Bump Ubuntu (24.04) and Python (3.12) versions.

Author: puneetmatharu

.github/workflows/pytorch.yml

@@ -63,8 +63,8 @@ jobs:
       matrix:
         config:
           [
-            { name: c7g, label: ah-ubuntu_22_04-c7g_8x-100 },
-            { name: c8g, label: ah-ubuntu_22_04-c8g_8x }
+            { name: c7g, label: ah-ubuntu_24_04-c7g_8x-100 },
+            { name: c8g, label: ah-ubuntu_24_04-c8g_8x }
            ]
     runs-on: ${{ matrix.config.label }}
     steps:
@@ -100,8 +100,8 @@ jobs:
       matrix:
         config:
           [
-            { name: c7g, label: ah-ubuntu_22_04-c7g_8x-100 },
-            { name: c8g, label: ah-ubuntu_22_04-c8g_8x }
+            { name: c7g, label: ah-ubuntu_24_04-c7g_8x-100 },
+            { name: c8g, label: ah-ubuntu_24_04-c8g_8x }
            ]
         onednn_fpmath_mode: [FP32, BF16]
     runs-on: ${{ matrix.config.label }}

.github/workflows/tensorflow.yml

@@ -62,7 +62,7 @@ jobs:
     strategy:
       matrix:
         config: [
-          { name: c7g, label: ah-ubuntu_22_04-c7g_8x-100 } # Metal instance required as 4x large is not big enough
+          { name: c7g, label: ah-ubuntu_24_04-c7g_8x-100 } # Metal instance required as 4x large is not big enough
         ]
 
     runs-on: ${{ matrix.config.label }}

ML-Frameworks/pytorch-aarch64/CHANGELOG.md

@@ -10,6 +10,7 @@ where `YY` is the year, and `MM` the month of the increment.
 ### Added
 
 ### Changed
+ - Updates Ubuntu and Python version to 24.04 and 3.12, respectively.
  - Updates hashes for:
    - `PYTORCH_HASH` to `93fef4bd1dd265588863929e35d9ac89328d5695`, 2.10.0.dev20251124 from viable/strict, Nov 24th.
    - `IDEEP_HASH` to `3724bec97a77ce990e8c6dc5e595bb3beee75257`, from ideep_pytorch, Nov 24th.

ML-Frameworks/pytorch-aarch64/Dockerfile

@@ -18,7 +18,7 @@
 
 # Specify DOCKER_IMAGE_MIRROR if you want to use a mirror of hub.docker.com
 ARG DOCKER_IMAGE_MIRROR=""
-FROM ${DOCKER_IMAGE_MIRROR}ubuntu:22.04 AS workshop
+FROM ${DOCKER_IMAGE_MIRROR}ubuntu:24.04 AS workshop
 
 ARG USERNAME
 
@@ -33,6 +33,8 @@ RUN if ! [ "$(arch)" = "aarch64" ] ; then exit 1; fi
 RUN apt-get update && apt-get install -y \
     # We need pip to install things, this will also bring in a minimal python3
     python3-pip \
+    # So that we can create a virtual environment
+    python3-venv \
     # So that we can call python instead of python3
     python-is-python3 \
     # To allow users to install new things if they want
@@ -42,8 +44,12 @@ RUN apt-get update && apt-get install -y \
 # DOCKER_USER for the Docker user
 ENV DOCKER_USER=${USERNAME}
 
-# Setup default user
-RUN useradd --create-home -s /bin/bash -m $DOCKER_USER && echo "$DOCKER_USER:Portland" | chpasswd && adduser $DOCKER_USER sudo
+# Create user only if it doesn't already exist
+RUN id "$DOCKER_USER" >/dev/null 2>&1 || useradd --create-home -s /bin/bash -m "$DOCKER_USER"
+
+# Set password and add to sudo group
+RUN echo "$DOCKER_USER:Portland" | chpasswd && adduser "$DOCKER_USER" sudo || true
+
 RUN echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
 RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections
 
