Update with GNINA, Karmadock fix, multi chain#5
Merged
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
guild_upgrade — sync from guild-internal
Branch:
guild_upgrade. Nothing committed — all changes are uncommitted in the working tree for your review.This brings the public
guildrepo up to date with the latest engineering work in theinternal
guild-internalrepo, without exposing any internal secrets, infrastructure,database details, or personal paths. The two repos have separate git histories (public
was a sanitized import), so this was done by comparing working trees file-by-file, not by
merging git history.
Guiding rule
Internal-only material was excluded entirely, not just commented out. Where a shared
file mixed good engineering with internal coupling (e.g.
bulk.py, theDockerfile,the
Makefile), the improvements were ported and the internal parts removed — includingindirect tells like internal function names, the DB API shape, internal CI workflows,
private registry URLs, and example compound names.
A full token sweep over the result found zero new internal tokens introduced by this
upgrade (see "Verification" below).
What was brought in (sanitized)
New features
guild/docking/gnina.py,guild/constants/gnina.py, plus tests(
tests/single_run/test_gnina_*.py,tests/bulk_run/test_gnina_orchestration.py).The Python code only references container-internal paths (
/opt/gnina/...), no secrets.Dockerfile.gnina-bundlebuilds a curated runtime bundle fromthe public
gnina/gninaimage. The privateenvedancusacr01.azurecr.ioregistryreference was removed; the bundle image is now an overridable build arg
GNINA_BUNDLE_IMAGE(defaultgnina-bundle:latest).protein_chain(A,B) support, threadedthrough
run.py,bulk.py,tools/preparation.py,transformers/pdb.py, andscripts/vina_rescore_all.py(multi-chain port applied onto the public, relative-pathversion of that script).
guild/tools/subprocess_log.py+ integration.scripts/apply_karmadock_patches.py, applied atDocker build time (rdkit/torch ABI fixes).
run_guild.pyCLI — gained--methods gnina,--box,--n-workers,--no-gpu,--plip-only,--no-plip,--gnina-input-mode. The--no-database-updateflag and thedatabase_update=wiring were stripped.SHELL_SILENCERbugfix —&>/dev/null→> /dev/null 2>&1(dash-safe).Updated wholesale (verified clean of internal refs)
guild/run.py,guild/docking/{boltz,diffdock,karmadock,vina}.py,guild/tools/{preparation,bulk,utils,scores}.py,guild/transformers/{pdb,msa,converters,chembl}.py,guild/constants/{bulk,guild,p2rank,visualization}.py,docs/adfrsuite_class.py.Config / build (sanitized merges)
public repo's clean
uv sync(noGH_TOKENsecret) and omitted the Azure CLI block —both existed only to serve the excluded
enveda-toolkit/keyvault/database layer.run-gnina,run-plip, aUSE_GPUtoggle, gnina/box/workers flags,and gnina-bundle auto-build in
docker-local. Excluded allazurecr.iopush targets,the
dev/runtargets that pulled internal images, the~/.azurecredential mounts, andthe
github-init/inittargets (gh repo create enveda/guild, internal remote URL).azure-identity,azure-keyvault-secrets,enveda-toolkit, or the[tool.uv.sources]git source.
guildversionpin was updated to 1.1.4 (no dependency changes were made, so the lock stays consistent).
/notebooks/database,/guild/OLD,/temp_data, anda
scripts/*allowlist (prevents committing local experiment scripts that carrymachine-specific paths). Kept the public allowlist for shipped support data + logo.
scripts/apply_karmadock_patches.py(now COPY'd by Docker).What was deliberately EXCLUDED (internal-only)
guild/azure/database.py,guild/azure/get_secret.py,guild/constants/database.py,DATABASE_SCHEMA.md,notebooks/database/*,scripts/test_db_real_submission.py,scripts/test_db_upload_dummy.py. The public repokeeps its existing "no database mode". In
bulk.pythedatabase_updateparam, theretrieve_existing_rp_scores/upload_rp_scoresimport and all call sites, and theDB-merge/upload code paths were fully removed (not just disabled).
.github/workflows/deploy-dev.yml,.github/workflows/build-gnina-bundle.yml(both use
enveda/reusable-workflows+ ACR + Prefect). The publictest.yml/lint.ymlwere kept as-is.
CLAUDE.md(internal dev notes — references ACR, Databricks,internal compound names),
.cookiecutter.json(internal template +it@envedabio.com),.claude/settings.json,.gitmodules(empty),pyptoject_cpu.toml(typo-named CPUvariant carrying azure/prefect deps),
environments/installations.sh(hardcoded/home/ec2-user/...paths).constants/system.py(AZURE_KEYVAULT_URI,AZURE_CLIENT_ID,AZURE_ACR_IMAGE_URI, etc.) — used only by excluded code.notebooks/— these areanalysis artifacts whose output cells and hardcoded paths (several contained
/home/antonio.gomes/...) are a high indirect-leak risk for low value. Existing publicnotebooks were left untouched. Worth a selective, manual revisit if you want any of
these published.
Pre-existing references (NOT introduced by this upgrade — flagged for your call)
.gitignore:55→/.databrickscfg— a protective ignore rule (prevents committing aDatabricks credential file). Left in place; removing it would reduce safety.
renovate.json:4→local>enveda/renovate-config— was already in the public repo,unchanged. References an internal renovate config repo.
Verification
enveda,azurecr,databricks,keyvault,enveda_toolkit,enveda_prod,cdd-benchling, the Azure client GUID,/home/antonio,/home/ec2-user,reusable-workflows,prefect, …) over all source/config files → only the twopre-existing references above; zero new tokens.
Empirical results
Image rebuilt from scratch with
--build-arg GNINA_BUNDLE_IMAGE=gnina-bundle:local(
guild:latest, 38.2 GB).gnina v1.3.1runs from the genericized local bundle.Test suite (
docker run --rm guild-test python -m pytest tests/ -q): 100 passed.Empirical docking — single combination
3pbl-A-ETQ-A / lig1(D3 receptor + a smallligand), box-driven pocket,
--no-decoys, run on an A100 80GB. Every engine produced ascore and completed scoring + PLIP (exit 0):
vina_score = -4.892gnina_score = -5.09,gnina_cnn_score = -0.28karmadock_score = 13.86(build-time rdkit/torch patches applied OK)diffdock_score = -1.7; auto-rescorevina_rescore_diffdock_score = -0.029boltz_score = 0.327(ipTM); auto-rescorevina_rescore_boltz_score = -4.336Notes:
multi-method scoring wiring survived the database-strip of
bulk.py.Binding site LIG:Z:1 not found) — a known ligand-resnamequirk, not a failure (run exited 0); unrelated to this upgrade.
pandasDataFrameGroupBy.applyFutureWarning appears across runs — pre-existing intools/scores.py, not introduced here.How to reproduce the build + runs