From c8e7c653006f149bcf44b28f00f6fc8c01c650c3 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Mon, 10 Feb 2025 10:56:17 +0000 Subject: [PATCH 001/104] use non-root user --- .../ov_build/ubuntu_20_04_x64/Dockerfile | 20 ++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile index 1620e674ef67d5..30a6f721ce1264 100644 --- a/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile @@ -1,7 +1,14 @@ ARG REGISTRY="docker.io" FROM ${REGISTRY}/library/ubuntu:20.04 -USER root +# Create a non-root user and group +ENV USER_NAME=openvino +ENV USER_ID=1001 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ @@ -64,3 +71,14 @@ RUN python3.9 -m venv venv ENV PATH="/venv/bin:$SCCACHE_HOME:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} + +# Change ownership of the home directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} + +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} + +# Set the working directory to the non-root user's home directory +WORKDIR /home/${USER_NAME} From 18a65ce8360d7572cb9ec2988a55cecd9dd43aaf Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Mon, 10 Feb 2025 10:59:57 +0000 Subject: [PATCH 002/104] use non-root user --- .github/workflows/ubuntu_20.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ubuntu_20.yml b/.github/workflows/ubuntu_20.yml index f78daa951ce815..fde4fa17c083a1 100644 --- a/.github/workflows/ubuntu_20.yml +++ b/.github/workflows/ubuntu_20.yml @@ -83,7 +83,7 @@ jobs: uses: ./.github/workflows/job_build_linux.yml with: runner: 'aks-linux-16-cores-32gb' - container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_build.ubuntu_20_04_x64 }}", "volumes": ["/mount:/mount"], "options": "-e SCCACHE_AZURE_BLOB_CONTAINER -e SCCACHE_AZURE_CONNECTION_STRING"}' + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_build.ubuntu_20_04_x64 }}", "volumes": ["/mount:/mount"], "options": "-e SCCACHE_AZURE_BLOB_CONTAINER -e SCCACHE_AZURE_CONNECTION_STRING --user=openvino"}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} event-name: ${{ github.event_name }} os: 'ubuntu_20_04' From bcb864ed31858f1e0b74840a35fc5b2c7d33c0e7 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Mon, 10 Feb 2025 11:00:56 +0000 Subject: [PATCH 003/104] update tag --- .github/dockerfiles/docker_tag | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/dockerfiles/docker_tag b/.github/dockerfiles/docker_tag index 37db3d46f34033..66f6393d6c9ec2 100644 --- a/.github/dockerfiles/docker_tag +++ b/.github/dockerfiles/docker_tag @@ -1 +1 @@ -pr-28725 +pr-28903 From 9ad579e15a7eaa8aba1a36846dc107ac29b2e191 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Mon, 10 Feb 2025 13:48:07 +0000 Subject: [PATCH 004/104] use id --- .github/workflows/ubuntu_20.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ubuntu_20.yml b/.github/workflows/ubuntu_20.yml index fde4fa17c083a1..89bcf3022e4af6 100644 --- a/.github/workflows/ubuntu_20.yml +++ b/.github/workflows/ubuntu_20.yml @@ -83,7 +83,7 @@ jobs: uses: ./.github/workflows/job_build_linux.yml with: runner: 'aks-linux-16-cores-32gb' - container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_build.ubuntu_20_04_x64 }}", "volumes": ["/mount:/mount"], "options": "-e SCCACHE_AZURE_BLOB_CONTAINER -e SCCACHE_AZURE_CONNECTION_STRING --user=openvino"}' + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_build.ubuntu_20_04_x64 }}", "volumes": ["/mount:/mount"], "options": "-e SCCACHE_AZURE_BLOB_CONTAINER -e SCCACHE_AZURE_CONNECTION_STRING --user=1001:1001"}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} event-name: ${{ github.event_name }} os: 'ubuntu_20_04' From 546ffe121518d8ca0e00a9bd30c6a8ef5664528d Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Mon, 10 Feb 2025 13:57:28 +0000 Subject: [PATCH 005/104] install node --- .../dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile index 30a6f721ce1264..f424676a7daef3 100644 --- a/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile @@ -72,11 +72,23 @@ ENV PATH="/venv/bin:$SCCACHE_HOME:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} +# Install Node +ENV NODE_VERSION=21.7.3 +ENV NVM_DIR=/.nvm +RUN mkdir -p $NVM_DIR +RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | bash +RUN . "$NVM_DIR/nvm.sh" && nvm install ${NODE_VERSION} +ENV PATH="$NVM_DIR/versions/node/v${NODE_VERSION}/bin/:${PATH}" + # Change ownership of the home directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} +# Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv +# Change ownership of node to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} ${NVM_DIR} + # Switch to the non-root user USER ${USER_NAME} From 80e62c0d8ec4f731e22821c882105fdbad22e912 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Mon, 10 Feb 2025 14:14:13 +0000 Subject: [PATCH 006/104] use another work dir --- .github/workflows/debian_10_arm.yml | 12 ++++++------ .github/workflows/fedora_29.yml | 12 ++++++------ .github/workflows/job_build_linux.yml | 1 + .github/workflows/linux_arm64.yml | 12 ++++++------ .github/workflows/ubuntu_22.yml | 12 ++++++------ .github/workflows/ubuntu_22_dpcpp.yml | 4 ++-- .github/workflows/ubuntu_24.yml | 12 ++++++------ 7 files changed, 33 insertions(+), 32 deletions(-) diff --git a/.github/workflows/debian_10_arm.yml b/.github/workflows/debian_10_arm.yml index c1c96a8fb2b9c3..c4bc62c3eccbb9 100644 --- a/.github/workflows/debian_10_arm.yml +++ b/.github/workflows/debian_10_arm.yml @@ -1,12 +1,12 @@ name: Debian 10 ARM on: workflow_dispatch: - pull_request: - merge_group: - push: - branches: - - master - - 'releases/**' +# pull_request: +# merge_group: +# push: +# branches: +# - master +# - 'releases/**' concurrency: # github.ref is not unique in post-commit diff --git a/.github/workflows/fedora_29.yml b/.github/workflows/fedora_29.yml index 6d128f33fca274..697196bf5df7f0 100644 --- a/.github/workflows/fedora_29.yml +++ b/.github/workflows/fedora_29.yml @@ -1,12 +1,12 @@ name: Fedora 29 (RHEL 8.4), Python 3.9 on: workflow_dispatch: - pull_request: - merge_group: - push: - branches: - - master - - 'releases/**' +# pull_request: +# merge_group: +# push: +# branches: +# - master +# - 'releases/**' concurrency: # github.ref is not unique in post-commit diff --git a/.github/workflows/job_build_linux.yml b/.github/workflows/job_build_linux.yml index ec1740d84a0052..aaff48dd93da7f 100644 --- a/.github/workflows/job_build_linux.yml +++ b/.github/workflows/job_build_linux.yml @@ -67,6 +67,7 @@ jobs: defaults: run: shell: bash + working-directory: "/home/openvino" env: DEBIAN_FRONTEND: noninteractive # to prevent apt-get from waiting user input CMAKE_BUILD_TYPE: 'Release' diff --git a/.github/workflows/linux_arm64.yml b/.github/workflows/linux_arm64.yml index ca1ca6e056e23d..a397b8e003b5b0 100644 --- a/.github/workflows/linux_arm64.yml +++ b/.github/workflows/linux_arm64.yml @@ -1,12 +1,12 @@ name: Linux ARM64 (Ubuntu 20.04, Python 3.11) on: workflow_dispatch: - pull_request: - merge_group: - push: - branches: - - master - - 'releases/**' +# pull_request: +# merge_group: +# push: +# branches: +# - master +# - 'releases/**' concurrency: # github.ref is not unique in post-commit diff --git a/.github/workflows/ubuntu_22.yml b/.github/workflows/ubuntu_22.yml index 2ab77fff5db28a..e005eed3bccf55 100644 --- a/.github/workflows/ubuntu_22.yml +++ b/.github/workflows/ubuntu_22.yml @@ -4,12 +4,12 @@ on: # at 00:00 on Wednesday and Saturday - cron: '0 0 * * 3,6' workflow_dispatch: - pull_request: - merge_group: - push: - branches: - - master - - 'releases/**' +# pull_request: +# merge_group: +# push: +# branches: +# - master +# - 'releases/**' concurrency: # github.ref is not unique in post-commit diff --git a/.github/workflows/ubuntu_22_dpcpp.yml b/.github/workflows/ubuntu_22_dpcpp.yml index ad11a31f7403bf..1e342ee8414d61 100644 --- a/.github/workflows/ubuntu_22_dpcpp.yml +++ b/.github/workflows/ubuntu_22_dpcpp.yml @@ -1,8 +1,8 @@ name: Linux (Ubuntu 22.04, Python 3.11, Intel DPC++ Compiler) on: workflow_dispatch: - pull_request: - merge_group: +# pull_request: +# merge_group: concurrency: # github.ref is not unique in post-commit diff --git a/.github/workflows/ubuntu_24.yml b/.github/workflows/ubuntu_24.yml index beac15bfbda97d..28355ca33928fc 100644 --- a/.github/workflows/ubuntu_24.yml +++ b/.github/workflows/ubuntu_24.yml @@ -1,12 +1,12 @@ name: Linux (Ubuntu 24.04, Python 3.12) on: workflow_dispatch: - pull_request: - merge_group: - push: - branches: - - master - - 'releases/**' +# pull_request: +# merge_group: +# push: +# branches: +# - master +# - 'releases/**' concurrency: # github.ref is not unique in post-commit From 437fd332fd0c0656ed8447218df64112bc845e2d Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Mon, 10 Feb 2025 14:19:21 +0000 Subject: [PATCH 007/104] specify work dir for container --- .github/workflows/ubuntu_20.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ubuntu_20.yml b/.github/workflows/ubuntu_20.yml index 89bcf3022e4af6..275fbc0fbb6213 100644 --- a/.github/workflows/ubuntu_20.yml +++ b/.github/workflows/ubuntu_20.yml @@ -83,7 +83,7 @@ jobs: uses: ./.github/workflows/job_build_linux.yml with: runner: 'aks-linux-16-cores-32gb' - container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_build.ubuntu_20_04_x64 }}", "volumes": ["/mount:/mount"], "options": "-e SCCACHE_AZURE_BLOB_CONTAINER -e SCCACHE_AZURE_CONNECTION_STRING --user=1001:1001"}' + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_build.ubuntu_20_04_x64 }}", "volumes": ["/mount:/mount"], "options": "-e SCCACHE_AZURE_BLOB_CONTAINER -e SCCACHE_AZURE_CONNECTION_STRING --user=1001:1001 -w=/home/openvino"}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} event-name: ${{ github.event_name }} os: 'ubuntu_20_04' From 1ff3b1f5b08374c3ae882ddb541e02506d542aaa Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Mon, 10 Feb 2025 14:26:36 +0000 Subject: [PATCH 008/104] spaces --- .github/workflows/ubuntu_20.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ubuntu_20.yml b/.github/workflows/ubuntu_20.yml index 275fbc0fbb6213..4a9042f14fd48f 100644 --- a/.github/workflows/ubuntu_20.yml +++ b/.github/workflows/ubuntu_20.yml @@ -83,7 +83,7 @@ jobs: uses: ./.github/workflows/job_build_linux.yml with: runner: 'aks-linux-16-cores-32gb' - container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_build.ubuntu_20_04_x64 }}", "volumes": ["/mount:/mount"], "options": "-e SCCACHE_AZURE_BLOB_CONTAINER -e SCCACHE_AZURE_CONNECTION_STRING --user=1001:1001 -w=/home/openvino"}' + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_build.ubuntu_20_04_x64 }}", "volumes": ["/mount:/mount"], "options": "-e SCCACHE_AZURE_BLOB_CONTAINER -e SCCACHE_AZURE_CONNECTION_STRING --user 1001:1001 --workdir /home/openvino"}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} event-name: ${{ github.event_name }} os: 'ubuntu_20_04' From b6575d1787c46ec2137a806868df3bd729c7ee69 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Thu, 13 Feb 2025 10:46:50 +0000 Subject: [PATCH 009/104] setup node --- .github/workflows/job_build_linux.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/job_build_linux.yml b/.github/workflows/job_build_linux.yml index 76d004b10efdc9..746d3ef1a57587 100644 --- a/.github/workflows/job_build_linux.yml +++ b/.github/workflows/job_build_linux.yml @@ -103,6 +103,11 @@ jobs: path: ${{ env.OPENVINO_REPO }} submodules: 'true' + - name: Setup Node 21 + uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0 + with: + node-version: 21 + - name: Clone OpenVINO if: ${{ inputs.os != 'fedora_29' }} uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 From ac0acfe1c39365b22fe960d86bc7371d4a4eec97 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Thu, 13 Feb 2025 11:00:41 +0000 Subject: [PATCH 010/104] create workdir --- .github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile | 3 +++ .github/workflows/job_build_linux.yml | 5 ----- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile index f424676a7daef3..35f57c08a72f27 100644 --- a/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile @@ -89,6 +89,9 @@ RUN chown -R ${USER_NAME}:${USER_NAME} /venv # Change ownership of node to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} ${NVM_DIR} +RUN mkdir -p /__w && chown -R ${USER_NAME}:${USER_NAME} /__w +RUN mkdir -p /__w/_temp && chown -R ${USER_NAME}:${USER_NAME} /__w/_temp + # Switch to the non-root user USER ${USER_NAME} diff --git a/.github/workflows/job_build_linux.yml b/.github/workflows/job_build_linux.yml index 746d3ef1a57587..76d004b10efdc9 100644 --- a/.github/workflows/job_build_linux.yml +++ b/.github/workflows/job_build_linux.yml @@ -103,11 +103,6 @@ jobs: path: ${{ env.OPENVINO_REPO }} submodules: 'true' - - name: Setup Node 21 - uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0 - with: - node-version: 21 - - name: Clone OpenVINO if: ${{ inputs.os != 'fedora_29' }} uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 From 3c76ba87cffdda0c1f464b257de4548140ae38e1 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Wed, 19 Feb 2025 11:15:58 +0000 Subject: [PATCH 011/104] test job --- .github/workflows/ubuntu_20.yml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/.github/workflows/ubuntu_20.yml b/.github/workflows/ubuntu_20.yml index 4a9042f14fd48f..44f0ea035fab30 100644 --- a/.github/workflows/ubuntu_20.yml +++ b/.github/workflows/ubuntu_20.yml @@ -72,12 +72,34 @@ jobs: id: handle_docker with: images: | + ov_build/ubuntu_22_04_x64 ov_build/ubuntu_20_04_x64 ov_test/ubuntu_20_04_x64 registry: 'openvinogithubactions.azurecr.io' dockerfiles_root_dir: '.github/dockerfiles' changed_components: ${{ needs.smart_ci.outputs.changed_components }} + Test_Job: + name: Test Job + needs: [Docker] + timeout-minutes: 150 + runs-on: 'aks-linux-16-cores-32gb' + container: + image: ${{ fromJSON(needs.docker.outputs.images).ov_build.ubuntu_22_04_x64 }} + defaults: + run: + shell: bash + steps: + - name: Checkout + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + timeout-minutes: 15 + + - name: Who am I + run: | + whoami + ls -la /__w + + Build: needs: [Docker, Smart_CI] uses: ./.github/workflows/job_build_linux.yml From c0ee5ab99fd5818e6846d2220d14d13c6d839a20 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Wed, 19 Feb 2025 12:48:42 +0000 Subject: [PATCH 012/104] w/o Docker --- .github/workflows/ubuntu_20.yml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/.github/workflows/ubuntu_20.yml b/.github/workflows/ubuntu_20.yml index 44f0ea035fab30..4a39da707837c9 100644 --- a/.github/workflows/ubuntu_20.yml +++ b/.github/workflows/ubuntu_20.yml @@ -99,6 +99,24 @@ jobs: whoami ls -la /__w + Test_Job_wo_Docker: + name: Test Job w/o Docker + needs: [Docker] + timeout-minutes: 150 + runs-on: 'aks-linux-16-cores-32gb' + defaults: + run: + shell: bash + steps: + - name: Checkout + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + timeout-minutes: 15 + + - name: Who am I + run: | + whoami + ls -la /__w + Build: needs: [Docker, Smart_CI] From bb97bd7077ff110bc74065cfdf9574f6ce21d43a Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Wed, 19 Feb 2025 13:11:07 +0000 Subject: [PATCH 013/104] different folder --- .github/workflows/ubuntu_20.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ubuntu_20.yml b/.github/workflows/ubuntu_20.yml index 4a39da707837c9..352113058bd5bc 100644 --- a/.github/workflows/ubuntu_20.yml +++ b/.github/workflows/ubuntu_20.yml @@ -115,7 +115,7 @@ jobs: - name: Who am I run: | whoami - ls -la /__w + ls -laR /runner Build: From d66754d5d554453c8eb330065e078e8650033513 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Wed, 19 Feb 2025 14:03:36 +0000 Subject: [PATCH 014/104] check id --- .github/workflows/ubuntu_20.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/ubuntu_20.yml b/.github/workflows/ubuntu_20.yml index 352113058bd5bc..2dd5d5ec4f0328 100644 --- a/.github/workflows/ubuntu_20.yml +++ b/.github/workflows/ubuntu_20.yml @@ -97,6 +97,7 @@ jobs: - name: Who am I run: | whoami + id ls -la /__w Test_Job_wo_Docker: @@ -115,6 +116,7 @@ jobs: - name: Who am I run: | whoami + id ls -laR /runner From 7be77169b5e4dc51dfd39d20c0af8af2aada175b Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Thu, 20 Feb 2025 12:13:34 +0000 Subject: [PATCH 015/104] use 1000 as user --- .github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile | 7 ++----- .github/workflows/ubuntu_20.yml | 2 +- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile index 35f57c08a72f27..fa4d8dbb9c3872 100644 --- a/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile @@ -2,8 +2,8 @@ ARG REGISTRY="docker.io" FROM ${REGISTRY}/library/ubuntu:20.04 # Create a non-root user and group -ENV USER_NAME=openvino -ENV USER_ID=1001 +ENV USER_NAME=runner +ENV USER_ID=1000 ENV GROUP_NAME=${USER_NAME} ENV GROUP_ID=${USER_ID} @@ -89,9 +89,6 @@ RUN chown -R ${USER_NAME}:${USER_NAME} /venv # Change ownership of node to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} ${NVM_DIR} -RUN mkdir -p /__w && chown -R ${USER_NAME}:${USER_NAME} /__w -RUN mkdir -p /__w/_temp && chown -R ${USER_NAME}:${USER_NAME} /__w/_temp - # Switch to the non-root user USER ${USER_NAME} diff --git a/.github/workflows/ubuntu_20.yml b/.github/workflows/ubuntu_20.yml index 2dd5d5ec4f0328..d6685994f87e7c 100644 --- a/.github/workflows/ubuntu_20.yml +++ b/.github/workflows/ubuntu_20.yml @@ -125,7 +125,7 @@ jobs: uses: ./.github/workflows/job_build_linux.yml with: runner: 'aks-linux-16-cores-32gb' - container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_build.ubuntu_20_04_x64 }}", "volumes": ["/mount:/mount"], "options": "-e SCCACHE_AZURE_BLOB_CONTAINER -e SCCACHE_AZURE_CONNECTION_STRING --user 1001:1001 --workdir /home/openvino"}' + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_build.ubuntu_20_04_x64 }}", "volumes": ["/mount:/mount"], "options": "-e SCCACHE_AZURE_BLOB_CONTAINER -e SCCACHE_AZURE_CONNECTION_STRING --user 1000:1000"}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} event-name: ${{ github.event_name }} os: 'ubuntu_20_04' From 8240c439749570c361e1d36db1c4d6ae355150cc Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Thu, 20 Feb 2025 12:54:27 +0000 Subject: [PATCH 016/104] rm workdir --- .github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile index fa4d8dbb9c3872..68b44656d1540a 100644 --- a/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile @@ -81,6 +81,7 @@ RUN . "$NVM_DIR/nvm.sh" && nvm install ${NODE_VERSION} ENV PATH="$NVM_DIR/versions/node/v${NODE_VERSION}/bin/:${PATH}" # Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} RUN chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} # Change ownership of the venv directory to the non-root user @@ -91,6 +92,3 @@ RUN chown -R ${USER_NAME}:${USER_NAME} ${NVM_DIR} # Switch to the non-root user USER ${USER_NAME} - -# Set the working directory to the non-root user's home directory -WORKDIR /home/${USER_NAME} From fb79989e9589b80b60fff284f77a8f28c52757fa Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Thu, 20 Feb 2025 13:14:42 +0000 Subject: [PATCH 017/104] check id --- .github/workflows/job_build_linux.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/job_build_linux.yml b/.github/workflows/job_build_linux.yml index 76d004b10efdc9..ffa3d161b37999 100644 --- a/.github/workflows/job_build_linux.yml +++ b/.github/workflows/job_build_linux.yml @@ -111,6 +111,12 @@ jobs: path: ${{ env.OPENVINO_REPO }} submodules: 'true' + - name: Who am I + run: | + whoami + id + echo ${HOME} + # Ticket: 139627 - name: Checkout the latest OneDNN for GPU in nightly if: ${{ inputs.event-name == 'schedule' && inputs.os == 'ubuntu_20_04' }} # GPU tests are enabled only on U20 From cd45078c1e2ec423f6c3253fb3b3a235eddbf769 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Thu, 20 Feb 2025 13:23:16 +0000 Subject: [PATCH 018/104] check with openvino --- .github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile index 68b44656d1540a..dfec72d3336fb4 100644 --- a/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile @@ -82,7 +82,9 @@ ENV PATH="$NVM_DIR/versions/node/v${NODE_VERSION}/bin/:${PATH}" # Change ownership of the home directory to the non-root user RUN mkdir -p /home/${USER_NAME} +RUN mkdir -p /home/openvino RUN chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} +RUN chown -R ${USER_NAME}:${USER_NAME} /home/openvino # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv From ee9e02f3cd2dbe841964edd6f1800920479a696b Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Fri, 21 Feb 2025 10:41:25 +0000 Subject: [PATCH 019/104] combine commands --- .github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile index dfec72d3336fb4..824a3c1a75adaa 100644 --- a/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile @@ -81,10 +81,8 @@ RUN . "$NVM_DIR/nvm.sh" && nvm install ${NODE_VERSION} ENV PATH="$NVM_DIR/versions/node/v${NODE_VERSION}/bin/:${PATH}" # Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} -RUN mkdir -p /home/openvino -RUN chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} -RUN chown -R ${USER_NAME}:${USER_NAME} /home/openvino +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} +RUN mkdir -p /home/openvino && chown -R ${USER_NAME}:${USER_NAME} /home/openvino # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv From d97545c7030ce3e91eb7dda8e2cda7593d70eaaf Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Tue, 25 Feb 2025 09:56:15 +0000 Subject: [PATCH 020/104] add rw --- .github/workflows/ubuntu_20.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ubuntu_20.yml b/.github/workflows/ubuntu_20.yml index d6685994f87e7c..205432e7f0193e 100644 --- a/.github/workflows/ubuntu_20.yml +++ b/.github/workflows/ubuntu_20.yml @@ -125,7 +125,7 @@ jobs: uses: ./.github/workflows/job_build_linux.yml with: runner: 'aks-linux-16-cores-32gb' - container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_build.ubuntu_20_04_x64 }}", "volumes": ["/mount:/mount"], "options": "-e SCCACHE_AZURE_BLOB_CONTAINER -e SCCACHE_AZURE_CONNECTION_STRING --user 1000:1000"}' + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_build.ubuntu_20_04_x64 }}", "volumes": ["/mount:/mount:rw"], "options": "-e SCCACHE_AZURE_BLOB_CONTAINER -e SCCACHE_AZURE_CONNECTION_STRING --user 1000:1000"}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} event-name: ${{ github.event_name }} os: 'ubuntu_20_04' From 8efd60118509ae84cdeb230a07bd097013af79aa Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Tue, 25 Feb 2025 10:47:21 +0000 Subject: [PATCH 021/104] check mount --- .github/workflows/job_build_linux.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/job_build_linux.yml b/.github/workflows/job_build_linux.yml index ffa3d161b37999..9a4e5e320c78f0 100644 --- a/.github/workflows/job_build_linux.yml +++ b/.github/workflows/job_build_linux.yml @@ -116,6 +116,7 @@ jobs: whoami id echo ${HOME} + ls -la /mount # Ticket: 139627 - name: Checkout the latest OneDNN for GPU in nightly From ff35ed88d2dc3acbbf7bb69ff1224ddf61b471dc Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Wed, 26 Mar 2025 10:24:02 +0000 Subject: [PATCH 022/104] try a non-root user with the test job --- .../ov_test/ubuntu_20_04_x64/Dockerfile | 19 ++++++++++ .github/workflows/job_build_linux.yml | 36 +++++++++---------- .github/workflows/job_cxx_unit_tests.yml | 9 +++-- .github/workflows/ubuntu_20.yml | 2 +- 4 files changed, 42 insertions(+), 24 deletions(-) diff --git a/.github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile index 9c6b4b08f498fa..a0e9e75af31691 100644 --- a/.github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:20.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -52,3 +61,13 @@ ENV PATH="/venv/bin:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} ENV PIP_INSTALL_PATH=/venv/lib/python3.9/site-packages + +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} +RUN mkdir -p /home/openvino && chown -R ${USER_NAME}:${USER_NAME} /home/openvino + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} diff --git a/.github/workflows/job_build_linux.yml b/.github/workflows/job_build_linux.yml index 5ba2d54209f70c..9df016aeb30525 100644 --- a/.github/workflows/job_build_linux.yml +++ b/.github/workflows/job_build_linux.yml @@ -347,21 +347,21 @@ jobs: mkdir deb && mv *.deb deb/ popd - - name: Store artifacts to a shared drive - id: store_artifacts - if: ${{ always() }} - uses: ./openvino/.github/actions/store_artifacts - with: - artifacts: | - ${{ env.BUILD_DIR }}/openvino_package.tar.gz - ${{ env.BUILD_DIR }}/openvino_developer_package.tar.gz - ${{ env.BUILD_DIR }}/openvino_tests.tar.gz - ${{ env.BUILD_DIR }}/deb - ${{ env.MANIFEST_PATH }} - ${{ env.STORE_JS == 'true' && format('{0}/openvino_js_package.tar.gz', env.BUILD_DIR) || '' }} - ${{ env.STORE_WHEELS == 'true' && format('{0}/wheels', env.INSTALL_WHEELS_DIR) || '' }} - storage_dir: ${{ env.PRODUCT_TYPE }} - storage_root: ${{ env.ARTIFACTS_SHARE }} - env: - STORE_WHEELS: ${{ inputs.os != 'debian_10' && inputs.arch != 'arm' }} - STORE_JS: ${{ fromJSON(inputs.affected-components).JS_API && inputs.build-js }} +# - name: Store artifacts to a shared drive +# id: store_artifacts +# if: ${{ always() }} +# uses: ./openvino/.github/actions/store_artifacts +# with: +# artifacts: | +# ${{ env.BUILD_DIR }}/openvino_package.tar.gz +# ${{ env.BUILD_DIR }}/openvino_developer_package.tar.gz +# ${{ env.BUILD_DIR }}/openvino_tests.tar.gz +# ${{ env.BUILD_DIR }}/deb +# ${{ env.MANIFEST_PATH }} +# ${{ env.STORE_JS == 'true' && format('{0}/openvino_js_package.tar.gz', env.BUILD_DIR) || '' }} +# ${{ env.STORE_WHEELS == 'true' && format('{0}/wheels', env.INSTALL_WHEELS_DIR) || '' }} +# storage_dir: ${{ env.PRODUCT_TYPE }} +# storage_root: ${{ env.ARTIFACTS_SHARE }} +# env: +# STORE_WHEELS: ${{ inputs.os != 'debian_10' && inputs.arch != 'arm' }} +# STORE_JS: ${{ fromJSON(inputs.affected-components).JS_API && inputs.build-js }} diff --git a/.github/workflows/job_cxx_unit_tests.yml b/.github/workflows/job_cxx_unit_tests.yml index dd33fbf3a1698d..fecb6a4d88b079 100644 --- a/.github/workflows/job_cxx_unit_tests.yml +++ b/.github/workflows/job_cxx_unit_tests.yml @@ -7,11 +7,11 @@ on: description: 'Machine on which the tests would run' type: string required: true - image: - description: 'Docker image in which the tests would run' + container: + description: 'JSON to be converted to the value of the "container" configuration for the job' type: string required: false - default: null + default: '{"image": null}' affected-components: description: 'Components that are affected by changes in the commit defined by the Smart CI Action' type: string @@ -38,8 +38,7 @@ jobs: name: C++ unit tests timeout-minutes: ${{ inputs.timeout-minutes }} runs-on: ${{ inputs.runner }} - container: - image: ${{ inputs.image }} + container: ${{ fromJSON(inputs.container) }} defaults: run: shell: ${{ contains(inputs.runner, 'win') && 'pwsh' || 'bash' }} diff --git a/.github/workflows/ubuntu_20.yml b/.github/workflows/ubuntu_20.yml index 205432e7f0193e..9a4c0ef8f617b2 100644 --- a/.github/workflows/ubuntu_20.yml +++ b/.github/workflows/ubuntu_20.yml @@ -151,7 +151,7 @@ jobs: uses: ./.github/workflows/job_cxx_unit_tests.yml with: runner: 'aks-linux-4-cores-16gb' - image: ${{ fromJSON(needs.docker.outputs.images).ov_test.ubuntu_20_04_x64 }} + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_test.ubuntu_20_04_x64 }}", "options": "--user 1000:1000"}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} os: 'ubuntu_20_04' From b3afd93741a64c68ce4a57dcc12fd4debba79eb7 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Tue, 1 Apr 2025 09:55:03 +0100 Subject: [PATCH 023/104] use in samples --- .github/workflows/ubuntu_20.