diff --git a/.github/dockerfiles/docker_tag b/.github/dockerfiles/docker_tag index d248e5b8700e..08ccbf6e36f5 100644 --- a/.github/dockerfiles/docker_tag +++ b/.github/dockerfiles/docker_tag @@ -1 +1 @@ -pr-30691 \ No newline at end of file +pr-28903 \ No newline at end of file diff --git a/.github/dockerfiles/ov_build/debian_10_arm/Dockerfile b/.github/dockerfiles/ov_build/debian_10_arm/Dockerfile index aca429b8b88a..55f06e8dd717 100644 --- a/.github/dockerfiles/ov_build/debian_10_arm/Dockerfile +++ b/.github/dockerfiles/ov_build/debian_10_arm/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/debian:10.13 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -227,3 +236,11 @@ RUN python3.11 -m venv venv ENV PATH="/venv/bin:$SCCACHE_HOME:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/fedora_29/Dockerfile b/.github/dockerfiles/ov_build/fedora_29/Dockerfile index 72d0c0e93339..5edbe93d9cfb 100644 --- a/.github/dockerfiles/ov_build/fedora_29/Dockerfile +++ b/.github/dockerfiles/ov_build/fedora_29/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/fedora:29 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # dnf configuration RUN echo "timeout=60" >> /etc/dnf/dnf.conf && \ echo "retries=10" >> /etc/dnf/dnf.conf @@ -88,7 +97,6 @@ ENV PATH="$SCCACHE_HOME:$PATH" # Use Python 3.9 as default RUN python3.9 -m venv venv ENV PATH="/venv/bin:$PATH" -RUN alternatives --install /usr/bin/python python /usr/bin/python3.9 10 # Setup pip ENV PIP_VERSION="24.0" @@ -132,3 +140,17 @@ RUN wget -O git-2.49.0.tar.gz https://github.com/git/git/archive/refs/tags/v2.49 tar -zxf git-2.49.0.tar.gz RUN cd git-2.49.0 && \ make configure && ./configure --prefix=/usr && make install + +# Use python3.9 instead of /usr/bin/python +RUN update-alternatives --install /usr/bin/python python /usr/bin/python3.9 10 + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Change ownership of node to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} ${NVM_DIR} + +# Switch to the non-root user +USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile b/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile index b13120374237..b7b1ece863fb 100644 --- a/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile +++ b/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile @@ -3,6 +3,15 @@ FROM openvinogithubactions.azurecr.io/quayio/pypa/manylinux_2_28 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + RUN yum groupinstall -y "Development Tools" && \ yum install -y wget bzip2 gcc-c++ libmpc-devel mpfr-devel gmp-devel cmake ccache ninja-build make tbb-devel ocl-icd-devel opencl-headers lld @@ -18,3 +27,8 @@ RUN mkdir ${SCCACHE_HOME} && cd ${SCCACHE_HOME} && \ # To make python3 and pip binaries accessible ENV PATH="/opt/python/cp311-cp311/bin:$SCCACHE_HOME:$PATH" + +# Switch to the non-root user +USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_20_04_arm64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_20_04_arm64/Dockerfile index 7309bf30ea79..6ea6219700c7 100644 --- a/.github/dockerfiles/ov_build/ubuntu_20_04_arm64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_20_04_arm64/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:20.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -103,3 +112,14 @@ RUN mkdir -p $NVM_DIR RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | bash RUN . "$NVM_DIR/nvm.sh" && nvm install ${NODE_VERSION} ENV PATH="$NVM_DIR/versions/node/v${NODE_VERSION}/bin/:${PATH}" + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Change ownership of node to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} ${NVM_DIR} + +# Switch to the non-root user +USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile index 3df9c99f8c07..717e0b16a768 100644 --- a/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile @@ -1,7 +1,14 @@ ARG REGISTRY="docker.io" FROM ${REGISTRY}/library/ubuntu:20.04 -USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ @@ -79,3 +86,22 @@ RUN python3.9 -m venv venv ENV PATH="/venv/bin:$SCCACHE_HOME:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} + +# Install Node +ENV NODE_VERSION=21.7.3 +ENV NVM_DIR=/.nvm +RUN mkdir -p $NVM_DIR +RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | bash +RUN . "$NVM_DIR/nvm.sh" && nvm install ${NODE_VERSION} +ENV