Now, how you can use these instruments for securing the MLOPS journey.
The primary adjustment required is to leverage Artifactory as a proxy for Hugging Face fashions as a substitute of fetching them instantly. Simply configure the HuggingFace consumer accordingly.
export HF_HUB_ETAG_TIMEOUT=86400
export HF_HUB_DOWNLOAD_TIMEOUT=86400
export HF_ENDPOINT=https://Artifactory-URL/artifactory/api/huggingfaceml/repo-name
Subsequent, configure the Curation Coverage and the best approach to start is to allow the coverage “block Malicious packages” to your repository
Let’s see this in motion, I’m attempting to tug an precise malicious mannequin “Frase/tiny-bert-model-unsafe” which with out this method the customers can nonetheless pull instantly.
However with Curation within the image, issues get a bit completely different as you possibly can see under. The precise Artifactory URL has been eliminated for this demonstration.
cat unsafe.py
from huggingface_hub import snapshot_download
snapshot_download(
repo_id="Frase/tiny-bert-model-unsafe", etag_timeout=1500000000
)python unsafe.py
403 Forbidden: None.
Can not entry content material at: https://Artifactory-URL/artifactory/api/huggingfaceml/repo-name/api/fashions/Frase/tiny-bert-model-unsafe/revision/essential.
Forbidden: artifact is blocked.