feat: Make AI Builder API URL/Timeout configurable and secure Docker production build

[pratyush07-hub]

Change(s)

1. AI Builder Configurability: Moved the hardcoded AI Builder API URL and request timeout into the central configuration system ( src/config.default.toml ).
2. Connector Refactoring: Updated AIBuilderMLModelConnector to dynamically fetch its endpoint and timeout settings from the global CONFIG object.
3. Docker Production Security: Removed the local source code volume mount from the aibuilder-connector service in the main docker-compose.yaml to ensure immutable deployments in production.
4. Enhanced Dev Experience: Restored the source code mount for the AI Builder connector in docker-compose.dev.yaml , allowing for live-coding when USE_LOCAL_DEV=true is enabled.
5. Linting Fix: Adjusted pyproject.toml to allow assert statements in test files, resolving a pre-commit hook blockage.

Change Type: Changed, Fixed, Security
Change Category: Internal, Other (Infrastructure)
Changelog Entry: Made AI Builder API URL and Timeout configurable and restricted source code mounting in production mode.

This PR refactors the AI Builder connector to utilize decentralized configuration, allowing Deployment-specific overrides for the API endpoint and response timeouts via config.override.toml. It also aligns the Docker orchestration with production best practices by restricting source code mounts to development mode only.

How to Test

1. Automated Tests: Run pytest src/tests/connectors/aibuilder/test_aibuilder_mlmodel_connector.py to verify that the connector correctly utilizes the configuration.
2. Config Override: Add a custom URL to src/config.override.toml under [aibuilder] and verify the connector attempts to use that URL.
3. Docker Audit:
   Run docker compose config and verify that the aibuilder-connector does not have a volume mount for /src.
   Run ./scripts/up.sh aibuilder (with USE_LOCAL_DEV=true) and verify that the mount is present.

Checklist

• Tests have been added or updated to reflect the changes, or their absence is explicitly explained.
• Documentation has been added or updated to reflect the changes, or their absence is explicitly explained.
• A self-review has been conducted checking:
  • No unintended changes have been committed.
  • The changes in isolation seem reasonable.
  • Anything that may be odd or unintuitive is provided with a GitHub comment explaining it (but consider if this should not be a code comment or in the documentation instead).
• All CI checks pass before pinging a reviewer, or provide an explanation if they do not.
• The PR title matches the changelog entry's one-line description.

Related Issues

Closes #520

[pratyush07-hub]

Hi @PGijsbers @geetu040 , I've implemented the changes for #520. I've moved the API settings to the config system and updated the Docker orchestration to secure the production build. Ready for your review.