PATH="$NVM_DIR/versions/node/v${NODE_VERSION}/bin/:${PATH}" + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Change ownership of node to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} ${NVM_DIR} + +# Switch to the non-root user +USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_20_04_x64_nvidia/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_20_04_x64_nvidia/Dockerfile index 2991f28f7891..9ec3561304ad 100644 --- a/.github/dockerfiles/ov_build/ubuntu_20_04_x64_nvidia/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_20_04_x64_nvidia/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/nvidia/cuda:11.8.0-runtime-ubuntu20.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -76,7 +85,7 @@ RUN curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py && \ curl https://bootstrap.pypa.io/pip/3.8/get-pip.py -o get-pip-3-8.py && \ python3.8 get-pip-3-8.py --no-cache-dir pip==${PIP_VERSION} && \ python3.11 get-pip.py --no-cache-dir pip==${PIP_VERSION} && \ - rm -f get-pip.py + rm -f get-pip.py get-pip-3.8.py # Use Python 3.11 as default instead of Python 3.8 # Using venv here 'cause other methods to switch the default Python on Ubuntu 20 break both system and wheels build @@ -84,3 +93,11 @@ RUN python3.11 -m venv venv ENV PATH="/venv/bin:$SCCACHE_HOME:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_android/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_android/Dockerfile index 9f9f413547dd..2ccd8b5e7553 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_android/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_android/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:22.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -54,3 +63,8 @@ ENV ANDROID_SDK_VERSION 29 RUN wget https://dl.google.com/android/repository/commandlinetools-linux-7583922_latest.zip && \ unzip commandlinetools-linux-7583922_latest.zip RUN echo "yes" | ./cmdline-tools/bin/sdkmanager --sdk_root=${ANDROID_TOOLS} --install "ndk-bundle" "platform-tools" "platforms;android-${ANDROID_SDK_VERSION}" + +# Switch to the non-root user +USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_riscv/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_riscv/Dockerfile index 8b955def2aec..efc4b346e389 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_riscv/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_riscv/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:22.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -72,3 +81,7 @@ RUN curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py && \ python3 get-pip.py --no-cache-dir pip==${PIP_VERSION} && \ rm -f get-pip.py +# Switch to the non-root user +USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_riscv_xuantie/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_riscv_xuantie/Dockerfile index 6887f83b0256..fb229b10b095 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_riscv_xuantie/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_riscv_xuantie/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:22.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -100,3 +109,11 @@ ENV PIP_VERSION="24.0" RUN curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py && \ python3 get-pip.py --no-cache-dir pip==${PIP_VERSION} && \ rm -f get-pip.py + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile index f613ab3afb62..12a5d05a23af 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:22.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -71,6 +80,10 @@ RUN mkdir ${SCCACHE_HOME} && cd ${SCCACHE_HOME} && \ tar -xzf ${SCCACHE_ARCHIVE} --strip-components=1 && rm ${SCCACHE_ARCHIVE} ENV PATH="$SCCACHE_HOME:$PATH" + +# ONNX Runtime, see https://github.com/microsoft/onnxruntime/issues/13197#issuecomment-1264542497 +RUN locale-gen en_US.UTF-8 && update-locale LANG=en_US.UTF-8 + # Setup pip ENV PIP_VERSION="24.0" RUN curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py && \ @@ -108,3 +121,16 @@ RUN mkdir -p ${DOXYGEN_HOME} && cd ${DOXYGEN_HOME} && wget https://www.doxygen.n rm -f doxygen-$DOXYGEN_VERSION.linux.bin.tar.gz ENV PATH="${DOXYGEN_HOME}/doxygen-$DOXYGEN_VERSION/bin:$PATH" +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Change ownership of node to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} ${NVM_DIR} + +# Change ownership of doxygen to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} ${DOXYGEN_HOME} + +# Switch to the non-root user +USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_cc/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_cc/Dockerfile index dea3e8c26252..9bee813e5c46 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_cc/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_cc/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:22.