Michael Rabinovich commited on
Commit ·
bf4211c
1
Parent(s): ba9a513
dockerfile: allow runtime pip installs in venv
Browse files- Dockerfile +5 -2
Dockerfile
CHANGED
|
@@ -73,8 +73,11 @@ RUN python -m pip uninstall -y vtk \
|
|
| 73 |
# python /opt/eval_job.py <submission_id> <zip_url>
|
| 74 |
COPY eval_job.py /opt/eval_job.py
|
| 75 |
|
| 76 |
-
# Drop privileges. HF Spaces conventionally run as uid 1000.
|
| 77 |
-
|
|
|
|
|
|
|
|
|
|
| 78 |
USER user
|
| 79 |
WORKDIR /home/user
|
| 80 |
|
|
|
|
| 73 |
# python /opt/eval_job.py <submission_id> <zip_url>
|
| 74 |
COPY eval_job.py /opt/eval_job.py
|
| 75 |
|
| 76 |
+
# Drop privileges. HF Spaces conventionally run as uid 1000. Keep the venv
|
| 77 |
+
# writable so HF Jobs can install short-lived extras (for example baseline
|
| 78 |
+
# LLM clients) through the orchestrator's --pip-install hook.
|
| 79 |
+
RUN useradd -m -u 1000 user \
|
| 80 |
+
&& chown -R user:user "$VIRTUAL_ENV"
|
| 81 |
USER user
|
| 82 |
WORKDIR /home/user
|
| 83 |
|