docker/Dockerfile.toolkit

# Copyright (C) 2020 Intel Corporation
# SPDX-License-Identifier: Apache-2.0

# Username
ARG TOOLKIT_BASE_IMAGE

FROM $TOOLKIT_BASE_IMAGE

LABEL maintainer="HE Toolkit github.com/intel/he-toolkit"

# User-setup
ARG UNAME
ARG UID
ARG GID
ARG HOME="/home/$UNAME"
ENV SHELL="/bin/bash"

RUN groupadd -g $GID $UNAME && \
    useradd --no-log-init -m -u $UID -g $GID -s /bin/bash $UNAME && \
    echo "$UNAME ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers

# ADD copies and untars for us
ADD toolkit.tar.gz $HOME/he-toolkit
RUN chown -R $UNAME:$UNAME $HOME/he-toolkit

# Switch user to $UNAME
USER $UNAME

###################################################
# CVE-2023-5752
# Install upstream pip (version >=23.3.1) as user
RUN mkdir -p $HOME/pip-install-package \
             $HOME/.local/bin \
             $HOME/.local/lib
WORKDIR $HOME/pip-install-package
RUN wget https://bootstrap.pypa.io/get-pip.py && \
    python get-pip.py && \
    . $HOME/.profile && \
    pip install pip --upgrade
###################################################

RUN ["pip", "install", "toml", "argcomplete"]

# Change directories to $HOME/Intel-HE-Toolkit
WORKDIR $HOME/he-toolkit

# Initialize hekit and install librares, examples, and kernels
RUN echo "y" | ./hekit init --default-config

ENTRYPOINT . docker/runners.sh && welcome_message && cd $HOME && /bin/bash