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ubuntu_20.yml b/.github/workflows/ubuntu_20.yml index 60ed312a3bf32b..6d4612aae6a807 100644 --- a/.github/workflows/ubuntu_20.yml +++ b/.github/workflows/ubuntu_20.yml @@ -125,7 +125,7 @@ jobs: uses: ./.github/workflows/job_build_linux.yml with: runner: 'aks-linux-16-cores-32gb' - container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_build.ubuntu_20_04_x64 }}", "volumes": ["/mount:/mount:rw"], "options": "-e SCCACHE_AZURE_BLOB_CONTAINER -e SCCACHE_AZURE_CONNECTION_STRING --user 1000:1000"}' + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_build.ubuntu_20_04_x64 }}", "volumes": ["/mount:/mount"], "options": "-e SCCACHE_AZURE_BLOB_CONTAINER -e SCCACHE_AZURE_CONNECTION_STRING --user 1000:1000"}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} event-name: ${{ github.event_name }} os: 'ubuntu_20_04' @@ -169,7 +169,7 @@ jobs: uses: ./.github/workflows/job_samples_tests.yml with: runner: 'aks-linux-4-cores-16gb' - container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_test.ubuntu_20_04_x64 }}", "volumes": ["/mount:/mount"]}' + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_test.ubuntu_20_04_x64 }}", "volumes": ["/mount:/mount"], "options": "--user 1000:1000"}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} iGPU: From dcccc9039ee98b3d0761b0c3bab98999aa5f64dc Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Tue, 1 Apr 2025 10:01:23 +0100 Subject: [PATCH 024/104] enable U22 --- .../ov_build/ubuntu_22_04_x64/Dockerfile | 23 +++++++++++++++++++ .github/workflows/ubuntu_22.yml | 14 +++++------ 2 files changed, 30 insertions(+), 7 deletions(-) diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile index 56dffb11e7ce12..6b6cd6e7cc4502 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:22.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -72,3 +81,17 @@ RUN mkdir -p $NVM_DIR RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | bash RUN . "$NVM_DIR/nvm.sh" && nvm install ${NODE_VERSION} ENV PATH="$NVM_DIR/versions/node/v${NODE_VERSION}/bin/:${PATH}" + +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} +RUN mkdir -p /home/openvino && chown -R ${USER_NAME}:${USER_NAME} /home/openvino + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Change ownership of node to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} ${NVM_DIR} + +# Switch to the non-root user +USER ${USER_NAME} + diff --git a/.github/workflows/ubuntu_22.yml b/.github/workflows/ubuntu_22.yml index 2647ec5ed0ef08..ba13a123514c22 100644 --- a/.github/workflows/ubuntu_22.yml +++ b/.github/workflows/ubuntu_22.yml @@ -4,12 +4,12 @@ on: # at 00:00 on Wednesday and Saturday - cron: '0 0 * * 3,6' workflow_dispatch: -# pull_request: -# merge_group: -# push: -# branches: -# - master -# - 'releases/**' + pull_request: + merge_group: + push: + branches: + - master + - 'releases/**' concurrency: # github.ref is not unique in post-commit @@ -86,7 +86,7 @@ jobs: uses: ./.github/workflows/job_build_linux.yml with: runner: 'aks-linux-16-cores-32gb' - container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_build.ubuntu_22_04_x64 }}", "volumes": ["/mount:/mount"], "options": "-e SCCACHE_AZURE_BLOB_CONTAINER -e SCCACHE_AZURE_CONNECTION_STRING"}' + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_build.ubuntu_22_04_x64 }}", "volumes": ["/mount:/mount"], "options": "-e SCCACHE_AZURE_BLOB_CONTAINER -e SCCACHE_AZURE_CONNECTION_STRING --user 1000:1000"}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} event-name: ${{ github.event_name }} os: 'ubuntu_22_04' From 6deb1e2b82bdfdc4226dc70933ae2c0cda610fac Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Tue, 1 Apr 2025 10:18:59 +0100 Subject: [PATCH 025/104] fix input for cxx job --- .../ov_test/ubuntu_22_04_x64/Dockerfile | 19 +++++++++++++++++++ .github/workflows/ubuntu_22.yml | 2 +- 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/.github/dockerfiles/ov_test/ubuntu_22_04_x64/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_22_04_x64/Dockerfile index e2671de629f39a..04cfd9b176e71a 100644 --- a/.github/dockerfiles/ov_test/ubuntu_22_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_22_04_x64/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:22.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -62,3 +71,13 @@ ENV PATH="/venv/bin:$SCCACHE_HOME:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} ENV PIP_INSTALL_PATH=/venv/lib/python3.11/site-packages + +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} +RUN mkdir -p /home/openvino && chown -R ${USER_NAME}:${USER_NAME} /home/openvino + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} diff --git a/.github/workflows/ubuntu_22.yml b/.github/workflows/ubuntu_22.yml index ba13a123514c22..1ec3e7f0c756d1 100644 --- a/.github/workflows/ubuntu_22.yml +++ b/.github/workflows/ubuntu_22.yml @@ -289,7 +289,7 @@ jobs: uses: ./.github/workflows/job_cxx_unit_tests.yml with: runner: 'aks-linux-4-cores-16gb' - image: ${{ fromJSON(needs.docker.outputs.images).ov_test.ubuntu_22_04_x64 }} + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_test.ubuntu_22_04_x64 }}", "options": "--user 1000:1000"}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} os: 'ubuntu_22_04' From 6347b1e0c76b3fac567c6d55c050bf4db7c61b2a Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Tue, 1 Apr 2025 12:24:24 +0100 Subject: [PATCH 026/104] mv clang installation to Docker --- .github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile | 2 ++ .github/dockerfiles/ov_test/ubuntu_22_04_x64/Dockerfile | 2 ++ .github/workflows/job_samples_tests.yml | 1 - .github/workflows/ubuntu_20.yml | 6 +++--- .github/workflows/ubuntu_22.yml | 4 ++-- 5 files changed, 9 insertions(+), 6 deletions(-) diff --git a/.github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile index a0e9e75af31691..480776866f7b0a 100644 --- a/.github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile @@ -31,6 +31,8 @@ RUN apt-get update && \ git \ gpg-agent \ tzdata \ + # to build samples + clang \ # parallel gzip pigz \ # Python diff --git a/.github/dockerfiles/ov_test/ubuntu_22_04_x64/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_22_04_x64/Dockerfile index 04cfd9b176e71a..fb59f85ecd3f4f 100644 --- a/.github/dockerfiles/ov_test/ubuntu_22_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_22_04_x64/Dockerfile @@ -32,6 +32,8 @@ RUN apt-get update && \ ca-certificates \ gpg-agent \ tzdata \ + # to build samples + clang \ # parallel gzip pigz \ # Python diff --git a/.github/workflows/job_samples_tests.yml b/.github/workflows/job_samples_tests.yml index 4af7ff84c51e6d..0dfc80d2b88b4f 100644 --- a/.github/workflows/job_samples_tests.yml +++ b/.github/workflows/job_samples_tests.yml @@ -97,7 +97,6 @@ jobs: - name: Build cpp samples - Clang if: runner.os == 'Linux' run: | - apt-get update && apt-get install -y clang $INSTALL_DIR/samples/cpp/build_samples.sh -i $INSTALL_DIR -b $BUILD_DIR/cpp_samples_clang env: CC: clang diff --git a/.github/workflows/ubuntu_20.yml b/.github/workflows/ubuntu_20.yml index 6d4612aae6a807..464c4b5141131f 100644 --- a/.github/workflows/ubuntu_20.yml +++ b/.github/workflows/ubuntu_20.yml @@ -125,7 +125,7 @@ jobs: uses: ./.github/workflows/job_build_linux.yml with: runner: 'aks-linux-16-cores-32gb' - container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_build.ubuntu_20_04_x64 }}", "volumes": ["/mount:/mount"], "options": "-e SCCACHE_AZURE_BLOB_CONTAINER -e SCCACHE_AZURE_CONNECTION_STRING --user 1000:1000"}' + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_build.ubuntu_20_04_x64 }}", "volumes": ["/mount:/mount"], "options": "-e SCCACHE_AZURE_BLOB_CONTAINER -e SCCACHE_AZURE_CONNECTION_STRING"}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} event-name: ${{ github.event_name }} os: 'ubuntu_20_04' @@ -151,7 +151,7 @@ jobs: uses: ./.github/workflows/job_cxx_unit_tests.yml with: runner: 'aks-linux-4-cores-16gb' - container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_test.ubuntu_20_04_x64 }}", "options": "--user 1000:1000"}' + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_test.ubuntu_20_04_x64 }}"}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} os: 'ubuntu_20_04' @@ -169,7 +169,7 @@ jobs: uses: ./.github/workflows/job_samples_tests.yml with: runner: 'aks-linux-4-cores-16gb' - container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_test.ubuntu_20_04_x64 }}", "volumes": ["/mount:/mount"], "options": "--user 1000:1000"}' + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_test.ubuntu_20_04_x64 }}", "volumes": ["/mount:/mount"]}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} iGPU: diff --git a/.github/workflows/ubuntu_22.yml b/.github/workflows/ubuntu_22.yml index 1ec3e7f0c756d1..61208d3e844707 100644 --- a/.github/workflows/ubuntu_22.yml +++ b/.github/workflows/ubuntu_22.yml @@ -86,7 +86,7 @@ jobs: uses: ./.github/workflows/job_build_linux.yml with: runner: 'aks-linux-16-cores-32gb' - container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_build.ubuntu_22_04_x64 }}", "volumes": ["/mount:/mount"], "options": "-e SCCACHE_AZURE_BLOB_CONTAINER -e SCCACHE_AZURE_CONNECTION_STRING --user 1000:1000"}' + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_build.ubuntu_22_04_x64 }}", "volumes": ["/mount:/mount"], "options": "-e SCCACHE_AZURE_BLOB_CONTAINER -e SCCACHE_AZURE_CONNECTION_STRING"}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} event-name: ${{ github.event_name }} os: 'ubuntu_22_04' @@ -289,7 +289,7 @@ jobs: uses: ./.github/workflows/job_cxx_unit_tests.yml with: runner: 'aks-linux-4-cores-16gb' - container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_test.ubuntu_22_04_x64 }}", "options": "--user 1000:1000"}' + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_test.ubuntu_22_04_x64 }}"}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} os: 'ubuntu_22_04' From dc4e256f9dc903981a852dd23bc4ae0d5d3ad2db Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Thu, 17 Apr 2025 11:02:29 +0100 Subject: [PATCH 027/104] rm --- .github/workflows/job_build_linux.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/job_build_linux.yml b/.github/workflows/job_build_linux.yml index 64a959cd5fcc32..d10a8f2ca5f296 100644 --- a/.github/workflows/job_build_linux.yml +++ b/.github/workflows/job_build_linux.yml @@ -72,7 +72,6 @@ jobs: defaults: run: shell: bash - working-directory: "/home/openvino" env: DEBIAN_FRONTEND: noninteractive # to prevent apt-get from waiting user input CMAKE_BUILD_TYPE: 'Release' From f2a3f9ccdcbb7560266d22419c35e976bf8bd315 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Thu, 17 Apr 2025 11:41:38 +0100 Subject: [PATCH 028/104] use user-owned dir --- .github/workflows/job_build_linux.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/job_build_linux.yml b/.github/workflows/job_build_linux.yml index d10a8f2ca5f296..d91888dcc66b09 100644 --- a/.github/workflows/job_build_linux.yml +++ b/.github/workflows/job_build_linux.yml @@ -213,7 +213,7 @@ jobs: run: | for py_version in "3.9" "3.10" "3.11" "3.12" "3.13" do - export PY_BUILD_DIR=${{ github.workspace }}/py$py_version + export PY_BUILD_DIR=/home/openvino/py$py_version mkdir -p $PY_BUILD_DIR python_exec_path=$(python$py_version -c "import sys; print(sys.executable)") From 8775b4d36c4b7eb60665b8499d98c211389b65e5 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Thu, 17 Apr 2025 12:48:17 +0100 Subject: [PATCH 029/104] mv package install from job to Docker --- .../ov_build/ubuntu_22_04_x64/Dockerfile | 8 +++++++ .github/workflows/job_build_linux.yml | 3 ++- .github/workflows/job_onnx_runtime.yml | 5 ----- .github/workflows/ubuntu_20.yml | 22 ------------------- 4 files changed, 10 insertions(+), 28 deletions(-) diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile index 4ce3758b75315f..b340265d813761 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile @@ -32,6 +32,8 @@ RUN apt-get update && \ gpg-agent \ tzdata \ libtbb2 \ + # ONNX Runtime build + language-pack-en \ # parallel gzip pigz \ # Pythons @@ -50,6 +52,8 @@ RUN apt-get update && \ python3.13-venv \ # For Java API default-jdk \ + # OpenVINO JS API + libgtk-3-0 \ && \ rm -rf /var/lib/apt/lists/* @@ -70,6 +74,10 @@ RUN mkdir ${SCCACHE_HOME} && cd ${SCCACHE_HOME} && \ tar -xzf ${SCCACHE_ARCHIVE} --strip-components=1 && rm ${SCCACHE_ARCHIVE} ENV PATH="$SCCACHE_HOME:$PATH" + +# ONNX Runtime, see https://github.com/microsoft/onnxruntime/issues/13197#issuecomment-1264542497 +RUN locale-gen en_US.UTF-8 && update-locale LANG=en_US.UTF-8 + # Setup pip ENV PIP_VERSION="24.0" RUN curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py && \ diff --git a/.github/workflows/job_build_linux.yml b/.github/workflows/job_build_linux.yml index d91888dcc66b09..fd49ff6c830d9a 100644 --- a/.github/workflows/job_build_linux.yml +++ b/.github/workflows/job_build_linux.yml @@ -82,6 +82,7 @@ jobs: SCCACHE_ERROR_LOG: /__w/openvino/sccache_log.txt SCCACHE_LOG: warn GITHUB_WORKSPACE: /__w/openvino/openvino + USER_HOME_DIR: /home/openvino OPENVINO_REPO: /__w/openvino/openvino/openvino OPENVINO_CONTRIB_REPO: /__w/openvino/openvino/openvino_contrib INSTALL_DIR: /__w/openvino/openvino/openvino_install @@ -213,7 +214,7 @@ jobs: run: | for py_version in "3.9" "3.10" "3.11" "3.12" "3.13" do - export PY_BUILD_DIR=/home/openvino/py$py_version + export PY_BUILD_DIR=${USER_HOME_DIR}/py$py_version mkdir -p $PY_BUILD_DIR python_exec_path=$(python$py_version -c "import sys; print(sys.executable)") diff --git a/.github/workflows/job_onnx_runtime.yml b/.github/workflows/job_onnx_runtime.yml index 7a964986a6671d..82746465eef017 100644 --- a/.github/workflows/job_onnx_runtime.yml +++ b/.github/workflows/job_onnx_runtime.yml @@ -112,11 +112,6 @@ jobs: - name: Run onnxruntime_test_all if: ${{ runner.arch != 'ARM64' }} # Ticket: 126277 run: | - # see https://github.com/microsoft/onnxruntime/issues/13197#issuecomment-1264542497 - apt-get update && apt-get install --assume-yes --no-install-recommends language-pack-en - locale-gen en_US.UTF-8 - update-locale LANG=en_US.UTF-8 - source ${INSTALL_DIR}/setupvars.sh skip_tests=$(tr -s '\n ' ':' < ${ONNX_RUNTIME_UTILS}/skip_tests) diff --git a/.github/workflows/ubuntu_20.yml b/.github/workflows/ubuntu_20.yml index c374d15afb9b4b..af850128358c7c 100644 --- a/.github/workflows/ubuntu_20.yml +++ b/.github/workflows/ubuntu_20.yml @@ -72,34 +72,12 @@ jobs: id: handle_docker with: images: | - ov_build/ubuntu_22_04_x64 ov_build/ubuntu_20_04_x64 ov_test/ubuntu_20_04_x64 registry: 'openvinogithubactions.azurecr.io' dockerfiles_root_dir: '.github/dockerfiles' changed_components: ${{ needs.smart_ci.outputs.changed_components }} - Test_Job: - name: Test Job - needs: [Docker] - timeout-minutes: 150 - runs-on: 'aks-linux-16-cores-32gb' - container: - image: ${{ fromJSON(needs.docker.outputs.images).ov_build.ubuntu_22_04_x64 }} - defaults: - run: - shell: bash - steps: - - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - timeout-minutes: 15 - - - name: Who am I - run: | - whoami - id - ls -la /__w - Test_Job_wo_Docker: name: Test Job w/o Docker needs: [Docker] From efc58751671ae924213f71a9c77503aba586aa7b Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Thu, 17 Apr 2025 13:27:59 +0100 Subject: [PATCH 030/104] add another missing lib --- .github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile index b340265d813761..be066d960bc653 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile @@ -54,6 +54,7 @@ RUN apt-get update && \ default-jdk \ # OpenVINO JS API libgtk-3-0 \ + libgbm-dev \ && \ rm -rf /var/lib/apt/lists/* From 7375589ca9483134a13391403c4179a8df050710 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Thu, 17 Apr 2025 14:43:08 +0100 Subject: [PATCH 031/104] add missing packages, rm from the job --- .github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile | 3 ++- .github/workflows/job_openvino_js.yml | 6 ++---- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile index be066d960bc653..c22d310435de41 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile @@ -54,7 +54,8 @@ RUN apt-get update && \ default-jdk \ # OpenVINO JS API libgtk-3-0 \ - libgbm-dev \ + libgbm1 \ + xvfb \ && \ rm -rf /var/lib/apt/lists/* diff --git a/.github/workflows/job_openvino_js.yml b/.github/workflows/job_openvino_js.yml index 6425ecdd7db3ff..d11ce7eb2f8107 100644 --- a/.github/workflows/job_openvino_js.yml +++ b/.github/workflows/job_openvino_js.yml @@ -74,11 +74,9 @@ jobs: working-directory: ${{ env.OPENVINO_JS_DIR }}/node run: npm run test - - name: Install electron deps and run Xvfb + - name: Run Xvfb if: runner.os == 'Linux' - run: | - apt-get update && apt-get install -y xvfb libgtk-3-0 libgbm1 - Xvfb "$DISPLAY" & + run: Xvfb "$DISPLAY" & - name: E2E of openvino-node package working-directory: ${{ env.OPENVINO_JS_DIR }}/node From bdffab6fcaaf6af683a1007ad4f69af387b6ae86 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Fri, 18 Apr 2025 09:30:50 +0100 Subject: [PATCH 032/104] add non-root to U24 --- .../ubuntu_22_04_x64_nvidia/Dockerfile | 19 +++++++++++++++++++ .../ov_build/ubuntu_24_04_x64/Dockerfile | 19 +++++++++++++++++++ .../ov_test/ubuntu_24_04_x64/Dockerfile | 19 +++++++++++++++++++ .github/workflows/ubuntu_24.yml | 12 ++++++------ 4 files changed, 63 insertions(+), 6 deletions(-) diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_nvidia/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_nvidia/Dockerfile index 19f3e136995dc3..b2eeb8f3bc373f 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_nvidia/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_nvidia/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/nvidia/cuda:11.8.0-runtime-ubuntu22.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -73,3 +82,13 @@ RUN python3.11 -m venv venv ENV PATH="/venv/bin:$SCCACHE_HOME:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} + +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} +RUN mkdir -p /home/openvino && chown -R ${USER_NAME}:${USER_NAME} /home/openvino + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} \ No newline at end of file diff --git a/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile index 622441838a2f3d..48aa8888de04c3 100644 --- a/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:24.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -80,3 +89,13 @@ RUN /venv/bin/python3 -m pip install --upgrade pip==${PIP_VERSION} && \ python3.13 -m pip install --upgrade pip==${PIP_VERSION} ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} + +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} +RUN mkdir -p /home/openvino && chown -R ${USER_NAME}:${USER_NAME} /home/openvino + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} diff --git a/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile index 4cb29c0174476f..a441825884e844 100644 --- a/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:24.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -45,3 +54,13 @@ RUN /venv/bin/python3 -m pip install --upgrade pip==${PIP_VERSION} ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} ENV PIP_INSTALL_PATH=/venv/lib/python3/site-packages + +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} +RUN mkdir -p /home/openvino && chown -R ${USER_NAME}:${USER_NAME} /home/openvino + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} diff --git a/.github/workflows/ubuntu_24.yml b/.github/workflows/ubuntu_24.yml index 59489de2329b48..f790a931f08a3b 100644 --- a/.github/workflows/ubuntu_24.yml +++ b/.github/workflows/ubuntu_24.yml @@ -1,12 +1,12 @@ name: Linux (Ubuntu 24.04, Python 3.12) on: workflow_dispatch: -# pull_request: -# merge_group: -# push: -# branches: -# - master -# - 'releases/**' + pull_request: + merge_group: + push: + branches: + - master + - 'releases/**' concurrency: # github.ref is not unique in post-commit From 3bd653139c21ed5083420a405f438c1c4bf7b89c Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Fri, 18 Apr 2025 09:56:12 +0100 Subject: [PATCH 033/104] fix input for cxx job, rm dubplicate --- .github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile | 1 - .github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile | 1 - .../dockerfiles/ov_build/ubuntu_22_04_x64_nvidia/Dockerfile | 1 - .github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile | 1 - .github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile | 1 - .github/dockerfiles/ov_test/ubuntu_22_04_x64/Dockerfile | 1 - .github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile | 5 ++--- .github/workflows/job_build_linux.yml | 2 +- .github/workflows/ubuntu_24.yml | 2 +- 9 files changed, 4 insertions(+), 11 deletions(-) diff --git a/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile index 31202f9fd2eb7c..30f2c5443389de 100644 --- a/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile @@ -96,7 +96,6 @@ ENV PATH="$NVM_DIR/versions/node/v${NODE_VERSION}/bin/:${PATH}" # Change ownership of the home directory to the non-root user RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} -RUN mkdir -p /home/openvino && chown -R ${USER_NAME}:${USER_NAME} /home/openvino # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile index 12fcd3a0e82a5e..ac23ab8b55fd50 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile @@ -108,7 +108,6 @@ ENV PATH="$NVM_DIR/versions/node/v${NODE_VERSION}/bin/:${PATH}" # Change ownership of the home directory to the non-root user RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} -RUN mkdir -p /home/openvino && chown -R ${USER_NAME}:${USER_NAME} /home/openvino # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_nvidia/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_nvidia/Dockerfile index 6b41747c895757..5f7a5b391c7f41 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_nvidia/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_nvidia/Dockerfile @@ -85,7 +85,6 @@ ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} # Change ownership of the home directory to the non-root user RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} -RUN mkdir -p /home/openvino && chown -R ${USER_NAME}:${USER_NAME} /home/openvino # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv diff --git a/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile index cc473890f52b4e..d65ccad77d23d9 100644 --- a/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile @@ -92,7 +92,6 @@ ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} # Change ownership of the home directory to the non-root user RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} -RUN mkdir -p /home/openvino && chown -R ${USER_NAME}:${USER_NAME} /home/openvino # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv diff --git a/.github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile index 480776866f7b0a..0acfcb3fdd32fa 100644 --- a/.github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile @@ -66,7 +66,6 @@ ENV PIP_INSTALL_PATH=/venv/lib/python3.9/site-packages # Change ownership of the home directory to the non-root user RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} -RUN mkdir -p /home/openvino && chown -R ${USER_NAME}:${USER_NAME} /home/openvino # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv diff --git a/.github/dockerfiles/ov_test/ubuntu_22_04_x64/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_22_04_x64/Dockerfile index fb59f85ecd3f4f..6f66a8fd88a398 100644 --- a/.github/dockerfiles/ov_test/ubuntu_22_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_22_04_x64/Dockerfile @@ -76,7 +76,6 @@ ENV PIP_INSTALL_PATH=/venv/lib/python3.11/site-packages # Change ownership of the home directory to the non-root user RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} -RUN mkdir -p /home/openvino && chown -R ${USER_NAME}:${USER_NAME} /home/openvino # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv diff --git a/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile index a441825884e844..c7792d47e49ed8 100644 --- a/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile @@ -9,8 +9,8 @@ ENV USER_ID=1000 ENV GROUP_NAME=${USER_NAME} ENV GROUP_ID=${USER_ID} -RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} -RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash +# Ubuntu 24 images already has a user with UID 1000 +RUN usermod -l openvino ubuntu # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ @@ -57,7 +57,6 @@ ENV PIP_INSTALL_PATH=/venv/lib/python3/site-packages # Change ownership of the home directory to the non-root user RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} -RUN mkdir -p /home/openvino && chown -R ${USER_NAME}:${USER_NAME} /home/openvino # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv diff --git a/.github/workflows/job_build_linux.yml b/.github/workflows/job_build_linux.yml index 7bb285981cf754..875d7bfd48a37c 100644 --- a/.github/workflows/job_build_linux.yml +++ b/.github/workflows/job_build_linux.yml @@ -82,7 +82,7 @@ jobs: SCCACHE_ERROR_LOG: /__w/openvino/sccache_log.txt SCCACHE_LOG: warn GITHUB_WORKSPACE: /__w/openvino/openvino - USER_HOME_DIR: /home/openvino + USER_HOME_DIR: /home/runner OPENVINO_REPO: /__w/openvino/openvino/openvino OPENVINO_CONTRIB_REPO: /__w/openvino/openvino/openvino_contrib INSTALL_DIR: /__w/openvino/openvino/openvino_install diff --git a/.github/workflows/ubuntu_24.yml b/.github/workflows/ubuntu_24.yml index f688281710f12e..d4581a1122c381 100644 --- a/.github/workflows/ubuntu_24.yml +++ b/.github/workflows/ubuntu_24.yml @@ -106,7 +106,7 @@ jobs: uses: ./.github/workflows/job_cxx_unit_tests.yml with: runner: 'aks-linux-4-cores-16gb' - image: ${{ fromJSON(needs.docker.outputs.images).ov_test.ubuntu_24_04_x64 }} + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_test.ubuntu_24_04_x64 }}"}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} os: 'ubuntu_24_04' From a9d16d5a7b28242d716ed82c7de2c1e2edacb100 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Fri, 18 Apr 2025 10:06:57 +0100 Subject: [PATCH 034/104] fix username --- .github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile | 4 ++-- .github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile index d65ccad77d23d9..a3129d95616ad4 100644 --- a/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile @@ -9,8 +9,8 @@ ENV USER_ID=1000 ENV GROUP_NAME=${USER_NAME} ENV GROUP_ID=${USER_ID} -RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} -RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash +# Ubuntu 24 images already has a user with UID 1000 +RUN usermod -l ${USER_NAME} ubuntu # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ diff --git a/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile index c7792d47e49ed8..7ed09a589b9098 100644 --- a/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile @@ -10,7 +10,7 @@ ENV GROUP_NAME=${USER_NAME} ENV GROUP_ID=${USER_ID} # Ubuntu 24 images already has a user with UID 1000 -RUN usermod -l openvino ubuntu +RUN usermod -l ${USER_NAME} ubuntu # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ From 762ddc3d8c341ab8ebe8597d4ef57884d87187b2 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Fri, 18 Apr 2025 11:51:46 +0100 Subject: [PATCH 035/104] use group ID --- .github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile index a3129d95616ad4..f455be7357cfaf 100644 --- a/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile @@ -91,10 +91,10 @@ RUN /venv/bin/python3 -m pip install --upgrade pip==${PIP_VERSION} && \ ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} # Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${GROUP_ID} /home/${USER_NAME} # Change ownership of the venv directory to the non-root user -RUN chown -R ${USER_NAME}:${USER_NAME} /venv +RUN chown -R ${USER_NAME}:${GROUP_ID} /venv # Switch to the non-root user USER ${USER_NAME} From dedf8d01bbfa7823d5a027219363d1bc292076ac Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Fri, 18 Apr 2025 11:52:22 +0100 Subject: [PATCH 036/104] add to test image --- .github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile index 7ed09a589b9098..64c042a0d4b673 100644 --- a/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile @@ -56,10 +56,10 @@ ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} ENV PIP_INSTALL_PATH=/venv/lib/python3/site-packages # Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${GROUP_ID} /home/${USER_NAME} # Change ownership of the venv directory to the non-root user -RUN chown -R ${USER_NAME}:${USER_NAME} /venv +RUN chown -R ${USER_NAME}:${GROUP_ID} /venv # Switch to the non-root user USER ${USER_NAME} From 2c570e47b97f4fa0f1635e44802142d7eb7084c4 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Tue, 22 Apr 2025 09:32:20 +0100 Subject: [PATCH 037/104] add clang for samples --- .github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile | 2 ++ .github/workflows/job_samples_tests.yml | 3 +-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile index 64c042a0d4b673..b69ccf7d6a2508 100644 --- a/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile @@ -29,6 +29,8 @@ RUN apt-get update && \ git \ gpg-agent \ tzdata \ + # to build samples + clang \ # parallel gzip pigz \ # Python diff --git a/.github/workflows/job_samples_tests.yml b/.github/workflows/job_samples_tests.yml index de8df67c301036..48ead3e64ca8ac 100644 --- a/.github/workflows/job_samples_tests.yml +++ b/.github/workflows/job_samples_tests.yml @@ -96,8 +96,7 @@ jobs: - name: Build cpp samples - Clang if: runner.os == 'Linux' - run: | - $INSTALL_DIR/samples/cpp/build_samples.sh -i $INSTALL_DIR -b $BUILD_DIR/cpp_samples_clang + run: $INSTALL_DIR/samples/cpp/build_samples.sh -i $INSTALL_DIR -b $BUILD_DIR/cpp_samples_clang env: CC: clang CXX: clang++ From 754f9769977e24d8438dec3c93f865a7f15ca027 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Tue, 22 Apr 2025 10:29:36 +0100 Subject: [PATCH 038/104] use non-root user in Android x64 --- .../ov_build/ubuntu_22_04_android/Dockerfile | 21 +++++++++++++++++++ .github/workflows/ubuntu_20.yml | 20 ------------------ 2 files changed, 21 insertions(+), 20 deletions(-) diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_android/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_android/Dockerfile index 9f9f413547dd9a..a218496c9246fc 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_android/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_android/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:22.