first version

.github/workflows/build-gpu-cuda.yml

@@ -0,0 +1,119 @@
+name: Build and Push to AWS ECR Public
+
+on:
+  push:
+    branches:
+      - master
+    paths:
+      - 'gpu-cuda/**'
+      - '.github/workflows/build-gpu-cuda.yml'
+  pull_request:
+    branches:
+      - master
+    paths:
+      - 'gpu-cuda/**'
+      - '.github/workflows/build-gpu-cuda.yml'
+  workflow_dispatch:
+    inputs:
+      tag:
+        description: 'Image tag'
+        required: false
+        default: 'latest'
+
+env:
+  AWS_REGION: us-east-1
+  REPOSITORY_NAME: jupyter-docker
+  IMAGE_NAME: codio/codio-jupyter
+  TAG_PREFIX: gpu-cuda
+  ECR_REGISTRY: public.ecr.aws/o0g3m8o6
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: read
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v6
+        with:
+          fetch-depth: 0
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@main
+        with:
+          aws-region: us-east-1
+          role-to-assume: arn:aws:iam::878986216776:role/Github/GithubECRPublicUploadRole_${{ env.REPOSITORY_NAME }}
+          role-session-name: GithubAction
+
+      - name: Login to Amazon ECR
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v2
+        with:
+          registry-type: public
+
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Create and use a new builder instance
+        run: |
+          docker buildx create --name ga-builder --use
+
+      - name: Set image tags
+        id: meta
+        run: |
+          ECR_REGISTRY="${{ env.ECR_REGISTRY }}"
+          SHA_SHORT=${{ env.TAG_PREFIX }}-$(echo ${{ github.sha }} | cut -c1-7)
+
+          if [ "${{ github.event_name }}" == "pull_request" ]; then
+            IMAGE_TAG="${{ env.TAG_PREFIX }}-${{ github.event.pull_request.head.ref }}"
+          else
+            IMAGE_TAG="${{ env.TAG_PREFIX }}-${{ github.event.inputs.tag || 'latest' }}"
+            TIMESTAMP=${{ env.TAG_PREFIX }}-$(date +%Y%m%d)
+            echo "timestamp=${TIMESTAMP}" >> $GITHUB_OUTPUT
+          fi
+
+          echo "ecr_registry=${ECR_REGISTRY}" >> $GITHUB_OUTPUT
+          echo "image_tag=${IMAGE_TAG}" >> $GITHUB_OUTPUT
+          echo "sha_short=${SHA_SHORT}" >> $GITHUB_OUTPUT
+
+          TAGS="${ECR_REGISTRY}/${IMAGE_NAME}:${IMAGE_TAG},${ECR_REGISTRY}/${IMAGE_NAME}:${SHA_SHORT}"
+
+          if [ "${{ github.event_name }}" != "pull_request" ]; then
+            TAGS="${TAGS},${ECR_REGISTRY}/${IMAGE_NAME}:${TIMESTAMP}"
+          fi
+
+          echo "tags=${TAGS}" >> $GITHUB_OUTPUT
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v6
+        timeout-minutes: 30
+        with:
+          context: ./gpu-cuda
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          builder: ga-builder
+          cache-from: type=registry,ref=${{ steps.meta.outputs.ecr_registry }}/${{ env.IMAGE_NAME }}:cache
+          cache-to: type=registry,mode=max,image-manifest=true,oci-mediatypes=true,ref=${{ steps.meta.outputs.ecr_registry }}/${{ env.IMAGE_NAME }}:cache
+
+      - name: Image summary
+        run: |
+          {
+            echo "### Docker Image Published :rocket:"
+            echo "event name: ${{ github.event_name }}"
+            echo ""
+            echo "**Registry:** ${{ steps.meta.outputs.ecr_registry }}"
+            echo "**Image:** ${IMAGE_NAME}"
+            echo ""
+            echo "**Tags:**"
+            echo "- \`${{ steps.meta.outputs.image_tag }}\`"
+            echo "- \`${{ steps.meta.outputs.timestamp || 'Timestamp tag is not available for PR' }}\`"
+            echo "- \`${{ steps.meta.outputs.sha_short }}\`"
+            echo ""
+            echo "**Pull command:**"
+            echo "\`\`\`bash"
+            echo "docker pull ${{ steps.meta.outputs.ecr_registry }}/${IMAGE_NAME}:${{ steps.meta.outputs.image_tag }}"
+            echo "\`\`\`"
+          } | tee -a $GITHUB_STEP_SUMMARY

