From 1e8aab258bc379cc8b842283e3befd82c5d68cb7 Mon Sep 17 00:00:00 2001
From: Dev Agent <dev-agent@example.com>
Date: Fri, 19 Dec 2025 08:08:48 +0000
Subject: [PATCH] feat: can custom docker namespace for imagebuilder

---
 docker/spaces/README.md                       |  4 +--
 .../spaces/base_images/model_chatui/README.md |  4 +--
 docker/spaces/builder/Dockerfile-nginx        |  5 ++--
 docker/spaces/builder/Dockerfile-python3.10   | 25 +++++++++++++------
 .../builder/Dockerfile-python3.10-cuda11.8.0  | 19 +++++++++++---
 .../builder/Dockerfile-python3.10-cuda12.1.0  | 20 +++++++++++----
 docker/spaces/builder/base/README.md          | 14 +++++------
 .../spaces/templates/model_chatui/Dockerfile  |  6 +++--
 8 files changed, 66 insertions(+), 31 deletions(-)

diff --git a/docker/spaces/README.md b/docker/spaces/README.md
index ac4e79dd9..e0cc98b3a 100644
--- a/docker/spaces/README.md
+++ b/docker/spaces/README.md
@@ -13,8 +13,8 @@ echo "$OPENCSG_ACR_PASSWORD" | docker login $OPENCSG_ACR -u $OPENCSG_ACR_USERNAM
 export BUILDX_NO_DEFAULT_ATTESTATIONS=1
 export IMAGE_TAG=1.2
 docker buildx build --platform linux/amd64,linux/arm64 \
-  -t ${OPENCSG_ACR}/opencsg_space/csg-nginx:${IMAGE_TAG} \
-  -t ${OPENCSG_ACR}/opencsg_space/csg-nginx:latest \
+  -t ${OPENCSG_ACR}/opencsghq/csg-nginx:${IMAGE_TAG} \
+  -t ${OPENCSG_ACR}/opencsghq/csg-nginx:latest \
   -f Dockerfile.nginx \
   --push .
 ```
diff --git a/docker/spaces/base_images/model_chatui/README.md b/docker/spaces/base_images/model_chatui/README.md
index ee0489cb3..06cb8ceed 100644
--- a/docker/spaces/base_images/model_chatui/README.md
+++ b/docker/spaces/base_images/model_chatui/README.md
@@ -13,8 +13,8 @@ echo "$OPENCSG_ACR_PASSWORD" | docker login $OPENCSG_ACR -u $OPENCSG_ACR_USERNAM
 export BUILDX_NO_DEFAULT_ATTESTATIONS=1
 export IMAGE_TAG=1.0
 docker buildx build --platform linux/amd64,linux/arm64 \
-  -t ${OPENCSG_ACR}/opencsg_space/vllm-cpu-chatui-base:${IMAGE_TAG} \
-  -t ${OPENCSG_ACR}/opencsg_space/vllm-cpu-chatui-base:latest \
+  -t ${OPENCSG_ACR}/opencsghq/vllm-cpu-chatui-base:${IMAGE_TAG} \
+  -t ${OPENCSG_ACR}/opencsghq/vllm-cpu-chatui-base:latest \
   -f Dockerfile.vllm-cpu.base \
   --push .
 ```
diff --git a/docker/spaces/builder/Dockerfile-nginx b/docker/spaces/builder/Dockerfile-nginx
index 00d40a0db..d7c54ed7a 100644
--- a/docker/spaces/builder/Dockerfile-nginx
+++ b/docker/spaces/builder/Dockerfile-nginx
@@ -1,5 +1,6 @@
-ARG SPACE_NGINX_IMAGE=opencsg-registry.cn-beijing.cr.aliyuncs.com/opencsg_public/nginx:latest
-FROM ${SPACE_NGINX_IMAGE}
+ARG SPACE_BASE_IMAGE=opencsg-registry.cn-beijing.cr.aliyuncs.com
+ARG NAMESPACE=opencsghq
+FROM ${SPACE_BASE_IMAGE}/${NAMESPACE}/nginx:latest
 WORKDIR /usr/share/nginx/html
 COPY nginx.conf /etc/nginx/nginx.conf
 