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -54,3 +63,15 @@ ENV ANDROID_SDK_VERSION 29 RUN wget https://dl.google.com/android/repository/commandlinetools-linux-7583922_latest.zip && \ unzip commandlinetools-linux-7583922_latest.zip RUN echo "yes" | ./cmdline-tools/bin/sdkmanager --sdk_root=${ANDROID_TOOLS} --install "ndk-bundle" "platform-tools" "platforms;android-${ANDROID_SDK_VERSION}" + +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Change ownership of node to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} ${NVM_DIR} + +# Switch to the non-root user +USER ${USER_NAME} diff --git a/.github/workflows/ubuntu_20.yml b/.github/workflows/ubuntu_20.yml index a6d2515f37dd4f..838aedd2e9a130 100644 --- a/.github/workflows/ubuntu_20.yml +++ b/.github/workflows/ubuntu_20.yml @@ -78,26 +78,6 @@ jobs: dockerfiles_root_dir: '.github/dockerfiles' changed_components: ${{ needs.smart_ci.outputs.changed_components }} - Test_Job_wo_Docker: - name: Test Job w/o Docker - needs: [Docker] - timeout-minutes: 150 - runs-on: 'aks-linux-16-cores-32gb' - defaults: - run: - shell: bash - steps: - - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - timeout-minutes: 15 - - - name: Who am I - run: | - whoami - id - ls -laR /runner - - Build: needs: [Docker, Smart_CI] uses: ./.github/workflows/job_build_linux.yml From 9e3fef110f1b2e02a46fcfada71314ca7325bbf6 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Tue, 22 Apr 2025 10:48:21 +0100 Subject: [PATCH 039/104] rm unused venv chown --- .github/dockerfiles/ov_build/ubuntu_22_04_android/Dockerfile | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_android/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_android/Dockerfile index a218496c9246fc..864ef09259f342 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_android/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_android/Dockerfile @@ -67,9 +67,6 @@ RUN echo "yes" | ./cmdline-tools/bin/sdkmanager --sdk_root=${ANDROID_TOOLS} --in # Change ownership of the home directory to the non-root user RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} -# Change ownership of the venv directory to the non-root user -RUN chown -R ${USER_NAME}:${USER_NAME} /venv - # Change ownership of node to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} ${NVM_DIR} From 85997e0d6c8353751b15f5c34cced1944b5179e8 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Tue, 22 Apr 2025 11:19:08 +0100 Subject: [PATCH 040/104] rm unneded chown --- .github/dockerfiles/ov_build/ubuntu_22_04_android/Dockerfile | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_android/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_android/Dockerfile index 864ef09259f342..b4d5192c828e5a 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_android/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_android/Dockerfile @@ -67,8 +67,5 @@ RUN echo "yes" | ./cmdline-tools/bin/sdkmanager --sdk_root=${ANDROID_TOOLS} --in # Change ownership of the home directory to the non-root user RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} -# Change ownership of node to the non-root user -RUN chown -R ${USER_NAME}:${USER_NAME} ${NVM_DIR} - # Switch to the non-root user USER ${USER_NAME} From 47aea0d86b188bddf9eb9dacf32325afe970288b Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Tue, 22 Apr 2025 12:34:48 +0100 Subject: [PATCH 041/104] use non-root in Debian --- .../ov_build/debian_10_arm/Dockerfile | 18 ++++++++++++++++++ .../ov_test/debian_10_arm/Dockerfile | 19 +++++++++++++++++++ .github/workflows/debian_10_arm.yml | 12 ++++++------ 3 files changed, 43 insertions(+), 6 deletions(-) diff --git a/.github/dockerfiles/ov_build/debian_10_arm/Dockerfile b/.github/dockerfiles/ov_build/debian_10_arm/Dockerfile index aca429b8b88a36..9020bc480d7ec5 100644 --- a/.github/dockerfiles/ov_build/debian_10_arm/Dockerfile +++ b/.github/dockerfiles/ov_build/debian_10_arm/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/debian:10.13 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -227,3 +236,12 @@ RUN python3.11 -m venv venv ENV PATH="/venv/bin:$SCCACHE_HOME:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} + +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} diff --git a/.github/dockerfiles/ov_test/debian_10_arm/Dockerfile b/.github/dockerfiles/ov_test/debian_10_arm/Dockerfile index f1e428e0683b9a..4e39fc9ecac293 100644 --- a/.github/dockerfiles/ov_test/debian_10_arm/Dockerfile +++ b/.github/dockerfiles/ov_test/debian_10_arm/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/debian:10.13 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -38,3 +47,13 @@ RUN chmod +x /install_build_dependencies.sh && \ ENV LD_LIBRARY_PATH="/usr/arm-linux-gnueabihf/:/usr/arm-linux-gnueabihf/lib/:$LD_LIBRARY_PATH" RUN ln -s /usr/arm-linux-gnueabihf/lib/ld-linux-armhf.so.3 /lib/ld-linux-armhf.so.3 + + +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} diff --git a/.github/workflows/debian_10_arm.yml b/.github/workflows/debian_10_arm.yml index 85fc7e9eaadc61..17c7d99bf6d8be 100644 --- a/.github/workflows/debian_10_arm.yml +++ b/.github/workflows/debian_10_arm.yml @@ -1,12 +1,12 @@ name: Debian 10 ARM on: workflow_dispatch: -# pull_request: -# merge_group: -# push: -# branches: -# - master -# - 'releases/**' + pull_request: + merge_group: + push: + branches: + - master + - 'releases/**' concurrency: # github.ref is not unique in post-commit From b82ce4525b511c94b18ad5bbefd676d996e5a4dc Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Tue, 22 Apr 2025 12:36:00 +0100 Subject: [PATCH 042/104] fix input --- .github/workflows/debian_10_arm.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/debian_10_arm.yml b/.github/workflows/debian_10_arm.yml index 17c7d99bf6d8be..d8bafa4bc15249 100644 --- a/.github/workflows/debian_10_arm.yml +++ b/.github/workflows/debian_10_arm.yml @@ -108,7 +108,7 @@ jobs: uses: ./.github/workflows/job_cxx_unit_tests.yml with: runner: 'aks-linux-8-cores-16gb-arm' - image: ${{ fromJSON(needs.docker.outputs.images).ov_test.debian_10_arm }} + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_test.debian_10_arm }}"}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} os: 'debian_10' From 5e36d33cbfb5cb2837b70f7f74a930220809b5d5 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Tue, 22 Apr 2025 13:26:33 +0100 Subject: [PATCH 043/104] rm /venv chown from the test Debian Dockerfile --- .github/dockerfiles/ov_test/debian_10_arm/Dockerfile | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/dockerfiles/ov_test/debian_10_arm/Dockerfile b/.github/dockerfiles/ov_test/debian_10_arm/Dockerfile index 4e39fc9ecac293..01bf8d41e0c231 100644 --- a/.github/dockerfiles/ov_test/debian_10_arm/Dockerfile +++ b/.github/dockerfiles/ov_test/debian_10_arm/Dockerfile @@ -48,12 +48,8 @@ RUN chmod +x /install_build_dependencies.sh && \ ENV LD_LIBRARY_PATH="/usr/arm-linux-gnueabihf/:/usr/arm-linux-gnueabihf/lib/:$LD_LIBRARY_PATH" RUN ln -s /usr/arm-linux-gnueabihf/lib/ld-linux-armhf.so.3 /lib/ld-linux-armhf.so.3 - # Change ownership of the home directory to the non-root user RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} -# Change ownership of the venv directory to the non-root user -RUN chown -R ${USER_NAME}:${USER_NAME} /venv - # Switch to the non-root user USER ${USER_NAME} From db5b4ef5e7e4181b850f90358fd696891f873a9e Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Wed, 23 Apr 2025 10:29:21 +0100 Subject: [PATCH 044/104] enable fedora --- .../dockerfiles/ov_build/fedora_29/Dockerfile | 20 +++++++++++++++++++ .../dockerfiles/ov_test/fedora_33/Dockerfile | 1 - .github/workflows/fedora_29.yml | 14 ++++++------- 3 files changed, 27 insertions(+), 8 deletions(-) diff --git a/.github/dockerfiles/ov_build/fedora_29/Dockerfile b/.github/dockerfiles/ov_build/fedora_29/Dockerfile index 8713f52cdf3b3a..1cd0c9c3d8f9b4 100644 --- a/.github/dockerfiles/ov_build/fedora_29/Dockerfile +++ b/.github/dockerfiles/ov_build/fedora_29/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/fedora:29 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # dnf configuration RUN echo "timeout=60" >> /etc/dnf/dnf.conf && \ echo "retries=10" >> /etc/dnf/dnf.conf @@ -110,3 +119,14 @@ RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | b RUN . "$NVM_DIR/nvm.sh" && nvm install ${NODE_VERSION} ENV PATH="$NVM_DIR/versions/node/v${NODE_VERSION}/bin/:${PATH}" +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Change ownership of node to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} ${NVM_DIR} + +# Switch to the non-root user +USER ${USER_NAME} diff --git a/.github/dockerfiles/ov_test/fedora_33/Dockerfile b/.github/dockerfiles/ov_test/fedora_33/Dockerfile index 4c5b2037e60578..2c6f899fc50c78 100644 --- a/.github/dockerfiles/ov_test/fedora_33/Dockerfile +++ b/.github/dockerfiles/ov_test/fedora_33/Dockerfile @@ -25,4 +25,3 @@ RUN mkdir -p $NVM_DIR RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | bash RUN . "$NVM_DIR/nvm.sh" && nvm install ${NODE_VERSION} ENV PATH="$NVM_DIR/versions/node/v${NODE_VERSION}/bin/:${PATH}" - diff --git a/.github/workflows/fedora_29.yml b/.github/workflows/fedora_29.yml index 80c7a23c20f051..9278f266c4e31b 100644 --- a/.github/workflows/fedora_29.yml +++ b/.github/workflows/fedora_29.yml @@ -1,12 +1,12 @@ name: Fedora 29 (RHEL 8.4), Python 3.9 on: workflow_dispatch: -# pull_request: -# merge_group: -# push: -# branches: -# - master -# - 'releases/**' + pull_request: + merge_group: + push: + branches: + - master + - 'releases/**' concurrency: # github.ref is not unique in post-commit @@ -161,7 +161,7 @@ jobs: uses: ./.github/workflows/job_cxx_unit_tests.yml with: runner: 'aks-linux-4-cores-16gb' - image: ${{ fromJSON(needs.docker.outputs.images).ov_build.fedora_29 }} + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_build.fedora_29 }}"}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} os: 'fedora_29' From b37a92d9b491759b77092118616b588dac79ae46 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Wed, 23 Apr 2025 11:43:44 +0100 Subject: [PATCH 045/104] add clang --- .github/dockerfiles/ov_build/fedora_29/Dockerfile | 6 ++++++ .github/workflows/job_build_linux.yml | 7 ------- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/.github/dockerfiles/ov_build/fedora_29/Dockerfile b/.github/dockerfiles/ov_build/fedora_29/Dockerfile index 1cd0c9c3d8f9b4..4e1e8c295d037e 100644 --- a/.github/dockerfiles/ov_build/fedora_29/Dockerfile +++ b/.github/dockerfiles/ov_build/fedora_29/Dockerfile @@ -20,6 +20,12 @@ RUN dnf update -y && dnf install -y \ git \ curl \ python3 \ + # Compiler \ + clang-18 \ + # Static analyzer + clang-tidy-18 \ + # clang-tidy uses clang-format as a dependency + clang-format-18 \ # To build Python from source openssl-devel \ sqlite-devel \ diff --git a/.github/workflows/job_build_linux.yml b/.github/workflows/job_build_linux.yml index 12818d374c0cff..23193c29f492a6 100644 --- a/.github/workflows/job_build_linux.yml +++ b/.github/workflows/job_build_linux.yml @@ -116,13 +116,6 @@ jobs: path: ${{ env.OPENVINO_REPO }} submodules: 'true' - - name: Who am I - run: | - whoami - id - echo ${HOME} - ls -la /mount - # Ticket: 139627 - name: Checkout the latest OneDNN for GPU in nightly if: ${{ inputs.event-name == 'schedule' && inputs.os == 'ubuntu_20_04' }} # GPU tests are enabled only on U20 From d1c2ec38f29056e0c2945b56d65371df93518e71 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Wed, 23 Apr 2025 12:01:50 +0100 Subject: [PATCH 046/104] only clang --- .github/dockerfiles/ov_build/fedora_29/Dockerfile | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/.github/dockerfiles/ov_build/fedora_29/Dockerfile b/.github/dockerfiles/ov_build/fedora_29/Dockerfile index 4e1e8c295d037e..d355c2f135c775 100644 --- a/.github/dockerfiles/ov_build/fedora_29/Dockerfile +++ b/.github/dockerfiles/ov_build/fedora_29/Dockerfile @@ -20,12 +20,7 @@ RUN dnf update -y && dnf install -y \ git \ curl \ python3 \ - # Compiler \ - clang-18 \ - # Static analyzer - clang-tidy-18 \ - # clang-tidy uses clang-format as a dependency - clang-format-18 \ + clang \ # To build Python from source openssl-devel \ sqlite-devel \ From 42d5c6eabd85ae7ea2020656568e85efdeb8cd7b Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Thu, 24 Apr 2025 09:23:54 +0100 Subject: [PATCH 047/104] use non-root in Linux arm --- .../ov_build/ubuntu_20_04_arm64/Dockerfile | 21 +++++++++++++++++++ .../ov_test/ubuntu_20_04_arm64/Dockerfile | 18 ++++++++++++++++ .github/workflows/linux_arm64.yml | 14 ++++++------- 3 files changed, 46 insertions(+), 7 deletions(-) diff --git a/.github/dockerfiles/ov_build/ubuntu_20_04_arm64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_20_04_arm64/Dockerfile index 76dcf197754d48..4a18d0727170c2 100644 --- a/.github/dockerfiles/ov_build/ubuntu_20_04_arm64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_20_04_arm64/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:20.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -93,3 +102,15 @@ RUN mkdir -p $NVM_DIR RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | bash RUN . "$NVM_DIR/nvm.sh" && nvm install ${NODE_VERSION} ENV PATH="$NVM_DIR/versions/node/v${NODE_VERSION}/bin/:${PATH}" + +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Change ownership of node to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} ${NVM_DIR} + +# Switch to the non-root user +USER ${USER_NAME} diff --git a/.github/dockerfiles/ov_test/ubuntu_20_04_arm64/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_20_04_arm64/Dockerfile index e46a1a2ea03ef6..083cc407b57f0a 100644 --- a/.github/dockerfiles/ov_test/ubuntu_20_04_arm64/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_20_04_arm64/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:20.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -52,3 +61,12 @@ ENV PATH="/venv/bin:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} ENV PIP_INSTALL_PATH=/venv/lib/python3.11/site-packages + +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} diff --git a/.github/workflows/linux_arm64.yml b/.github/workflows/linux_arm64.yml index 9e2bd1ea0a7078..7fbe10c6ad24d6 100644 --- a/.github/workflows/linux_arm64.yml +++ b/.github/workflows/linux_arm64.yml @@ -1,12 +1,12 @@ name: Linux ARM64 (Ubuntu 20.04, Python 3.11) on: workflow_dispatch: -# pull_request: -# merge_group: -# push: -# branches: -# - master -# - 'releases/**' + pull_request: + merge_group: + push: + branches: + - master + - 'releases/**' concurrency: # github.ref is not unique in post-commit @@ -159,7 +159,7 @@ jobs: uses: ./.github/workflows/job_cxx_unit_tests.yml with: runner: 'aks-linux-8-cores-16gb-arm' - image: ${{ fromJSON(needs.docker.outputs.images).ov_test.ubuntu_20_04_arm64 }} + container: '{"image": "${{ fromJSON(needs.docker.outputs.images).ov_test.ubuntu_20_04_arm64 }}"}' affected-components: ${{ needs.smart_ci.outputs.affected_components }} os: 'ubuntu_20_04' From df643974f5416418329c2fe476a81226c2d19f99 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Thu, 24 Apr 2025 11:24:01 +0100 Subject: [PATCH 048/104] add packages --- .github/dockerfiles/ov_build/ubuntu_20_04_arm64/Dockerfile | 4 ++++ .github/dockerfiles/ov_test/ubuntu_20_04_arm64/Dockerfile | 2 ++ 2 files changed, 6 insertions(+) diff --git a/.github/dockerfiles/ov_build/ubuntu_20_04_arm64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_20_04_arm64/Dockerfile index 4a18d0727170c2..2bbef178dd4f32 100644 --- a/.github/dockerfiles/ov_build/ubuntu_20_04_arm64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_20_04_arm64/Dockerfile @@ -54,6 +54,10 @@ RUN apt-get update && \ # Compiler, required for multi-isa build gcc-10 \ g++-10 \ + # OpenVINO JS API + libgtk-3-0 \ + libgbm1 \ + xvfb \ && \ rm -rf /var/lib/apt/lists/* diff --git a/.github/dockerfiles/ov_test/ubuntu_20_04_arm64/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_20_04_arm64/Dockerfile index 083cc407b57f0a..cf126414cb5945 100644 --- a/.github/dockerfiles/ov_test/ubuntu_20_04_arm64/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_20_04_arm64/Dockerfile @@ -39,6 +39,8 @@ RUN apt-get update && \ python3.11-venv \ python3.11-distutils \ libhdf5-dev \ + # to build samples + clang \ && \ rm -rf /var/lib/apt/lists/* From a15e53dcf9bb40091375b06c9b77e6df6e76d35b Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Fri, 25 Apr 2025 11:02:01 +0100 Subject: [PATCH 049/104] use non-root for dpcpp --- .../ov_build/ubuntu_22_04_x64_dpcpp/Dockerfile | 18 ++++++++++++++++++ .github/workflows/ubuntu_22_dpcpp.yml | 4 ++-- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_dpcpp/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_dpcpp/Dockerfile index 23111f59dd69b8..2e22ebdec3cab9 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_dpcpp/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_dpcpp/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:22.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -96,3 +105,12 @@ ENV CPATH=/opt/intel/oneapi/dpl/2022.6/include:/opt/intel/oneapi/dev-utilities/2 # Set Intel DPC++ as a default compiler ENV CC=icx ENV CXX=icpx + +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} diff --git a/.github/workflows/ubuntu_22_dpcpp.yml b/.github/workflows/ubuntu_22_dpcpp.yml index d65baefd544ef2..1fdfc5f6ac88d9 100644 --- a/.github/workflows/ubuntu_22_dpcpp.yml +++ b/.github/workflows/ubuntu_22_dpcpp.yml @@ -1,8 +1,8 @@ name: Linux (Ubuntu 22.04, Python 3.11, Intel DPC++ Compiler) on: workflow_dispatch: -# pull_request: -# merge_group: + pull_request: + merge_group: concurrency: # github.ref is not unique in post-commit From ca2b9c43a13584fa5f7e1203357f85fe72ca2001 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Fri, 25 Apr 2025 12:43:01 +0100 Subject: [PATCH 050/104] rm unused --- .github/dockerfiles/ov_build/fedora_29/Dockerfile | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/dockerfiles/ov_build/fedora_29/Dockerfile b/.github/dockerfiles/ov_build/fedora_29/Dockerfile index d355c2f135c775..1cd0c9c3d8f9b4 100644 --- a/.github/dockerfiles/ov_build/fedora_29/Dockerfile +++ b/.github/dockerfiles/ov_build/fedora_29/Dockerfile @@ -20,7 +20,6 @@ RUN dnf update -y && dnf install -y \ git \ curl \ python3 \ - clang \ # To build Python from source openssl-devel \ sqlite-devel \ From 88f472e7fe617850d6aa26c6a1c4e3124e914a64 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Fri, 25 Apr 2025 14:00:27 +0100 Subject: [PATCH 051/104] update all setuptools --- .github/dockerfiles/ov_build/fedora_29/Dockerfile | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/dockerfiles/ov_build/fedora_29/Dockerfile b/.github/dockerfiles/ov_build/fedora_29/Dockerfile index 1cd0c9c3d8f9b4..fdb8ed857f5f71 100644 --- a/.github/dockerfiles/ov_build/fedora_29/Dockerfile +++ b/.github/dockerfiles/ov_build/fedora_29/Dockerfile @@ -109,6 +109,12 @@ RUN curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py && \ python3.13 get-pip.py --no-cache-dir pip==${PIP_VERSION} && \ rm -f get-pip.py +RUN python3.9 -m pip install --upgrade pip setuptools wheel && \ + python3.10 -m pip install --upgrade pip setuptools wheel && \ + python3.11 -m pip install --upgrade pip setuptools wheel && \ + python3.12 -m pip install --upgrade pip setuptools wheel && \ + python3.13 -m pip install --upgrade pip setuptools wheel + ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} # Install Node From b6ce3c82955eb5e54ef2bc27a7af868e04750c46 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Mon, 28 Apr 2025 09:23:31 +0100 Subject: [PATCH 052/104] use non-root in build Dockerfiles --- .../ov_build/manylinux2014_x86_64/Dockerfile | 15 ++++++++++++ .../ubuntu_20_04_x64_nvidia/Dockerfile | 18 ++++++++++++++ .../ov_build/ubuntu_22_04_riscv/Dockerfile | 14 +++++++++++ .../ubuntu_22_04_riscv_xuantie/Dockerfile | 18 ++++++++++++++ .../ov_build/ubuntu_22_04_x64_cc/Dockerfile | 18 ++++++++++++++ .../ubuntu_22_04_x64_docker/Dockerfile | 24 ++++++++++++++++++- .../ov_build/webassembly/Dockerfile | 15 ++++++++++++ 7 files changed, 121 insertions(+), 1 deletion(-) diff --git a/.github/dockerfiles/ov_build/manylinux2014_x86_64/Dockerfile b/.github/dockerfiles/ov_build/manylinux2014_x86_64/Dockerfile index 3a2dbdb0e8d3a2..7ef0a7f12eb0b4 100644 --- a/.github/dockerfiles/ov_build/manylinux2014_x86_64/Dockerfile +++ b/.github/dockerfiles/ov_build/manylinux2014_x86_64/Dockerfile @@ -3,6 +3,15 @@ FROM openvinogithubactions.azurecr.io/quayio/pypa/manylinux2014_x86_64 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # Install build dependencies ADD install_build_dependencies.sh /install_build_dependencies.sh RUN chmod +x /install_build_dependencies.sh && bash -e /install_build_dependencies.sh @@ -18,3 +27,9 @@ RUN mkdir ${SCCACHE_HOME} && cd ${SCCACHE_HOME} && \ tar -xzf ${SCCACHE_ARCHIVE} --strip-components=1 && rm ${SCCACHE_ARCHIVE} ENV PATH="$SCCACHE_HOME:$PATH" + +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} + +# Switch to the non-root user +USER ${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_20_04_x64_nvidia/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_20_04_x64_nvidia/Dockerfile index a86105a4e4d531..f1c667c01b5e37 100644 --- a/.github/dockerfiles/ov_build/ubuntu_20_04_x64_nvidia/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_20_04_x64_nvidia/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/nvidia/cuda:11.8.0-runtime-ubuntu20.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -83,3 +92,12 @@ RUN python3.11 -m venv venv ENV PATH="/venv/bin:$SCCACHE_HOME:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} + +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_riscv/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_riscv/Dockerfile index 8b955def2aec00..2f52680a0f7fef 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_riscv/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_riscv/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:22.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -72,3 +81,8 @@ RUN curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py && \ python3 get-pip.py --no-cache-dir pip==${PIP_VERSION} && \ rm -f get-pip.py +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} + +# Switch to the non-root user +USER ${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_riscv_xuantie/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_riscv_xuantie/Dockerfile index 6887f83b0256c1..c615a8f16bc736 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_riscv_xuantie/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_riscv_xuantie/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:22.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -100,3 +109,12 @@ ENV PIP_VERSION="24.0" RUN curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py && \ python3 get-pip.py --no-cache-dir pip==${PIP_VERSION} && \ rm -f get-pip.py + +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_cc/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_cc/Dockerfile index d53bed4e4927a1..d6542b9b5f999d 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_cc/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_cc/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:22.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -79,3 +88,12 @@ RUN python3.11 -m venv venv ENV PATH="/venv/bin:$SCCACHE_HOME:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} + +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_docker/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_docker/Dockerfile index 2d5bc1c878069a..636d669db1f1a5 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_docker/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_docker/Dockerfile @@ -3,6 +3,16 @@ FROM ${REGISTRY}/library/ubuntu:22.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -39,4 +49,16 @@ RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | \ RUN apt-get update && \ apt-get install -y docker-ce docker-ce-cli containerd.io -ENV DOCKER_BUILDKIT=1 \ No newline at end of file +ENV DOCKER_BUILDKIT=1 + +# Add user to the Docker group +RUN groupadd docker && usermod -aG docker ${USER_NAME} + +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} diff --git a/.github/dockerfiles/ov_build/webassembly/Dockerfile b/.github/dockerfiles/ov_build/webassembly/Dockerfile index 65717650e9a0c1..42a0bffeb90b80 100644 --- a/.github/dockerfiles/ov_build/webassembly/Dockerfile +++ b/.github/dockerfiles/ov_build/webassembly/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/emscripten/emsdk:3.1.61 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -32,3 +41,9 @@ RUN mkdir ${SCCACHE_HOME} && cd ${SCCACHE_HOME} && \ tar -xzf ${SCCACHE_ARCHIVE} --strip-components=1 && rm ${SCCACHE_ARCHIVE} ENV PATH="$SCCACHE_HOME:$PATH" + +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} + +# Switch to the non-root user +USER ${USER_NAME} From 03ce6c8994cfc503f91caebdfcf331a8dd3b02ee Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Mon, 28 Apr 2025 10:03:50 +0100 Subject: [PATCH 053/104] fix incorrect configurations --- .../dockerfiles/ov_build/ubuntu_20_04_x64_nvidia/Dockerfile | 5 +++-- .github/dockerfiles/ov_build/ubuntu_22_04_x64_cc/Dockerfile | 5 +++-- .../dockerfiles/ov_build/ubuntu_22_04_x64_docker/Dockerfile | 2 +- .github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile | 2 +- .github/dockerfiles/ov_build/webassembly/Dockerfile | 4 ++-- .github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile | 2 +- 6 files changed, 11 insertions(+), 9 deletions(-) diff --git a/.github/dockerfiles/ov_build/ubuntu_20_04_x64_nvidia/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_20_04_x64_nvidia/Dockerfile index f1c667c01b5e37..d9c6ee4f772b1e 100644 --- a/.github/dockerfiles/ov_build/ubuntu_20_04_x64_nvidia/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_20_04_x64_nvidia/Dockerfile @@ -82,9 +82,10 @@ RUN apt update && apt install -y \ # Setup pip ENV PIP_VERSION="24.0" RUN curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py && \ - python3.8 get-pip.py --no-cache-dir pip==${PIP_VERSION} && \ + curl https://bootstrap.pypa.io/pip/3.8/get-pip.py -o get-pip-3.8.py && \ + python3.8 get-pip-3.8.py --no-cache-dir pip==${PIP_VERSION} && \ python3.11 get-pip.py --no-cache-dir pip==${PIP_VERSION} && \ - rm -f get-pip.py + rm -f get-pip.py get-pip-3.8.py # Use Python 3.11 as default instead of Python 3.8 # Using venv here 'cause other methods to switch the default Python on Ubuntu 20 break both system and wheels build diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_cc/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_cc/Dockerfile index d6542b9b5f999d..29f8c2da78b79f 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_cc/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_cc/Dockerfile @@ -78,9 +78,10 @@ RUN mkdir ${SCCACHE_HOME} && cd ${SCCACHE_HOME} && \ # Setup pip ENV PIP_VERSION="24.0" RUN curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py && \ - python3.8 get-pip.py --no-cache-dir pip==${PIP_VERSION} && \ + curl https://bootstrap.pypa.io/pip/3.8/get-pip.py -o get-pip-3.8.py && \ + python3.8 get-pip-3.8.py --no-cache-dir pip==${PIP_VERSION} && \ python3.11 get-pip.py --no-cache-dir pip==${PIP_VERSION} && \ - rm -f get-pip.py + rm -f get-pip.py get-pip-3.8.py # Use Python 3.11 as default instead of Python 3.8 # Using venv here 'cause other methods to switch the default Python on Ubuntu 20 break both system and wheels build diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_docker/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_docker/Dockerfile index 636d669db1f1a5..4a207fc08ee144 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_docker/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_docker/Dockerfile @@ -52,7 +52,7 @@ RUN apt-get update && \ ENV DOCKER_BUILDKIT=1 # Add user to the Docker group -RUN groupadd docker && usermod -aG docker ${USER_NAME} +RUN usermod -aG docker ${USER_NAME} # Change ownership of the home directory to the non-root user RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile index f455be7357cfaf..3861d8e2e1d501 100644 --- a/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile @@ -9,7 +9,7 @@ ENV USER_ID=1000 ENV GROUP_NAME=${USER_NAME} ENV GROUP_ID=${USER_ID} -# Ubuntu 24 images already has a user with UID 1000 +# Ubuntu 24 image already has a user with UID 1000 RUN usermod -l ${USER_NAME} ubuntu # APT configuration diff --git a/.github/dockerfiles/ov_build/webassembly/Dockerfile b/.github/dockerfiles/ov_build/webassembly/Dockerfile index 42a0bffeb90b80..b069c6ff018231 100644 --- a/.github/dockerfiles/ov_build/webassembly/Dockerfile +++ b/.github/dockerfiles/ov_build/webassembly/Dockerfile @@ -9,8 +9,8 @@ ENV USER_ID=1000 ENV GROUP_NAME=${USER_NAME} ENV GROUP_ID=${USER_ID} -RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} -RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash +# WASM image already has a user with UID 1000 +RUN usermod -l ${USER_NAME} emscripten # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ diff --git a/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile index b69ccf7d6a2508..1d13a1531673c3 100644 --- a/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile @@ -9,7 +9,7 @@ ENV USER_ID=1000 ENV GROUP_NAME=${USER_NAME} ENV GROUP_ID=${USER_ID} -# Ubuntu 24 images already has a user with UID 1000 +# Ubuntu 24 image already has a user with UID 1000 RUN usermod -l ${USER_NAME} ubuntu # APT configuration From d23cd969949b4e6ee565df4e03b2193bd77dfbf8 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Mon, 28 Apr 2025 10:16:45 +0100 Subject: [PATCH 054/104] fix group id --- .../dockerfiles/ov_build/ubuntu_22_04_x64_docker/Dockerfile | 4 ---- .github/dockerfiles/ov_build/webassembly/Dockerfile | 2 +- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_docker/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_docker/Dockerfile index 4a207fc08ee144..95e997ed0ee763 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_docker/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_docker/Dockerfile @@ -12,7 +12,6 @@ ENV GROUP_ID=${USER_ID} RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash - # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -57,8 +56,5 @@ RUN usermod -aG docker ${USER_NAME} # Change ownership of the home directory to the non-root user RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} -# Change ownership of the venv directory to the non-root user -RUN chown -R ${USER_NAME}:${USER_NAME} /venv - # Switch to the non-root user USER ${USER_NAME} diff --git a/.github/dockerfiles/ov_build/webassembly/Dockerfile b/.github/dockerfiles/ov_build/webassembly/Dockerfile index b069c6ff018231..0838d891062b75 100644 --- a/.github/dockerfiles/ov_build/webassembly/Dockerfile +++ b/.github/dockerfiles/ov_build/webassembly/Dockerfile @@ -43,7 +43,7 @@ RUN mkdir ${SCCACHE_HOME} && cd ${SCCACHE_HOME} && \ ENV PATH="$SCCACHE_HOME:$PATH" # Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${GROUP_ID} /home/${USER_NAME} # Switch to the non-root user USER ${USER_NAME} From 3aab437304fdd3ca188682cce50ed36b9cfbca1c Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Mon, 28 Apr 2025 11:49:21 +0100 Subject: [PATCH 055/104] setup buildx --- .github/workflows/manylinux_2014.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index 7e9dd0c2d0e296..f55bec709d2dd2 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -134,9 +134,11 @@ jobs: build_type: ${{ env.CMAKE_BUILD_TYPE }} save_to: ${{ env.MANIFEST_PATH }} + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Create docker build cache - run: | - docker volume create ov_build_cache + run: docker volume create ov_build_cache - name: Build OpenVINO run: | From b925a72e09ca3beef0556d109fd368242b71e90a Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Mon, 28 Apr 2025 12:41:31 +0100 Subject: [PATCH 056/104] no volume cache --- .github/workflows/manylinux_2014.yml | 8 -------- 1 file changed, 8 deletions(-) diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index f55bec709d2dd2..93861d15f18dbd 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -133,18 +133,11 @@ jobs: target_arch: ${{ env.ARCH }} build_type: ${{ env.CMAKE_BUILD_TYPE }} save_to: ${{ env.MANIFEST_PATH }} - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Create docker build cache - run: docker volume create ov_build_cache - name: Build OpenVINO run: | docker run --rm \ -v ${{ env.OPENVINO_REPO }}:/work/src \ - -v ov_build_cache:/work/build \ -v ${{ env.INSTALL_DIR }}:/work/install \ -v ${{ env.INSTALL_TEST_DIR }}:/work/api_tests \ -e SCCACHE_AZURE_BLOB_CONTAINER \ @@ -178,7 +171,6 @@ jobs: -v ${{ env.INSTALL_WHEELS_DIR }}:/work/wheels \ -v ${{ env.PIP_CACHE_PATH }}:/work/pip_cache \ -v ${{ env.INSTALL_DIR }}:/work/install \ - -v ov_build_cache:/work/build \ -e SCCACHE_AZURE_BLOB_CONTAINER \ -e SCCACHE_AZURE_CONNECTION_STRING \ -e SCCACHE_SERVER_PORT \ From c67075d2389a33e8ea608ee17535c01de9840fb8 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Tue, 29 Apr 2025 12:24:26 +0100 Subject: [PATCH 057/104] check --- .github/workflows/manylinux_2014.yml | 41 +++++++++++++++++++++++++++- 1 file changed, 40 insertions(+), 1 deletion(-) diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index 93861d15f18dbd..db1b6edf1eb5e2 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -79,7 +79,46 @@ jobs: registry: 'openvinogithubactions.azurecr.io' dockerfiles_root_dir: '.github/dockerfiles' changed_components: ${{ needs.smart_ci.outputs.changed_components }} - + + Test_Job: + needs: [ Docker ] + timeout-minutes: 120 + defaults: + run: + shell: bash + runs-on: aks-linux-16-cores-32gb + if: ${{ github.repository_owner == 'openvinotoolkit' }} + container: + image: ${{ fromJSON(needs.docker.outputs.images).ov_build.manylinux2014_x86_64 }} + volumes: + - /mount:/mount + options: -e SCCACHE_AZURE_BLOB_CONTAINER -e SCCACHE_AZURE_CONNECTION_STRING -e DOCKER_CONFIG -v ${{ github.workspace }}:${{ github.workspace }} + env: + CMAKE_BUILD_TYPE: 'Release' + ARCH: 'x86_64' + OPENVINO_REPO: ${{ github.workspace }}/src + INSTALL_DIR: ${{ github.workspace }}/install/openvino + INSTALL_WHEELS_DIR: ${{ github.workspace }}/install/wheels + INSTALL_TEST_DIR: ${{ github.workspace }}/install/tests + BUILD_DIR: ${{ github.workspace }}/build + CMAKE_CXX_COMPILER_LAUNCHER: sccache + CMAKE_C_COMPILER_LAUNCHER: sccache + SCCACHE_IGNORE_SERVER_IO_ERROR: 1 + SCCACHE_SERVER_PORT: 35555 + SCCACHE_CACHE_SIZE: 50G + SCCACHE_AZURE_KEY_PREFIX: manylinux_2014 + ARTIFACTS_SHARE: "/mount/build-artifacts" + MANIFEST_PATH: ${{ github.workspace }}/manifest.yml + PRODUCT_TYPE: public_manylinux2014_x86_64_release + + steps: + - name: Clone OpenVINO + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + timeout-minutes: 15 + with: + path: ${{ env.OPENVINO_REPO }} + submodules: 'true' + Build: needs: [Docker] timeout-minutes: 120 From 90e6147df6774b612081146db4fce0f62537747d Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Wed, 30 Apr 2025 09:36:10 +0100 Subject: [PATCH 058/104] rootless docker --- .../ubuntu_22_04_x64_docker/Dockerfile | 2 + .github/workflows/manylinux_2014.yml | 44 ++----------------- 2 files changed, 6 insertions(+), 40 deletions(-) diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_docker/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_docker/Dockerfile index 95e997ed0ee763..9e95c91a52884a 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_docker/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_docker/Dockerfile @@ -30,6 +30,8 @@ RUN apt-get update && \ curl \ git \ gpg-agent \ + dbus-user-session \ + uidmap \ tzdata \ # parallel gzip pigz \ diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index db1b6edf1eb5e2..c463a8be9bad04 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -80,45 +80,6 @@ jobs: dockerfiles_root_dir: '.github/dockerfiles' changed_components: ${{ needs.smart_ci.outputs.changed_components }} - Test_Job: - needs: [ Docker ] - timeout-minutes: 120 - defaults: - run: - shell: bash - runs-on: aks-linux-16-cores-32gb - if: ${{ github.repository_owner == 'openvinotoolkit' }} - container: - image: ${{ fromJSON(needs.docker.outputs.images).ov_build.manylinux2014_x86_64 }} - volumes: - - /mount:/mount - options: -e SCCACHE_AZURE_BLOB_CONTAINER -e SCCACHE_AZURE_CONNECTION_STRING -e DOCKER_CONFIG -v ${{ github.workspace }}:${{ github.workspace }} - env: - CMAKE_BUILD_TYPE: 'Release' - ARCH: 'x86_64' - OPENVINO_REPO: ${{ github.workspace }}/src - INSTALL_DIR: ${{ github.workspace }}/install/openvino - INSTALL_WHEELS_DIR: ${{ github.workspace }}/install/wheels - INSTALL_TEST_DIR: ${{ github.workspace }}/install/tests - BUILD_DIR: ${{ github.workspace }}/build - CMAKE_CXX_COMPILER_LAUNCHER: sccache - CMAKE_C_COMPILER_LAUNCHER: sccache - SCCACHE_IGNORE_SERVER_IO_ERROR: 1 - SCCACHE_SERVER_PORT: 35555 - SCCACHE_CACHE_SIZE: 50G - SCCACHE_AZURE_KEY_PREFIX: manylinux_2014 - ARTIFACTS_SHARE: "/mount/build-artifacts" - MANIFEST_PATH: ${{ github.workspace }}/manifest.yml - PRODUCT_TYPE: public_manylinux2014_x86_64_release - - steps: - - name: Clone OpenVINO - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - timeout-minutes: 15 - with: - path: ${{ env.OPENVINO_REPO }} - submodules: 'true' - Build: needs: [Docker] timeout-minutes: 120 @@ -172,7 +133,10 @@ jobs: target_arch: ${{ env.ARCH }} build_type: ${{ env.CMAKE_BUILD_TYPE }} save_to: ${{ env.MANIFEST_PATH }} - + + - name: Install rootless Docker + run: /usr/bin/dockerd-rootless-setuptool.sh install --force + - name: Build OpenVINO run: | docker run --rm \ From 2f0b3f59a3ad2f1b1c396702a4af99d2fb9d561f Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Wed, 30 Apr 2025 10:30:50 +0100 Subject: [PATCH 059/104] try w/o config --- .github/workflows/manylinux_2014.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index c463a8be9bad04..efd5d4ed16746f 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -101,7 +101,7 @@ jobs: INSTALL_WHEELS_DIR: ${{ github.workspace }}/install/wheels INSTALL_TEST_DIR: ${{ github.workspace }}/install/tests BUILD_DIR: ${{ github.workspace }}/build - DOCKER_CONFIG: "/mount/.docker" + # DOCKER_CONFIG: "/mount/.docker" CMAKE_CXX_COMPILER_LAUNCHER: sccache CMAKE_C_COMPILER_LAUNCHER: sccache SCCACHE_IGNORE_SERVER_IO_ERROR: 1 @@ -135,7 +135,9 @@ jobs: save_to: ${{ env.MANIFEST_PATH }} - name: Install rootless Docker - run: /usr/bin/dockerd-rootless-setuptool.sh install --force + run: | + PATH=/usr/bin:/sbin:/usr/sbin:$PATH dockerd-rootless.sh + /usr/bin/dockerd-rootless-setuptool.sh install --force - name: Build OpenVINO run: | From caa78afc850c4c23d50854332f827a391d0b5627 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Wed, 30 Apr 2025 11:11:04 +0100 Subject: [PATCH 060/104] create dir --- .github/workflows/manylinux_2014.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index efd5d4ed16746f..cfedb0328b75fd 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -136,6 +136,8 @@ jobs: - name: Install rootless Docker run: | + XDG_RUNTIME_DIR=/home/runner/run + mkdir -p $XDG_RUNTIME_DIR PATH=/usr/bin:/sbin:/usr/sbin:$PATH dockerd-rootless.sh /usr/bin/dockerd-rootless-setuptool.sh install --force From 52d52b0d1936446eb88bb25937e5d64e9075ebe2 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Thu, 1 May 2025 08:54:13 +0100 Subject: [PATCH 061/104] use newer image --- .../ov_build/manylinux_2_28/Dockerfile | 49 +++++++++++++++++++ .github/workflows/manylinux_2014.yml | 17 ++++--- 2 files changed, 59 insertions(+), 7 deletions(-) create mode 100644 .github/dockerfiles/ov_build/manylinux_2_28/Dockerfile diff --git a/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile b/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile new file mode 100644 index 00000000000000..2525c621560475 --- /dev/null +++ b/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile @@ -0,0 +1,49 @@ +ARG REGISTRY="quay.io" +# FROM openvinogithubactions.azurecr.io/quayio/pypa/manylinux2014_x86_64 +FROM quay.io/pypa/manylinux_2_28:latest + +USER root + +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + +# Install build dependencies +#ADD install_build_dependencies.sh /install_build_dependencies.sh +#RUN chmod +x /install_build_dependencies.sh && bash -e /install_build_dependencies.sh + +RUN dnf groupinstall -y "Development Tools" && \ + dnf install -y wget bzip2 gcc-c++ libmpc-devel mpfr-devel gmp-devel + +RUN wget https://ftp.gnu.org/gnu/gcc/gcc-10.2.0/gcc-10.2.0.tar.gz && \ + tar -xvf gcc-10.2.0.tar.gz && \ + cd gcc-10.2.0 && \ + mkdir build && cd build && \ + ../configure --prefix=/usr/local/gcc-10.2.0 --enable-languages=c,c++ --disable-multilib && \ + make -j$(nproc) && \ + make install + +ENV PATH=/usr/local/gcc-10.2.0/bin:$PATH + +# Install sscache +ARG SCCACHE_VERSION="v0.7.5" +ENV SCCACHE_HOME="/opt/sccache" \ + SCCACHE_PATH="/opt/sccache/sccache" + +RUN mkdir ${SCCACHE_HOME} && cd ${SCCACHE_HOME} && \ + SCCACHE_ARCHIVE="sccache-${SCCACHE_VERSION}-x86_64-unknown-linux-musl.tar.gz" && \ + curl -SLO https://github.com/mozilla/sccache/releases/download/${SCCACHE_VERSION}/${SCCACHE_ARCHIVE} && \ + tar -xzf ${SCCACHE_ARCHIVE} --strip-components=1 && rm ${SCCACHE_ARCHIVE} + +ENV PATH="$SCCACHE_HOME:$PATH" + +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} + +# Switch to the non-root user +USER ${USER_NAME} diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index cfedb0328b75fd..111a57c64f62f2 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -71,6 +71,7 @@ jobs: images: | ov_build/ubuntu_22_04_x64_docker ov_build/manylinux2014_x86_64 + ov_build/manylinux_2_28 ov_test/ubuntu_20_04_x64_py313 ov_test/ubuntu_22_04_x64 ov_test/ubuntu_24_04_x64 @@ -86,10 +87,10 @@ jobs: defaults: run: shell: bash - runs-on: aks-linux-16-cores-32gb-manylinux + runs-on: aks-linux-16-cores-32gb if: ${{ github.repository_owner == 'openvinotoolkit' }} container: - image: ${{ fromJSON(needs.docker.outputs.images).ov_build.ubuntu_22_04_x64_docker }} + image: ${{ fromJSON(needs.docker.outputs.images).ov_build.manylinux_2_28 }} volumes: - /mount:/mount options: -e SCCACHE_AZURE_BLOB_CONTAINER -e SCCACHE_AZURE_CONNECTION_STRING -e DOCKER_CONFIG -v ${{ github.workspace }}:${{ github.workspace }} @@ -134,12 +135,14 @@ jobs: build_type: ${{ env.CMAKE_BUILD_TYPE }} save_to: ${{ env.MANIFEST_PATH }} - - name: Install rootless Docker + - name: Build OpenVINO run: | - XDG_RUNTIME_DIR=/home/runner/run - mkdir -p $XDG_RUNTIME_DIR - PATH=/usr/bin:/sbin:/usr/sbin:$PATH dockerd-rootless.sh - /usr/bin/dockerd-rootless-setuptool.sh install --force + python3.12 -m pip install -r ${{ env.OPENVINO_REPO }}/src/bindings/python/wheel/requirements-dev.txt + cmake -DPython3_EXECUTABLE=/usr/local/bin/python3.12 -DENABLE_CPPLINT=OFF -DENABLE_NCC_STYLE=OFF -DENABLE_TESTS=ON -DCMAKE_VERBOSE_MAKEFILE=ON -DENABLE_OV_TF_FRONTEND=OFF -DENABLE_OV_TF_LITE_FRONTEND=OFF -DENABLE_OV_PADDLE_FRONTEND=OFF -DENABLE_OV_PYTORCH_FRONTEND=ON -DENABLE_OV_JAX_FRONTEND=OFF -DENABLE_OV_ONNX_FRONTEND=ON -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S /work/src -B /work/build && + cmake --build /work/build --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} && + cmake --install /work/build --config ${{ env.CMAKE_BUILD_TYPE }} --prefix /work/install + cmake --install /work/build --config ${{ env.CMAKE_BUILD_TYPE }} --prefix /work/api_tests --component tests + - name: Build OpenVINO run: | From 2225e2f89fbd22c4c0bc91e11e591da5297453fb Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Thu, 1 May 2025 09:56:14 +0100 Subject: [PATCH 062/104] build w/o docker --- .github/workflows/manylinux_2014.yml | 129 +++++++++++++-------------- 1 file changed, 64 insertions(+), 65 deletions(-) diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index 111a57c64f62f2..01ebcfb9ce1d04 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -138,72 +138,71 @@ jobs: - name: Build OpenVINO run: | python3.12 -m pip install -r ${{ env.OPENVINO_REPO }}/src/bindings/python/wheel/requirements-dev.txt - cmake -DPython3_EXECUTABLE=/usr/local/bin/python3.12 -DENABLE_CPPLINT=OFF -DENABLE_NCC_STYLE=OFF -DENABLE_TESTS=ON -DCMAKE_VERBOSE_MAKEFILE=ON -DENABLE_OV_TF_FRONTEND=OFF -DENABLE_OV_TF_LITE_FRONTEND=OFF -DENABLE_OV_PADDLE_FRONTEND=OFF -DENABLE_OV_PYTORCH_FRONTEND=ON -DENABLE_OV_JAX_FRONTEND=OFF -DENABLE_OV_ONNX_FRONTEND=ON -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S /work/src -B /work/build && - cmake --build /work/build --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} && - cmake --install /work/build --config ${{ env.CMAKE_BUILD_TYPE }} --prefix /work/install - cmake --install /work/build --config ${{ env.CMAKE_BUILD_TYPE }} --prefix /work/api_tests --component tests - + cmake -DPython3_EXECUTABLE=/usr/local/bin/python3.12 -DENABLE_CPPLINT=OFF -DENABLE_NCC_STYLE=OFF -DENABLE_TESTS=ON -DCMAKE_VERBOSE_MAKEFILE=ON -DENABLE_OV_TF_FRONTEND=OFF -DENABLE_OV_TF_LITE_FRONTEND=OFF -DENABLE_OV_PADDLE_FRONTEND=OFF -DENABLE_OV_PYTORCH_FRONTEND=ON -DENABLE_OV_JAX_FRONTEND=OFF -DENABLE_OV_ONNX_FRONTEND=ON -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S ${{ env.OPENVINO_REPO }} -B ${{ env.BUILD_DIR }} + cmake --build ${{ env.BUILD_DIR }} --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} + cmake --install ${{ env.BUILD_DIR }} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_DIR }} + cmake --install ${{ env.BUILD_DIR }} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_TEST_DIR }} --component tests - - name: Build OpenVINO - run: | - docker run --rm \ - -v ${{ env.OPENVINO_REPO }}:/work/src \ - -v ${{ env.INSTALL_DIR }}:/work/install \ - -v ${{ env.INSTALL_TEST_DIR }}:/work/api_tests \ - -e SCCACHE_AZURE_BLOB_CONTAINER \ - -e SCCACHE_AZURE_CONNECTION_STRING \ - -e SCCACHE_SERVER_PORT \ - -e SCCACHE_IGNORE_SERVER_IO_ERROR \ - -e SCCACHE_CACHE_SIZE \ - -e SCCACHE_AZURE_KEY_PREFIX \ - -e CMAKE_CXX_COMPILER_LAUNCHER \ - -e CMAKE_C_COMPILER_LAUNCHER \ - -e CI_BUILD_NUMBER \ - -e CI_BUILD_DEV_TAG \ - -w /work/src \ - ${{ fromJSON(needs.docker.outputs.images).ov_build.manylinux2014_x86_64 }} \ - /bin/bash -c " - python3.12 -m pip install -r /work/src/src/bindings/python/wheel/requirements-dev.txt - cmake -DPython3_EXECUTABLE=/usr/local/bin/python3.12 -DENABLE_CPPLINT=OFF -DENABLE_NCC_STYLE=OFF -DENABLE_TESTS=ON -DCMAKE_VERBOSE_MAKEFILE=ON -DENABLE_OV_TF_FRONTEND=OFF -DENABLE_OV_TF_LITE_FRONTEND=OFF -DENABLE_OV_PADDLE_FRONTEND=OFF -DENABLE_OV_PYTORCH_FRONTEND=ON -DENABLE_OV_JAX_FRONTEND=OFF -DENABLE_OV_ONNX_FRONTEND=ON -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S /work/src -B /work/build && - cmake --build /work/build --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} && - cmake --install /work/build --config ${{ env.CMAKE_BUILD_TYPE }} --prefix /work/install - cmake --install /work/build --config ${{ env.CMAKE_BUILD_TYPE }} --prefix /work/api_tests --component tests - " - - - name: Build Python API (Python 3.9-3.13) - run: | - SUPPORTED_PYTHON_VERSIONS=("3.9" "3.10" "3.11" "3.12" "3.13") - for PY_VER in "${SUPPORTED_PYTHON_VERSIONS[@]}"; do - simpler_python_version=$(echo $PY_VER | sed -e 's/\.//g') - python_path=/opt/python/cp${simpler_python_version}-cp${simpler_python_version}/bin - docker run --rm \ - -v ${{ env.OPENVINO_REPO }}:/work/src \ - -v ${{ env.INSTALL_WHEELS_DIR }}:/work/wheels \ - -v ${{ env.PIP_CACHE_PATH }}:/work/pip_cache \ - -v ${{ env.INSTALL_DIR }}:/work/install \ - -e SCCACHE_AZURE_BLOB_CONTAINER \ - -e SCCACHE_AZURE_CONNECTION_STRING \ - -e SCCACHE_SERVER_PORT \ - -e SCCACHE_IGNORE_SERVER_IO_ERROR \ - -e SCCACHE_CACHE_SIZE \ - -e SCCACHE_AZURE_KEY_PREFIX \ - -e CMAKE_CXX_COMPILER_LAUNCHER \ - -e CMAKE_C_COMPILER_LAUNCHER \ - -e CI_BUILD_NUMBER \ - -e CI_BUILD_DEV_TAG \ - -w /work/src \ - ${{ fromJSON(needs.docker.outputs.images).ov_build.manylinux2014_x86_64 }} \ - /bin/bash -c " - export PATH=${python_path}:\$PATH - PIP_VER=$(python3 -c "import pip; print(pip.__version__)") - export "PIP_CACHE_DIR=/work/pip_cache/${PIP_VER}" - python3 -m pip install -r /work/src/src/bindings/python/wheel/requirements-dev.txt && - cmake -DOpenVINODeveloperPackage_DIR=/work/build -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S /work/src/src/bindings/python -B /work/build_py${PY_VER} && - cmake --build /work/build_py${PY_VER} --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} && - cmake --install /work/build_py${PY_VER} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix /work/wheels --component python_wheels && - cmake --install /work/build_py${PY_VER} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix /work/install --component pyopenvino_python${PY_VER} - " - done +# - name: Build OpenVINO +# run: | +# docker run --rm \ +# -v ${{ env.OPENVINO_REPO }}:/work/src \ +# -v ${{ env.INSTALL_DIR }}:/work/install \ +# -v ${{ env.INSTALL_TEST_DIR }}:/work/api_tests \ +# -e SCCACHE_AZURE_BLOB_CONTAINER \ +# -e SCCACHE_AZURE_CONNECTION_STRING \ +# -e SCCACHE_SERVER_PORT \ +# -e SCCACHE_IGNORE_SERVER_IO_ERROR \ +# -e SCCACHE_CACHE_SIZE \ +# -e SCCACHE_AZURE_KEY_PREFIX \ +# -e CMAKE_CXX_COMPILER_LAUNCHER \ +# -e CMAKE_C_COMPILER_LAUNCHER \ +# -e CI_BUILD_NUMBER \ +# -e CI_BUILD_DEV_TAG \ +# -w /work/src \ +# ${{ fromJSON(needs.docker.outputs.images).ov_build.manylinux2014_x86_64 }} \ +# /bin/bash -c " +# python3.12 -m pip install -r /work/src/src/bindings/python/wheel/requirements-dev.txt +# cmake -DPython3_EXECUTABLE=/usr/local/bin/python3.12 -DENABLE_CPPLINT=OFF -DENABLE_NCC_STYLE=OFF -DENABLE_TESTS=ON -DCMAKE_VERBOSE_MAKEFILE=ON -DENABLE_OV_TF_FRONTEND=OFF -DENABLE_OV_TF_LITE_FRONTEND=OFF -DENABLE_OV_PADDLE_FRONTEND=OFF -DENABLE_OV_PYTORCH_FRONTEND=ON -DENABLE_OV_JAX_FRONTEND=OFF -DENABLE_OV_ONNX_FRONTEND=ON -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S /work/src -B /work/build && +# cmake --build /work/build --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} && +# cmake --install /work/build --config ${{ env.CMAKE_BUILD_TYPE }} --prefix /work/install +# cmake --install /work/build --config ${{ env.CMAKE_BUILD_TYPE }} --prefix /work/api_tests --component tests +# " +# +# - name: Build Python API (Python 3.9-3.13) +# run: | +# SUPPORTED_PYTHON_VERSIONS=("3.9" "3.10" "3.11" "3.12" "3.13") +# for PY_VER in "${SUPPORTED_PYTHON_VERSIONS[@]}"; do +# simpler_python_version=$(echo $PY_VER | sed -e 's/\.//g') +# python_path=/opt/python/cp${simpler_python_version}-cp${simpler_python_version}/bin +# docker run --rm \ +# -v ${{ env.OPENVINO_REPO }}:/work/src \ +# -v ${{ env.INSTALL_WHEELS_DIR }}:/work/wheels \ +# -v ${{ env.PIP_CACHE_PATH }}:/work/pip_cache \ +# -v ${{ env.INSTALL_DIR }}:/work/install \ +# -e SCCACHE_AZURE_BLOB_CONTAINER \ +# -e SCCACHE_AZURE_CONNECTION_STRING \ +# -e SCCACHE_SERVER_PORT \ +# -e SCCACHE_IGNORE_SERVER_IO_ERROR \ +# -e SCCACHE_CACHE_SIZE \ +# -e SCCACHE_AZURE_KEY_PREFIX \ +# -e CMAKE_CXX_COMPILER_LAUNCHER \ +# -e CMAKE_C_COMPILER_LAUNCHER \ +# -e CI_BUILD_NUMBER \ +# -e CI_BUILD_DEV_TAG \ +# -w /work/src \ +# ${{ fromJSON(needs.docker.outputs.images).ov_build.manylinux2014_x86_64 }} \ +# /bin/bash -c " +# export PATH=${python_path}:\$PATH +# PIP_VER=$(python3 -c "import pip; print(pip.__version__)") +# export "PIP_CACHE_DIR=/work/pip_cache/${PIP_VER}" +# python3 -m pip install -r /work/src/src/bindings/python/wheel/requirements-dev.txt && +# cmake -DOpenVINODeveloperPackage_DIR=/work/build -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S /work/src/src/bindings/python -B /work/build_py${PY_VER} && +# cmake --build /work/build_py${PY_VER} --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} && +# cmake --install /work/build_py${PY_VER} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix /work/wheels --component python_wheels && +# cmake --install /work/build_py${PY_VER} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix /work/install --component pyopenvino_python${PY_VER} +# " +# done - name: Pack Artifacts run: mkdir -p ${{ env.BUILD_DIR }} && tar -cvf - * | pigz > ${{ env.BUILD_DIR }}/openvino_package.tar.gz From ec88f35d0bdebff8b4c0b37c70035f0134e62112 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Thu, 1 May 2025 11:07:05 +0100 Subject: [PATCH 063/104] skip --- .github/workflows/manylinux_2014.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index 01ebcfb9ce1d04..4e15c1b421a43e 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -124,16 +124,16 @@ jobs: - name: System info uses: ./src/.github/actions/system_info - - name: Generate product manifest and set CI_BUILD_NUMBER & CI_BUILD_DEV_TAG - id: create_manifest - uses: ./src/.github/actions/create_manifest - with: - repos: | - ${{ env.OPENVINO_REPO }} - product_type: ${{ env.PRODUCT_TYPE }} - target_arch: ${{ env.ARCH }} - build_type: ${{ env.CMAKE_BUILD_TYPE }} - save_to: ${{ env.MANIFEST_PATH }} +# - name: Generate product manifest and set CI_BUILD_NUMBER & CI_BUILD_DEV_TAG +# id: create_manifest +# uses: ./src/.github/actions/create_manifest +# with: +# repos: | +# ${{ env.OPENVINO_REPO }} +# product_type: ${{ env.PRODUCT_TYPE }} +# target_arch: ${{ env.ARCH }} +# build_type: ${{ env.CMAKE_BUILD_TYPE }} +# save_to: ${{ env.MANIFEST_PATH }} - name: Build OpenVINO run: | From 205add5ab95c21e8ba21e8df4872397b5c2a7de3 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Thu, 1 May 2025 11:52:00 +0100 Subject: [PATCH 064/104] add dependencies, use the correct gcc --- .github/dockerfiles/ov_build/manylinux_2_28/Dockerfile | 2 +- .github/workflows/manylinux_2014.yml | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile b/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile index 2525c621560475..89fe061efd0db0 100644 --- a/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile +++ b/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile @@ -18,7 +18,7 @@ RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash #RUN chmod +x /install_build_dependencies.sh && bash -e /install_build_dependencies.sh RUN dnf groupinstall -y "Development Tools" && \ - dnf install -y wget bzip2 gcc-c++ libmpc-devel mpfr-devel gmp-devel + dnf install -y wget bzip2 gcc-c++ libmpc-devel mpfr-devel gmp-devel cmake ccache ninja-build make RUN wget https://ftp.gnu.org/gnu/gcc/gcc-10.2.0/gcc-10.2.0.tar.gz && \ tar -xvf gcc-10.2.0.tar.gz && \ diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index 4e15c1b421a43e..bc6ce84ccaad72 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -137,6 +137,8 @@ jobs: - name: Build OpenVINO run: | + export CC=/usr/local/gcc-10.2.0/bin/gcc + export CXX=/usr/local/gcc-10.2.0/bin/g++ python3.12 -m pip install -r ${{ env.OPENVINO_REPO }}/src/bindings/python/wheel/requirements-dev.txt cmake -DPython3_EXECUTABLE=/usr/local/bin/python3.12 -DENABLE_CPPLINT=OFF -DENABLE_NCC_STYLE=OFF -DENABLE_TESTS=ON -DCMAKE_VERBOSE_MAKEFILE=ON -DENABLE_OV_TF_FRONTEND=OFF -DENABLE_OV_TF_LITE_FRONTEND=OFF -DENABLE_OV_PADDLE_FRONTEND=OFF -DENABLE_OV_PYTORCH_FRONTEND=ON -DENABLE_OV_JAX_FRONTEND=OFF -DENABLE_OV_ONNX_FRONTEND=ON -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S ${{ env.OPENVINO_REPO }} -B ${{ env.BUILD_DIR }} cmake --build ${{ env.BUILD_DIR }} --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} From 17dd3e8f4f3ccded5a0091a152cb15bd01670587 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Thu, 1 May 2025 13:56:20 +0100 Subject: [PATCH 065/104] headers --- .github/dockerfiles/ov_build/manylinux_2_28/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile b/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile index 89fe061efd0db0..fb6c664ca796dd 100644 --- a/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile +++ b/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile @@ -17,8 +17,8 @@ RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash #ADD install_build_dependencies.sh /install_build_dependencies.sh #RUN chmod +x /install_build_dependencies.sh && bash -e /install_build_dependencies.sh -RUN dnf groupinstall -y "Development Tools" && \ - dnf install -y wget bzip2 gcc-c++ libmpc-devel mpfr-devel gmp-devel cmake ccache ninja-build make +RUN yum groupinstall -y "Development Tools" && \ + yum install -y wget bzip2 gcc-c++ libmpc-devel mpfr-devel gmp-devel cmake ccache ninja-build make tbb-devel ocl-icd-devel opencl-headers RUN wget https://ftp.gnu.org/gnu/gcc/gcc-10.2.0/gcc-10.2.0.tar.gz && \ tar -xvf gcc-10.2.0.tar.gz && \ From 65e1a5d6a2d2f8adcf12165bbff5ee5e7a568fff Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Fri, 2 May 2025 09:36:41 +0100 Subject: [PATCH 066/104] specify linker --- .github/workflows/manylinux_2014.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index 2c85741ee92cba..bc4486650c489b 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -146,7 +146,7 @@ jobs: export CC=/usr/local/gcc-10.2.0/bin/gcc export CXX=/usr/local/gcc-10.2.0/bin/g++ python3.12 -m pip install -r ${{ env.OPENVINO_REPO }}/src/bindings/python/wheel/requirements-dev.txt - cmake -DPython3_EXECUTABLE=/usr/local/bin/python3.12 -DENABLE_CPPLINT=OFF -DENABLE_NCC_STYLE=OFF -DENABLE_TESTS=ON -DCMAKE_VERBOSE_MAKEFILE=ON -DENABLE_OV_TF_FRONTEND=OFF -DENABLE_OV_TF_LITE_FRONTEND=OFF -DENABLE_OV_PADDLE_FRONTEND=OFF -DENABLE_OV_PYTORCH_FRONTEND=ON -DENABLE_OV_JAX_FRONTEND=OFF -DENABLE_OV_ONNX_FRONTEND=ON -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S ${{ env.OPENVINO_REPO }} -B ${{ env.BUILD_DIR }} + cmake -DPython3_EXECUTABLE=/usr/local/bin/python3.12 -DCMAKE_LINKER=lld -DENABLE_CPPLINT=OFF -DENABLE_NCC_STYLE=OFF -DENABLE_TESTS=ON -DCMAKE_VERBOSE_MAKEFILE=ON -DENABLE_OV_TF_FRONTEND=OFF -DENABLE_OV_TF_LITE_FRONTEND=OFF -DENABLE_OV_PADDLE_FRONTEND=OFF -DENABLE_OV_PYTORCH_FRONTEND=ON -DENABLE_OV_JAX_FRONTEND=OFF -DENABLE_OV_ONNX_FRONTEND=ON -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S ${{ env.OPENVINO_REPO }} -B ${{ env.BUILD_DIR }} cmake --build ${{ env.BUILD_DIR }} --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} cmake --install ${{ env.BUILD_DIR }} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_DIR }} cmake --install ${{ env.BUILD_DIR }} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_TEST_DIR }} --component tests From 46184bbe64cb8855ccd10ba61e0b6c7f550f08d8 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Fri, 2 May 2025 09:39:53 +0100 Subject: [PATCH 067/104] fix cmake option --- .github/workflows/manylinux_2014.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index bc4486650c489b..a4e0cef31ab063 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -146,7 +146,7 @@ jobs: export CC=/usr/local/gcc-10.2.0/bin/gcc export CXX=/usr/local/gcc-10.2.0/bin/g++ python3.12 -m pip install -r ${{ env.OPENVINO_REPO }}/src/bindings/python/wheel/requirements-dev.txt - cmake -DPython3_EXECUTABLE=/usr/local/bin/python3.12 -DCMAKE_LINKER=lld -DENABLE_CPPLINT=OFF -DENABLE_NCC_STYLE=OFF -DENABLE_TESTS=ON -DCMAKE_VERBOSE_MAKEFILE=ON -DENABLE_OV_TF_FRONTEND=OFF -DENABLE_OV_TF_LITE_FRONTEND=OFF -DENABLE_OV_PADDLE_FRONTEND=OFF -DENABLE_OV_PYTORCH_FRONTEND=ON -DENABLE_OV_JAX_FRONTEND=OFF -DENABLE_OV_ONNX_FRONTEND=ON -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S ${{ env.OPENVINO_REPO }} -B ${{ env.BUILD_DIR }} + cmake -DPython3_EXECUTABLE=/usr/local/bin/python3.12 -DCMAKE_CXX_FLAGS="-fuse-ld=lld" -DENABLE_CPPLINT=OFF -DENABLE_NCC_STYLE=OFF -DENABLE_TESTS=ON -DCMAKE_VERBOSE_MAKEFILE=ON -DENABLE_OV_TF_FRONTEND=OFF -DENABLE_OV_TF_LITE_FRONTEND=OFF -DENABLE_OV_PADDLE_FRONTEND=OFF -DENABLE_OV_PYTORCH_FRONTEND=ON -DENABLE_OV_JAX_FRONTEND=OFF -DENABLE_OV_ONNX_FRONTEND=ON -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S ${{ env.OPENVINO_REPO }} -B ${{ env.BUILD_DIR }} cmake --build ${{ env.BUILD_DIR }} --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} cmake --install ${{ env.BUILD_DIR }} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_DIR }} cmake --install ${{ env.BUILD_DIR }} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_TEST_DIR }} --component tests From 9032f47bb473919f3d4590f0ec26c3f6a97c5fb4 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Fri, 2 May 2025 10:04:42 +0100 Subject: [PATCH 068/104] install lld --- .github/dockerfiles/ov_build/manylinux_2_28/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile b/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile index fb6c664ca796dd..3a42c237590c60 100644 --- a/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile +++ b/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile @@ -18,7 +18,7 @@ RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash #RUN chmod +x /install_build_dependencies.sh && bash -e /install_build_dependencies.sh RUN yum groupinstall -y "Development Tools" && \ - yum install -y wget bzip2 gcc-c++ libmpc-devel mpfr-devel gmp-devel cmake ccache ninja-build make tbb-devel ocl-icd-devel opencl-headers + yum install -y wget bzip2 gcc-c++ libmpc-devel mpfr-devel gmp-devel cmake ccache ninja-build make tbb-devel ocl-icd-devel opencl-headers lld RUN wget https://ftp.gnu.org/gnu/gcc/gcc-10.2.0/gcc-10.2.0.tar.gz && \ tar -xvf gcc-10.2.0.tar.gz && \ From b08b718ce02c756fd4ab6b0d07325661af5c072e Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Fri, 2 May 2025 12:03:34 +0100 Subject: [PATCH 069/104] use cmake 3.26 --- .github/workflows/manylinux_2014.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index a4e0cef31ab063..250093d905c82c 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -146,10 +146,10 @@ jobs: export CC=/usr/local/gcc-10.2.0/bin/gcc export CXX=/usr/local/gcc-10.2.0/bin/g++ python3.12 -m pip install -r ${{ env.OPENVINO_REPO }}/src/bindings/python/wheel/requirements-dev.txt - cmake -DPython3_EXECUTABLE=/usr/local/bin/python3.12 -DCMAKE_CXX_FLAGS="-fuse-ld=lld" -DENABLE_CPPLINT=OFF -DENABLE_NCC_STYLE=OFF -DENABLE_TESTS=ON -DCMAKE_VERBOSE_MAKEFILE=ON -DENABLE_OV_TF_FRONTEND=OFF -DENABLE_OV_TF_LITE_FRONTEND=OFF -DENABLE_OV_PADDLE_FRONTEND=OFF -DENABLE_OV_PYTORCH_FRONTEND=ON -DENABLE_OV_JAX_FRONTEND=OFF -DENABLE_OV_ONNX_FRONTEND=ON -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S ${{ env.OPENVINO_REPO }} -B ${{ env.BUILD_DIR }} - cmake --build ${{ env.BUILD_DIR }} --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} - cmake --install ${{ env.BUILD_DIR }} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_DIR }} - cmake --install ${{ env.BUILD_DIR }} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_TEST_DIR }} --component tests + /usr/bin/cmake -DPython3_EXECUTABLE=/usr/local/bin/python3.12 -DCMAKE_CXX_FLAGS="-fuse-ld=lld" -DENABLE_CPPLINT=OFF -DENABLE_NCC_STYLE=OFF -DENABLE_TESTS=ON -DCMAKE_VERBOSE_MAKEFILE=ON -DENABLE_OV_TF_FRONTEND=OFF -DENABLE_OV_TF_LITE_FRONTEND=OFF -DENABLE_OV_PADDLE_FRONTEND=OFF -DENABLE_OV_PYTORCH_FRONTEND=ON -DENABLE_OV_JAX_FRONTEND=OFF -DENABLE_OV_ONNX_FRONTEND=ON -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S ${{ env.OPENVINO_REPO }} -B ${{ env.BUILD_DIR }} + /usr/bin/cmake --build ${{ env.BUILD_DIR }} --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} + /usr/bin/cmake --install ${{ env.BUILD_DIR }} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_DIR }} + /usr/bin/cmake --install ${{ env.BUILD_DIR }} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_TEST_DIR }} --component tests # - name: Build OpenVINO # run: | From d0d62d2266d6d565cf3a416b27d524ba8ccdad0e Mon Sep 17 00:00:00 2001 From: Mikhail Ryzhov Date: Fri, 2 May 2025 13:49:27 +0200 Subject: [PATCH 070/104] Update .github/workflows/manylinux_2014.yml --- .github/workflows/manylinux_2014.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index 250093d905c82c..cc0beb936d7242 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -145,6 +145,7 @@ jobs: run: | export CC=/usr/local/gcc-10.2.0/bin/gcc export CXX=/usr/local/gcc-10.2.0/bin/g++ + export LIBRARY_PATH=/usr/local/gcc-10.2.0/lib64:$LIBRARY_PATH python3.12 -m pip install -r ${{ env.OPENVINO_REPO }}/src/bindings/python/wheel/requirements-dev.txt /usr/bin/cmake -DPython3_EXECUTABLE=/usr/local/bin/python3.12 -DCMAKE_CXX_FLAGS="-fuse-ld=lld" -DENABLE_CPPLINT=OFF -DENABLE_NCC_STYLE=OFF -DENABLE_TESTS=ON -DCMAKE_VERBOSE_MAKEFILE=ON -DENABLE_OV_TF_FRONTEND=OFF -DENABLE_OV_TF_LITE_FRONTEND=OFF -DENABLE_OV_PADDLE_FRONTEND=OFF -DENABLE_OV_PYTORCH_FRONTEND=ON -DENABLE_OV_JAX_FRONTEND=OFF -DENABLE_OV_ONNX_FRONTEND=ON -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S ${{ env.OPENVINO_REPO }} -B ${{ env.BUILD_DIR }} /usr/bin/cmake --build ${{ env.BUILD_DIR }} --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} From 79282f9048eff5e4332439aae77ad09bdd61ed41 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Thu, 8 May 2025 13:28:57 +0200 Subject: [PATCH 071/104] path w/o gcc-14 --- .github/dockerfiles/ov_build/manylinux_2_28/Dockerfile | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile b/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile index 3a42c237590c60..4c8665e91dc5c3 100644 --- a/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile +++ b/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile @@ -40,7 +40,9 @@ RUN mkdir ${SCCACHE_HOME} && cd ${SCCACHE_HOME} && \ curl -SLO https://github.com/mozilla/sccache/releases/download/${SCCACHE_VERSION}/${SCCACHE_ARCHIVE} && \ tar -xzf ${SCCACHE_ARCHIVE} --strip-components=1 && rm ${SCCACHE_ARCHIVE} -ENV PATH="$SCCACHE_HOME:$PATH" +# ENV PATH="$SCCACHE_HOME:$PATH" + +ENV PATH=/home/runner/.local/bin:/home/runner/bin:/usr/share/Modules/bin:/usr/lib64/ccache:/opt/sccache:/usr/local/gcc-10.2.0/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin # Change ownership of the home directory to the non-root user RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} From 7c19e8236ed2ce1ecc20ccb841cceb030394f35a Mon Sep 17 00:00:00 2001 From: Mikhail Ryzhov Date: Thu, 8 May 2025 16:01:13 +0200 Subject: [PATCH 072/104] Update .github/workflows/manylinux_2014.yml --- .github/workflows/manylinux_2014.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index ec8d8db4295940..b42a5b44950f25 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -152,7 +152,7 @@ jobs: export CXX=/usr/local/gcc-10.2.0/bin/g++ export LIBRARY_PATH=/usr/local/gcc-10.2.0/lib64:$LIBRARY_PATH python3.12 -m pip install -r ${{ env.OPENVINO_REPO }}/src/bindings/python/wheel/requirements-dev.txt - /usr/bin/cmake -DPython3_EXECUTABLE=/usr/local/bin/python3.12 -DCMAKE_CXX_FLAGS="-fuse-ld=lld" -DENABLE_CPPLINT=OFF -DENABLE_NCC_STYLE=OFF -DENABLE_TESTS=ON -DCMAKE_VERBOSE_MAKEFILE=ON -DENABLE_OV_TF_FRONTEND=OFF -DENABLE_OV_TF_LITE_FRONTEND=OFF -DENABLE_OV_PADDLE_FRONTEND=OFF -DENABLE_OV_PYTORCH_FRONTEND=ON -DENABLE_OV_JAX_FRONTEND=OFF -DENABLE_OV_ONNX_FRONTEND=ON -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S ${{ env.OPENVINO_REPO }} -B ${{ env.BUILD_DIR }} + /usr/bin/cmake -DPython3_EXECUTABLE=/usr/local/bin/python3.12 -D_GLIBCXX_USE_CXX11_ABI=0 -DCMAKE_CXX_FLAGS="-fuse-ld=lld" -DENABLE_CPPLINT=OFF -DENABLE_NCC_STYLE=OFF -DENABLE_TESTS=ON -DCMAKE_VERBOSE_MAKEFILE=ON -DENABLE_OV_TF_FRONTEND=OFF -DENABLE_OV_TF_LITE_FRONTEND=OFF -DENABLE_OV_PADDLE_FRONTEND=OFF -DENABLE_OV_PYTORCH_FRONTEND=ON -DENABLE_OV_JAX_FRONTEND=OFF -DENABLE_OV_ONNX_FRONTEND=ON -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S ${{ env.OPENVINO_REPO }} -B ${{ env.BUILD_DIR }} /usr/bin/cmake --build ${{ env.BUILD_DIR }} --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} /usr/bin/cmake --install ${{ env.BUILD_DIR }} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_DIR }} /usr/bin/cmake --install ${{ env.BUILD_DIR }} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_TEST_DIR }} --component tests From 5cc4c68206d849cf4faa1b9ed5f4f7c3e5231a2a Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Fri, 9 May 2025 11:37:22 +0200 Subject: [PATCH 073/104] new LD_LIBRARY_PATH --- .github/workflows/manylinux_2014.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index b42a5b44950f25..e8ec3ebb2605ca 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -151,6 +151,7 @@ jobs: export CC=/usr/local/gcc-10.2.0/bin/gcc export CXX=/usr/local/gcc-10.2.0/bin/g++ export LIBRARY_PATH=/usr/local/gcc-10.2.0/lib64:$LIBRARY_PATH + export LD_LIBRARY_PATH=/usr/local/gcc-10.2.0/lib64:/usr/local/gcc-10.2.0:/usr/local/gcc-10.2.0/lib python3.12 -m pip install -r ${{ env.OPENVINO_REPO }}/src/bindings/python/wheel/requirements-dev.txt /usr/bin/cmake -DPython3_EXECUTABLE=/usr/local/bin/python3.12 -D_GLIBCXX_USE_CXX11_ABI=0 -DCMAKE_CXX_FLAGS="-fuse-ld=lld" -DENABLE_CPPLINT=OFF -DENABLE_NCC_STYLE=OFF -DENABLE_TESTS=ON -DCMAKE_VERBOSE_MAKEFILE=ON -DENABLE_OV_TF_FRONTEND=OFF -DENABLE_OV_TF_LITE_FRONTEND=OFF -DENABLE_OV_PADDLE_FRONTEND=OFF -DENABLE_OV_PYTORCH_FRONTEND=ON -DENABLE_OV_JAX_FRONTEND=OFF -DENABLE_OV_ONNX_FRONTEND=ON -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S ${{ env.OPENVINO_REPO }} -B ${{ env.BUILD_DIR }} /usr/bin/cmake --build ${{ env.BUILD_DIR }} --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} From 59e707e166c34ee1d1755569dc442f50cd856239 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Fri, 9 May 2025 16:52:14 +0200 Subject: [PATCH 074/104] build py api outside docker --- .github/workflows/manylinux_2014.yml | 40 ++++++++-------------------- 1 file changed, 11 insertions(+), 29 deletions(-) diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index 63c27e200b6566..e755769990c972 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -162,36 +162,18 @@ jobs: run: | SUPPORTED_PYTHON_VERSIONS=("3.9" "3.10" "3.11" "3.12" "3.13") for PY_VER in "${SUPPORTED_PYTHON_VERSIONS[@]}"; do + + py_build_dir=${{ github.workspace }}/build_py${PY_VER} simpler_python_version=$(echo $PY_VER | sed -e 's/\.//g') - python_path=/opt/python/cp${simpler_python_version}-cp${simpler_python_version}/bin - docker run --rm \ - -v ${{ env.OPENVINO_REPO }}:/work/src \ - -v ${{ env.INSTALL_WHEELS_DIR }}:/work/wheels \ - -v ${{ env.PIP_CACHE_PATH }}:/work/pip_cache \ - -v ${{ env.INSTALL_DIR }}:/work/install \ - -v ov_build_cache:/work/build \ - -e SCCACHE_AZURE_BLOB_CONTAINER \ - -e SCCACHE_AZURE_CONNECTION_STRING \ - -e SCCACHE_SERVER_PORT \ - -e SCCACHE_IGNORE_SERVER_IO_ERROR \ - -e SCCACHE_CACHE_SIZE \ - -e SCCACHE_AZURE_KEY_PREFIX \ - -e CMAKE_CXX_COMPILER_LAUNCHER \ - -e CMAKE_C_COMPILER_LAUNCHER \ - -e CI_BUILD_NUMBER \ - -e CI_BUILD_DEV_TAG \ - -w /work/src \ - ${{ fromJSON(needs.docker.outputs.images).ov_build.manylinux2014_x86_64 }} \ - /bin/bash -c " - export PATH=${python_path}:\$PATH - PIP_VER=$(python3 -c "import pip; print(pip.__version__)") - export "PIP_CACHE_DIR=/work/pip_cache/${PIP_VER}" - python3 -m pip install -r /work/src/src/bindings/python/wheel/requirements-dev.txt && - cmake -DOpenVINODeveloperPackage_DIR=/work/build -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S /work/src/src/bindings/python -B /work/build_py${PY_VER} && - cmake --build /work/build_py${PY_VER} --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} && - cmake --install /work/build_py${PY_VER} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix /work/wheels --component python_wheels && - cmake --install /work/build_py${PY_VER} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix /work/install --component pyopenvino_python${PY_VER} - " + python_path=/opt/python/cp${simpler_python_version}-cp${simpler_python_version}/bin/python3 + PIP_VER=$(${python_path} -c "import pip; print(pip.__version__)") + export "PIP_CACHE_DIR=${{ env.PIP_CACHE_PATH }}/${PIP_VER}" + ${python_path} -m pip install -r ${{ env.OPENVINO_REPO }}/src/bindings/python/wheel/requirements-dev.txt + /usr/bin/cmake -DOpenVINODeveloperPackage_DIR=${{ env.BUILD_DIR }} -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S ${{ env.OPENVINO_REPO }}/src/bindings/python -B ${py_build_dir} + /usr/bin/cmake --build ${py_build_dir} --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} + /usr/bin/cmake --install ${py_build_dir} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_WHEELS_DIR }} --component python_wheels + /usr/bin/cmake --install ${py_build_dir} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_DIR }} --component pyopenvino_python${PY_VER} + done - name: Pack Artifacts From 9cddfb2ca2c2ec7ab4c291d4130cd04c629eb217 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Tue, 13 May 2025 10:43:01 +0200 Subject: [PATCH 075/104] skip storage --- .github/workflows/job_build_linux.yml | 40 +++++++++++++-------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/.github/workflows/job_build_linux.yml b/.github/workflows/job_build_linux.yml index 18585924815bfd..7b1c35c3682541 100644 --- a/.github/workflows/job_build_linux.yml +++ b/.github/workflows/job_build_linux.yml @@ -395,23 +395,23 @@ jobs: mkdir deb && mv *.deb deb/ popd - - name: Store artifacts to a shared drive - id: store_artifacts - if: ${{ always() }} - uses: ./openvino/.github/actions/store_artifacts - with: - artifacts: | - ${{ env.BUILD_DIR }}/openvino_package.tar.gz - ${{ env.BUILD_DIR }}/developer_package.tar.gz - ${{ env.BUILD_DIR }}/openvino_tests.tar.gz - ${{ env.BUILD_DIR }}/deb - ${{ env.MANIFEST_PATH }} - ${{ env.STORE_JS == 'true' && format('{0}/openvino_js_package.tar.gz', env.BUILD_DIR) || '' }} - ${{ env.STORE_JS == 'true' && format('{0}/openvino_node_npm_package.tar.gz', env.BUILD_DIR) || '' }} - ${{ env.STORE_WHEELS == 'true' && format('{0}/wheels', env.INSTALL_WHEELS_DIR) || '' }} - storage_dir: ${{ env.PRODUCT_TYPE }} - storage_root: ${{ env.ARTIFACTS_SHARE }} - branch_name: ${{ inputs.target-branch }} - env: - STORE_WHEELS: ${{ inputs.os != 'debian_10' && inputs.arch != 'arm' }} - STORE_JS: ${{ fromJSON(inputs.affected-components).JS_API && inputs.build-js }} + # - name: Store artifacts to a shared drive + # id: store_artifacts + # if: ${{ always() }} + # uses: ./openvino/.github/actions/store_artifacts + # with: + # artifacts: | + # ${{ env.BUILD_DIR }}/openvino_package.tar.gz + # ${{ env.BUILD_DIR }}/developer_package.tar.gz + # ${{ env.BUILD_DIR }}/openvino_tests.tar.gz + # ${{ env.BUILD_DIR }}/deb + # ${{ env.MANIFEST_PATH }} + # ${{ env.STORE_JS == 'true' && format('{0}/openvino_js_package.tar.gz', env.BUILD_DIR) || '' }} + # ${{ env.STORE_JS == 'true' && format('{0}/openvino_node_npm_package.tar.gz', env.BUILD_DIR) || '' }} + # ${{ env.STORE_WHEELS == 'true' && format('{0}/wheels', env.INSTALL_WHEELS_DIR) || '' }} + # storage_dir: ${{ env.PRODUCT_TYPE }} + # storage_root: ${{ env.ARTIFACTS_SHARE }} + # branch_name: ${{ inputs.target-branch }} + # env: + # STORE_WHEELS: ${{ inputs.os != 'debian_10' && inputs.arch != 'arm' }} + # STORE_JS: ${{ fromJSON(inputs.affected-components).JS_API && inputs.build-js }} From bf0e52df4aded85d7a500f30ab313e23d8c31ca0 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Tue, 13 May 2025 10:53:49 +0200 Subject: [PATCH 076/104] comment out storage --- .github/actions/openvino_provider/action.yml | 2 +- .github/workflows/manylinux_2014.yml | 26 ++++++++++---------- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/.github/actions/openvino_provider/action.yml b/.github/actions/openvino_provider/action.yml index 6ec6440cfd2d1c..e1eacd9580f6f3 100644 --- a/.github/actions/openvino_provider/action.yml +++ b/.github/actions/openvino_provider/action.yml @@ -162,7 +162,7 @@ runs: if: steps.get_source.outputs.artifacts_source == 's3' && inputs.revision != 'latest_nightly' shell: bash run: >- - python3 -m venv venv && . venv/bin/activate && + cd ~ && python3 -m venv venv && . venv/bin/activate && pip install -r $GITHUB_ACTION_PATH/requirements.txt && python $GITHUB_ACTION_PATH/get_s3_package.py --product openvino --platform ${{ inputs.platform }} --arch ${{ inputs.arch }} --version ${{ inputs.revision }} diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index 6f0205f27b29a4..9f4925212d736f 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -212,19 +212,19 @@ jobs: path: ${{ env.BUILD_DIR }}/openvino_tests.tar.gz if-no-files-found: 'error' - - name: Store artifacts to a shared drive - id: store_artifacts - if: ${{ always() }} - uses: ./src/.github/actions/store_artifacts - with: - artifacts: | - ${{ env.BUILD_DIR }}/openvino_package.tar.gz - ${{ env.BUILD_DIR }}/openvino_tests.tar.gz - ${{ env.MANIFEST_PATH }} - ${{ env.INSTALL_WHEELS_DIR }}/wheels - storage_dir: ${{ env.PRODUCT_TYPE }} - storage_root: ${{ env.ARTIFACTS_SHARE }} - branch_name: ${{ inputs.target-branch }} + # - name: Store artifacts to a shared drive + # id: store_artifacts + # if: ${{ always() }} + # uses: ./src/.github/actions/store_artifacts + # with: + # artifacts: | + # ${{ env.BUILD_DIR }}/openvino_package.tar.gz + # ${{ env.BUILD_DIR }}/openvino_tests.tar.gz + # ${{ env.MANIFEST_PATH }} + # ${{ env.INSTALL_WHEELS_DIR }}/wheels + # storage_dir: ${{ env.PRODUCT_TYPE }} + # storage_root: ${{ env.ARTIFACTS_SHARE }} + # branch_name: ${{ inputs.target-branch }} Python_API_Tests: name: Python API tests From 0809d027190996b218702bc92ab738c000e360b4 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Tue, 13 May 2025 12:11:38 +0200 Subject: [PATCH 077/104] skip --- .github/workflows/manylinux_2014.yml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index 9f4925212d736f..5f55a4524fbd6e 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -135,17 +135,17 @@ jobs: - name: System info uses: ./src/.github/actions/system_info - - name: Generate product manifest and set CI_BUILD_NUMBER & CI_BUILD_DEV_TAG - id: create_manifest - uses: ./src/.github/actions/create_manifest - with: - repos: | - ${{ env.OPENVINO_REPO }} - product_type: ${{ env.PRODUCT_TYPE }} - target_arch: ${{ env.ARCH }} - build_type: ${{ env.CMAKE_BUILD_TYPE }} - save_to: ${{ env.MANIFEST_PATH }} - trigger_repo_branch: ${{ inputs.target-branch }} + # - name: Generate product manifest and set CI_BUILD_NUMBER & CI_BUILD_DEV_TAG + # id: create_manifest + # uses: ./src/.github/actions/create_manifest + # with: + # repos: | + # ${{ env.OPENVINO_REPO }} + # product_type: ${{ env.PRODUCT_TYPE }} + # target_arch: ${{ env.ARCH }} + # build_type: ${{ env.CMAKE_BUILD_TYPE }} + # save_to: ${{ env.MANIFEST_PATH }} + # trigger_repo_branch: ${{ inputs.target-branch }} - name: Build OpenVINO run: | From 425c582af6430444681ed778f951595e8f38bf11 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Tue, 13 May 2025 14:47:22 +0200 Subject: [PATCH 078/104] add py3 to cmake --- .github/workflows/manylinux_2014.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index 5f55a4524fbd6e..8c8874c63f88f2 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -170,7 +170,7 @@ jobs: PIP_VER=$(${python_path} -c "import pip; print(pip.__version__)") export "PIP_CACHE_DIR=${{ env.PIP_CACHE_PATH }}/${PIP_VER}" ${python_path} -m pip install -r ${{ env.OPENVINO_REPO }}/src/bindings/python/wheel/requirements-dev.txt - /usr/bin/cmake -DOpenVINODeveloperPackage_DIR=${{ env.BUILD_DIR }} -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S ${{ env.OPENVINO_REPO }}/src/bindings/python -B ${py_build_dir} + /usr/bin/cmake -DPython3_EXECUTABLE=${python_path} -DOpenVINODeveloperPackage_DIR=${{ env.BUILD_DIR }} -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S ${{ env.OPENVINO_REPO }}/src/bindings/python -B ${py_build_dir} /usr/bin/cmake --build ${py_build_dir} --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} /usr/bin/cmake --install ${py_build_dir} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_WHEELS_DIR }} --component python_wheels /usr/bin/cmake --install ${py_build_dir} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_DIR }} --component pyopenvino_python${PY_VER} From 69d65191a8c116eb393bf8693c2ebe2470807ceb Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Tue, 13 May 2025 15:36:27 +0200 Subject: [PATCH 079/104] ad dvars to Py API biulding --- .github/workflows/manylinux_2014.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index 8c8874c63f88f2..31733344a4467f 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -161,6 +161,11 @@ jobs: - name: Build Python API (Python 3.9-3.13) run: | + export CC=/usr/local/gcc-10.2.0/bin/gcc + export CXX=/usr/local/gcc-10.2.0/bin/g++ + export LIBRARY_PATH=/usr/local/gcc-10.2.0/lib64:$LIBRARY_PATH + export LD_LIBRARY_PATH=/usr/local/gcc-10.2.0/lib64:/usr/local/gcc-10.2.0:/usr/local/gcc-10.2.0/lib + SUPPORTED_PYTHON_VERSIONS=("3.9" "3.10" "3.11" "3.12" "3.13") for PY_VER in "${SUPPORTED_PYTHON_VERSIONS[@]}"; do From e829879556a455a6c8158616f805449247f40a93 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Wed, 14 May 2025 12:08:04 +0200 Subject: [PATCH 080/104] do not build gcc10, use the default one --- .../ov_build/manylinux_2_28/Dockerfile | 24 ++++++++----------- .github/workflows/manylinux_2014.yml | 9 ------- 2 files changed, 10 insertions(+), 23 deletions(-) diff --git a/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile b/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile index 4c8665e91dc5c3..34b836ac464ad0 100644 --- a/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile +++ b/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile @@ -13,22 +13,18 @@ ENV GROUP_ID=${USER_ID} RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash -# Install build dependencies -#ADD install_build_dependencies.sh /install_build_dependencies.sh -#RUN chmod +x /install_build_dependencies.sh && bash -e /install_build_dependencies.sh - RUN yum groupinstall -y "Development Tools" && \ yum install -y wget bzip2 gcc-c++ libmpc-devel mpfr-devel gmp-devel cmake ccache ninja-build make tbb-devel ocl-icd-devel opencl-headers lld -RUN wget https://ftp.gnu.org/gnu/gcc/gcc-10.2.0/gcc-10.2.0.tar.gz && \ - tar -xvf gcc-10.2.0.tar.gz && \ - cd gcc-10.2.0 && \ - mkdir build && cd build && \ - ../configure --prefix=/usr/local/gcc-10.2.0 --enable-languages=c,c++ --disable-multilib && \ - make -j$(nproc) && \ - make install +# RUN wget https://ftp.gnu.org/gnu/gcc/gcc-10.2.0/gcc-10.2.0.tar.gz && \ +# tar -xvf gcc-10.2.0.tar.gz && \ +# cd gcc-10.2.0 && \ +# mkdir build && cd build && \ +# ../configure --prefix=/usr/local/gcc-10.2.0 --enable-languages=c,c++ --disable-multilib && \ +# make -j$(nproc) && \ +# make install -ENV PATH=/usr/local/gcc-10.2.0/bin:$PATH +# ENV PATH=/usr/local/gcc-10.2.0/bin:$PATH # Install sscache ARG SCCACHE_VERSION="v0.7.5" @@ -40,9 +36,9 @@ RUN mkdir ${SCCACHE_HOME} && cd ${SCCACHE_HOME} && \ curl -SLO https://github.com/mozilla/sccache/releases/download/${SCCACHE_VERSION}/${SCCACHE_ARCHIVE} && \ tar -xzf ${SCCACHE_ARCHIVE} --strip-components=1 && rm ${SCCACHE_ARCHIVE} -# ENV PATH="$SCCACHE_HOME:$PATH" +ENV PATH="$SCCACHE_HOME:$PATH" -ENV PATH=/home/runner/.local/bin:/home/runner/bin:/usr/share/Modules/bin:/usr/lib64/ccache:/opt/sccache:/usr/local/gcc-10.2.0/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +# ENV PATH=/home/runner/.local/bin:/home/runner/bin:/usr/share/Modules/bin:/usr/lib64/ccache:/opt/sccache:/usr/local/gcc-10.2.0/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin # Change ownership of the home directory to the non-root user RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index 31733344a4467f..34fcae9bb54981 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -149,10 +149,6 @@ jobs: - name: Build OpenVINO run: | - export CC=/usr/local/gcc-10.2.0/bin/gcc - export CXX=/usr/local/gcc-10.2.0/bin/g++ - export LIBRARY_PATH=/usr/local/gcc-10.2.0/lib64:$LIBRARY_PATH - export LD_LIBRARY_PATH=/usr/local/gcc-10.2.0/lib64:/usr/local/gcc-10.2.0:/usr/local/gcc-10.2.0/lib python3.12 -m pip install -r ${{ env.OPENVINO_REPO }}/src/bindings/python/wheel/requirements-dev.txt /usr/bin/cmake -DPython3_EXECUTABLE=/usr/local/bin/python3.12 -D_GLIBCXX_USE_CXX11_ABI=0 -DCMAKE_CXX_FLAGS="-fuse-ld=lld" -DENABLE_CPPLINT=OFF -DENABLE_NCC_STYLE=OFF -DENABLE_TESTS=ON -DCMAKE_VERBOSE_MAKEFILE=ON -DENABLE_OV_TF_FRONTEND=OFF -DENABLE_OV_TF_LITE_FRONTEND=OFF -DENABLE_OV_PADDLE_FRONTEND=OFF -DENABLE_OV_PYTORCH_FRONTEND=ON -DENABLE_OV_JAX_FRONTEND=OFF -DENABLE_OV_ONNX_FRONTEND=ON -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S ${{ env.OPENVINO_REPO }} -B ${{ env.BUILD_DIR }} /usr/bin/cmake --build ${{ env.BUILD_DIR }} --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} @@ -161,11 +157,6 @@ jobs: - name: Build Python API (Python 3.9-3.13) run: | - export CC=/usr/local/gcc-10.2.0/bin/gcc - export CXX=/usr/local/gcc-10.2.0/bin/g++ - export LIBRARY_PATH=/usr/local/gcc-10.2.0/lib64:$LIBRARY_PATH - export LD_LIBRARY_PATH=/usr/local/gcc-10.2.0/lib64:/usr/local/gcc-10.2.0:/usr/local/gcc-10.2.0/lib - SUPPORTED_PYTHON_VERSIONS=("3.9" "3.10" "3.11" "3.12" "3.13") for PY_VER in "${SUPPORTED_PYTHON_VERSIONS[@]}"; do From efbff7dbe2ea09e15ea35116afca5c97b68f52d6 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Wed, 14 May 2025 13:13:36 +0200 Subject: [PATCH 081/104] rm flags --- .github/workflows/manylinux_2014.