: "hagrid launch" - args: tuple = () - args = grammar.launch_shorthand_support(args) - - # check that domain gets added to the end of the command - assert args == ("domain",) - - -def test_hagrid_launch_without_name_with_preposition() -> None: - """This test is important because we want to make it convenient - for our users to just run 'hagrid launch' whenever they want to spin - up a new node with a randomly chosen name""" - - # COMMAND: "hagrid launch on docker" - args: list[str] = ["to", "docker"] - - verb = cli.get_launch_verb() - grammar = cli.parse_grammar(args=tuple(args), verb=verb) - verb.load_grammar(grammar=grammar) - cmd = cli.create_launch_cmd( - verb=verb, kwargs=defaultdict(lambda: None), ignore_docker_version_check=True - ) - - cmd = cmd["Launching"][0] # type: ignore - # check that it's a domain by default - assert "NODE_TYPE=domain" in cmd or "NODE_TYPE='domain'" in cmd - - # check that the node has a name - assert "NODE_NAME=" in cmd - - # check that tail is on by default - assert " -d " not in cmd - - -def test_shortand_parse_without_name_with_preposition() -> None: - """This test is important because we want to make it convenient - for our users to just run 'hagrid launch' whenever they want to spin - up a new node with a randomly chosen name.""" - - # COMMAND: "hagrid launch" - args: tuple[str, ...] = ("to", "docker") - args = grammar.launch_shorthand_support(args) - - # check that domain gets added to the end of the command - assert args == ("domain", "to", "docker") - - -def test_launch_with_multiword_domain_name() -> None: - """This test is important because we want to make it convenient - for our users to just run 'hagrid launch' whenever they want to spin - up a new node with a randomly chosen name""" - - # COMMAND: "hagrid launch United Nations" - args: list[str] = ["United", "Nations"] - - verb = cli.get_launch_verb() - grammar = cli.parse_grammar(args=tuple(args), verb=verb) - verb.load_grammar(grammar=grammar) - cmd = cli.create_launch_cmd( - verb=verb, kwargs=defaultdict(lambda: None), ignore_docker_version_check=True - ) - - cmd = cmd["Launching"][0] # type: ignore - - # check that it's a domain by default - assert "NODE_TYPE=domain" in cmd or "NODE_TYPE='domain'" in cmd - - # check that the node has a name - assert "NODE_NAME=united_nations" in cmd or "NODE_NAME='united_nations'" in cmd - - # check that tail is on by default - assert " -d " not in cmd - - -def test_launch_with_longer_multiword_domain_name() -> None: - """This test is important because we want to make it convenient for users to launch nodes with - an arbitrary number of words.""" - - # COMMAND: "hagrid launch United Nations" - args: list[str] = ["United", "States", "of", "America"] - - verb = cli.get_launch_verb() - grammar = cli.parse_grammar(args=tuple(args), verb=verb) - verb.load_grammar(grammar=grammar) - cmd = cli.create_launch_cmd( - verb=verb, kwargs=defaultdict(lambda: None), ignore_docker_version_check=True - ) - - cmd = cmd["Launching"][0] # type: ignore - - # check that it's a domain by default - assert "NODE_TYPE=domain" in cmd or "NODE_TYPE='domain'" in cmd - - # check that the node has a name - assert ( - "NODE_NAME=united_states_of_america" in cmd - or "NODE_NAME='united_states_of_america'" in cmd - ) - - # check that tail is on by default - assert " -d " not in cmd - - -def test_launch_with_longer_multiword_domain_name_with_preposition() -> None: - """This test is important because we want to make it convenient for users to launch nodes with - an arbitrary number of words.""" - - # COMMAND: "hagrid launch United Nations on docker" - args: list[str] = ["United", "Nations", "to", "docker"] - - verb = cli.get_launch_verb() - grammar = cli.parse_grammar(args=tuple(args), verb=verb) - verb.load_grammar(grammar=grammar) - cmd = cli.create_launch_cmd( - verb=verb, kwargs=defaultdict(lambda: None), ignore_docker_version_check=True - ) - - cmd = cmd["Launching"][0] # type: ignore - - # check that it's a domain by default - assert "NODE_TYPE=domain" in cmd or "NODE_TYPE='domain'" in cmd - - # check that the node has a name - assert "NODE_NAME=united_nations" in cmd or "NODE_NAME='united_nations'" in cmd - - # check that tail is on by default - assert " -d " not in cmd - - -def test_shortand_parse_of_multiword_name() -> None: - """This test is important because we want to make it convenient - for our users to just run 'hagrid launch Multiple Word Name Of Node' whenever they want to spin - up a new node with a name that has multiple words.""" - - # COMMAND: "hagrid launch" - args: tuple[str, ...] = ("United", "Nations") - args = grammar.launch_shorthand_support(args) - - # check that domain gets added to the end of the command - assert args == ( - "United Nations", - "domain", - ) - - -def test_shortand_parse_of_multiword_name_with_domain() -> None: - """This test is important because we want to make it convenient - for our users to just run 'hagrid launch Multiple Word Name Of Node' whenever they want to spin - up a new node with a name that has multiple words.""" - - # COMMAND: "hagrid launch" - args: tuple[str, ...] = ("United", "Nations", "domain") - args = grammar.launch_shorthand_support(args) - - # check that domain gets added to the end of the command - assert args == ( - "United Nations", - "domain", - ) diff --git a/packages/syft/PYPI.md b/packages/syft/PYPI.md index 24f9dd81843..516d053e0e8 100644 --- a/packages/syft/PYPI.md +++ b/packages/syft/PYPI.md @@ -105,18 +105,11 @@ For Google GKE we need the [`gce` annotation](https://cloud.google.com/kubernete helm install ... --set ingress.class="gce" ``` -## Deploy to a Container Engine or Cloud +## Note: -1. Install our handy πŸ›΅ cli tool which makes deploying a Domain or Gateway server to Docker or VM a one-liner: - `pip install -U hagrid` +🚨 Our deployment tool `Hagrid` has been `Deprecated`. For the updated deployment options kindly refer to -2. Then run our interactive jupyter Install πŸ§™πŸ½β€β™‚οΈ WizardBETA: - `hagrid quickstart` - -3. In the tutorial you will learn how to install and deploy: - `PySyft` = our `numpy`-like 🐍 Python library for computing on `private data` in someone else's `Domain` - - `PyGrid` = our 🐳 `docker` / 🐧 `vm` `Domain` & `Gateway` Servers where `private data` lives +- πŸ“š Deployments ## Docs and Support @@ -125,10 +118,8 @@ helm install ... --set ingress.class="gce" # Install Notes -- HAGrid 0.3 Requires: 🐍 `python` πŸ™ `git` - Run: `pip install -U hagrid` -- Interactive Install πŸ§™πŸ½β€β™‚οΈ WizardBETA Requires πŸ›΅ `hagrid`: - Run: `hagrid quickstart` - PySyft 0.8.1 Requires: 🐍 `python 3.10 - 3.12` - Run: `pip install -U syft` -- PyGrid Requires: 🐳 `docker`, 🦦 `podman` or ☸️ `kubernetes` - Run: `hagrid launch ...` +- PyGrid Requires: 🐳 `docker`, 🦦 `podman` or ☸️ `kubernetes` # Versions @@ -151,13 +142,9 @@ Deprecated: PySyft and PyGrid use the same `version` and its best to match them up where possible. We release weekly betas which can be used in each context: -PySyft (Stable): `pip install -U syft` -PyGrid (Stable) `hagrid launch ... tag=latest` - -PySyft (Beta): `pip install -U syft --pre` -PyGrid (Beta): `hagrid launch ... tag=beta` +PySyft (Stable): `pip install -U syft` -HAGrid is a cli / deployment tool so the latest version of `hagrid` is usually the best. +PySyft (Beta): `pip install -U syft --pre` # What is Syft? diff --git a/packages/syft/setup.cfg b/packages/syft/setup.cfg index 81b0272d8a3..d75d3f9620f 100644 --- a/packages/syft/setup.cfg +++ b/packages/syft/setup.cfg @@ -30,7 +30,6 @@ syft = bcrypt==4.1.2 boto3==1.34.56 forbiddenfruit==0.1.4 - gevent==23.9.1 loguru==0.7.2 networkx==3.2.1 packaging>=23.0 diff --git a/packages/syft/src/syft/__init__.py b/packages/syft/src/syft/__init__.py index 3aae76848dc..b1da85397c3 100644 --- a/packages/syft/src/syft/__init__.py +++ b/packages/syft/src/syft/__init__.py @@ -9,7 +9,6 @@ from typing import Any # relative -from . import gevent_patch # noqa: F401 from .abstract_node import NodeSideType # noqa: F401 from .abstract_node import NodeType # noqa: F401 from .client.client import connect # noqa: F401 diff --git a/packages/syft/src/syft/assets/css/style.css b/packages/syft/src/syft/assets/css/style.css index ae5f229985f..528046d6668 100644 --- a/packages/syft/src/syft/assets/css/style.css +++ b/packages/syft/src/syft/assets/css/style.css @@ -1,8 +1,10 @@ -body[data-jp-theme-light="false"] { +body[data-jp-theme-light="false"], +body.vscode-dark { --primary-color: #111111; --secondary-color: #212121; --tertiary-color: #cfcdd6; --button-color: #111111; + --colors-black: #ffffff; } body { @@ -10,6 +12,7 @@ body { --secondary-color: #f5f5f5; --tertiary-color: #000000de; --button-color: #d1d5db; + --colors-black: #17161d; } .header-1 { @@ -19,7 +22,7 @@ body { line-height: 100%; leading-trim: both; text-edge: cap; - color: #17161d; + color: var(--colors-black); } .header-2 { @@ -29,7 +32,7 @@ body { line-height: 100%; leading-trim: both; text-edge: cap; - color: #17161d; + color: var(--colors-black); } .header-3 { @@ -49,7 +52,7 @@ body { line-height: 100%; leading-trim: both; text-edge: cap; - color: #17161d; + color: var(--colors-black); } .paragraph { @@ -561,36 +564,3 @@ body { .syft-widget li a:hover { background-color: #c2def0; } - -.tabulator .tabulator-row .tabulator-cell { - border-right: 1px solid #e0e0e0; - background-color: var(--primary-color); -} - -.tabulator .tabulator-row .tabulator-cell { - white-space: normal; - overflow-wrap: break-word; -} - -.tabulator .tabulator-header .tabulator-col { - background-color: var(--secondary-color); - border-right: 1px solid #e0e0e0; - border-top: 1px solid #e0e0e0; -} - -.tabulator .tabulator-header .tabulator-col:first-child { - border-left: 1px solid #e0e0e0; -} - -.tabulator-row .tabulator-cell.tabulator-row-header { - background-color: var(--secondary-color); - border-right: 2px solid #e0e0e0; -} - -.tabulator .tabulator-row .tabulator-cell:first-child { - border-left: 1px solid #e0e0e0; -} - -.tabulator .tabulator-footer { - border-top: none; -} diff --git a/packages/syft/src/syft/assets/css/tabulator_materialize.min.css b/packages/syft/src/syft/assets/css/tabulator_materialize.min.css deleted file mode 100644 index 1a6ea2b5a50..00000000000 --- a/packages/syft/src/syft/assets/css/tabulator_materialize.min.css +++ /dev/null @@ -1,2 +0,0 @@ -.tabulator{border:1px solid rgba(0,0,0,.12);font-size:16px;overflow:hidden;position:relative;text-align:left;-webkit-transform:translateZ(0);-moz-transform:translateZ(0);-ms-transform:translateZ(0);-o-transform:translateZ(0);transform:translateZ(0)}.tabulator[tabulator-layout=fitDataFill] .tabulator-tableholder .tabulator-table{min-width:100%}.tabulator[tabulator-layout=fitDataTable]{display:inline-block}.tabulator.tabulator-block-select,.tabulator.tabulator-ranges .tabulator-cell:not(.tabulator-editing){user-select:none}.tabulator .tabulator-header{background-color:#fff;border-bottom:1px solid rgba(0,0,0,.12);box-sizing:border-box;color:#555;font-weight:700;outline:none;overflow:hidden;position:relative;-moz-user-select:none;-khtml-user-select:none;-webkit-user-select:none;-o-user-select:none;white-space:nowrap;width:100%}.tabulator .tabulator-header.tabulator-header-hidden{display:none}.tabulator .tabulator-header .tabulator-header-contents{overflow:hidden;position:relative}.tabulator .tabulator-header .tabulator-header-contents .tabulator-headers{display:inline-block}.tabulator .tabulator-header .tabulator-col{background:#fff;border-right:1px solid #aaa;box-sizing:border-box;display:inline-flex;flex-direction:column;justify-content:flex-start;overflow:hidden;position:relative;text-align:left;vertical-align:bottom}.tabulator .tabulator-header .tabulator-col.tabulator-moving{background:#e6e6e6;border:1px solid rgba(0,0,0,.12);pointer-events:none;position:absolute}.tabulator .tabulator-header .tabulator-col.tabulator-range-highlight{background-color:#d6d6d6;color:#000}.tabulator .tabulator-header .tabulator-col.tabulator-range-selected{background-color:#e94047;color:#fff}.tabulator .tabulator-header .tabulator-col .tabulator-col-content{box-sizing:border-box;padding:4px;position:relative}.tabulator .tabulator-header .tabulator-col .tabulator-col-content .tabulator-header-popup-button{padding:0 8px}.tabulator .tabulator-header .tabulator-col .tabulator-col-content .tabulator-header-popup-button:hover{cursor:pointer;opacity:.6}.tabulator .tabulator-header .tabulator-col .tabulator-col-content .tabulator-col-title-holder{position:relative}.tabulator .tabulator-header .tabulator-col .tabulator-col-content .tabulator-col-title{box-sizing:border-box;overflow:hidden;text-overflow:ellipsis;vertical-align:bottom;white-space:nowrap;width:100%}.tabulator .tabulator-header .tabulator-col .tabulator-col-content .tabulator-col-title.tabulator-col-title-wrap{text-overflow:clip;white-space:normal}.tabulator .tabulator-header .tabulator-col .tabulator-col-content .tabulator-col-title .tabulator-title-editor{background:#fff;border:1px solid #999;box-sizing:border-box;padding:1px;width:100%}.tabulator .tabulator-header .tabulator-col .tabulator-col-content .tabulator-col-title .tabulator-header-popup-button+.tabulator-title-editor{width:calc(100% - 22px)}.tabulator .tabulator-header .tabulator-col .tabulator-col-content .tabulator-col-sorter{align-items:center;bottom:0;display:flex;position:absolute;right:4px;top:0}.tabulator .tabulator-header .tabulator-col .tabulator-col-content .tabulator-col-sorter .tabulator-arrow{border-bottom:6px solid #bbb;border-left:6px solid transparent;border-right:6px solid transparent;height:0;width:0}.tabulator .tabulator-header .tabulator-col.tabulator-col-group .tabulator-col-group-cols{border-top:1px solid #aaa;display:flex;margin-right:-1px;overflow:hidden;position:relative}.tabulator .tabulator-header .tabulator-col .tabulator-header-filter{box-sizing:border-box;margin-top:2px;position:relative;text-align:center;width:100%}.tabulator .tabulator-header .tabulator-col .tabulator-header-filter textarea{height:auto!important}.tabulator .tabulator-header .tabulator-col .tabulator-header-filter svg{margin-top:3px}.tabulator .tabulator-header .tabulator-col .tabulator-header-filter input::-ms-clear{height:0;width:0}.tabulator .tabulator-header .tabulator-col.tabulator-sortable .tabulator-col-title{padding-right:25px}@media (hover:hover) and (pointer:fine){.tabulator .tabulator-header .tabulator-col.tabulator-sortable.tabulator-col-sorter-element:hover{background-color:#e6e6e6;cursor:pointer}}.tabulator .tabulator-header .tabulator-col.tabulator-sortable[aria-sort=none] .tabulator-col-content .tabulator-col-sorter{color:#bbb}@media (hover:hover) and (pointer:fine){.tabulator .tabulator-header .tabulator-col.tabulator-sortable[aria-sort=none] .tabulator-col-content .tabulator-col-sorter.tabulator-col-sorter-element .tabulator-arrow:hover{border-bottom:6px solid #555;cursor:pointer}}.tabulator .tabulator-header .tabulator-col.tabulator-sortable[aria-sort=none] .tabulator-col-content .tabulator-col-sorter .tabulator-arrow{border-bottom:6px solid #bbb;border-top:none}.tabulator .tabulator-header .tabulator-col.tabulator-sortable[aria-sort=ascending] .tabulator-col-content .tabulator-col-sorter{color:#666}@media (hover:hover) and (pointer:fine){.tabulator .tabulator-header .tabulator-col.tabulator-sortable[aria-sort=ascending] .tabulator-col-content .tabulator-col-sorter.tabulator-col-sorter-element .tabulator-arrow:hover{border-bottom:6px solid #555;cursor:pointer}}.tabulator .tabulator-header .tabulator-col.tabulator-sortable[aria-sort=ascending] .tabulator-col-content .tabulator-col-sorter .tabulator-arrow{border-bottom:6px solid #666;border-top:none}.tabulator .tabulator-header .tabulator-col.tabulator-sortable[aria-sort=descending] .tabulator-col-content .tabulator-col-sorter{color:#666}@media (hover:hover) and (pointer:fine){.tabulator .tabulator-header .tabulator-col.tabulator-sortable[aria-sort=descending] .tabulator-col-content .tabulator-col-sorter.tabulator-col-sorter-element .tabulator-arrow:hover{border-top:6px solid #555;cursor:pointer}}.tabulator .tabulator-header .tabulator-col.tabulator-sortable[aria-sort=descending] .tabulator-col-content .tabulator-col-sorter .tabulator-arrow{border-bottom:none;border-top:6px solid #666;color:#666}.tabulator .tabulator-header .tabulator-col.tabulator-col-vertical .tabulator-col-content .tabulator-col-title{align-items:center;display:flex;justify-content:center;text-orientation:mixed;writing-mode:vertical-rl}.tabulator .tabulator-header .tabulator-col.tabulator-col-vertical.tabulator-col-vertical-flip .tabulator-col-title{transform:rotate(180deg)}.tabulator .tabulator-header .tabulator-col.tabulator-col-vertical.tabulator-sortable .tabulator-col-title{padding-right:0;padding-top:20px}.tabulator .tabulator-header .tabulator-col.tabulator-col-vertical.tabulator-sortable.tabulator-col-vertical-flip .tabulator-col-title{padding-bottom:20px;padding-right:0}.tabulator .tabulator-header .tabulator-col.tabulator-col-vertical.tabulator-sortable .tabulator-col-sorter{bottom:auto;justify-content:center;left:0;right:0;top:4px}.tabulator .tabulator-header .tabulator-frozen{left:0;position:sticky;z-index:11}.tabulator .tabulator-header .tabulator-frozen.tabulator-frozen-left{border-right:2px solid rgba(0,0,0,.12)}.tabulator .tabulator-header .tabulator-frozen.tabulator-frozen-right{border-left:2px solid rgba(0,0,0,.12)}.tabulator .tabulator-header .tabulator-calcs-holder{background:#fff!important;border-bottom:1px solid #aaa;border-top:1px solid rgba(0,0,0,.12);box-sizing:border-box;display:inline-block}.tabulator .tabulator-header .tabulator-calcs-holder .tabulator-row{background:#fff!important}.tabulator .tabulator-header .tabulator-calcs-holder .tabulator-row .tabulator-col-resize-handle{display:none}.tabulator .tabulator-header .tabulator-frozen-rows-holder{display:inline-block}.tabulator .tabulator-tableholder{-webkit-overflow-scrolling:touch;overflow:auto;position:relative;white-space:nowrap;width:100%}.tabulator .tabulator-tableholder:focus{outline:none}.tabulator .tabulator-tableholder .tabulator-placeholder{align-items:center;box-sizing:border-box;display:flex;justify-content:center;min-width:100%;width:100%}.tabulator .tabulator-tableholder .tabulator-placeholder[tabulator-render-mode=virtual]{min-height:100%}.tabulator .tabulator-tableholder .tabulator-placeholder .tabulator-placeholder-contents{color:#ccc;display:inline-block;font-size:20px;font-weight:700;padding:10px;text-align:center;white-space:normal}.tabulator .tabulator-tableholder .tabulator-table{background-color:#fff;color:#333;display:inline-block;overflow:visible;position:relative;white-space:nowrap}.tabulator .tabulator-tableholder .tabulator-table .tabulator-row.tabulator-calcs{background:#ebebeb!important;font-weight:700}.tabulator .tabulator-tableholder .tabulator-table .tabulator-row.tabulator-calcs.tabulator-calcs-top{border-bottom:2px solid rgba(0,0,0,.12)}.tabulator .tabulator-tableholder .tabulator-table .tabulator-row.tabulator-calcs.tabulator-calcs-bottom{border-top:2px solid rgba(0,0,0,.12)}.tabulator .tabulator-tableholder .tabulator-range-overlay{inset:0;pointer-events:none;position:absolute;z-index:10}.tabulator .tabulator-tableholder .tabulator-range-overlay .tabulator-range{border:1px solid #e94047;box-sizing:border-box;position:absolute}.tabulator .tabulator-tableholder .tabulator-range-overlay .tabulator-range.tabulator-range-active:after{background-color:#e94047;border-radius:999px;bottom:-3px;content:"";height:6px;position:absolute;right:-3px;width:6px}.tabulator .tabulator-tableholder .tabulator-range-overlay .tabulator-range-cell-active{border:2px solid #e94047;box-sizing:border-box;position:absolute}.tabulator .tabulator-footer{background-color:#e6e6e6;border-top:1px solid rgba(0,0,0,.12);color:#555;font-weight:700;user-select:none;-moz-user-select:none;-khtml-user-select:none;-webkit-user-select:none;-o-user-select:none;white-space:nowrap}.tabulator .tabulator-footer .tabulator-footer-contents{align-items:center;display:flex;flex-direction:row;justify-content:space-between;padding:5px 10px}.tabulator .tabulator-footer .tabulator-footer-contents:empty{display:none}.tabulator .tabulator-footer .tabulator-spreadsheet-tabs{margin-top:-5px;overflow-x:auto}.tabulator .tabulator-footer .tabulator-spreadsheet-tabs .tabulator-spreadsheet-tab{border:1px solid rgba(0,0,0,.12);border-bottom-left-radius:5px;border-bottom-right-radius:5px;border-top:none;display:inline-block;font-size:.9em;padding:5px}.tabulator .tabulator-footer .tabulator-spreadsheet-tabs .tabulator-spreadsheet-tab:hover{cursor:pointer;opacity:.7}.tabulator .tabulator-footer .tabulator-spreadsheet-tabs .tabulator-spreadsheet-tab.tabulator-spreadsheet-tab-active{background:#fff}.tabulator .tabulator-footer .tabulator-calcs-holder{background:#f3f3f3!important;border-bottom:1px solid rgba(0,0,0,.12);border-top:1px solid rgba(0,0,0,.12);box-sizing:border-box;overflow:hidden;text-align:left;width:100%}.tabulator .tabulator-footer .tabulator-calcs-holder .tabulator-row{background:#f3f3f3!important;display:inline-block}.tabulator .tabulator-footer .tabulator-calcs-holder .tabulator-row .tabulator-col-resize-handle{display:none}.tabulator .tabulator-footer .tabulator-calcs-holder:only-child{border-bottom:none;margin-bottom:-5px}.tabulator .tabulator-footer>*+.tabulator-page-counter{margin-left:10px}.tabulator .tabulator-footer .tabulator-page-counter{font-weight:400}.tabulator .tabulator-footer .tabulator-paginator{color:#555;flex:1;font-family:inherit;font-size:inherit;font-weight:inherit;text-align:right}.tabulator .tabulator-footer .tabulator-page-size{border:1px solid rgba(0,0,0,.12);border-radius:3px;display:inline-block;margin:0 5px;padding:2px 5px}.tabulator .tabulator-footer .tabulator-pages{margin:0 7px}.tabulator .tabulator-footer .tabulator-page{border:1px solid rgba(0,0,0,.12);border-radius:3px;display:inline-block;margin:0 2px;padding:2px 5px}.tabulator .tabulator-footer .tabulator-page:disabled{opacity:.5}@media (hover:hover) and (pointer:fine){.tabulator .tabulator-footer .tabulator-page:not(disabled):hover{background:rgba(0,0,0,.2);color:#fff;cursor:pointer}}.tabulator .tabulator-col-resize-handle{display:inline-block;margin-left:-3px;margin-right:-3px;position:relative;vertical-align:middle;width:6px;z-index:11}@media (hover:hover) and (pointer:fine){.tabulator .tabulator-col-resize-handle:hover{cursor:ew-resize}}.tabulator .tabulator-col-resize-handle:last-of-type{margin-right:0;width:3px}.tabulator .tabulator-col-resize-guide{background-color:#999;height:100%;margin-left:-.5px;opacity:.5;position:absolute;top:0;width:4px}.tabulator .tabulator-row-resize-guide{background-color:#999;height:4px;left:0;margin-top:-.5px;opacity:.5;position:absolute;width:100%}.tabulator .tabulator-alert{align-items:center;background:rgba(0,0,0,.4);display:flex;height:100%;left:0;position:absolute;text-align:center;top:0;width:100%;z-index:100}.tabulator .tabulator-alert .tabulator-alert-msg{background:#fff;border-radius:10px;display:inline-block;font-size:16px;font-weight:700;margin:0 auto;padding:10px 20px}.tabulator .tabulator-alert .tabulator-alert-msg.tabulator-alert-state-msg{border:4px solid #333;color:#000}.tabulator .tabulator-alert .tabulator-alert-msg.tabulator-alert-state-error{border:4px solid #d00;color:#590000}.tabulator-row{background-color:#fff;box-sizing:border-box;min-height:24px;position:relative}.tabulator-row.tabulator-row-even{background-color:#f8f8f8}@media (hover:hover) and (pointer:fine){.tabulator-row.tabulator-selectable:hover{background-color:#f8f8f8;cursor:pointer}}.tabulator-row.tabulator-selected{background-color:#ee6e73}@media (hover:hover) and (pointer:fine){.tabulator-row.tabulator-selected:hover{background-color:#ee6e73;cursor:pointer}}.tabulator-row.tabulator-row-moving{background:#fff;border:1px solid #000}.tabulator-row.tabulator-moving{border-bottom:1px solid rgba(0,0,0,.12);border-top:1px solid rgba(0,0,0,.12);pointer-events:none;position:absolute;z-index:15}.tabulator-row.tabulator-range-highlight .tabulator-cell.tabulator-range-row-header{background-color:#d6d6d6;color:#000}.tabulator-row.tabulator-range-highlight.tabulator-range-selected .tabulator-cell.tabulator-range-row-header,.tabulator-row.tabulator-range-selected .tabulator-cell.tabulator-range-row-header{background-color:#e94047;color:#fff}.tabulator-row .tabulator-row-resize-handle{bottom:0;height:5px;left:0;position:absolute;right:0}.tabulator-row .tabulator-row-resize-handle.prev{bottom:auto;top:0}@media (hover:hover) and (pointer:fine){.tabulator-row .tabulator-row-resize-handle:hover{cursor:ns-resize}}.tabulator-row .tabulator-responsive-collapse{border-bottom:1px solid rgba(0,0,0,.12);border-top:1px solid rgba(0,0,0,.12);box-sizing:border-box;padding:5px}.tabulator-row .tabulator-responsive-collapse:empty{display:none}.tabulator-row .tabulator-responsive-collapse table{font-size:16px}.tabulator-row .tabulator-responsive-collapse table tr td{position:relative}.tabulator-row .tabulator-responsive-collapse table tr td:first-of-type{padding-right:10px}.tabulator-row .tabulator-cell{border-right:1px solid rgba(0,0,0,.12);box-sizing:border-box;display:inline-block;outline:none;overflow:hidden;padding:4px;position:relative;text-overflow:ellipsis;vertical-align:middle;white-space:nowrap}.tabulator-row .tabulator-cell.tabulator-row-header{border-bottom:1px solid rgba(0,0,0,.12)}.tabulator-row .tabulator-cell.tabulator-frozen{background-color:inherit;display:inline-block;left:0;position:sticky;z-index:11}.tabulator-row .tabulator-cell.tabulator-frozen.tabulator-frozen-left{border-right:2px solid rgba(0,0,0,.12)}.tabulator-row .tabulator-cell.tabulator-frozen.tabulator-frozen-right{border-left:2px solid rgba(0,0,0,.12)}.tabulator-row .tabulator-cell.tabulator-editing{border:1px solid #ee6e73;outline:none;padding:0}.tabulator-row .tabulator-cell.tabulator-editing input,.tabulator-row .tabulator-cell.tabulator-editing select{background:transparent;border:1px;outline:none}.tabulator-row .tabulator-cell.tabulator-validation-fail{border:1px solid #d00}.tabulator-row .tabulator-cell.tabulator-validation-fail input,.tabulator-row .tabulator-cell.tabulator-validation-fail select{background:transparent;border:1px;color:#d00}.tabulator-row .tabulator-cell.tabulator-row-handle{align-items:center;display:inline-flex;justify-content:center;-moz-user-select:none;-khtml-user-select:none;-webkit-user-select:none;-o-user-select:none}.tabulator-row .tabulator-cell.tabulator-row-handle .tabulator-row-handle-box{width:80%}.tabulator-row .tabulator-cell.tabulator-row-handle .tabulator-row-handle-box .tabulator-row-handle-bar{background:#666;height:3px;margin-top:2px;width:100%}.tabulator-row .tabulator-cell.tabulator-range-selected:not(.tabulator-range-only-cell-selected):not(.tabulator-range-row-header){background-color:#ee6e73}.tabulator-row .tabulator-cell .tabulator-data-tree-branch-empty{display:inline-block;width:7px}.tabulator-row .tabulator-cell .tabulator-data-tree-branch{border-bottom:2px solid rgba(0,0,0,.12);border-bottom-left-radius:1px;border-left:2px solid rgba(0,0,0,.12);display:inline-block;height:9px;margin-right:5px;margin-top:-9px;vertical-align:middle;width:7px}.tabulator-row .tabulator-cell .tabulator-data-tree-control{align-items:center;background:rgba(0,0,0,.1);border:1px solid #333;border-radius:2px;display:inline-flex;height:11px;justify-content:center;margin-right:5px;overflow:hidden;vertical-align:middle;width:11px}@media (hover:hover) and (pointer:fine){.tabulator-row .tabulator-cell .tabulator-data-tree-control:hover{background:rgba(0,0,0,.2);cursor:pointer}}.tabulator-row .tabulator-cell .tabulator-data-tree-control .tabulator-data-tree-control-collapse{background:transparent;display:inline-block;height:7px;position:relative;width:1px}.tabulator-row .tabulator-cell .tabulator-data-tree-control .tabulator-data-tree-control-collapse:after{background:#333;content:"";height:1px;left:-3px;position:absolute;top:3px;width:7px}.tabulator-row .tabulator-cell .tabulator-data-tree-control .tabulator-data-tree-control-expand{background:#333;display:inline-block;height:7px;position:relative;width:1px}.tabulator-row .tabulator-cell .tabulator-data-tree-control .tabulator-data-tree-control-expand:after{background:#333;content:"";height:1px;left:-3px;position:absolute;top:3px;width:7px}.tabulator-row .tabulator-cell .tabulator-responsive-collapse-toggle{align-items:center;background:#666;border-radius:20px;color:#fff;display:inline-flex;font-size:1.1em;font-weight:700;height:15px;justify-content:center;-moz-user-select:none;-khtml-user-select:none;-webkit-user-select:none;-o-user-select:none;width:15px}@media (hover:hover) and (pointer:fine){.tabulator-row .tabulator-cell .tabulator-responsive-collapse-toggle:hover{cursor:pointer;opacity:.7}}.tabulator-row .tabulator-cell .tabulator-responsive-collapse-toggle.open .tabulator-responsive-collapse-toggle-close{display:initial}.tabulator-row .tabulator-cell .tabulator-responsive-collapse-toggle.open .tabulator-responsive-collapse-toggle-open{display:none}.tabulator-row .tabulator-cell .tabulator-responsive-collapse-toggle svg{stroke:#fff}.tabulator-row .tabulator-cell .tabulator-responsive-collapse-toggle .tabulator-responsive-collapse-toggle-close{display:none}.tabulator-row .tabulator-cell .tabulator-traffic-light{border-radius:14px;display:inline-block;height:14px;width:14px}.tabulator-row.tabulator-group{background:#ccc;border-bottom:1px solid #999;border-right:1px solid rgba(0,0,0,.12);border-top:1px solid #999;box-sizing:border-box;font-weight:700;min-width:100%;padding:5px 5px 5px 10px}@media (hover:hover) and (pointer:fine){.tabulator-row.tabulator-group:hover{background-color:rgba(0,0,0,.1);cursor:pointer}}.tabulator-row.tabulator-group.tabulator-group-visible .tabulator-arrow{border-bottom:0;border-left:6px solid transparent;border-right:6px solid transparent;border-top:6px solid #666;margin-right:10px}.tabulator-row.tabulator-group.tabulator-group-level-1{padding-left:30px}.tabulator-row.tabulator-group.tabulator-group-level-2{padding-left:50px}.tabulator-row.tabulator-group.tabulator-group-level-3{padding-left:70px}.tabulator-row.tabulator-group.tabulator-group-level-4{padding-left:90px}.tabulator-row.tabulator-group.tabulator-group-level-5{padding-left:110px}.tabulator-row.tabulator-group .tabulator-group-toggle{display:inline-block}.tabulator-row.tabulator-group .tabulator-arrow{border-bottom:6px solid transparent;border-left:6px solid #666;border-right:0;border-top:6px solid transparent;display:inline-block;height:0;margin-right:16px;vertical-align:middle;width:0}.tabulator-row.tabulator-group span{color:#d00}.tabulator-toggle{background:#dcdcdc;border:1px solid #ccc;box-sizing:border-box;display:flex;flex-direction:row}.tabulator-toggle.tabulator-toggle-on{background:#1c6cc2}.tabulator-toggle .tabulator-toggle-switch{background:#fff;border:1px solid #ccc;box-sizing:border-box}.tabulator-popup-container{-webkit-overflow-scrolling:touch;background:#fff;border:1px solid rgba(0,0,0,.12);box-shadow:0 0 5px 0 rgba(0,0,0,.2);box-sizing:border-box;display:inline-block;font-size:16px;overflow-y:auto;position:absolute;z-index:10000}.tabulator-popup{border-radius:3px;padding:5px}.tabulator-tooltip{border-radius:2px;box-shadow:none;font-size:12px;max-width:Min(500px,100%);padding:3px 5px;pointer-events:none}.tabulator-menu .tabulator-menu-item{box-sizing:border-box;padding:5px 10px;position:relative;user-select:none}.tabulator-menu .tabulator-menu-item.tabulator-menu-item-disabled{opacity:.5}@media (hover:hover) and (pointer:fine){.tabulator-menu .tabulator-menu-item:not(.tabulator-menu-item-disabled):hover{background:#f8f8f8;cursor:pointer}}.tabulator-menu .tabulator-menu-item.tabulator-menu-item-submenu{padding-right:25px}.tabulator-menu .tabulator-menu-item.tabulator-menu-item-submenu:after{border-color:rgba(0,0,0,.12);border-style:solid;border-width:1px 1px 0 0;content:"";display:inline-block;height:7px;position:absolute;right:10px;top:calc(5px + .4em);transform:rotate(45deg);vertical-align:top;width:7px}.tabulator-menu .tabulator-menu-separator{border-top:1px solid rgba(0,0,0,.12)}.tabulator-edit-list{-webkit-overflow-scrolling:touch;font-size:16px;max-height:200px;overflow-y:auto}.tabulator-edit-list .tabulator-edit-list-item{color:#333;outline:none;padding:4px}.tabulator-edit-list .tabulator-edit-list-item.active{background:#ee6e73;color:#fff}.tabulator-edit-list .tabulator-edit-list-item.active.focused{outline:1px solid hsla(0,0%,100%,.5)}.tabulator-edit-list .tabulator-edit-list-item.focused{outline:1px solid #ee6e73}@media (hover:hover) and (pointer:fine){.tabulator-edit-list .tabulator-edit-list-item:hover{background:#ee6e73;color:#fff;cursor:pointer}}.tabulator-edit-list .tabulator-edit-list-placeholder{color:#333;padding:4px;text-align:center}.tabulator-edit-list .tabulator-edit-list-group{border-bottom:1px solid rgba(0,0,0,.12);color:#333;font-weight:700;padding:6px 4px 4px}.tabulator-edit-list .tabulator-edit-list-group.tabulator-edit-list-group-level-2,.tabulator-edit-list .tabulator-edit-list-item.tabulator-edit-list-group-level-2{padding-left:12px}.tabulator-edit-list .tabulator-edit-list-group.tabulator-edit-list-group-level-3,.tabulator-edit-list .tabulator-edit-list-item.tabulator-edit-list-group-level-3{padding-left:20px}.tabulator-edit-list .tabulator-edit-list-group.tabulator-edit-list-group-level-4,.tabulator-edit-list .tabulator-edit-list-item.tabulator-edit-list-group-level-4{padding-left:28px}.tabulator-edit-list .tabulator-edit-list-group.tabulator-edit-list-group-level-5,.tabulator-edit-list .tabulator-edit-list-item.tabulator-edit-list-group-level-5{padding-left:36px}.tabulator.tabulator-ltr{direction:ltr}.tabulator.tabulator-rtl{direction:rtl;text-align:initial}.tabulator.tabulator-rtl .tabulator-header .tabulator-col{border-left:1px solid #aaa;border-right:initial;text-align:initial}.tabulator.tabulator-rtl .tabulator-header .tabulator-col.tabulator-col-group .tabulator-col-group-cols{margin-left:-1px;margin-right:0}.tabulator.tabulator-rtl .tabulator-header .tabulator-col.tabulator-sortable .tabulator-col-title{padding-left:25px;padding-right:0}.tabulator.tabulator-rtl .tabulator-header .tabulator-col .tabulator-col-content .tabulator-col-sorter{left:8px;right:auto}.tabulator.tabulator-rtl .tabulator-tableholder .tabulator-range-overlay .tabulator-range.tabulator-range-active:after{background-color:#e94047;border-radius:999px;bottom:-3px;content:"";height:6px;left:-3px;position:absolute;right:auto;width:6px}.tabulator.tabulator-rtl .tabulator-row .tabulator-cell{border-left:1px solid rgba(0,0,0,.12);border-right:initial}.tabulator.tabulator-rtl .tabulator-row .tabulator-cell .tabulator-data-tree-branch{border-bottom-left-radius:0;border-bottom-right-radius:1px;border-left:initial;border-right:2px solid rgba(0,0,0,.12);margin-left:5px;margin-right:0}.tabulator.tabulator-rtl .tabulator-row .tabulator-cell .tabulator-data-tree-control{margin-left:5px;margin-right:0}.tabulator.tabulator-rtl .tabulator-row .tabulator-cell.tabulator-frozen.tabulator-frozen-left{border-left:2px solid rgba(0,0,0,.12)}.tabulator.tabulator-rtl .tabulator-row .tabulator-cell.tabulator-frozen.tabulator-frozen-right{border-right:2px solid rgba(0,0,0,.12)}.tabulator.tabulator-rtl .tabulator-row .tabulator-col-resize-handle:last-of-type{margin-left:0;margin-right:-3px;width:3px}.tabulator.tabulator-rtl .tabulator-footer .tabulator-calcs-holder{text-align:initial}.tabulator-print-fullscreen{bottom:0;left:0;position:absolute;right:0;top:0;z-index:10000}body.tabulator-print-fullscreen-hide>:not(.tabulator-print-fullscreen){display:none!important}.tabulator-print-table{border-collapse:collapse}.tabulator-print-table .tabulator-data-tree-branch{border-bottom:2px solid rgba(0,0,0,.12);border-bottom-left-radius:1px;border-left:2px solid rgba(0,0,0,.12);display:inline-block;height:9px;margin-right:5px;margin-top:-9px;vertical-align:middle;width:7px}.tabulator-print-table .tabulator-print-table-group{background:#ccc;border-bottom:1px solid #999;border-right:1px solid rgba(0,0,0,.12);border-top:1px solid #999;box-sizing:border-box;font-weight:700;min-width:100%;padding:5px 5px 5px 10px}@media (hover:hover) and (pointer:fine){.tabulator-print-table .tabulator-print-table-group:hover{background-color:rgba(0,0,0,.1);cursor:pointer}}.tabulator-print-table .tabulator-print-table-group.tabulator-group-visible .tabulator-arrow{border-bottom:0;border-left:6px solid transparent;border-right:6px solid transparent;border-top:6px solid #666;margin-right:10px}.tabulator-print-table .tabulator-print-table-group.tabulator-group-level-1 td{padding-left:30px!important}.tabulator-print-table .tabulator-print-table-group.tabulator-group-level-2 td{padding-left:50px!important}.tabulator-print-table .tabulator-print-table-group.tabulator-group-level-3 td{padding-left:70px!important}.tabulator-print-table .tabulator-print-table-group.tabulator-group-level-4 