π¦ feat(inspect): Add docker build #3136
Conversation
Mainly based on the UI files and architecture from [Geti Tune](https://github.com/open-edge-platform/training_extensions/tree/develop/ui)
* initial backend commit Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * app -> src Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * Remove empty file Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * move code Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * fix style backend Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * rename media endpoint Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> --------- Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com>
β¦#2942) add unit tests for endpoints Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com>
These won't be needed yet
β¦tform#2948) * Use src folder inside run.sh * Set openapi_url path * Update to react 19 * Specify bash language in readme
β¦edge-platform#2945) * add training + inference endpoint Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * remove model api Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * cleanup code Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * update async execution Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * improve training worker loop and predict endpoint Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * fix style Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * fix style to use python3.10 generics Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * add tests for services Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * style fix Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * style fix Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * style fix Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * style fix Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * style fix Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> --------- Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com>
β¦edge-platform#2961) * Add github actions for ui and server of geti inspect * Exclude UI from pre-commit prettier configuration The UI uses a different prettier configuration that does not seem to be picked up by pre-commit. * Add newline to .prettierignore * Apply prettier to `geti-inspect.yaml` * Generate OpenAPI spec before running UI checks * Checkout with lfs * Fix lint issues by removing wip components * Try installing git lfs in the playwright docker image * Fix unused noqa
β¦edge-platform#2963) * Add OpenAPI route * Remove MSW browser worker * Rename infernece to inspect * Update navbar title * Rename infernece to inspect
* rename models/ to pydantic_models/ Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * switch to use async session context manager Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * fix unit tests Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * add pipeline endpoints Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * fix frame aquisition worker and rename pipiline endpoints Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * add sources and sinks endpoints Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * stream loading working Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * add webrtc endpoints Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * fix workers: stream loading + inference + dispatcher Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * fix sinks Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * style Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * add unit tests and address comments Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * add tests Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * fix example schema Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * add todo Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> --------- Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com>
β¦2970) * chore: Add path alias to icons * feat: Add sidebar with dataset, models and stats
* feat: Display placeholders for images * refactor: Fix scrollbar * chore: Remove learn more
* chore(inspect): Update UI scripts * chore: Update github actions * chore: Update port to 8000
β¦en-edge-platform#2978) chore(inspect): Configure project(s) mocks for playwright
* chore: Add project route * feat: Add project management * revert ui lock change * chore: Remove not needed code for project management
β¦ts from the UI (open-edge-platform#2980) chore(inspect): Update allowed origins
β¦ training progress (open-edge-platform#2984) * feat: Allow user to upload images * feat: List uploaded images * chore: Extract components to separate files and add ready to train and training progress * chore: comment thumbnail url generation
chore(inspect): Update openapi page title
β¦en-edge-platform#2989) * chore(inspect): Renamed app to application * chore(inspect): Rename app to application in github actions
β¦of email (open-edge-platform#2990) refactor: Update photo placeholder to use indicator instead of email
β¦dge-platform#2991) Improve error and suspense handling in router By moving all of the routes into a single root route we can make sure that all routes are rendered inside of an layout that has a suspense and error boundary.
Signed-off-by: Ashwin Vaidya <ashwin.vaidya@intel.com>
β¦open-edge-platform#2992) refactor: Improvements to the jobs management and training
β¦platform#2994) chore(inspect): Add more models
π fix(inspect): Fix unable to start train job
chore(inspect): Update uv.lock
* add trainable models endpoint * fix Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * add test Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * add copyright Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> --------- Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com>
β¦rm#3004) * add thumbnails endpoint Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * add tests Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * generate thumbnails as background task Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> * update docstring Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com> --------- Signed-off-by: Ma, Xiangxiang <xiangxiang.ma@intel.com>
There was a problem hiding this comment.
Pull Request Overview
This PR adds Docker build support for the Geti Inspect application, enabling containerized deployment of the CPU version. The changes prepare the application for containerization by making paths relative, adding a main entry point, and configuring the build system for proper packaging.
Key changes:
- Docker build infrastructure with multi-stage builds for UI and backend
- Application refactoring to support containerized execution
- Build system configuration using Hatchling
Reviewed Changes
Copilot reviewed 7 out of 10 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| application/backend/src/settings.py | Updates Alembic paths to be relative to module directory for container compatibility |
| application/backend/src/main.py | Extracts main logic into a callable function for package entry point |
| application/backend/pyproject.toml | Adds Hatchling build system, project scripts, and SSE dependency |
| application/.packaging/docker/nginx.conf | Adds nginx configuration for serving UI and proxying API requests |
| application/.packaging/docker/docker-compose.yml | Defines service configuration with volume mounts and device access |
| application/.packaging/docker/Dockerfile | Multi-stage build for UI compilation and Python application packaging |
| .dockerignore | Excludes unnecessary files from Docker build context |
π‘ Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Signed-off-by: Ashwin Vaidya <ashwin.vaidya@intel.com>
* feat(inspect): enhance ModelsView Signed-off-by: Dmitry Kalinin <dmitry.kalinin@intel.com> * Adjusted styling Signed-off-by: Dmitry Kalinin <dmitry.kalinin@intel.com> * Fixed comments Signed-off-by: Dmitry Kalinin <dmitry.kalinin@intel.com> * Fixed format Signed-off-by: Dmitry Kalinin <dmitry.kalinin@intel.com> --------- Signed-off-by: Dmitry Kalinin <dmitry.kalinin@intel.com>
β¦to allow all origins. Update package-lock.json with new dependencies and version upgrades for various packages. Signed-off-by: Ashwin Vaidya <ashwinnitinvaidya@gmail.com>
Signed-off-by: Ashwin Vaidya <ashwinnitinvaidya@gmail.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 7 out of 11 changed files in this pull request and generated 3 comments.
