-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile.gpu
49 lines (36 loc) · 1.77 KB
/
Dockerfile.gpu
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
FROM node:20-slim as frontend-builder
WORKDIR /app
COPY ./playground/package*.json ./
RUN npm ci
COPY ./playground/ ./
RUN npm run build
FROM gcr.io/kctf-docker/challenge as nsjail-source
FROM python:3.12.3-slim
COPY --from=nsjail-source /usr/bin/nsjail /usr/bin/nsjail
RUN chmod u+s /usr/bin/nsjail
RUN useradd --create-home --shell /bin/bash app && \
apt-get update && \
apt-get install -y --no-install-recommends git curl && \
echo "deb http://deb.debian.org/debian buster main" >> /etc/apt/sources.list && \
apt-get update && \
apt-get install -y --no-install-recommends libprotobuf17 libnl-3-200 libnl-route-3-200 && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
USER app
WORKDIR /home/app
ENV RYE_HOME="/home/app/.rye" \
PATH="/home/app/.rye/shims:${PATH}"
RUN curl -sSf https://rye.astral.sh/get | RYE_INSTALL_OPTION="--yes" RYE_TOOLCHAIN="/usr/local/bin/python" UV_NO_CACHE=1 bash
COPY --chown=app requirements.lock pyproject.toml .python-version README.md ./
RUN /bin/bash -c 'source $RYE_HOME/env && UV_NO_CACHE=1 rye sync --all-features' && \
curl https://semgrep.dev/c/r/bash -s -o /tmp/bash && \
curl https://semgrep.dev/c/r/python.lang.security -s -o /tmp/python.lang.security
RUN rye run python3 -c 'import presidio_analyzer; a = presidio_analyzer.AnalyzerEngine(); a.analyze("text", language="en")'
RUN rye run python3 -c 'from huggingface_hub import snapshot_download; snapshot_download(repo_id="protectai/deberta-v3-base-prompt-injection-v2"); snapshot_download(repo_id="KoalaAI/Text-Moderation")'
COPY --chown=app server ./server
COPY --from=frontend-builder --chown=app /app/dist ./playground/dist
USER root
RUN chown -R app:app /home/app/server/logs
USER app
EXPOSE 8000
CMD ["rye", "run", "uvicorn", "server.main:app", "--host", "0.0.0.0"]