Merge pull request #291 from takuyagt/malware-reorg

Change the docker user as root
IBM · Jun 18, 2024 · a5e8a67 · a5e8a67
2 parents db6df8f + 03a4838
commit a5e8a67
Showing 1 changed file with 12 additions and 15 deletions.
diff --git a/transforms/code/malware/python/Dockerfile b/transforms/code/malware/python/Dockerfile
@@ -1,39 +1,36 @@
-FROM docker.io/rayproject/ray:2.9.3-py310 AS base
+FROM docker.io/python:3.10.14-slim-bullseye AS base
 
-USER root
 RUN apt -y update \
     && apt install -y clamav-daemon \
     && apt-get clean \
     && rm -rf /var/lib/apt/lists/*
-USER ray
 
 FROM docker.io/clamav/clamav:latest AS clamav
 FROM base AS clamav-local
-USER root
-COPY --chown=ray:users --from=clamav /var/lib/clamav/ /var/lib/clamav/
-COPY --chown=ray:users clamd.conf /etc/clamav/clamd.conf
+COPY --from=clamav /var/lib/clamav/ /var/lib/clamav/
+COPY clamd.conf /etc/clamav/clamd.conf
 RUN freshclam \
+    && sed -i "s/ray/root/g" /etc/clamav/clamd.conf \
     && mkdir -p /var/run/clamav \
-    && chown -R ray:users /var/run/clamav /var/log/clamav /var/lib/clamav
-USER ray
+    && chmod -R 777 /var/run/clamav /var/log/clamav /var/lib/clamav
 CMD ["/bin/bash", "-c", "clamd --debug --foreground"]
 
 FROM base AS malware
 
-COPY --from=clamav-local --chown=ray:users /var/lib/clamav/ /var/lib/clamav/
-COPY --from=clamav-local --chown=ray:users /etc/clamav/clamd.conf /etc/clamav/clamd.conf
-COPY --from=clamav-local --chown=ray:users /var/log/clamav/clamav.log /var/log/clamav/clamav.log
-COPY --from=clamav-local --chown=ray:users /var/run/clamav /var/run/clamav
+COPY --from=clamav-local /var/lib/clamav/ /var/lib/clamav/
+COPY --from=clamav-local /etc/clamav/clamd.conf /etc/clamav/clamd.conf
+COPY --from=clamav-local /var/log/clamav/clamav.log /var/log/clamav/clamav.log
+COPY --from=clamav-local /var/run/clamav /var/run/clamav
 
 RUN pip install --no-cache-dir pytest
 
 # Copy and install data processing libraries 
 # These are expected to be placed in the docker context before this is run (see the make image).
-COPY --chown=ray:users data-processing-lib-python/ data-processing-lib-python/
+COPY data-processing-lib-python/ data-processing-lib-python/
 RUN cd data-processing-lib-python && pip install --no-cache-dir -e .
 
-COPY --chown=ray:root src/ src/
-COPY --chown=ray:root pyproject.toml pyproject.toml
+COPY src/ src/
+COPY pyproject.toml pyproject.toml
 RUN pip install --no-cache-dir -e .
 
 # copy source data