Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow mounting files/directories as RW instead of always RO #1055

Open
chrisdruta opened this issue Jan 26, 2024 · 1 comment
Open

Allow mounting files/directories as RW instead of always RO #1055

chrisdruta opened this issue Jan 26, 2024 · 1 comment
Labels
team/code-search

Comments

@chrisdruta
Copy link

Use Case

Sometimes to speed up batch changes, its useful to use a cache directory (e.g. package manager repository) in-order to avoid hammering package repositories over and over again.

I accomplished this by recompiling the program and removing the ":ro" option for constructing the docker mount commands in run_steps.go which fixed issues I was having.

Security Implications

Looking at previous PR/discussions, I understand this feature was requested to work for remote environments where this ask might add a security risk.

To resolve any potential concerns, maybe only allow local src-cli to mount files in read-write?

Related
@varungandhi-src varungandhi-src added the imported Label for issues that have been imported from other teams (see monorepo) label Mar 20, 2024
@camdencheek camdencheek removed the imported Label for issues that have been imported from other teams (see monorepo) label May 23, 2024
@atishpatel
Copy link

atishpatel commented Jul 17, 2024
edited
Loading

👍 to enabling rw mount on local runs.

I have an use case where i want to output some analysis files when running locally per repo so than i can summarize the output for all repos. Forcing a read-only mount drastically reduces the flexibility of the Batch Changes tool.

If the team doesn't want to enable this by default for security reasons, it'd be good to have an override in the spec or flag. Something like

steps:
  - run: ...
    mount:
    - path: ./changes
      mountpoint: /shared-volume
      mode: read-write            # new

Or

src batch preview -mount-mode=read-write

@atishpatel atishpatel mentioned this issue Jul 17, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
team/code-search
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@atishpatel @chrisdruta @camdencheek @varungandhi-src