environments ai ml automl - Azure/azureml-assets GitHub Wiki

ai-ml-automl

Overview

An environment used by Azure ML AutoML for training models.

Version: 54

Tags

OS : Ubuntu20.04 Training Preview OpenMpi : 4.1.0 Python : 3.9

View in Studio: https://ml.azure.com/registries/azureml/environments/ai-ml-automl/version/54

Docker image: mcr.microsoft.com/azureml/curated/ai-ml-automl:54

Docker build context

Dockerfile

FROM mcr.microsoft.com/azureml/openmpi5.0-ubuntu24.04:20260621.v1

ENV AZUREML_CONDA_ENVIRONMENT_PATH=/azureml-envs/azureml-automl
ENV PATH=$AZUREML_CONDA_ENVIRONMENT_PATH/bin:$PATH

COPY --from=mcr.microsoft.com/azureml/mlflow-ubuntu20.04-py38-cpu-inference:20250506.v1 /var/mlflow_resources/ /var/mlflow_resources/

ENV MLFLOW_MODEL_FOLDER="mlflow-model"
ENV ENABLE_METADATA=true

# Upgrade vulnerable OS packages installed by parent base image layers:
# openssh (USN-8222-1), XZ Utils (USN-8362-1), OpenSSL (USN-8414-1),
# nginx (USN-8354-1/USN-8398-1), systemd (USN-8402-1), and libgcrypt (USN-8319-1).
RUN set -eux; \
    apt-get update; \
    DEBIAN_FRONTEND=noninteractive apt-get -y upgrade; \
    for package in \
        liblzma5 \
        libgcrypt20 \
        libnginx-mod-http-echo \
        libnginx-mod-http-geoip2 \
        libssl3 \
        libssl3t64 \
        libsystemd-shared \
        libsystemd0 \
        libudev1 \
        nginx \
        nginx-common \
        nginx-light \
        openssh-client \
        openssh-server \
        openssh-sftp-server \
        openssl \
        systemd \
        systemd-dev \
        systemd-resolved \
        systemd-timesyncd \
        xz-utils; \
    do \
        if dpkg-query -W -f='${db:Status-Abbrev}' "$package" 2>/dev/null | grep -q '^ii '; then \
            DEBIAN_FRONTEND=noninteractive apt-get install --only-upgrade -y --no-install-recommends "$package"; \
        fi; \
    done; \
    apt-get clean && \
    rm -rf /var/lib/apt/lists/*

# Create conda environment (minimal -- packages installed via pip to avoid solver OOM)
RUN conda create -q -p $AZUREML_CONDA_ENVIRONMENT_PATH \
    python=3.10 \
    -c conda-forge && \
    conda clean -q -a -y

# Security overrides for packages installed in independent Python prefixes:
# - pip>=26.1 fixes CVE-2026-6357 (GHSA-jp4c-xjxw-mgf9). pip is its own parent,
#   so explicit upgrades are the only available remediation.
# - PyJWT>=2.13.0 is pinned as a transitive dep brought in by the base image
#   (mcr.microsoft.com/azureml/openmpi5.0-ubuntu24.04), fixing GHSA-993g-76c3-p5m4
#   and GHSA-jq35-7prp-9v3f.
# - idna>=3.15 is pinned as a transitive dep brought in by the base image,
#   fixing GHSA-65pc-fj4g-8rjx.
# - py-rattler>=0.24.0 is pinned as a transitive dep brought in by the base image,
#   fixing GHSA-q53q-5r4j-5729.
# - cryptography>=48.0.1 is pinned as a transitive dep brought in by the base image
#   and its ptca conda env, fixing GHSA-537c-gmf6-5ccf.
RUN set -eux; \
    base_prefix_found=0; \
    for base_python in /opt/conda/bin/python /opt/miniconda/bin/python /opt/conda/envs/ptca/bin/python; do \
        if [ -x "$base_python" ]; then \
            base_prefix_found=1; \
            "$base_python" -m pip install --no-cache-dir --upgrade \
                'pip>=26.1' \
                'PyJWT>=2.13.0' \
                'idna>=3.15' \
                'py-rattler>=0.24.0' \
                'cryptography>=48.0.1'; \
        fi; \
    done; \
    test "$base_prefix_found" = "1"; \
    conda run -p $AZUREML_CONDA_ENVIRONMENT_PATH pip install --no-cache-dir --upgrade 'pip>=26.1'

