Skip to content

2024

Env vars in Github Actions

UPDATE: I made some false conclusions that I correct at the very bottom of this post.

I often use GitHub actions to automate tests, builds, and deployments. Naturally, I often have to deal with configuration values that I don't want to hardcode.

While there exists the option to provide inputs and outputs for Workflows and Actions, it is often cumbersome to pass these values around, especially if that needs to be very often. I had the idea to export some of my input variables to environment variables, so I don't have to re-define them everywhere I go.

In this post, I'll describe a Github Actions workflow together with a custom action that demonstrate how env variables are propagated and where we can use them. What I want to find out is:

  • if and how the environment variables are propagated from a workflow to the inside of an action
  • how I have to access the environment variables inside the action
  • can I use environment variables as default values for action parameters?

The workflow

First, I'll describe the sample workflow.

Inside the workflow, there are two environment variables set. Both will be used inside the action later.

I will also use the action twice, once without any parameters set (to see if the default value can be defined via an env variable) and then by simply overriding it (which actually is a no-brainer that this WILL override any default value, but just to be sure).

on:
  push:

name: Test Workflow
env:
  MY_ENV_1: "my env 1 is set"
  INPUT_DEFAULT_ENV: "input default env is set"

jobs:
  test_job:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout...
        uses: actions/checkout@v4
      - name: run the test action without set parameters
        uses: ./.github/actions/test_action
      - name: run the test action with explicit parameters
        uses: ./.github/actions/test_action
        with:
          input_with_default_env: "overriding the default env"

The action

name: Env var inheritance test
author: Thomas Niebler
inputs:
  input_with_default_env:
    description: "an input variable that has an environment value as default value"
    required: false
    default: $INPUT_DEFAULT_ENV
runs:
  using: composite
  steps:
    - name: Look at the env
      run: |
        echo ${{ env.MY_ENV_1 }}
        echo $MY_ENV_1
        echo input default env: ${{ inputs.input_with_default_env }}
        echo input default env was: $INPUT_DEFAULT_ENV
      shell: bash

The results

step 1

my env 1 is set
my env 1 is set
input default env: input default env is set
input default env was: input default env is set

step 2

my env 1 is set
my env 1 is set
input default env: overriding the default env
input default env was: input default env is set

Conclusion

We can see that the env variables are propagated from the workflow to the action. They can naturally be accessed via ${{ env.VAR_NAME }} or $VAR_NAME.

However, more interesting for me is that I can set default values for action parameters using environment variables from outside the action. For example, I could set a default value for a parameter that is used in multiple actions or workflows, but each time depending on the workflow.

UPDATE: Some false conclusions and their corrections

A few days later, I found out that I drew some false conclusions from the outputs given above.

Concretely, the default value for the input_with_default_env parameter is not set via the environment variable. In fact, it sets the string $INPUT_DEFAULT_ENV as the default value, but does not replace it with the value of the environment variable. However, in the very simple experiment setup that I did, this value is being entered into a bash environment. In detail, the replacement steps work as follows:

  1. The Github action sees that it should run the text

bash echo input default env: ${{ inputs.input_with_default_env }}

in a bash shell. The important thing here is that GitHub actions indeed sees the bash command above as pure text. The only thing it cares about is to replace the ${{ inputs.input_with_default_env }} with the default value defined in the Action's header. This is the string $INPUT_DEFAULT_ENV. So the first step of the Action is to replace the placeholder with the default value, resulting in:

bash echo input default env: $INPUT_DEFAULT_ENV

  1. In the second step, this command with the replaced default value is being executed in a bash shell. Now, this is still a string for the Action, but the bash shell sees the $INPUT_DEFAULT_ENV and replaces it with the value of the environment variable, because it knows that this is an environment variable. This is why the output of the action is input default env: input default env is set.

So, in fact, it is not DIRECTLY possible to propagate environment variables into Actions like this. Still, we can use env variables not as default parameters, but via the ${{ env.VAR_NAME }} syntax.

Container Apps in Azure Cloud - Why and How

Introduction

Containerization has become a popular approach for deploying and managing applications in the cloud. Azure Cloud provides a robust platform for running containerized applications, offering numerous benefits such as scalability, portability, and ease of management.

In this blog post, we will explore the reasons why container apps are a great fit for Azure Cloud and discuss how to leverage Azure services to deploy and manage containerized applications effectively.

Why Container Apps in Azure Cloud?

  1. Scalability: Azure Cloud provides auto-scaling capabilities, allowing container apps to handle varying workloads efficiently. With features like Azure Kubernetes Service (AKS), you can easily scale your containerized applications based on demand.

  2. Portability: Containers offer a consistent runtime environment, making it easier to deploy applications across different environments. Azure Container Registry (ACR) enables you to store and manage container images, ensuring seamless deployment across Azure Cloud.

  3. Isolation and Security: Containers provide isolation between applications, enhancing security and reducing the risk of dependencies conflicts. Azure Container Instances (ACI) and Azure Kubernetes Service (AKS) offer built-in security features, ensuring the safety of your containerized applications.

