This template shows the more extensive capabilities of using GitHub Actions with Azure Machine Learning managing a machine learning project with automated training and deployment. For a more simplified version of this automated pipeline, see the ml-template-azure repository.
The following prerequisites are required to make this repository work:
- Azure subscription
- Contributor access to the Azure subscription
- Access to GitHub Actions
If you don’t have an Azure subscription, create a free account before you begin. Try the free or paid version of Azure Machine Learning today.
To get started with ML Ops, simply create a new repo based off this template, by clicking on the green "Use this template" button:
A service principal needs to be generated for authentication and getting access to your Azure subscription. We suggest adding a service principal with contributor rights to a new resource group or to the one where you have deployed your existing Azure Machine Learning workspace. Just go to the Azure Portal to find the details of your resource group or workspace. Then start the Cloud CLI or install the Azure CLI on your computer and execute the following command to generate the required credentials:
# Replace {service-principal-name}, {subscription-id} and {resource-group} with your
# Azure subscription id and resource group name and any name for your service principle
az ad sp create-for-rbac --name {service-principal-name} \
--role contributor \
--scopes /subscriptions/{subscription-id}/resourceGroups/{resource-group} \
--sdk-auth
This will generate the following JSON output:
{
"clientId": "<GUID>",
"clientSecret": "<GUID>",
"subscriptionId": "<GUID>",
"tenantId": "<GUID>",
(...)
}
Add this JSON output as a secret with the name AZURE_CREDENTIALS
in your GitHub repository:
To do so, click on the Settings tab in your repository, then click on Secrets and finally add the new secret with the name AZURE_CREDENTIALS
to your repository.
Please follow this link for more details.
You have to modify the parameters in the /.cloud/.azure/workspace.json"
file in your repository, so that the GitHub Actions create or connect to the desired Azure Machine Learning workspace. Just click on the link and edit the file.
Please use the same value for the resource_group
parameter that you have used when generating the azure credentials. If you already have an Azure ML Workspace under that resource group, change the name
parameter in the JSON file to the name of your workspace, if you want the Action to create a new workspace in that resource group, pick a name for your new workspace, and assign it to the name
parameter. You can also delete the name
parameter, if you want the action to use the default value, which is the repository name.
Once you save your changes to the file, the predefined GitHub workflow that trains and deploys a model on Azure Machine Learning gets triggered. Check the actions tab to view if your actions have successfully run.
Now you can start modifying the code in the code
folder, so that your model and not the provided sample model gets trained on Azure. Where required, modify the environment yaml so that the training and deployment environments will have the correct packages installed in the conda environment for your training and deployment.
Upon pushing the changes, actions will kick off your training and deployment run. Check the actions tab to view if your actions have successfully run.
Comment lines 39 to 55 in your "/.github/workflows/train_deploy.yml"
file if you only want to train the model. Uncomment line 7 to 8, if you only want to kick off the workflow when pushing changes to the "/code/"
file.
The log outputs of your action will provide URLs for you to view the resources that have been created in AML. Alternatively, you can visit the Machine Learning Studio to view the progress of your runs, etc. For more details, read the documentation below.
