This repository has been archived by the owner on Dec 3, 2021. It is now read-only.
Enhanced granularity for image privileges and versions #123
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Matt Oswalt <matt@keepingitclassless.net>
Signed-off-by: Matt Oswalt <matt@keepingitclassless.net>
Codecov Report
@@ Coverage Diff @@
## master #123 +/- ##
==========================================
- Coverage 26.9% 26.69% -0.21%
==========================================
Files 20 20
Lines 2037 2045 +8
==========================================
- Hits 548 546 -2
- Misses 1438 1447 +9
- Partials 51 52 +1
Continue to review full report at Codecov.
|
Mierdin
changed the title
Signed-off-by: Matt Oswalt <matt@keepingitclassless.net>
Signed-off-by: Matt Oswalt <matt@keepingitclassless.net>
Signed-off-by: Matt Oswalt <matt@keepingitclassless.net>
|
nre-learning/nrelabs-curriculum#248 has been merged, and with that, all lesson definitions currently in the repository are compatible with this change. I'll push some additional commits to update testing, and then this is good to go. |
Signed-off-by: Matt Oswalt <matt@keepingitclassless.net>
# for free
to subscribe to this conversation on GitHub.
Already have an account?
#.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR re-introduces the changes that were originally put into place in #120 but then rolled back in #121 and #122 since the accompanying curriculum and required images weren't ready, and
selfmedicateis currently configured to pull thelatestsyringe.Summary of Changes
This PR introduces the enforcement of particular curriculum image versions, since as of now, we're building and tagging all of these images for every curriculum release. It does this by prohibiting tags in image refs within a lesson definition, and appending a tag at runtime equal to the version of the curriculum that's been configured via env. If nothing is specified,
latestis pulled for all images.This PR also introduces the ability to configure which images are granted privileged mode. This is unfortunately the way we currently have to do things until mini-project 6 gets off the ground. This way, however, we can maintain granularity over which images get this mode, and ensure it's limited to those that run a layer of virtualization within them (which are the only images that actually require this, or a subset of these privileges).