Skip to content

Commit

Permalink
Fix snyk vulnerability (IntelLabs#107)
Browse files Browse the repository at this point in the history 
* Update dockerfiles to pass snyk locally
  • Loading branch information
@cwlacewe
cwlacewe authored Apr 3, 2023
1 parent bafc5dd commit acffe32
Show file tree
Hide file tree
Showing 5 changed files with 25 additions and 24 deletions.
3 changes: 2 additions & 1 deletion .github/workflows/sdl_req.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -158,10 +158,11 @@ jobs:
env:
BDBA_TOKEN: "${{ secrets.BDBA_TOKEN }}"
bdba_group: '90'
bdba_product_id: ${{ secrets.BDBA_PRODUCT_ID }}
shell: bash
run: |
apt-get update && apt-get install -y curl
curl -k -H "Authorization: Bearer $BDBA_TOKEN" -H "Group: $bdba_group" -T ${{ env.DOCKER_ARTIFACT_DIR }}/vdms_latest.tar "https://bdba001.icloud.intel.com/api/upload/"
curl -k -H "Authorization: Bearer $BDBA_TOKEN" -H "Group: $bdba_group" -H "Replace: $bdba_product_id" -T ${{ env.DOCKER_ARTIFACT_DIR }}/vdms_latest.tar "https://bdba001.icloud.intel.com/api/upload/"
# uses: intel-innersource/frameworks.actions.bdba@main (causes dir issues)
# with:
# bdba_group: '90' # Change this to your group
Expand Down
22 changes: 11 additions & 11 deletions INSTALL.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ git clone --branch v3.21.2 https://github.com/Kitware/CMake.git && \
git clone --branch v4.0.2 https://github.com/swig/swig.git && \
git clone --branch v1.7.1 https://github.com/facebookresearch/faiss.git && \
git clone https://github.com/tonyzhang617/FLINNG.git && \
git clone --branch v1.40.0 https://github.com/grpc/grpc.git && \
git clone --recurse-submodules -b v1.40.0 https://github.com/grpc/grpc.git && \
git clone --branch 4.5.3 https://github.com/opencv/opencv.git && \
git clone --branch v0.6 https://github.com/tristanpenman/valijson.git

Expand Down Expand Up @@ -71,32 +71,32 @@ make -j && sudo make install

### grpc
```bash
cd $VDMS_DEP_DIR/grpc && git submodule update --init --recursive
pip3 install --no-cache-dir -r requirements.txt && \
GRPC_PYTHON_BUILD_WITH_CYTHON=1 pip3 install --no-cache-dir .
cd $VDMS_DEP_DIR/grpc
pip3 install --no-cache-dir -r requirements.txt
GRPC_PYTHON_BUILD_WITH_CYTHON=1 pip3 install --no-cache-dir .

cd tools/distrib/python/grpcio_tools
python ../make_grpcio_tools.py
GRPC_PYTHON_BUILD_WITH_CYTHON=1 pip3 install --no-cache-dir .

cd ../../../../third_party/protobuf/cmake
mkdir build && cd build
cd $VDMS_DEP_DIR/grpc/third_party/zlib/ && mkdir build && cd build
cmake -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE ..
make -j && sudo make install

cd ../../../abseil-cpp && mkdir build && cd build
cmake -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE ..
cd $VDMS_DEP_DIR/grpc/third_party/protobuf/cmake
mkdir build && cd build
cmake -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE -Dprotobuf_BUILD_TESTS=OFF ..
make -j && sudo make install

cd ../../re2/ && mkdir build && cd build
cd ../../../abseil-cpp && mkdir build && cd build
cmake -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE ..
make -j && sudo make install

cd ../../zlib/ && mkdir build && cd build
cd ../../re2/ && mkdir build && cd build
cmake -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE ..