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index 34fcae9bb54981..8a1a3d41dfa396 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -150,7 +150,7 @@ jobs: - name: Build OpenVINO run: | python3.12 -m pip install -r ${{ env.OPENVINO_REPO }}/src/bindings/python/wheel/requirements-dev.txt - /usr/bin/cmake -DPython3_EXECUTABLE=/usr/local/bin/python3.12 -D_GLIBCXX_USE_CXX11_ABI=0 -DCMAKE_CXX_FLAGS="-fuse-ld=lld" -DENABLE_CPPLINT=OFF -DENABLE_NCC_STYLE=OFF -DENABLE_TESTS=ON -DCMAKE_VERBOSE_MAKEFILE=ON -DENABLE_OV_TF_FRONTEND=OFF -DENABLE_OV_TF_LITE_FRONTEND=OFF -DENABLE_OV_PADDLE_FRONTEND=OFF -DENABLE_OV_PYTORCH_FRONTEND=ON -DENABLE_OV_JAX_FRONTEND=OFF -DENABLE_OV_ONNX_FRONTEND=ON -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S ${{ env.OPENVINO_REPO }} -B ${{ env.BUILD_DIR }} + /usr/bin/cmake -DPython3_EXECUTABLE=/usr/local/bin/python3.12 -DENABLE_CPPLINT=OFF -DENABLE_NCC_STYLE=OFF -DENABLE_TESTS=ON -DCMAKE_VERBOSE_MAKEFILE=ON -DENABLE_OV_TF_FRONTEND=OFF -DENABLE_OV_TF_LITE_FRONTEND=OFF -DENABLE_OV_PADDLE_FRONTEND=OFF -DENABLE_OV_PYTORCH_FRONTEND=ON -DENABLE_OV_JAX_FRONTEND=OFF -DENABLE_OV_ONNX_FRONTEND=ON -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S ${{ env.OPENVINO_REPO }} -B ${{ env.BUILD_DIR }} /usr/bin/cmake --build ${{ env.BUILD_DIR }} --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} /usr/bin/cmake --install ${{ env.BUILD_DIR }} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_DIR }} /usr/bin/cmake --install ${{ env.BUILD_DIR }} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_TEST_DIR }} --component tests From aab226e2d9ddc4a425dd44ff0c4839484b914a84 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Wed, 14 May 2025 15:06:25 +0200 Subject: [PATCH 082/104] warning as error off --- .github/workflows/manylinux_2014.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index 8a1a3d41dfa396..15c8ae4a6ac556 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -150,7 +150,7 @@ jobs: - name: Build OpenVINO run: | python3.12 -m pip install -r ${{ env.OPENVINO_REPO }}/src/bindings/python/wheel/requirements-dev.txt - /usr/bin/cmake -DPython3_EXECUTABLE=/usr/local/bin/python3.12 -DENABLE_CPPLINT=OFF -DENABLE_NCC_STYLE=OFF -DENABLE_TESTS=ON -DCMAKE_VERBOSE_MAKEFILE=ON -DENABLE_OV_TF_FRONTEND=OFF -DENABLE_OV_TF_LITE_FRONTEND=OFF -DENABLE_OV_PADDLE_FRONTEND=OFF -DENABLE_OV_PYTORCH_FRONTEND=ON -DENABLE_OV_JAX_FRONTEND=OFF -DENABLE_OV_ONNX_FRONTEND=ON -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S ${{ env.OPENVINO_REPO }} -B ${{ env.BUILD_DIR }} + /usr/bin/cmake -DPython3_EXECUTABLE=/usr/local/bin/python3.12 -DCMAKE_COMPILE_WARNING_AS_ERROR=OFF -DENABLE_CPPLINT=OFF -DENABLE_NCC_STYLE=OFF -DENABLE_TESTS=ON -DCMAKE_VERBOSE_MAKEFILE=ON -DENABLE_OV_TF_FRONTEND=OFF -DENABLE_OV_TF_LITE_FRONTEND=OFF -DENABLE_OV_PADDLE_FRONTEND=OFF -DENABLE_OV_PYTORCH_FRONTEND=ON -DENABLE_OV_JAX_FRONTEND=OFF -DENABLE_OV_ONNX_FRONTEND=ON -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S ${{ env.OPENVINO_REPO }} -B ${{ env.BUILD_DIR }} /usr/bin/cmake --build ${{ env.BUILD_DIR }} --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} /usr/bin/cmake --install ${{ env.BUILD_DIR }} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_DIR }} /usr/bin/cmake --install ${{ env.BUILD_DIR }} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_TEST_DIR }} --component tests From 864a16da578b64b3d7e722b7010fe8ec8adad932 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Thu, 15 May 2025 10:06:42 +0200 Subject: [PATCH 083/104] no dangling reference --- .github/workflows/manylinux_2014.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index 15c8ae4a6ac556..c15a84df7a6e08 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -154,6 +154,8 @@ jobs: /usr/bin/cmake --build ${{ env.BUILD_DIR }} --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} /usr/bin/cmake --install ${{ env.BUILD_DIR }} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_DIR }} /usr/bin/cmake --install ${{ env.BUILD_DIR }} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_TEST_DIR }} --component tests + env: + CXXFLAGS: "-Wno-dangling-reference" - name: Build Python API (Python 3.9-3.13) run: | From 77f60ef283b03e20b40d80ae72c5db79d2ee7ac8 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Thu, 15 May 2025 13:09:03 +0200 Subject: [PATCH 084/104] update pip --- .github/dockerfiles/ov_test/fedora_33/Dockerfile | 3 +++ .github/workflows/manylinux_2014.yml | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/dockerfiles/ov_test/fedora_33/Dockerfile b/.github/dockerfiles/ov_test/fedora_33/Dockerfile index 2c6f899fc50c78..0a1382e97fb839 100644 --- a/.github/dockerfiles/ov_test/fedora_33/Dockerfile +++ b/.github/dockerfiles/ov_test/fedora_33/Dockerfile @@ -25,3 +25,6 @@ RUN mkdir -p $NVM_DIR RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | bash RUN . "$NVM_DIR/nvm.sh" && nvm install ${NODE_VERSION} ENV PATH="$NVM_DIR/versions/node/v${NODE_VERSION}/bin/:${PATH}" + +ENV PIP_VERSION="24.0" +RUN python3 -m pip install --upgrade pip==${PIP_VERSION} diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index c15a84df7a6e08..ce04c1fc70728f 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -155,7 +155,7 @@ jobs: /usr/bin/cmake --install ${{ env.BUILD_DIR }} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_DIR }} /usr/bin/cmake --install ${{ env.BUILD_DIR }} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_TEST_DIR }} --component tests env: - CXXFLAGS: "-Wno-dangling-reference" + CXXFLAGS: "-Wno-dangling-reference" # bug in gcc-14: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107532 - name: Build Python API (Python 3.9-3.13) run: | From 8222f7507ea93fb9df02d862f330e18222379f74 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Mon, 19 May 2025 11:32:00 +0200 Subject: [PATCH 085/104] use non-root in test dockerfiles --- .../ov_test/debian_10_py310/Dockerfile | 18 ++++++++++++++++++ .../dockerfiles/ov_test/fedora_33/Dockerfile | 18 ++++++++++++++++++ .../ov_test/ubuntu_20_04_x64_py313/Dockerfile | 18 ++++++++++++++++++ .../ubuntu_22_04_riscv_xuantie/Dockerfile | 18 ++++++++++++++++++ 4 files changed, 72 insertions(+) diff --git a/.github/dockerfiles/ov_test/debian_10_py310/Dockerfile b/.github/dockerfiles/ov_test/debian_10_py310/Dockerfile index e7dbadf5a414ba..f36a917f933029 100644 --- a/.github/dockerfiles/ov_test/debian_10_py310/Dockerfile +++ b/.github/dockerfiles/ov_test/debian_10_py310/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/debian:10.13 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -74,3 +83,12 @@ ENV PATH="/venv/bin:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} ENV PIP_INSTALL_PATH=/venv/lib/python3.10/site-packages + +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} diff --git a/.github/dockerfiles/ov_test/fedora_33/Dockerfile b/.github/dockerfiles/ov_test/fedora_33/Dockerfile index 0a1382e97fb839..4c706853cd6cca 100644 --- a/.github/dockerfiles/ov_test/fedora_33/Dockerfile +++ b/.github/dockerfiles/ov_test/fedora_33/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/fedora:33 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # dnf configuration RUN echo "timeout=60" >> /etc/dnf/dnf.conf && \ echo "retries=10" >> /etc/dnf/dnf.conf @@ -28,3 +37,12 @@ ENV PATH="$NVM_DIR/versions/node/v${NODE_VERSION}/bin/:${PATH}" ENV PIP_VERSION="24.0" RUN python3 -m pip install --upgrade pip==${PIP_VERSION} + +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} + +# Change ownership of node to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} ${NVM_DIR} + +# Switch to the non-root user +USER ${USER_NAME} diff --git a/.github/dockerfiles/ov_test/ubuntu_20_04_x64_py313/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_20_04_x64_py313/Dockerfile index b6b99f81305dee..0908a7bebf29aa 100644 --- a/.github/dockerfiles/ov_test/ubuntu_20_04_x64_py313/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_20_04_x64_py313/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:20.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -50,3 +59,12 @@ ENV PATH="/venv/bin:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} ENV PIP_INSTALL_PATH=/venv/lib/python3.13/site-packages + +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} diff --git a/.github/dockerfiles/ov_test/ubuntu_22_04_riscv_xuantie/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_22_04_riscv_xuantie/Dockerfile index a9304f4affec09..7314cef9e1c447 100644 --- a/.github/dockerfiles/ov_test/ubuntu_22_04_riscv_xuantie/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_22_04_riscv_xuantie/Dockerfile @@ -3,6 +3,15 @@ FROM ${REGISTRY}/library/ubuntu:22.04 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -54,3 +63,12 @@ RUN mkdir -p ${XUINTIE_TMP_PATH} && cd ${XUINTIE_TMP_PATH} && \ cd ${XUINTIE_SRC}/qemu && ./configure --prefix=${XUINTIE_PATH} --interp-prefix=/usr/riscv64-linux-gnu --target-list=riscv64-linux-user && \ make -j$(nproc) && make install && \ rm -rf ${XUINTIE_TMP_PATH} + +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} + +# Change ownership of the venv directory to the non-root user +RUN chown -R ${USER_NAME}:${USER_NAME} /venv + +# Switch to the non-root user +USER ${USER_NAME} From b555aa8996305d16f6255d1f919a8cc42234a4a6 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Mon, 19 May 2025 13:14:58 +0200 Subject: [PATCH 086/104] try w/o warning --- .github/dockerfiles/ov_build/fedora_29/Dockerfile | 6 ------ .github/workflows/job_build_linux.yml | 1 + 2 files changed, 1 insertion(+), 6 deletions(-) diff --git a/.github/dockerfiles/ov_build/fedora_29/Dockerfile b/.github/dockerfiles/ov_build/fedora_29/Dockerfile index ab2743b71dcf5a..9090d1673ce6f0 100644 --- a/.github/dockerfiles/ov_build/fedora_29/Dockerfile +++ b/.github/dockerfiles/ov_build/fedora_29/Dockerfile @@ -109,12 +109,6 @@ RUN curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py && \ python3.13 get-pip.py --no-cache-dir pip==${PIP_VERSION} && \ rm -f get-pip.py -RUN python3.9 -m pip install --upgrade pip setuptools wheel && \ - python3.10 -m pip install --upgrade pip setuptools wheel && \ - python3.11 -m pip install --upgrade pip setuptools wheel && \ - python3.12 -m pip install --upgrade pip setuptools wheel && \ - python3.13 -m pip install --upgrade pip setuptools wheel - ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} # Install Node diff --git a/.github/workflows/job_build_linux.yml b/.github/workflows/job_build_linux.yml index 7b1c35c3682541..aae8469e49b34a 100644 --- a/.github/workflows/job_build_linux.yml +++ b/.github/workflows/job_build_linux.yml @@ -309,6 +309,7 @@ jobs: -DENABLE_PYTHON_PACKAGING=ON \ -DENABLE_WHEEL=OFF \ -DENABLE_TESTS=OFF \ + -DCMAKE_COMPILE_WARNING_AS_ERROR=OFF \ ${BUILD_DIR} cmake --build ${BUILD_DIR} --parallel $(nproc) --target package --verbose From eeb7e97b695a149a4f1abd24cf0601c7e4c5bdeb Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Mon, 19 May 2025 18:08:30 +0200 Subject: [PATCH 087/104] use 3.10 as default --- .github/dockerfiles/ov_build/fedora_29/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/dockerfiles/ov_build/fedora_29/Dockerfile b/.github/dockerfiles/ov_build/fedora_29/Dockerfile index 9090d1673ce6f0..e8052556132c6e 100644 --- a/.github/dockerfiles/ov_build/fedora_29/Dockerfile +++ b/.github/dockerfiles/ov_build/fedora_29/Dockerfile @@ -95,9 +95,9 @@ RUN mkdir ${SCCACHE_HOME} && cd ${SCCACHE_HOME} && \ ENV PATH="$SCCACHE_HOME:$PATH" # Use Python 3.9 as default -RUN python3.9 -m venv venv +RUN python3.10 -m venv venv ENV PATH="/venv/bin:$PATH" -RUN alternatives --install /usr/bin/python python /usr/bin/python3.9 10 +RUN alternatives --install /usr/bin/python python /usr/bin/python3.10 10 # Setup pip ENV PIP_VERSION="24.0" From d1a50e05218463b38748edff660f4645a3cc4d5b Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Tue, 20 May 2025 13:34:29 +0200 Subject: [PATCH 088/104] set OV dev package dir --- .github/workflows/job_build_linux.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/job_build_linux.yml b/.github/workflows/job_build_linux.yml index aae8469e49b34a..e7aab5535cf336 100644 --- a/.github/workflows/job_build_linux.yml +++ b/.github/workflows/job_build_linux.yml @@ -309,7 +309,7 @@ jobs: -DENABLE_PYTHON_PACKAGING=ON \ -DENABLE_WHEEL=OFF \ -DENABLE_TESTS=OFF \ - -DCMAKE_COMPILE_WARNING_AS_ERROR=OFF \ + -DOpenVINODeveloperPackage_DIR=${BUILD_DIR} \ ${BUILD_DIR} cmake --build ${BUILD_DIR} --parallel $(nproc) --target package --verbose From 3460f723a1cab8b0bd57ba2493e133e10da5e70f Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Wed, 21 May 2025 13:02:45 +0200 Subject: [PATCH 089/104] provide OV dir --- .github/workflows/job_build_linux.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/job_build_linux.yml b/.github/workflows/job_build_linux.yml index e7aab5535cf336..f8c57ec1692a32 100644 --- a/.github/workflows/job_build_linux.yml +++ b/.github/workflows/job_build_linux.yml @@ -310,6 +310,7 @@ jobs: -DENABLE_WHEEL=OFF \ -DENABLE_TESTS=OFF \ -DOpenVINODeveloperPackage_DIR=${BUILD_DIR} \ + -DOpenVINO_DIR=${BUILD_DIR} \ ${BUILD_DIR} cmake --build ${BUILD_DIR} --parallel $(nproc) --target package --verbose From a52394b79bfa6ca7146d76203b87c504c85c5332 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Wed, 21 May 2025 15:22:28 +0200 Subject: [PATCH 090/104] provide bin dir --- .github/workflows/job_build_linux.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/job_build_linux.yml b/.github/workflows/job_build_linux.yml index f8c57ec1692a32..2faf9fb9d9848a 100644 --- a/.github/workflows/job_build_linux.yml +++ b/.github/workflows/job_build_linux.yml @@ -310,6 +310,7 @@ jobs: -DENABLE_WHEEL=OFF \ -DENABLE_TESTS=OFF \ -DOpenVINODeveloperPackage_DIR=${BUILD_DIR} \ + -DOpenVINO_BINARY_DIR=${BUILD_DIR} \ -DOpenVINO_DIR=${BUILD_DIR} \ ${BUILD_DIR} cmake --build ${BUILD_DIR} --parallel $(nproc) --target package --verbose From b37850c14373e545dccc04787d57403df219a850 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Tue, 27 May 2025 10:07:27 +0200 Subject: [PATCH 091/104] build Pythons as non-root --- .../dockerfiles/ov_build/fedora_29/Dockerfile | 45 ++- .../fedora_29/install_build_dependencies.sh | 343 ++++++++++++++++++ .github/workflows/job_build_linux.yml | 1 - 3 files changed, 370 insertions(+), 19 deletions(-) create mode 100755 .github/dockerfiles/ov_build/fedora_29/install_build_dependencies.sh diff --git a/.github/dockerfiles/ov_build/fedora_29/Dockerfile b/.github/dockerfiles/ov_build/fedora_29/Dockerfile index e8052556132c6e..b32a61f51a97a3 100644 --- a/.github/dockerfiles/ov_build/fedora_29/Dockerfile +++ b/.github/dockerfiles/ov_build/fedora_29/Dockerfile @@ -41,47 +41,56 @@ RUN chmod +x /install_build_dependencies.sh && \ bash -e /install_build_dependencies.sh && \ rm -rf /var/lib/apt/lists/* +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} +# Switch to the non-root user +USER ${USER_NAME} + # Build Pythons # Python 3.9 -RUN cd /usr/src && \ +RUN cd /home/${USER_NAME} && \ wget https://www.python.org/ftp/python/3.9.21/Python-3.9.21.tar.xz && \ tar xvf Python-3.9.21.tar.xz -RUN cd /usr/src/Python-3.9.21 && \ - ./configure --enable-optimizations --enable-loadable-sqlite-extensions --prefix=/usr && \ +RUN cd /home/${USER_NAME}/Python-3.9.21 && \ + ./configure --enable-optimizations --enable-loadable-sqlite-extensions --prefix=/home/${USER_NAME}/python3.9 && \ make altinstall # Python 3.10 -RUN cd /usr/src && \ +RUN cd /home/${USER_NAME} && \ wget https://www.python.org/ftp/python/3.10.16/Python-3.10.16.tar.xz && \ tar xvf Python-3.10.16.tar.xz -RUN cd /usr/src/Python-3.10.16 && \ - ./configure --enable-optimizations --enable-loadable-sqlite-extensions --prefix=/usr && \ +RUN cd /home/${USER_NAME}/Python-3.10.16 && \ + ./configure --enable-optimizations --enable-loadable-sqlite-extensions --prefix=/home/${USER_NAME}/python3.10 && \ make altinstall # Python 3.11 -RUN cd /usr/src && \ +RUN cd /home/${USER_NAME} && \ wget https://www.python.org/ftp/python/3.11.9/Python-3.11.9.tar.xz && \ tar xvf Python-3.11.9.tar.xz -RUN cd /usr/src/Python-3.11.9 && \ - ./configure --enable-optimizations --enable-loadable-sqlite-extensions --prefix=/usr && \ +RUN cd /home/${USER_NAME}/Python-3.11.9 && \ + ./configure --enable-optimizations --enable-loadable-sqlite-extensions --prefix=/home/${USER_NAME}/python3.11 && \ make altinstall # Python 3.12 -RUN cd /usr/src && \ +RUN cd /home/${USER_NAME} && \ wget https://www.python.org/ftp/python/3.12.9/Python-3.12.9.tar.xz && \ tar xvf Python-3.12.9.tar.xz -RUN cd /usr/src/Python-3.12.9 && \ - ./configure --enable-optimizations --enable-loadable-sqlite-extensions --prefix=/usr && \ +RUN cd /home/${USER_NAME}/Python-3.12.9 && \ + ./configure --enable-optimizations --enable-loadable-sqlite-extensions --prefix=/home/${USER_NAME}/python3.12 && \ make altinstall # Python 3.13 -RUN cd /usr/src && \ +RUN cd /home/${USER_NAME} && \ wget https://www.python.org/ftp/python/3.13.2/Python-3.13.2.tar.xz && \ tar xvf Python-3.13.2.tar.xz -RUN cd /usr/src/Python-3.13.2 && \ - ./configure --enable-optimizations --enable-loadable-sqlite-extensions --prefix=/usr && \ +RUN cd /home/${USER_NAME}/Python-3.13.2 && \ + ./configure --enable-optimizations --enable-loadable-sqlite-extensions --prefix=/home/${USER_NAME}/python3.13 && \ make altinstall +ENV PATH="/home/${USER_NAME}/python3.9/bin:/home/${USER_NAME}/python3.10/bin:/home/${USER_NAME}/python3.11/bin:/home/${USER_NAME}/python3.12/bin:/home/${USER_NAME}/python3.13/bin:$PATH" + +USER root + # Install sscache ARG SCCACHE_VERSION="v0.7.5" ENV SCCACHE_HOME="/opt/sccache" \ @@ -95,9 +104,9 @@ RUN mkdir ${SCCACHE_HOME} && cd ${SCCACHE_HOME} && \ ENV PATH="$SCCACHE_HOME:$PATH" # Use Python 3.9 as default -RUN python3.10 -m venv venv +RUN python3.9 -m venv venv ENV PATH="/venv/bin:$PATH" -RUN alternatives --install /usr/bin/python python /usr/bin/python3.10 10 +RUN alternatives --install /usr/bin/python python /usr/bin/python3.9 10 # Setup pip ENV PIP_VERSION="24.0" @@ -143,7 +152,7 @@ RUN cd git-2.49.0 && \ make configure && ./configure --prefix=/usr && make install # Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} +# RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv diff --git a/.github/dockerfiles/ov_build/fedora_29/install_build_dependencies.sh b/.github/dockerfiles/ov_build/fedora_29/install_build_dependencies.sh new file mode 100755 index 00000000000000..9a5635e4d59b9b --- /dev/null +++ b/.github/dockerfiles/ov_build/fedora_29/install_build_dependencies.sh @@ -0,0 +1,343 @@ +#!/bin/bash + +# Copyright (C) 2018-2025 Intel Corporation +# SPDX-License-Identifier: Apache-2.0 + +if [ $EUID -ne 0 ]; then + echo "ERROR: this script must be run as root to install 3rd party packages." >&2 + echo "Please try again with \"sudo -E $0\", or as root." >&2 + exit 1 +fi + +# install dependencies +if [ -f /etc/lsb-release ] || [ -f /etc/debian_version ] ; then + # Ubuntu + host_cpu=$(uname -m) + + x86_64_specific_packages=() + if [ "$host_cpu" = "x86_64" ]; then + # to build 32-bit or ARM binaries on 64-bit host + x86_64_specific_packages+=(gcc-multilib g++-multilib) + fi + + if ! command -v cmake &> /dev/null; then + cmake_packages=(cmake) + fi + + apt update + apt-get install -y --no-install-recommends \ + `# for python3-pip` \ + ca-certificates \ + file \ + `# build tools` \ + build-essential \ + ninja-build \ + scons \ + ccache \ + "${cmake_packages[@]}" \ + "${x86_64_specific_packages[@]}" \ + `# to find dependencies` \ + pkgconf \ + `# to deternime product version via git` \ + git \ + `# check bash scripts for correctness` \ + shellcheck \ + `# to build and check pip packages` \ + patchelf \ + fdupes \ + `# archive debian changelog file` \ + gzip \ + `# to check debian package correctness` \ + lintian \ + `# openvino main dependencies` \ + libtbb-dev \ + libpugixml-dev \ + `# OpenCL for GPU` \ + ocl-icd-opencl-dev \ + opencl-headers \ + rapidjson-dev \ + `# GPU plugin extensions` \ + libva-dev \ + `# For TF FE saved models` \ + libsnappy-dev \ + `# python API` \ + python3-pip \ + python3-venv \ + python3-setuptools \ + libpython3-dev \ + pybind11-dev \ + libffi-dev \ + `# spell checking for MO sources` \ + python3-enchant \ + `# tools` \ + wget + # TF lite frontend + if apt-cache search --names-only '^libflatbuffers-dev'| grep -q libflatbuffers-dev; then + apt-get install -y --no-install-recommends libflatbuffers-dev + fi + # git-lfs is not available on debian9 + if apt-cache search --names-only '^git-lfs'| grep -q git-lfs; then + apt-get install -y --no-install-recommends git-lfs + fi + # for python3-enchant + if apt-cache search --names-only 'libenchant1c2a'| grep -q libenchant1c2a; then + apt-get install -y --no-install-recommends libenchant1c2a + fi + # samples + if apt-cache search --names-only '^nlohmann-json3-dev'| grep -q nlohmann-json3; then + apt-get install -y --no-install-recommends nlohmann-json3-dev + else + apt-get install -y --no-install-recommends nlohmann-json-dev + fi +elif [ -f /etc/redhat-release ] || grep -q "rhel\|tencentos\|opencloudos" /etc/os-release ; then + yum update + # RHEL 8 / CentOS 7 / Fedora 29 + if [ -f /etc/redhat-release ] || grep -q "rhel" /etc/os-release ; then + source /etc/os-release + if [[ "$ID" == "fedora" ]]; then + yum install -y fedora-repos + else + yum install -y centos-release-scl + # CentOS 7 is EOL and throws an error for centos-sclo-sclo + yum-config-manager --save --setopt=centos-sclo-sclo.skip_if_unavailable=true + yum install -y epel-release + fi + yum install -y \ + `# to build and check pip packages` \ + patchelf \ + `# check bash scripts for correctness` \ + ShellCheck + else + yum install -y epol-release + fi + yum install -y \ + file \ + `# build tools` \ + cmake3 \ + ccache \ + ninja-build \ + scons \ + gcc \ + gcc-c++ \ + make \ + `# to determine openvino version via git` \ + git \ + fdupes \ + `# to build and check rpm packages` \ + rpm-build \ + rpmlint \ + `# main openvino dependencies` \ + tbb-devel \ + pugixml-devel \ + `# GPU plugin dependency` \ + libva-devel \ + `# For TF FE saved models` \ + snappy-devel \ + `# OpenCL for GPU` \ + ocl-icd-devel \ + opencl-headers \ + `# python API` \ + python3-pip \ + python3-devel \ + `# rpmlint dependency` \ + rpm-python +elif [ -f /etc/os-release ] && grep -q "SUSE" /etc/os-release ; then + zypper refresh + zypper install -y \ + file \ + `# build tools` \ + patterns-devel-C-C++-devel_C_C++ \ + cmake \ + ccache \ + ninja \ + scons \ + gcc \ + gcc-c++ \ + make \ + `# to determine openvino version via git` \ + git \ + `# to build and check pip packages` \ + patchelf \ + fdupes \ + `# to build and check rpm packages` \ + rpm-build \ + rpmlint \ + `# check bash scripts for correctness` \ + ShellCheck \ + `# main openvino dependencies` \ + tbb-devel \ + pugixml-devel \ + `# GPU plugin dependency` \ + libva-devel \ + `# For TF FE saved models` \ + snappy-devel \ + `# OpenCL for GPU` \ + ocl-icd-devel \ + opencl-cpp-headers \ + opencl-headers \ + `# python API` \ + python39-pip \ + python39-setuptools \ + python39-devel +elif [ -f /etc/os-release ] && grep -q "raspbian" /etc/os-release; then + # Raspbian + apt update + apt-get install -y --no-install-recommends \ + file \ + `# build tools` \ + build-essential \ + ccache \ + ninja-build \ + scons \ + `# to find dependencies` \ + pkg-config \ + `# to determine product version via git` \ + git \ + `# to build and check pip packages` \ + patchelf \ + fdupes \ + `# archive debian changelog file` \ + gzip \ + `# openvino main dependencies` \ + libtbb-dev \ + libpugixml-dev \ + `# python API` \ + python3-pip \ + python3-venv \ + python3-setuptools \ + libpython3-dev +elif [ -f /etc/os-release ] && grep -q "void" /etc/os-release; then + #Void Linux + xbps-install -Syu + xbps-install -y \ + `# for python3-pip` \ + `# ca-certificates (already included)` \ + file \ + `# build tools` \ + base-devel \ + ninja \ + scons \ + ccache \ + cmake \ + `# to find dependencies` \ + pkgconf \ + `# to determine product version via git` \ + git \ + `# to check bash scripts for correctness` \ + shellcheck \ + `# to build and check pip packages` \ + patchelf \ + fdupes \ + `# main openvino dependencies` \ + tbb-devel \ + pugixml-devel \ + `# OpenCL for GPU` \ + ocl-icd-devel \ + OpenCL-Headers \ + OpenCL-CLHPP \ + rapidjson \ + `# GPU plugin dependency` \ + libva-devel \ + `# For TF FE saved models` \ + snappy-devel \ + `# For Python API` \ + python3-pip \ + python3-wheel \ + python3-setuptools \ + python3-devel \ + python3-pybind11 \ + libffi-devel \ + `# Spell checking for MO sources` \ + python3-enchant \ + `# tools` \ + wget \ + git-lfs \ + `# TF Lite Frontend` \ + flatbuffers-devel \ + `# for python3-enchant` \ + enchant2-devel \ + `# samples` \ + json-c++ +elif [ -f /etc/os-release ] && grep -q "alpine" /etc/os-release; then + #Alpine Linux + apk --no-cache add \ + `# for python3-pip` \ + ca-certificates \ + file \ + `# build tools` \ + build-base \ + ninja-is-really-ninja \ + scons \ + ccache \ + cmake \ + `# to find dependencies` \ + pkgconf \ + `# to determine product version via git` \ + git \ + `# to check bash scripts for correctness` \ + shellcheck \ + `# to build and check pip packages` \ + patchelf \ + fdupes \ + `# main openvino dependencies` \ + onetbb-dev \ + py3-tbb \ + pugixml-dev \ + `# OpenCL for GPU` \ + opencl-dev `#(includes opencl-headers)`\ + rapidjson-dev \ + `# GPU plugin dependency` \ + libva-dev \ + `# For TF FE saved models` \ + snappy-dev \ + `# For Python API` \ + py3-pip `#(includes py3-setuptools)`\ + py3-wheel \ + py3-virtualenv \ + python3-dev \ + py3-pybind11-dev \ + libffi-dev \ + `# Spell checking for MO sources` \ + py3-enchant \ + `# tools` \ + wget \ + git-lfs \ + `# TF Lite Frontend` \ + flatbuffers-dev \ + `# for python3-enchant` \ + enchant2 \ + `# samples` \ + nlohmann-json +else + echo "Unknown OS, please install build dependencies manually" +fi + +# cmake 3.20.0 or higher is required to build OpenVINO + +if command -v cmake &> /dev/null; then + cmake_command=cmake +elif command -v cmake3 &> /dev/null; then + cmake_command=cmake3 +fi + +current_cmake_ver=$($cmake_command --version | sed -ne 's/[^0-9]*\(\([0-9]\.\)\{0,4\}[0-9][^.]\).