7cd86fb88a
Some checks failed
Build Pipeline / Build Binaries (push) Failing after 3m39s
Build Pipeline / Build Docker Images (push) Has been skipped
Build Pipeline / Sign HIPAA Config (push) Has been skipped
Build Pipeline / Generate SLSA Provenance (push) Has been skipped
Checkout test / test (push) Successful in 6s
CI Pipeline / Test (ubuntu-latest on self-hosted) (push) Failing after 1s
CI Pipeline / Dev Compose Smoke Test (push) Has been skipped
CI Pipeline / Security Scan (push) Has been skipped
CI Pipeline / Test Scripts (push) Has been skipped
CI Pipeline / Test Native Libraries (push) Has been skipped
CI Pipeline / Native Library Build Matrix (push) Has been skipped
Contract Tests / Spec Drift Detection (push) Failing after 11s
Contract Tests / API Contract Tests (push) Has been skipped
Deploy API Docs / Build API Documentation (push) Failing after 5s
Deploy API Docs / Deploy to GitHub Pages (push) Has been skipped
Documentation / build-and-publish (push) Failing after 40s
Test Matrix / test-native-vs-pure (cgo) (push) Failing after 14s
Test Matrix / test-native-vs-pure (native) (push) Failing after 35s
Test Matrix / test-native-vs-pure (pure) (push) Failing after 18s
CI Pipeline / Trigger Build Workflow (push) Failing after 1s
Build CLI with Embedded SQLite / build (arm64, aarch64-linux) (push) Has been cancelled
Build CLI with Embedded SQLite / build (x86_64, x86_64-linux) (push) Has been cancelled
Build CLI with Embedded SQLite / build-macos (arm64) (push) Has been cancelled
Build CLI with Embedded SQLite / build-macos (x86_64) (push) Has been cancelled
Security Scan / Security Analysis (push) Has been cancelled
Security Scan / Native Library Security (push) Has been cancelled
Verification & Maintenance / V.1 - Schema Drift Detection (push) Has been cancelled
Verification & Maintenance / V.4 - Custom Go Vet Analyzers (push) Has been cancelled
Verification & Maintenance / V.7 - Audit Chain Integrity (push) Has been cancelled
Verification & Maintenance / V.6 - Extended Security Scanning (push) Has been cancelled
Verification & Maintenance / V.10 - OpenSSF Scorecard (push) Has been cancelled
Verification & Maintenance / Verification Summary (push) Has been cancelled
- Introduce audit, plugin, and scheduler API handlers - Add spec_embed.go for OpenAPI spec embedding - Create modular build scripts (cli, go, native, cross-platform) - Add deployment cleanup and health-check utilities - New ADRs: hot reload, audit store, SSE updates, RBAC, caching, offline mode, KMS regions, tenant offboarding - Add KMS configuration schema and worker variants - Include KMS benchmark tests
64 lines
1.4 KiB
YAML
64 lines
1.4 KiB
YAML
# Standard security mode worker configuration
|
|
# Normal sandbox, network isolation
|
|
host: localhost
|
|
port: 22
|
|
user: worker-user
|
|
base_path: /var/lib/fetchml
|
|
entrypoint: train.py
|
|
|
|
# Redis configuration
|
|
redis_url: redis://redis:6379
|
|
|
|
# Standard mode - normal security
|
|
compliance_mode: standard
|
|
max_workers: 2
|
|
|
|
# Sandbox settings (standard isolation)
|
|
sandbox:
|
|
network_mode: none
|
|
seccomp_profile: default
|
|
no_new_privileges: true
|
|
allowed_secrets:
|
|
- HF_TOKEN
|
|
- WANDB_API_KEY
|
|
- AWS_ACCESS_KEY_ID
|
|
- AWS_SECRET_ACCESS_KEY
|
|
|
|
# GPU configuration
|
|
gpu_vendor: none
|
|
|
|
# Artifact handling (reasonable limits)
|
|
max_artifact_files: 1000
|
|
max_artifact_total_bytes: 536870912 # 512MB
|
|
|
|
# Provenance (enabled)
|
|
provenance_best_effort: true
|
|
|
|
# Plugin Configuration
|
|
plugins:
|
|
# Jupyter Notebook/Lab Service
|
|
jupyter:
|
|
enabled: true
|
|
image: "quay.io/jupyter/base-notebook:latest"
|
|
default_port: 8888
|
|
mode: "lab"
|
|
security:
|
|
trusted_channels:
|
|
- "conda-forge"
|
|
- "defaults"
|
|
blocked_packages:
|
|
- "requests"
|
|
- "urllib3"
|
|
require_password: true
|
|
max_gpu_per_instance: 1
|
|
max_memory_per_instance: "8Gi"
|
|
|
|
# vLLM Inference Service
|
|
vllm:
|
|
enabled: true
|
|
image: "vllm/vllm-openai:latest"
|
|
default_port: 8000
|
|
model_cache: "/models"
|
|
default_quantization: ""
|
|
max_gpu_per_instance: 1
|
|
max_model_len: 4096
|