Patch 2025 02 07 hf pt inference neuronx (#4543)

* patch transformers, optimum_neuron, ubuntu and bump major version * Update ['dlc_developer_config.toml'] dlc_developer_config.toml: { 'build': { 'build_frameworks': ['huggingface_pytorch'], 'build_inference': True, 'build_training': False}, 'buildspec_override': { 'dlc-pr-huggingface-pytorch-neuronx-inference': 'huggingface/pytorch/inference/buildspec-neuronx.yml'}, 'dev': { 'arm64_mode': False, 'deep_canary_mode': False, 'graviton_mode': False, 'neuronx_mode': True}, 'test': { 'ec2_tests': True, 'ecs_tests': True, 'eks_tests': True, 'sagemaker_local_tests': True, 'sagemaker_remote_tests': True, 'sanity_tests': True, 'security_tests': True}} * bump miniforge version * remove emacs * also fix release_images * optimum-neuron requires hugginface-hub>=0.28.0 * revert transformers change due to chain reqs requiring hugginface_hub 0.28 * ignore transformers vulnerability from Safety * wrong file i guess? moving the ignore to a diff allowlist * nvm, its because its picking up the wrong dict * dont bump optimum neuron * Revert "Update ['dlc_developer_config.toml']" This reverts commit a9209af.
aws · Feb 13, 2025 · 5316b23 · 5316b23
1 parent a6ae921
commit 5316b23
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 2 deletions.
diff --git a/data/ignore_ids_safety_scan.json b/data/ignore_ids_safety_scan.json
@@ -1450,7 +1450,8 @@
                 "67599": "** DISPUTED ** An issue was discovered in pip (all versions) because it installs the version with the highest version number, even if the user had intended to obtain a private package from a private index. This only affects use of the --extra-index-url option, and exploitation requires that the package does not already exist in the public index (and thus the attacker can put the package there with an arbitrary version number). NOTE: it has been reported that this is intended functionality and the user is responsible for using --extra-index-url securely.",
                 "70612": "The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.",
                 "71671": "Pytorch version upgrade needs to be handled in a separate image",
-                "71672": "Pytorch version upgrade needs to be handled in a separate image"
+                "71672": "Pytorch version upgrade needs to be handled in a separate image",
+                "74882": "Ignoring due to Safety picking this up. This is already covered in our own scan config"
             }
         },
         "training-neuronx": {

diff --git a/huggingface/pytorch/inference/docker/2.1/py3/sdk2.20.0/Dockerfile.neuronx b/huggingface/pytorch/inference/docker/2.1/py3/sdk2.20.0/Dockerfile.neuronx
@@ -1,6 +1,6 @@
 FROM ubuntu:20.04
 
-LABEL dlc_major_version="1"
+LABEL dlc_major_version="2"
 LABEL maintainer="Amazon AI"
 LABEL com.amazonaws.sagemaker.capabilities.accept-bind-to-port=true
 
@@ -162,6 +162,9 @@ RUN chmod +x /usr/local/bin/deep_learning_container.py
 # Hugging Face specific section #
 #################################
 
+RUN apt-get remove -y --purge emacs && \
+apt-get autoremove -y
+
 RUN curl https://aws-dlc-licenses.s3.amazonaws.com/pytorch-1.13/license.txt -o /license.txt
 
 # install Hugging Face libraries and its dependencies

diff --git a/src/utils.py b/src/utils.py
@@ -281,6 +281,8 @@ def get_safety_ignore_dict(image_uri, framework, python_version, job_type):
         job_type = (
             "inference-eia"
             if "eia" in image_uri
+            else "inference-neuronx"
+            if "neuronx" in image_uri
             else "inference-neuron"
             if "neuron" in image_uri
             else "inference"