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -74,3 +83,11 @@ RUN python3.11 -m venv venv ENV PATH="/venv/bin:$SCCACHE_HOME:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_dpcpp/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_dpcpp/Dockerfile index 23111f59dd69..af33a668ce6c 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_dpcpp/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_dpcpp/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:22.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -96,3 +105,11 @@ ENV CPATH=/opt/intel/oneapi/dpl/2022.6/include:/opt/intel/oneapi/dev-utilities/2 # Set Intel DPC++ as a default compiler ENV CC=icx ENV CXX=icpx + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_nvidia/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_nvidia/Dockerfile index 8c6bdf43bda3..b3487491b363 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_nvidia/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_nvidia/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/nvidia/cuda:11.8.0-runtime-ubuntu22.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -73,3 +82,11 @@ RUN python3.11 -m venv venv ENV PATH="/venv/bin:$SCCACHE_HOME:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile index 30f9b9792bc9..5e5cb9d72c2d 100644 --- a/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:24.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +# Ubuntu 24 image already has a user with UID 1000 +RUN usermod -l ${USER_NAME} ubuntu + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -83,3 +92,11 @@ RUN /venv/bin/python3 -m pip install --upgrade pip==${PIP_VERSION} && \ python3.13 -m pip install --upgrade pip==${PIP_VERSION} ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${GROUP_ID} /venv + +# Switch to the non-root user +USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/webassembly/Dockerfile b/.github/dockerfiles/ov_build/webassembly/Dockerfile index 65717650e9a0..839f08a5ae81 100644 --- a/.github/dockerfiles/ov_build/webassembly/Dockerfile +++ b/.github/dockerfiles/ov_build/webassembly/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/emscripten/emsdk:3.1.61 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +# WASM image already has a user with UID 1000 +RUN usermod -l ${USER_NAME} emscripten + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -32,3 +41,8 @@ RUN mkdir ${SCCACHE_HOME} && cd ${SCCACHE_HOME} && \ tar -xzf ${SCCACHE_ARCHIVE} --strip-components=1 && rm ${SCCACHE_ARCHIVE} ENV PATH="$SCCACHE_HOME:$PATH" + +# Switch to the non-root user +USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_test/debian_10_arm/Dockerfile b/.github/dockerfiles/ov_test/debian_10_arm/Dockerfile index f1e428e0683b..e91b770649f8 100644 --- a/.github/dockerfiles/ov_test/debian_10_arm/Dockerfile +++ b/.github/dockerfiles/ov_test/debian_10_arm/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/debian:10.13 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -38,3 +47,8 @@ RUN chmod +x /install_build_dependencies.sh && \ ENV LD_LIBRARY_PATH="/usr/arm-linux-gnueabihf/:/usr/arm-linux-gnueabihf/lib/:$LD_LIBRARY_PATH" RUN ln -s /usr/arm-linux-gnueabihf/lib/ld-linux-armhf.so.3 /lib/ld-linux-armhf.so.3 + +# Switch to the non-root user +USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_test/debian_10_py310/Dockerfile b/.github/dockerfiles/ov_test/debian_10_py310/Dockerfile index e7dbadf5a414..806d8c6f25b4 100644 --- a/.github/dockerfiles/ov_test/debian_10_py310/Dockerfile +++ b/.github/dockerfiles/ov_test/debian_10_py310/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/debian:10.13 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -74,3 +83,11 @@ ENV PATH="/venv/bin:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} ENV PIP_INSTALL_PATH=/venv/lib/python3.10/site-packages + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_test/fedora_33/Dockerfile b/.github/dockerfiles/ov_test/fedora_33/Dockerfile index 0a1382e97fb8..8af16af8c7e9 100644 --- a/.github/dockerfiles/ov_test/fedora_33/Dockerfile +++ b/.github/dockerfiles/ov_test/fedora_33/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/fedora:33 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # dnf configuration RUN echo "timeout=60" >> /etc/dnf/dnf.conf && \ echo "retries=10" >> /etc/dnf/dnf.conf @@ -28,3 +37,11 @@ ENV PATH="$NVM_DIR/versions/node/v${NODE_VERSION}/bin/:${PATH}" ENV PIP_VERSION="24.0" RUN python3 -m pip install --upgrade pip==${PIP_VERSION} + +# Change ownership of node to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} ${NVM_DIR} + +# Switch to the non-root user +USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_test/ubuntu_20_04_arm64/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_20_04_arm64/Dockerfile index 49953d096fb8..52ca92345a01 100644 --- a/.github/dockerfiles/ov_test/ubuntu_20_04_arm64/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_20_04_arm64/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:20.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -32,6 +41,8 @@ RUN apt-get update && \ python3.11-venv \ python3.11-distutils \ libhdf5-dev \ + # to build samples + clang \ && \ rm -rf /var/lib/apt/lists/* @@ -54,3 +65,11 @@ ENV PATH="/venv/bin:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} ENV PIP_INSTALL_PATH=/venv/lib/python3.11/site-packages + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile index 929ccf5700c6..cdbe4927ca0b 100644 --- a/.github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:20.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -22,6 +31,8 @@ RUN apt-get update && \ git \ gpg-agent \ tzdata \ + # to build samples + clang \ # parallel gzip pigz \ # Samples @@ -55,3 +66,11 @@ ENV PATH="/venv/bin:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} ENV PIP_INSTALL_PATH=/venv/lib/python3.9/site-packages + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_test/ubuntu_20_04_x64_py313/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_20_04_x64_py313/Dockerfile index 57d2bb7c2264..ee4d8d7a5ef7 100644 --- a/.github/dockerfiles/ov_test/ubuntu_20_04_x64_py313/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_20_04_x64_py313/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:20.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -51,3 +60,11 @@ ENV PATH="/venv/bin:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} ENV PIP_INSTALL_PATH=/venv/lib/python3.13/site-packages + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_test/ubuntu_22_04_riscv_xuantie/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_22_04_riscv_xuantie/Dockerfile index a9304f4affec..0afa677762bf 100644 --- a/.github/dockerfiles/ov_test/ubuntu_22_04_riscv_xuantie/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_22_04_riscv_xuantie/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:22.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -54,3 +63,11 @@ RUN mkdir -p ${XUINTIE_TMP_PATH} && cd ${XUINTIE_TMP_PATH} && \ cd ${XUINTIE_SRC}/qemu && ./configure --prefix=${XUINTIE_PATH} --interp-prefix=/usr/riscv64-linux-gnu --target-list=riscv64-linux-user && \ make -j$(nproc) && make install && \ rm -rf ${XUINTIE_TMP_PATH} + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_test/ubuntu_22_04_x64/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_22_04_x64/Dockerfile index f1615bf30530..2447652bdfee 100644 --- a/.github/dockerfiles/ov_test/ubuntu_22_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_22_04_x64/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:22.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -23,6 +32,8 @@ RUN apt-get update && \ ca-certificates \ gpg-agent \ tzdata \ + # to build samples + clang \ # parallel gzip pigz \ # Samples @@ -64,3 +75,11 @@ ENV PATH="/venv/bin:$SCCACHE_HOME:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} ENV PIP_INSTALL_PATH=/venv/lib/python3.11/site-packages + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile index 630d7bed6e19..038c8f7686e0 100644 --- a/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:24.