EscrowAICI 0.1.9

Expose Escrow AI workflows to CICD pipelines

Copyright 2024 BeeKeeperAI(R)

EscrowAI Github SDK

The github sdk is a cli tool that enables algorithm upload on escrow ai from github workflows

installation

The sdk is available as a Pypi package and can be installed using

pip install EscrowAICI

Prerequisites and dependencies

To use the sdk, generate a private public key pair using openssl

# generate a private key with the correct length
openssl genrsa -out private-key.pem 3072

# generate corresponding public key
openssl rsa -in private-key.pem -pubout -out public-key.pem

setup your github repository secrets settings using

• BEEKEEPER_PROJECT_ID
• BEEKEEPER_ORGANIZATION_ID
• PROJECT_PRIVATE_KEY: Private key generated in earlier step
• CONTENT_ENCRYPTION_KEY

Usage

Basic stucture

$ escrowai -h
usage: escrowai [-h] [--algorithm_type ALGORITHM_TYPE] [--key KEY] folder

Encrypt files and package them into a zip archive.

positional arguments:
  folder                The folder path containing the files to encrypt

optional arguments:
  -h, --help            show this help message and exit
  --algorithm_type ALGORITHM_TYPE
                        Algorithm type can be either validation or training
  --key KEY             The encryption key (base64 encoded)

arguments

Here is a sample github workflow showing how to use the sdk

name: Encrypt and Upload on Push

on:
  push:
    branches:
      - testing

jobs:
  encrypt_and_upload:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout Repository
        uses: actions/checkout@v3

      - name: Set up Python
        uses: actions/setup-python@v4
        with:
          python-version: '3.x'

      - name: Install Dependencies
        run: |
          python -m pip install --upgrade pip
          pip install cryptography pyyaml azure-storage-blob auth0-python python-dateutil sseclient
          pip install EscrowAICI

      - name: Encrypt Files and Upload
        env:
          CONTENT_ENCRYPTION_KEY: ${{ secrets.SECRET_KEY_BASE64 }}
          AZURE_STORAGE_URL: ${{ secrets.AZURE_STORAGE_URL }}
          BEEKEEPER_PROJECT_ID: ${{ secrets.BEEKEEPER_PROJECT_ID }}
          BEEKEEPER_ORGANIZATION_ID: ${{ secrets.BEEKEEPER_ORGANIZATION_ID }}
          PROJECT_PRIVATE_KEY: ${{ secrets.PROJECT_PRIVATE_KEY }}
        run: |
          repo_name="${GITHUB_REPOSITORY##*/}"
          folder_path="files/$repo_name"
          zip_file="files/${repo_name}.zip"
          mkdir -p $folder_path
          # Assuming you need to copy or prepare files in this directory
          rsync -av --exclude='.git' --exclude='files' . ${folder_path}
          
          escrowai ${folder_path}

      - name: Clean up
        run: |
          rm -rf files/

There is also a helper script installed for interacting with report artifacts if your run produces those

Before use ensure to export the environment variables below

BEEKEEPER_PROJECT_ID
BEEKEEPER_ORGANIZATION_ID
BEEKEEOER_USER
CONTENT_ENCRYPTION_KEY # base64 encoded
PROJECT_PRIVATE_KEY # base64 encoded

The command below will get give you the basic usage

$ escrowai-reports --help
usage: escrowai-reports [-h] [--auth-key AUTH_KEY] [--project-id PROJECT_ID] [--organization-id ORGANIZATION_ID] [--environment ENVIRONMENT] [--user USER]
                        {find-run-config,list-run-configs,list-runs,list-artifacts,download-artifact,bulk-download} ...

Helper CLI for EscrowAI run configurations, runs, and report artifacts.

Basic usage is in the form escrowai-reports --env <targetenv> command args

positional arguments:
  {find-run-config,list-run-configs,list-runs,list-artifacts,download-artifact,bulk-download}
    find-run-config     Locate a run configuration id by algo/dataset version tags.
    list-run-configs    List run configurations for a project.
    list-runs           List runs tied to a run configuration.
    list-artifacts      List report artifacts for a run or report.
    download-artifact   Download a single report artifact via SAS token.
    bulk-download       Request zipped report artifacts and download them when ready.

options:
  -h, --help            show this help message and exit
  --auth-key AUTH_KEY   Base64-encoded private key (defaults to env PROJECT_PRIVATE_KEY).
  --project-id PROJECT_ID
                        EscrowAI project id (defaults to env BEEKEEPER_PROJECT_ID).
  --organization-id ORGANIZATION_ID
                        Organization id (defaults to env BEEKEEPER_ORGANIZATION_ID).
  --environment ENVIRONMENT
                        EscrowAI environment slug such as dev, tst, stg, or prod (default: prod).
  --user USER           Optional EscrowAI username (defaults to env BEEKEEPER_USER).