How to Deploy Container Apps in Azure Cloud

  1. Containerization: Start by containerizing your application using technologies like Docker. Docker allows you to package your application and its dependencies into a single container image.

  2. Azure Container Registry: Push your container image to Azure Container Registry (ACR). ACR provides a secure and private repository for storing container images.

  3. Azure Kubernetes Service: Use Azure Kubernetes Service (AKS) to deploy and manage your containerized applications at scale. AKS simplifies the management of containerized workloads, providing features like automatic scaling, load balancing, and self-healing.

  4. Azure Container Instances: For smaller workloads or quick deployments, you can use Azure Container Instances (ACI). ACI allows you to run containers without managing the underlying infrastructure, making it ideal for lightweight applications.

Conclusion

Container apps in Azure Cloud offer a powerful and flexible solution for deploying and managing applications. With Azure's comprehensive set of services, you can easily leverage the benefits of containerization and build scalable, portable, and secure applications.

Stay tuned for more in-depth articles on specific Azure services and best practices for container apps in the Azure Cloud.


Retrieval-Augmented Generation: A Deep Dive

Retrieval-Augmented Generation (RAG) is a powerful technique that combines the best of retrieval-based and generative methods for machine learning models. It's particularly useful in the field of Natural Language Processing (NLP), where it can be used to create more sophisticated and context-aware AI models.

What is Retrieval-Augmented Generation?

RAG is a method that leverages the strengths of both retrieval-based and generative models. It uses a retriever to fetch relevant documents from a large corpus and then uses a generator to create a response based on the retrieved documents.

How does RAG work?

RAG operates in two main steps: retrieval and generation.

Retrieval

In the retrieval step, the model receives an input (such as a question) and uses a retriever to fetch relevant documents from a large corpus. The retriever is typically a dense vector model, such as Dense Passage Retrieval (DPR), which represents both the input and the documents in the corpus as vectors in a high-dimensional space. The retriever then selects the documents that are closest to the input in this space.

Generation

In the generation step, the model uses a generator to create a response based on the retrieved documents. The generator is typically a sequence-to-sequence model, such as BART or T5, which can generate a coherent and contextually appropriate response.

The key innovation of RAG is that it performs the retrieval and generation steps jointly. This means that the model can adjust its retrieval based on the generation, and vice versa. This allows the model to create more accurate and contextually appropriate responses.

Why is RAG important?

RAG is important because it combines the strengths of retrieval-based and generative models. Retrieval-based models are good at fetching relevant information from a large corpus, but they can struggle to generate coherent and contextually appropriate responses. Generative models, on the other hand, are good at generating responses, but they can struggle to incorporate relevant information from a large corpus.

By combining these two approaches, RAG can create models that are both contextually aware and capable of generating coherent responses. This makes RAG a powerful tool for tasks such as question answering, dialogue systems, and other NLP applications.

Conclusion

Retrieval-Augmented Generation is a powerful technique that combines the strengths of retrieval-based and generative models. By performing retrieval and generation jointly, RAG can create more accurate and contextually appropriate responses. This makes it a valuable tool for a wide range of NLP applications.

Comparative Analysis of AWS API Gateway and FastAPI

When it comes to building and managing APIs, developers have a plethora of options to choose from. In this article, we will compare two popular choices: AWS API Gateway and FastAPI.

AWS API Gateway

AWS API Gateway is a fully managed service that makes it easy to create, deploy, and manage APIs at any scale. It provides features like authentication, authorization, caching, and monitoring out of the box. With AWS API Gateway, you can build RESTful APIs, WebSocket APIs, and HTTP APIs.

Some key features of AWS API Gateway include:

  • Easy integration with other AWS services like Lambda, DynamoDB, and S3.
  • Support for API versioning and stage management.
  • Fine-grained access control using IAM roles and policies.
  • Built-in request and response transformations.
  • Detailed monitoring and logging capabilities.

FastAPI

FastAPI is a modern, fast (high-performance), web framework for building APIs with Python 3.7+ based on standard Python type hints. It is designed to be easy to use and highly efficient. FastAPI leverages the power of asynchronous programming to provide high-performance APIs.

Some key features of FastAPI include:

  • Automatic generation of interactive API documentation with Swagger UI and ReDoc.
  • Fast request and response serialization using Pydantic models.
  • Support for asynchronous request handlers using async/await syntax.
  • Built-in support for OAuth2 authentication and JWT tokens.
  • Integration with popular databases like SQLAlchemy and Tortoise ORM.

Comparative Analysis

Now let's compare AWS API Gateway and FastAPI based on various factors:

  1. Ease of Use: AWS API Gateway provides a user-friendly interface and seamless integration with other AWS services. FastAPI, on the other hand, offers a simple and intuitive API design with automatic documentation generation.

  2. Performance: FastAPI is known for its high-performance capabilities due to its asynchronous nature. AWS API Gateway also offers good performance, but it may introduce some latency due to its managed nature.

  3. Scalability: AWS API Gateway is a fully managed service that can scale automatically based on the incoming traffic. FastAPI can also scale horizontally by deploying multiple instances behind a load balancer.

  4. Flexibility: FastAPI provides more flexibility in terms of customization and control over the API implementation. AWS API Gateway, being a managed service, has some limitations in terms of customization.

  5. Cost: AWS API Gateway pricing is based on the number of API calls, data transfer, and additional features used. FastAPI, being an open-source framework, has no direct cost associated with it.

In conclusion, both AWS API Gateway and FastAPI are powerful tools for building APIs, but they cater to different use cases. AWS API Gateway is a fully managed service suitable for large-scale deployments with seamless integration with other AWS services. FastAPI, on the other hand, is a lightweight and high-performance framework that provides flexibility and control over the API implementation.

When choosing between the two, consider factors such as ease of use, performance requirements, scalability needs, flexibility, and cost. Ultimately, the choice depends on your specific project requirements and preferences.

Incorporating Domain Knowledge into LLMs

Lately, I have been working with LLMs (who has not?). Obviously, LLMs are quite nice for a variety of tasks, especially those that are concerned with communication with humans. One then quickly arrives at a point where highly specific domain knowledge has to be incorporated into the communication process, since this knowledge is usually lacking from generalized text corpora that LLMs are usually trained on. In this article, we'll explore some methods to bridge that gap and make LLMs more knowledgeable in specific domains.

1. Pre-training with Domain-Specific Data

One way to incorporate domain knowledge into LLMs is by pre-training them with domain-specific data. By exposing the model to a large corpus of text from the target domain, it can learn the specific vocabulary, grammar, and nuances of that domain. This helps the model generate more accurate and contextually relevant text in that domain.

However, this needs a large corpus of domain-specific knowledge, which is rarely available in a sufficient size.

2. Fine-tuning on Domain-Specific Tasks

Another approach is to fine-tune the pre-trained LLM on domain-specific tasks. By training the model on specific tasks related to the target domain, such as sentiment analysis or named entity recognition, it can learn to understand and generate text that aligns with the requirements of those tasks. This fine-tuning process helps the model acquire domain-specific knowledge and improve its performance in that domain.

Still, this doesn't help much with incorporating actual knowledge into the LLM.

3. Incorporating External Knowledge Sources

LLMs can also benefit from incorporating external knowledge sources. This can be done by integrating domain-specific knowledge bases, ontologies, or even expert-curated datasets into the model. By leveraging this external knowledge, the model can generate more accurate and informed text that aligns with the domain's concepts, facts, and context.

While this a very promising approach, we still lack large domain-specific knowledge bases, as specialized knowledge is mostly in people's heads (and let's be honest, also guts) instead of a formalized knowledge base.

4. Human-in-the-Loop Approach

In some cases, incorporating domain knowledge into LLMs may require a human-in-the-loop approach. This involves having domain experts review and provide feedback on the generated text. By iteratively refining the model based on human feedback, the LLM can gradually improve its understanding and generation capabilities in the specific domain.

5. Retrieval-Augmented Generation (RAG)

Retrieval-Augmented Generation (RAG) is another approach to incorporate domain knowledge into Language Learning Models (LLMs). RAG combines the benefits of pre-trained transformers and information retrieval systems.

In the RAG approach, when a query is given, the model retrieves relevant documents from a knowledge source and then uses this information to generate a response. This allows the model to pull in external, domain-specific knowledge when generating text. The advantage of RAG is that it can leverage vast amounts of information without needing to have all of it in its training data. This makes it particularly useful for tasks where the required knowledge may not be present in the pre-training corpus.

However, the effectiveness of RAG depends on the quality and relevance of the retrieved documents. Therefore, it's crucial to have a well-structured and comprehensive knowledge source for the retrieval process.

Conclusion

In conclusion, incorporating domain knowledge into LLMs is crucial for making them more effective and reliable in specific domains. Whether it's through pre-training, fine-tuning, leveraging external knowledge sources, or involving human experts, these methods help LLMs become more knowledgeable and contextually aware. By bridging the gap between general language understanding and domain-specific expertise, we can unlock the full potential of LLMs in various applications.

Rebuilding my page

The time has come to revive my page and this blog. Why not start with rebuilding the whole thing?

Why?

Because I felt that the custom-built solution I had before was too hacky to maintain. Also, I discovered mkdocs, mkdocs-material and its nice blog feature (see https://squidfunk.github.io/mkdocs-material/)

Since I wasn't that much interested in running a Python-based service anymore and even preferred some kind of static page, using mkdocs was the obvious solution. Besides, I wanted to tinker around a bit.

What?

mkdocs is actually a tool to - you guessed it - create some kind of HTML documentation from a large pile of Markdown files. Using some plugins, you can extend its basic webpage design and behaviour. For example, mkdocs-material not only provides a nice look and feel to the blog, it also has an out-of-the-box blog plugin. You can see the result here.

Where?

I also moved the whole thing to GitHub (yes, from GitLab - I'm just not using GitLab so much anymore), so the CI pipeline will run on GitHub actions. I didn't feel like using GitHub pages yet.