Skip to content
/ Bailo Public

Managing the lifecycle of machine learning to support scalability, impact, collaboration, compliance and sharing.

License

Notifications You must be signed in to change notification settings

gchq/Bailo

Repository files navigation

Contributors Forks Stargazers Issues License

NOTE: main branch now tracks v2 by default. To access the original Bailo, see the v1 branch. v1 is in the process of being removed from this project, see migration for more information.


Making it easy to compliantly manage the machine learning lifecycle
Explore the docs »

Report a Bug · Request a Feature

Table of Contents
  1. About The Project
  2. Getting Started
  3. Usage
  4. Contributing
  5. Breaking Changes
  6. License
  7. Acknowledgments

About The Project

Product Screen Shot

Bailo helps you manage the lifecycle of machine learning to support scalability, impact, collaboration, compliance and sharing.

Built With


Getting Started

Requirements:

  • Node v22
  • Docker / Docker Compose

Installation:

To run in standalone mode, not development mode (http://localhost:8080). Not for production use:

docker build -t "bailo:standalone" -f ./Dockerfile.standalone .
docker run --name bailo -p 8080:8080 -d bailo:standalone

To run in development mode (modified files on your host machine will be reloaded into the running application):

git clone https://github.com/gchq/Bailo.git && cd Bailo
npm install
npm run certs

# This builds all the Bailo images, rerun it when you update dependencies.
docker compose build --parallel

# Then run the development instance of Bailo.
docker compose up -d

On first run, it may take a while (up to 30 seconds) to start up. It needs to build several hundred TypeScript modules. These are cached however, so future starts only require a few seconds. You should access the site via localhost:8080.

The registry requires a JWKS file for the token authentication with the backend application. For development, a JWKS file is generated by running npm run certs. For production, the script generateJWKS.ts can be used to generate a JWKS file for the public key referenced in the backend application configuration.


Service Ports:

Service Host Notes
Next UI 3000 Stored in frontend
NodeJS App 3001 Stored in backend
Mongo 27017 No credentials
Registry 5000 HTTPS only, no UI
Minio UI 9001 minioadmin:minioadmin
Minio 9000 minioadmin:minioadmin
MailCrab 1080 Fake email server

** Note: these credentials are intentionally basic/default, but in your own instances we recommend changing them to something more secure.

We expect the administrator to provide their own forms of authentication. By default all users authenticate using as 'user'.

You can test out your new deployment using the example models which can be found in frontend/cypress/fixtures minimal_binary.zip and minimal_code.zip. There are also example forms in the scripts folder minimal_model_schema.json, minimal_data_card_schema.json and minimal_access_request_schema.json.


Logical Project Flow (Overview)

bailo diagram

  1. A user accesses a URL. We use NextJS routing to point it to a file in frontend/pages. [xxx].tsx files accept any route, xxx.tsx files allow only that specific route.
  2. Data is loaded using SWR. Data loaders are stored in ./frontend/data. Each one exposes variables to specify if it is loading, errored, data, etc.
  3. Requests to the backend get routed through express within backend/routes.ts. Each route is an array with all items being middleware except the last, which is the handler ([...middleware, handler]).
  4. Routes interact with the database via mongoose, which stores models in ./backend/models.

Known Issues

Issue: Sometimes Docker struggles when you add a new dependency.

Fix: Run docker compose down --rmi all followed by docker compose up --build.

Issue: Sometimes SWR fails to install its own binary and the project will refuse to start up (development only)

Fix: Run npm uninstall next && npm install next. Some users report still having issues. If so, run: rm -rf node_modules && rm -rf package-lock.json && npm cache clean -f && npm i.

Issue: Unable to authenticate to the Docker registry / compile binaries.

Fix: Make sure that your authentication proxy is setup to allow the 'Authorisation' header. Make sure that your application is able to access the Docker registry internally as it will not provide user authentication.


Usage

See our user documentation


Contributing

See our contribution guide


Breaking Changes

28-04-2022: Changed 'schema' model to be stored as a string instead of an object. Delete & recreate your schemas.


License

Bailo is released under the Apache 2.0 Licence and is covered by Crown Copyright. See LICENSE.txt for more information.


Acknowledgments