Security: Enable GPG signature verification for ROCm/AMDGPU repositories

[coderabbitai]

Summary

The ROCm and AMDGPU repository configurations in Dockerfiles have GPG checking disabled (gpgcheck=0), which compromises supply-chain security by allowing unverified packages to be installed.

Problem

In jupyter/rocm/tensorflow/ubi9-python-3.12/Dockerfile.rocm around lines 56-66, both ROCm and AMDGPU repositories are configured with gpgcheck=0, which disables signature verification. This means:

• Package authenticity cannot be verified
• Compromised repository infrastructure could serve malicious packages
• Supply-chain attacks become easier to execute

Proposed Solution

Enable GPG signature verification for both repositories:

1. Set gpgcheck=1 for both ROCm and AMDGPU repositories
2. Import AMD's GPG keys before installing packages:
   • rpm --import https://repo.radeon.com/rocm/rocm.gpg.key
   • Import appropriate key for AMDGPU repository

Acceptance Criteria

• GPG checking is enabled for ROCm repository
• GPG checking is enabled for AMDGPU repository
• AMD GPG keys are imported before package installation
• Repository configurations are updated across all ROCm images
• Build process continues to work with signature verification enabled

Related

• PR: RHOAIENG-27434: Create Rocm Tensorflow Python 3.12 Image #1259
• Comment: RHOAIENG-27434: Create Rocm Tensorflow Python 3.12 Image #1259 (comment)
• Requestor: @jiridanek

This issue affects supply-chain security and should be prioritized for implementation.

[coderabbitai]

Additional ROCm Repository GPG Verification Issue Found

During PR #1333 review, another instance of disabled GPG verification was identified in:

File: runtimes/rocm-tensorflow/ubi9-python-3.12/Dockerfile.rocm
Lines: 47 and 52

The ROCm and AMDGPU repositories are configured with gpgcheck=0:

RUN echo "[ROCm]" > /etc/yum.repos.d/rocm.repo && \
    echo "name=ROCm" >> /etc/yum.repos.d/rocm.repo && \
    echo "baseurl=https://repo.radeon.com/rocm/rhel9/$ROCM_VERSION/main" >> /etc/yum.repos.d/rocm.repo && \
    echo "enabled=1" >> /etc/yum.repos.d/rocm.repo && \
    echo "gpgcheck=0" >> /etc/yum.repos.d/rocm.repo && \
    echo "[amdgpu]" > /etc/yum.repos.d/amdgpu.repo && \
    echo "name=amdgpu" >> /etc/yum.repos.d/amdgpu.repo && \
    echo "baseurl=https://repo.radeon.com/amdgpu/$AMDGPU_VERSION/rhel/9.4/main/x86_64" >> /etc/yum.repos.d/amdgpu.repo && \
    echo "enabled=1" >> /etc/yum.repos.d/amdgpu.repo && \
    echo "gpgcheck=0" >> /etc/yum.repos.d/amdgpu.repo

This should be included in the scope of this issue for comprehensive GPG verification enablement across all ROCm-related Docker images.

Context: #1333 (comment)