structure: consolidate all pipeline under airflow/leaf-pipeline; prop…

[Sara-git-218]

…er .gitignore & LFS

[greptile-apps]

Greptile Overview

Greptile Summary

This PR consolidates pipeline code into a Git submodule at airflow/leaf-pipeline and adds Git LFS support for ML model weights.

Critical Issues:

• .gitignore changes removed security patterns (*.env, *.crt, */certs/, **/secrets/), exposing existing tracked sensitive files including database credentials and certificates
• The airflow/leaf-pipeline submodule is missing .gitmodules configuration, preventing proper initialization

Changes Made:

• Added .gitattributes to track ML weights (*.pt, *.pth, *.safetensors) via Git LFS
• Simplified .gitignore to focus on leaf-pipeline specific patterns
• Added airflow/leaf-pipeline as a Git submodule (commit 181ad13)

Required Actions:

1. Restore removed .gitignore patterns immediately
2. Add .gitmodules file to properly register the submodule
3. Remove already-tracked sensitive files from git history

Confidence Score: 0/5

• This PR introduces critical security vulnerabilities and breaks submodule functionality
• Score of 0 reflects two critical issues: (1) removal of security patterns from .gitignore exposes sensitive credentials and certificates that are already tracked in the repository, creating immediate security risks; (2) missing .gitmodules configuration breaks submodule initialization for all future clones
• .gitignore requires immediate restoration of security patterns, and .gitmodules file must be created to register the submodule

Important Files Changed

File Analysis

Filename	Score	Overview
.gitignore	0/5	Removed security-critical patterns allowing secrets, certs, and credentials to be tracked in git
.gitattributes	5/5	Added Git LFS configuration for ML model weight files (*.pt, *.pth, *.safetensors)
airflow/leaf-pipeline	1/5	Added submodule without .gitmodules configuration, breaking submodule initialization

Sequence Diagram

sequenceDiagram
    participant Dev as Developer
    participant Git as Git Repository
    participant Sub as leaf-pipeline Submodule
    participant LFS as Git LFS
    
    Dev->>Git: Add .gitattributes for LFS
    Note over Git,LFS: Configure *.pt, *.pth, *.safetensors for LFS
    
    Dev->>Git: Modify .gitignore
    Note over Git: Remove *.env, *.crt, */certs/, **/secrets/
    Note over Git: SECURITY ISSUE: Exposes existing tracked files
    
    Dev->>Git: Add airflow/leaf-pipeline submodule
    Note over Git,Sub: Submodule commit 181ad13 added
    Git--xSub: Missing .gitmodules configuration
    Note over Sub: Submodule cannot be initialized properly
    
    Dev->>Git: Commit changes
    Note over Git: Sensitive files (*.env, *.crt) now exposed

Loading

_{3 files reviewed, 2 comments}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

logic: Missing .gitmodules file to register this submodule. Without it:

• git submodule commands fail
• New clones won't initialize the submodule
• The submodule URL/branch isn't documented

Add .gitmodules:

[submodule "airflow/leaf-pipeline"]
    path = airflow/leaf-pipeline
    url = <repository-url>

[greptile-apps]

logic: Removed critical security patterns from .gitignore that are now allowing sensitive files to be tracked:

• *.env files - at least one .env with database credentials is now in git
• *.crt certificate files - certificate files are now tracked
• */certs/ and **/secrets/ directories
• .vscode/ and .idea/ editor configs

These patterns MUST be restored immediately.