Files not reviewed (1)
- application/ui/package-lock.json: Language not supported
π‘ Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| "http://localhost:9000", | ||
| "http://127.0.0.1:9000", | ||
| ], | ||
| allow_origins=["*"], |
There was a problem hiding this comment.
Allowing all origins with allow_origins=['*'] creates a security vulnerability by permitting any domain to make requests to the API. This exposes the application to CSRF attacks. Configure specific allowed origins or use environment variables to control CORS settings in production environments.
There was a problem hiding this comment.
Signed-off-by: Ashwin Vaidya <ashwin.vaidya@intel.com>
maxxgx
force-pushed
the
feature/geti-inspect
branch
from
4567ce7 to
ea4d226
Compare
Signed-off-by: Ashwin Vaidya <ashwinnitinvaidya@gmail.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 246 out of 359 changed files in this pull request and generated no new comments.
π‘ Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Signed-off-by: Ashwin Vaidya <ashwin.vaidya@intel.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 26 out of 29 changed files in this pull request and generated 4 comments.
π‘ Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| "uvloop==0.21.0", | ||
| "loguru==0.7.3", | ||
| "trackio~=0.6.0", | ||
| "sse-starlette", |
There was a problem hiding this comment.
The dependency sse-starlette is added without a version constraint. This could lead to compatibility issues if breaking changes are introduced in future versions. Consider pinning to a specific version or version range.
| "sse-starlette", | |
| "sse-starlette~=1.6.1", |
Signed-off-by: Ashwin Vaidya <ashwin.vaidya@intel.com>
ashwinvaidya17
requested review from
MarkRedeman,
maxxgx,
rajeshgangireddy and
samet-akcay
as code owners
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 26 out of 29 changed files in this pull request and generated 2 comments.
π‘ Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| "http://localhost:9000", | ||
| "http://127.0.0.1:9000", | ||
| ], | ||
| allow_origins=["*"], |
There was a problem hiding this comment.
Changing CORS from specific origins to allow all origins (*) introduces a security risk. This allows any website to make requests to your API. Consider using environment variables to configure allowed origins for different deployment environments, or maintain the original restrictive list for production.
| rev: v2.12.0.2 | ||
| hooks: | ||
| - id: hadolint | ||
| files: ^application/\.packaging/docker/ # TODO: this will break when the Dockerfile is moved |
There was a problem hiding this comment.
The TODO comment indicates technical debt. Consider using a more flexible file pattern (e.g., Dockerfile$ or **/*Dockerfile*) that won't break if the Dockerfile is moved, or create a tracking issue for this concern rather than leaving it as an inline TODO.
| files: ^application/\.packaging/docker/ # TODO: this will break when the Dockerfile is moved | |
| files: Dockerfile$|Dockerfile\..*$ |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| # Persist logs | ||
| - backend-logs:/app/logs | ||
| ports: | ||
| - "80:80" |
Check warning
Code scanning / Semgrep OSS
Semgrep Finding: trailofbits.yaml.docker-compose.port-all-interfaces.port-all-interfaces Warning
| "http://localhost:9000", | ||
| "http://127.0.0.1:9000", | ||
| ], | ||
| allow_origins=["*"], |
Check warning
Code scanning / Semgrep OSS
Semgrep Finding: python.fastapi.security.wildcard-cors.wildcard-cors Warning
| WORKDIR /app | ||
|
|
||
| RUN --mount=type=cache,target=/home/non-root/.cache/uv,uid=10001,gid=10001 \ | ||
| uv sync --frozen --no-dev --extra cpu --extra application |
There was a problem hiding this comment.
Why run uv sync from the root anomalib folder instead of application?
Installing inspect as an extra might be useful during development but I don't see the value in production environments
6 participants
π Description
TODO
β¨ Changes
Select what type of change your PR is:
β Checklist
Before you submit your pull request, please make sure you have completed the following steps:
For more information about code review checklists, see the Code Review Checklist.