Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

🛠️ [TASK] : Add support for running in privileged mode #76

Open
Tracked by #168
jmgilman opened this issue Nov 2, 2023 · 0 comments
Open
Tracked by #168

🛠️ [TASK] : Add support for running in privileged mode #76

jmgilman opened this issue Nov 2, 2023 · 0 comments
Assignees

Comments

@jmgilman
Copy link
Collaborator

jmgilman commented Nov 2, 2023

In some cases, especially when using earthly:dind images, a target must be executed with the -P flag to escalate privileges. The current design of the CI system is restricted to treating all targets the same, meaning it's not currently possible to arbitrarily pass additional flags to a specific target. This issue proposes two potential solutions:

  1. Implement a new subcommand in the CLI that determines if a specific target is using the earthly:dind image. This will be run before executing the target and used to conditionally pass the -P flag.
  2. Implement support for a "special comment" within a target that the CI scans for and parses. This comment can have multiple key=value pairs which can configure the way the target is executed.
    1. For example: # ci: privileged=true
  3. Add a special _priv suffix to targets (i.e., check_priv) which executes the target in privileged mode.

The second option is preferred for flexibility but requires a lot more work to implement.

@jmgilman jmgilman self-assigned this Nov 2, 2023
@stevenj stevenj changed the title Add support for running in privileged mode 🛠️ [TASK] : Add support for running in privileged mode Jan 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Status: ✅ Done
Development

No branches or pull requests

1 participant