make -j && sudo make install

cd ../../../cmake && mkdir build && cd build
cd $VDMS_DEP_DIR/grpc/cmake && mkdir build && cd build
cmake -DgRPC_INSTALL=ON -DgRPC_BUILD_TESTS=OFF -DgRPC_ABSL_PROVIDER=package \
-DgRPC_CARES_PROVIDER=package -DgRPC_PROTOBUF_PROVIDER=package \
-DgRPC_RE2_PROVIDER=package -DgRPC_SSL_PROVIDER=package \
Expand Down
8 changes: 4 additions & 4 deletions docker/base/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ RUN git clone --branch v3.21.2 https://github.com/Kitware/CMake.git && \
git clone --branch v4.0.2 https://github.com/swig/swig.git && \
git clone --branch v1.7.1 https://github.com/facebookresearch/faiss.git && \
git clone https://github.com/tonyzhang617/FLINNG.git && \
git clone --branch v1.40.0 https://github.com/grpc/grpc.git && \
git clone --recurse-submodules -b v1.40.0 https://github.com/grpc/grpc.git && \
git clone --branch 4.5.3 https://github.com/opencv/opencv.git && \
git clone --branch v0.6 https://github.com/tristanpenman/valijson.git && \
curl -L -o /usr/share/java/json-simple-1.1.1.jar https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/json-simple/json-simple-1.1.1.jar && \
Expand All @@ -45,12 +45,12 @@ RUN git clone --branch v3.21.2 https://github.com/Kitware/CMake.git && \
cd /dependencies/swig && ./autogen.sh && ./configure && make ${BUILD_THREADS} && make install && \
cd /dependencies/faiss && mkdir build && cd build && cmake -DFAISS_ENABLE_GPU=OFF .. && make ${BUILD_THREADS} && make install && \
cd /dependencies/FLINNG && mkdir build && cd build && cmake .. && make ${BUILD_THREADS} && make install && \
cd /dependencies/grpc && git submodule update --init --recursive && pip3 install --no-cache-dir -r requirements.txt && GRPC_PYTHON_BUILD_WITH_CYTHON=1 pip3 install --no-cache-dir . && \
cd /dependencies/grpc && pip3 install --no-cache-dir -r requirements.txt && GRPC_PYTHON_BUILD_WITH_CYTHON=1 pip3 install --no-cache-dir . && \
cd tools/distrib/python/grpcio_tools && python ../make_grpcio_tools.py && GRPC_PYTHON_BUILD_WITH_CYTHON=1 pip3 install --no-cache-dir . && \
cd /dependencies/grpc/third_party/protobuf/cmake && mkdir build && cd build && cmake -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE .. && make ${BUILD_THREADS} && make install && \
cd /dependencies/grpc/third_party/zlib && mkdir build && cd build && cmake -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE .. && make ${BUILD_THREADS} && make install && \
cd /dependencies/grpc/third_party/protobuf/cmake && mkdir build && cd build && cmake -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE -Dprotobuf_BUILD_TESTS=OFF .. && make ${BUILD_THREADS} && make install && \
cd ../../../abseil-cpp && mkdir build && cd build && cmake -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE .. && make ${BUILD_THREADS} && make install && \
cd ../../re2/ && mkdir build && cd build && cmake -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE .. && make ${BUILD_THREADS} && make install && \
cd ../../zlib/ && mkdir build && cd build && cmake -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE .. && make ${BUILD_THREADS} && make install && \
cd /dependencies/grpc/cmake && mkdir build && cd build && cmake -DgRPC_INSTALL=ON -DgRPC_BUILD_TESTS=OFF -DgRPC_ABSL_PROVIDER=package \
-DgRPC_CARES_PROVIDER=package -DgRPC_PROTOBUF_PROVIDER=package \
-DgRPC_RE2_PROVIDER=package -DgRPC_SSL_PROVIDER=package \
Expand Down
8 changes: 4 additions & 4 deletions docker/check-in/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ RUN git clone --branch v3.21.2 https://github.com/Kitware/CMake.git && \
git clone --branch v4.0.2 https://github.com/swig/swig.git && \
git clone --branch v1.7.1 https://github.com/facebookresearch/faiss.git && \
git clone https://github.com/tonyzhang617/FLINNG.git && \
git clone --branch v1.40.0 https://github.com/grpc/grpc.git && \
git clone --recurse-submodules -b v1.40.0 https://github.com/grpc/grpc.git && \
git clone --branch 4.5.3 https://github.com/opencv/opencv.git && \
git clone --branch v0.6 https://github.com/tristanpenman/valijson.git && \
curl -L -o /usr/share/java/json-simple-1.1.1.jar https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/json-simple/json-simple-1.1.1.jar && \
Expand All @@ -45,12 +45,12 @@ RUN git clone --branch v3.21.2 https://github.com/Kitware/CMake.git && \
cd /dependencies/swig && ./autogen.sh && ./configure && make ${BUILD_THREADS} && make install && \
cd /dependencies/faiss && mkdir build && cd build && cmake -DFAISS_ENABLE_GPU=OFF .. && make ${BUILD_THREADS} && make install && \
cd /dependencies/FLINNG && mkdir build && cd build && cmake .. && make ${BUILD_THREADS} && make install && \
cd /dependencies/grpc && git submodule update --init --recursive && pip3 install --no-cache-dir -r requirements.txt && GRPC_PYTHON_BUILD_WITH_CYTHON=1 pip3 install --no-cache-dir . && \
