Spaces:
Paused
Paused
Jinglong Xiong
commited on
Commit
·
8ab6e21
1
Parent(s):
de3eb6f
fix permission
Browse files- Dockerfile +16 -13
Dockerfile
CHANGED
|
@@ -5,19 +5,16 @@ ENV PYTHONUNBUFFERED=1 \
|
|
| 5 |
PYTHONDONTWRITEBYTECODE=1 \
|
| 6 |
DEBIAN_FRONTEND=noninteractive \
|
| 7 |
# Set cache directories to locations with write permissions
|
| 8 |
-
KAGGLE_CONFIG_DIR=/
|
| 9 |
-
KAGGLEHUB_CACHE_FOLDER=/
|
| 10 |
-
MPLCONFIGDIR=/
|
| 11 |
-
TRANSFORMERS_CACHE=/
|
| 12 |
-
HF_HOME=/
|
| 13 |
-
XDG_CACHE_HOME=/
|
|
|
|
| 14 |
|
| 15 |
WORKDIR /app
|
| 16 |
|
| 17 |
-
# Create necessary directories with appropriate permissions
|
| 18 |
-
RUN mkdir -p /tmp/kaggle /tmp/kagglehub /tmp/matplotlib /tmp/transformers_cache /tmp/huggingface /tmp/xdg && \
|
| 19 |
-
chmod 777 /tmp/kaggle /tmp/kagglehub /tmp/matplotlib /tmp/transformers_cache /tmp/huggingface /tmp/xdg
|
| 20 |
-
|
| 21 |
# Install system dependencies
|
| 22 |
RUN apt-get update && apt-get install -y \
|
| 23 |
build-essential \
|
|
@@ -36,6 +33,9 @@ RUN apt-get update && apt-get install -y \
|
|
| 36 |
curl \
|
| 37 |
&& rm -rf /var/lib/apt/lists/*
|
| 38 |
|
|
|
|
|
|
|
|
|
|
| 39 |
# Copy requirements first to leverage Docker cache
|
| 40 |
COPY requirements.txt .
|
| 41 |
|
|
@@ -48,14 +48,17 @@ RUN pip install --no-cache-dir --upgrade pip && \
|
|
| 48 |
# Copy the whole application
|
| 49 |
COPY . .
|
| 50 |
|
| 51 |
-
#
|
| 52 |
-
|
| 53 |
-
|
| 54 |
|
| 55 |
# Set environment variables for GPU usage
|
| 56 |
ENV NVIDIA_VISIBLE_DEVICES=all \
|
| 57 |
NVIDIA_DRIVER_CAPABILITIES=compute,utility
|
| 58 |
|
|
|
|
|
|
|
|
|
|
| 59 |
# Expose port for Streamlit
|
| 60 |
EXPOSE 8501
|
| 61 |
|
|
|
|
| 5 |
PYTHONDONTWRITEBYTECODE=1 \
|
| 6 |
DEBIAN_FRONTEND=noninteractive \
|
| 7 |
# Set cache directories to locations with write permissions
|
| 8 |
+
KAGGLE_CONFIG_DIR=/app/.cache/kaggle \
|
| 9 |
+
KAGGLEHUB_CACHE_FOLDER=/app/.cache/kagglehub \
|
| 10 |
+
MPLCONFIGDIR=/app/.cache/matplotlib \
|
| 11 |
+
TRANSFORMERS_CACHE=/app/.cache/transformers \
|
| 12 |
+
HF_HOME=/app/.cache/huggingface \
|
| 13 |
+
XDG_CACHE_HOME=/app/.cache \
|
| 14 |
+
HOME=/app
|
| 15 |
|
| 16 |
WORKDIR /app
|
| 17 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 18 |
# Install system dependencies
|
| 19 |
RUN apt-get update && apt-get install -y \
|
| 20 |
build-essential \
|
|
|
|
| 33 |
curl \
|
| 34 |
&& rm -rf /var/lib/apt/lists/*
|
| 35 |
|
| 36 |
+
# Create a non-root user to run our application
|
| 37 |
+
RUN groupadd -r appuser && useradd -r -g appuser -m -d /app appuser
|
| 38 |
+
|
| 39 |
# Copy requirements first to leverage Docker cache
|
| 40 |
COPY requirements.txt .
|
| 41 |
|
|
|
|
| 48 |
# Copy the whole application
|
| 49 |
COPY . .
|
| 50 |
|
| 51 |
+
# Create cache directories and set proper ownership
|
| 52 |
+
RUN mkdir -p /app/.cache/kaggle /app/.cache/kagglehub /app/.cache/matplotlib /app/.cache/transformers /app/.cache/huggingface && \
|
| 53 |
+
chown -R appuser:appuser /app
|
| 54 |
|
| 55 |
# Set environment variables for GPU usage
|
| 56 |
ENV NVIDIA_VISIBLE_DEVICES=all \
|
| 57 |
NVIDIA_DRIVER_CAPABILITIES=compute,utility
|
| 58 |
|
| 59 |
+
# Switch to non-root user
|
| 60 |
+
USER appuser
|
| 61 |
+
|
| 62 |
# Expose port for Streamlit
|
| 63 |
EXPOSE 8501
|
| 64 |
|