feat: Triton 26.06 + TensorRT 11 upgrade and CVE remediation#6
Merged
Conversation
… cu130 torch, non-root - Base nvcr.io/nvidia/tritonserver:25.10-py3 -> 26.06-py3 per NVIDIA security bulletins advising >= r26.03. - torch 2.5.1/cu124 -> 2.12.1/cu130, torchvision 0.27.1, opencv-headless 4.13.0.92. - apt-get upgrade layer pulls Ubuntu point-release fixes the monthly NGC tag lags behind. - Runs as the image's unprivileged triton-server user (uid 1000). BREAKING: TensorRT 10 -> 11 invalidates every existing .plan engine; re-export required (docs/MIGRATION_TRITON_26.md).
- Both image stages run apt-get upgrade for Debian point-release fixes. - tensorrt-cu12==10.13.3.9 -> tensorrt-cu13==11.0.0.114 (exact match to the TRT bundled in tritonserver:26.06; engines are version-locked). - pyproject deps synced with requirements.txt (tensorrt, ultralytics<8.4).
…fana Alloy - prometheus v3.12.0, grafana 13.1.0, loki 3.6.12, node-exporter v1.10.2 (previously all :latest — unpinned images defeat CVE auditing and reproducible deploys). - Promtail (EOL 2026-03-02) replaced by grafana/alloy v1.17.1 with an equivalent docker-discovery pipeline; docker.sock now mounted read-only. - Loki no longer forced to root; runs as the image's uid 10001 (existing volumes need a one-time chown — see migration doc).
OpenSearch 3.0.0-3.2.0 carry known HIGH CVEs (CVE-2025-9624 query_string DoS; Netty CVE-2026-33870/33871). 3.6.0 is the current stable; 3.3->3.6 is same-major so existing indices roll forward.
- make scan / scan-api / scan-triton wrap the existing scripts/security-scan.sh (trivy, grype, dockle, syft, hadolint). - New workflow runs a Trivy filesystem scan (SARIF upload) and an API image scan on PRs, pushes to main, and a weekly cron; fails on unfixed HIGH/CRITICAL. The 20 GB Triton image is scanned locally via make scan-triton before any publish.
- New export/trt_utils.py create_explicit_network(): the EXPLICIT_BATCH creation flag was deprecated in TRT 10 and removed in newer majors; all six export scripts now go through the guarded helper. - Drop the pre-TRT10 build_engine fallback (dead code under the tensorrt-cu13 11.x pin). - docs/MIGRATION_TRITON_26.md: mandatory engine re-export, loki volume chown, promtail->Alloy conversion, /health semantics, pin matrix.
…river floor, opset notes)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Replaces #4 (auto-closed by GitHub when its stacked base branch was deleted).
triton-serveruser; apt security upgrades at build with a build-time TRT lockstep assertion (server TRT and thetensorrt-cu13pip pin can only move together)..planengine — seedocs/MIGRATION_TRITON_26.md.make scantargets + GitHub Actions Trivy workflow (fs + API image, SARIF, weekly cron).export/trt_utils.py).Verified end to end on live hardware; both images scan clean of fixable HIGH/CRITICAL CVEs.