README.md

@@ -1 +1,3 @@
 # jupyter-docker
+
+Docker images build for jupyter environments usind in sandboxes

gpu-cuda/Dockerfile

@@ -0,0 +1,24 @@
+FROM quay.io/jupyter/base-notebook:x86_64-python-3.13
+
+USER root
+
+# Install system dependencies
+RUN apt-get update && apt-get install -y \
+  git \
+  wget \
+  build-essential \
+  && apt-get clean \
+  && rm -rf /var/lib/apt/lists/*
+
+USER ${NB_UID}
+
+# Install PyTorch with CUDA 12.1 support
+# RUN pip install --no-cache-dir \
+#   torch torchvision --index-url https://download.pytorch.org/whl/cu121
+
+# Copy requirements and install Python packages
+COPY --chown=${NB_UID}:${NB_GID} requirements.txt /tmp/
+RUN pip install --no-cache-dir -r /tmp/requirements.txt
+
+# Expose Jupyter port
+EXPOSE 8888

gpu-cuda/README.md

@@ -0,0 +1,66 @@
+# Jupyter GPU Docker Image
+
+Docker image for Jupyter Notebook with PyTorch CUDA support and LLM/Data Science libraries.
+
+## Base Image
+- `quay.io/jupyter/base-notebook:latest`
+
+## Included Libraries
+- **PyTorch** with CUDA 12.1 support
+- **Hugging Face**: transformers==4.37.2, datasets, accelerate, tokenizers
+- **Data Science**: pandas, numpy, matplotlib, seaborn, scikit-learn
+- **LLM Tools**: tiktoken, einops, wandb, tensorboard
+- **NLP**: nltk, spacy
+
+## GitHub Actions Setup
+
+### AWS IAM Role Configuration
+The workflow uses OIDC to authenticate with AWS. Ensure you have:
+1. An IAM role named `GithubECRUploadRole_jupyter-docker` in account `878986216776`
+2. Trust relationship configured for GitHub OIDC provider
+3. Permissions to push to ECR Public
+
+### GitHub Secrets
+Add this secret to your repository (Settings → Secrets and variables → Actions):
+- `ECR_REGISTRY` - Your ECR public registry URL (e.g., `public.ecr.aws/your-alias`)
+
+### Workflow Triggers
+- Push to `master` or `main` branch with changes in `gpu/` directory
+- Pull requests (builds but doesn't push)
+- Manual trigger via workflow_dispatch
+
+## Running the Image
+
+### Local with GPU
+```bash
+docker run --gpus all -p 8888:8888 \
+  -v $(pwd)/notebooks:/home/jovyan/work \
+  public.ecr.aws/your-alias/jupyter-gpu:latest
+```
+
+### Pull from ECR
+```bash
+# Pull image
+docker pull public.ecr.aws/your-alias/jupyter-gpu:latest
+
+# Or use specific version
+docker pull public.ecr.aws/your-alias/jupyter-gpu:20260120-123456
+```
+
+## Local Development
+
+### Build locally
+```bash
+cd gpu
+docker build -t jupyter-gpu:latest .
+```
+
+### Test locally
+```bash
+docker run --gpus all -p 8888:8888 \
+  -v $(pwd)/notebooks:/home/jovyan/work \
+  jupyter-gpu:latest
+```
+
+## Customization
+Edit `requirements.txt` to add or modify Python packages, then push to trigger the workflow.

gpu-cuda/requirements.txt

@@ -0,0 +1,43 @@
+--extra-index-url https://download.pytorch.org/whl/cu126
+
+torch
+torchvision
+torchaudio
+
+# Hugging Face Libraries
+transformers>=4.38.0
+huggingface_hub>=0.21.0
+datasets
+accelerate
+sentencepiece
+tokenizers
+safetensors
+
+# Data Science Libraries
+pandas
+numpy
+matplotlib
+seaborn
+scikit-learn
+scipy
+
+# Deep Learning Utilities
+tqdm
+wandb
+tensorboard
+
+# NLP & LLM Tools
+nltk
+spacy
+tiktoken
+einops
+
+# Jupyter Extensions
+ipywidgets
+jupyter-contrib-nbextensions
+
+# Other Utilities
+Pillow
+requests
+pyyaml
+python-dotenv