-
Notifications
You must be signed in to change notification settings - Fork 58
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow mounting files/directories as RW instead of always RO #1055
Labels
Comments
👍 to enabling rw mount on local runs. I have an use case where i want to output some analysis files when running locally per repo so than i can summarize the output for all repos. Forcing a read-only mount drastically reduces the flexibility of the Batch Changes tool. If the team doesn't want to enable this by default for security reasons, it'd be good to have an override in the spec or flag. Something like
Or
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Use Case
Sometimes to speed up batch changes, its useful to use a cache directory (e.g. package manager repository) in-order to avoid hammering package repositories over and over again.
I accomplished this by recompiling the program and removing the ":ro" option for constructing the docker mount commands in run_steps.go which fixed issues I was having.
Security Implications
Looking at previous PR/discussions, I understand this feature was requested to work for remote environments where this ask might add a security risk.
To resolve any potential concerns, maybe only allow local src-cli to mount files in read-write?
Related
The text was updated successfully, but these errors were encountered: