Merge pull request #130 from mozilla-mobile/rpapa-llm-cloudrun

llm-cloudrun poc

Author: AaronMT

.github/workflows/llm-cloud-run.yml

@@ -0,0 +1,62 @@
+name: Manual POC run (pull artifacts from GCS)
+
+on:
+  workflow_dispatch:
+    inputs:
+      use_prod_service_url:
+        description: "Call the Cloud Run service after downloading artifacts?"
+        required: false
+        type: boolean
+        default: false
+
+permissions:
+  contents: read
+
+env:
+  # ---- Update these if needed ----
+  GCP_PROJECT_ID: moz-testops-tools 
+  SERVICE_URL: https://llm-tool-620861480696.us-central1.run.app
+  # GCS object URIs you shared:
+  CRASH_URI: gs://testops-llm-artifacts/crashes/minidumps/examples/crash_example.txt
+  ANR_URI:   gs://testops-llm-artifacts/anr/examples/anr_example.txt
+  LOCAL_ARTIFACT_DIR: artifacts
+
+jobs:
+  manual-run:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      # Auth via JSON key (what you asked for)
+      - name: Authenticate to Google Cloud (JSON key)
+        uses: google-github-actions/auth@v2
+        with:
+          credentials_json: ${{ secrets.GCP_SA_VERTEX_AI }}
+
+      - name: Setup gcloud
+        uses: google-github-actions/setup-gcloud@v2
+        with:
+          project_id: ${{ env.GCP_PROJECT_ID }}
+
+      - name: Set gcloud project (quiet)
+        run: |
+          gcloud --quiet config set project "$GCP_PROJECT_ID"
+
+      - name: Download artifacts from GCS
+        run: |
+          mkdir -p "${LOCAL_ARTIFACT_DIR}"
+          gcloud storage cp "${CRASH_URI}" "${LOCAL_ARTIFACT_DIR}/crash_example.txt"
+          gcloud storage cp "${ANR_URI}"   "${LOCAL_ARTIFACT_DIR}/anr_example.txt"
+          echo "Downloaded files:"
+          ls -la "${LOCAL_ARTIFACT_DIR}"
+
+      # Optional: call your private Cloud Run service (only if you toggle the input)
+      - name: (Optional) Invoke secured Cloud Run service
+        if: ${{ inputs.use_prod_service_url == true }}
+        run: |
+          # Fetch an ID token for the SERVICE_URL audience and call the service
+          TOKEN="$(gcloud auth print-identity-token --audiences="${SERVICE_URL}")"
+          curl -i -H "Authorization: Bearer ${TOKEN}" "${SERVICE_URL}" || true
+

.gitignore

@@ -1,7 +1,18 @@
 node_modules
 android-performance/node_modules
 actions-runner
+
+# Ignore editor and cache files
+.DS_Store
+*.pyc
+__pycache__
+*.sw?
+.*.sw?
+4913
+
+Dockerfile.*
+docker-compose.*
+
 backup-tools/*.csv
 backup-tools/backup*.json
-backup-tools/__pychache__/
-*.pyc
+backup-tools/__pycache__/

llm-cloud-run/.dockerignore

@@ -0,0 +1,7 @@
+# Vim artifacts
+*.sw?
+.*.sw?
+*~ 
+4913
+
+.DS_Store

llm-cloud-run/Dockerfile

@@ -0,0 +1,11 @@
+FROM python:3.10-slim
+
+WORKDIR /app
+
+RUN pip install fastapi uvicorn google-cloud-aiplatform vertexai
+
+COPY main.py .
+
+EXPOSE 8080
+
+CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "8080"]

llm-cloud-run/README_DEPLOY.md

@@ -0,0 +1,12 @@
+1. Enable required services:
+   gcloud services enable run.googleapis.com aiplatform.googleapis.com
+
+2. Submit your container image:
+   gcloud builds submit --tag gcr.io/YOUR_PROJECT_ID/llm-runner
+
+3. Deploy to Cloud Run:
+   gcloud run deploy llm-runner \
+     --image gcr.io/YOUR_PROJECT_ID/llm-runner \
+     --platform managed \
+     --region us-central1 \
+     --allow-unauthenticated

llm-cloud-run/llm-cloud-run.yml.txt

@@ -0,0 +1,28 @@
+name: Postprocess with LLM
+
+on:
+  workflow_dispatch:
+
+jobs:
+  postprocess-with-llm:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Set up GCP credentials
+        run: echo "${{ secrets.GCP_CREDENTIALS }}" > key.json
+
+      - name: Authenticate and call Cloud Run
+        run: |
+          gcloud auth activate-service-account --key-file=key.json
+          gcloud config set project YOUR_PROJECT_ID
+          TOKEN=$(gcloud auth print-access-token)
+
+          PROMPT=$(cat path/to/prompt.txt | jq -Rs .)
+          CONTENT=$(cat path/to/artifact.txt | jq -Rs .)
+
+          RESPONSE=$(curl -s -X POST https://llm-runner-abcdef-uc.a.run.app/ \
+            -H "Authorization: Bearer $TOKEN" \
+            -H "Content-Type: application/json" \
+            -d "{\"prompt\": $PROMPT, \"content\": $CONTENT}")
+
+          echo "LLM response:"
+          echo "$RESPONSE"

llm-cloud-run/main.py

@@ -0,0 +1,26 @@
+from fastapi import FastAPI
+from pydantic import BaseModel
+from vertexai.preview.generative_models import GenerativeModel
+import vertexai
+import os
+
+app = FastAPI()
+
+vertexai.init(project=os.getenv("GCP_PROJECT"), location="us-central1")
+
+class LLMRequest(BaseModel):
+    prompt: str
+    content: str
+
+@app.post("/")
+async def analyze(request: LLMRequest):
+    full_prompt = f"{request.prompt.strip()}\n\n{request.content.strip()}"
+    model = GenerativeModel("gemini-1.5-pro")
+    response = model.generate_content(
+        full_prompt,
+        generation_config={
+            "temperature": 0.3,
+            "max_output_tokens": 1024
+        }
+    )
+    return {"output": response.text}

llm-cloud-run/requirements.txt

@@ -0,0 +1,5 @@
+fastapi
+uvicorn[standard]
+google-cloud-aiplatform
+google-cloud-storage
+pydantic