Skip to content

Commit

Permalink
fix: fix permission denied for cache folder and change user
Browse files Browse the repository at this point in the history 
- Change non-root user from 'appuser' to '1001' in various Dockerfiles
- In Dockerfiles, move user creation, setting of the user and working directory definitions towards the end
- Replace copy commands with specific target directories in Dockerfiles, copying to `TORCH_HOME` and `HF_HOME` directories
- Ensure directory creation and ownership changes in Dockerfile.no_model and Dockerfile.ubi-no_model for `TORCH_HOME` and `HF_HOME` paths

Signed-off-by: 陳鈞 <[email protected]>
  • Loading branch information
@jim60105
jim60105 committed Nov 29, 2023
1 parent fbd5709 commit 9e5c768
Show file tree
Hide file tree
Showing 4 changed files with 25 additions and 22 deletions.
14 changes: 7 additions & 7 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,22 +64,22 @@ RUN if [ "$TARGETPLATFORM" = "linux/arm64" ]; then \
apt-get install -y --no-install-recommends libgomp1 libsndfile1; \
fi

# Non-root user
RUN useradd -m -s /bin/bash appuser
USER appuser

COPY --chown=appuser --from=load_model /cache /cache

WORKDIR /app
ARG TORCH_HOME
ARG HF_HOME
ENV TORCH_HOME=${TORCH_HOME}
ENV HF_HOME=${HF_HOME}

COPY --chown=1001 --from=load_model ${TORCH_HOME} ${TORCH_HOME}
COPY --chown=1001 --from=load_model ${HF_HOME} ${HF_HOME}

ARG WHISPER_MODEL
ENV WHISPER_MODEL=${WHISPER_MODEL}
ARG LANG
ENV LANG=${LANG}

RUN useradd -m -s /bin/bash 1001
USER 1001
WORKDIR /app

STOPSIGNAL SIGINT
ENTRYPOINT whisperx --model ${WHISPER_MODEL} --language ${LANG} $@
13 changes: 6 additions & 7 deletions Dockerfile.no_model
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,13 +36,6 @@ RUN if [ "$TARGETPLATFORM" = "linux/arm64" ]; then \
apt-get install -y --no-install-recommends libgomp1 libsndfile1; \
fi

# Non-root user
RUN useradd -m -s /bin/bash appuser \
&& mkdir -p /cache \
&& chown -R appuser:appuser /cache
USER appuser

WORKDIR /app
ARG TORCH_HOME
ARG HF_HOME
ENV TORCH_HOME=${TORCH_HOME}
Expand All @@ -53,5 +46,11 @@ ENV WHISPER_MODEL=${WHISPER_MODEL}
ARG LANG
ENV LANG=${LANG}

RUN useradd -m -s /bin/bash 1001 && \
mkdir -p ${TORCH_HOME} && chown 1001:1001 ${TORCH_HOME} && \
mkdir -p ${HF_HOME} && chown 1001:1001 ${HF_HOME}
USER 1001
WORKDIR /app

STOPSIGNAL SIGINT
ENTRYPOINT whisperx $@
11 changes: 6 additions & 5 deletions Dockerfile.ubi
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,27 +54,28 @@ RUN python3 load_align_model.py ${LANG}

FROM python as final

USER 1001

# ffmpeg
COPY --link --from=mwader/static-ffmpeg:6.0 /ffmpeg /usr/local/bin/
COPY --link --from=mwader/static-ffmpeg:6.0 /ffprobe /usr/local/bin/

# Copy venv
COPY --link --from=build /venv /venv

COPY --chown=1001 --from=load_model /cache /cache

WORKDIR /app
ARG TORCH_HOME
ARG HF_HOME
ENV TORCH_HOME=${TORCH_HOME}
ENV HF_HOME=${HF_HOME}

COPY --chown=1001 --from=load_model ${TORCH_HOME} ${TORCH_HOME}
COPY --chown=1001 --from=load_model ${HF_HOME} ${HF_HOME}

ARG WHISPER_MODEL
ENV WHISPER_MODEL=${WHISPER_MODEL}
ARG LANG
ENV LANG=${LANG}

USER 1001
WORKDIR /app

STOPSIGNAL SIGINT
ENTRYPOINT whisperx --model ${WHISPER_MODEL} --language ${LANG} $@
9 changes: 6 additions & 3 deletions Dockerfile.ubi-no_model
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,25 +28,28 @@ RUN --mount=type=cache,target=/root/.cache/pip pip install /code

FROM python as final

USER 1001

# ffmpeg
COPY --link --from=mwader/static-ffmpeg:6.0 /ffmpeg /usr/local/bin/
COPY --link --from=mwader/static-ffmpeg:6.0 /ffprobe /usr/local/bin/

# Copy venv
COPY --link --from=build /venv /venv

WORKDIR /app
ARG TORCH_HOME
ARG HF_HOME
ENV TORCH_HOME=${TORCH_HOME}
ENV HF_HOME=${HF_HOME}

RUN mkdir -p ${TORCH_HOME} && chown 1001:1001 ${TORCH_HOME}
RUN mkdir -p ${HF_HOME} && chown 1001:1001 ${HF_HOME}

ARG WHISPER_MODEL
ENV WHISPER_MODEL=${WHISPER_MODEL}
ARG LANG
ENV LANG=${LANG}

USER 1001
WORKDIR /app

STOPSIGNAL SIGINT
ENTRYPOINT whisperx $@

0 comments on commit 9e5c768

Please sign in to comment.