diff --git a/docker/spaces/builder/Dockerfile-python3.10 b/docker/spaces/builder/Dockerfile-python3.10
index ee3b876d3..450c8b35d 100644
--- a/docker/spaces/builder/Dockerfile-python3.10
+++ b/docker/spaces/builder/Dockerfile-python3.10
@@ -1,6 +1,7 @@
-ARG SPACE_BASE_IMAGE=opencsg-registry.cn-beijing.cr.aliyuncs.com/opencsg_public/space-base:python3.10-1.0.2
+ARG SPACE_BASE_IMAGE=opencsg-registry.cn-beijing.cr.aliyuncs.com
+ARG NAMESPACE=opencsghq
 
-FROM ${SPACE_BASE_IMAGE}/opencsg_public/space-base:python3.10-1.0.3 AS base
+FROM ${SPACE_BASE_IMAGE}/${NAMESPACE}/space-base:python3.10-1.0.3 AS base
 
 # First handle dependencies to leverage caching
 USER user
@@ -21,14 +22,24 @@ RUN if [ -s "packages.txt" ]; then \
 USER user
 # Set the default domestic source (Alibaba Cloud), users can override it via --build-arg PyPI=xxx
 ARG PyPI=https://mirrors.aliyun.com/pypi/simple/
-RUN if [ -n "$PyPI" ]; then \
+ARG ALLOW_INSECURE_PIP=false
+
+RUN rm -rf ~/.pip ~/.config/pip && \
+    if [ -n "$PyPI" ]; then \
         pip config set global.index-url "${PyPI}" && \
-        # Configure trusted sources (to avoid HTTPS certificate issues)
-        pip config set global.trusted-host $(echo "${PyPI}" | sed -n 's|https\?://\([^/]*\)/.*|\1|p'); \
+        TRUSTED_HOST=$(echo "${PyPI}" | sed -n 's|https\?://\([^/]*\)/.*|\1|p') && \
+        if [ -n "$TRUSTED_HOST" ]; then \
+            pip config set global.trusted-host "${TRUSTED_HOST}"; \
+        else \
+            echo "Error: Failed to extract trusted host from ${PyPI}" && exit 1; \
+        fi && \
+        if [[ "$PyPI" == http://* ]] || [ "$ALLOW_INSECURE_PIP" = "true" ]; then \
+            pip config set global.verify-ssl false; \
+        fi; \
     fi
 
-RUN pip install --no-cache-dir --default-timeout=60 -r pre-requirements.txt && \
-    pip install --no-cache-dir --default-timeout=60 -r requirements.txt
+RUN pip install --default-timeout=60 -r pre-requirements.txt && \
+    pip install --default-timeout=60 -r requirements.txt
 
 COPY --link --chown=1000 ./ ./
 
diff --git a/docker/spaces/builder/Dockerfile-python3.10-cuda11.8.0 b/docker/spaces/builder/Dockerfile-python3.10-cuda11.8.0
index 5b6126cd0..d706c3b26 100644
--- a/docker/spaces/builder/Dockerfile-python3.10-cuda11.8.0
+++ b/docker/spaces/builder/Dockerfile-python3.10-cuda11.8.0
@@ -1,6 +1,7 @@
-ARG SPACE_BASE_IMAGE=opencsg-registry.cn-beijing.cr.aliyuncs.com/opencsg_public/space-base:python3.10-cuda11.8.0-1.0.2
+ARG SPACE_BASE_IMAGE=opencsg-registry.cn-beijing.cr.aliyuncs.com
+ARG NAMESPACE=opencsghq
 
-FROM ${SPACE_BASE_IMAGE}/opencsg_public/space-base:python3.10-cuda11.8.0-1.0.3 AS base
+FROM ${SPACE_BASE_IMAGE}/${NAMESPACE}/space-base:python3.10-cuda11.8.0-1.0.3 AS base
 