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +# Ubuntu 24 image already has a user with UID 1000 +RUN usermod -l ${USER_NAME} ubuntu + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -20,6 +29,8 @@ RUN apt-get update && \ git \ gpg-agent \ tzdata \ + # to build samples + clang \ # parallel gzip pigz \ # Samples @@ -47,3 +58,11 @@ RUN /venv/bin/python3 -m pip install --upgrade pip==${PIP_VERSION} ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} ENV PIP_INSTALL_PATH=/venv/lib/python3/site-packages + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${GROUP_ID} /venv + +# Switch to the non-root user +USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/workflows/debian_10_arm.yml b/.github/workflows/debian_10_arm.yml index ab77649cdcfb..a31c1dc1acdd 100644 --- a/.github/workflows/debian_10_arm.yml +++ b/.github/workflows/debian_10_arm.yml @@ -120,7 +120,7 @@ jobs: uses: ./.github/workflows/job_cxx_unit_tests.yml with: runner: 'aks-linux-8-cores-16gb-arm' - image: ${{ fromJSON(needs.docker.outputs.images).ov_test.debian_10_arm }} + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_test.debian_10_arm }}"}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} os: 'debian_10' diff --git a/.github/workflows/fedora_29.yml b/.github/workflows/fedora_29.yml index 23993e07fe1f..89ddc4eff8da 100644 --- a/.github/workflows/fedora_29.yml +++ b/.github/workflows/fedora_29.yml @@ -113,16 +113,16 @@ jobs: RPM_Packages: name: RPM packages - needs: [Docker, Build] + needs: Build timeout-minutes: 10 defaults: run: shell: bash - runs-on: aks-linux-4-cores-16gb + runs-on: ubuntu-22.04 container: - image: ${{ fromJSON(needs.docker.outputs.images).ov_test.fedora_33 }} + image: fedora:33 env: - RPM_PACKAGES_DIR: /__w/openvino/packages/ + RPM_PACKAGES_DIR: ${{ github.workspace }}/packages steps: - name: Download OpenVINO RPM packages @@ -174,7 +174,7 @@ jobs: uses: ./.github/workflows/job_cxx_unit_tests.yml with: runner: 'aks-linux-4-cores-16gb' - image: ${{ fromJSON(needs.docker.outputs.images).ov_build.fedora_29 }} + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_build.fedora_29 }}"}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} os: 'fedora_29' diff --git a/.github/workflows/job_build_linux.yml b/.github/workflows/job_build_linux.yml index 39e48e3442e1..e2f4a2233d75 100644 --- a/.github/workflows/job_build_linux.yml +++ b/.github/workflows/job_build_linux.yml @@ -211,7 +211,7 @@ jobs: run: | for py_version in "3.9" "3.10" "3.11" "3.12" "3.13" do - export PY_BUILD_DIR=${{ github.workspace }}/py$py_version + export PY_BUILD_DIR=${HOME}/py$py_version mkdir -p $PY_BUILD_DIR python_exec_path=$(python$py_version -c "import sys; print(sys.executable)") diff --git a/.github/workflows/job_cxx_unit_tests.yml b/.github/workflows/job_cxx_unit_tests.yml index 2dbda5149862..77574058f2f5 100644 --- a/.github/workflows/job_cxx_unit_tests.yml +++ b/.github/workflows/job_cxx_unit_tests.yml @@ -7,11 +7,11 @@ on: description: 'Machine on which the tests would run' type: string required: true - image: - description: 'Docker image in which the tests would run' + container: + description: 'JSON to be converted to the value of the "container" configuration for the job' type: string required: false - default: null + default: '{"image": null}' affected-components: description: 'Components that are affected by changes in the commit defined by the Smart CI Action' type: string @@ -38,8 +38,7 @@ jobs: name: C++ unit tests timeout-minutes: ${{ inputs.timeout-minutes }} runs-on: ${{ inputs.runner }} - container: - image: ${{ inputs.image }} + container: ${{ fromJSON(inputs.container) }} defaults: run: shell: ${{ contains(inputs.runner, 'win') && 'pwsh' || 'bash' }} diff --git a/.github/workflows/job_openvino_js.yml b/.github/workflows/job_openvino_js.yml index a8f8c914f866..a401727b42e6 100644 --- a/.github/workflows/job_openvino_js.yml +++ b/.github/workflows/job_openvino_js.yml @@ -74,7 +74,7 @@ jobs: working-directory: ${{ env.OPENVINO_JS_DIR }} run: npm run test - - name: Install electron deps and run Xvfb + - name: Run Xvfb if: runner.os == 'Linux' run: Xvfb "$DISPLAY" & diff --git a/.github/workflows/linux_arm64.yml b/.github/workflows/linux_arm64.yml index 3dc06e022c78..fea5f2b41d6f 100644 --- a/.github/workflows/linux_arm64.yml +++ b/.github/workflows/linux_arm64.yml @@ -123,8 +123,8 @@ jobs: if: ${{ 'false' }} uses: ./.github/workflows/job_debian_packages.yml with: - runner: 'aks-linux-4-cores-8gb-arm' - image: 'openvinogithubactions.azurecr.io/dockerhub/ubuntu:20.04' + runner: 'ubuntu-22.04' + image: 'ubuntu:20.04' Samples: needs: [ Build, Docker, Smart_CI ] @@ -175,7 +175,7 @@ jobs: uses: ./.github/workflows/job_cxx_unit_tests.yml with: runner: 'aks-linux-8-cores-16gb-arm' - image: ${{ fromJSON(needs.docker.outputs.images).ov_test.ubuntu_20_04_arm64 }} + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_test.ubuntu_20_04_arm64 }}"}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} os: 'ubuntu_20_04' diff --git a/.github/workflows/ubuntu_20.yml b/.github/workflows/ubuntu_20.yml index 1559c67b68ce..f64797293b77 100644 --- a/.github/workflows/ubuntu_20.yml +++ b/.github/workflows/ubuntu_20.yml @@ -125,7 +125,7 @@ jobs: uses: ./.github/workflows/job_cxx_unit_tests.yml with: runner: 'aks-linux-4-cores-16gb' - image: ${{ fromJSON(needs.docker.outputs.images).ov_test.ubuntu_20_04_x64 }} + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_test.ubuntu_20_04_x64 }}"}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} os: 'ubuntu_20_04' @@ -134,8 +134,8 @@ jobs: needs: [ Docker, Build ] uses: ./.github/workflows/job_debian_packages.yml with: - runner: 'aks-linux-4-cores-16gb' - image: 'openvinogithubactions.azurecr.io/dockerhub/ubuntu:20.04' + runner: 'ubuntu-22.04' + image: 'ubuntu:20.04' Samples: needs: [ Docker, Build, Smart_CI ] diff --git a/.github/workflows/ubuntu_22.yml b/.github/workflows/ubuntu_22.yml index de53813b1770..0a2bd3686efe 100644 --- a/.github/workflows/ubuntu_22.yml +++ b/.github/workflows/ubuntu_22.yml @@ -126,8 +126,8 @@ jobs: needs: [Docker, Build] uses: ./.github/workflows/job_debian_packages.yml with: - runner: 'aks-linux-4-cores-16gb' - image: 'openvinogithubactions.azurecr.io/dockerhub/ubuntu:22.04' + runner: 'ubuntu-22.04' + image: 'ubuntu:22.04' Samples: needs: [ Docker, Build, Smart_CI ] @@ -305,7 +305,7 @@ jobs: uses: ./.github/workflows/job_cxx_unit_tests.yml with: runner: 'aks-linux-4-cores-16gb' - image: ${{ fromJSON(needs.docker.outputs.images).ov_test.ubuntu_22_04_x64 }} + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_test.ubuntu_22_04_x64 }}"}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} os: 'ubuntu_22_04' diff --git a/.github/workflows/ubuntu_24.yml b/.github/workflows/ubuntu_24.yml index f8a67ea55f83..373bd0768e11 100644 --- a/.github/workflows/ubuntu_24.yml +++ b/.github/workflows/ubuntu_24.yml @@ -120,7 +120,7 @@ jobs: uses: ./.github/workflows/job_cxx_unit_tests.yml with: runner: 'aks-linux-4-cores-16gb' - image: ${{ fromJSON(needs.docker.outputs.images).ov_test.ubuntu_24_04_x64 }} + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_test.ubuntu_24_04_x64 }}"}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} os: 'ubuntu_24_04' @@ -129,8 +129,8 @@ jobs: needs: [ Docker, Build ] uses: ./.github/workflows/job_debian_packages.yml with: - runner: 'aks-linux-4-cores-16gb' - image: 'openvinogithubactions.azurecr.io/dockerhub/ubuntu:24.04' + runner: 'ubuntu-22.04' + image: 'ubuntu:24.04' Samples: needs: [ Docker, Build, Smart_CI ] diff --git a/cmake/developer_package/packaging/rpm/rpm.cmake b/cmake/developer_package/packaging/rpm/rpm.cmake index 564ffb5e776e..16000c926145 100644 --- a/cmake/developer_package/packaging/rpm/rpm.cmake +++ b/cmake/developer_package/packaging/rpm/rpm.cmake @@ -162,7 +162,7 @@ endmacro() ov_rpm_specific_settings() # needed to add triggers for packages with libraries -set(def_triggers "${OpenVINO_BINARY_DIR}/_CPack_Packages/triggers") +set(def_triggers "${CMAKE_CURRENT_BINARY_DIR}/_CPack_Packages/triggers") set(triggers_content "# /bin/sh -p\n/sbin/ldconfig\n") file(WRITE "${def_triggers}" "${triggers_content}") @@ -229,7 +229,7 @@ function(ov_rpm_add_rpmlint_suppression comp) endif() set(package_file_name "${package_name}-${CPACK_PACKAGE_VERSION}-1.${arch}.rpm") - set(rpmlint_override_file "${OpenVINO_BINARY_DIR}/_CPack_Packages/rpmlint/${package_file_name}.rpmlintrc") + set(rpmlint_override_file "${CMAKE_CURRENT_BINARY_DIR}/_CPack_Packages/rpmlint/${package_file_name}.rpmlintrc") file(REMOVE ${rpmlint_override_file}) file(WRITE ${rpmlint_override_file} ${content}) endfunction()