TheCloud/dwarfs
1
0
Fork 0
mirror of https://github.com/mhx/dwarfs.git synced 2025-09-08 03:49:44 -04:00
Code Issues Packages Projects Releases Wiki Activity

chore: no more --privileged containers

Browse Source
This commit is contained in:
Marcus Holland-Moritz 2025-07-29 09:42:01 +02:00
parent 997118da6e
commit 4517e526ba
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.docker/Makefile
View File

@ -10,7 +10,7 @@ ROOT_DIR:=$(shell dirname $(realpath $(firstword $(MAKEFILE_LIST))))
NPROC:=$(shell nproc) NPROC:=$(shell nproc)
COMMON_RUN_OPTS=-it --rm \ COMMON_RUN_OPTS=-it --rm \
--cap-add SYS_ADMIN --device /dev/fuse --privileged \ --cap-add SYS_ADMIN --device /dev/fuse \
--mount type=bind,source="$(ROOT_DIR)"/..,target=/workspace,readonly \ --mount type=bind,source="$(ROOT_DIR)"/..,target=/workspace,readonly \
--mount type=bind,source="$(ROOT_DIR)"/../@docker-ccache,target=/ccache \ --mount type=bind,source="$(ROOT_DIR)"/../@docker-ccache,target=/ccache \
--mount type=bind,source="$(ROOT_DIR)"/../@docker-home,target=/home/mhx \ --mount type=bind,source="$(ROOT_DIR)"/../@docker-home,target=/home/mhx \

4
.github/workflows/docker-run-build.yml vendored
View File

@ -64,8 +64,8 @@ jobs:
- name: Run Build - name: Run Build
run: | run: |
docker run --rm \ docker run --rm --init \
--cap-add SYS_ADMIN --device /dev/fuse --privileged \ --cap-add SYS_ADMIN --device /dev/fuse --security-opt apparmor:unconfined \
--mount type=bind,source=${GITHUB_WORKSPACE},target=/workspace,readonly \ --mount type=bind,source=${GITHUB_WORKSPACE},target=/workspace,readonly \
--mount type=bind,source=${{ runner.temp }},target=/tmp-runner \ --mount type=bind,source=${{ runner.temp }},target=/tmp-runner \
--mount type=bind,source=${HOME}/github-ccache,target=/ccache \ --mount type=bind,source=${HOME}/github-ccache,target=/ccache \