# Install packages via pip (avoids conda solver OOM)
RUN conda run -p $AZUREML_CONDA_ENVIRONMENT_PATH pip install --no-cache-dir \
    'py-cpuinfo==5.0.0' \
    'joblib==1.2.0' \
    'setuptools-git' \
    'setuptools==81.0.0' \
    'psutil>5.0.0,<6.0.0' \
    'torch==2.8.0'

# Install pip dependencies
RUN pip install \
                azureml-core==1.61.0.post4 \
                azureml-mlflow==1.62.0.post5 \
                azureml-pipeline-core==1.62.0 \
                azureml-telemetry==1.62.0 \
                azureml-interpret==1.62.0 \
                azureml-responsibleai==1.62.0 \
                azureml-automl-core==1.62.0.post3 \
                azureml-automl-runtime==1.62.0.post1 \
                azureml-train-automl-client==1.62.0 \
                azureml-train-automl-runtime==1.62.0 \
                azureml-train-automl==1.62.0 \
                azureml-dataset-runtime==1.62.0 \
                azureml-defaults==1.62.0 \
                'mlflow-skinny==2.16.0' \
                'xgboost==1.5.2' \
                'cmdstanpy==1.0.4' \
                'prophet==1.1.4' \
                'inference-schema' \
                'mltable>=1.0.0' \
                'pillow==12.2.0'

# Install pip ad-hoc dependencies for security updates
# distributed>=2026.1.0 (CVE-2026-23528): XSS leading to RCE via Dask dashboard
#   Chain: azureml-train-automl-runtime -> dask[complete] -> distributed
#   Parent (azureml-train-automl-runtime==1.62.0, latest) still pins dask[complete]<=2023.2.0;
#   parent fix not available, override required.
#
# bokeh>=3.8.2 (GHSA-793v-589g-574v): conda env installs 2.4.3, pip can't auto-upgrade
#   Chain: azureml-train-automl-runtime -> bokeh
#   Parent (azureml-train-automl-runtime==1.62.0, latest) still pins bokeh<3.0.0;
#   parent fix not available, override required.
#
# python-dotenv>=1.2.2 (GHSA-mf9w-mj56-hr94): set_key()/unset_key() follow symlinks
#   on cross-device .env writes, allowing arbitrary file overwrite.
#   Pulled in transitively (no direct top-level package declares it; latest
#   mlflow-skinny declares python-dotenv<2,>=0.19.0 but the pinned mlflow-skinny==2.16.0
#   does not; it is brought in by another transitive path). No parent constraint
#   blocks 1.2.2, so override directly.
#
# pyarrow>=23.0.1 (GHSA-rgxp-2hwp-jwgg / CVE-2026-25087): use-after-free
#   in Apache Arrow C++. Parent packages still resolve pyarrow 17.0.0 in this
#   image through AzureML AutoML runtime dependencies, so override directly until
#   upstream pins move to a patched version.
# cryptography>=48.0.1 (GHSA-537c-gmf6-5ccf): pinned transitive dep of
#   azureml-core/azureml-automl packages; fixes vulnerable cryptography 46.0.7
#   resolved in the AzureML AutoML environment.
# onnx: azureml-automl-runtime pins onnx<=1.17.0; override needed for
#   GHSA-3r9x-f23j-gc73, GHSA-p433-9wv8-28xj, GHSA-q56x-g2fj-4rj6,
#   GHSA-538c-55jv-c5g9, GHSA-cmw6-hcpp-c6jp, GHSA-hqmj-h5c6-369m
# pillow: upgraded from 12.1.1 for GHSA-whj4-6x5x-4v2j
RUN pip install --no-cache-dir --upgrade \
    'distributed>=2026.1.0' \
    'bokeh>=3.8.2' \
    'cryptography>=48.0.1' \
    'onnx>=1.21.0' \
    'pillow>=12.2.0' \
    'python-dotenv>=1.2.2' \
    'pyarrow>=23.0.1'  # pinned transitive dep of azureml-dataset-runtime; fixes GHSA-rgxp-2hwp-jwgg / CVE-2026-25087
RUN pip install --no-deps --force-reinstall 'skl2onnx==1.19.1'
RUN pip install --no-deps --force-reinstall 'onnxconverter-common==1.16.0'
RUN pip install --no-deps --force-reinstall 'onnxmltools==1.14.0'
RUN pip install --no-deps --force-reinstall 'pandas==2.0.0'
COPY patch_automl_pandas2_sparse.py /tmp/patch_automl_pandas2_sparse.py
RUN python /tmp/patch_automl_pandas2_sparse.py && \
    rm /tmp/patch_automl_pandas2_sparse.py
⚠️ **GitHub.com Fallback** ⚠️