File/folder | Description |
---|---|
code |
Sample data science source code that will be submitted to Azure Machine Learning to train and deploy machine learning models. |
code/train |
Sample code that is required for training a model on Azure Machine Learning. |
code/train/train.py |
Training script that gets executed on a cluster on Azure Machine Learning. |
code/train/environment.yml |
Conda environment specification, which describes the dependencies of train.py . These packages will be installed inside a Docker image on the Azure Machine Learning compute cluster, when executing your train.py . |
code/train/run_config.yml |
YAML files, which describes the execution of your training run on Azure Machine Learning. This file also references your environment.yml . Please look at the comments in the file for more details. |
code/deploy |
Sample code that is required for deploying a model on Azure Machine Learning. |
code/deploy/score.py |
Inference script that is used to build a Docker image and that gets executed within the container when you send data to the deployed model on Azure Machine Learning. |
code/deploy/environment.yml |
Conda environment specification, which describes the dependencies of score.py . These packages will be installed inside the Docker image that will be used for deploying your model. |
code/test/test.py |
Test script that can be used for testing your deployed webservice. Add a deploy.json to the .cloud/.azure folder and add the following code { "test_enabled": true } to enable tests of your webservice. Change the code according to the tests that zou would like to execute. |
.cloud/.azure |
Configuration files for the Azure Machine Learning GitHub Actions. Please visit the repositories of the respective actions and read the documentation for more details. |
.github/workflows |
Folder for GitHub workflows. The train_deploy.yml sample workflow shows you how your can use the Azure Machine Learning GitHub Actions to automate the machine learning process. |
docs |
Resources for this README. |
CODE_OF_CONDUCT.md |
Microsoft Open Source Code of Conduct. |
LICENSE |
The license for the sample. |
README.md |
This README file. |
SECURITY.md |
Microsoft Security README. |
The workflow file 'deploy_infra.yml' uses action 'mlopstemplates/aml_configure' to deploy arm template to azure. Arm Template is present in './cloud/.azure/' folder (default name='arm_deploy.json') is used to deploy azure resources to azure . It uses the parameters provided in file 'azure.params.json' to create new resources or update the resources if they are already present.
Parameter | Description |
---|---|
workspaceName |
Specifies the name of the Azure Machine Learning workspace.If the resource doesn't exist a new workspace will be created, else existing resource will be updated using the arm template file |
baseName |
Name used as base-template to name the resources to be deployed in Azure. |
OwnerName |
Owner of this deployment, person to contact for question. |
GitHubBranch |
Name of the branch containing azure function code. |
eventGridTopicPrefix |
The name of the Event Grid custom topic. |
eventGridSubscriptionName |
The prefix of the Event Grid custom topic's subscription. |
FunctionName |
name of azure function used |
subscriptionID |
azure subscription ID being used for deployment |
GitHubURL |
The URL of GitHub (ending by .git) containing azure function code. |
funcProjectFolder |
The name of folder containing the function code. |
repo_name |
The name of repository containing template files.This is picked up from github environment parameter 'GITHUB_REPOSITORY' |
pat_token |
pat token to be used by the function app to communicate to github via repository dispatch. |
The template uses the open source Azure certified Actions listed below. Click on the links and read the README files for more details.
- aml-workspace - Connects to or creates a new workspace
- aml-compute - Connects to or creates a new compute target in Azure Machine Learning
- aml-run - Submits a ScriptRun, an Estimator or a Pipeline to Azure Machine Learning
- aml-registermodel - Registers a model to Azure Machine Learning
- aml-deploy - Deploys a model and creates an endpoint for the model
Error message:
Message: ***'error': ***'code': 'MissingSubscriptionRegistration', 'message': "The subscription is not registered to use namespace 'Microsoft.KeyVault'. See https://aka.ms/rps-not-found for how to register subscriptions.", 'details': [***'code': 'MissingSubscriptionRegistration', 'target': 'Microsoft.KeyVault', 'message': "The subscription is not registered to use namespace 'Microsoft.KeyVault'. See https://aka.ms/rps-not-found for how to register subscriptions
Solution:
This error message appears, in case the Azure/aml-workspace
action tries to create a new Azure Machine Learning workspace in your resource group and you have never deployed a Key Vault in the subscription before. We recommend to create an Azure Machine Learning workspace manually in the Azure Portal. Follow the steps on this website to create a new workspace with the desired name. After ou have successfully completed the steps, you have to make sure, that your Service Principal has access to the resource group and that the details in your /.cloud/.azure/workspace.json"
file are correct and point to the right workspace and resource group.
MLOps empowers data scientists and machine learning engineers to bring together their knowledge and skills to simplify the process of going from model development to release/deployment. ML Ops enables you to track, version, test, certify and reuse assets in every part of the machine learning lifecycle and provides orchestration services to streamline managing this lifecycle. This allows practitioners to automate the end to end machine Learning lifecycle to frequently update models, test new models, and continuously roll out new ML models alongside your other applications and services.
This repository enables Data Scientists to focus on the training and deployment code of their machine learning project (code
folder of this repository). Once new code is checked into the code
folder of the master branch of this repository the GitHub workflow is triggered and open source Azure Machine Learning actions are used to automatically manage the training through to deployment phases.
This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.
When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.