oss/forgejo-runner
oss/forgejo-runner
1
0
Fork 0
mirror of https://code.forgejo.org/forgejo/runner.git synced 2025-09-15 18:57:01 +00:00
Code Wiki Activity

Add support for container kernel capabilities (#716)

Browse source 
This patch adds two new command-line flags to specify one or
more kernel capabilities to add or remove from the workflow
containers.

The command-line flag `--container-cap-add` allows for adding
specific capabilities on the workflow containers; where as,

The command-line flag `--container-cap-drop` allows for removing
specific capabilities on the workflow containers.

This was developed to specifically be able to add `SYS_PTRACE`
to a workflow I maintain. It involves using this capability to
monitor a make build, to then build a compilation database.

Signed-off-by: Joseph Benden <joe@benden.us>
This commit is contained in:
Joseph Benden 2021-06-04 09:06:59 -07:00 committed by GitHub
parent aa283f5cd3
commit 160016b5fa
6 changed files with 17 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

2
cmd/input.go
View file

@ -32,6 +32,8 @@ type Input struct {
noWorkflowRecurse bool
useGitIgnore bool
githubInstance string
containerCapAdd []string
containerCapDrop []string
}
func (i *Input) resolve(path string) string {