@@ -59,11 +65,6 @@ RUN echo 'export PATH="$HOME/.local/bin:$PATH"' >>  /etc/bash.bashrc
 # Grab the SECURITY.md from the root directory
 COPY --from=rootdir SECURITY.md /home/$DOCKER_USER/
 
-# Update to newer pip/setuptools/wheel (setuptools >= 70.0.0 due to CVE-2024-6345
-# and CVE-2025-47273, wheel >= 0.38.0 due to CVE-2022-40898) and delete old system
-# version (we essentially use apt:python3-pip to bootstrap pip)
-RUN pip install --upgrade pip~=25.2 setuptools~=78.1.1 wheel~=0.45.1
-
 # Remove system Python stuff. Should be safe to wipe after the line above, because
 # python3 -m pip now uses the /usr/local install
 RUN apt-get update && apt-get purge -y \
@@ -74,14 +75,25 @@ RUN apt-get update && apt-get purge -y \
       python3-distutils \
       python3-lib2to3 \
       python3-dev \
-      python3.10-dev \
+      python3.12-dev \
     && apt-get autoremove -y \
     && rm -rf /var/lib/apt/lists/*
 
 # Move to userland
 WORKDIR /home/$DOCKER_USER
 USER $DOCKER_USER
 
+# Create a per-user virtualenv and use that for everything Python
+RUN python -m venv /home/$DOCKER_USER/.venv
+
+# Make the venv python/pip first on PATH for all subsequent layers and at runtime
+ENV PATH="/home/$DOCKER_USER/.venv/bin:$PATH"
+
+# Update to newer pip/setuptools/wheel (setuptools >= 70.0.0 due to CVE-2024-6345
+# and CVE-2025-47273, wheel >= 0.38.0 due to CVE-2022-40898) and delete old system
+# version (we essentially use apt:python3-pip to bootstrap pip)
+RUN pip install --upgrade pip~=25.2 setuptools~=78.1.1 wheel~=0.45.1
+
 # Base requirements for examples, excluding torch and torch*
 COPY requirements.txt ./
 RUN pip install -r requirements.txt
@@ -117,7 +129,7 @@ COPY examples/ /home/$DOCKER_USER/
 COPY pytorch/test /home/$DOCKER_USER/pytorch/test
 
 # Move build into final image as a single layer.
-FROM ${DOCKER_IMAGE_MIRROR}ubuntu:22.04
+FROM ${DOCKER_IMAGE_MIRROR}ubuntu:24.04
 
 ARG USERNAME
 
@@ -128,4 +140,8 @@ RUN chown $DOCKER_USER:$DOCKER_USER /home/$DOCKER_USER
 
 USER $DOCKER_USER
 WORKDIR /home/$DOCKER_USER
+
+# Ensure the venv is on PATH in the final image as well
+ENV PATH="/home/$DOCKER_USER/.venv/bin:$PATH"
+
 CMD ["bash", "-l"]

ML-Frameworks/pytorch-aarch64/build-torch-ao-wheel.sh

@@ -22,7 +22,7 @@
 
 set -eux -o pipefail
 
-PYTHON_VERSION="3.10"
+PYTHON_VERSION="3.12"
 
 # Specify DOCKER_IMAGE_MIRROR if you want to use a mirror of hub.docker.com
 IMAGE_NAME="${DOCKER_IMAGE_MIRROR:-}pytorch/manylinux2_28_aarch64-builder:cpu-aarch64-a040006da76a51c4f660331e9abd3affe5a4bd81"
@@ -52,9 +52,9 @@ if ! docker container inspect $TORCH_BUILD_CONTAINER >/dev/null 2>&1 ; then
         -e GITHUB_ACTIONS=0 \
         -e GPU_ARCH_TYPE=cpu-aarch64 \
         -e PACKAGE_TYPE=manywheel \
-        -e TORCH_AO_ROOT=$TORCH_AO_ROOT \
+        -e TORCH_AO_ROOT="${TORCH_AO_ROOT}" \
         -e SKIP_ALL_TESTS=1 \
-        -e TEST_VENV=$TEST_VENV \
+        -e TEST_VENV="${TEST_VENV}" \
         -v "${TORCH_AO_HOST_DIR}:${TORCH_AO_ROOT}" \
         -w / \
         "${IMAGE_NAME}")
@@ -68,7 +68,15 @@ else
     docker restart $TORCH_BUILD_CONTAINER
 fi
 
+# Clean up any old builds
 docker exec -t $TORCH_BUILD_CONTAINER bash -c "rm -rf ${TORCH_AO_ROOT}/build ${TORCH_AO_ROOT}/dist"
-docker exec -t $TORCH_BUILD_CONTAINER bash -c "source $TEST_VENV/bin/activate && cd $TORCH_AO_ROOT && python${PYTHON_VERSION} setup.py bdist_wheel"
+
+# Build
+docker exec -t $TORCH_BUILD_CONTAINER bash -c \
+  "source ${TEST_VENV}/bin/activate && \
+   cd ${TORCH_AO_ROOT} && \
+   python${PYTHON_VERSION} -m pip install setuptools build && \
+   python${PYTHON_VERSION} -m build --wheel --no-isolation"
+
 # directories generated by the docker container are owned by root, so transfer ownership to user
-docker exec $TORCH_BUILD_CONTAINER chown -R $(id -u):$(id -g) $TORCH_AO_ROOT
+docker exec $TORCH_BUILD_CONTAINER chown -R "$(id -u)":"$(id -g)" "${TORCH_AO_ROOT}"

ML-Frameworks/pytorch-aarch64/build-wheel.sh

@@ -30,7 +30,7 @@
 
 set -eux -o pipefail
 
-PYTHON_VERSION="3.10"
+PYTHON_VERSION="3.12"
 OPENBLAS_VERSION="v0.3.30"
 ACL_VERSION="v52.6.0"
 

ML-Frameworks/tensorflow-aarch64/CHANGELOG.md

@@ -10,6 +10,7 @@ where `YY` is the year, and `MM` the month of the increment.
 ### Added
 
 ### Changed
+ - Updates Ubuntu and Python version to 24.04 and 3.12, respectively.
  - Updates TensorFlow hash to 5d46b65af45d5694cb1676bc872d24a4a64a6b57, from nightly, Nov 25th
 
 ### Removed

ML-Frameworks/tensorflow-aarch64/Dockerfile

@@ -17,7 +17,7 @@
 
 # Specify DOCKER_IMAGE_MIRROR if you want to use a mirror of hub.docker.com
 ARG DOCKER_IMAGE_MIRROR=""
-FROM ${DOCKER_IMAGE_MIRROR}ubuntu:22.04 AS workshop
+FROM ${DOCKER_IMAGE_MIRROR}ubuntu:24.04 AS workshop
 
 ARG USERNAME
 
@@ -29,6 +29,8 @@ RUN if ! [ "$(arch)" = "aarch64" ] ; then exit 1; fi
 RUN apt-get update && apt-get install -y \
     # We need pip to install things, this will also bring in a minimal python3
     python3-pip \
+    # So that we can create a virtual environment
+    python3-venv \
     # So that we can call python instead of python3
     python-is-python3 \
     # To allow users to install new things if they want
@@ -43,8 +45,12 @@ RUN apt-get install -y wget
 # DOCKER_USER for the Docker user
 ENV DOCKER_USER=${USERNAME}
 
-# Setup default user
-RUN useradd --create-home -s /bin/bash -m $DOCKER_USER && echo "$DOCKER_USER:Portland" | chpasswd && adduser $DOCKER_USER sudo
+# Create user only if it doesn't already exist
+RUN id "$DOCKER_USER" >/dev/null 2>&1 || useradd --create-home -s /bin/bash -m "$DOCKER_USER"
+
+# Set password and add to sudo group
+RUN echo "$DOCKER_USER:Portland" | chpasswd && adduser "$DOCKER_USER" sudo || true
+
 RUN echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
 RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections
 
@@ -60,12 +66,6 @@ RUN echo 'export PATH="$HOME/.local/bin:$PATH"' >>  /etc/bash.bashrc
 # Grab the SECURITY.md from the root directory
 COPY --from=rootdir SECURITY.md /home/$DOCKER_USER/
 
-# Update to newer pip/setuptools/wheel (setuptools >= 78.1.1 due to CVE-2024-6345,
-# CVE-2022-40897 and CVE-2025-47273, wheel >= 0.38.0 due to CVE-2022-40898 and
-# pip >= 25.2 due to CVE-2025-8869 and CVE-2023-5752) and delete old system
-# version (we essentially use apt:python3-pip to bootstrap pip)
-RUN pip install --upgrade pip~=25.2 setuptools~=78.1.1 wheel~=0.45.1
-
 # Remove system Python stuff. Should be safe to wipe after the line above, because
 # python3 -m pip now uses the /usr/local install. Also removes unused protobuf
 # packages to resolve CVE-2025-4565.
@@ -77,10 +77,10 @@ RUN apt-get update && apt-get purge -y \
       python3-distutils \
       python3-lib2to3 \
       python3-dev \
-      python3.10-dev \
-      libprotobuf23 \
-      libprotobuf-lite23 \
-      libprotoc23 \
+      python3.12-dev \
+      libprotobuf32t64 \
+      libprotobuf-lite32t64 \
+      libprotoc32t64 \
       protobuf-compiler \
     && apt-get autoremove -y \
     && rm -rf /var/lib/apt/lists/*
@@ -89,6 +89,17 @@ RUN apt-get update && apt-get purge -y \
 WORKDIR /home/$DOCKER_USER
 USER $DOCKER_USER
 
+# Create a per-user virtualenv and use that for everything Python
+RUN python -m venv /home/$DOCKER_USER/.venv
+
+# Make the venv python/pip first on PATH for all subsequent layers and at runtime
+ENV PATH="/home/$DOCKER_USER/.venv/bin:$PATH"
+
+# Update to newer pip/setuptools/wheel (setuptools >= 70.0.0 due to CVE-2024-6345
+# and CVE-2025-47273, wheel >= 0.38.0 due to CVE-2022-40898) and delete old system
+# version (we essentially use apt:python3-pip to bootstrap pip)
+RUN pip install --upgrade pip~=25.2 setuptools~=78.1.1 wheel~=0.45.1
+
 # Check TENSORFLOW_WHEEL was set and copy
 RUN test -n "$TENSORFLOW_WHEEL"
 COPY $TENSORFLOW_WHEEL /home/$DOCKER_USER/
@@ -106,7 +117,7 @@ COPY --chown=$DOCKER_USER examples/ /home/$DOCKER_USER/
 COPY --chown=$DOCKER_USER tensorflow/ /home/$DOCKER_USER/tensorflow
 
 # Move build into final image as a single layer.
-FROM ${DOCKER_IMAGE_MIRROR}ubuntu:22.04
+FROM ${DOCKER_IMAGE_MIRROR}ubuntu:24.04
 
 ARG USERNAME
 
@@ -117,4 +128,8 @@ RUN chown $DOCKER_USER:$DOCKER_USER /home/$DOCKER_USER
 
 USER $DOCKER_USER
 WORKDIR /home/$DOCKER_USER
+
+# Ensure the venv is on PATH in the final image as well
+ENV PATH="/home/$DOCKER_USER/.venv/bin:$PATH"
+
 CMD ["bash", "-l"]

ML-Frameworks/tensorflow-aarch64/build-wheel.sh

@@ -28,7 +28,7 @@
 
 set -eux -o pipefail
 
-DEFAULT_PYTHON_VERSION=3.10
+DEFAULT_PYTHON_VERSION=3.12
 PYTHON_VERSION=${PYTHON_VERSION:-$DEFAULT_PYTHON_VERSION}
 # TensorFlow's upstream build scripts expect python version to be in format e.g. py311 not 3.11
 TF_PY_VERSION="py${PYTHON_VERSION//./}"