td{padding-left:90px!important}.tabulator-print-table .tabulator-print-table-group.tabulator-group-level-5 td{padding-left:110px!important}.tabulator-print-table .tabulator-print-table-group .tabulator-group-toggle{display:inline-block}.tabulator-print-table .tabulator-print-table-group .tabulator-arrow{border-bottom:6px solid transparent;border-left:6px solid #666;border-right:0;border-top:6px solid transparent;display:inline-block;height:0;margin-right:16px;vertical-align:middle;width:0}.tabulator-print-table .tabulator-print-table-group span{color:#d00}.tabulator-print-table .tabulator-data-tree-control{align-items:center;background:rgba(0,0,0,.1);border:1px solid #333;border-radius:2px;display:inline-flex;height:11px;justify-content:center;margin-right:5px;overflow:hidden;vertical-align:middle;width:11px}@media (hover:hover) and (pointer:fine){.tabulator-print-table .tabulator-data-tree-control:hover{background:rgba(0,0,0,.2);cursor:pointer}}.tabulator-print-table .tabulator-data-tree-control .tabulator-data-tree-control-collapse{background:transparent;display:inline-block;height:7px;position:relative;width:1px}.tabulator-print-table .tabulator-data-tree-control .tabulator-data-tree-control-collapse:after{background:#333;content:"";height:1px;left:-3px;position:absolute;top:3px;width:7px}.tabulator-print-table .tabulator-data-tree-control .tabulator-data-tree-control-expand{background:#333;display:inline-block;height:7px;position:relative;width:1px}.tabulator-print-table .tabulator-data-tree-control .tabulator-data-tree-control-expand:after{background:#333;content:"";height:1px;left:-3px;position:absolute;top:3px;width:7px}.tabulator{background-color:#fff;border:none;max-width:100%;width:100%}.tabulator .tabulator-header{color:inherit}.tabulator .tabulator-header .tabulator-col{border-right:none}.tabulator .tabulator-header .tabulator-col .tabulator-col-content{padding:15px}.tabulator .tabulator-header .tabulator-col .tabulator-col-content .tabulator-col-sorter{right:-10px}.tabulator .tabulator-header .tabulator-col.tabulator-col-group .tabulator-col-group-cols{border-top:1px solid rgba(0,0,0,.12)}.tabulator .tabulator-header .tabulator-col.tabulator-sortable .tabulator-col-title{padding-right:10px}.tabulator .tabulator-header .tabulator-calcs-holder{border-bottom:1px solid rgba(0,0,0,.12);width:100%}.tabulator .tabulator-header .tabulator-frozen-rows-holder{min-width:600%}.tabulator .tabulator-header .tabulator-frozen-rows-holder:empty{display:none}.tabulator .tabulator-tableholder .tabulator-table{color:inherit}.tabulator .tabulator-footer{background-color:transparent;color:inherit}.tabulator .tabulator-footer .tabulator-spreadsheet-tabs .tabulator-spreadsheet-tab{font-weight:400;padding:8px 12px}.tabulator .tabulator-footer .tabulator-spreadsheet-tabs .tabulator-spreadsheet-tab.tabulator-spreadsheet-tab-active{color:#ee6e73}.tabulator .tabulator-footer .tabulator-paginator{color:inherit}.tabulator .tabulator-footer .tabulator-page{background:hsla(0,0%,100%,.2);border-radius:0;border-right:none;margin:5px 0 0;padding:8px 12px}.tabulator .tabulator-footer .tabulator-page:first-of-type,.tabulator .tabulator-footer .tabulator-page[data-page=next]{border-bottom-left-radius:4px;border-top-left-radius:4px}.tabulator .tabulator-footer .tabulator-page:last-of-type,.tabulator .tabulator-footer .tabulator-page[data-page=prev]{border:1px solid rgba(0,0,0,.12);border-bottom-right-radius:4px;border-top-right-radius:4px}.tabulator .tabulator-footer .tabulator-page.active{color:#ee6e73}.tabulator.striped .tabulator-row:nth-child(2n){background-color:#f8f8f8}.tabulator.striped .tabulator-row:nth-child(2n).tabulator-selected{background-color:#ee6e73!important}@media (hover:hover) and (pointer:fine){.tabulator.striped .tabulator-row:nth-child(2n).tabulator-selectable:hover{background-color:#f8f8f8;cursor:pointer}.tabulator.striped .tabulator-row:nth-child(2n).tabulator-selected:hover{background-color:#ee6e73!important;cursor:pointer}}.tabulator-row{border-bottom:1px solid rgba(0,0,0,.12);min-height:46px}.tabulator-row.tabulator-row-even{background-color:#fff}.tabulator-row .tabulator-cell{border-right:none;padding:15px}.tabulator-row .tabulator-cell:last-of-type{border-right:none}.tabulator-row .tabulator-cell.tabulator-row-header{background:#fff;border-bottom:none;border-right:1px solid rgba(0,0,0,.12)}.tabulator-row .tabulator-cell .tabulator-data-tree-control{border:1px solid #ccc}.tabulator-row .tabulator-cell .tabulator-data-tree-control .tabulator-data-tree-control-collapse:after,.tabulator-row .tabulator-cell .tabulator-data-tree-control .tabulator-data-tree-control-expand,.tabulator-row .tabulator-cell .tabulator-data-tree-control .tabulator-data-tree-control-expand:after{background:#ccc}.tabulator-row.tabulator-group{background:#fafafa}.tabulator-row.tabulator-group span{color:#666;margin-left:10px}.tabulator-edit-select-list{background:#fff}.tabulator-edit-select-list .tabulator-edit-select-list-item{color:inherit}.tabulator-edit-select-list .tabulator-edit-select-list-item.active{color:#fff}.tabulator-edit-select-list .tabulator-edit-select-list-item.active.focused{outline:1px solid hsla(0,0%,100%,.5)}@media (hover:hover) and (pointer:fine){.tabulator-edit-select-list .tabulator-edit-select-list-item:hover{color:#fff}}.tabulator-edit-select-list .tabulator-edit-select-list-group,.tabulator-edit-select-list .tabulator-edit-select-list-notice{color:inherit}.tabulator.tabulator-rtl .tabulator-header .tabulator-col{border-left:none;border-right:none}.tabulator-print-table .tabulator-print-table-group{background:#fafafa}.tabulator-print-table .tabulator-print-table-group span{color:#666;margin-left:10px}.tabulator-print-table .tabulator-data-tree-control{border:1px solid #ccc}.tabulator-print-table .tabulator-data-tree-control .tabulator-data-tree-control-collapse:after,.tabulator-print-table .tabulator-data-tree-control .tabulator-data-tree-control-expand,.tabulator-print-table .tabulator-data-tree-control .tabulator-data-tree-control-expand:after{background:#ccc} -/*# sourceMappingURL=tabulator_materialize.min.css.map */ \ No newline at end of file diff --git a/packages/syft/src/syft/assets/css/tabulator_pysyft.min.css b/packages/syft/src/syft/assets/css/tabulator_pysyft.min.css new file mode 100644 index 00000000000..f474df40562 --- /dev/null +++ b/packages/syft/src/syft/assets/css/tabulator_pysyft.min.css @@ -0,0 +1,6 @@ +:root{--tabulator-background-color:#fff;--tabulator-border-color:rgba(0,0,0,.12);--tabulator-text-size:16px;--tabulator-header-background-color:#f5f5f5;--tabulator-header-text-color:#555;--tabulator-header-border-color:rgba(0,0,0,.12);--tabulator-header-separator-color:rgba(0,0,0,.12);--tabulator-header-margin:4px;--tabulator-sort-arrow-hover:#555;--tabulator-sort-arrow-active:#666;--tabulator-sort-arrow-inactive:#bbb;--tabulator-column-resize-guide-color:#999;--tabulator-row-background-color:#fff;--tabulator-row-alt-background-color:#f8f8f8;--tabulator-row-border-color:rgba(0,0,0,.12);--tabulator-row-text-color:#333;--tabulator-row-hover-background:#e1f5fe;--tabulator-row-selected-background:#17161d;--tabulator-row-selected-background-hover:#17161d;--tabulator-edit-box-color:#17161d;--tabulator-error-color:#d00;--tabulator-footer-background-color:transparent;--tabulator-footer-text-color:#555;--tabulator-footer-border-color:rgba(0,0,0,.12);--tabulator-footer-separator-color:rgba(0,0,0,.12);--tabulator-footer-active-color:#17161d;--tabulator-spreadsheet-active-tab-color:#fff;--tabulator-range-border-color:#17161d;--tabulator-range-handle-color:#17161d;--tabulator-range-header-selected-background:var( + --tabulator-range-border-color + );--tabulator-range-header-selected-text-color:#fff;--tabulator-range-header-highlight-background:colors-gray-timberwolf;--tabulator-range-header-text-highlight-background:#fff;--tabulator-pagination-button-background:#fff;--tabulator-pagination-button-background-hover:#06c;--tabulator-pagination-button-color:#999;--tabulator-pagination-button-color-hover:#fff;--tabulator-pagination-button-color-active:#000;--tabulator-cell-padding:15px}body.vscode-dark,body[data-jp-theme-light=false]{--tabulator-background-color:#080808;--tabulator-border-color:#666;--tabulator-text-size:16px;--tabulator-header-background-color:#212121;--tabulator-header-text-color:#555;--tabulator-header-border-color:#666;--tabulator-header-separator-color:#666;--tabulator-header-margin:4px;--tabulator-sort-arrow-hover:#fff;--tabulator-sort-arrow-active:#e6e6e6;--tabulator-sort-arrow-inactive:#666;--tabulator-column-resize-guide-color:#999;--tabulator-row-background-color:#080808;--tabulator-row-alt-background-color:#212121;--tabulator-row-border-color:#666;--tabulator-row-text-color:#f8f8f8;--tabulator-row-hover-background:#333;--tabulator-row-selected-background:#241e1e;--tabulator-row-selected-background-hover:#333;--tabulator-edit-box-color:#333;--tabulator-error-color:#d00;--tabulator-footer-background-color:transparent;--tabulator-footer-text-color:#555;--tabulator-footer-border-color:rgba(0,0,0,.12);--tabulator-footer-separator-color:rgba(0,0,0,.12);--tabulator-footer-active-color:#17161d;--tabulator-spreadsheet-active-tab-color:#fff;--tabulator-range-border-color:#17161d;--tabulator-range-handle-color:var(--tabulator-range-border-color);--tabulator-range-header-selected-background:var( + --tabulator-range-border-color + );--tabulator-range-header-selected-text-color:#fff;--tabulator-range-header-highlight-background:#d6d6d6;--tabulator-range-header-text-highlight-background:#fff;--tabulator-pagination-button-background:#212121;--tabulator-pagination-button-background-hover:#555;--tabulator-pagination-button-color:#999;--tabulator-pagination-button-color-hover:#fff;--tabulator-pagination-button-color-active:#fff;--tabulator-cell-padding:15px}.tabulator{border:1px solid var(--tabulator-border-color);font-size:var(--tabulator-text-size);overflow:hidden;position:relative;text-align:left;-webkit-transform:translateZ(0);-moz-transform:translateZ(0);-ms-transform:translateZ(0);-o-transform:translateZ(0);transform:translateZ(0)}.tabulator[tabulator-layout=fitDataFill] .tabulator-tableholder .tabulator-table{min-width:100%}.tabulator[tabulator-layout=fitDataTable]{display:inline-block}.tabulator.tabulator-block-select,.tabulator.tabulator-ranges .tabulator-cell:not(.tabulator-editing){user-select:none}.tabulator .tabulator-header{background-color:var(--tabulator-header-background-color);border-bottom:1px solid var(--tabulator-header-separator-color);box-sizing:border-box;color:var(--tabulator-header-text-color);font-weight:700;outline:none;overflow:hidden;position:relative;-moz-user-select:none;-khtml-user-select:none;-webkit-user-select:none;-o-user-select:none;white-space:nowrap;width:100%}.tabulator .tabulator-header.tabulator-header-hidden{display:none}.tabulator .tabulator-header .tabulator-header-contents{overflow:hidden;position:relative}.tabulator .tabulator-header .tabulator-header-contents .tabulator-headers{display:inline-block}.tabulator .tabulator-header .tabulator-col{background:var(--tabulator-header-background-color);border-right:1px solid var(--tabulator-header-border-color);box-sizing:border-box;display:inline-flex;flex-direction:column;justify-content:flex-start;overflow:hidden;position:relative;text-align:left;vertical-align:bottom}.tabulator .tabulator-header .tabulator-col.tabulator-moving{background:hsl(var(--tabulator-header-background-color),calc(var(--tabulator-header-background-color) - 5%))!important;border:1px solid var(--tabulator-header-separator-color);pointer-events:none;position:absolute}.tabulator .tabulator-header .tabulator-col.tabulator-range-highlight{background-color:var(--tabulator-range-header-highlight-background);color:var(--tabulator-range-header-text-highlight-background)}.tabulator .tabulator-header .tabulator-col.tabulator-range-selected{background-color:var(--tabulator-range-header-selected-background);color:var(--tabulator-range-header-selected-text-color)}.tabulator .tabulator-header .tabulator-col .tabulator-col-content{box-sizing:border-box;padding:4px;position:relative}.tabulator .tabulator-header .tabulator-col .tabulator-col-content .tabulator-header-popup-button{padding:0 8px}.tabulator .tabulator-header .tabulator-col .tabulator-col-content .tabulator-header-popup-button:hover{cursor:pointer;opacity:.6}.tabulator .tabulator-header .tabulator-col .tabulator-col-content .tabulator-col-title-holder{position:relative}.tabulator .tabulator-header .tabulator-col .tabulator-col-content .tabulator-col-title{box-sizing:border-box;overflow:hidden;text-overflow:ellipsis;vertical-align:bottom;white-space:nowrap;width:100%}.tabulator .tabulator-header .tabulator-col .tabulator-col-content .tabulator-col-title.tabulator-col-title-wrap{text-overflow:clip;white-space:normal}.tabulator .tabulator-header .tabulator-col .tabulator-col-content .tabulator-col-title .tabulator-title-editor{background:#fff;border:1px solid #999;box-sizing:border-box;padding:1px;width:100%}.tabulator .tabulator-header .tabulator-col .tabulator-col-content .tabulator-col-title .tabulator-header-popup-button+.tabulator-title-editor{width:calc(100% - 22px)}.tabulator .tabulator-header .tabulator-col .tabulator-col-content .tabulator-col-sorter{align-items:center;bottom:0;display:flex;position:absolute;right:4px;top:0}.tabulator .tabulator-header .tabulator-col .tabulator-col-content .tabulator-col-sorter .tabulator-arrow{border-bottom:6px solid var(--tabulator-sort-arrow-inactive);border-left:6px solid transparent;border-right:6px solid transparent;height:0;width:0}.tabulator .tabulator-header .tabulator-col.tabulator-col-group .tabulator-col-group-cols{border-top:1px solid var(--tabulator-header-border-color);display:flex;margin-right:-1px;overflow:hidden;position:relative}.tabulator .tabulator-header .tabulator-col .tabulator-header-filter{box-sizing:border-box;margin-top:2px;position:relative;text-align:center;width:100%}.tabulator .tabulator-header .tabulator-col .tabulator-header-filter textarea{height:auto!important}.tabulator .tabulator-header .tabulator-col .tabulator-header-filter svg{margin-top:3px}.tabulator .tabulator-header .tabulator-col .tabulator-header-filter input::-ms-clear{height:0;width:0}.tabulator .tabulator-header .tabulator-col.tabulator-sortable .tabulator-col-title{padding-right:25px}@media (hover:hover) and (pointer:fine){.tabulator .tabulator-header .tabulator-col.tabulator-sortable.tabulator-col-sorter-element:hover{background-color:hsl(var(--tabulator-header-background-color),calc(var(--tabulator-header-background-color) - 10%))!important;cursor:pointer}}.tabulator .tabulator-header .tabulator-col.tabulator-sortable[aria-sort=none] .tabulator-col-content .tabulator-col-sorter{color:var(--tabulator-sort-arrow-inactive)}@media (hover:hover) and (pointer:fine){.tabulator .tabulator-header .tabulator-col.tabulator-sortable[aria-sort=none] .tabulator-col-content .tabulator-col-sorter.tabulator-col-sorter-element .tabulator-arrow:hover{border-bottom:6px solid var(--tabulator-sort-arrow-hover);cursor:pointer}}.tabulator .tabulator-header .tabulator-col.tabulator-sortable[aria-sort=none] .tabulator-col-content .tabulator-col-sorter .tabulator-arrow{border-bottom:6px solid var(--tabulator-sort-arrow-inactive);border-top:none}.tabulator .tabulator-header .tabulator-col.tabulator-sortable[aria-sort=ascending] .tabulator-col-content .tabulator-col-sorter{color:var(--tabulator-sort-arrow-active)}@media (hover:hover) and (pointer:fine){.tabulator .tabulator-header .tabulator-col.tabulator-sortable[aria-sort=ascending] .tabulator-col-content .tabulator-col-sorter.tabulator-col-sorter-element .tabulator-arrow:hover{border-bottom:6px solid var(--tabulator-sort-arrow-hover);cursor:pointer}}.tabulator .tabulator-header .tabulator-col.tabulator-sortable[aria-sort=ascending] .tabulator-col-content .tabulator-col-sorter .tabulator-arrow{border-bottom:6px solid var(--tabulator-sort-arrow-active);border-top:none}.tabulator .tabulator-header .tabulator-col.tabulator-sortable[aria-sort=descending] .tabulator-col-content .tabulator-col-sorter{color:var(--tabulator-sort-arrow-active)}@media (hover:hover) and (pointer:fine){.tabulator .tabulator-header .tabulator-col.tabulator-sortable[aria-sort=descending] .tabulator-col-content .tabulator-col-sorter.tabulator-col-sorter-element .tabulator-arrow:hover{border-top:6px solid var(--tabulator-sort-arrow-hover);cursor:pointer}}.tabulator .tabulator-header .tabulator-col.tabulator-sortable[aria-sort=descending] .tabulator-col-content .tabulator-col-sorter .tabulator-arrow{border-bottom:none;border-top:6px solid var(--tabulator-sort-arrow-active);color:var(--tabulator-sort-arrow-active)}.tabulator .tabulator-header .tabulator-col.tabulator-col-vertical .tabulator-col-content .tabulator-col-title{align-items:center;display:flex;justify-content:center;text-orientation:mixed;writing-mode:vertical-rl}.tabulator .tabulator-header .tabulator-col.tabulator-col-vertical.tabulator-col-vertical-flip .tabulator-col-title{transform:rotate(180deg)}.tabulator .tabulator-header .tabulator-col.tabulator-col-vertical.tabulator-sortable .tabulator-col-title{padding-right:0;padding-top:20px}.tabulator .tabulator-header .tabulator-col.tabulator-col-vertical.tabulator-sortable.tabulator-col-vertical-flip .tabulator-col-title{padding-bottom:20px;padding-right:0}.tabulator .tabulator-header .tabulator-col.tabulator-col-vertical.tabulator-sortable .tabulator-col-sorter{bottom:auto;justify-content:center;left:0;right:0;top:4px}.tabulator .tabulator-header .tabulator-frozen{left:0;position:sticky;z-index:11}.tabulator .tabulator-header .tabulator-frozen.tabulator-frozen-left{border-right:2px solid var(--tabulator-row-border-color)}.tabulator .tabulator-header .tabulator-frozen.tabulator-frozen-right{border-left:2px solid var(--tabulator-row-border-color)}.tabulator .tabulator-header .tabulator-calcs-holder{border-bottom:1px solid var(--tabulator-header-border-color);border-top:1px solid var(--tabulator-row-border-color);box-sizing:border-box;display:inline-block}.tabulator .tabulator-header .tabulator-calcs-holder,.tabulator .tabulator-header .tabulator-calcs-holder .tabulator-row{background:hsl(var(--tabulator-header-background-color),calc(var(--tabulator-header-background-color) + 5%))!important}.tabulator .tabulator-header .tabulator-calcs-holder .tabulator-row .tabulator-col-resize-handle{display:none}.tabulator .tabulator-header .tabulator-frozen-rows-holder{display:inline-block}.tabulator .tabulator-tableholder{-webkit-overflow-scrolling:touch;overflow:auto;position:relative;white-space:nowrap;width:100%}.tabulator .tabulator-tableholder:focus{outline:none}.tabulator .tabulator-tableholder .tabulator-placeholder{align-items:center;box-sizing:border-box;display:flex;justify-content:center;min-width:100%;width:100%}.tabulator .tabulator-tableholder .tabulator-placeholder[tabulator-render-mode=virtual]{min-height:100%}.tabulator .tabulator-tableholder .tabulator-placeholder .tabulator-placeholder-contents{color:#ccc;display:inline-block;font-size:20px;font-weight:700;padding:10px;text-align:center;white-space:normal}.tabulator .tabulator-tableholder .tabulator-table{background-color:var(--tabulator-row-background-color);color:var(--tabulator-row-text-color);display:inline-block;overflow:visible;position:relative;white-space:nowrap}.tabulator .tabulator-tableholder .tabulator-table .tabulator-row.tabulator-calcs{background:hsl(var(--tabulator-row-atl-background-color),calc(var(--tabulator-row-alt-background-color) - 5%))!important;font-weight:700}.tabulator .tabulator-tableholder .tabulator-table .tabulator-row.tabulator-calcs.tabulator-calcs-top{border-bottom:2px solid var(--tabulator-row-border-color)}.tabulator .tabulator-tableholder .tabulator-table .tabulator-row.tabulator-calcs.tabulator-calcs-bottom{border-top:2px solid var(--tabulator-row-border-color)}.tabulator .tabulator-tableholder .tabulator-range-overlay{inset:0;pointer-events:none;position:absolute;z-index:10}.tabulator .tabulator-tableholder .tabulator-range-overlay .tabulator-range{border:1px solid var(--tabulator-range-border-color);box-sizing:border-box;position:absolute}.tabulator .tabulator-tableholder .tabulator-range-overlay .tabulator-range.tabulator-range-active:after{background-color:var(--tabulator-range-handle-color);border-radius:999px;bottom:-3px;content:"";height:6px;position:absolute;right:-3px;width:6px}.tabulator .tabulator-tableholder .tabulator-range-overlay .tabulator-range-cell-active{border:2px solid var(--tabulator-range-border-color);box-sizing:border-box;position:absolute}.tabulator .tabulator-footer{border-top:1px solid var(--tabulator-footer-separator-color);color:var(--tabulator-footer-text-color);font-weight:700;user-select:none;-moz-user-select:none;-khtml-user-select:none;-webkit-user-select:none;-o-user-select:none;white-space:nowrap}.tabulator .tabulator-footer .tabulator-footer-contents{align-items:center;display:flex;flex-direction:row;justify-content:space-between;padding:5px 10px}.tabulator .tabulator-footer .tabulator-footer-contents:empty{display:none}.tabulator .tabulator-footer .tabulator-spreadsheet-tabs{margin-top:-5px;overflow-x:auto}.tabulator .tabulator-footer .tabulator-spreadsheet-tabs .tabulator-spreadsheet-tab{border:1px solid var(--tabulator-border-color);border-bottom-left-radius:5px;border-bottom-right-radius:5px;border-top:none;display:inline-block;font-size:.9em;padding:5px}.tabulator .tabulator-footer .tabulator-spreadsheet-tabs .tabulator-spreadsheet-tab:hover{cursor:pointer;opacity:.7}.tabulator .tabulator-footer .tabulator-spreadsheet-tabs .tabulator-spreadsheet-tab.tabulator-spreadsheet-tab-active{background:var(--tabulator-spreadsheet-active-tab-color)}.tabulator .tabulator-footer .tabulator-calcs-holder{border-bottom:1px solid var(--tabulator-row-border-color);border-top:1px solid var(--tabulator-row-border-color);box-sizing:border-box;overflow:hidden;text-align:left;width:100%}.tabulator .tabulator-footer .tabulator-calcs-holder .tabulator-row{display:inline-block}.tabulator .tabulator-footer .tabulator-calcs-holder .tabulator-row .tabulator-col-resize-handle{display:none}.tabulator .tabulator-footer .tabulator-calcs-holder:only-child{border-bottom:none;margin-bottom:-5px}.tabulator .tabulator-footer>*+.tabulator-page-counter{margin-left:10px}.tabulator .tabulator-footer .tabulator-page-counter{font-weight:400}.tabulator .tabulator-footer .tabulator-paginator{color:var(--tabulator-footer-text-color);flex:1;font-family:inherit;font-size:inherit;font-weight:inherit;text-align:right}.tabulator .tabulator-footer .tabulator-page-size{border:1px solid var(--tabulator-footer-border-color);border-radius:3px;display:inline-block;margin:0 5px;padding:2px 5px}.tabulator .tabulator-footer .tabulator-pages{margin:0 7px}.tabulator .tabulator-footer .tabulator-page{background:hsla(0,0%,100%,.2);border:1px solid var(--tabulator-footer-border-color);border-radius:3px;display:inline-block;margin:0 2px;padding:2px 5px}.tabulator .tabulator-footer .tabulator-page.active{color:var(--tabulator-footer-active-color)}.tabulator .tabulator-footer .tabulator-page:disabled{opacity:.5}@media (hover:hover) and (pointer:fine){.tabulator .tabulator-footer .tabulator-page:not(disabled):hover{background:rgba(0,0,0,.2);color:#fff;cursor:pointer}}.tabulator .tabulator-col-resize-handle{display:inline-block;margin-left:-3px;margin-right:-3px;position:relative;vertical-align:middle;width:6px;z-index:11}@media (hover:hover) and (pointer:fine){.tabulator .tabulator-col-resize-handle:hover{cursor:ew-resize}}.tabulator .tabulator-col-resize-handle:last-of-type{margin-right:0;width:3px}.tabulator .tabulator-col-resize-guide{height:100%;margin-left:-.5px;top:0;width:4px}.tabulator .tabulator-col-resize-guide,.tabulator .tabulator-row-resize-guide{background-color:var(--tabulator-column-resize-guide-color);opacity:.5;position:absolute}.tabulator .tabulator-row-resize-guide{height:4px;left:0;margin-top:-.5px;width:100%}.tabulator .tabulator-alert{align-items:center;background:rgba(0,0,0,.4);display:flex;height:100%;left:0;position:absolute;text-align:center;top:0;width:100%;z-index:100}.tabulator .tabulator-alert .tabulator-alert-msg{background:#fff;border-radius:10px;display:inline-block;font-size:16px;font-weight:700;margin:0 auto;padding:10px 20px}.tabulator .tabulator-alert .tabulator-alert-msg.tabulator-alert-state-msg{border:4px solid #333;color:#000}.tabulator .tabulator-alert .tabulator-alert-msg.tabulator-alert-state-error{border:4px solid #d00;color:#590000}.tabulator-row{background-color:var(--tabulator-row-background-color);box-sizing:border-box;min-height:calc(var(--tabulator-text-size) + var(--tabulator-header-margin)*2);position:relative}.tabulator-row.tabulator-row-even{background-color:var(--tabulator-row-alt-background-color)}@media (hover:hover) and (pointer:fine){.tabulator-row.tabulator-selectable:hover{background-color:var(--tabulator-row-hover-background);cursor:pointer}}.tabulator-row.tabulator-selected{background-color:var(--tabulator-row-selected-background)}@media (hover:hover) and (pointer:fine){.tabulator-row.tabulator-selected:hover{background-color:var(--tabulator-row-selected-background-hover);cursor:pointer}}.tabulator-row.tabulator-row-moving{background:#fff;border:1px solid #000}.tabulator-row.tabulator-moving{border-bottom:1px solid var(--tabulator-row-border-color);border-top:1px solid var(--tabulator-row-border-color);pointer-events:none;position:absolute;z-index:15}.tabulator-row.tabulator-range-highlight .tabulator-cell.tabulator-range-row-header{background-color:var(--tabulator-range-header-highlight-background);color:var(--tabulator-range-header-text-highlight-background)}.tabulator-row.tabulator-range-highlight.tabulator-range-selected .tabulator-cell.tabulator-range-row-header,.tabulator-row.tabulator-range-selected .tabulator-cell.tabulator-range-row-header{background-color:var(--tabulator-range-header-selected-background);color:var(--tabulator-range-header-selected-text-color)}.tabulator-row .tabulator-row-resize-handle{bottom:0;height:5px;left:0;position:absolute;right:0}.tabulator-row .tabulator-row-resize-handle.prev{bottom:auto;top:0}@media (hover:hover) and (pointer:fine){.tabulator-row .tabulator-row-resize-handle:hover{cursor:ns-resize}}.tabulator-row .tabulator-responsive-collapse{border-bottom:1px solid var(--tabulator-row-border-color);border-top:1px solid var(--tabulator-row-border-color);box-sizing:border-box;padding:5px}.tabulator-row .tabulator-responsive-collapse:empty{display:none}.tabulator-row .tabulator-responsive-collapse table{font-size:var(--tabulator-text-size)}.tabulator-row .tabulator-responsive-collapse table tr td{position:relative}.tabulator-row .tabulator-responsive-collapse table tr td:first-of-type{padding-right:10px}.tabulator-row .tabulator-cell{border-right:1px solid var(--tabulator-row-border-color);box-sizing:border-box;display:inline-block;outline:none;overflow:hidden;padding:4px;position:relative;text-overflow:ellipsis;vertical-align:middle;white-space:nowrap}.tabulator-row .tabulator-cell.tabulator-row-header{border-bottom:1px solid var(--tabulator-row-border-color)}.tabulator-row .tabulator-cell.tabulator-frozen{background-color:inherit;display:inline-block;left:0;position:sticky;z-index:11}.tabulator-row .tabulator-cell.tabulator-frozen.tabulator-frozen-left{border-right:2px solid var(--tabulator-row-border-color)}.tabulator-row .tabulator-cell.tabulator-frozen.tabulator-frozen-right{border-left:2px solid var(--tabulator-row-border-color)}.tabulator-row .tabulator-cell.tabulator-editing{border:1px solid var(--tabulator-edit-box-color);outline:none;padding:0}.tabulator-row .tabulator-cell.tabulator-editing input,.tabulator-row .tabulator-cell.tabulator-editing select{background:transparent;border:1px;outline:none}.tabulator-row .tabulator-cell.tabulator-validation-fail{border:1px solid var(--tabulator-error-color)}.tabulator-row .tabulator-cell.tabulator-validation-fail input,.tabulator-row .tabulator-cell.tabulator-validation-fail select{background:transparent;border:1px;color:var(--tabulator-error-color)}.tabulator-row .tabulator-cell.tabulator-row-handle{align-items:center;display:inline-flex;justify-content:center;-moz-user-select:none;-khtml-user-select:none;-webkit-user-select:none;-o-user-select:none}.tabulator-row .tabulator-cell.tabulator-row-handle .tabulator-row-handle-box{width:80%}.tabulator-row .tabulator-cell.tabulator-row-handle .tabulator-row-handle-box .tabulator-row-handle-bar{background:#666;height:3px;margin-top:2px;width:100%}.tabulator-row .tabulator-cell.tabulator-range-selected:not(.tabulator-range-only-cell-selected):not(.tabulator-range-row-header){background-color:var(--tabulator-row-selected-background)}.tabulator-row .tabulator-cell .tabulator-data-tree-branch-empty{display:inline-block;width:7px}.tabulator-row .tabulator-cell .tabulator-data-tree-branch{border-bottom:2px solid var(--tabulator-row-border-color);border-bottom-left-radius:1px;border-left:2px solid var(--tabulator-row-border-color);display:inline-block;height:9px;margin-right:5px;margin-top:-9px;vertical-align:middle;width:7px}.tabulator-row .tabulator-cell .tabulator-data-tree-control{align-items:center;background:rgba(0,0,0,.1);border:1px solid var(--tabulator-row-text-color);border-radius:2px;display:inline-flex;height:11px;justify-content:center;margin-right:5px;overflow:hidden;vertical-align:middle;width:11px}@media (hover:hover) and (pointer:fine){.tabulator-row .tabulator-cell .tabulator-data-tree-control:hover{background:rgba(0,0,0,.2);cursor:pointer}}.tabulator-row .tabulator-cell .tabulator-data-tree-control .tabulator-data-tree-control-collapse{background:transparent;display:inline-block;height:7px;position:relative;width:1px}.tabulator-row .tabulator-cell .tabulator-data-tree-control .tabulator-data-tree-control-collapse:after{background:var(--tabulator-row-text-color);content:"";height:1px;left:-3px;position:absolute;top:3px;width:7px}.tabulator-row .tabulator-cell .tabulator-data-tree-control .tabulator-data-tree-control-expand{background:var(--tabulator-row-text-color);display:inline-block;height:7px;position:relative;width:1px}.tabulator-row .tabulator-cell .tabulator-data-tree-control .tabulator-data-tree-control-expand:after{background:var(--tabulator-row-text-color);content:"";height:1px;left:-3px;position:absolute;top:3px;width:7px}.tabulator-row .tabulator-cell .tabulator-responsive-collapse-toggle{align-items:center;background:#666;border-radius:20px;color:var(--tabulator-row-background-color);display:inline-flex;font-size:1.1em;font-weight:700;height:15px;justify-content:center;-moz-user-select:none;-khtml-user-select:none;-webkit-user-select:none;-o-user-select:none;width:15px}@media (hover:hover) and (pointer:fine){.tabulator-row .tabulator-cell .tabulator-responsive-collapse-toggle:hover{cursor:pointer;opacity:.7}}.tabulator-row .tabulator-cell .tabulator-responsive-collapse-toggle.open .tabulator-responsive-collapse-toggle-close{display:initial}.tabulator-row .tabulator-cell .tabulator-responsive-collapse-toggle.open .tabulator-responsive-collapse-toggle-open{display:none}.tabulator-row .tabulator-cell .tabulator-responsive-collapse-toggle svg{stroke:var(--tabulator-row-background-color)}.tabulator-row .tabulator-cell .tabulator-responsive-collapse-toggle .tabulator-responsive-collapse-toggle-close{display:none}.tabulator-row .tabulator-cell .tabulator-traffic-light{border-radius:14px;display:inline-block;height:14px;width:14px}.tabulator-row.tabulator-group{background:#ccc;border-bottom:1px solid #999;border-right:1px solid var(--tabulator-row-border-color);border-top:1px solid #999;box-sizing:border-box;font-weight:700;min-width:100%;padding:5px 5px 5px 10px}@media (hover:hover) and (pointer:fine){.tabulator-row.tabulator-group:hover{background-color:rgba(0,0,0,.1);cursor:pointer}}.tabulator-row.tabulator-group.tabulator-group-visible .tabulator-arrow{border-bottom:0;border-left:6px solid transparent;border-right:6px solid transparent;border-top:6px solid var(--tabulator-sort-arrow-active);margin-right:10px}.tabulator-row.tabulator-group.tabulator-group-level-1{padding-left:30px}.tabulator-row.tabulator-group.tabulator-group-level-2{padding-left:50px}.tabulator-row.tabulator-group.tabulator-group-level-3{padding-left:70px}.tabulator-row.tabulator-group.tabulator-group-level-4{padding-left:90px}.tabulator-row.tabulator-group.tabulator-group-level-5{padding-left:110px}.tabulator-row.tabulator-group .tabulator-group-toggle{display:inline-block}.tabulator-row.tabulator-group .tabulator-arrow{border-bottom:6px solid transparent;border-left:6px solid var(--tabulator-sort-arrow-active);border-right:0;border-top:6px solid transparent;display:inline-block;height:0;margin-right:16px;vertical-align:middle;width:0}.tabulator-row.tabulator-group span{color:#d00}.tabulator-toggle{background:#dcdcdc;border:1px solid #ccc;box-sizing:border-box;display:flex;flex-direction:row}.tabulator-toggle.tabulator-toggle-on{background:#1c6cc2}.tabulator-toggle .tabulator-toggle-switch{background:#fff;border:1px solid #ccc;box-sizing:border-box}.tabulator-popup-container{-webkit-overflow-scrolling:touch;background:var(--tabulator-row-background-color);border:1px solid var(--tabulator-row-border-color);box-shadow:0 0 5px 0 rgba(0,0,0,.2);box-sizing:border-box;display:inline-block;font-size:var(--tabulator-text-size);overflow-y:auto;position:absolute;z-index:10000}.tabulator-popup{border-radius:3px;padding:5px}.tabulator-tooltip{border-radius:2px;box-shadow:none;font-size:12px;max-width:min(500px,100%);padding:3px 5px;pointer-events:none}.tabulator-menu .tabulator-menu-item{box-sizing:border-box;padding:5px 10px;position:relative;user-select:none}.tabulator-menu .tabulator-menu-item.tabulator-menu-item-disabled{opacity:.5}@media (hover:hover) and (pointer:fine){.tabulator-menu .tabulator-menu-item:not(.tabulator-menu-item-disabled):hover{background:var(--tabulator-row-alt-background-color);cursor:pointer}}.tabulator-menu .tabulator-menu-item.tabulator-menu-item-submenu{padding-right:25px}.tabulator-menu .tabulator-menu-item.tabulator-menu-item-submenu:after{border-color:var(--tabulator-row-border-color);border-style:solid;border-width:1px 1px 0 0;content:"";display:inline-block;height:7px;position:absolute;right:10px;top:calc(5px + .4em);transform:rotate(45deg);vertical-align:top;width:7px}.tabulator-menu .tabulator-menu-separator{border-top:1px solid var(--tabulator-row-border-color)}.tabulator-edit-list{-webkit-overflow-scrolling:touch;font-size:var(--tabulator-text-size);max-height:200px;overflow-y:auto}.tabulator-edit-list .tabulator-edit-list-item{color:var(--tabulator-row-text-color);outline:none;padding:4px}.tabulator-edit-list .tabulator-edit-list-item.active{background:var(--tabulator-edit-box-color);color:var(--tabulator-row-background-color)}.tabulator-edit-list .tabulator-edit-list-item.active.focused{outline:1px solid rgba(var(--tabulator-row-background-color),.5)}.tabulator-edit-list .tabulator-edit-list-item.focused{outline:1px solid var(--tabulator-edit-box-color)}@media (hover:hover) and (pointer:fine){.tabulator-edit-list .tabulator-edit-list-item:hover{background:var(--tabulator-edit-box-color);color:var(--tabulator-row-background-color);cursor:pointer}}.tabulator-edit-list .tabulator-edit-list-placeholder{color:var(--tabulator-row-text-color);padding:4px;text-align:center}.tabulator-edit-list .tabulator-edit-list-group{border-bottom:1px solid var(--tabulator-row-border-color);color:var(--tabulator-row-text-color);font-weight:700;padding:6px 4px 4px}.tabulator-edit-list .tabulator-edit-list-group.tabulator-edit-list-group-level-2,.tabulator-edit-list .tabulator-edit-list-item.tabulator-edit-list-group-level-2{padding-left:12px}.tabulator-edit-list .tabulator-edit-list-group.tabulator-edit-list-group-level-3,.tabulator-edit-list .tabulator-edit-list-item.tabulator-edit-list-group-level-3{padding-left:20px}.tabulator-edit-list .tabulator-edit-list-group.tabulator-edit-list-group-level-4,.tabulator-edit-list .tabulator-edit-list-item.tabulator-edit-list-group-level-4{padding-left:28px}.tabulator-edit-list .tabulator-edit-list-group.tabulator-edit-list-group-level-5,.tabulator-edit-list .tabulator-edit-list-item.tabulator-edit-list-group-level-5{padding-left:36px}.tabulator.tabulator-ltr{direction:ltr}.tabulator.tabulator-rtl{direction:rtl;text-align:initial}.tabulator.tabulator-rtl .tabulator-header .tabulator-col{border-left:1px solid var(--tabulator-header-border-color);border-right:initial;text-align:initial}.tabulator.tabulator-rtl .tabulator-header .tabulator-col.tabulator-col-group .tabulator-col-group-cols{margin-left:-1px;margin-right:0}.tabulator.tabulator-rtl .tabulator-header .tabulator-col.tabulator-sortable .tabulator-col-title{padding-left:25px;padding-right:0}.tabulator.tabulator-rtl .tabulator-header .tabulator-col .tabulator-col-content .tabulator-col-sorter{left:8px;right:auto}.tabulator.tabulator-rtl .tabulator-tableholder .tabulator-range-overlay .tabulator-range.tabulator-range-active:after{background-color:var(--tabulator-range-handle-color);border-radius:999px;bottom:-3px;content:"";height:6px;left:-3px;position:absolute;right:auto;width:6px}.tabulator.tabulator-rtl .tabulator-row .tabulator-cell{border-left:1px solid var(--tabulator-row-border-color);border-right:initial}.tabulator.tabulator-rtl .tabulator-row .tabulator-cell .tabulator-data-tree-branch{border-bottom-left-radius:0;border-bottom-right-radius:1px;border-left:initial;border-right:2px solid var(--tabulator-row-border-color);margin-left:5px;margin-right:0}.tabulator.tabulator-rtl .tabulator-row .tabulator-cell .tabulator-data-tree-control{margin-left:5px;margin-right:0}.tabulator.tabulator-rtl .tabulator-row .tabulator-cell.tabulator-frozen.tabulator-frozen-left{border-left:2px solid var(--tabulator-row-border-color)}.tabulator.tabulator-rtl .tabulator-row .tabulator-cell.tabulator-frozen.tabulator-frozen-right{border-right:2px solid var(--tabulator-row-border-color)}.tabulator.tabulator-rtl .tabulator-row .tabulator-col-resize-handle:last-of-type{margin-left:0;margin-right:-3px;width:3px}.tabulator.tabulator-rtl .tabulator-footer .tabulator-calcs-holder{text-align:initial}.tabulator-print-fullscreen{bottom:0;left:0;position:absolute;right:0;top:0;z-index:10000}body.tabulator-print-fullscreen-hide>:not(.tabulator-print-fullscreen){display:none!important}.tabulator-print-table{border-collapse:collapse}.tabulator-print-table .tabulator-data-tree-branch{border-bottom:2px solid var(--tabulator-row-border-color);border-bottom-left-radius:1px;border-left:2px solid var(--tabulator-row-border-color);display:inline-block;height:9px;margin-right:5px;margin-top:-9px;vertical-align:middle;width:7px}.tabulator-print-table .tabulator-print-table-group{background:#ccc;border-bottom:1px solid #999;border-right:1px solid var(--tabulator-row-border-color);border-top:1px solid #999;box-sizing:border-box;font-weight:700;min-width:100%;padding:5px 5px 5px 10px}@media (hover:hover) and (pointer:fine){.tabulator-print-table .tabulator-print-table-group:hover{background-color:rgba(0,0,0,.1);cursor:pointer}}.tabulator-print-table .tabulator-print-table-group.tabulator-group-visible .tabulator-arrow{border-bottom:0;border-left:6px solid transparent;border-right:6px solid transparent;border-top:6px solid var(--tabulator-sort-arrow-active);margin-right:10px}.tabulator-print-table .tabulator-print-table-group.tabulator-group-level-1 td{padding-left:30px!important}.tabulator-print-table .tabulator-print-table-group.tabulator-group-level-2 td{padding-left:50px!important}.tabulator-print-table .tabulator-print-table-group.tabulator-group-level-3 td{padding-left:70px!important}.tabulator-print-table .tabulator-print-table-group.tabulator-group-level-4 td{padding-left:90px!important}.tabulator-print-table .tabulator-print-table-group.tabulator-group-level-5 td{padding-left:110px!important}.tabulator-print-table .tabulator-print-table-group .tabulator-group-toggle{display:inline-block}.tabulator-print-table .tabulator-print-table-group .tabulator-arrow{border-bottom:6px solid transparent;border-left:6px solid var(--tabulator-sort-arrow-active);border-right:0;border-top:6px solid transparent;display:inline-block;height:0;margin-right:16px;vertical-align:middle;width:0}.tabulator-print-table .tabulator-print-table-group span{color:#d00}.tabulator-print-table .tabulator-data-tree-control{align-items:center;background:rgba(0,0,0,.1);border:1px solid var(--tabulator-row-text-color);border-radius:2px;display:inline-flex;height:11px;justify-content:center;margin-right:5px;overflow:hidden;vertical-align:middle;width:11px}@media (hover:hover) and (pointer:fine){.tabulator-print-table .tabulator-data-tree-control:hover{background:rgba(0,0,0,.2);cursor:pointer}}.tabulator-print-table .tabulator-data-tree-control .tabulator-data-tree-control-collapse{background:transparent;display:inline-block;height:7px;position:relative;width:1px}.tabulator-print-table .tabulator-data-tree-control .tabulator-data-tree-control-collapse:after{background:var(--tabulator-row-text-color);content:"";height:1px;left:-3px;position:absolute;top:3px;width:7px}.tabulator-print-table .tabulator-data-tree-control .tabulator-data-tree-control-expand{background:var(--tabulator-row-text-color);display:inline-block;height:7px;position:relative;width:1px}.tabulator-print-table .tabulator-data-tree-control .tabulator-data-tree-control-expand:after{background:var(--tabulator-row-text-color);content:"";height:1px;left:-3px;position:absolute;top:3px;width:7px}.tabulator{background-color:var(--tabulator-background-color);max-width:100%;width:100%}.tabulator .tabulator-header{color:inherit}.tabulator .tabulator-header .tabulator-col{border-top:none}.tabulator .tabulator-header .tabulator-col:first-of-type{border-left:none}.tabulator .tabulator-header .tabulator-col:last-of-type{border-right:none}.tabulator .tabulator-header .tabulator-col:not(first-of-type),.tabulator .tabulator-header .tabulator-col:not(last-of-type){border-right:1px solid var(--tabulator-header-border-color)}.tabulator .tabulator-header .tabulator-col .tabulator-col-content{padding:var(--tabulator-cell-padding)}.tabulator .tabulator-header .tabulator-col .tabulator-col-content .tabulator-col-sorter{right:-10px}.tabulator .tabulator-header .tabulator-col.tabulator-col-group .tabulator-col-group-cols{border-top:1px solid var(--tabulator-border-color)}.tabulator .tabulator-header .tabulator-col.tabulator-sortable .tabulator-col-title{padding-right:10px}.tabulator .tabulator-header .tabulator-calcs-holder{border-bottom:1px solid var(--tabulator-header-separator-color);width:100%}.tabulator .tabulator-header .tabulator-frozen-rows-holder{min-width:600%}.tabulator .tabulator-header .tabulator-frozen-rows-holder:empty{display:none}.tabulator .tabulator-header .tabulator-frozen .tabulator-frozen-left,.tabulator .tabulator-header .tabulator-frozen .tabulator-frozen-right{background:inherit}.tabulator .tabulator-tableholder .tabulator-table{color:inherit}.tabulator .tabulator-footer{background-color:var(--tabulator-footer-background-color);color:inherit}.tabulator .tabulator-footer .tabulator-spreadsheet-tabs .tabulator-spreadsheet-tab{font-weight:400;padding:8px 12px}.tabulator .tabulator-footer .tabulator-spreadsheet-tabs .tabulator-spreadsheet-tab.tabulator-spreadsheet-tab-active{color:var(--tabulator-footer-active-color)}.tabulator .tabulator-footer .tabulator-paginator{color:inherit}.tabulator .tabulator-footer .tabulator-page{background:var(--tabulator-pagination-button-background);border-radius:0;border-right:none;color:var(--tabulator-pagination-button-color);margin:5px 0 0;padding:8px 12px}.tabulator .tabulator-footer .tabulator-page:first-of-type,.tabulator .tabulator-footer .tabulator-page[data-page=next]{border-bottom-left-radius:4px;border-top-left-radius:4px}.tabulator .tabulator-footer .tabulator-page:last-of-type,.tabulator .tabulator-footer .tabulator-page[data-page=prev]{border:1px solid var(--tabulator-footer-border-color);border-bottom-right-radius:4px;border-top-right-radius:4px}.tabulator .tabulator-footer .tabulator-page:not(disabled):hover{background:var(--tabulator-pagination-button-background-hover);color:var(--tabulator-pagination-button-color-hover)}.tabulator .tabulator-footer .tabulator-page.active,.tabulator .tabulator-footer .tabulator-page[data-page=first] :not(disabled):not(:hover),.tabulator .tabulator-footer .tabulator-page[data-page=last] :not(disabled):not(:hover),.tabulator .tabulator-footer .tabulator-page[data-page=next] :not(disabled):not(:hover),.tabulator .tabulator-footer .tabulator-page[data-page=prev] :not(disabled):not(:hover){color:var(--tabulator-pagination-button-color-active)}.tabulator.striped .tabulator-row:nth-child(2n){background-color:var(--tabulator-row-alt-background-color)}.tabulator.striped .tabulator-row:nth-child(2n).tabulator-selected{background-color:var(--tabulator-row-selected-background)!important}@media (hover:hover) and (pointer:fine){.tabulator.striped .tabulator-row:nth-child(2n).tabulator-selectable:hover{background-color:var(--tabulator-row-hover-background);cursor:pointer}.tabulator.striped .tabulator-row:nth-child(2n).tabulator-selected:hover{background-color:var(--tabulator-row-selected-background-hover)!important;cursor:pointer}}.tabulator-row{border-bottom:1px solid var(--tabulator-row-border-color);min-height:calc(var(--tabulator-text-size) + var(--tabulator-cell-padding)*2)}.tabulator-row.tabulator-row-even{background-color:var(--tabulator-row-background-color)}.tabulator-row .tabulator-cell{padding:var(--tabulator-cell-padding)}.tabulator-row .tabulator-cell:last-of-type{border-right:none}.tabulator-row .tabulator-cell.tabulator-row-header{background:var(--tabulator-header-background-color);border-bottom:none;border-right:1px solid var(--tabulator-border-color)}.tabulator-row .tabulator-cell .tabulator-data-tree-control{border:1px solid #ccc}.tabulator-row .tabulator-cell .tabulator-data-tree-control .tabulator-data-tree-control-collapse:after,.tabulator-row .tabulator-cell .tabulator-data-tree-control .tabulator-data-tree-control-expand,.tabulator-row .tabulator-cell .tabulator-data-tree-control .tabulator-data-tree-control-expand:after{background:#ccc}.tabulator-row.tabulator-group{background:#fafafa}.tabulator-row.tabulator-group span{color:#666;margin-left:10px}.tabulator-edit-select-list{background:var(--tabulator-header-background-color)}.tabulator-edit-select-list .tabulator-edit-select-list-item{color:inherit}.tabulator-edit-select-list .tabulator-edit-select-list-item.active{color:var(--tabulator-header-background-color)}.tabulator-edit-select-list .tabulator-edit-select-list-item.active.focused{outline:1px solid rgba(var(--tabulator-header-background-color),.5)}@media (hover:hover) and (pointer:fine){.tabulator-edit-select-list .tabulator-edit-select-list-item:hover{color:var(--tabulator-header-background-color)}}.tabulator-edit-select-list .tabulator-edit-select-list-group,.tabulator-edit-select-list .tabulator-edit-select-list-notice{color:inherit}.tabulator.tabulator-rtl .tabulator-header .tabulator-col{border-left:none;border-right:none}.tabulator-print-table .tabulator-print-table-group{background:#fafafa}.tabulator-print-table .tabulator-print-table-group span{color:#666;margin-left:10px}.tabulator-print-table .tabulator-data-tree-control{border:1px solid #ccc}.tabulator-print-table .tabulator-data-tree-control .tabulator-data-tree-control-collapse:after,.tabulator-print-table .tabulator-data-tree-control .tabulator-data-tree-control-expand,.tabulator-print-table .tabulator-data-tree-control .tabulator-data-tree-control-expand:after{background:#ccc} +/*# sourceMappingURL=tabulator_pysyft.min.css.map */ \ No newline at end of file diff --git a/packages/syft/src/syft/assets/js/table.js b/packages/syft/src/syft/assets/js/table.js index bd4bb179f02..1a257627d6a 100644 --- a/packages/syft/src/syft/assets/js/table.js +++ b/packages/syft/src/syft/assets/js/table.js @@ -1,7 +1,7 @@ TABULATOR_SRC = "https://unpkg.com/tabulator-tables@6.2.1/dist/js/tabulator.min"; TABULATOR_CSS = - "https://unpkg.com/tabulator-tables@6.2.1/dist/css/tabulator_materialize.min.css"; + "https://cdn.jsdelivr.net/gh/openmined/pysyft/packages/syft/src/syft/assets/css/tabulator_pysyft.min.css"; document.querySelectorAll(".escape-unfocus").forEach((input) => { input.addEventListener("keydown", (event) => { diff --git a/packages/syft/src/syft/client/domain_client.py b/packages/syft/src/syft/client/domain_client.py index 75ec142bfde..8f1e7cb9dc8 100644 --- a/packages/syft/src/syft/client/domain_client.py +++ b/packages/syft/src/syft/client/domain_client.py @@ -122,7 +122,7 @@ def upload_dataset(self, dataset: CreateDataset) -> SyftSuccess | SyftError: ) prompt_warning_message(message=message, confirm=True) - for asset in tqdm(dataset.asset_list): + for asset in tqdm(dataset.asset_list, colour="green"): print(f"Uploading: {asset.name}") try: twin = TwinObject( diff --git a/packages/syft/src/syft/gevent_patch.py b/packages/syft/src/syft/gevent_patch.py deleted file mode 100644 index c74b10a45b6..00000000000 --- a/packages/syft/src/syft/gevent_patch.py +++ /dev/null @@ -1,37 +0,0 @@ -# stdlib -import os - - -def str_to_bool(bool_str: str | None) -> bool: - result = False - bool_str = str(bool_str).lower() - if bool_str == "true" or bool_str == "1": - result = True - return result - - -GEVENT_MONKEYPATCH = str_to_bool(os.environ.get("GEVENT_MONKEYPATCH", "False")) - -# 🟑 TODO 30: Move this to where we manage the different concurrency modes later -# make sure its stable in containers and other run targets -# if GEVENT_MONKEYPATCH: -# monkey.patch_all(ssl=False) - - -def is_notebook() -> bool: - # third party - from IPython import get_ipython - - try: - shell = get_ipython().