*/\1/p') +required_cmake_ver=3.24.0 +if [ ! "$(printf '%s\n' "$required_cmake_ver" "$current_cmake_ver" | sort -V | head -n1)" = "$required_cmake_ver" ]; then + installed_cmake_ver=3.26.0 + arch=$(uname -m) + + if command -v apt-get &> /dev/null; then + apt-get install -y --no-install-recommends wget + elif command -v yum &> /dev/null; then + yum install -y wget + elif command -v zypper &> /dev/null; then + zypper in -y wget + fi + + cmake_install_bin="cmake-${installed_cmake_ver}-linux-${arch}.sh" + github_cmake_release="https://github.com/Kitware/CMake/releases/download/v${installed_cmake_ver}/${cmake_install_bin}" + wget "${github_cmake_release}" -O "${cmake_install_bin}" + chmod +x "${cmake_install_bin}" + "./${cmake_install_bin}" --skip-license --prefix=/usr/local + rm -rf "${cmake_install_bin}" +fi diff --git a/.github/workflows/job_build_linux.yml b/.github/workflows/job_build_linux.yml index 2faf9fb9d9848a..4e671a5b1c0f36 100644 --- a/.github/workflows/job_build_linux.yml +++ b/.github/workflows/job_build_linux.yml @@ -309,7 +309,6 @@ jobs: -DENABLE_PYTHON_PACKAGING=ON \ -DENABLE_WHEEL=OFF \ -DENABLE_TESTS=OFF \ - -DOpenVINODeveloperPackage_DIR=${BUILD_DIR} \ -DOpenVINO_BINARY_DIR=${BUILD_DIR} \ -DOpenVINO_DIR=${BUILD_DIR} \ ${BUILD_DIR} From 2f83557a0c1ef055ded021eaeb34c7febe8ed606 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Thu, 29 May 2025 10:26:34 +0200 Subject: [PATCH 092/104] revert to root build for Python --- .../dockerfiles/ov_build/fedora_29/Dockerfile | 43 ++++++++----------- .../developer_package/packaging/rpm/rpm.cmake | 4 +- 2 files changed, 19 insertions(+), 28 deletions(-) diff --git a/.github/dockerfiles/ov_build/fedora_29/Dockerfile b/.github/dockerfiles/ov_build/fedora_29/Dockerfile index b32a61f51a97a3..3e844cbd812b0e 100644 --- a/.github/dockerfiles/ov_build/fedora_29/Dockerfile +++ b/.github/dockerfiles/ov_build/fedora_29/Dockerfile @@ -30,6 +30,7 @@ RUN dnf update -y && dnf install -y \ make \ tar \ gcc \ + glibc-devel \ gcc-c++ \ # parallel gzip pigz \ @@ -41,56 +42,47 @@ RUN chmod +x /install_build_dependencies.sh && \ bash -e /install_build_dependencies.sh && \ rm -rf /var/lib/apt/lists/* -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} -# Switch to the non-root user -USER ${USER_NAME} - # Build Pythons # Python 3.9 -RUN cd /home/${USER_NAME} && \ +RUN cd /usr/src && \ wget https://www.python.org/ftp/python/3.9.21/Python-3.9.21.tar.xz && \ tar xvf Python-3.9.21.tar.xz -RUN cd /home/${USER_NAME}/Python-3.9.21 && \ - ./configure --enable-optimizations --enable-loadable-sqlite-extensions --prefix=/home/${USER_NAME}/python3.9 && \ +RUN cd /usr/src/Python-3.9.21 && \ + ./configure --enable-optimizations --enable-loadable-sqlite-extensions --prefix=/usr && \ make altinstall # Python 3.10 -RUN cd /home/${USER_NAME} && \ +RUN cd /usr/src && \ wget https://www.python.org/ftp/python/3.10.16/Python-3.10.16.tar.xz && \ tar xvf Python-3.10.16.tar.xz -RUN cd /home/${USER_NAME}/Python-3.10.16 && \ - ./configure --enable-optimizations --enable-loadable-sqlite-extensions --prefix=/home/${USER_NAME}/python3.10 && \ +RUN cd /usr/src/Python-3.10.16 && \ + ./configure --enable-optimizations --enable-loadable-sqlite-extensions --prefix=/usr && \ make altinstall # Python 3.11 -RUN cd /home/${USER_NAME} && \ +RUN cd /usr/src && \ wget https://www.python.org/ftp/python/3.11.9/Python-3.11.9.tar.xz && \ tar xvf Python-3.11.9.tar.xz -RUN cd /home/${USER_NAME}/Python-3.11.9 && \ - ./configure --enable-optimizations --enable-loadable-sqlite-extensions --prefix=/home/${USER_NAME}/python3.11 && \ +RUN cd /usr/src/Python-3.11.9 && \ + ./configure --enable-optimizations --enable-loadable-sqlite-extensions --prefix=/usr && \ make altinstall # Python 3.12 -RUN cd /home/${USER_NAME} && \ +RUN cd /usr/src && \ wget https://www.python.org/ftp/python/3.12.9/Python-3.12.9.tar.xz && \ tar xvf Python-3.12.9.tar.xz -RUN cd /home/${USER_NAME}/Python-3.12.9 && \ - ./configure --enable-optimizations --enable-loadable-sqlite-extensions --prefix=/home/${USER_NAME}/python3.12 && \ +RUN cd /usr/src/Python-3.12.9 && \ + ./configure --enable-optimizations --enable-loadable-sqlite-extensions --prefix=/usr && \ make altinstall # Python 3.13 -RUN cd /home/${USER_NAME} && \ +RUN cd /usr/src && \ wget https://www.python.org/ftp/python/3.13.2/Python-3.13.2.tar.xz && \ tar xvf Python-3.13.2.tar.xz -RUN cd /home/${USER_NAME}/Python-3.13.2 && \ - ./configure --enable-optimizations --enable-loadable-sqlite-extensions --prefix=/home/${USER_NAME}/python3.13 && \ +RUN cd /usr/src/Python-3.13.2 && \ + ./configure --enable-optimizations --enable-loadable-sqlite-extensions --prefix=/usr && \ make altinstall -ENV PATH="/home/${USER_NAME}/python3.9/bin:/home/${USER_NAME}/python3.10/bin:/home/${USER_NAME}/python3.11/bin:/home/${USER_NAME}/python3.12/bin:/home/${USER_NAME}/python3.13/bin:$PATH" - -USER root - # Install sscache ARG SCCACHE_VERSION="v0.7.5" ENV SCCACHE_HOME="/opt/sccache" \ @@ -106,7 +98,6 @@ ENV PATH="$SCCACHE_HOME:$PATH" # Use Python 3.9 as default RUN python3.9 -m venv venv ENV PATH="/venv/bin:$PATH" -RUN alternatives --install /usr/bin/python python /usr/bin/python3.9 10 # Setup pip ENV PIP_VERSION="24.0" @@ -152,7 +143,7 @@ RUN cd git-2.49.0 && \ make configure && ./configure --prefix=/usr && make install # Change ownership of the home directory to the non-root user -# RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv diff --git a/cmake/developer_package/packaging/rpm/rpm.cmake b/cmake/developer_package/packaging/rpm/rpm.cmake index 564ffb5e776ec0..16000c9261457b 100644 --- a/cmake/developer_package/packaging/rpm/rpm.cmake +++ b/cmake/developer_package/packaging/rpm/rpm.cmake @@ -162,7 +162,7 @@ endmacro() ov_rpm_specific_settings() # needed to add triggers for packages with libraries -set(def_triggers "${OpenVINO_BINARY_DIR}/_CPack_Packages/triggers") +set(def_triggers "${CMAKE_CURRENT_BINARY_DIR}/_CPack_Packages/triggers") set(triggers_content "# /bin/sh -p\n/sbin/ldconfig\n") file(WRITE "${def_triggers}" "${triggers_content}") @@ -229,7 +229,7 @@ function(ov_rpm_add_rpmlint_suppression comp) endif() set(package_file_name "${package_name}-${CPACK_PACKAGE_VERSION}-1.${arch}.rpm") - set(rpmlint_override_file "${OpenVINO_BINARY_DIR}/_CPack_Packages/rpmlint/${package_file_name}.rpmlintrc") + set(rpmlint_override_file "${CMAKE_CURRENT_BINARY_DIR}/_CPack_Packages/rpmlint/${package_file_name}.rpmlintrc") file(REMOVE ${rpmlint_override_file}) file(WRITE ${rpmlint_override_file} ${content}) endfunction() From a1a65d6c1004eb334fc1708b29cf0a472eadb140 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Thu, 29 May 2025 13:38:01 +0200 Subject: [PATCH 093/104] rm --- .../fedora_29/install_build_dependencies.sh | 343 ------------------ 1 file changed, 343 deletions(-) delete mode 100755 .github/dockerfiles/ov_build/fedora_29/install_build_dependencies.sh diff --git a/.github/dockerfiles/ov_build/fedora_29/install_build_dependencies.sh b/.github/dockerfiles/ov_build/fedora_29/install_build_dependencies.sh deleted file mode 100755 index 9a5635e4d59b9b..00000000000000 --- a/.github/dockerfiles/ov_build/fedora_29/install_build_dependencies.sh +++ /dev/null @@ -1,343 +0,0 @@ -#!/bin/bash - -# Copyright (C) 2018-2025 Intel Corporation -# SPDX-License-Identifier: Apache-2.0 - -if [ $EUID -ne 0 ]; then - echo "ERROR: this script must be run as root to install 3rd party packages." >&2 - echo "Please try again with \"sudo -E $0\", or as root." >&2 - exit 1 -fi - -# install dependencies -if [ -f /etc/lsb-release ] || [ -f /etc/debian_version ] ; then - # Ubuntu - host_cpu=$(uname -m) - - x86_64_specific_packages=() - if [ "$host_cpu" = "x86_64" ]; then - # to build 32-bit or ARM binaries on 64-bit host - x86_64_specific_packages+=(gcc-multilib g++-multilib) - fi - - if ! command -v cmake &> /dev/null; then - cmake_packages=(cmake) - fi - - apt update - apt-get install -y --no-install-recommends \ - `# for python3-pip` \ - ca-certificates \ - file \ - `# build tools` \ - build-essential \ - ninja-build \ - scons \ - ccache \ - "${cmake_packages[@]}" \ - "${x86_64_specific_packages[@]}" \ - `# to find dependencies` \ - pkgconf \ - `# to deternime product version via git` \ - git \ - `# check bash scripts for correctness` \ - shellcheck \ - `# to build and check pip packages` \ - patchelf \ - fdupes \ - `# archive debian changelog file` \ - gzip \ - `# to check debian package correctness` \ - lintian \ - `# openvino main dependencies` \ - libtbb-dev \ - libpugixml-dev \ - `# OpenCL for GPU` \ - ocl-icd-opencl-dev \ - opencl-headers \ - rapidjson-dev \ - `# GPU plugin extensions` \ - libva-dev \ - `# For TF FE saved models` \ - libsnappy-dev \ - `# python API` \ - python3-pip \ - python3-venv \ - python3-setuptools \ - libpython3-dev \ - pybind11-dev \ - libffi-dev \ - `# spell checking for MO sources` \ - python3-enchant \ - `# tools` \ - wget - # TF lite frontend - if apt-cache search --names-only '^libflatbuffers-dev'| grep -q libflatbuffers-dev; then - apt-get install -y --no-install-recommends libflatbuffers-dev - fi - # git-lfs is not available on debian9 - if apt-cache search --names-only '^git-lfs'| grep -q git-lfs; then - apt-get install -y --no-install-recommends git-lfs - fi - # for python3-enchant - if apt-cache search --names-only 'libenchant1c2a'| grep -q libenchant1c2a; then - apt-get install -y --no-install-recommends libenchant1c2a - fi - # samples - if apt-cache search --names-only '^nlohmann-json3-dev'| grep -q nlohmann-json3; then - apt-get install -y --no-install-recommends nlohmann-json3-dev - else - apt-get install -y --no-install-recommends nlohmann-json-dev - fi -elif [ -f /etc/redhat-release ] || grep -q "rhel\|tencentos\|opencloudos" /etc/os-release ; then - yum update - # RHEL 8 / CentOS 7 / Fedora 29 - if [ -f /etc/redhat-release ] || grep -q "rhel" /etc/os-release ; then - source /etc/os-release - if [[ "$ID" == "fedora" ]]; then - yum install -y fedora-repos - else - yum install -y centos-release-scl - # CentOS 7 is EOL and throws an error for centos-sclo-sclo - yum-config-manager --save --setopt=centos-sclo-sclo.skip_if_unavailable=true - yum install -y epel-release - fi - yum install -y \ - `# to build and check pip packages` \ - patchelf \ - `# check bash scripts for correctness` \ - ShellCheck - else - yum install -y epol-release - fi - yum install -y \ - file \ - `# build tools` \ - cmake3 \ - ccache \ - ninja-build \ - scons \ - gcc \ - gcc-c++ \ - make \ - `# to determine openvino version via git` \ - git \ - fdupes \ - `# to build and check rpm packages` \ - rpm-build \ - rpmlint \ - `# main openvino dependencies` \ - tbb-devel \ - pugixml-devel \ - `# GPU plugin dependency` \ - libva-devel \ - `# For TF FE saved models` \ - snappy-devel \ - `# OpenCL for GPU` \ - ocl-icd-devel \ - opencl-headers \ - `# python API` \ - python3-pip \ - python3-devel \ - `# rpmlint dependency` \ - rpm-python -elif [ -f /etc/os-release ] && grep -q "SUSE" /etc/os-release ; then - zypper refresh - zypper install -y \ - file \ - `# build tools` \ - patterns-devel-C-C++-devel_C_C++ \ - cmake \ - ccache \ - ninja \ - scons \ - gcc \ - gcc-c++ \ - make \ - `# to determine openvino version via git` \ - git \ - `# to build and check pip packages` \ - patchelf \ - fdupes \ - `# to build and check rpm packages` \ - rpm-build \ - rpmlint \ - `# check bash scripts for correctness` \ - ShellCheck \ - `# main openvino dependencies` \ - tbb-devel \ - pugixml-devel \ - `# GPU plugin dependency` \ - libva-devel \ - `# For TF FE saved models` \ - snappy-devel \ - `# OpenCL for GPU` \ - ocl-icd-devel \ - opencl-cpp-headers \ - opencl-headers \ - `# python API` \ - python39-pip \ - python39-setuptools \ - python39-devel -elif [ -f /etc/os-release ] && grep -q "raspbian" /etc/os-release; then - # Raspbian - apt update - apt-get install -y --no-install-recommends \ - file \ - `# build tools` \ - build-essential \ - ccache \ - ninja-build \ - scons \ - `# to find dependencies` \ - pkg-config \ - `# to determine product version via git` \ - git \ - `# to build and check pip packages` \ - patchelf \ - fdupes \ - `# archive debian changelog file` \ - gzip \ - `# openvino main dependencies` \ - libtbb-dev \ - libpugixml-dev \ - `# python API` \ - python3-pip \ - python3-venv \ - python3-setuptools \ - libpython3-dev -elif [ -f /etc/os-release ] && grep -q "void" /etc/os-release; then - #Void Linux - xbps-install -Syu - xbps-install -y \ - `# for python3-pip` \ - `# ca-certificates (already included)` \ - file \ - `# build tools` \ - base-devel \ - ninja \ - scons \ - ccache \ - cmake \ - `# to find dependencies` \ - pkgconf \ - `# to determine product version via git` \ - git \ - `# to check bash scripts for correctness` \ - shellcheck \ - `# to build and check pip packages` \ - patchelf \ - fdupes \ - `# main openvino dependencies` \ - tbb-devel \ - pugixml-devel \ - `# OpenCL for GPU` \ - ocl-icd-devel \ - OpenCL-Headers \ - OpenCL-CLHPP \ - rapidjson \ - `# GPU plugin dependency` \ - libva-devel \ - `# For TF FE saved models` \ - snappy-devel \ - `# For Python API` \ - python3-pip \ - python3-wheel \ - python3-setuptools \ - python3-devel \ - python3-pybind11 \ - libffi-devel \ - `# Spell checking for MO sources` \ - python3-enchant \ - `# tools` \ - wget \ - git-lfs \ - `# TF Lite Frontend` \ - flatbuffers-devel \ - `# for python3-enchant` \ - enchant2-devel \ - `# samples` \ - json-c++ -elif [ -f /etc/os-release ] && grep -q "alpine" /etc/os-release; then - #Alpine Linux - apk --no-cache add \ - `# for python3-pip` \ - ca-certificates \ - file \ - `# build tools` \ - build-base \ - ninja-is-really-ninja \ - scons \ - ccache \ - cmake \ - `# to find dependencies` \ - pkgconf \ - `# to determine product version via git` \ - git \ - `# to check bash scripts for correctness` \ - shellcheck \ - `# to build and check pip packages` \ - patchelf \ - fdupes \ - `# main openvino dependencies` \ - onetbb-dev \ - py3-tbb \ - pugixml-dev \ - `# OpenCL for GPU` \ - opencl-dev `#(includes opencl-headers)`\ - rapidjson-dev \ - `# GPU plugin dependency` \ - libva-dev \ - `# For TF FE saved models` \ - snappy-dev \ - `# For Python API` \ - py3-pip `#(includes py3-setuptools)`\ - py3-wheel \ - py3-virtualenv \ - python3-dev \ - py3-pybind11-dev \ - libffi-dev \ - `# Spell checking for MO sources` \ - py3-enchant \ - `# tools` \ - wget \ - git-lfs \ - `# TF Lite Frontend` \ - flatbuffers-dev \ - `# for python3-enchant` \ - enchant2 \ - `# samples` \ - nlohmann-json -else - echo "Unknown OS, please install build dependencies manually" -fi - -# cmake 3.20.0 or higher is required to build OpenVINO - -if command -v cmake &> /dev/null; then - cmake_command=cmake -elif command -v cmake3 &> /dev/null; then - cmake_command=cmake3 -fi - -current_cmake_ver=$($cmake_command --version | sed -ne 's/[^0-9]*\(\([0-9]\.\)\{0,4\}[0-9][^.]\).*/\1/p') -required_cmake_ver=3.24.0 -if [ ! "$(printf '%s\n' "$required_cmake_ver" "$current_cmake_ver" | sort -V | head -n1)" = "$required_cmake_ver" ]; then - installed_cmake_ver=3.26.0 - arch=$(uname -m) - - if command -v apt-get &> /dev/null; then - apt-get install -y --no-install-recommends wget - elif command -v yum &> /dev/null; then - yum install -y wget - elif command -v zypper &> /dev/null; then - zypper in -y wget - fi - - cmake_install_bin="cmake-${installed_cmake_ver}-linux-${arch}.sh" - github_cmake_release="https://github.com/Kitware/CMake/releases/download/v${installed_cmake_ver}/${cmake_install_bin}" - wget "${github_cmake_release}" -O "${cmake_install_bin}" - chmod +x "${cmake_install_bin}" - "./${cmake_install_bin}" --skip-license --prefix=/usr/local - rm -rf "${cmake_install_bin}" -fi From a34e9df9d13d79dadd744ffd72ffc304feadcb4b Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Fri, 30 May 2025 10:41:59 +0200 Subject: [PATCH 094/104] use gha runner --- .github/workflows/fedora_29.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/fedora_29.yml b/.github/workflows/fedora_29.yml index 02099b1f73add3..89ddc4eff8daa0 100644 --- a/.github/workflows/fedora_29.yml +++ b/.github/workflows/fedora_29.yml @@ -113,16 +113,16 @@ jobs: RPM_Packages: name: RPM packages - needs: [Docker, Build] + needs: Build timeout-minutes: 10 defaults: run: shell: bash - runs-on: aks-linux-4-cores-16gb + runs-on: ubuntu-22.04 container: - image: ${{ fromJSON(needs.docker.outputs.images).ov_test.fedora_33 }} + image: fedora:33 env: - RPM_PACKAGES_DIR: /__w/openvino/packages/ + RPM_PACKAGES_DIR: ${{ github.workspace }}/packages steps: - name: Download OpenVINO RPM packages From efc5c63a0fbfa00cb6768d82bd6657701dcd2ea2 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Fri, 30 May 2025 11:44:28 +0200 Subject: [PATCH 095/104] do not use py2 --- .github/dockerfiles/ov_build/fedora_29/Dockerfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/dockerfiles/ov_build/fedora_29/Dockerfile b/.github/dockerfiles/ov_build/fedora_29/Dockerfile index 3e844cbd812b0e..7e1a3319847d8b 100644 --- a/.github/dockerfiles/ov_build/fedora_29/Dockerfile +++ b/.github/dockerfiles/ov_build/fedora_29/Dockerfile @@ -142,6 +142,9 @@ RUN wget -O git-2.49.0.tar.gz https://github.com/git/git/archive/refs/tags/v2.49 RUN cd git-2.49.0 && \ make configure && ./configure --prefix=/usr && make install +# Use python3.9 instead of /usr/bin/python +RUN update-alternatives --install /usr/bin/python python /usr/bin/python3.9 10 + # Change ownership of the home directory to the non-root user RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} From d9801421ed0711b48ec0c350258ab06bc5c2c1d1 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Fri, 30 May 2025 13:30:35 +0200 Subject: [PATCH 096/104] use non-root for manylinux --- .../ov_build/manylinux_2_28/Dockerfile | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile b/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile index b1312037423731..792f5075b6a39f 100644 --- a/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile +++ b/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile @@ -3,6 +3,15 @@ FROM openvinogithubactions.azurecr.io/quayio/pypa/manylinux_2_28 USER root +# Create a non-root user and group +ENV USER_NAME=runner +ENV USER_ID=1000 +ENV GROUP_NAME=${USER_NAME} +ENV GROUP_ID=${USER_ID} + +RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} +RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash + RUN yum groupinstall -y "Development Tools" && \ yum install -y wget bzip2 gcc-c++ libmpc-devel mpfr-devel gmp-devel cmake ccache ninja-build make tbb-devel ocl-icd-devel opencl-headers lld @@ -18,3 +27,9 @@ RUN mkdir ${SCCACHE_HOME} && cd ${SCCACHE_HOME} && \ # To make python3 and pip binaries accessible ENV PATH="/opt/python/cp311-cp311/bin:$SCCACHE_HOME:$PATH" + +# Change ownership of the home directory to the non-root user +RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} + +# Switch to the non-root user +USER ${USER_NAME} From 8e482f2e532c619a9d0c8dc55f5e15941f8dba89 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Tue, 3 Jun 2025 14:21:46 +0200 Subject: [PATCH 097/104] use separate script --- .../ov_build/manylinux2014_x86_64/Dockerfile | 15 --------------- .../ov_build/ubuntu_20_04_arm64/Dockerfile | 3 ++- .../ov_build/ubuntu_20_04_x64/Dockerfile | 3 ++- .../ov_test/ubuntu_20_04_x64/Dockerfile | 3 ++- .../ov_test/ubuntu_20_04_x64_py313/Dockerfile | 3 ++- 5 files changed, 8 insertions(+), 19 deletions(-) diff --git a/.github/dockerfiles/ov_build/manylinux2014_x86_64/Dockerfile b/.github/dockerfiles/ov_build/manylinux2014_x86_64/Dockerfile index 7ef0a7f12eb0b4..3a2dbdb0e8d3a2 100644 --- a/.github/dockerfiles/ov_build/manylinux2014_x86_64/Dockerfile +++ b/.github/dockerfiles/ov_build/manylinux2014_x86_64/Dockerfile @@ -3,15 +3,6 @@ FROM openvinogithubactions.azurecr.io/quayio/pypa/manylinux2014_x86_64 USER root -# Create a non-root user and group -ENV USER_NAME=runner -ENV USER_ID=1000 -ENV GROUP_NAME=${USER_NAME} -ENV GROUP_ID=${USER_ID} - -RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} -RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash - # Install build dependencies ADD install_build_dependencies.sh /install_build_dependencies.sh RUN chmod +x /install_build_dependencies.sh && bash -e /install_build_dependencies.sh @@ -27,9 +18,3 @@ RUN mkdir ${SCCACHE_HOME} && cd ${SCCACHE_HOME} && \ tar -xzf ${SCCACHE_ARCHIVE} --strip-components=1 && rm ${SCCACHE_ARCHIVE} ENV PATH="$SCCACHE_HOME:$PATH" - -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} - -# Switch to the non-root user -USER ${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_20_04_arm64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_20_04_arm64/Dockerfile index 2bbef178dd4f32..67da782d9a4fd8 100644 --- a/.github/dockerfiles/ov_build/ubuntu_20_04_arm64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_20_04_arm64/Dockerfile @@ -84,7 +84,8 @@ RUN mkdir ${SCCACHE_HOME} && cd ${SCCACHE_HOME} && \ # Setup pip ENV PIP_VERSION="24.0" RUN curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py && \ - python3 get-pip.py --no-cache-dir pip==${PIP_VERSION} && \ + curl https://bootstrap.pypa.io/pip/3.8/get-pip.py -o get-pip-3-8.py && \ + python3 get-pip-3-8.py --no-cache-dir pip==${PIP_VERSION} && \ python3.9 get-pip.py --no-cache-dir pip==${PIP_VERSION} && \ python3.10 get-pip.py --no-cache-dir pip==${PIP_VERSION} && \ python3.11 get-pip.py --no-cache-dir pip==${PIP_VERSION} && \ diff --git a/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile index 30f2c5443389de..e50268132e9f39 100644 --- a/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile @@ -71,7 +71,8 @@ ENV PATH="$SCCACHE_HOME:$PATH" # Setup pip ENV PIP_VERSION="24.0" RUN curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py && \ - python3 get-pip.py --no-cache-dir pip==${PIP_VERSION} && \ + curl https://bootstrap.pypa.io/pip/3.8/get-pip.py -o get-pip-3-8.py && \ + python3 get-pip-3-8.py --no-cache-dir pip==${PIP_VERSION} && \ python3.9 get-pip.py --no-cache-dir pip==${PIP_VERSION} && \ python3.10 get-pip.py --no-cache-dir pip==${PIP_VERSION} && \ python3.11 get-pip.py --no-cache-dir pip==${PIP_VERSION} && \ diff --git a/.github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile index 0acfcb3fdd32fa..bad22cb67b9845 100644 --- a/.github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile @@ -52,7 +52,8 @@ RUN chmod +x /install_openvino_dependencies.sh && \ # Setup pip ENV PIP_VERSION="24.0" RUN curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py && \ - python3 get-pip.py --no-cache-dir pip==${PIP_VERSION} && \ + curl https://bootstrap.pypa.io/pip/3.8/get-pip.py -o get-pip-3-8.py && \ + python3 get-pip-3-8.py --no-cache-dir pip==${PIP_VERSION} && \ python3.9 get-pip.py --no-cache-dir pip==${PIP_VERSION} && \ rm -f get-pip.py diff --git a/.github/dockerfiles/ov_test/ubuntu_20_04_x64_py313/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_20_04_x64_py313/Dockerfile index 0908a7bebf29aa..7f23967996331d 100644 --- a/.github/dockerfiles/ov_test/ubuntu_20_04_x64_py313/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_20_04_x64_py313/Dockerfile @@ -48,7 +48,8 @@ RUN chmod +x /install_openvino_dependencies.sh && \ # Setup pip ENV PIP_VERSION="24.0" RUN curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py && \ - python3 get-pip.py --no-cache-dir pip==${PIP_VERSION} && \ + curl https://bootstrap.pypa.io/pip/3.8/get-pip.py -o get-pip-3-8.py && \ + python3 get-pip-3-8.py --no-cache-dir pip==${PIP_VERSION} && \ python3.13 get-pip.py --no-cache-dir pip==${PIP_VERSION} && \ rm -f get-pip.py From 5815c3f0c76083a4b18af9452698d614cee00dd2 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Tue, 3 Jun 2025 14:22:02 +0200 Subject: [PATCH 098/104] revert --- .github/workflows/manylinux_2014.yml | 141 ++++++++++++++++++--------- 1 file changed, 94 insertions(+), 47 deletions(-) diff --git a/.github/workflows/manylinux_2014.yml b/.github/workflows/manylinux_2014.yml index ce04c1fc70728f..ed8f23dc037eb0 100644 --- a/.github/workflows/manylinux_2014.yml +++ b/.github/workflows/manylinux_2014.yml @@ -82,7 +82,6 @@ jobs: images: | ov_build/ubuntu_22_04_x64_docker ov_build/manylinux2014_x86_64 - ov_build/manylinux_2_28 ov_test/ubuntu_20_04_x64_py313 ov_test/ubuntu_22_04_x64 ov_test/ubuntu_24_04_x64 @@ -91,7 +90,7 @@ jobs: registry: 'openvinogithubactions.azurecr.io' dockerfiles_root_dir: '.github/dockerfiles' changed_components: ${{ needs.smart_ci.outputs.changed_components }} - + Build: needs: [Docker, Smart_CI] if: "!needs.smart_ci.outputs.skip_workflow" @@ -99,9 +98,9 @@ jobs: defaults: run: shell: bash - runs-on: aks-linux-16-cores-32gb + runs-on: aks-linux-16-cores-32gb-manylinux container: - image: ${{ fromJSON(needs.docker.outputs.images).ov_build.manylinux_2_28 }} + image: ${{ fromJSON(needs.docker.outputs.images).ov_build.ubuntu_22_04_x64_docker }} volumes: - /mount:/mount options: -e SCCACHE_AZURE_BLOB_CONTAINER -e SCCACHE_AZURE_CONNECTION_STRING -e DOCKER_CONFIG -v ${{ github.workspace }}:${{ github.workspace }} @@ -113,7 +112,7 @@ jobs: INSTALL_WHEELS_DIR: ${{ github.workspace }}/install/wheels INSTALL_TEST_DIR: ${{ github.workspace }}/install/tests BUILD_DIR: ${{ github.workspace }}/build - # DOCKER_CONFIG: "/mount/.docker" + DOCKER_CONFIG: "/mount/.docker" CMAKE_CXX_COMPILER_LAUNCHER: sccache CMAKE_C_COMPILER_LAUNCHER: sccache SCCACHE_IGNORE_SERVER_IO_ERROR: 1 @@ -135,44 +134,92 @@ jobs: - name: System info uses: ./src/.github/actions/system_info - # - name: Generate product manifest and set CI_BUILD_NUMBER & CI_BUILD_DEV_TAG - # id: create_manifest - # uses: ./src/.github/actions/create_manifest - # with: - # repos: | - # ${{ env.OPENVINO_REPO }} - # product_type: ${{ env.PRODUCT_TYPE }} - # target_arch: ${{ env.ARCH }} - # build_type: ${{ env.CMAKE_BUILD_TYPE }} - # save_to: ${{ env.MANIFEST_PATH }} - # trigger_repo_branch: ${{ inputs.target-branch }} + - name: Generate product manifest and set CI_BUILD_NUMBER & CI_BUILD_DEV_TAG + id: create_manifest + uses: ./src/.github/actions/create_manifest + with: + repos: | + ${{ env.OPENVINO_REPO }} + product_type: ${{ env.PRODUCT_TYPE }} + target_arch: ${{ env.ARCH }} + build_type: ${{ env.CMAKE_BUILD_TYPE }} + save_to: ${{ env.MANIFEST_PATH }} + trigger_repo_branch: ${{ inputs.target-branch }} + - name: Create docker build cache + run: | + docker volume create ov_build_cache + - name: Build OpenVINO run: | - python3.12 -m pip install -r ${{ env.OPENVINO_REPO }}/src/bindings/python/wheel/requirements-dev.txt - /usr/bin/cmake -DPython3_EXECUTABLE=/usr/local/bin/python3.12 -DCMAKE_COMPILE_WARNING_AS_ERROR=OFF -DENABLE_CPPLINT=OFF -DENABLE_NCC_STYLE=OFF -DENABLE_TESTS=ON -DCMAKE_VERBOSE_MAKEFILE=ON -DENABLE_OV_TF_FRONTEND=OFF -DENABLE_OV_TF_LITE_FRONTEND=OFF -DENABLE_OV_PADDLE_FRONTEND=OFF -DENABLE_OV_PYTORCH_FRONTEND=ON -DENABLE_OV_JAX_FRONTEND=OFF -DENABLE_OV_ONNX_FRONTEND=ON -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S ${{ env.OPENVINO_REPO }} -B ${{ env.BUILD_DIR }} - /usr/bin/cmake --build ${{ env.BUILD_DIR }} --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} - /usr/bin/cmake --install ${{ env.BUILD_DIR }} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_DIR }} - /usr/bin/cmake --install ${{ env.BUILD_DIR }} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_TEST_DIR }} --component tests - env: - CXXFLAGS: "-Wno-dangling-reference" # bug in gcc-14: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107532 + docker run --rm \ + -v ${{ env.OPENVINO_REPO }}:/work/src \ + -v ov_build_cache:/work/build \ + -v ${{ env.INSTALL_DIR }}:/work/install \ + -v ${{ env.INSTALL_TEST_DIR }}:/work/api_tests \ + -e SCCACHE_AZURE_BLOB_CONTAINER \ + -e SCCACHE_AZURE_CONNECTION_STRING \ + -e SCCACHE_SERVER_PORT \ + -e SCCACHE_IGNORE_SERVER_IO_ERROR \ + -e SCCACHE_CACHE_SIZE \ + -e SCCACHE_AZURE_KEY_PREFIX \ + -e CMAKE_CXX_COMPILER_LAUNCHER \ + -e CMAKE_C_COMPILER_LAUNCHER \ + -e CI_BUILD_NUMBER \ + -e CI_BUILD_DEV_TAG \ + -w /work/src \ + ${{ fromJSON(needs.docker.outputs.images).ov_build.manylinux2014_x86_64 }} \ + /bin/bash -c " + python3.12 -m pip install -r /work/src/src/bindings/python/wheel/requirements-dev.txt + cmake \ + -DPython3_EXECUTABLE=/usr/local/bin/python3.12 \ + -DENABLE_CPPLINT=OFF \ + -DENABLE_NCC_STYLE=OFF \ + -DENABLE_TESTS=ON \ + -DENABLE_OV_JAX_FRONTEND=OFF \ + -DENABLE_PYTHON=ON \ + -DENABLE_WHEEL=OFF \ + -S /work/src \ + -B /work/build && + cmake --build /work/build --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} && + cmake --install /work/build --config ${{ env.CMAKE_BUILD_TYPE }} --prefix /work/install + cmake --install /work/build --config ${{ env.CMAKE_BUILD_TYPE }} --prefix /work/api_tests --component tests + " - name: Build Python API (Python 3.9-3.13) run: | SUPPORTED_PYTHON_VERSIONS=("3.9" "3.10" "3.11" "3.12" "3.13") for PY_VER in "${SUPPORTED_PYTHON_VERSIONS[@]}"; do - - py_build_dir=${{ github.workspace }}/build_py${PY_VER} simpler_python_version=$(echo $PY_VER | sed -e 's/\.//g') - python_path=/opt/python/cp${simpler_python_version}-cp${simpler_python_version}/bin/python3 - PIP_VER=$(${python_path} -c "import pip; print(pip.__version__)") - export "PIP_CACHE_DIR=${{ env.PIP_CACHE_PATH }}/${PIP_VER}" - ${python_path} -m pip install -r ${{ env.OPENVINO_REPO }}/src/bindings/python/wheel/requirements-dev.txt - /usr/bin/cmake -DPython3_EXECUTABLE=${python_path} -DOpenVINODeveloperPackage_DIR=${{ env.BUILD_DIR }} -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S ${{ env.OPENVINO_REPO }}/src/bindings/python -B ${py_build_dir} - /usr/bin/cmake --build ${py_build_dir} --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} - /usr/bin/cmake --install ${py_build_dir} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_WHEELS_DIR }} --component python_wheels - /usr/bin/cmake --install ${py_build_dir} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix ${{ env.INSTALL_DIR }} --component pyopenvino_python${PY_VER} - + python_path=/opt/python/cp${simpler_python_version}-cp${simpler_python_version}/bin + docker run --rm \ + -v ${{ env.OPENVINO_REPO }}:/work/src \ + -v ${{ env.INSTALL_WHEELS_DIR }}:/work/wheels \ + -v ${{ env.PIP_CACHE_PATH }}:/work/pip_cache \ + -v ${{ env.INSTALL_DIR }}:/work/install \ + -v ov_build_cache:/work/build \ + -e SCCACHE_AZURE_BLOB_CONTAINER \ + -e SCCACHE_AZURE_CONNECTION_STRING \ + -e SCCACHE_SERVER_PORT \ + -e SCCACHE_IGNORE_SERVER_IO_ERROR \ + -e SCCACHE_CACHE_SIZE \ + -e SCCACHE_AZURE_KEY_PREFIX \ + -e CMAKE_CXX_COMPILER_LAUNCHER \ + -e CMAKE_C_COMPILER_LAUNCHER \ + -e CI_BUILD_NUMBER \ + -e CI_BUILD_DEV_TAG \ + -w /work/src \ + ${{ fromJSON(needs.docker.outputs.images).ov_build.manylinux2014_x86_64 }} \ + /bin/bash -c " + export PATH=${python_path}:\$PATH + PIP_VER=$(python3 -c "import pip; print(pip.