RHOAIENG-72: Update Dockerfile for {odh-}notebook-controller component #340
Conversation
This commit modifies the Dockerfile for the {odh-}notebook-controller component in the Kubeflow project. The changes include updating the base image, specifying the Golang version to 1.20, and configuring a non-root user for execution. More robust and secure build processes are now used including different steps for package installation, code copying, and building the notebook-controller.
The Dockerfile closely corresponds to what is used in OpenShift AI build. This way we will have closer match between what we release upstream and downstream.
|
/test all |
|
Thanks Jiri, /lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: atheo89 The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
| RUN useradd --uid 1001 --create-home --user-group --system rhods | ||
|
|
||
| ## Set workdir directory to user home | ||
| WORKDIR /home/rhods |
There was a problem hiding this comment.
Do we like this branding in an upstream?
There was a problem hiding this comment.
I mentioned this myself in #340 (comment). @VaishnaviHire mentioned on slack that opendatahub-io is "midstream", so I think we can afford this.
There was a problem hiding this comment.
It's like we depend on the oauth proxy image that is only available with redhat subscription, not on unregistered okd, and odh needs operators in the redhat catalog that aren't in the community catalog
There was a problem hiding this comment.
Yeah... this is all insane... I wonder who installs ODH since they need to have access to OpenShift and Red Hat catalogue anyway... why not to use properly supported RHOAI... only reason I could possibly see are the new features there that haven't been ported to RHOAI yet... which shall change...
Anyway, I don't have strict opinion... but we use different naming in ODH and RHOAI in some places - e.g. dashboard pods are named as odh-dahsboard in ODH and rhods-dashboard in RHOAI. On the other hand here in IDE scrum, we keep the same name of notebook manager with odh- prefix both in RHOAI and ODH... this change just backports naming from RHOAI back to ODH... so we are doing a completely disgusting mix...
There was a problem hiding this comment.
Just saying... I also like things to be same for ease and convenience... it's just that it's a total mess and chaos here. Feel free to ignore this thread.
There was a problem hiding this comment.
Aren't we planning on abandoning the @red-hat-data-science repos in the future (cc @adelton). How are we going to be doing this kind of "branding" then? Changing the username in dockerfile seems kind of silly and pointless waste of effort to me, best to have some neutral name that can be used everywhere the same.
openshift-merge-bot
bot
merged commit 87f4b2d
into
opendatahub-io:v1.7-branch
|
/cherrypick stable |
|
@harshad16: new pull request created: #350 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
https://issues.redhat.com/browse/RHOAIENG-72, this does not fix the issue, but takes the first step towards fixing it in a subsequent PR.
The new Dockerfile in this PR closely corresponds to what is used in OpenShift AI downstream build. This way we will have closer match between what we release upstream and downstream.
Description
This commit modifies the Dockerfile for the odh-notebook-controller component in the Kubeflow project. The changes include updating the base image, specifying the Golang version to 1.20, and configuring a non-root user for execution. More robust and secure build processes are now used including different steps for package installation, code copying, and building the notebook-controller.
How Has This Been Tested?
Merge criteria: