Skip to content

fix(image): Ensure Hugging Face SSL trusted by image#1362

Open
treydock wants to merge 1 commit into
ai-dynamo:mainfrom
treydock:image
Open

fix(image): Ensure Hugging Face SSL trusted by image#1362
treydock wants to merge 1 commit into
ai-dynamo:mainfrom
treydock:image

Conversation

@treydock

@treydock treydock commented Jul 14, 2026

Copy link
Copy Markdown

Overview:

Add ca-certificates to image

Details:

ca-certificates is necessary to trust the SSL certificates used by Hugging Face

Where should the reviewer start?

docker/Dockerfile

Related Issues: (use one of the action keywords Closes / Fixes / Resolves / Relates to)

Summary by CodeRabbit

  • Bug Fixes
    • Improved secure network connectivity in the container environment by adding trusted certificate support.
    • Kept the container image lean by cleaning up package metadata after installation.

Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
@treydock
treydock requested review from a team as code owners July 14, 2026 17:12
@copy-pr-bot

copy-pr-bot Bot commented Jul 14, 2026

Copy link
Copy Markdown

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

@github-actions github-actions Bot added the fix label Jul 14, 2026
@coderabbitai

coderabbitai Bot commented Jul 14, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 5e4837a0-5ceb-41ee-bbea-5e19ebb06d59

📥 Commits

Reviewing files that changed from the base of the PR and between 2feebac and b88310f.

📒 Files selected for processing (1)
  • docker/Dockerfile
📜 Recent review details
⏰ Context from checks skipped due to timeout. (7)
  • GitHub Check: Collect snapshot (new)
  • GitHub Check: Collect snapshot (old)
  • GitHub Check: Build and Test (e2e)
  • GitHub Check: Cargo Deny
  • GitHub Check: Build and Test (unit)
  • GitHub Check: Rust/Python engine-step parity
  • GitHub Check: copyright-checks
🧰 Additional context used
📓 Path-based instructions (1)
**/*

⚙️ CodeRabbit configuration file

**/*: - Prefer applicable inline comments. When the correct fix is clear, small, and limited to the commented diff hunk, include it as a GitHub Suggested Change so the author can apply it with one click.

  • Do not use a suggested change when the fix requires broader design choices, multiple files, generated artifacts, unavailable context, or validation that cannot be inferred from the diff.
  • If a comment is not directly applicable, state the smallest concrete next step and why a one-click suggestion is not safe.

Files:

  • docker/Dockerfile
🔇 Additional comments (1)
docker/Dockerfile (1)

15-16: LGTM!


Walkthrough

The Docker base stage now installs ca-certificates with minimal apt packages and removes cached apt metadata afterward.

Changes

Docker Image Setup

Layer / File(s) Summary
Install and clean CA certificates
docker/Dockerfile
The base stage installs ca-certificates without recommended packages and cleans /var/lib/apt/lists/*.

Estimated code review effort: 1 (Trivial) | ~2 minutes

Poem

Certificates bloom in the base image bright,
Apt leaves no caches behind in the night.
Small packages land,
Clean layers expand—
TLS takes flight.

🚥 Pre-merge checks | ✅ 4
✅ Passed checks (4 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly matches the change: adding ca-certificates so the image trusts Hugging Face SSL certificates.
Description check ✅ Passed The description follows the template and includes overview, details, review start point, and related issue.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

Comment @coderabbitai help to get the list of available commands.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant