Skip to content

fix: Allow dockerfile_template access during bentoml containerize#5572

Open
BillionClaw wants to merge 2 commits intobentoml:mainfrom
BillionClaw:clawoss/fix/dockerfile-template-access
Open

fix: Allow dockerfile_template access during bentoml containerize#5572
BillionClaw wants to merge 2 commits intobentoml:mainfrom
BillionClaw:clawoss/fix/dockerfile-template-access

Conversation

@BillionClaw
Copy link
Copy Markdown

@BillionClaw BillionClaw commented Mar 16, 2026

What does this PR address?

Fixes #5566

PR #5548 introduced a security fix that added secure=True as the default for resolve_user_filepath(). This inadvertently broke bentoml containerize when using dockerfile_template or setup_script paths outside the current working directory.

Root Cause

After the security fix in PR #5548, the resolve_user_filepath() function defaults to secure=True, which:

  1. Rejects absolute paths
  2. Rejects paths that resolve outside the current working directory
  3. Rejects hidden files

The dockerfile_template and setup_script options in the bento configuration are user-provided paths that should legitimately be allowed to reference files outside the immediate build context (e.g., shared templates in a parent directory).

Changes

This fix adds secure=False to the resolve_user_filepath() calls for:

  • dockerfile_template in build_config.py and generate.py
  • setup_script in build_config.py

Testing

  • Ran existing unit tests in tests/unit/_internal/bento/test_bento.py - all pass
  • Verified the fix allows accessing templates outside the cwd

Before submitting:

I have read the CLA Document and I hereby sign the CLA.

fix: Allow dockerfile_template and setup_script access during bentoml…
ae4ba44 
… containerize

PR bentoml#5548 introduced a security fix that added secure=True as the default
for resolve_user_filepath(). This inadvertently broke bentoml containerize
when using dockerfile_template or setup_script paths outside the current
working directory.

This fix adds secure=False to the resolve_user_filepath() calls for:
- dockerfile_template in build_config.py and generate.py
- setup_script in build_config.py

These paths are provided by the user in their bento configuration and
should be allowed to reference files outside the build context.

Fixes bentoml#5566
@BillionClaw BillionClaw requested a review from a team as a code owner March 16, 2026 12:41
@BillionClaw BillionClaw requested review from larme and removed request for a team March 16, 2026 12:41
@seethap seethap mentioned this pull request Mar 16, 2026
Closed
@frostming
Copy link
Copy Markdown
Collaborator

frostming commented Mar 17, 2026

But this beats the purpose of original effort to avoid including arbitrary files by accident.

Doesn't changing directory to folder containing setup script and docker template work?

@onthebed
Copy link
Copy Markdown

onthebed commented Apr 27, 2026

Friendly bump -- this PR has been open for a while. Happy to make any changes if needed, or close it if no longer relevant.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@larme larme Awaiting requested review from larme larme is a code owner automatically assigned from bentoml/bentoml-reviewers

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

bug: bentoml containerize fails with ValueError: Accessing file outside of current working directory when using dockerfile_template (v1.4.36)

3 participants

@BillionClaw @frostming @onthebed