-
Notifications
You must be signed in to change notification settings - Fork 24
Expand file tree
/
Copy pathContainerfile.c10s
More file actions
86 lines (74 loc) · 2.14 KB
/
Containerfile.c10s
File metadata and controls
86 lines (74 loc) · 2.14 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
FROM quay.io/centos/centos:stream10
RUN dnf -y install epel-release \
&& dnf config-manager --set-enabled crb \
&& dnf -y update
# Install RH IT Root CAs for access to internal services
COPY files/Current-IT-Root-CAs.pem /etc/pki/ca-trust/source/anchors/
RUN update-ca-trust
RUN dnf -y install --allowerasing \
centpkg \
curl \
gcc \
gcc-c++ \
git \
krb5-devel \
python3 \
python3-pip \
python3-devel \
python3-rpm \
python3-koji \
rpm-build \
rpmdevtools \
rpmlint \
autoconf \
automake \
libtool \
libtool-ltdl \
libtool-ltdl-devel \
make \
meson \
ninja-build \
cmake \
wget \
findutils \
which \
sed \
gawk \
rsync \
python3-tabulate \
&& dnf clean all
RUN pip3 install --no-cache-dir \
"litellm!=1.82.7,!=1.82.8" \
beeai-framework[vertexai,mcp,duckduckgo]==0.1.55 \
google-cloud-aiplatform \
openinference-instrumentation-beeai \
arize-phoenix-otel \
redis \
specfile \
pytest \
pytest-asyncio
# Verify no malicious litellm_init.pth was introduced by compromised litellm packages (e.g. 1.82.7, 1.82.8)
RUN MALICIOUS=$(find /usr /opt -name "litellm_init.pth" 2>/dev/null); \
if [ -n "$MALICIOUS" ]; then \
echo "SECURITY ALERT: malicious litellm_init.pth detected: $MALICIOUS"; \
exit 1; \
fi
# Create user
RUN useradd -m -G wheel beeai
# Copy required directories
# Individual directories are mounted as volumes in development
COPY agents/ /home/beeai/agents/
COPY common/ /home/beeai/common/
RUN chgrp -R root /home/beeai && chmod -R g+rwX /home/beeai
# Set up GitLab SSH host keys
COPY files/gitlab_host_keys /etc/ssh/ssh_known_hosts
USER beeai
ENV HOME=/home/beeai
WORKDIR $HOME
# Set PYTHONPATH so agents module can be imported
ENV PYTHONPATH=$HOME:$PYTHONPATH
# so that we can start working with gitlab.com immediately
RUN git config --global user.email "jotnar@redhat.com" \
&& git config --global user.name "RHEL Packaging Agent" \
&& git config --global core.editor "true"
CMD ["/bin/bash"]