jfraeysd/fetch_ml
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
fetch_ml/podman/containers/secure-ml-runner.podfile
Jeremie Fraeys 7880ea8d79
refactor: reorganize podman directory structure 
Organize podman/ directory into logical subdirectories:

New structure:
- docs/          - ML_TOOLS_GUIDE.md, jupyter_workflow.md
- configs/       - environment*.yml, security_policy.json
- containers/    - *.dockerfile, *.podfile
- scripts/       - *.sh, *.py (secure_runner, cli_integration, etc.)
- jupyter/       - jupyter_cookie_secret (flattened from jupyter_runtime/runtime/)
- workspace/     - Example projects (cleaned of temp files)

Cleaned workspace:
- Removed .DS_Store, mlflow.db, cache/
- Removed duplicate cli_integration.py

Removed unnecessary nesting:
- Flattened jupyter_runtime/runtime/ to just jupyter/

Improves maintainability by grouping files by purpose and eliminating root directory clutter.
2026-02-18 16:40:46 -05:00

59 lines
1.6 KiB
Text
Raw Permalink Blame History

# Fast Secure ML Runner
# Optimized for data scientists with maximum speed
FROM continuumio/miniconda3:latest
# Install mamba for lightning-fast package resolution
RUN conda install -n base -c conda-forge mamba -y && \
conda clean -afy
# Security: Create non-root user
RUN groupadd -r mlrunner && useradd -r -g mlrunner mlrunner
# Create secure workspace
WORKDIR /workspace
RUN chown mlrunner:mlrunner /workspace
# Create conda environment with mamba (much faster than pip)
RUN mamba create -n ml_env python=3.10 -y && \
chown -R mlrunner:mlrunner /opt/conda/envs/ml_env
# Pre-install ML packages with mamba (super fast!)
RUN mamba install -n ml_env \
pytorch>=1.9.0 \
torchvision>=0.10.0 \
numpy>=1.21.0 \
pandas>=1.3.0 \
scikit-learn>=1.0.0 \
xgboost>=1.5.0 \
matplotlib>=3.5.0 \
seaborn>=0.11.0 \
jupyter>=1.0.0 \
-c pytorch -c conda-forge -y && \
conda clean -afy
# Poetry (for pyproject.toml + poetry.lock projects)
RUN mamba install -n ml_env poetry -c conda-forge -y && \
conda clean -afy
# Copy security wrapper
COPY secure_runner.py /usr/local/bin/secure_runner.py
COPY security_policy.json /etc/ml_runner/security_policy.json
# Set permissions
RUN chmod +x /usr/local/bin/secure_runner.py && \
chown mlrunner:mlrunner /usr/local/bin/secure_runner.py
# Switch to non-root user
USER mlrunner
# Set conda environment
SHELL ["/bin/bash", "-c"]
ENTRYPOINT ["conda", "run", "-n", "ml_env", "python", "/usr/local/bin/secure_runner.py"]
# Labels
LABEL package_manager="mamba" \
speed="optimized" \
ml_frameworks="pytorch,sklearn,xgboost" \
security="enabled"
Reference in a new issue View git blame Copy permalink