__version__)") + export "PIP_CACHE_DIR=/work/pip_cache/${PIP_VER}" + python3 -m pip install -r /work/src/src/bindings/python/wheel/requirements-dev.txt && + cmake -DOpenVINODeveloperPackage_DIR=/work/build -DENABLE_PYTHON=ON -DENABLE_WHEEL=ON -S /work/src/src/bindings/python -B /work/build_py${PY_VER} && + cmake --build /work/build_py${PY_VER} --parallel $(nproc) --config ${{ env.CMAKE_BUILD_TYPE }} && + cmake --install /work/build_py${PY_VER} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix /work/wheels --component python_wheels && + cmake --install /work/build_py${PY_VER} --config ${{ env.CMAKE_BUILD_TYPE }} --prefix /work/install --component pyopenvino_python${PY_VER} + " done - name: Pack Artifacts @@ -210,19 +257,19 @@ jobs: path: ${{ env.BUILD_DIR }}/openvino_tests.tar.gz if-no-files-found: 'error' - # - name: Store artifacts to a shared drive - # id: store_artifacts - # if: ${{ always() }} - # uses: ./src/.github/actions/store_artifacts - # with: - # artifacts: | - # ${{ env.BUILD_DIR }}/openvino_package.tar.gz - # ${{ env.BUILD_DIR }}/openvino_tests.tar.gz - # ${{ env.MANIFEST_PATH }} - # ${{ env.INSTALL_WHEELS_DIR }}/wheels - # storage_dir: ${{ env.PRODUCT_TYPE }} - # storage_root: ${{ env.ARTIFACTS_SHARE }} - # branch_name: ${{ inputs.target-branch }} + - name: Store artifacts to a shared drive + id: store_artifacts + if: ${{ always() }} + uses: ./src/.github/actions/store_artifacts + with: + artifacts: | + ${{ env.BUILD_DIR }}/openvino_package.tar.gz + ${{ env.BUILD_DIR }}/openvino_tests.tar.gz + ${{ env.MANIFEST_PATH }} + ${{ env.INSTALL_WHEELS_DIR }}/wheels + storage_dir: ${{ env.PRODUCT_TYPE }} + storage_root: ${{ env.ARTIFACTS_SHARE }} + branch_name: ${{ inputs.target-branch }} Python_API_Tests: name: Python API tests From 95ef8e29e13f9f83e8e6636c4ac094d1976ac350 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Tue, 3 Jun 2025 15:09:55 +0200 Subject: [PATCH 099/104] revert --- .../ubuntu_22_04_x64_docker/Dockerfile | 22 +------------------ 1 file changed, 1 insertion(+), 21 deletions(-) diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_docker/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_docker/Dockerfile index 9e95c91a52884a..2d5bc1c878069a 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_docker/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_docker/Dockerfile @@ -3,15 +3,6 @@ FROM ${REGISTRY}/library/ubuntu:22.04 USER root -# Create a non-root user and group -ENV USER_NAME=runner -ENV USER_ID=1000 -ENV GROUP_NAME=${USER_NAME} -ENV GROUP_ID=${USER_ID} - -RUN groupadd -g ${GROUP_ID} ${GROUP_NAME} -RUN useradd ${USER_NAME} -u ${USER_ID} -g ${GROUP_ID} -ms /bin/bash - # APT configuration RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf && \ echo 'APT::Get::Assume-Yes "true";' >> /etc/apt/apt.conf && \ @@ -30,8 +21,6 @@ RUN apt-get update && \ curl \ git \ gpg-agent \ - dbus-user-session \ - uidmap \ tzdata \ # parallel gzip pigz \ @@ -50,13 +39,4 @@ RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | \ RUN apt-get update && \ apt-get install -y docker-ce docker-ce-cli containerd.io -ENV DOCKER_BUILDKIT=1 - -# Add user to the Docker group -RUN usermod -aG docker ${USER_NAME} - -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} - -# Switch to the non-root user -USER ${USER_NAME} +ENV DOCKER_BUILDKIT=1 \ No newline at end of file From 4b690e22d4da51c6a03e81982a21d02d15baec4c Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Wed, 4 Jun 2025 10:22:59 +0200 Subject: [PATCH 100/104] uncomment artefact storing --- .github/workflows/job_build_linux.yml | 42 +++++++++++++-------------- 1 file changed, 20 insertions(+), 22 deletions(-) diff --git a/.github/workflows/job_build_linux.yml b/.github/workflows/job_build_linux.yml index 4e671a5b1c0f36..18585924815bfd 100644 --- a/.github/workflows/job_build_linux.yml +++ b/.github/workflows/job_build_linux.yml @@ -309,8 +309,6 @@ jobs: -DENABLE_PYTHON_PACKAGING=ON \ -DENABLE_WHEEL=OFF \ -DENABLE_TESTS=OFF \ - -DOpenVINO_BINARY_DIR=${BUILD_DIR} \ - -DOpenVINO_DIR=${BUILD_DIR} \ ${BUILD_DIR} cmake --build ${BUILD_DIR} --parallel $(nproc) --target package --verbose @@ -397,23 +395,23 @@ jobs: mkdir deb && mv *.deb deb/ popd - # - name: Store artifacts to a shared drive - # id: store_artifacts - # if: ${{ always() }} - # uses: ./openvino/.github/actions/store_artifacts - # with: - # artifacts: | - # ${{ env.BUILD_DIR }}/openvino_package.tar.gz - # ${{ env.BUILD_DIR }}/developer_package.tar.gz - # ${{ env.BUILD_DIR }}/openvino_tests.tar.gz - # ${{ env.BUILD_DIR }}/deb - # ${{ env.MANIFEST_PATH }} - # ${{ env.STORE_JS == 'true' && format('{0}/openvino_js_package.tar.gz', env.BUILD_DIR) || '' }} - # ${{ env.STORE_JS == 'true' && format('{0}/openvino_node_npm_package.tar.gz', env.BUILD_DIR) || '' }} - # ${{ env.STORE_WHEELS == 'true' && format('{0}/wheels', env.INSTALL_WHEELS_DIR) || '' }} - # storage_dir: ${{ env.PRODUCT_TYPE }} - # storage_root: ${{ env.ARTIFACTS_SHARE }} - # branch_name: ${{ inputs.target-branch }} - # env: - # STORE_WHEELS: ${{ inputs.os != 'debian_10' && inputs.arch != 'arm' }} - # STORE_JS: ${{ fromJSON(inputs.affected-components).JS_API && inputs.build-js }} + - name: Store artifacts to a shared drive + id: store_artifacts + if: ${{ always() }} + uses: ./openvino/.github/actions/store_artifacts + with: + artifacts: | + ${{ env.BUILD_DIR }}/openvino_package.tar.gz + ${{ env.BUILD_DIR }}/developer_package.tar.gz + ${{ env.BUILD_DIR }}/openvino_tests.tar.gz + ${{ env.BUILD_DIR }}/deb + ${{ env.MANIFEST_PATH }} + ${{ env.STORE_JS == 'true' && format('{0}/openvino_js_package.tar.gz', env.BUILD_DIR) || '' }} + ${{ env.STORE_JS == 'true' && format('{0}/openvino_node_npm_package.tar.gz', env.BUILD_DIR) || '' }} + ${{ env.STORE_WHEELS == 'true' && format('{0}/wheels', env.INSTALL_WHEELS_DIR) || '' }} + storage_dir: ${{ env.PRODUCT_TYPE }} + storage_root: ${{ env.ARTIFACTS_SHARE }} + branch_name: ${{ inputs.target-branch }} + env: + STORE_WHEELS: ${{ inputs.os != 'debian_10' && inputs.arch != 'arm' }} + STORE_JS: ${{ fromJSON(inputs.affected-components).JS_API && inputs.build-js }} From 7e88baa672df58c49563b648f3aacc55d3d314f3 Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Wed, 4 Jun 2025 10:30:06 +0200 Subject: [PATCH 101/104] switch debian packages jobs to gh-hosted runners --- .github/workflows/linux_arm64.yml | 4 ++-- .github/workflows/ubuntu_20.yml | 4 ++-- .github/workflows/ubuntu_22.yml | 4 ++-- .github/workflows/ubuntu_24.yml | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/linux_arm64.yml b/.github/workflows/linux_arm64.yml index 439e29ddfceb26..fe5a0552358a37 100644 --- a/.github/workflows/linux_arm64.yml +++ b/.github/workflows/linux_arm64.yml @@ -122,8 +122,8 @@ jobs: if: ${{ 'false' }} uses: ./.github/workflows/job_debian_packages.yml with: - runner: 'aks-linux-4-cores-8gb-arm' - image: 'openvinogithubactions.azurecr.io/dockerhub/ubuntu:20.04' + runner: 'ubuntu-22.04' + image: 'ubuntu:20.04' Samples: needs: [ Build, Docker, Smart_CI ] diff --git a/.github/workflows/ubuntu_20.yml b/.github/workflows/ubuntu_20.yml index 40ffbab0dc07f4..f3a0d8d826e380 100644 --- a/.github/workflows/ubuntu_20.yml +++ b/.github/workflows/ubuntu_20.yml @@ -133,8 +133,8 @@ jobs: needs: [ Docker, Build ] uses: ./.github/workflows/job_debian_packages.yml with: - runner: 'aks-linux-4-cores-16gb' - image: 'openvinogithubactions.azurecr.io/dockerhub/ubuntu:20.04' + runner: 'ubuntu-22.04' + image: 'ubuntu:20.04' Samples: needs: [ Docker, Build, Smart_CI ] diff --git a/.github/workflows/ubuntu_22.yml b/.github/workflows/ubuntu_22.yml index 73f4d161cb31de..c7058f00d0fdd4 100644 --- a/.github/workflows/ubuntu_22.yml +++ b/.github/workflows/ubuntu_22.yml @@ -125,8 +125,8 @@ jobs: needs: [Docker, Build] uses: ./.github/workflows/job_debian_packages.yml with: - runner: 'aks-linux-4-cores-16gb' - image: 'openvinogithubactions.azurecr.io/dockerhub/ubuntu:22.04' + runner: 'ubuntu-22.04' + image: 'ubuntu:22.04' Samples: needs: [ Docker, Build, Smart_CI ] diff --git a/.github/workflows/ubuntu_24.yml b/.github/workflows/ubuntu_24.yml index 15973e1384467b..ea4e5d203b7d1e 100644 --- a/.github/workflows/ubuntu_24.yml +++ b/.github/workflows/ubuntu_24.yml @@ -128,8 +128,8 @@ jobs: needs: [ Docker, Build ] uses: ./.github/workflows/job_debian_packages.yml with: - runner: 'aks-linux-4-cores-16gb' - image: 'openvinogithubactions.azurecr.io/dockerhub/ubuntu:24.04' + runner: 'ubuntu-22.04' + image: 'ubuntu:24.04' Samples: needs: [ Docker, Build, Smart_CI ] From 2b1fbaf6625a6e4e5f72511079e85712c5a93f7c Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Wed, 4 Jun 2025 17:02:32 +0100 Subject: [PATCH 102/104] rm unused --- .github/dockerfiles/ov_build/fedora_29/Dockerfile | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/dockerfiles/ov_build/fedora_29/Dockerfile b/.github/dockerfiles/ov_build/fedora_29/Dockerfile index 7e1a3319847d8b..dac2e8f99ebfbb 100644 --- a/.github/dockerfiles/ov_build/fedora_29/Dockerfile +++ b/.github/dockerfiles/ov_build/fedora_29/Dockerfile @@ -30,7 +30,6 @@ RUN dnf update -y && dnf install -y \ make \ tar \ gcc \ - glibc-devel \ gcc-c++ \ # parallel gzip pigz \ From 9eb8f4784abe21ff3b1b95a7ecec00620c51a33b Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Fri, 6 Jun 2025 12:31:44 +0200 Subject: [PATCH 103/104] rm unused --- .github/actions/openvino_provider/action.yml | 2 +- .github/dockerfiles/ov_build/debian_10_arm/Dockerfile | 5 ++--- .github/dockerfiles/ov_build/fedora_29/Dockerfile | 5 ++--- .github/dockerfiles/ov_build/manylinux_2_28/Dockerfile | 5 ++--- .github/dockerfiles/ov_build/ubuntu_20_04_arm64/Dockerfile | 5 ++--- .github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile | 5 ++--- .../ov_build/ubuntu_20_04_x64_nvidia/Dockerfile | 5 ++--- .../dockerfiles/ov_build/ubuntu_22_04_android/Dockerfile | 5 ++--- .github/dockerfiles/ov_build/ubuntu_22_04_riscv/Dockerfile | 5 ++--- .../ov_build/ubuntu_22_04_riscv_xuantie/Dockerfile | 5 ++--- .github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile | 5 ++--- .../dockerfiles/ov_build/ubuntu_22_04_x64_cc/Dockerfile | 5 ++--- .../dockerfiles/ov_build/ubuntu_22_04_x64_dpcpp/Dockerfile | 5 ++--- .../ov_build/ubuntu_22_04_x64_nvidia/Dockerfile | 7 +++---- .github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile | 5 ++--- .github/dockerfiles/ov_build/webassembly/Dockerfile | 5 ++--- .github/dockerfiles/ov_test/debian_10_arm/Dockerfile | 5 ++--- .github/dockerfiles/ov_test/debian_10_py310/Dockerfile | 5 ++--- .github/dockerfiles/ov_test/fedora_33/Dockerfile | 5 ++--- .github/dockerfiles/ov_test/ubuntu_20_04_arm64/Dockerfile | 5 ++--- .github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile | 5 ++--- .../dockerfiles/ov_test/ubuntu_20_04_x64_py313/Dockerfile | 5 ++--- .../ov_test/ubuntu_22_04_riscv_xuantie/Dockerfile | 5 ++--- .github/dockerfiles/ov_test/ubuntu_22_04_x64/Dockerfile | 5 ++--- .github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile | 5 ++--- .github/workflows/job_build_linux.yml | 3 +-- 26 files changed, 51 insertions(+), 76 deletions(-) diff --git a/.github/actions/openvino_provider/action.yml b/.github/actions/openvino_provider/action.yml index e1eacd9580f6f3..6ec6440cfd2d1c 100644 --- a/.github/actions/openvino_provider/action.yml +++ b/.github/actions/openvino_provider/action.yml @@ -162,7 +162,7 @@ runs: if: steps.get_source.outputs.artifacts_source == 's3' && inputs.revision != 'latest_nightly' shell: bash run: >- - cd ~ && python3 -m venv venv && . venv/bin/activate && + python3 -m venv venv && . venv/bin/activate && pip install -r $GITHUB_ACTION_PATH/requirements.txt && python $GITHUB_ACTION_PATH/get_s3_package.py --product openvino --platform ${{ inputs.platform }} --arch ${{ inputs.arch }} --version ${{ inputs.revision }} diff --git a/.github/dockerfiles/ov_build/debian_10_arm/Dockerfile b/.github/dockerfiles/ov_build/debian_10_arm/Dockerfile index 9020bc480d7ec5..55f06e8dd71769 100644 --- a/.github/dockerfiles/ov_build/debian_10_arm/Dockerfile +++ b/.github/dockerfiles/ov_build/debian_10_arm/Dockerfile @@ -237,11 +237,10 @@ ENV PATH="/venv/bin:$SCCACHE_HOME:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} - # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv # Switch to the non-root user USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/fedora_29/Dockerfile b/.github/dockerfiles/ov_build/fedora_29/Dockerfile index dac2e8f99ebfbb..5edbe93d9cfb0e 100644 --- a/.github/dockerfiles/ov_build/fedora_29/Dockerfile +++ b/.github/dockerfiles/ov_build/fedora_29/Dockerfile @@ -144,9 +144,6 @@ RUN cd git-2.49.0 && \ # Use python3.9 instead of /usr/bin/python RUN update-alternatives --install /usr/bin/python python /usr/bin/python3.9 10 -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} - # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv @@ -155,3 +152,5 @@ RUN chown -R ${USER_NAME}:${USER_NAME} ${NVM_DIR} # Switch to the non-root user USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile b/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile index 792f5075b6a39f..b7b1ece863fb13 100644 --- a/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile +++ b/.github/dockerfiles/ov_build/manylinux_2_28/Dockerfile @@ -28,8 +28,7 @@ RUN mkdir ${SCCACHE_HOME} && cd ${SCCACHE_HOME} && \ # To make python3 and pip binaries accessible ENV PATH="/opt/python/cp311-cp311/bin:$SCCACHE_HOME:$PATH" -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} - # Switch to the non-root user USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_20_04_arm64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_20_04_arm64/Dockerfile index 59032299876688..6ea6219700c762 100644 --- a/.github/dockerfiles/ov_build/ubuntu_20_04_arm64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_20_04_arm64/Dockerfile @@ -113,9 +113,6 @@ RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | b RUN . "$NVM_DIR/nvm.sh" && nvm install ${NODE_VERSION} ENV PATH="$NVM_DIR/versions/node/v${NODE_VERSION}/bin/:${PATH}" -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} - # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv @@ -124,3 +121,5 @@ RUN chown -R ${USER_NAME}:${USER_NAME} ${NVM_DIR} # Switch to the non-root user USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile index 5ce3bfe3e6de27..717e0b16a768e9 100644 --- a/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_20_04_x64/Dockerfile @@ -95,9 +95,6 @@ RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | b RUN . "$NVM_DIR/nvm.sh" && nvm install ${NODE_VERSION} ENV PATH="$NVM_DIR/versions/node/v${NODE_VERSION}/bin/:${PATH}" -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} - # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv @@ -106,3 +103,5 @@ RUN chown -R ${USER_NAME}:${USER_NAME} ${NVM_DIR} # Switch to the non-root user USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_20_04_x64_nvidia/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_20_04_x64_nvidia/Dockerfile index 0d223a16f0bdea..9ec3561304ad34 100644 --- a/.github/dockerfiles/ov_build/ubuntu_20_04_x64_nvidia/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_20_04_x64_nvidia/Dockerfile @@ -94,11 +94,10 @@ ENV PATH="/venv/bin:$SCCACHE_HOME:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} - # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv # Switch to the non-root user USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_android/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_android/Dockerfile index b4d5192c828e5a..2ccd8b5e755399 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_android/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_android/Dockerfile @@ -64,8 +64,7 @@ RUN wget https://dl.google.com/android/repository/commandlinetools-linux-7583922 unzip commandlinetools-linux-7583922_latest.zip RUN echo "yes" | ./cmdline-tools/bin/sdkmanager --sdk_root=${ANDROID_TOOLS} --install "ndk-bundle" "platform-tools" "platforms;android-${ANDROID_SDK_VERSION}" -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} - # Switch to the non-root user USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_riscv/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_riscv/Dockerfile index 2f52680a0f7fef..efc4b346e38983 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_riscv/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_riscv/Dockerfile @@ -81,8 +81,7 @@ RUN curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py && \ python3 get-pip.py --no-cache-dir pip==${PIP_VERSION} && \ rm -f get-pip.py -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} - # Switch to the non-root user USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_riscv_xuantie/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_riscv_xuantie/Dockerfile index c615a8f16bc736..fb229b10b0955f 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_riscv_xuantie/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_riscv_xuantie/Dockerfile @@ -110,11 +110,10 @@ RUN curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py && \ python3 get-pip.py --no-cache-dir pip==${PIP_VERSION} && \ rm -f get-pip.py -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} - # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv # Switch to the non-root user USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile index c13c5335ef22c8..913535eeda926a 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile @@ -123,9 +123,6 @@ RUN mkdir -p ${DOXYGEN_HOME} && cd ${DOXYGEN_HOME} && wget https://www.doxygen.n rm -f doxygen-$DOXYGEN_VERSION.linux.bin.tar.gz ENV PATH="${DOXYGEN_HOME}/doxygen-$DOXYGEN_VERSION/bin:$PATH" -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} - # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv @@ -137,3 +134,5 @@ RUN chown -R ${USER_NAME}:${USER_NAME} ${DOXYGEN_HOME} # Switch to the non-root user USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_cc/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_cc/Dockerfile index c31717c1ed2866..9bee813e5c46d6 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_cc/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_cc/Dockerfile @@ -84,11 +84,10 @@ ENV PATH="/venv/bin:$SCCACHE_HOME:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} - # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv # Switch to the non-root user USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_dpcpp/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_dpcpp/Dockerfile index 2e22ebdec3cab9..af33a668ce6cb8 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_dpcpp/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_dpcpp/Dockerfile @@ -106,11 +106,10 @@ ENV CPATH=/opt/intel/oneapi/dpl/2022.6/include:/opt/intel/oneapi/dev-utilities/2 ENV CC=icx ENV CXX=icpx -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} - # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv # Switch to the non-root user USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_nvidia/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_nvidia/Dockerfile index 5f7a5b391c7f41..b3487491b363cc 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_x64_nvidia/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_x64_nvidia/Dockerfile @@ -83,11 +83,10 @@ ENV PATH="/venv/bin:$SCCACHE_HOME:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} - # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv # Switch to the non-root user -USER ${USER_NAME} \ No newline at end of file +USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile index 78bdf49249a0d5..5e5cb9d72c2db1 100644 --- a/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_24_04_x64/Dockerfile @@ -93,11 +93,10 @@ RUN /venv/bin/python3 -m pip install --upgrade pip==${PIP_VERSION} && \ ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${GROUP_ID} /home/${USER_NAME} - # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${GROUP_ID} /venv # Switch to the non-root user USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_build/webassembly/Dockerfile b/.github/dockerfiles/ov_build/webassembly/Dockerfile index 0838d891062b75..839f08a5ae8188 100644 --- a/.github/dockerfiles/ov_build/webassembly/Dockerfile +++ b/.github/dockerfiles/ov_build/webassembly/Dockerfile @@ -42,8 +42,7 @@ RUN mkdir ${SCCACHE_HOME} && cd ${SCCACHE_HOME} && \ ENV PATH="$SCCACHE_HOME:$PATH" -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${GROUP_ID} /home/${USER_NAME} - # Switch to the non-root user USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_test/debian_10_arm/Dockerfile b/.github/dockerfiles/ov_test/debian_10_arm/Dockerfile index 01bf8d41e0c231..e91b770649f8a3 100644 --- a/.github/dockerfiles/ov_test/debian_10_arm/Dockerfile +++ b/.github/dockerfiles/ov_test/debian_10_arm/Dockerfile @@ -48,8 +48,7 @@ RUN chmod +x /install_build_dependencies.sh && \ ENV LD_LIBRARY_PATH="/usr/arm-linux-gnueabihf/:/usr/arm-linux-gnueabihf/lib/:$LD_LIBRARY_PATH" RUN ln -s /usr/arm-linux-gnueabihf/lib/ld-linux-armhf.so.3 /lib/ld-linux-armhf.so.3 -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} - # Switch to the non-root user USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_test/debian_10_py310/Dockerfile b/.github/dockerfiles/ov_test/debian_10_py310/Dockerfile index f36a917f933029..806d8c6f25b4ff 100644 --- a/.github/dockerfiles/ov_test/debian_10_py310/Dockerfile +++ b/.github/dockerfiles/ov_test/debian_10_py310/Dockerfile @@ -84,11 +84,10 @@ ENV PATH="/venv/bin:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} ENV PIP_INSTALL_PATH=/venv/lib/python3.10/site-packages -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} - # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv # Switch to the non-root user USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_test/fedora_33/Dockerfile b/.github/dockerfiles/ov_test/fedora_33/Dockerfile index 4c706853cd6cca..8af16af8c7e91b 100644 --- a/.github/dockerfiles/ov_test/fedora_33/Dockerfile +++ b/.github/dockerfiles/ov_test/fedora_33/Dockerfile @@ -38,11 +38,10 @@ ENV PATH="$NVM_DIR/versions/node/v${NODE_VERSION}/bin/:${PATH}" ENV PIP_VERSION="24.0" RUN python3 -m pip install --upgrade pip==${PIP_VERSION} -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} - # Change ownership of node to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} ${NVM_DIR} # Switch to the non-root user USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_test/ubuntu_20_04_arm64/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_20_04_arm64/Dockerfile index 5b150915c2db72..52ca92345a015a 100644 --- a/.github/dockerfiles/ov_test/ubuntu_20_04_arm64/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_20_04_arm64/Dockerfile @@ -66,11 +66,10 @@ ENV PATH="/venv/bin:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} ENV PIP_INSTALL_PATH=/venv/lib/python3.11/site-packages -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} - # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv # Switch to the non-root user USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile index cf12064aa46145..cdbe4927ca0b46 100644 --- a/.github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_20_04_x64/Dockerfile @@ -67,11 +67,10 @@ ENV PATH="/venv/bin:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} ENV PIP_INSTALL_PATH=/venv/lib/python3.9/site-packages -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} - # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv # Switch to the non-root user USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_test/ubuntu_20_04_x64_py313/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_20_04_x64_py313/Dockerfile index 7f23967996331d..ee4d8d7a5ef756 100644 --- a/.github/dockerfiles/ov_test/ubuntu_20_04_x64_py313/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_20_04_x64_py313/Dockerfile @@ -61,11 +61,10 @@ ENV PATH="/venv/bin:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} ENV PIP_INSTALL_PATH=/venv/lib/python3.13/site-packages -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} - # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv # Switch to the non-root user USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_test/ubuntu_22_04_riscv_xuantie/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_22_04_riscv_xuantie/Dockerfile index 7314cef9e1c447..0afa677762bf7f 100644 --- a/.github/dockerfiles/ov_test/ubuntu_22_04_riscv_xuantie/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_22_04_riscv_xuantie/Dockerfile @@ -64,11 +64,10 @@ RUN mkdir -p ${XUINTIE_TMP_PATH} && cd ${XUINTIE_TMP_PATH} && \ make -j$(nproc) && make install && \ rm -rf ${XUINTIE_TMP_PATH} -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} - # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv # Switch to the non-root user USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_test/ubuntu_22_04_x64/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_22_04_x64/Dockerfile index 2cd4c6aef46225..2447652bdfee83 100644 --- a/.github/dockerfiles/ov_test/ubuntu_22_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_22_04_x64/Dockerfile @@ -76,11 +76,10 @@ ENV PATH="/venv/bin:$SCCACHE_HOME:$PATH" ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} ENV PIP_INSTALL_PATH=/venv/lib/python3.11/site-packages -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${USER_NAME} /home/${USER_NAME} - # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${USER_NAME} /venv # Switch to the non-root user USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile b/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile index ae1b9503cc0b9e..038c8f7686e050 100644 --- a/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_test/ubuntu_24_04_x64/Dockerfile @@ -59,11 +59,10 @@ RUN /venv/bin/python3 -m pip install --upgrade pip==${PIP_VERSION} ENV PIP_CACHE_DIR=/mount/caches/pip/linux/${PIP_VERSION} ENV PIP_INSTALL_PATH=/venv/lib/python3/site-packages -# Change ownership of the home directory to the non-root user -RUN mkdir -p /home/${USER_NAME} && chown -R ${USER_NAME}:${GROUP_ID} /home/${USER_NAME} - # Change ownership of the venv directory to the non-root user RUN chown -R ${USER_NAME}:${GROUP_ID} /venv # Switch to the non-root user USER ${USER_NAME} + +WORKDIR /home/${USER_NAME} diff --git a/.github/workflows/job_build_linux.yml b/.github/workflows/job_build_linux.yml index 18585924815bfd..e2f4a2233d759f 100644 --- a/.github/workflows/job_build_linux.yml +++ b/.github/workflows/job_build_linux.yml @@ -86,7 +86,6 @@ jobs: SCCACHE_ERROR_LOG: /__w/openvino/sccache_log.txt SCCACHE_LOG: warn GITHUB_WORKSPACE: /__w/openvino/openvino - USER_HOME_DIR: /home/runner OPENVINO_REPO: /__w/openvino/openvino/openvino OPENVINO_CONTRIB_REPO: /__w/openvino/openvino/openvino_contrib INSTALL_DIR: /__w/openvino/openvino/openvino_install @@ -212,7 +211,7 @@ jobs: run: | for py_version in "3.9" "3.10" "3.11" "3.12" "3.13" do - export PY_BUILD_DIR=${USER_HOME_DIR}/py$py_version + export PY_BUILD_DIR=${HOME}/py$py_version mkdir -p $PY_BUILD_DIR python_exec_path=$(python$py_version -c "import sys; print(sys.executable)") From 73a5992167f763ed56e6b3da5233e79903b3da0d Mon Sep 17 00:00:00 2001 From: Andrei Kashchikhin Date: Fri, 6 Jun 2025 12:46:14 +0200 Subject: [PATCH 104/104] rm extra one --- .github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile b/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile index 913535eeda926a..12a5d05a23af50 100644 --- a/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile +++ b/.github/dockerfiles/ov_build/ubuntu_22_04_x64/Dockerfile @@ -32,8 +32,6 @@ RUN apt-get update && \ gpg-agent \ tzdata \ libtbb2 \ - # ONNX Runtime build - language-pack-en \ # parallel gzip pigz \ # Pythons