upgrade pillow etc. to fix safety issues in 1.4.0 dockerfiles (#63)

YYStreet · web-flow · commit 28dafc839eab · 2020-04-01T23:46:26.000-07:00
diff --git a/docker/1.4.0/py2/Dockerfile.cpu b/docker/1.4.0/py2/Dockerfile.cpu
@@ -58,15 +58,15 @@ RUN conda install -c \
  && conda install -y \
     scikit-learn==0.20.3 \
     pandas==0.24.2 \
-    pillow==6.2.1 \
     h5py==2.9.0 \
     requests==2.22.0 \
  && conda install \
     pytorch==$PYTORCH_VERSION \
     torchvision==$TORCHVISION_VERSION cpuonly -c pytorch \
  && conda clean -ya \
  && pip install --upgrade pip --trusted-host pypi.org --trusted-host files.pythonhosted.org \
- && pip install mxnet-model-server==$MMS_VERSION
+ && pip install mxnet-model-server==$MMS_VERSION \
+ && pip install --no-cache-dir pillow==6.2.2
 
 RUN useradd -m model-server \
  && mkdir -p /home/model-server/tmp \
@@ -81,6 +81,9 @@ RUN pip install --no-cache-dir "sagemaker-pytorch-inference<2"
 
 RUN curl https://aws-dlc-licenses.s3.amazonaws.com/pytorch-1.4.0/license.txt -o /license.txt
 
+RUN conda install -y -c conda-forge pyyaml==5.3.1
+RUN pip install  sagemaker-containers==2.8.6 urllib3==1.25.8
+
 EXPOSE 8080 8081
 ENTRYPOINT ["python", "/usr/local/bin/dockerd-entrypoint.py"]
 CMD ["mxnet-model-server", "--start", "--mms-config", "/home/model-server/config.properties"]
diff --git a/docker/1.4.0/py2/Dockerfile.gpu b/docker/1.4.0/py2/Dockerfile.gpu
@@ -70,7 +70,6 @@ RUN conda install -c \
  && conda install -y scikit-learn==0.20.3 \
     h5py==2.9.0 \
     pandas==0.24.2 \
-    pillow==6.2.1 \
     requests==2.22.0 \
  && conda install -c \
     pytorch \
@@ -80,7 +79,8 @@ RUN conda install -c \
  && conda clean -ya \
  && /opt/conda/bin/conda config --set ssl_verify False \
  && pip install --upgrade pip --trusted-host pypi.org --trusted-host files.pythonhosted.org \
- && pip install mxnet-model-server==$MMS_VERSION
+ && pip install mxnet-model-server==$MMS_VERSION \
+ && pip install --no-cache-dir pillow==6.2.2
 
 RUN useradd -m model-server \
  && mkdir -p /home/model-server/tmp \
@@ -105,6 +105,9 @@ RUN pip install --no-cache-dir "sagemaker-pytorch-inference<2"
 
 RUN curl https://aws-dlc-licenses.s3.amazonaws.com/pytorch-1.4.0/license.txt -o /license.txt
 
+RUN conda install -y -c conda-forge pyyaml==5.3.1
+RUN pip install  sagemaker-containers==2.8.6 urllib3==1.25.8
+
 EXPOSE 8080 8081
 ENTRYPOINT ["python", "/usr/local/bin/dockerd-entrypoint.py"]
 CMD ["mxnet-model-server", "--start", "--mms-config", "/home/model-server/config.properties"]
diff --git a/docker/1.4.0/py3/Dockerfile.cpu b/docker/1.4.0/py3/Dockerfile.cpu
@@ -56,7 +56,6 @@ RUN conda install -c \
  && conda install -y \
     scikit-learn==0.21.2 \
     pandas==0.25.0 \
-    pillow==6.2.1 \
     h5py==2.9.0 \
     requests==2.22.0 \
  && conda install \
@@ -65,7 +64,8 @@ RUN conda install -c \
  && conda clean -ya \
  && pip install --upgrade pip --trusted-host pypi.org --trusted-host files.pythonhosted.org \
  && ln -s /opt/conda/bin/pip /usr/local/bin/pip3 \
- && pip install mxnet-model-server==$MMS_VERSION
+ && pip install mxnet-model-server==$MMS_VERSION \
+ && pip install --no-cache-dir pillow==7.1.0
 
 RUN useradd -m model-server \
  && mkdir -p /home/model-server/tmp \
@@ -80,6 +80,9 @@ RUN pip install --no-cache-dir "sagemaker-pytorch-inference<2"
 
 RUN curl https://aws-dlc-licenses.s3.amazonaws.com/pytorch-1.4.0/license.txt -o /license.txt
 
+RUN conda install -y -c conda-forge pyyaml==5.3.1
+RUN pip install  sagemaker-containers==2.8.6
+
 EXPOSE 8080 8081
 ENTRYPOINT ["python", "/usr/local/bin/dockerd-entrypoint.py"]
 CMD ["mxnet-model-server", "--start", "--mms-config", "/home/model-server/config.properties"]
diff --git a/docker/1.4.0/py3/Dockerfile.gpu b/docker/1.4.0/py3/Dockerfile.gpu
@@ -70,7 +70,6 @@ RUN conda install -c \
  && conda install -y \
     scikit-learn==0.21.2 \
     pandas==0.25.0 \
-    pillow==6.2.1 \
     h5py==2.9.0 \
     requests==2.22.0 \
  && conda install -c \
@@ -82,7 +81,8 @@ RUN conda install -c \
  && /opt/conda/bin/conda config --set ssl_verify False \
  && pip install --upgrade pip --trusted-host pypi.org --trusted-host files.pythonhosted.org \
  && ln -s /opt/conda/bin/pip /usr/local/bin/pip3 \
- && pip install mxnet-model-server==$MMS_VERSION
+ && pip install mxnet-model-server==$MMS_VERSION \
+ && pip install --no-cache-dir pillow==7.1.0
 
 RUN useradd -m model-server \
  && mkdir -p /home/model-server/tmp \
@@ -97,6 +97,9 @@ RUN pip install --no-cache-dir "sagemaker-pytorch-inference<2"
 
 RUN curl https://aws-dlc-licenses.s3.amazonaws.com/pytorch-1.4.0/license.txt -o /license.txt
 
+RUN conda install -y -c conda-forge pyyaml==5.3.1
+RUN pip install  sagemaker-containers==2.8.6
+
 EXPOSE 8080 8081
 ENTRYPOINT ["python", "/usr/local/bin/dockerd-entrypoint.py"]
 CMD ["mxnet-model-server", "--start", "--mms-config", "/home/model-server/config.properties"]
diff --git a/setup.py b/setup.py
@@ -46,8 +46,9 @@ def read(fname):
         'Programming Language :: Python :: 2.7',
         'Programming Language :: Python :: 3.6',
     ],
-    install_requires=['numpy==1.16.4', 'Pillow==6.2.0', 'retrying==1.3.3', 'sagemaker-containers==2.5.4',
-                      'six==1.12.0', 'requests_mock==1.6.0', 'sagemaker-inference==1.2.2',
+
+    install_requires=['numpy==1.16.4', 'Pillow>=6.2.0', 'retrying==1.3.3', 'sagemaker-containers>=2.5.4',
+                      'six==1.12.0', 'requests_mock==1.6.0', 'sagemaker-inference>=1.2.2',
                       'retrying==1.3.3'],
     extras_require={
         'test': ['boto3==1.10.32', 'coverage==4.5.3', 'docker-compose==1.23.2', 'flake8==3.7.7', 'Flask==1.1.1',