cd /dependencies/grpc && pip3 install --no-cache-dir -r requirements.txt && GRPC_PYTHON_BUILD_WITH_CYTHON=1 pip3 install --no-cache-dir . && \
cd tools/distrib/python/grpcio_tools && python ../make_grpcio_tools.py && GRPC_PYTHON_BUILD_WITH_CYTHON=1 pip3 install --no-cache-dir . && \
cd /dependencies/grpc/third_party/protobuf/cmake && mkdir build && cd build && cmake -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE .. && make ${BUILD_THREADS} && make install && \
cd /dependencies/grpc/third_party/zlib && mkdir build && cd build && cmake -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE .. && make ${BUILD_THREADS} && make install && \
cd /dependencies/grpc/third_party/protobuf/cmake && mkdir build && cd build && cmake -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE -Dprotobuf_BUILD_TESTS=OFF .. && make ${BUILD_THREADS} && make install && \
cd ../../../abseil-cpp && mkdir build && cd build && cmake -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE .. && make ${BUILD_THREADS} && make install && \
cd ../../re2/ && mkdir build && cd build && cmake -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE .. && make ${BUILD_THREADS} && make install && \
cd ../../zlib/ && mkdir build && cd build && cmake -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE .. && make ${BUILD_THREADS} && make install && \
cd /dependencies/grpc/cmake && mkdir build && cd build && cmake -DgRPC_INSTALL=ON -DgRPC_BUILD_TESTS=OFF -DgRPC_ABSL_PROVIDER=package \
-DgRPC_CARES_PROVIDER=package -DgRPC_PROTOBUF_PROVIDER=package \
-DgRPC_RE2_PROVIDER=package -DgRPC_SSL_PROVIDER=package \
Expand Down
8 changes: 4 additions & 4 deletions docker/check-in/Dockerfile.base
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ RUN git clone --branch v3.21.2 https://github.com/Kitware/CMake.git && \
git clone --branch v4.0.2 https://github.com/swig/swig.git && \
git clone --branch v1.7.1 https://github.com/facebookresearch/faiss.git && \
git clone https://github.com/tonyzhang617/FLINNG.git && \
git clone --branch v1.40.0 https://github.com/grpc/grpc.git && \
git clone --recurse-submodules -b v1.40.0 https://github.com/grpc/grpc.git && \
git clone --branch 4.5.3 https://github.com/opencv/opencv.git && \
git clone --branch v0.6 https://github.com/tristanpenman/valijson.git && \
curl -L -o /usr/share/java/json-simple-1.1.1.jar https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/json-simple/json-simple-1.1.1.jar && \
Expand All @@ -45,12 +45,12 @@ RUN git clone --branch v3.21.2 https://github.com/Kitware/CMake.git && \
cd /dependencies/swig && ./autogen.sh && ./configure && make ${BUILD_THREADS} && make install && \
cd /dependencies/faiss && mkdir build && cd build && cmake -DFAISS_ENABLE_GPU=OFF .. && make ${BUILD_THREADS} && make install && \
cd /dependencies/FLINNG && mkdir build && cd build && cmake .. && make ${BUILD_THREADS} && make install && \
cd /dependencies/grpc && git submodule update --init --recursive && pip3 install --no-cache-dir -r requirements.txt && GRPC_PYTHON_BUILD_WITH_CYTHON=1 pip3 install --no-cache-dir . && \
cd /dependencies/grpc && pip3 install --no-cache-dir -r requirements.txt && GRPC_PYTHON_BUILD_WITH_CYTHON=1 pip3 install --no-cache-dir . && \
cd tools/distrib/python/grpcio_tools && python ../make_grpcio_tools.py && GRPC_PYTHON_BUILD_WITH_CYTHON=1 pip3 install --no-cache-dir . && \
cd /dependencies/grpc/third_party/protobuf/cmake && mkdir build && cd build && cmake -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE .. && make ${BUILD_THREADS} && make install && \
cd /dependencies/grpc/third_party/zlib && mkdir build && cd build && cmake -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE .. && make ${BUILD_THREADS} && make install && \
cd /dependencies/grpc/third_party/protobuf/cmake && mkdir build && cd build && cmake -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE -Dprotobuf_BUILD_TESTS=OFF .. && make ${BUILD_THREADS} && make install && \
cd ../../../abseil-cpp && mkdir build && cd build && cmake -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE .. && make ${BUILD_THREADS} && make install && \
cd ../../re2/ && mkdir build && cd build && cmake -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE .. && make ${BUILD_THREADS} && make install && \
cd ../../zlib/ && mkdir build && cd build && cmake -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE .. && make ${BUILD_THREADS} && make install && \
cd /dependencies/grpc/cmake && mkdir build && cd build && cmake -DgRPC_INSTALL=ON -DgRPC_BUILD_TESTS=OFF -DgRPC_ABSL_PROVIDER=package \
-DgRPC_CARES_PROVIDER=package -DgRPC_PROTOBUF_PROVIDER=package \
-DgRPC_RE2_PROVIDER=package -DgRPC_SSL_PROVIDER=package \
Expand Down

0 comments on commit acffe32

Please sign in to comment.