publicWagsHome/buildx
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

master #1

Merged
nathan merged 10 commits from wagshome/buildx:master into master 2023-10-29 19:36:52 +00:00
Conversation 0 Commits 10 Files Changed 11 +15 -7
1 changed files with 15 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 17a7e99226 - Show all commits

22
driver/docker-container/driver.go
View File

@@ -144,13 +144,21 @@ func (d *Driver) create(ctx context.Context, l progress.SubLogger) error {
break
}
}
hc.SecurityOpt = append(hc.SecurityOpt, "seccomp=unconfined")
hc.SecurityOpt = append(hc.SecurityOpt, "apparmor=unconfined")
hc.Privileged = false
//hc.SecurityOpt = append(hc.SecurityOpt, "systempaths=unconfined")
hc.MaskedPaths = []string{}
hc.ReadonlyPaths = []string{}
//cfg.Env= append(cfg.Env,"systempaths=unconfined")
for i, k := range d.SecurityOpts {
switch {
case i == "systempaths":
hc.MaskedPaths = []string{}
hc.ReadonlyPaths = []string{}
case i == "privileged":
val, err := strconv.ParseBool(k)
if err != nil {
return errors.Errorf("invalid value privleged security option, options are true/false")
}
hc.Privileged = val
default:
hc.SecurityOpt = append(hc.SecurityOpt, i+"="+k)
}
}
}
_, err := d.DockerAPI.ContainerCreate(ctx, cfg, hc, &network.NetworkingConfig{}, nil, d.Name)
if err != nil && !errdefs.IsConflict(err) {