 USER user
 WORKDIR /home/user/app
@@ -18,9 +19,19 @@ RUN if [ -s "packages.txt" ]; then \
 
 USER user
 ARG PyPI=https://mirrors.aliyun.com/pypi/simple/
-RUN if [ -n "$PyPI" ]; then \
+ARG ALLOW_INSECURE_PIP=false
+RUN rm -rf ~/.pip ~/.config/pip && \
+    if [ -n "$PyPI" ]; then \
         pip config set global.index-url "${PyPI}" && \
-        pip config set global.trusted-host $(echo "${PyPI}" | sed -n 's|https\?://\([^/]*\)/.*|\1|p'); \
+        TRUSTED_HOST=$(echo "${PyPI}" | sed -n 's|https\?://\([^/]*\)/.*|\1|p') && \
+        if [ -n "$TRUSTED_HOST" ]; then \
+            pip config set global.trusted-host "${TRUSTED_HOST}"; \
+        else \
+            echo "Error: Failed to extract trusted host from ${PyPI}" && exit 1; \
+        fi && \
+        if [[ "$PyPI" == http://* ]] || [ "$ALLOW_INSECURE_PIP" = "true" ]; then \
+            pip config set global.verify-ssl false; \
+        fi; \
     fi
 
 RUN pip install --no-cache-dir --default-timeout=60 -r pre-requirements.txt && \
diff --git a/docker/spaces/builder/Dockerfile-python3.10-cuda12.1.0 b/docker/spaces/builder/Dockerfile-python3.10-cuda12.1.0
index 7bc069af1..9b10d4673 100644
--- a/docker/spaces/builder/Dockerfile-python3.10-cuda12.1.0
+++ b/docker/spaces/builder/Dockerfile-python3.10-cuda12.1.0
@@ -1,6 +1,6 @@
-ARG SPACE_BASE_IMAGE=opencsg-registry.cn-beijing.cr.aliyuncs.com/opencsg_public/space-base:python3.10-cuda12.1.0-1.0.2
-
-FROM ${SPACE_BASE_IMAGE}/opencsg_public/space-base:python3.10-cuda12.1.0-1.0.3 AS base
+ARG SPACE_BASE_IMAGE=opencsg-registry.cn-beijing.cr.aliyuncs.com
+ARG NAMESPACE=opencsghq
+FROM ${SPACE_BASE_IMAGE}/${NAMESPACE}/space-base:python3.10-cuda12.1.0-1.0.3 AS base
 
 USER user
 WORKDIR /home/user/app
@@ -18,9 +18,19 @@ RUN if [ -s "packages.txt" ]; then \
 
 USER user
 ARG PyPI=https://mirrors.aliyun.com/pypi/simple/
-RUN if [ -n "$PyPI" ]; then \
+ARG ALLOW_INSECURE_PIP=false
+RUN rm -rf ~/.pip ~/.config/pip && \
+    if [ -n "$PyPI" ]; then \
         pip config set global.index-url "${PyPI}" && \
-        pip config set global.trusted-host $(echo "${PyPI}" | sed -n 's|https\?://\([^/]*\)/.*|\1|p'); \
+        TRUSTED_HOST=$(echo "${PyPI}" | sed -n 's|https\?://\([^/]*\)/.*|\1|p') && \
+        if [ -n "$TRUSTED_HOST" ]; then \
+            pip config set global.trusted-host "${TRUSTED_HOST}"; \
+        else \
+            echo "Error: Failed to extract trusted host from ${PyPI}" && exit 1; \
+        fi && \
+        if [[ "$PyPI" == http://* ]] || [ "$ALLOW_INSECURE_PIP" = "true" ]; then \
+            pip config set global.verify-ssl false; \
+        fi; \
     fi
 
 RUN pip install --no-cache-dir --default-timeout=60 -r pre-requirements.txt && \
diff --git a/docker/spaces/builder/base/README.md b/docker/spaces/builder/base/README.md
index ec9d90c29..093cd352d 100644
--- a/docker/spaces/builder/base/README.md
+++ b/docker/spaces/builder/base/README.md
@@ -3,15 +3,15 @@
 ## 说明
 这些 image 会被 space 中自动为用户应用生成的 Dockerfile 引用，针对不同类型，不同应用会有不同的 base image
 
-生成基础镜像后，会推送到传神社区的 registry 中（当前是`registry.cn-beijing.aliyuncs.com`的`opencsg_space`命名空间）
+生成基础镜像后，会推送到传神社区的 registry 中（当前是`registry.cn-beijing.aliyuncs.com`的`opencsghq`命名空间）
 
 base image 命名格式如下：
 
-`registry.cn-beijing.aliyuncs.com/opencsg_space/space-base:[python_version]-[cuda_version]`。
+`registry.cn-beijing.aliyuncs.com/opencsghq/space-base:[python_version]-[cuda_version]`。
 
 例如：
-- `registry.cn-beijing.aliyuncs.com/opencsg_space/space-base:python3.10`
-- `registry.cn-beijing.aliyuncs.com/opencsg_space/space-base:python3.10-cuda11.8.0`
+- `registry.cn-beijing.aliyuncs.com/opencsghq/space-base:python3.10`
+- `registry.cn-beijing.aliyuncs.com/opencsghq/space-base:python3.10-cuda11.8.0`
 
 ## 构建
 
@@ -38,7 +38,7 @@ docker buildx build \
   --provenance false \
   --platform linux/amd64,linux/arm64 \
   -f Dockerfile-python3.10-base \
-  -t opencsg-registry.cn-beijing.cr.aliyuncs.com/opencsg_public/space-base:python3.10-1.0.3 \
+  -t opencsg-registry.cn-beijing.cr.aliyuncs.com/opencsghq/space-base:python3.10-1.0.3 \
   --push .
 
 ## Python with cuda
@@ -48,7 +48,7 @@ docker buildx build \
   --provenance false \
   --platform linux/amd64,linux/arm64 \
   -f Dockerfile-python3.10-cuda11.8.0-base \
-  -t opencsg-registry.cn-beijing.cr.aliyuncs.com/opencsg_public/space-base:python3.10-cuda11.8.0-1.0.3 \
+  -t opencsg-registry.cn-beijing.cr.aliyuncs.com/opencsghq/space-base:python3.10-cuda11.8.0-1.0.3 \
   --push .
 
 export DOCKER_BUILDKIT=1
@@ -57,6 +57,6 @@ docker buildx build \
   --provenance false \
   --platform linux/amd64,linux/arm64 \
   -f Dockerfile-python3.10-cuda12.1.0-base \
-  -t opencsg-registry.cn-beijing.cr.aliyuncs.com/opencsg_public/space-base:python3.10-cuda12.1.0-1.0.3 \
+  -t opencsg-registry.cn-beijing.cr.aliyuncs.com/opencsghq/space-base:python3.10-cuda12.1.0-1.0.3 \
   --push .
 ```
\ No newline at end of file
diff --git a/docker/spaces/templates/model_chatui/Dockerfile b/docker/spaces/templates/model_chatui/Dockerfile
index b13a3b628..24e55ad27 100644
--- a/docker/spaces/templates/model_chatui/Dockerfile
+++ b/docker/spaces/templates/model_chatui/Dockerfile
@@ -1,4 +1,6 @@
-FROM opencsg-registry.cn-beijing.cr.aliyuncs.com/opencsg_space/vllm-cpu-chatui-base:1.0
+ARG SPACE_BASE_IMAGE=opencsg-registry.cn-beijing.cr.aliyuncs.com
+ARG NAMESPACE=opencsghq
+FROM ${SPACE_BASE_IMAGE}/${NAMESPACE}/vllm-cpu-chatui-base:1.0
 
 WORKDIR /workspace/
 
@@ -17,4 +19,4 @@ ENV HUGGINGFACE_HUB_CACHE=/workspace/ \
 
 EXPOSE 8080
 
-ENTRYPOINT ["bash", "/etc/csghub/serve-cpu.sh"]
\ No newline at end of file
+ENTRYPOINT ["bash", "/etc/csghub/serve-cpu.sh"]