__class__.__name__ - if shell == "ZMQInteractiveShell": - return True # Jupyter notebook or qtconsole - elif shell == "TerminalInteractiveShell": - return False # Terminal running IPython - else: - return False # Other type (?) - except NameError: - return False # Probably standard Python interpreter - - -jupyter_notebook = is_notebook() diff --git a/packages/syft/src/syft/node/node.py b/packages/syft/src/syft/node/node.py index 7861ee422e0..64d10f92930 100644 --- a/packages/syft/src/syft/node/node.py +++ b/packages/syft/src/syft/node/node.py @@ -62,6 +62,7 @@ from ..service.job.job_service import JobService from ..service.job.job_stash import Job from ..service.job.job_stash import JobStash +from ..service.job.job_stash import JobType from ..service.log.log_service import LogService from ..service.metadata.metadata_service import MetadataService from ..service.metadata.node_metadata import NodeMetadataV3 @@ -372,10 +373,12 @@ def __init__( use_sqlite = local_db or (processes > 0 and not is_subprocess) document_store_config = document_store_config or self.get_default_store( - use_sqlite=use_sqlite + use_sqlite=use_sqlite, + store_type="Document Store", ) action_store_config = action_store_config or self.get_default_store( - use_sqlite=use_sqlite + use_sqlite=use_sqlite, + store_type="Action Store", ) self.init_stores( action_store_config=action_store_config, @@ -434,12 +437,15 @@ def runs_in_docker(self) -> bool: and any("docker" in line for line in open(path)) ) - def get_default_store(self, use_sqlite: bool) -> StoreConfig: + def get_default_store(self, use_sqlite: bool, store_type: str) -> StoreConfig: if use_sqlite: path = self.get_temp_dir("db") + file_name: str = f"{self.id}.sqlite" + if self.dev_mode: + print(f"{store_type}'s SQLite DB path: {path/file_name}") return SQLiteStoreConfig( client_config=SQLiteStoreClientConfig( - filename=f"{self.id}.sqlite", + filename=file_name, path=path, ) ) @@ -1283,10 +1289,10 @@ def add_api_endpoint_execution_to_queue( action = Action.from_api_endpoint_execution() return self.add_queueitem_to_queue( - queue_item, - credentials, - action, - None, + queue_item=queue_item, + credentials=credentials, + action=action, + job_type=JobType.TWINAPIJOB, ) def get_worker_pool_ref_by_name( @@ -1355,16 +1361,22 @@ def add_action_to_queue( ) return self.add_queueitem_to_queue( - queue_item, credentials, action, parent_job_id, user_id + queue_item=queue_item, + credentials=credentials, + action=action, + parent_job_id=parent_job_id, + user_id=user_id, ) def add_queueitem_to_queue( self, + *, queue_item: QueueItem, credentials: SyftVerifyKey, action: Action | None = None, parent_job_id: UID | None = None, user_id: UID | None = None, + job_type: JobType = JobType.JOB, ) -> Job | SyftError: log_id = UID() role = self.get_role_for_credentials(credentials=credentials) @@ -1398,6 +1410,7 @@ def add_queueitem_to_queue( parent_job_id=parent_job_id, action=action, requested_by=user_id, + job_type=job_type, ) # 🟑 TODO 36: Needs distributed lock @@ -1500,8 +1513,8 @@ def add_api_call_to_queue( worker_pool=worker_pool_ref, ) return self.add_queueitem_to_queue( - queue_item, - api_call.credentials, + queue_item=queue_item, + credentials=api_call.credentials, action=None, parent_job_id=parent_job_id, ) diff --git a/packages/syft/src/syft/protocol/protocol_version.json b/packages/syft/src/syft/protocol/protocol_version.json index e30f48dfd5a..5df701ca714 100644 --- a/packages/syft/src/syft/protocol/protocol_version.json +++ b/packages/syft/src/syft/protocol/protocol_version.json @@ -52,9 +52,9 @@ "hash": "6a7cc7c2bb4dd234c1508b0af4d3b403cd3b7b427578a775bf80dc36891923ed", "action": "remove" }, - "5": { - "version": 5, - "hash": "82ee08442b09797ed7a3710c31de633bb308b1d2215f51b58a3e01a4c201055d", + "6": { + "version": 6, + "hash": "865a2ed791b8abd20d76e9a6bfae7ae7dad51b5ebfd8ff728aab25af93fa5570", "action": "add" } }, diff --git a/packages/syft/src/syft/serde/third_party.py b/packages/syft/src/syft/serde/third_party.py index 17640434b1f..c28efa6036a 100644 --- a/packages/syft/src/syft/serde/third_party.py +++ b/packages/syft/src/syft/serde/third_party.py @@ -26,7 +26,6 @@ from result import Err from result import Ok from result import Result -import zmq.green as zmq # relative from ..types.dicttuple import DictTuple @@ -198,15 +197,6 @@ def serialize_bytes_io(io: BytesIO) -> bytes: deserialize=lambda x: pydantic.EmailStr(x.decode()), ) -recursive_serde_register( - zmq._Socket, - serialize_attrs=[ - "_shadow", - "_monitor_socket", - "_type_name", - ], -) -recursive_serde_register(zmq._Context) # how else do you import a relative file to execute it? NOTHING = None diff --git a/packages/syft/src/syft/service/job/job_stash.py b/packages/syft/src/syft/service/job/job_stash.py index f50b519a3e8..2943913cf73 100644 --- a/packages/syft/src/syft/service/job/job_stash.py +++ b/packages/syft/src/syft/service/job/job_stash.py @@ -31,7 +31,7 @@ from ...types.datetime import DateTime from ...types.datetime import format_timedelta from ...types.syft_object import SYFT_OBJECT_VERSION_2 -from ...types.syft_object import SYFT_OBJECT_VERSION_5 +from ...types.syft_object import SYFT_OBJECT_VERSION_6 from ...types.syft_object import SyftObject from ...types.syncable_object import SyncableSyftObject from ...types.uid import UID @@ -75,10 +75,19 @@ def center_content(text: Any) -> str: return center_div +@serializable() +class JobType(str, Enum): + JOB = "job" + TWINAPIJOB = "twinapijob" + + def __str__(self) -> str: + return self.value + + @serializable() class Job(SyncableSyftObject): __canonical_name__ = "JobItem" - __version__ = SYFT_OBJECT_VERSION_5 + __version__ = SYFT_OBJECT_VERSION_6 id: UID node_uid: UID @@ -98,6 +107,7 @@ class Job(SyncableSyftObject): updated_at: DateTime | None = None user_code_id: UID | None = None requested_by: UID | None = None + job_type: JobType = JobType.JOB __attr_searchable__ = ["parent_job_id", "job_worker_id", "status", "user_code_id"] __repr_attrs__ = [ diff --git a/packages/syft/src/syft/service/queue/zmq_queue.py b/packages/syft/src/syft/service/queue/zmq_queue.py index 43a948b2abf..3ad4b732f89 100644 --- a/packages/syft/src/syft/service/queue/zmq_queue.py +++ b/packages/syft/src/syft/service/queue/zmq_queue.py @@ -11,10 +11,10 @@ # third party from loguru import logger from pydantic import field_validator +import zmq from zmq import Frame from zmq import LINGER from zmq.error import ContextTerminated -import zmq.green as zmq # relative from ...serde.deserialize import _deserialize diff --git a/packages/syft/src/syft/service/request/request.py b/packages/syft/src/syft/service/request/request.py index 5d10f6cc75e..88f035de0bb 100644 --- a/packages/syft/src/syft/service/request/request.py +++ b/packages/syft/src/syft/service/request/request.py @@ -467,9 +467,9 @@ def _coll_repr_(self) -> dict[str, str | dict[str, str]]: ] return { - "Request time": str(self.request_time), "Description": self.html_description, "Requested By": "\n".join(user_data), + "Creation Time": str(self.request_time), "Status": status_badge, } @@ -570,11 +570,14 @@ def approve( ) if message and metadata and metadata.show_warnings and not disable_warnings: prompt_warning_message(message=message, confirm=True) + msg = ( + "Approving request ", + f"on change {self.code.service_func_name} " if is_code_request else "", + f"for domain {api.node_name}", + ) - print(f"Approving request for domain {api.node_name}") + print("".join(msg)) res = api.services.request.apply(self.id, **kwargs) - # if isinstance(res, SyftSuccess): - return res def deny(self, reason: str) -> SyftSuccess | SyftError: @@ -1220,18 +1223,19 @@ def nested_repr(self, node: Any | None = None, level: int = 0) -> str: def __repr_syft_nested__(self) -> str: msg = ( - f"Request to change {self.code.service_func_name} " - f"(Pool Id: {self.code.worker_pool_name}) " + f"Request to change {self.code.service_func_name} " + f"(Pool Id: {self.code.worker_pool_name}) " ) - msg += "to permission RequestStatus.APPROVED." - if self.nested_solved: - if self.link.nested_codes == {}: # type: ignore - msg += "No nested requests." - else: + msg += "to permission RequestStatus.APPROVED." + if self.code.nested_codes is None or self.code.nested_codes == {}: # type: ignore + msg += " No nested requests" + else: + if self.nested_solved: + # else: msg += "

This change requests the following nested functions calls:
" msg += self.nested_repr() - else: - msg += "Nested Requests not resolved." + else: + msg += " Nested Requests not resolved" return msg def _repr_markdown_(self, wrap_as_python: bool = True, indent: int = 0) -> str: diff --git a/packages/syft/src/syft/service/sync/diff_state.py b/packages/syft/src/syft/service/sync/diff_state.py index 014e33f5bc8..cde79262c24 100644 --- a/packages/syft/src/syft/service/sync/diff_state.py +++ b/packages/syft/src/syft/service/sync/diff_state.py @@ -45,6 +45,7 @@ from ..code.user_code import UserCode from ..code.user_code import UserCodeStatusCollection from ..job.job_stash import Job +from ..job.job_stash import JobType from ..log.log import SyftLog from ..output.output_service import ExecutionOutput from ..request.request import Request @@ -1288,7 +1289,12 @@ def hierarchies( # TODO: Figure out nested user codes, do we even need that? root_ids.append(diff.object_id) # type: ignore - elif isinstance(diff_obj, Job) and diff_obj.parent_job_id is None: # type: ignore + elif ( + isinstance(diff_obj, Job) # type: ignore + and diff_obj.parent_job_id is None + # ignore Job objects created by TwinAPIEndpoint + and diff_obj.job_type != JobType.TWINAPIJOB + ): root_ids.append(diff.object_id) # type: ignore for root_uid in root_ids: diff --git a/packages/syft/src/syft/store/blob_storage/seaweedfs.py b/packages/syft/src/syft/store/blob_storage/seaweedfs.py index e31adc18b7d..1d88fedda37 100644 --- a/packages/syft/src/syft/store/blob_storage/seaweedfs.py +++ b/packages/syft/src/syft/store/blob_storage/seaweedfs.py @@ -80,6 +80,7 @@ def write(self, data: BytesIO) -> SyftSuccess | SyftError: with tqdm( total=total_iterations, desc=f"Uploading progress", # noqa + colour="green", ) as pbar: for part_no, url in enumerate( self.urls, diff --git a/packages/syft/src/syft/types/syft_object.py b/packages/syft/src/syft/types/syft_object.py index a290e4ff080..3ec9c073165 100644 --- a/packages/syft/src/syft/types/syft_object.py +++ b/packages/syft/src/syft/types/syft_object.py @@ -61,6 +61,7 @@ SYFT_OBJECT_VERSION_3 = 3 SYFT_OBJECT_VERSION_4 = 4 SYFT_OBJECT_VERSION_5 = 5 +SYFT_OBJECT_VERSION_6 = 6 supported_object_versions = [ SYFT_OBJECT_VERSION_1, @@ -68,6 +69,7 @@ SYFT_OBJECT_VERSION_3, SYFT_OBJECT_VERSION_4, SYFT_OBJECT_VERSION_5, + SYFT_OBJECT_VERSION_6, ] HIGHEST_SYFT_OBJECT_VERSION = max(supported_object_versions) diff --git a/packages/syft/src/syft/util/notebook_ui/components/tabulator_template.py b/packages/syft/src/syft/util/notebook_ui/components/tabulator_template.py index f716ba9fb52..60ba8da4915 100644 --- a/packages/syft/src/syft/util/notebook_ui/components/tabulator_template.py +++ b/packages/syft/src/syft/util/notebook_ui/components/tabulator_template.py @@ -100,7 +100,7 @@ def build_tabulator_table(obj: Any) -> str | None: table_template = env.get_template("table.jinja2") tabulator_js = load_js("tabulator.min.js") - tabulator_css = load_css("tabulator_materialize.min.css") + tabulator_css = load_css("tabulator_pysyft.min.css") js = load_js("table.js") css = load_css("style.css") diff --git a/packages/syft/src/syft/util/notebook_ui/styles.py b/packages/syft/src/syft/util/notebook_ui/styles.py index b1e54ca986d..a250c20a7dc 100644 --- a/packages/syft/src/syft/util/notebook_ui/styles.py +++ b/packages/syft/src/syft/util/notebook_ui/styles.py @@ -12,7 +12,6 @@ JS_DOWNLOAD_FONTS = f"""